Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

768 lines
24 KiB

#include <cdlpch.h>
#include <softpub.h>
#define WINTRUST TEXT("wintrust.dll")
#ifdef DELAY_LOAD_WVT
#ifndef _WVTP_NOCODE_
Cwvt::Cwvt()
{
DEBUG_ENTER((DBG_DOWNLOAD,
None,
"Cwvt::Cwvt",
"this=%#x",
this
));
m_fInited = FALSE;
m_bHaveWTData = FALSE;
DEBUG_LEAVE(0);
}
Cwvt::~Cwvt()
{
DEBUG_ENTER((DBG_DOWNLOAD,
None,
"Cwvt::~Cwvt",
"this=%#x",
this
));
if (m_fInited) {
FreeLibrary(m_hMod);
}
DEBUG_LEAVE(0);
}
HRESULT
Cwvt::Init(void)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::Init",
"this=%#x",
this
));
GUID PublishedSoftware = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
GUID *ActionID = &PublishedSoftware;
if (m_fInited) {
DEBUG_LEAVE(S_OK);
return S_OK;
}
m_hMod = LoadLibrary( WINTRUST );
if (NULL == m_hMod) {
DEBUG_LEAVE(HRESULT_FROM_WIN32(ERROR_MOD_NOT_FOUND));
return (HRESULT_FROM_WIN32(ERROR_MOD_NOT_FOUND));
}
#define CHECKAPI(_fn) \
*(FARPROC*)&(_pfn##_fn) = GetProcAddress(m_hMod, #_fn); \
if (!(_pfn##_fn)) { \
FreeLibrary(m_hMod); \
\
DEBUG_LEAVE(HRESULT_FROM_WIN32(ERROR_MOD_NOT_FOUND)); \
return (HRESULT_FROM_WIN32(ERROR_MOD_NOT_FOUND)); \
}
CHECKAPI(WinVerifyTrust);
if (g_bNT5OrGreater)
{
#define CHECKNT5API(_fn) \
*(FARPROC*)&(_pfn##_fn) = GetProcAddress(m_hMod, #_fn);
CHECKNT5API(IsCatalogFile);
CHECKNT5API(CryptCATAdminAcquireContext);
CHECKNT5API(CryptCATAdminReleaseContext);
CHECKNT5API(CryptCATAdminReleaseCatalogContext);
CHECKNT5API(CryptCATAdminEnumCatalogFromHash);
CHECKNT5API(CryptCATAdminCalcHashFromFileHandle);
CHECKNT5API(CryptCATAdminAddCatalog);
CHECKNT5API(CryptCATAdminRemoveCatalog);
CHECKNT5API(CryptCATCatalogInfoFromContext);
CHECKNT5API(CryptCATAdminResolveCatalogPath);
}
m_fInited = TRUE;
DEBUG_LEAVE(S_OK);
return S_OK;
}
BOOL
IsUIRestricted()
{
DEBUG_ENTER((DBG_DOWNLOAD,
Bool,
"IsUIRestricted",
NULL
));
HKEY hkeyRest = 0;
BOOL bUIRest = FALSE;
DWORD dwValue = 0;
DWORD dwLen = sizeof(DWORD);
// per-machine UI off policy
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, REGSTR_PATH_INFODEL_REST, 0, KEY_READ, &hkeyRest) == ERROR_SUCCESS) {
if (RegQueryValueEx( hkeyRest, REGVAL_UI_REST, NULL, NULL,
(LPBYTE)&dwValue, &dwLen) == ERROR_SUCCESS && dwValue)
bUIRest = TRUE;
RegCloseKey(hkeyRest);
}
DEBUG_LEAVE(bUIRest);
return bUIRest;
}
#endif // _WVTP_NOCODE_
#endif // DELAY_LOAD_WVT
// {D41E4F1D-A407-11d1-8BC9-00C04FA30A41}
#define COR_POLICY_PROVIDER_DOWNLOAD \
{ 0xd41e4f1d, 0xa407, 0x11d1, {0x8b, 0xc9, 0x0, 0xc0, 0x4f, 0xa3, 0xa, 0x41 } }
#define ZEROSTRUCT(arg) memset( &arg, 0, sizeof(arg))
void PrintHash(BYTE* pbHash, DWORD cbHash)
{
LPSTR pszHash = NULL;
