archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/snapin/certmgr/saferenforcementpropertypag...

360 lines
11 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 2000-2001.
  5. //
  6. // File: SaferEnforcementPropertyPage.h
  7. //
  8. // Contents: Declaration of CSaferEnforcementPropertyPage
  9. //
  10. //----------------------------------------------------------------------------
  11. // SaferEnforcementPropertyPage.cpp : implementation file
  12. //
  14. #include "stdafx.h"
  15. #include "certmgr.h"
  16. #include <gpedit.h>
  17. #include "compdata.h"
  18. #include "SaferEnforcementPropertyPage.h"
  20. #ifdef _DEBUG
  21. #define new DEBUG_NEW
  22. #undef THIS_FILE
  23. static char THIS_FILE[] = __FILE__;
  24. #endif
  26. extern GUID g_guidExtension;
  27. extern GUID g_guidRegExt;
  28. extern GUID g_guidSnapin;
  30. /////////////////////////////////////////////////////////////////////////////
  31. // CSaferEnforcementPropertyPage property page
  33. // The "TransparentEnforcement" flag has the following values:
  34. // 0 = disable all transparent hooks (in CreateProcess and LoadLibrary)
  35. // 1 = enable transparent hooks for CreateProcess
  36. // 2 = enable transparent hooks for CreateProcess and LoadLibrary
  37. #define SAFER_TRANSPARENT_ENFORCEMENT_DISABLE_ALL 0
  38. #define SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_CREATE_PROCESS 1
  39. #define SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_ALL 2
  41. CSaferEnforcementPropertyPage::CSaferEnforcementPropertyPage(
  42. IGPEInformation* pGPEInformation,
  43. CCertMgrComponentData* pCompData,
  44. bool bReadOnly,
  45. CRSOPObjectArray& rsopObjectArray,
  46. bool bIsComputer)
  47. : CHelpPropertyPage(CSaferEnforcementPropertyPage::IDD),
  48. m_pGPEInformation (pGPEInformation),
  49. m_hGroupPolicyKey (0),
  50. m_fIsComputerType (bIsComputer),
  51. m_bReadOnly (bReadOnly),
  52. m_rsopObjectArray (rsopObjectArray),
  53. m_dwEnforcement (0),
  54. m_bDirty (false),
  55. m_dwScopeFlags (0)
  56. {
  57. //{{AFX_DATA_INIT(CSaferEnforcementPropertyPage)
  58. // NOTE: the ClassWizard will add member initialization here
  59. //}}AFX_DATA_INIT
  60. if ( m_pGPEInformation )
  61. {
  62. m_pGPEInformation->AddRef ();
  63. HRESULT hr = m_pGPEInformation->GetRegistryKey (
  64. m_fIsComputerType ? GPO_SECTION_MACHINE : GPO_SECTION_USER,
  65. &m_hGroupPolicyKey);
  66. ASSERT (SUCCEEDED (hr));
  67. if ( SUCCEEDED (hr) )
  68. {
  69. DWORD cbBuffer = sizeof (DWORD);
  70. CPolicyKey policyKey (m_pGPEInformation,
  71. SAFER_HKLM_REGBASE,
  72. m_fIsComputerType);
  74. SetRegistryScope (policyKey.GetKey (), bIsComputer);
  75. BOOL bRVal = SaferGetPolicyInformation (
  76. SAFER_SCOPEID_REGISTRY,
  77. SaferPolicyEnableTransparentEnforcement,
  78. cbBuffer,
  79. &m_dwEnforcement,
