Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

377 lines
12 KiB

//+---------------------------------------------------------------------------
/////////////////////////////////////////////////////////////////////////////////
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1997-2002.
//
// File: GPEPage.cpp
//
// Contents: Implementation of CGPERootGeneralPage
//
//----------------------------------------------------------------------------
#include "stdafx.h"
#include <gpedit.h>
#include "GPEPage.h"
#include "storegpe.h"
#include "CompData.h"
#ifdef _DEBUG
#ifndef ALPHA
#define new DEBUG_NEW
#endif
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
extern GUID g_guidExtension;
extern GUID g_guidSnapin;
extern GUID g_guidRegExt;
/////////////////////////////////////////////////////////////////////////////
// CGPERootGeneralPage property page
CGPERootGeneralPage::CGPERootGeneralPage(CCertMgrComponentData* pCompData,
bool fIsComputerType) :
CHelpPropertyPage(CGPERootGeneralPage::IDD),
m_dwGPERootFlags (0),
m_hUserRootFlagsKey (0),
m_hGroupPolicyKey (0),
m_pGPEInformation (pCompData->GetGPEInformation ()),
m_fIsComputerType (fIsComputerType)
{
//{{AFX_DATA_INIT(CGPERootGeneralPage)
// NOTE: the ClassWizard will add member initialization here
//}}AFX_DATA_INIT
if ( m_pGPEInformation )
{
m_pGPEInformation->AddRef ();
HRESULT hResult = m_pGPEInformation->GetRegistryKey (GPO_SECTION_MACHINE,
&m_hGroupPolicyKey);
ASSERT (SUCCEEDED (hResult));
if ( SUCCEEDED (hResult) )
GPEGetUserRootFlags ();
}
else
RSOPGetUserRootFlags (pCompData);
}
CGPERootGeneralPage::~CGPERootGeneralPage()
{
if ( m_hUserRootFlagsKey )
::RegCloseKey (m_hUserRootFlagsKey);
if ( m_hGroupPolicyKey )
::RegCloseKey (m_hGroupPolicyKey);
if ( m_pGPEInformation )
m_pGPEInformation->Release ();
}
void CGPERootGeneralPage::DoDataExchange(CDataExchange* pDX)
{
CHelpPropertyPage::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CGPERootGeneralPage)
DDX_Control(pDX, IDC_ENABLE_USER_ROOT_STORE, m_enableUserRootStoreBtn);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CGPERootGeneralPage, CHelpPropertyPage)
//{{AFX_MSG_MAP(CGPERootGeneralPage)
ON_BN_CLICKED(IDC_ENABLE_USER_ROOT_STORE, OnEnableUserRootStore)
ON_BN_CLICKED(IDC_SET_DISABLE_LM_AUTH_FLAG, OnSetDisableLmAuthFlag)
ON_BN_CLICKED(IDC_UNSET_DISABLE_LM_AUTH_FLAG, OnUnsetDisableLmAuthFlag)
ON_BN_CLICKED(IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG, OnUnsetDisableNtAuthRequiredFlag)
ON_BN_CLICKED(IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG, OnSetDisableNtAuthRequiredFlag)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CGPERootGeneralPage message handlers
BOOL CGPERootGeneralPage::OnInitDialog()
{
CHelpPropertyPage::OnInitDialog();
// If this is the RSOP, make it read-only
if ( !m_pGPEInformation )
{
// Make the page read-only
m_enableUserRootStoreBtn.EnableWindow (FALSE);
GetDlgItem (IDC_SET_DISABLE_LM_AUTH_FLAG)->EnableWindow (FALSE);
GetDlgItem (IDC_UNSET_DISABLE_LM_AUTH_FLAG)->EnableWindow (FALSE);
GetDlgItem (IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG)->EnableWindow (FALSE);
GetDlgItem (IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG)->EnableWindow (FALSE);
}
if ( IsCurrentUserRootEnabled () )
m_enableUserRootStoreBtn.SetCheck (BST_CHECKED);
if ( m_dwGPERootFlags & CERT_PROT_ROOT_DISABLE_LM_AUTH_FLAG )
SendDlgItemMessage (IDC_SET_DISABLE_LM_AUTH_FLAG, BM_SETCHECK, BST_CHECKED);
else
SendDlgItemMessage (IDC_UNSET_DISABLE_LM_AUTH_FLAG, BM_SETCHECK, BST_CHECKED);
if ( m_dwGPERootFlags & CERT_PROT_ROOT_DISABLE_NT_AUTH_REQUIRED_FLAG )