if (cbHash)
{
char* pHexTable = "0123456789ABCDEF";
pszHash = new CHAR[2*cbHash+1];
if (!pszHash)
goto End;
for (DWORD i=0; i<cbHash; i++)
{
pszHash[2*i] = pHexTable[(pbHash[i]&0xf0)>>4];
pszHash[2*i+1] = pHexTable[pbHash[i]&0x0f];
}
pszHash[2*i] = '\0';
}
DEBUG_ENTER((DBG_DOWNLOAD,
None,
"PrintHash",
"%d, %.80q",
cbHash, (pszHash?pszHash:"NULL")
));
DEBUG_LEAVE(0);
if(pszHash)
delete [] pszHash;
End:
return;
}
HRESULT Cwvt::WinVerifyTrust_Wrap(HWND hwnd, GUID * ActionID, WINTRUST_DATA* ActionData)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"EXTERNAL::WinVerifyTrust",
"%#x, %#x, %#x",
hwnd, ActionID, ActionData
));
HRESULT hr;
hr = WinVerifyTrust(hwnd, ActionID, ActionData);
DEBUG_LEAVE(hr);
return hr;
}
#ifdef DBG
#define PRINT_HASH(pbHash, cbHash) PrintHash((pbHash),(cbHash))
#else
#define PRINT_HASH(pbHash, cbHash) {}
#endif
HRESULT Cwvt::VerifyTrust(HANDLE hFile, HWND hWnd, PJAVA_TRUST *ppJavaTrust,
LPCWSTR szStatusText,
IInternetHostSecurityManager *pHostSecurityManager,
LPSTR szFilePath, LPSTR szCatalogFile,
CDownload *pdl)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::VerifyTrust",
"this=%#x, %#x, %#x, %#x, %.80wq, %#x, %.80q, %#x=%.80q, %#x",
this, hFile, hWnd, ppJavaTrust, szStatusText, pHostSecurityManager,
szFilePath, szCatalogFile, szCatalogFile, pdl
));
LPWSTR wzFileName = NULL;
LPWSTR wzFilePath = NULL;
LPWSTR wzCatalogFile = NULL;
GUID guidJava = JAVA_POLICY_PROVIDER_DOWNLOAD;
GUID guidCor = COR_POLICY_PROVIDER_DOWNLOAD;
GUID guidAuthenticode = WINTRUST_ACTION_GENERIC_VERIFY_V2;
GUID *pguidActionIDJava = &guidJava;
GUID *pguidActionIDCor = &guidCor;
WINTRUST_DATA wintrustData;
WINTRUST_DATA wtdAuthenticode;
WINTRUST_FILE_INFO fileData;
JAVA_POLICY_PROVIDER javaPolicyData;
WCHAR wpath [MAX_PATH];
PJAVA_TRUST pbJavaTrust = NULL;
IServiceProvider *pServProv = NULL;
LPCATALOGFILEINFO pcfi = NULL;
HRESULT hr = S_OK;
ZEROSTRUCT(wintrustData);
ZEROSTRUCT(fileData);
ZEROSTRUCT(javaPolicyData);
javaPolicyData.cbSize = sizeof(JAVA_POLICY_PROVIDER);
javaPolicyData.VMBased = FALSE;
javaPolicyData.fNoBadUI = FALSE;
javaPolicyData.pwszZone = szStatusText;
javaPolicyData.pZoneManager = (LPVOID)pHostSecurityManager;
fileData.cbStruct = sizeof(WINTRUST_FILE_INFO);
fileData.pcwszFilePath = szStatusText;
fileData.hFile = hFile;
wintrustData.cbStruct = sizeof(WINTRUST_DATA);
wintrustData.pPolicyCallbackData = &javaPolicyData;
if ( (hWnd == INVALID_HANDLE_VALUE) || IsUIRestricted())
wintrustData.dwUIChoice = WTD_UI_NONE;
else
wintrustData.dwUIChoice = WTD_UI_ALL;
wintrustData.dwUnionChoice = WTD_CHOICE_FILE;
wintrustData.pFile = &fileData;
if (szCatalogFile) {