  80. &cbBuffer,
  81. 0);
  82. if ( !bRVal )
  83. {
  84. ASSERT (0);
  85. DWORD dwErr = GetLastError ();
  86. hr = HRESULT_FROM_WIN32 (dwErr);
  87. _TRACE (0, L"SaferGetPolicyInformation (SAFER_SCOPEID_REGISTRY, SaferPolicyEnableTransparentEnforcement) failed: %d\n",
  88. dwErr);
  89. }
  92. bRVal = SaferGetPolicyInformation (
  93. SAFER_SCOPEID_REGISTRY,
  94. SaferPolicyScopeFlags,
  95. cbBuffer,
  96. &m_dwScopeFlags,
  97. &cbBuffer,
  98. 0);
  99. if ( !bRVal )
  100. {
  101. ASSERT (0);
  102. DWORD dwErr = GetLastError ();
  103. hr = HRESULT_FROM_WIN32 (dwErr);
  104. _TRACE (0, L"SaferGetPolicyInformation (SAFER_SCOPEID_REGISTRY, SaferPolicyScopeFlags) failed: %d\n",
  105. dwErr);
  106. }
  107. }
  108. }
  109. else
  110. {
  111. RSOPGetEnforcement (pCompData);
  112. }
  113. }
  115. CSaferEnforcementPropertyPage::~CSaferEnforcementPropertyPage()
  116. {
  117. if ( m_hGroupPolicyKey )
  118. RegCloseKey (m_hGroupPolicyKey);
  120. if ( m_pGPEInformation )
  121. {
  122. m_pGPEInformation->Release ();
  123. }
  124. }
  126. void CSaferEnforcementPropertyPage::DoDataExchange(CDataExchange* pDX)
  127. {
  128. CHelpPropertyPage::DoDataExchange(pDX);
  129. //{{AFX_DATA_MAP(CSaferEnforcementPropertyPage)
  130. // NOTE: the ClassWizard will add DDX and DDV calls here
  131. //}}AFX_DATA_MAP
  132. }
  135. BEGIN_MESSAGE_MAP(CSaferEnforcementPropertyPage, CHelpPropertyPage)
  136. //{{AFX_MSG_MAP(CSaferEnforcementPropertyPage)
  137. ON_BN_CLICKED(IDC_ALL_EXCEPT_LIBS, OnAllExceptLibs)
  138. ON_BN_CLICKED(IDC_ALL_SOFTWARE_FILES, OnAllSoftwareFiles)
  139. ON_BN_CLICKED(IDC_APPLY_EXCEPT_ADMINS, OnApplyExceptAdmins)
  140. ON_BN_CLICKED(IDC_APPLY_TO_ALL_USERS, OnApplyToAllUsers)
  141. //}}AFX_MSG_MAP
  142. END_MESSAGE_MAP()
  144. /////////////////////////////////////////////////////////////////////////////
  145. // CSaferEnforcementPropertyPage message handlers
  146. void CSaferEnforcementPropertyPage::DoContextHelp (HWND hWndControl)
  147. {
  148. _TRACE (1, L"Entering CSaferEnforcementPropertyPage::DoContextHelp\n");
  149. static const DWORD help_map[] =
  150. {
  151. IDC_ALL_EXCEPT_LIBS, IDH_ALL_EXCEPT_LIBS,
  152. IDC_ALL_SOFTWARE_FILES, IDH_ALL_SOFTWARE_FILES,
  153. IDC_APPLY_TO_ALL_USERS, IDH_APPLY_TO_ALL_USERS,
  154. IDC_APPLY_EXCEPT_ADMINS, IDH_APPLY_EXCEPT_ADMINS,
  155. 0, 0
  156. };
  157. if ( !::WinHelp (
  158. hWndControl,
  159. GetF1HelpFilename(),
  160. HELP_WM_HELP,
  161. (DWORD_PTR) help_map) )
  162. {
  163. _TRACE (0, L"WinHelp () failed: 0x%x\n", GetLastError ());
  164. }
  165. _TRACE (-1, L"Leaving CSaferEnforcementPropertyPage::DoContextHelp\n");
  166. }
  168. void CSaferEnforcementPropertyPage::RSOPGetEnforcement(CCertMgrComponentData* /*pCompData*/)
  169. {
  170. int nIndex = 0;
  171. INT_PTR nUpperBound = m_rsopObjectArray.GetUpperBound ();