SendDlgItemMessage (IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG, BM_SETCHECK, BST_CHECKED);
else
SendDlgItemMessage (IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG, BM_SETCHECK, BST_CHECKED);
return TRUE; // return TRUE unless you set the focus to a control
// EXCEPTION: OCX Property Pages should return FALSE
}
void CGPERootGeneralPage::OnOK()
{
if ( m_pGPEInformation )
{
SaveCheck ();
CHelpPropertyPage::OnOK ();
}
}
void CGPERootGeneralPage::SaveCheck()
{
ASSERT (m_pGPEInformation);
if ( m_pGPEInformation )
{
bool bRetVal = false;
if ( m_enableUserRootStoreBtn.GetCheck () == BST_CHECKED )
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_CURRENT_USER_FLAG, TRUE); // remove flag
else
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_CURRENT_USER_FLAG, FALSE); // set flag
if ( bRetVal )
{
if ( BST_CHECKED == SendDlgItemMessage (IDC_SET_DISABLE_LM_AUTH_FLAG, BM_GETCHECK) )
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_LM_AUTH_FLAG, FALSE); // set flag
else if ( BST_CHECKED == SendDlgItemMessage (IDC_UNSET_DISABLE_LM_AUTH_FLAG, BM_GETCHECK) )
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_LM_AUTH_FLAG, TRUE); // remove flag
}
if ( bRetVal )
{
if ( BST_CHECKED == SendDlgItemMessage (IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG, BM_GETCHECK) )
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_NT_AUTH_REQUIRED_FLAG, FALSE); // set flag
else if ( BST_CHECKED == SendDlgItemMessage (IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG, BM_GETCHECK) )
bRetVal = SetGPEFlags ((DWORD) CERT_PROT_ROOT_DISABLE_NT_AUTH_REQUIRED_FLAG, TRUE); // remove flag
}
if ( bRetVal )
{
// TRUE means we're changing the machine policy only
m_pGPEInformation->PolicyChanged (TRUE, TRUE, &g_guidExtension, &g_guidSnapin);
m_pGPEInformation->PolicyChanged (TRUE, TRUE, &g_guidRegExt, &g_guidSnapin);
}
}
}
void CGPERootGeneralPage::OnEnableUserRootStore()
{
SetModified (TRUE);
}
void CGPERootGeneralPage::OnSetDisableLmAuthFlag()
{
SetModified (TRUE);
}
bool CGPERootGeneralPage::SetGPEFlags (DWORD dwFlags, BOOL bRemoveFlag)
{
bool bRetVal = false;
ASSERT (m_pGPEInformation);
if ( m_pGPEInformation )
{
DWORD dwType = REG_DWORD;
DWORD dwData = 0;
DWORD cbData = sizeof (dwData);
// security review 2/27/2002 BryanWal ok
LONG lResult = ::RegQueryValueEx (m_hUserRootFlagsKey, // handle of key to query
CERT_PROT_ROOT_FLAGS_VALUE_NAME, // address of name of value to query
0, // reserved
&dwType, // address of buffer for value type
(LPBYTE) &dwData, // address of data buffer
&cbData); // address of data buffer size);
ASSERT (ERROR_SUCCESS == lResult || ERROR_FILE_NOT_FOUND == lResult);
if ( ERROR_SUCCESS == lResult || ERROR_FILE_NOT_FOUND == lResult )
{
if ( ERROR_SUCCESS == lResult && REG_DWORD != dwType )
{
ASSERT (0);
return false;
}
if ( bRemoveFlag )
dwData &= ~dwFlags;
else
dwData |= dwFlags;
lResult = ::RegSetValueEx (m_hUserRootFlagsKey,
CERT_PROT_ROOT_FLAGS_VALUE_NAME, // address of value to set
0, // reserved
REG_DWORD, // flag for value type
(CONST BYTE *) &dwData, // address of value data
cbData); // size of value data);
ASSERT (ERROR_SUCCESS == lResult);
if ( ERROR_SUCCESS == lResult )
{
m_dwGPERootFlags = dwData;
bRetVal = true;
}
else
DisplaySystemError (m_hWnd, lResult);
}
else
DisplaySystemError (m_hWnd, lResult);
}
return bRetVal;
}
bool CGPERootGeneralPage::IsCurrentUserRootEnabled() const
{
if (m_dwGPERootFlags & CERT_PROT_ROOT_DISABLE_CURRENT_USER_FLAG)
return false;
else
return true;
}
void CGPERootGeneralPage::RSOPGetUserRootFlags(const CCertMgrComponentData* pCompData)
{
if ( pCompData )
{
const CRSOPObjectArray* pObjectArray = m_fIsComputerType ?
