windows-nt/Source/XPSP1/NT/admin/snapin/certmgr/componentdatasafer.cpp
2020-09-26 16:20:57 +08:00

1107 lines
36 KiB
C++

//+---------------------------------------------------------------------------
/////////////////////////////////////////////////////////////////////////////////
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 2001.
//
// File: ComponentDataSafer.cpp
//
// Contents: Implementation of CCertMgrComponentData
//
//----------------------------------------------------------------------------
#include "stdafx.h"
USE_HANDLE_MACROS ("CERTMGR (ComponentDataSafer.cpp)")
#include <gpedit.h>
#include "compdata.h"
#include "dataobj.h"
#include "cookie.h"
#include "Certifct.h"
#include "dlgs.h"
#pragma warning(push, 3)
#include <wintrust.h>
#include <cryptui.h>
#pragma warning(pop)
#include "storegpe.h"
#include "PolicyPrecedencePropertyPage.h"
#include "SaferLevelGeneral.h"
#include "SaferEntry.h"
#include "SaferEntryPathPropertyPage.h"
#include "SaferEntryPropertySheet.h"
#include "SaferEntryHashPropertyPage.h"
#include "SaferEntryCertificatePropertyPage.h"
#include "SaferEntryInternetZonePropertyPage.h"
#include "SaferTrustedPublishersPropertyPage.h"
#include "SaferDefinedFileTypesPropertyPage.h"
#include "SaferEnforcementPropertyPage.h"
#include "SaferUtil.h"
#ifdef _DEBUG
#ifndef ALPHA
#define new DEBUG_NEW
#endif
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
extern HKEY g_hkeyLastSaferRegistryScope;
extern GUID g_guidExtension;
extern GUID g_guidRegExt;
extern GUID g_guidSnapin;
CSaferWindowsExtension::CSaferWindowsExtension() : CCertMgrComponentData ()
{
SetHtmlHelpFileName (SAFER_WINDOWS_HELP_FILE);
m_strLinkedHelpFile = SAFER_WINDOWS_LINKED_HELP_FILE;
};
HRESULT CCertMgrComponentData::AddSaferLevelSetAsDefaultMenuItem (LPCONTEXTMENUCALLBACK pContextMenuCallback, LONG lInsertionPointID)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferLevelSetAsDefaultMenuItem\n");
AFX_MANAGE_STATE (AfxGetStaticModuleState ());
ASSERT (pContextMenuCallback);
if ( !pContextMenuCallback )
return E_POINTER;
HRESULT hr = S_OK;
CONTEXTMENUITEM menuItem;
CString szMenu;
CString szHint;
ASSERT (m_pGPEInformation); // must not be RSOP
if ( !m_pGPEInformation )
return E_FAIL;
// unchanging settings
::ZeroMemory (&menuItem, sizeof (menuItem));
menuItem.lInsertionPointID = lInsertionPointID;
menuItem.fFlags = 0;
VERIFY (szMenu.LoadString (IDS_SAFER_SET_DEFAULT));
menuItem.strName = (PWSTR) (PCWSTR) szMenu;
VERIFY (szHint.LoadString (IDS_SAFER_SET_DEFAULT_HINT));
menuItem.strStatusBarText = (PWSTR) (PCWSTR) szHint;
menuItem.lCommandID = IDM_SAFER_LEVEL_SET_DEFAULT;
hr = pContextMenuCallback->AddItem (&menuItem);
ASSERT (SUCCEEDED (hr));
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferLevelSetAsDefaultMenuItem: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferNewEntryMenuItems (LPCONTEXTMENUCALLBACK pContextMenuCallback, LONG lInsertionPointID)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferNewEntryMenuItems\n");
AFX_MANAGE_STATE (AfxGetStaticModuleState ());
ASSERT (pContextMenuCallback);
if ( !pContextMenuCallback )
return E_POINTER;
HRESULT hr = S_OK;
CONTEXTMENUITEM menuItem;
CString szMenu;
CString szHint;
ASSERT (m_pGPEInformation); // must not be RSOP
if ( !m_pGPEInformation )
return E_FAIL;
// unchanging settings
::ZeroMemory (&menuItem, sizeof (menuItem));
menuItem.lInsertionPointID = lInsertionPointID;
menuItem.fFlags = 0;