  172. bool bEnforcementFlagFound = false;
  173. bool bScopeFlagFound = false;
  175. while ( nUpperBound >= nIndex )
  176. {
  177. CRSOPObject* pObject = m_rsopObjectArray.GetAt (nIndex);
  178. if ( pObject )
  179. {
  180. if ( pObject->GetRegistryKey () == SAFER_HKLM_REGBASE &&
  181. pObject->GetValueName () == SAFER_TRANSPARENTENABLED_REGVALUE &&
  182. 1 == pObject->GetPrecedence ())
  183. {
  184. m_dwEnforcement = pObject->GetDWORDValue ();
  185. bEnforcementFlagFound = true;
  186. }
  187. else if ( pObject->GetRegistryKey () == SAFER_HKLM_REGBASE &&
  188. pObject->GetValueName () == SAFER_POLICY_SCOPE &&
  189. 1 == pObject->GetPrecedence ())
  190. {
  191. m_dwScopeFlags = pObject->GetDWORDValue ();
  192. bScopeFlagFound = true;
  193. }
  194. }
  195. else
  196. break;
  198. if ( bScopeFlagFound && bEnforcementFlagFound )
  199. break;
  201. nIndex++;
  202. }
  203. }
  205. void CSaferEnforcementPropertyPage::OnAllExceptLibs()
  206. {
  207. SetModified ();
  208. m_bDirty = true;
  209. }
  211. void CSaferEnforcementPropertyPage::OnAllSoftwareFiles()
  212. {
  213. SetModified ();
  214. m_bDirty = true;
  215. }
  217. BOOL CSaferEnforcementPropertyPage::OnApply()
  218. {
  219. _TRACE (1, L"Entering CSaferEnforcementPropertyPage::OnApply ()\n");
  220. if ( m_bDirty && m_pGPEInformation)
  221. {
  222. if ( BST_CHECKED == SendDlgItemMessage (IDC_ALL_EXCEPT_LIBS,
  223. BM_GETCHECK) )
  224. {
  225. m_dwEnforcement = SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_CREATE_PROCESS;
  226. }
  227. else if ( BST_CHECKED == SendDlgItemMessage (IDC_ALL_SOFTWARE_FILES,
  228. BM_GETCHECK) )
  229. {
  230. m_dwEnforcement = SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_ALL;
  231. }
  233. if ( BST_CHECKED == SendDlgItemMessage (IDC_APPLY_EXCEPT_ADMINS,
  234. BM_GETCHECK) )
  235. {
  236. m_dwScopeFlags = 1;
  237. }
  238. else if ( BST_CHECKED == SendDlgItemMessage (IDC_APPLY_TO_ALL_USERS,
  239. BM_GETCHECK) )
  240. {
  241. m_dwScopeFlags = 0;
  242. }
  244. CPolicyKey policyKey (m_pGPEInformation,
  245. SAFER_HKLM_REGBASE,
  246. m_fIsComputerType);
  247. SetRegistryScope (policyKey.GetKey (), m_fIsComputerType);
  248. DWORD cbData = sizeof (m_dwEnforcement);
  249. BOOL bRVal = SaferSetPolicyInformation (SAFER_SCOPEID_REGISTRY,
  250. SaferPolicyEnableTransparentEnforcement, cbData,
  251. &m_dwEnforcement, 0);
  252. if ( bRVal )
  253. {
  254. cbData = sizeof (m_dwScopeFlags);
  255. bRVal = SaferSetPolicyInformation (SAFER_SCOPEID_REGISTRY,
  256. SaferPolicyScopeFlags, cbData,
  257. &m_dwScopeFlags, 0);
  258. if ( bRVal )
  259. {
  260. // TRUE means we're changing the machine policy only
  261. m_pGPEInformation->PolicyChanged (m_fIsComputerType ? TRUE : FALSE,
  262. TRUE, &g_guidExtension, &g_guidSnapin);