::Ansi2Unicode(szCatalogFile, &wzCatalogFile);
::Ansi2Unicode(szFilePath, &wzFilePath);
wzFileName = PathFindFileNameW(szStatusText);
if (!m_bHaveWTData) {
memset(&m_wtCatalogInfo, 0x0, sizeof(m_wtCatalogInfo));
m_wtCatalogInfo.cbStruct = sizeof(WINTRUST_CATALOG_INFO);
m_bHaveWTData = TRUE;
}
m_wtCatalogInfo.pcwszCatalogFilePath = wzCatalogFile;
m_wtCatalogInfo.pcwszMemberTag = wzFileName;
m_wtCatalogInfo.pcwszMemberFilePath = wzFilePath;
wtdAuthenticode = wintrustData;
wtdAuthenticode.pCatalog = &m_wtCatalogInfo;
wtdAuthenticode.dwUnionChoice = WTD_CHOICE_CATALOG;
wtdAuthenticode.dwStateAction = WTD_STATEACTION_VERIFY;
wtdAuthenticode.dwUIChoice = WTD_UI_NONE;
hr = WinVerifyTrust_Wrap(hWnd, &guidAuthenticode, &wtdAuthenticode);
if (FAILED(hr)) {
hr = WinVerifyTrust_Wrap(hWnd, pguidActionIDCor, &wintrustData);
if (hr == TRUST_E_PROVIDER_UNKNOWN)
hr = WinVerifyTrust_Wrap(hWnd, pguidActionIDJava, &wintrustData);
}
else {
// Clone Java permissions
pbJavaTrust = pdl->GetCodeDownload()->GetJavaTrust();
if (!pbJavaTrust) {
hr = pdl->GetBSC()->QueryInterface(IID_IServiceProvider, (void **)&pServProv);
if (SUCCEEDED(hr)) {
hr = pServProv->QueryService(IID_ICatalogFileInfo, IID_ICatalogFileInfo, (void **)&pcfi);
if (SUCCEEDED(hr)) {
pcfi->GetJavaTrust((void **)&pbJavaTrust);
}
}
SAFERELEASE(pServProv);
SAFERELEASE(pcfi);
pdl->SetMainCABJavaTrustPermissions(pbJavaTrust);
}
}
}
else {
hr = WinVerifyTrust_Wrap(hWnd, pguidActionIDCor, &wintrustData);
if (hr == TRUST_E_PROVIDER_UNKNOWN)
hr = WinVerifyTrust_Wrap(hWnd, pguidActionIDJava, &wintrustData);
if (SUCCEEDED(hr)) {
pdl->SetMainCABJavaTrustPermissions(javaPolicyData.pbJavaTrust);
}
}
SAFEDELETE(wzCatalogFile);
SAFEDELETE(wzFilePath);
// BUGBUG: this works around a wvt bug that returns 0x57 (success) when
// you hit No to an usigned control
if (SUCCEEDED(hr) && hr != S_OK) {
hr = TRUST_E_FAIL;
}
if (FAILED(hr)) {
// display original hr intact to help debugging
// CodeDownloadDebugOut(DEB_CODEDL, TRUE, ID_CDLDBG_VERIFYTRUST_FAILED, hr);
} else {
*ppJavaTrust = javaPolicyData.pbJavaTrust;
}
if (hr == TRUST_E_SUBJECT_NOT_TRUSTED && wintrustData.dwUIChoice == WTD_UI_NONE) {
// if we didn't ask for the UI to be out up there has been no UI
// work around WVT bvug that it returns us this special error code
// without putting up UI.
hr = TRUST_E_FAIL; // this will put up mshtml ui after the fact
// that security settings prevented us
}
if (FAILED(hr) && (hr != TRUST_E_SUBJECT_NOT_TRUSTED)) {
// trust system has failed without UI
// map error to this generic error that will falg our client to put
// up additional info that this is a trust system error if reqd.