if ( SUCCEEDED (hr) )
{
VERIFY (szMenu.LoadString (IDS_SAFER_NEW_ENTRY_CERTIFICATE));
menuItem.strName = (PWSTR) (PCWSTR) szMenu;
VERIFY (szHint.LoadString (IDS_SAFER_NEW_ENTRY_CERTIFICATE_HINT));
menuItem.strStatusBarText = (PWSTR) (PCWSTR) szHint;
menuItem.lCommandID = IDM_SAFER_NEW_ENTRY_CERTIFICATE;
hr = pContextMenuCallback->AddItem (&menuItem);
ASSERT (SUCCEEDED (hr));
}
if ( SUCCEEDED (hr) )
{
VERIFY (szMenu.LoadString (IDS_SAFER_NEW_ENTRY_HASH));
menuItem.strName = (PWSTR) (PCWSTR) szMenu;
VERIFY (szHint.LoadString (IDS_SAFER_NEW_ENTRY_HASH_HINT));
menuItem.strStatusBarText = (PWSTR) (PCWSTR) szHint;
menuItem.lCommandID = IDM_SAFER_NEW_ENTRY_HASH;
hr = pContextMenuCallback->AddItem (&menuItem);
ASSERT (SUCCEEDED (hr));
}
if ( SUCCEEDED (hr) )
{
VERIFY (szMenu.LoadString (IDS_SAFER_NEW_ENTRY_INTERNET_ZONE));
menuItem.strName = (PWSTR) (PCWSTR) szMenu;
VERIFY (szHint.LoadString (IDS_SAFER_NEW_ENTRY_INTERNET_ZONE_HINT));
menuItem.strStatusBarText = (PWSTR) (PCWSTR) szHint;
menuItem.lCommandID = IDM_SAFER_NEW_ENTRY_INTERNET_ZONE;
hr = pContextMenuCallback->AddItem (&menuItem);
ASSERT (SUCCEEDED (hr));
}
if ( SUCCEEDED (hr) )
{
VERIFY (szMenu.LoadString (IDS_SAFER_NEW_ENTRY_PATH));
menuItem.strName = (PWSTR) (PCWSTR) szMenu;
VERIFY (szHint.LoadString (IDS_SAFER_NEW_ENTRY_PATH_HINT));
menuItem.strStatusBarText = (PWSTR) (PCWSTR) szHint;
menuItem.lCommandID = IDM_SAFER_NEW_ENTRY_PATH;
hr = pContextMenuCallback->AddItem (&menuItem);
ASSERT (SUCCEEDED (hr));
}
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferNewEntryMenuItems: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::OnSetSaferLevelDefault (LPDATAOBJECT pDataObject)
{
_TRACE (1, L"Entering CCertMgrComponentData::OnSetSaferLevelDefault\n");
AFX_MANAGE_STATE(AfxGetStaticModuleState());
ASSERT (pDataObject);
if ( !pDataObject )
return E_POINTER;
ASSERT (m_pGPEInformation); // must not be RSOP
if ( !m_pGPEInformation )
return E_FAIL;
HRESULT hr = S_OK;
CCertMgrCookie* pCookie = ConvertCookie (pDataObject);
ASSERT (pCookie);
if ( pCookie )
{
if ( pCookie->HasOpenPropertyPages () )
{
CString text;
CString caption;
VERIFY (caption.LoadString (IDS_CERTIFICATE_MANAGER));
VERIFY (text.LoadString (IDS_CANT_CHANGE_DEFAULT_PAGES_OPEN));
int iRetVal = 0;
VERIFY (SUCCEEDED (m_pConsole->MessageBox (text, caption,
MB_OK, &iRetVal)));
return S_OK;
}
if ( CERTMGR_SAFER_COMPUTER_LEVEL == pCookie->m_objecttype ||
CERTMGR_SAFER_USER_LEVEL == pCookie->m_objecttype )
{
CSaferLevel* pSaferLevel = dynamic_cast<CSaferLevel*>(pCookie);
if ( pSaferLevel )
{
int iRetVal = IDYES;
if ( pSaferLevel->GetLevel () < m_dwDefaultSaferLevel )
{
CString text;
CString caption;
VERIFY (caption.LoadString (IDS_SAFER_WINDOWS_EXTENSION_REGISTRY));
VERIFY (text.LoadString (IDS_DEFAULT_LEVEL_CHANGE_WARNING));
m_pConsole->MessageBox (text, caption,
MB_ICONWARNING | MB_YESNO, &iRetVal);
}
if ( IDYES == iRetVal )
{
hr = pSaferLevel->SetAsDefault ();
if ( SUCCEEDED (hr) )
{
m_dwDefaultSaferLevel = pSaferLevel->GetLevel ();
if ( m_pConsole )
hr = m_pConsole->UpdateAllViews (pDataObject, 0, 0);
}
else
{
CString text;
CString caption;
VERIFY (caption.LoadString (IDS_SAFER_WINDOWS_EXTENSION_REGISTRY));
text.FormatMessage (IDS_CANT_SET_AS_DEFAULT,
pSaferLevel->GetObjectName (),
GetSystemMessage (hr));
iRetVal = 0;
ASSERT (m_pConsole);
if ( m_pConsole )
{
HRESULT hr1 = m_pConsole->MessageBox (text, caption,
MB_ICONWARNING | MB_OK, &iRetVal);