  263. m_pGPEInformation->PolicyChanged (m_fIsComputerType ? TRUE : FALSE,
  264. TRUE, &g_guidRegExt, &g_guidSnapin);
  265. }
  266. else
  267. {
  268. DWORD dwErr = GetLastError ();
  269. _TRACE (0, L"SaferSetPolicyInformation (SAFER_SCOPEID_REGISTRY, SaferPolicyScopeFlags, %d failed: 0x%x\n",
  270. m_dwEnforcement, dwErr);
  271. CString text;
  272. CString caption;
  273. CThemeContextActivator activator;
  275. VERIFY (caption.LoadString (IDS_SAFER_WINDOWS_NODE_NAME));
  276. text.FormatMessage (IDS_CAN_SET_SAFER_ENFORCEMENT, GetSystemMessage (dwErr));
  277. MessageBox (text, caption);
  279. return FALSE;
  280. }
  281. }
  282. else
  283. {
  284. DWORD dwErr = GetLastError ();
  285. _TRACE (0, L"SaferSetPolicyInformation (SAFER_SCOPEID_REGISTRY, SaferPolicyEnableTransparentEnforcement, %d failed: 0x%x\n",
  286. m_dwEnforcement, dwErr);
  287. CString text;
  288. CString caption;
  289. CThemeContextActivator activator;
  291. VERIFY (caption.LoadString (IDS_SAFER_WINDOWS_NODE_NAME));
  292. text.FormatMessage (IDS_CAN_SET_SAFER_ENFORCEMENT, GetSystemMessage (dwErr));
  293. MessageBox (text, caption);
  295. return FALSE;
  296. }
  299. m_bDirty = false;
  300. }
  302. _TRACE (-1, L"Leaving CSaferEnforcementPropertyPage::OnApply ()\n");
  303. return CHelpPropertyPage::OnApply();
  304. }
  306. BOOL CSaferEnforcementPropertyPage::OnInitDialog()
  307. {
  308. CHelpPropertyPage::OnInitDialog();
  310. switch (m_dwEnforcement)
  311. {
  312. case SAFER_TRANSPARENT_ENFORCEMENT_DISABLE_ALL:
  313. break;
  315. case SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_CREATE_PROCESS:
  316. SendDlgItemMessage (IDC_ALL_EXCEPT_LIBS, BM_SETCHECK, BST_CHECKED);
  317. break;
  319. case SAFER_TRANSPARENT_ENFORCEMENT_ENABLE_ALL:
  320. SendDlgItemMessage (IDC_ALL_SOFTWARE_FILES, BM_SETCHECK, BST_CHECKED);
  321. break;
  323. default:
  324. ASSERT (0);
  325. break;
  326. }
  328. if ( 1 == m_dwScopeFlags )
  329. {
  330. SendDlgItemMessage (IDC_APPLY_EXCEPT_ADMINS, BM_SETCHECK, BST_CHECKED);
  331. }
  332. else
  333. {
  334. SendDlgItemMessage (IDC_APPLY_TO_ALL_USERS, BM_SETCHECK, BST_CHECKED);
  335. }
  337. if ( m_bReadOnly )
  338. {
  339. GetDlgItem (IDC_ALL_EXCEPT_LIBS)->EnableWindow (FALSE);
  340. GetDlgItem (IDC_ALL_SOFTWARE_FILES)->EnableWindow (FALSE);
  341. GetDlgItem (IDC_APPLY_TO_ALL_USERS)->EnableWindow (FALSE);
  342. GetDlgItem (IDC_APPLY_EXCEPT_ADMINS)->EnableWindow (FALSE);
  343. }
  345. return TRUE; // return TRUE unless you set the focus to a control
  346. // EXCEPTION: OCX Property Pages should return FALSE
  347. }
  350. void CSaferEnforcementPropertyPage::OnApplyExceptAdmins()
  351. {
  352. SetModified ();
  353. m_bDirty = true;
  354. }
  356. void CSaferEnforcementPropertyPage::OnApplyToAllUsers()
  357. {
  358. SetModified ();
  359. m_bDirty = true;
  360. }