hr = TRUST_E_FAIL;
}
if (hr == TRUST_E_SUBJECT_NOT_TRUSTED) {
pdl->GetCodeDownload()->SetUserDeclined();
}
DEBUG_LEAVE(hr);
return hr;
}
HRESULT
Cwvt::VerifyTrustOnCatalogFile(IN LPCWSTR pwszCatalogFile)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::VerifyTrustOnCatalogFile",
"this=%#x, %.200wq",
this, pwszCatalogFile
));
HRESULT hr = NOERROR;
WINTRUST_DATA WintrustData;
WINTRUST_FILE_INFO WintrustFileInfo;
GUID guidDriverActionVerify = DRIVER_ACTION_VERIFY;
ZeroMemory(&WintrustData, sizeof(WINTRUST_DATA));
WintrustData.cbStruct = sizeof(WINTRUST_DATA);
WintrustData.dwUIChoice = WTD_UI_NONE;
WintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
WintrustData.dwUnionChoice = WTD_CHOICE_FILE;
WintrustData.pFile = &WintrustFileInfo;
WintrustData.dwProvFlags = WTD_REVOCATION_CHECK_NONE;
ZeroMemory(&WintrustFileInfo, sizeof(WINTRUST_FILE_INFO));
WintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
WintrustFileInfo.pcwszFilePath = pwszCatalogFile;
hr = WinVerifyTrust_Wrap(NULL, &guidDriverActionVerify, &WintrustData);
DEBUG_LEAVE(hr);
return hr;
}
HRESULT Cwvt::IsValidCatalogFile(LPCWSTR pwszCatalogFile)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::IsValidCatalogFile",
"this=%#x, %.200wq",
this, pwszCatalogFile
));
HRESULT hr = E_FAIL;
DWORD cbLen = lstrlenW(pwszCatalogFile);
WCHAR* pwszCatalogFileCopy = new WCHAR[cbLen+1];
if (pwszCatalogFileCopy)
{
StrCpyW(pwszCatalogFileCopy, pwszCatalogFile);
// IsCatalogFile doesn't take LPCWSTR, only a LPWSTR - may mangle url.
if(IsCatalogFile(NULL, pwszCatalogFileCopy))
{
StrCpyW(pwszCatalogFileCopy, pwszCatalogFile);
hr = VerifyTrustOnCatalogFile(pwszCatalogFile);
}
}
delete [] pwszCatalogFileCopy;
DEBUG_LEAVE(hr);
return hr;
}
/*
return value:
S_OK - all ok.
S_FALSE - AddCatalog succeeded, but getting Cataloginfo failed.
E_FAIL - any other failure
*/
HRESULT Cwvt::InstallCatalogFile(LPSTR pszCatalogFile)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::InstallCatalogFile",
"this=%#x, %.200q",
this, pszCatalogFile
));
WCHAR* pwszCatalogFile = NULL;
HRESULT hr;
HCATADMIN hCatAdmin;
GUID guidDriverActionVerify = DRIVER_ACTION_VERIFY;
hr = Ansi2Unicode(pszCatalogFile, &pwszCatalogFile);
if(SUCCEEDED(hr)
&& SUCCEEDED(hr = IsValidCatalogFile(pwszCatalogFile))
&& CryptCATAdminAcquireContext(&hCatAdmin, &guidDriverActionVerify, 0))
{
HCATINFO hCatInfo;
CATALOG_INFO CatalogInfo;
hCatInfo = CryptCATAdminAddCatalog(hCatAdmin, pwszCatalogFile, NULL, 0);
if (hCatInfo)
{
CatalogInfo.cbStruct = sizeof(CATALOG_INFO);
if (CryptCATCatalogInfoFromContext(hCatInfo, &CatalogInfo, 0))
{
#ifdef DBG
DEBUG_PRINT(DOWNLOAD,
INFO,
("Cwvt::InstallCatalogFile: cat_filename: %.200wq \n",
(CatalogInfo.wszCatalogFile ? CatalogInfo.wszCatalogFile : L"NULL")
));
#endif
/* can get name and full path of catalog file if need be
StrCpyW(pwszFullPathCatalogFile, CatalogInfo.wszCatalogFile);
*/
hr = S_OK;
}
else
{
hr = S_FALSE;
}
CryptCATAdminReleaseCatalogContext(hCatAdmin, hCatInfo, 0);
}
else
{
hr = E_FAIL;
}
CryptCATAdminReleaseContext(hCatAdmin, 0);
}
else
{
hr = E_FAIL;
}
if (pwszCatalogFile)
delete [] pwszCatalogFile;
DEBUG_LEAVE(hr);
return hr;
}
// This function verifies the specified file against the database in the
// specified subsystem.
