archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/snapin/certmgr/saferutil.cpp

739 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 2000-2001.
  5. //
  6. // File: SaferUtil.cpp
  7. //
  8. // Contents: Utility methods for Software Restriction Policies extension
  9. //
  10. //----------------------------------------------------------------------------
  11. #include "stdafx.h"
  12. #include <gpedit.h>
  13. #include <wintrust.h>
  14. #include <crypto\wintrustp.h>
  15. #include <softpub.h>
  16. #include "SaferUtil.h"
  17. #include "SaferEntry.h"
  18. #include <winsaferp.h>
  21. #ifdef _DEBUG
  22. #define new DEBUG_NEW
  23. #undef THIS_FILE
  24. static char THIS_FILE[] = __FILE__;
  25. #endif
  27. extern HKEY g_hkeyLastSaferRegistryScope;
  28. bool g_bIsComputer = false;
  30. extern GUID g_guidExtension;
  31. extern GUID g_guidRegExt;
  32. extern GUID g_guidSnapin;
  34. void InitializeSecurityLevelComboBox (
  35. CComboBox& comboBox,
  36. bool bLimit,
  37. DWORD dwLevelID,
  38. HKEY hGroupPolicyKey,
  39. DWORD* pdwSaferLevels,
  40. bool bIsComputer)
  41. {
  42. AFX_MANAGE_STATE(AfxGetStaticModuleState());
  44. if ( !hGroupPolicyKey ) // is RSOP
  45. {
  46. CString szText = SaferGetLevelFriendlyName (dwLevelID,
  47. hGroupPolicyKey, bIsComputer);
  48. int nItem = comboBox.AddString (szText);
  49. ASSERT (nItem >= 0);
  50. if ( nItem >= 0 )
  51. {
  52. VERIFY (CB_ERR != comboBox.SetItemData (nItem, dwLevelID));
  53. VERIFY (CB_ERR != comboBox.SetCurSel (nItem));
  54. }
  56. return;
  57. }
  59. if ( pdwSaferLevels )
  60. {
  61. for (UINT nIndex = 0;
  62. NO_MORE_SAFER_LEVELS != pdwSaferLevels[nIndex];
  63. nIndex++)
  64. {
  65. CString szText;
  66. int nItem = 0;
  68. switch (pdwSaferLevels[nIndex])
  69. {
  70. case SAFER_LEVELID_FULLYTRUSTED:
  71. szText = SaferGetLevelFriendlyName (pdwSaferLevels[nIndex],
  72. hGroupPolicyKey, bIsComputer);
  73. nItem = comboBox.AddString (szText);
  74. ASSERT (nItem >= 0);
  75. if ( nItem >= 0 )
  76. {
  77. VERIFY (CB_ERR != comboBox.SetItemData (nItem, pdwSaferLevels[nIndex]));
  78. if ( pdwSaferLevels[nIndex] == dwLevelID || AUTHZ_UNKNOWN_LEVEL == dwLevelID)
  79. VERIFY (CB_ERR != comboBox.SetCurSel (nItem));
  80. }
  81. break;
  83. case SAFER_LEVELID_CONSTRAINED:
  84. if ( !bLimit )
  85. {
  86. szText = SaferGetLevelFriendlyName (pdwSaferLevels[nIndex],
  87. hGroupPolicyKey, bIsComputer);
  88. nItem = comboBox.AddString (szText);
  89. ASSERT (nItem >= 0);
  90. if ( nItem >= 0 )
  91. {
  92. VERIFY (CB_ERR != comboBox.SetItemData (nItem, pdwSaferLevels[nIndex]));
  93. if ( pdwSaferLevels[nIndex] == dwLevelID )
  94. VERIFY (CB_ERR != comboBox.SetCurSel (nItem));
  95. }
  96. }
  97. break;
  99. case SAFER_LEVELID_DISALLOWED:
