windows-nt/Source/XPSP1/NT/net/tcpip/services/telnet/client/zone.cpp

118 lines
4 KiB
C++
Raw Normal View History

2020-09-26 03:20:57 -05:00
//Copyright (c) Microsoft Corporation. All rights reserved.
#include <windows.h>
#include "zone.h"
#include <urlmon.h>
int __cdecl IsTrustedServer( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy )
{
int iRetVal = FALSE;
if( !szServer || !szZoneName || !pdwZonePolicy )
{
goto IsTargetServerAbort0;
}
if( IsTargetServerSafeOnProtocol( szServer, szZoneName, dwZoneNameLen, pdwZonePolicy, PROTOCOL_PREFIX_TELNET ) )
{
//Should we be getting the name if given ip( and viceversa) to check for zones as well? What happens in the presence of DHCP?
//Do we need to check for http://machine as well?
iRetVal = TRUE;
}
IsTargetServerAbort0:
return iRetVal;
}
int __cdecl IsTargetServerSafeOnProtocol( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy, LPWSTR szProtocol )
{
MULTI_QI qiSecurityMgr[] = {{ &IID_IInternetSecurityManager, NULL, S_OK }};
MULTI_QI qiZoneMgr[] = {{ &IID_IInternetZoneManager, NULL, S_OK }};
IInternetSecurityManager *pSecurityMgr = NULL;
IInternetZoneManager *pZoneMgr = NULL;
ZONEATTRIBUTES zaAttribs;
DWORD dwTargetServerZone = 0;
HRESULT hr = S_FALSE;
int iRetVal = FALSE;
LPWSTR lpszTargetServer = NULL;
DWORD dwSize = 0;
bool bCoInit = false;
if( !szServer || !szZoneName || !szProtocol || !pdwZonePolicy )
{
goto IsTargetServerSafeOnProtocol0;
}
hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
if( !SUCCEEDED( hr ) )
{
goto IsTargetServerSafeOnProtocol0;
}
bCoInit = true;
hr = CoCreateInstanceEx(CLSID_InternetSecurityManager, NULL, CLSCTX_INPROC_SERVER, NULL,
sizeof(qiSecurityMgr) / sizeof(MULTI_QI), qiSecurityMgr );
if( !SUCCEEDED( hr ) || !SUCCEEDED(qiSecurityMgr[INDEX_SEC_MGR].hr) ||
!(pSecurityMgr=(IInternetSecurityManager*)qiSecurityMgr[INDEX_SEC_MGR].pItf))
{
goto IsTargetServerSafeOnProtocol0;
}
dwSize = ( wcslen( szServer ) + wcslen( szProtocol ) + 1 ) ;
lpszTargetServer = (WCHAR * )malloc( dwSize * sizeof( WCHAR ));
if( !lpszTargetServer )
{
goto IsTargetServerSafeOnProtocol1;
}
wcsncpy( lpszTargetServer, szProtocol, dwSize - 1 );
lpszTargetServer[dwSize - 1] = L'\0';
wcsncat( lpszTargetServer, szServer, (dwSize - wcslen(lpszTargetServer) -1));
hr = pSecurityMgr->MapUrlToZone(lpszTargetServer, &dwTargetServerZone, 0);
if( !SUCCEEDED(hr) )
{
goto IsTargetServerSafeOnProtocol2;
}
hr = CoCreateInstanceEx(CLSID_InternetZoneManager, NULL, CLSCTX_INPROC_SERVER, NULL,
sizeof(qiZoneMgr) / sizeof(MULTI_QI), qiZoneMgr );
if( !SUCCEEDED( hr ) || !SUCCEEDED(qiZoneMgr[INDEX_ZONE_MGR].hr) ||
!(pZoneMgr=(IInternetZoneManager*)qiZoneMgr[INDEX_ZONE_MGR].pItf) )
{
goto IsTargetServerSafeOnProtocol2;
}
hr = pZoneMgr->GetZoneAttributes( dwTargetServerZone, &zaAttribs );
if( SUCCEEDED( hr ) )
{
wcsncpy( szZoneName, zaAttribs.szDisplayName, MIN( ( wcslen( zaAttribs.szDisplayName ) + 1 ), dwZoneNameLen ) );
}
hr = pZoneMgr->GetZoneActionPolicy( dwTargetServerZone, URLACTION_CREDENTIALS_USE,
(BYTE*)pdwZonePolicy, sizeof( *pdwZonePolicy), URLZONEREG_DEFAULT );
if( !SUCCEEDED( hr ) )
{
goto IsTargetServerSafeOnProtocol3;
}
if((URLPOLICY_CREDENTIALS_SILENT_LOGON_OK == *pdwZonePolicy ) ||
(URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT == *pdwZonePolicy && URLZONE_INTRANET == dwTargetServerZone ) )
{
iRetVal = TRUE;
}
IsTargetServerSafeOnProtocol3:
pZoneMgr->Release();
IsTargetServerSafeOnProtocol2:
free( lpszTargetServer );
IsTargetServerSafeOnProtocol1:
pSecurityMgr->Release();
IsTargetServerSafeOnProtocol0:
if(bCoInit)
{
CoUninitialize();
}
return iRetVal;
}