// NOTE: *pdwBuffer = count of *WIDECHARs* in pwszFullPathCatalogFile.
HRESULT Cwvt::VerifyFileAgainstSystemCatalog(LPCSTR pcszFile, LPWSTR pwszFullPathCatalogFile, DWORD* pdwBuffer)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::VerifyFileAgainstSystemCatalog",
"this=%#x, %.90q, %.90wq, %#x[%d]",
this, pcszFile, pwszFullPathCatalogFile, pdwBuffer, (pdwBuffer?*pdwBuffer:0)
));
HCATADMIN hAdmin = NULL ;
HRESULT hr = E_FAIL;
BOOL fOK = FALSE;
HANDLE hFile = NULL ;
DWORD cbHash;
BYTE* pbHash = NULL;
HCATINFO hCatInfo = NULL ;
GUID guidDriverActionVerify = DRIVER_ACTION_VERIFY;
DEBUG_ENTER((DBG_DOWNLOAD,
Dword,
"EXTERNAL::CreateFile",
"%.80q",
pcszFile
));
// Open the file for read-only access
hFile = CreateFile(
pcszFile,
GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL
) ;
DEBUG_LEAVE(hFile);
if (INVALID_HANDLE_VALUE != hFile)
{
// Acquire a catalog context
fOK = CryptCATAdminAcquireContext(
&hAdmin,
&guidDriverActionVerify,
0
) ;
if (fOK)
{
// Determine the hash of the file
fOK = CryptCATAdminCalcHashFromFileHandle(
hFile,
&cbHash,
NULL,
0
);
DEBUG_ENTER((DBG_DOWNLOAD,
Bool,
"CryptCATAdminCalcHashFromFileHandle",
"%d",
cbHash)
);
DEBUG_LEAVE(fOK);
if (fOK && (pbHash = new BYTE[cbHash]))
{
fOK = CryptCATAdminCalcHashFromFileHandle(
hFile,
&cbHash,
pbHash,
0
) ;
PRINT_HASH(pbHash, cbHash);
if (fOK)
{
// Find the first catalog that contains this hash
hCatInfo = CryptCATAdminEnumCatalogFromHash(
hAdmin,
pbHash,
cbHash,
0,
NULL
) ;
if (hCatInfo) // A catalog was found
{
hr = S_OK;
CATALOG_INFO CatalogInfo;
if (pwszFullPathCatalogFile)
{
CatalogInfo.cbStruct = sizeof(CATALOG_INFO);
DWORD dwLen = 0;
if (CryptCATCatalogInfoFromContext(hCatInfo, &CatalogInfo, 0)
&& pdwBuffer)
{
if (CatalogInfo.wszCatalogFile
&& ((dwLen = lstrlenW(CatalogInfo.wszCatalogFile)) <= *pdwBuffer))
{
StrCpyW(pwszFullPathCatalogFile, CatalogInfo.wszCatalogFile);
}
else
{
hr = S_FALSE;
*pdwBuffer = dwLen+1;
}
}
}
#ifdef DBG
{
CatalogInfo.cbStruct = sizeof(CATALOG_INFO);
if (CryptCATCatalogInfoFromContext(hCatInfo, &CatalogInfo, 0))
{
DEBUG_PRINT(DOWNLOAD,
INFO,
("Cwvt::VerifyFileAgainstSystemCatalog: cat_filename: %.200wq \n",
(CatalogInfo.wszCatalogFile ? CatalogInfo.wszCatalogFile : L"NULL")
));
}
}
#endif
CryptCATAdminReleaseCatalogContext(
hAdmin,
hCatInfo,
0
) ;
}//hCatInfo
}//fOK
}//(fOK && (pbHash = new BYTE[cbHash]))
CryptCATAdminReleaseContext( hAdmin, 0 ) ;
}//fOK
CloseHandle( hFile ) ;
}//(INVALID_HANDLE_VALUE != hFile)
if (pbHash)
delete [] pbHash;
DEBUG_LEAVE(hr);
return hr ;
}
/*
return value:
S_OK - all ok.