  100. szText = SaferGetLevelFriendlyName (pdwSaferLevels[nIndex],
  101. hGroupPolicyKey, bIsComputer);
  102. nItem = comboBox.AddString (szText);
  103. ASSERT (nItem >= 0);
  104. if ( nItem >= 0 )
  105. {
  106. VERIFY (CB_ERR != comboBox.SetItemData (nItem, pdwSaferLevels[nIndex]));
  107. if ( pdwSaferLevels[nIndex] == dwLevelID )
  108. VERIFY (CB_ERR != comboBox.SetCurSel (nItem));
  109. }
  110. break;
  112. case SAFER_LEVELID_NORMALUSER:
  113. case SAFER_LEVELID_UNTRUSTED:
  114. if ( !bLimit )
  115. {
  116. if ( hGroupPolicyKey )
  117. {
  118. szText = SaferGetLevelFriendlyName (pdwSaferLevels[nIndex],
  119. hGroupPolicyKey, bIsComputer);
  120. nItem = comboBox.AddString (szText);
  121. ASSERT (nItem >= 0);
  122. if ( nItem >= 0 )
  123. {
  124. VERIFY (CB_ERR != comboBox.SetItemData (nItem, pdwSaferLevels[nIndex]));
  125. if ( pdwSaferLevels[nIndex] == dwLevelID )
  126. VERIFY (CB_ERR != comboBox.SetCurSel (nItem));
  127. }
  128. }
  129. }
  130. break;
  132. default:
  133. ASSERT (0);
  134. break;
  135. }
  136. }
  137. }
  138. }
  140. class CLevelPair {
  141. public:
  142. CLevelPair () :
  143. m_dwLevelID ((DWORD) -1)
  144. {
  145. }
  146. virtual ~CLevelPair () {}
  148. DWORD m_dwLevelID;
  149. CString m_szLevelName;
  150. };
  152. CString SaferGetLevelFriendlyName (DWORD dwLevelID, HKEY hGroupPolicyKey, const bool bIsComputer)
  153. {
  154. CString szLevelName;
  155. SAFER_LEVEL_HANDLE hLevel = 0;
  156. BOOL bRVal = FALSE;
  157. const int NUM_LEVEL_PAIRS = 10;
  158. static CLevelPair levelPairs[NUM_LEVEL_PAIRS];
  160. for (int nLevelIndex = 0; nLevelIndex < NUM_LEVEL_PAIRS; nLevelIndex++)
  161. {
  162. if ( -1 == levelPairs[nLevelIndex].m_dwLevelID )
  163. break;
  164. else if ( dwLevelID == levelPairs[nLevelIndex].m_dwLevelID )
  165. {
  166. return levelPairs[nLevelIndex].m_szLevelName;
  167. }
  168. }
  170. if ( hGroupPolicyKey )
  171. {
  172. if ( !g_hkeyLastSaferRegistryScope )
  173. SetRegistryScope (hGroupPolicyKey, bIsComputer);
  176. bRVal = SaferCreateLevel (SAFER_SCOPEID_REGISTRY,
  177. dwLevelID,
  178. SAFER_LEVEL_OPEN,
  179. &hLevel,
  180. hGroupPolicyKey);
  181. }
  182. else
  183. {
  184. bRVal = SaferCreateLevel (SAFER_SCOPEID_MACHINE,
  185. dwLevelID,
  186. SAFER_LEVEL_OPEN,
  187. &hLevel,
  188. 0);
  189. }
  191. if ( bRVal )
  192. {
  193. DWORD dwBufferSize = 0;
  194. DWORD dwErr = 0;
  195. bRVal = SaferGetLevelInformation(hLevel,
  196. SaferObjectFriendlyName,
  197. 0,
  198. dwBufferSize,
  199. &dwBufferSize);
  200. if ( !bRVal && ERROR_INSUFFICIENT_BUFFER == GetLastError () )
  201. {
  202. PWSTR pszLevelName = (PWSTR) LocalAlloc (LPTR, dwBufferSize);
  203. if ( pszLevelName )
  204. {
  205. bRVal = SaferGetLevelInformation(hLevel,
  206. SaferObjectFriendlyName,
