//Copyright (c) Microsoft Corporation. All rights reserved. #include #include "zone.h" #include int __cdecl IsTrustedServer( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy ) { int iRetVal = FALSE; if( !szServer || !szZoneName || !pdwZonePolicy ) { goto IsTargetServerAbort0; } if( IsTargetServerSafeOnProtocol( szServer, szZoneName, dwZoneNameLen, pdwZonePolicy, PROTOCOL_PREFIX_TELNET ) ) { //Should we be getting the name if given ip( and viceversa) to check for zones as well? What happens in the presence of DHCP? //Do we need to check for http://machine as well? iRetVal = TRUE; } IsTargetServerAbort0: return iRetVal; } int __cdecl IsTargetServerSafeOnProtocol( LPWSTR szServer, LPWSTR szZoneName, DWORD dwZoneNameLen, DWORD *pdwZonePolicy, LPWSTR szProtocol ) { MULTI_QI qiSecurityMgr[] = {{ &IID_IInternetSecurityManager, NULL, S_OK }}; MULTI_QI qiZoneMgr[] = {{ &IID_IInternetZoneManager, NULL, S_OK }}; IInternetSecurityManager *pSecurityMgr = NULL; IInternetZoneManager *pZoneMgr = NULL; ZONEATTRIBUTES zaAttribs; DWORD dwTargetServerZone = 0; HRESULT hr = S_FALSE; int iRetVal = FALSE; LPWSTR lpszTargetServer = NULL; DWORD dwSize = 0; bool bCoInit = false; if( !szServer || !szZoneName || !szProtocol || !pdwZonePolicy ) { goto IsTargetServerSafeOnProtocol0; } hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED); if( !SUCCEEDED( hr ) ) { goto IsTargetServerSafeOnProtocol0; } bCoInit = true; hr = CoCreateInstanceEx(CLSID_InternetSecurityManager, NULL, CLSCTX_INPROC_SERVER, NULL, sizeof(qiSecurityMgr) / sizeof(MULTI_QI), qiSecurityMgr ); if( !SUCCEEDED( hr ) || !SUCCEEDED(qiSecurityMgr[INDEX_SEC_MGR].hr) || !(pSecurityMgr=(IInternetSecurityManager*)qiSecurityMgr[INDEX_SEC_MGR].pItf)) { goto IsTargetServerSafeOnProtocol0; } dwSize = ( wcslen( szServer ) + wcslen( szProtocol ) + 1 ) ; lpszTargetServer = (WCHAR * )malloc( dwSize * sizeof( WCHAR )); if( !lpszTargetServer ) { goto IsTargetServerSafeOnProtocol1; } wcsncpy( lpszTargetServer, szProtocol, dwSize - 1 ); lpszTargetServer[dwSize - 1] = L'\0'; wcsncat( lpszTargetServer, szServer, (dwSize - wcslen(lpszTargetServer) -1)); hr = pSecurityMgr->MapUrlToZone(lpszTargetServer, &dwTargetServerZone, 0); if( !SUCCEEDED(hr) ) { goto IsTargetServerSafeOnProtocol2; } hr = CoCreateInstanceEx(CLSID_InternetZoneManager, NULL, CLSCTX_INPROC_SERVER, NULL, sizeof(qiZoneMgr) / sizeof(MULTI_QI), qiZoneMgr ); if( !SUCCEEDED( hr ) || !SUCCEEDED(qiZoneMgr[INDEX_ZONE_MGR].hr) || !(pZoneMgr=(IInternetZoneManager*)qiZoneMgr[INDEX_ZONE_MGR].pItf) ) { goto IsTargetServerSafeOnProtocol2; } hr = pZoneMgr->GetZoneAttributes( dwTargetServerZone, &zaAttribs ); if( SUCCEEDED( hr ) ) { wcsncpy( szZoneName, zaAttribs.szDisplayName, MIN( ( wcslen( zaAttribs.szDisplayName ) + 1 ), dwZoneNameLen ) ); } hr = pZoneMgr->GetZoneActionPolicy( dwTargetServerZone, URLACTION_CREDENTIALS_USE, (BYTE*)pdwZonePolicy, sizeof( *pdwZonePolicy), URLZONEREG_DEFAULT ); if( !SUCCEEDED( hr ) ) { goto IsTargetServerSafeOnProtocol3; } if((URLPOLICY_CREDENTIALS_SILENT_LOGON_OK == *pdwZonePolicy ) || (URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT == *pdwZonePolicy && URLZONE_INTRANET == dwTargetServerZone ) ) { iRetVal = TRUE; } IsTargetServerSafeOnProtocol3: pZoneMgr->Release(); IsTargetServerSafeOnProtocol2: free( lpszTargetServer ); IsTargetServerSafeOnProtocol1: pSecurityMgr->Release(); IsTargetServerSafeOnProtocol0: if(bCoInit) { CoUninitialize(); } return iRetVal; }