S_FALSE - failed to remove catalog.
*/
HRESULT Cwvt::UninstallCatalogFile(LPWSTR pwszCatalogFile)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"Cwvt::UninstallCatalogFile",
"this=%#x, %.90wq",
this, pwszCatalogFile
));
HRESULT hr = S_FALSE;
HCATADMIN hCatAdmin;
GUID guidDriverActionVerify = DRIVER_ACTION_VERIFY;
if (CryptCATAdminAcquireContext(&hCatAdmin, &guidDriverActionVerify, 0))
{
if(CryptCATAdminRemoveCatalog(hCatAdmin, pwszCatalogFile, 0))
{
hr = S_OK;
}
CryptCATAdminReleaseContext(hCatAdmin, 0);
}
DEBUG_LEAVE(hr);
return hr;
}
HRESULT GetActivePolicy(IInternetHostSecurityManager* pZoneManager,
LPCWSTR pwszZone,
DWORD dwUrlAction,
DWORD& dwPolicy,
BOOL fEnforceRestricted)
{
DEBUG_ENTER((DBG_DOWNLOAD,
Hresult,
"GetActivePolicy",
"%#x, %.80wq, %#x, %#x, #B",
pZoneManager, pwszZone, dwUrlAction, &dwPolicy, fEnforceRestricted
));
HRESULT hr = TRUST_E_FAIL;
HRESULT hr2 = TRUST_E_FAIL;
DWORD cbPolicy = sizeof(DWORD);
// Policy are ordered such that high numbers are the most conservative
// and the lower numbers are less conservative
DWORD dwDocumentPolicy = URLPOLICY_ALLOW;
DWORD dwUrlPolicy = URLPOLICY_ALLOW;
// We are going for the most conservative so lets set the
// value to the least conservative
dwPolicy = URLPOLICY_ALLOW;
IInternetSecurityManager* iSM = NULL;
DWORD dwPUAflags = fEnforceRestricted ? PUAF_ENFORCERESTRICTED : 0;
// Ask the document base for its policy
if(pZoneManager) { // Given a IInternetHostSecurityManager
hr = pZoneManager->ProcessUrlAction(dwUrlAction,
(PBYTE) &dwDocumentPolicy,
cbPolicy,
NULL,
0,
dwPUAflags | PUAF_NOUI,
0);
}
// Get the policy for the URL
if(pwszZone) { // Create an IInternetSecurityManager
hr2 = CoInternetCreateSecurityManager(NULL,
&iSM,
0);
if(hr2 == S_OK) { // We got the manager so get the policy info
hr2 = iSM->ProcessUrlAction(pwszZone,
dwUrlAction,
(PBYTE) &dwUrlPolicy,
cbPolicy,
NULL,
0,
dwPUAflags | PUAF_NOUI,
0);
iSM->Release();
}
else
iSM = NULL;
}
// if they both failed and we have zones then set it to deny and return an error
if(FAILED(hr) && FAILED(hr2)) {
// If we failed because there are on zones then lets QUERY
// BUGBUG: we should actually try to get the IE30 security policy here.
if(iSM == NULL && pZoneManager == NULL) {
dwPolicy = URLPOLICY_QUERY;
hr = S_OK;
}
else {
dwPolicy = URLPOLICY_DISALLOW;
hr = TRUST_E_FAIL;
}
}
else {
if(SUCCEEDED(hr))
dwPolicy = dwDocumentPolicy;
if(SUCCEEDED(hr2))
dwPolicy = dwPolicy > dwUrlPolicy ? dwPolicy : dwUrlPolicy;
if (dwPolicy == URLPOLICY_DISALLOW)
hr = TRUST_E_FAIL;
else
hr = S_OK;
}
DEBUG_LEAVE(hr);
return hr;
}