  207. pszLevelName,
  208. dwBufferSize,
  209. &dwBufferSize);
  210. ASSERT (bRVal);
  211. if ( bRVal )
  212. {
  213. szLevelName = pszLevelName;
  214. }
  215. else
  216. {
  217. dwErr = GetLastError ();
  218. _TRACE (0, L"SaferGetLevelInformation(SaferObjectFriendlyName) failed: %d\n",
  219. dwErr);
  220. }
  222. LocalFree (pszLevelName);
  223. }
  224. }
  225. else if ( !bRVal )
  226. {
  227. dwErr = GetLastError ();
  228. _TRACE (0, L"SaferGetLevelInformation(SaferObjectFriendlyName) failed: %d\n",
  229. dwErr);
  230. }
  232. VERIFY (SaferCloseLevel (hLevel));
  233. }
  234. else
  235. {
  236. DWORD dwErr = GetLastError ();
  237. _TRACE (0, L"SaferCloseLevel (SAFER_SCOPEID_REGISTRY, 0x%x, SAFER_LEVEL_OPEN) failed: %d\n",
  238. dwLevelID, dwErr);
  239. }
  241. if ( nLevelIndex < NUM_LEVEL_PAIRS && !szLevelName.IsEmpty () )
  242. {
  243. levelPairs[nLevelIndex].m_dwLevelID = dwLevelID;
  244. levelPairs[nLevelIndex].m_szLevelName = szLevelName;
  245. }
  246. return szLevelName;
  247. }
  249. CString SaferGetLevelDescription (DWORD dwLevelID, HKEY hGroupPolicyKey, const bool bIsComputer)
  250. {
  251. CString szDescription;
  252. SAFER_LEVEL_HANDLE hLevel = 0;
  253. BOOL bRVal = FALSE;
  255. if ( hGroupPolicyKey )
  256. {
  257. if ( !g_hkeyLastSaferRegistryScope )
  258. SetRegistryScope (hGroupPolicyKey, bIsComputer);
  260. bRVal = SaferCreateLevel (SAFER_SCOPEID_REGISTRY,
  261. dwLevelID,
  262. SAFER_LEVEL_OPEN,
  263. &hLevel,
  264. hGroupPolicyKey);
  265. }
  266. else
  267. {
  268. bRVal = SaferCreateLevel (SAFER_SCOPEID_MACHINE,
  269. dwLevelID,
  270. SAFER_LEVEL_OPEN,
  271. &hLevel,
  272. 0);
  273. }
  275. ASSERT (bRVal);
  276. if ( bRVal )
  277. {
  278. DWORD dwBufferSize = 0;
  279. DWORD dwErr = 0;
  280. bRVal = SaferGetLevelInformation(hLevel,
  281. SaferObjectDescription,
  282. 0,
  283. dwBufferSize,
  284. &dwBufferSize);
  285. if ( !bRVal && ERROR_INSUFFICIENT_BUFFER == GetLastError () )
  286. {
  287. PWSTR pszDescription = (PWSTR) LocalAlloc (LPTR, dwBufferSize);
  288. if ( pszDescription )
  289. {
  290. bRVal = SaferGetLevelInformation(hLevel,
  291. SaferObjectDescription,
  292. pszDescription,
  293. dwBufferSize,
  294. &dwBufferSize);
  295. ASSERT (bRVal);
  296. if ( bRVal )
  297. {
  298. szDescription = pszDescription;
  299. }
  300. else
  301. {
  302. dwErr = GetLastError ();
  303. _TRACE (0, L"SaferGetLevelInformation(SaferObjectFriendlyName) failed: %d\n",
  304. dwErr);
  305. }
  307. LocalFree (pszDescription);
  308. }
  309. }
  310. else if ( !bRVal )
  311. {
  312. dwErr = GetLastError ();
  313. _TRACE (0, L"SaferGetLevelInformation(SaferObjectFriendlyName) failed: %d\n",
  314. dwErr);
  315. }
  317. if ( ERROR_NOT_FOUND == dwErr || szDescription.IsEmpty () )