pCompData->GetRSOPObjectArrayComputer () :
pCompData->GetRSOPObjectArrayUser ();
int nIndex = 0;
// NOTE: rsop object array is sorted first by registry key, then by precedence
INT_PTR nUpperBound = pObjectArray->GetUpperBound ();
while ( nUpperBound >= nIndex )
{
CRSOPObject* pObject = pObjectArray->GetAt (nIndex);
if ( pObject )
{
// Consider only entries from this store
// security review 2/27/2002 BryanWal ok
if ( !wcscmp (CERT_PROT_ROOT_FLAGS_REGPATH, pObject->GetRegistryKey ()) )
{
ASSERT (1 == pObject->GetPrecedence ());
m_dwGPERootFlags = pObject->GetDWORDValue ();
break;
}
}
else
break;
nIndex++;
}
}
}
void CGPERootGeneralPage::GPEGetUserRootFlags()
{
DWORD dwDisposition = 0;
// security review 2/27/2002 BryanWal ok
LONG lResult = ::RegCreateKeyEx (m_hGroupPolicyKey, // handle of an open key
CERT_PROT_ROOT_FLAGS_REGPATH, // address of subkey name
0, // reserved
L"", // address of class string
REG_OPTION_NON_VOLATILE, // special options flag
KEY_QUERY_VALUE | KEY_SET_VALUE, // desired security access
NULL, // address of key security structure
&m_hUserRootFlagsKey, // address of buffer for opened handle
&dwDisposition); // address of disposition value buffer
ASSERT (lResult == ERROR_SUCCESS);
if ( lResult == ERROR_SUCCESS )
{
// Read value
DWORD dwType = REG_DWORD;
DWORD dwData = 0;
DWORD cbData = sizeof (dwData);
// security review 2/27/2002 BryanWal ok
lResult = ::RegQueryValueEx (m_hUserRootFlagsKey, // handle of key to query
CERT_PROT_ROOT_FLAGS_VALUE_NAME, // address of name of value to query
0, // reserved
&dwType, // address of buffer for value type
(LPBYTE) &dwData, // address of data buffer
&cbData); // address of data buffer size);
ASSERT (ERROR_SUCCESS == lResult || ERROR_FILE_NOT_FOUND == lResult);
if ( ERROR_SUCCESS == lResult || ERROR_FILE_NOT_FOUND == lResult )
{
if ( REG_DWORD == dwType )
{
m_dwGPERootFlags = dwData;
}
}
else
DisplaySystemError (NULL, lResult);
}
else
DisplaySystemError (NULL, lResult);
}
void CGPERootGeneralPage::DoContextHelp (HWND hWndControl)
{
_TRACE (1, L"Entering CGPERootGeneralPage::DoContextHelp\n");
static const DWORD help_map[] =
{
IDC_ENABLE_USER_ROOT_STORE, IDH_GPEPAGE_ENABLE_USER_ROOT_STORE,
IDC_SET_DISABLE_LM_AUTH_FLAG, IDH_SET_DISABLE_LM_AUTH_FLAG,
IDC_UNSET_DISABLE_LM_AUTH_FLAG, IDH_UNSET_DISABLE_LM_AUTH_FLAG,
IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG, IDH_SET_DISABLE_NT_AUTH_REQUIRED_FLAG,
IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG, IDH_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG,
0, 0
};
switch (::GetDlgCtrlID (hWndControl))
{
case IDC_ENABLE_USER_ROOT_STORE:
case IDC_SET_DISABLE_LM_AUTH_FLAG:
case IDC_UNSET_DISABLE_LM_AUTH_FLAG:
case IDC_SET_DISABLE_NT_AUTH_REQUIRED_FLAG:
case IDC_UNSET_DISABLE_NT_AUTH_REQUIRED_FLAG:
if ( !::WinHelp (
hWndControl,
GetF1HelpFilename(),
HELP_WM_HELP,
(DWORD_PTR) help_map) )
{
_TRACE (0, L"WinHelp () failed: 0x%x\n", GetLastError ());
}
break;
default:
break;
}
_TRACE (-1, L"Leaving CGPERootGeneralPage::DoContextHelp\n");
}
void CGPERootGeneralPage::OnUnsetDisableLmAuthFlag()
{
SetModified (TRUE);
}
void CGPERootGeneralPage::OnUnsetDisableNtAuthRequiredFlag()
{
SetModified (TRUE);
}
void CGPERootGeneralPage::OnSetDisableNtAuthRequiredFlag()
{
SetModified (TRUE);
}