windows-xp/Source/XPSP1/NT/net/tcpip/services/telnet/client/zone.cpp

//Copyright (c) Microsoft Corporation.  All rights reserved.
#include <windows.h>      
#include "zone.h"
#include <urlmon.h>

int __cdecl IsTrustedServer( LPWSTR szServer, LPWSTR szZoneName,  DWORD dwZoneNameLen, DWORD *pdwZonePolicy )
{
    int iRetVal = FALSE;

    if( !szServer || !szZoneName || !pdwZonePolicy )
    {
        goto IsTargetServerAbort0;
    }

    if( IsTargetServerSafeOnProtocol( szServer, szZoneName, dwZoneNameLen, pdwZonePolicy, PROTOCOL_PREFIX_TELNET ) )
    {
        //Should we be getting the name if given ip( and viceversa) to check for zones as well? What happens in the presence of DHCP?
        //Do we need to check for http://machine as well?
        iRetVal = TRUE;
    }

IsTargetServerAbort0:
    return iRetVal;
}


int __cdecl IsTargetServerSafeOnProtocol( LPWSTR szServer, LPWSTR szZoneName,  DWORD dwZoneNameLen, DWORD *pdwZonePolicy, LPWSTR szProtocol )
{
    MULTI_QI qiSecurityMgr[] = {{ &IID_IInternetSecurityManager, NULL, S_OK }}; 
    MULTI_QI qiZoneMgr[]    = {{ &IID_IInternetZoneManager,    NULL, S_OK }};
    IInternetSecurityManager *pSecurityMgr = NULL;    
    IInternetZoneManager    *pZoneMgr = NULL;
    ZONEATTRIBUTES        zaAttribs;
    DWORD                dwTargetServerZone = 0;
    HRESULT               hr = S_FALSE;
    int                     iRetVal = FALSE;
    LPWSTR                lpszTargetServer = NULL;
    DWORD               dwSize = 0;
    bool                bCoInit = false;

    if( !szServer || !szZoneName || !szProtocol || !pdwZonePolicy )
    {
        goto IsTargetServerSafeOnProtocol0;
    }
    
    hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
    if( !SUCCEEDED( hr ) )
    {
        goto IsTargetServerSafeOnProtocol0;
    }
    bCoInit = true;
    hr = CoCreateInstanceEx(CLSID_InternetSecurityManager, NULL, CLSCTX_INPROC_SERVER, NULL, 
                sizeof(qiSecurityMgr) / sizeof(MULTI_QI), qiSecurityMgr );
    if( !SUCCEEDED( hr ) || !SUCCEEDED(qiSecurityMgr[INDEX_SEC_MGR].hr) || 
       !(pSecurityMgr=(IInternetSecurityManager*)qiSecurityMgr[INDEX_SEC_MGR].pItf))
    {
        goto IsTargetServerSafeOnProtocol0;
    }

    dwSize = ( wcslen( szServer ) + wcslen( szProtocol ) + 1 ) ;
    lpszTargetServer = (WCHAR * )malloc( dwSize * sizeof( WCHAR ));
    if( !lpszTargetServer )
    {
        goto IsTargetServerSafeOnProtocol1;        
    }

    wcsncpy( lpszTargetServer, szProtocol, dwSize - 1 );
    lpszTargetServer[dwSize - 1] = L'\0';
    wcsncat( lpszTargetServer, szServer, (dwSize - wcslen(lpszTargetServer) -1));
    
    hr = pSecurityMgr->MapUrlToZone(lpszTargetServer, &dwTargetServerZone, 0);
    if( !SUCCEEDED(hr) )
    {
        goto IsTargetServerSafeOnProtocol2;
    }

    hr = CoCreateInstanceEx(CLSID_InternetZoneManager, NULL, CLSCTX_INPROC_SERVER, NULL, 
                sizeof(qiZoneMgr) / sizeof(MULTI_QI), qiZoneMgr );
    if( !SUCCEEDED( hr ) || !SUCCEEDED(qiZoneMgr[INDEX_ZONE_MGR].hr) || 
       !(pZoneMgr=(IInternetZoneManager*)qiZoneMgr[INDEX_ZONE_MGR].pItf) )  
    {
        goto IsTargetServerSafeOnProtocol2;
    }   

    hr = pZoneMgr->GetZoneAttributes( dwTargetServerZone, &zaAttribs );
    if( SUCCEEDED( hr ) )
    {
        wcsncpy( szZoneName, zaAttribs.szDisplayName, MIN( ( wcslen( zaAttribs.szDisplayName ) + 1 ), dwZoneNameLen ) );
    }
        
        
    hr = pZoneMgr->GetZoneActionPolicy( dwTargetServerZone, URLACTION_CREDENTIALS_USE,  
                                 (BYTE*)pdwZonePolicy, sizeof( *pdwZonePolicy), URLZONEREG_DEFAULT );
    if( !SUCCEEDED( hr ) )
    {
        goto IsTargetServerSafeOnProtocol3;    
    }        

    if((URLPOLICY_CREDENTIALS_SILENT_LOGON_OK == *pdwZonePolicy ) || 
     (URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT == *pdwZonePolicy && URLZONE_INTRANET == dwTargetServerZone ) )
    {
        iRetVal = TRUE;
    }    

IsTargetServerSafeOnProtocol3:    
    pZoneMgr->Release();
IsTargetServerSafeOnProtocol2:
    free( lpszTargetServer );
IsTargetServerSafeOnProtocol1:
    pSecurityMgr->Release();
IsTargetServerSafeOnProtocol0:    
    if(bCoInit)
    {
        CoUninitialize();
    }
    return iRetVal;
}