  318. {
  319. VERIFY (szDescription.LoadString (IDS_NOT_AVAILABLE));
  320. }
  322. VERIFY (SaferCloseLevel (hLevel));
  323. }
  324. else
  325. {
  326. DWORD dwErr = GetLastError ();
  327. _TRACE (0, L"SaferCloseLevel (SAFER_SCOPEID_REGISTRY, 0x%x, SAFER_LEVEL_OPEN) failed: %d\n",
  328. dwLevelID, dwErr);
  329. }
  331. return szDescription;
  332. }
  335. HRESULT SaferGetLevelID (SAFER_LEVEL_HANDLE hLevel, DWORD& dwLevelID)
  336. {
  337. ASSERT (0 != g_hkeyLastSaferRegistryScope);
  338. DWORD dwBufferSize = sizeof (DWORD);
  339. HRESULT hr = S_OK;
  341. BOOL bRVal = SaferGetLevelInformation(hLevel,
  342. SaferObjectLevelId,
  343. &dwLevelID,
  344. dwBufferSize,
  345. &dwBufferSize);
  346. ASSERT (bRVal);
  347. if ( !bRVal )
  348. {
  349. DWORD dwErr = GetLastError ();
  350. hr = HRESULT_FROM_WIN32 (dwErr);
  351. _TRACE (0, L"SaferGetLevelInformation(SaferObjectLevelId) failed: %d\n",
  352. dwErr);
  353. }
  355. return hr;
  356. }
  359. CSaferEntries::CSaferEntries(
  360. bool bIsMachine,
  361. PCWSTR pszMachineName,
  362. PCWSTR pszObjectName,
  363. IGPEInformation* pGPEInformation,
  364. IRSOPInformation* pRSOPInformation,
  365. CRSOPObjectArray& rsopObjectArray,
  366. LPCONSOLE pConsole)
  367. : CCertMgrCookie (bIsMachine ? CERTMGR_SAFER_COMPUTER_ENTRIES : CERTMGR_SAFER_USER_ENTRIES,
  368. pszMachineName, pszObjectName),
  369. m_pTrustedPublishersStore (0),
  370. m_pDisallowedStore (0)
  371. {
  372. if ( pGPEInformation )
  373. {
  374. m_pTrustedPublishersStore = new CCertStoreSafer (
  375. CERT_SYSTEM_STORE_RELOCATE_FLAG,
  376. L"",
  377. SAFER_TRUSTED_PUBLISHER_STORE_FRIENDLY_NAME,
  378. SAFER_TRUSTED_PUBLISHER_STORE_NAME,
  379. L"",
  380. pGPEInformation,
  381. bIsMachine ? NODEID_Machine : NODEID_User,
  382. pConsole);
  384. m_pDisallowedStore = new CCertStoreSafer (
  385. CERT_SYSTEM_STORE_RELOCATE_FLAG,
  386. L"",
  387. SAFER_DISALLOWED_STORE_FRIENDLY_NAME,
  388. SAFER_DISALLOWED_STORE_NAME,
  389. L"",
  390. pGPEInformation,
  391. bIsMachine ? NODEID_Machine : NODEID_User,
  392. pConsole);
  393. }
  394. else if ( pRSOPInformation )
  395. {
  396. m_pTrustedPublishersStore = new CCertStoreRSOP (
  397. CERT_SYSTEM_STORE_RELOCATE_FLAG,
  398. L"",
  399. SAFER_TRUSTED_PUBLISHER_STORE_FRIENDLY_NAME,
  400. SAFER_TRUSTED_PUBLISHER_STORE_NAME,
  401. L"",
  402. rsopObjectArray,
  403. bIsMachine ? NODEID_Machine : NODEID_User,
  404. pConsole);
  406. m_pDisallowedStore = new CCertStoreRSOP (
  407. CERT_SYSTEM_STORE_RELOCATE_FLAG,
  408. L"",
  409. SAFER_DISALLOWED_STORE_FRIENDLY_NAME,
  410. SAFER_DISALLOWED_STORE_NAME,
  411. L"",
  412. rsopObjectArray,
  413. bIsMachine ? NODEID_Machine : NODEID_User,
  414. pConsole);
  415. }
  417. }
  419. CSaferEntries::~CSaferEntries ()
