You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
117 lines
4.1 KiB
117 lines
4.1 KiB
//Copyright (c) Microsoft Corporation. All rights reserved.
|
|
#include <windows.h>
|
|
#include "zone.h"
|
|
#include <urlmon.h>
|
|
|
|
int __cdecl IsTrustedServer( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy )
|
|
{
|
|
int iRetVal = FALSE;
|
|
|
|
if( !szServer || !szZoneName || !pdwZonePolicy )
|
|
{
|
|
goto IsTargetServerAbort0;
|
|
}
|
|
|
|
if( IsTargetServerSafeOnProtocol( szServer, szZoneName, dwZoneNameLen, pdwZonePolicy, PROTOCOL_PREFIX_TELNET ) )
|
|
{
|
|
//Should we be getting the name if given ip( and viceversa) to check for zones as well? What happens in the presence of DHCP?
|
|
//Do we need to check for http://machine as well?
|
|
iRetVal = TRUE;
|
|
}
|
|
|
|
IsTargetServerAbort0:
|
|
return iRetVal;
|
|
}
|
|
|
|
|
|
int __cdecl IsTargetServerSafeOnProtocol( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy, LPWSTR szProtocol )
|
|
{
|
|
MULTI_QI qiSecurityMgr[] = {{ &IID_IInternetSecurityManager, NULL, S_OK }};
|
|
MULTI_QI qiZoneMgr[] = {{ &IID_IInternetZoneManager, NULL, S_OK }};
|
|
IInternetSecurityManager *pSecurityMgr = NULL;
|
|
IInternetZoneManager *pZoneMgr = NULL;
|
|
ZONEATTRIBUTES zaAttribs;
|
|
DWORD dwTargetServerZone = 0;
|
|
HRESULT hr = S_FALSE;
|
|
int iRetVal = FALSE;
|
|
LPWSTR lpszTargetServer = NULL;
|
|
DWORD dwSize = 0;
|
|
bool bCoInit = false;
|
|
|
|
if( !szServer || !szZoneName || !szProtocol || !pdwZonePolicy )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol0;
|
|
}
|
|
|
|
hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
|
|
if( !SUCCEEDED( hr ) )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol0;
|
|
}
|
|
bCoInit = true;
|
|
hr = CoCreateInstanceEx(CLSID_InternetSecurityManager, NULL, CLSCTX_INPROC_SERVER, NULL,
|
|
sizeof(qiSecurityMgr) / sizeof(MULTI_QI), qiSecurityMgr );
|
|
if( !SUCCEEDED( hr ) || !SUCCEEDED(qiSecurityMgr[INDEX_SEC_MGR].hr) ||
|
|
!(pSecurityMgr=(IInternetSecurityManager*)qiSecurityMgr[INDEX_SEC_MGR].pItf))
|
|
{
|
|
goto IsTargetServerSafeOnProtocol0;
|
|
}
|
|
|
|
dwSize = ( wcslen( szServer ) + wcslen( szProtocol ) + 1 ) ;
|
|
lpszTargetServer = (WCHAR * )malloc( dwSize * sizeof( WCHAR ));
|
|
if( !lpszTargetServer )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol1;
|
|
}
|
|
|
|
wcsncpy( lpszTargetServer, szProtocol, dwSize - 1 );
|
|
lpszTargetServer[dwSize - 1] = L'\0';
|
|
wcsncat( lpszTargetServer, szServer, (dwSize - wcslen(lpszTargetServer) -1));
|
|
|
|
hr = pSecurityMgr->MapUrlToZone(lpszTargetServer, &dwTargetServerZone, 0);
|
|
if( !SUCCEEDED(hr) )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol2;
|
|
}
|
|
|
|
hr = CoCreateInstanceEx(CLSID_InternetZoneManager, NULL, CLSCTX_INPROC_SERVER, NULL,
|
|
sizeof(qiZoneMgr) / sizeof(MULTI_QI), qiZoneMgr );
|
|
if( !SUCCEEDED( hr ) || !SUCCEEDED(qiZoneMgr[INDEX_ZONE_MGR].hr) ||
|
|
!(pZoneMgr=(IInternetZoneManager*)qiZoneMgr[INDEX_ZONE_MGR].pItf) )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol2;
|
|
}
|
|
|
|
hr = pZoneMgr->GetZoneAttributes( dwTargetServerZone, &zaAttribs );
|
|
if( SUCCEEDED( hr ) )
|
|
{
|
|
wcsncpy( szZoneName, zaAttribs.szDisplayName, MIN( ( wcslen( zaAttribs.szDisplayName ) + 1 ), dwZoneNameLen ) );
|
|
}
|
|
|
|
|
|
hr = pZoneMgr->GetZoneActionPolicy( dwTargetServerZone, URLACTION_CREDENTIALS_USE,
|
|
(BYTE*)pdwZonePolicy, sizeof( *pdwZonePolicy), URLZONEREG_DEFAULT );
|
|
if( !SUCCEEDED( hr ) )
|
|
{
|
|
goto IsTargetServerSafeOnProtocol3;
|
|
}
|
|
|
|
if((URLPOLICY_CREDENTIALS_SILENT_LOGON_OK == *pdwZonePolicy ) ||
|
|
(URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT == *pdwZonePolicy && URLZONE_INTRANET == dwTargetServerZone ) )
|
|
{
|
|
iRetVal = TRUE;
|
|
}
|
|
|
|
IsTargetServerSafeOnProtocol3:
|
|
pZoneMgr->Release();
|
|
IsTargetServerSafeOnProtocol2:
|
|
free( lpszTargetServer );
|
|
IsTargetServerSafeOnProtocol1:
|
|
pSecurityMgr->Release();
|
|
IsTargetServerSafeOnProtocol0:
|
|
if(bCoInit)
|
|
{
|
|
CoUninitialize();
|
|
}
|
|
return iRetVal;
|
|
}
|