  420. {
  421. if ( m_pTrustedPublishersStore )
  422. m_pTrustedPublishersStore->Release ();
  424. if ( m_pDisallowedStore )
  425. m_pDisallowedStore->Release ();
  426. }
  428. HRESULT CSaferEntries::GetTrustedPublishersStore(CCertStore **ppStore)
  429. {
  430. if ( !ppStore )
  431. return E_POINTER;
  433. if ( m_pTrustedPublishersStore )
  434. {
  435. m_pTrustedPublishersStore->AddRef ();
  436. *ppStore = m_pTrustedPublishersStore;
  437. }
  438. else
  439. return E_FAIL;
  441. return S_OK;
  442. }
  444. HRESULT CSaferEntries::GetDisallowedStore(CCertStore **ppStore)
  445. {
  446. if ( !ppStore )
  447. return E_POINTER;
  449. if ( m_pDisallowedStore )
  450. {
  451. m_pDisallowedStore->AddRef ();
  452. *ppStore = m_pDisallowedStore;
  453. }
  454. else
  455. return E_FAIL;
  458. return S_OK;
  459. }
  461. HRESULT SetRegistryScope (HKEY hKey, bool bIsComputer)
  462. {
  463. HRESULT hr = S_OK;
  466. if ( g_hkeyLastSaferRegistryScope != hKey || g_bIsComputer != bIsComputer )
  467. {
  468. BOOL bRVal = SaferiChangeRegistryScope (hKey, REG_OPTION_NON_VOLATILE);
  469. ASSERT (bRVal);
  470. if ( bRVal )
  471. {
  472. g_hkeyLastSaferRegistryScope = hKey;
  473. g_bIsComputer = bIsComputer;
  474. }
  475. else
  476. {
  477. DWORD dwErr = GetLastError ();
  478. hr = HRESULT_FROM_WIN32 (dwErr);
  479. _TRACE (0, L"SaferiChangeRegistryScope (%s) failed: %d\n",
  480. hKey ? L"hKey" : L"0", dwErr);
  481. }
  482. }
  484. return hr;
  485. }
  487. ///////////////////////////////////////////////////////////////////////////////
  489. // Returns S_OK if the file has a valid signed hash
  490. HRESULT GetSignedFileHash(
  491. IN LPCWSTR pwszFilename,
  492. OUT BYTE rgbFileHash[SAFER_MAX_HASH_SIZE],
  493. OUT DWORD *pcbFileHash,
  494. OUT ALG_ID *pHashAlgid
  495. )
  496. {
  497. HRESULT hr = S_OK;
  498. if ( !pwszFilename || !rgbFileHash || !pcbFileHash || !pHashAlgid )
  499. return E_POINTER;
  500. _TRACE (1, L"Entering GetSignedFileHash (%s)\n", pwszFilename);
  502. // Returns S_OK and the hash if the file was signed and contains a valid
  503. // hash
  504. *pcbFileHash = SAFER_MAX_HASH_SIZE;
  505. hr = WTHelperGetFileHash(
  506. pwszFilename,
  507. 0,
  508. NULL,
  509. rgbFileHash,
  510. pcbFileHash,
  511. pHashAlgid);
  512. if ( FAILED (hr) )
  513. {
  514. _TRACE (0, L"WTHelperGetFileHash (%s) failed: 0x%x\n", pwszFilename, hr);
  515. }
  517. _TRACE (-1, L"Leaving GetSignedFileHash (%s): 0x%x\n", pwszFilename, hr);
  518. return hr;
  519. }
  522. HRESULT ComputeMD5Hash(IN HANDLE hFile, BYTE hashResult[SAFER_MAX_HASH_SIZE], DWORD& dwHashSize)
  523. /*++
  525. Routine Description:
  527. Computes the MD5 hash of a given file's contents and prints the
  528. resulting hash value to the screen.
  530. Arguments:
  532. szFilename - filename to compute hash of.
  534. Return Value:
  536. Returns 0 on success, or a non-zero exit code on failure.
  538. --*/
  539. {
  540. _TRACE (1, L"Entering ComputeMD5Hash ()\n");
  541. HRESULT hr = S_OK;
  543. //
  544. // Open the specified file and map it into memory.
  545. //
  546. HANDLE hMapping = CreateFileMapping(hFile, NULL, PAGE_READONLY, 0, 0, NULL);
  547. if ( hMapping )
  548. {
  549. DWORD dwDataLen = GetFileSize (hFile, NULL);
  551. if ( -1 != dwDataLen )
  552. {
  553. LPBYTE pbData = (LPBYTE) ::MapViewOfFile (hMapping, FILE_MAP_READ, 0, 0, dwDataLen);
  554. if ( pbData )
  555. {
  556. //
  557. // Generate the hash value of the specified file.
  558. //
  559. HCRYPTPROV hProvider = 0;
  560. if ( CryptAcquireContext(&hProvider, NULL, NULL,
  561. PROV_RSA_SIG, CRYPT_VERIFYCONTEXT) ||
  562. CryptAcquireContext(&hProvider, NULL, NULL,
  563. PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) )
  564. {
  565. HCRYPTHASH hHash = 0;
  566. if ( CryptCreateHash(hProvider, CALG_MD5, 0, 0, &hHash) )
  567. {
  568. if ( CryptHashData (hHash, pbData, dwDataLen, 0) )
  569. {
  570. dwHashSize = SAFER_MAX_HASH_SIZE;
  572. if (!CryptGetHashParam(hHash, HP_HASHVAL, hashResult, &dwHashSize, 0))
  573. {
  574. dwHashSize = 0;
  575. DWORD dwErr = GetLastError ();
  576. hr = HRESULT_FROM_WIN32 (dwErr);
  577. _TRACE (0, L"CryptHashData () failed: 0x%x\n", hr);
  578. }
  579. }
  580. else
  581. {
  582. DWORD dwErr = GetLastError ();
  583. hr = HRESULT_FROM_WIN32 (dwErr);
  584. _TRACE (0, L"CryptHashData () failed: 0x%x\n", hr);
  585. }
  586. CryptDestroyHash(hHash);
  587. }
  588. else
  589. {
  590. DWORD dwErr = GetLastError ();
  591. hr = HRESULT_FROM_WIN32 (dwErr);
  592. _TRACE (0, L"CryptCreateHash () failed: 0x%x\n", hr);
  593. }
  594. CryptReleaseContext(hProvider, 0);
  595. }
  596. else
  597. {
  598. DWORD dwErr = GetLastError ();
  599. hr = HRESULT_FROM_WIN32 (dwErr);
  600. _TRACE (0, L"CryptAcquireContext () failed: 0x%x\n", hr);
  601. }
  603. ::UnmapViewOfFile(pbData);
  604. }
  605. else
  606. {
  607. DWORD dwErr = GetLastError ();
  608. _TRACE (0, L"MapViewOfFile () failed: 0x%x\n", dwErr);
  609. hr = HRESULT_FROM_WIN32 (dwErr);
  610. }
  611. }
  612. else
  613. {
  614. DWORD dwErr = GetLastError ();
  615. _TRACE (0, L"GetFileSize () failed: 0x%x\n", dwErr);
  616. hr = HRESULT_FROM_WIN32 (dwErr);
  617. }
  619. VERIFY (CloseHandle(hMapping));
  620. hMapping = 0;
  621. }
  622. else
  623. {
  624. DWORD dwErr = GetLastError ();
  625. _TRACE (0, L"CreateFileMapping () failed: 0x%x\n", dwErr);
  626. hr = HRESULT_FROM_WIN32 (dwErr);
  627. }
  629. _TRACE (-1, L"Leaving ComputeMD5Hash (): 0x%x\n", hr);
  630. return hr;
  631. }
  633. CString GetURLZoneFriendlyName (DWORD dwURLZoneID)
  634. {
  635. CString szFriendlyName;
  637. switch (dwURLZoneID)
  638. {
  639. case URLZONE_LOCAL_MACHINE:
  640. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_LOCAL_MACHINE));
  641. break;
  643. case URLZONE_INTRANET:
  644. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_INTRANET));
  645. break;
  647. case URLZONE_TRUSTED:
  648. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_TRUSTED));
  649. break;
  651. case URLZONE_INTERNET:
  652. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_INTERNET));
  653. break;
  655. case URLZONE_UNTRUSTED:
  656. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_UNTRUSTED));
  657. break;
  659. default:
  660. ASSERT (0);
  661. VERIFY (szFriendlyName.LoadString (IDS_URLZONE_UNKNOWN));
  662. break;
  663. }
  665. return szFriendlyName;
  666. }
  668. //
  669. // Given a GUID in string format it returns a GUID struct
  670. //
  671. // e.g. "{00299570-246d-11d0-a768-00aa006e0529}" to a struct form
  672. //
  674. BOOL GuidFromString(GUID* pGuid, LPCWSTR lpszGuidString)
  675. {
  676. ZeroMemory(pGuid, sizeof(GUID));
  677. if (lpszGuidString == NULL)
  678. {
  679. return FALSE;
  680. }
  682. int nLen = lstrlen(lpszGuidString);
  683. // the string length should be 38
  684. if (nLen != 38)
  685. return FALSE;
  687. return SUCCEEDED(::CLSIDFromString (const_cast <LPOLESTR>(lpszGuidString), pGuid));
  688. }
  691. HRESULT SaferSetDefinedFileTypes (
  692. HWND hWnd,
  693. HKEY hGroupPolicyKey,
  694. PCWSTR pszFileTypes,
  695. int nBufLen)
  696. {
  697. HRESULT hr = S_OK;
  698. DWORD dwDisposition = 0;
  700. HKEY hKey = 0;
  701. LONG lResult = ::RegCreateKeyEx (hGroupPolicyKey, // handle of an open key
  702. SAFER_COMPUTER_CODEIDS_REGKEY, // address of subkey name
  703. 0, // reserved
  704. L"", // address of class string
  705. REG_OPTION_NON_VOLATILE, // special options flag
  706. KEY_ALL_ACCESS, // desired security access
  707. NULL, // address of key security structure
  708. &hKey, // address of buffer for opened handle
  709. &dwDisposition); // address of disposition value buffer
  710. ASSERT (ERROR_SUCCESS == lResult);
  711. if ( ERROR_SUCCESS == lResult )
  712. {
  713. lResult = ::RegSetValueEx (
  714. hKey, // handle to key
  715. SAFER_EXETYPES_REGVALUE, // value name
  716. 0, // reserved
  717. REG_MULTI_SZ, // value type
  718. (PBYTE) pszFileTypes, // value data
  719. nBufLen); // size of value data
  720. if ( ERROR_SUCCESS != lResult )
  721. {
  722. DisplaySystemError (hWnd, lResult);
  723. _TRACE (0, L"RegSetValueEx (SAFER_EXETYPES_REGVALUE, %s) failed: %d\n",
  724. pszFileTypes, lResult);
  725. hr = HRESULT_FROM_WIN32 (lResult);
  726. }
  728. RegCloseKey (hKey);
  729. }
  730. else
  731. {
  732. DisplaySystemError (hWnd, lResult);
  733. _TRACE (0, L"RegCreateKeyEx (SAFER_CODEID_KEY) failed: %d\n", lResult);
  734. hr = HRESULT_FROM_WIN32 (lResult);
  735. }
  737. return hr;
  738. }