ASSERT (SUCCEEDED (hr1));
}
}
}
}
}
else
hr = E_FAIL;
}
_TRACE (-1, L"Leaving CCertMgrComponentData::OnSetSaferLevelDefault: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferLevelPropPage (
LPPROPERTYSHEETCALLBACK pCallback,
CSaferLevel* pSaferLevel,
LONG_PTR lNotifyHandle,
LPDATAOBJECT pDataObject)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferLevelPropPage\n");
HRESULT hr = S_OK;
ASSERT (pCallback && pSaferLevel);
if ( pCallback && pSaferLevel )
{
CSaferLevelGeneral * pLevelPage = new CSaferLevelGeneral (*pSaferLevel,
m_bIsRSOP, lNotifyHandle, pDataObject, m_dwDefaultSaferLevel);
if ( pLevelPage )
{
HPROPSHEETPAGE hLevelPage = MyCreatePropertySheetPage (&pLevelPage->m_psp);
if ( hLevelPage )
{
hr = pCallback->AddPage (hLevelPage);
ASSERT (SUCCEEDED (hr));
if ( SUCCEEDED (hr) )
{
if ( m_bIsRSOP )
{
// CString regPath = SAFER_LEVELOBJECTS_REGKEY;
// regPath += L"\\";
// DWORD dwLevel = pSaferLevel->GetLevel ();
// WCHAR szLevel[16];
// regPath += _itow (dwLevel, szLevel, 10);
CPolicyPrecedencePropertyPage * pPrecedencePage =
new CPolicyPrecedencePropertyPage (this, SAFER_HKLM_REGBASE,
SAFER_DEFAULTOBJ_REGVALUE,
CERTMGR_SAFER_COMPUTER_LEVEL == pSaferLevel->m_objecttype);
if ( pPrecedencePage )
{
HPROPSHEETPAGE hPrecedencePage = MyCreatePropertySheetPage (&pPrecedencePage->m_psp);
if ( hPrecedencePage )
{
hr = pCallback->AddPage (hPrecedencePage);
ASSERT (SUCCEEDED (hr));
if ( FAILED (hr) )
VERIFY (::DestroyPropertySheetPage (hPrecedencePage));
}
else
delete pPrecedencePage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
}
else
{
VERIFY (::DestroyPropertySheetPage (hLevelPage));
}
}
else
delete pLevelPage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
else
hr = E_POINTER;
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferLevelPropPage: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::OnCreateNewSaferPolicy (LPDATAOBJECT pDataObject)
{
HRESULT hr = S_OK;
CCertMgrCookie* pCookie = ConvertCookie (pDataObject);
ASSERT (pCookie);
if ( pCookie )
{
bool bIsComputer = CERTMGR_SAFER_COMPUTER_ROOT == pCookie->m_objecttype;
HKEY hGroupPolicyKey = 0;
hr = m_pGPEInformation->GetRegistryKey (
bIsComputer ?
GPO_SECTION_MACHINE : GPO_SECTION_USER,
&hGroupPolicyKey);
if ( SUCCEEDED (hr) )
{
BOOL bDefaultsActuallyPopulated = FALSE;
BOOL bResult = ::SaferiPopulateDefaultsInRegistry(
hGroupPolicyKey, &bDefaultsActuallyPopulated);
if ( bResult && bDefaultsActuallyPopulated )
{
m_pGPEInformation->PolicyChanged (TRUE,
TRUE, &g_guidExtension, &g_guidSnapin);
m_pGPEInformation->PolicyChanged (TRUE,
TRUE, &g_guidRegExt, &g_guidSnapin);
}
::RegCloseKey (hGroupPolicyKey);
}
CSaferRootCookie* pSaferRootCookie = dynamic_cast <CSaferRootCookie*> (pCookie);
if ( pSaferRootCookie )
pSaferRootCookie->m_bCreateSaferNodes = true;
if ( !m_pResultData )
hr = GetResultData (&m_pResultData);
if ( m_pResultData )
hr = m_pResultData->DeleteAllRsltItems ();
// Force scope item selection to for call to
// IComponent::QueryResultViewType ()
hr = m_pComponentConsole->SelectScopeItem (pCookie->m_hScopeItem);
hr = m_pConsole->UpdateAllViews (pDataObject, 0, 0);
hr = OnNotifyExpand (pDataObject, TRUE, pCookie->m_hScopeItem);
}
else
hr = E_FAIL;
return hr;
}
HRESULT CCertMgrComponentData::OnNewSaferEntry(long nCommandID, LPDATAOBJECT pDataObject)
{
_TRACE (1, L"Entering CCertMgrComponentData::OnNewSaferEntry ()\n");
AFX_MANAGE_STATE (AfxGetStaticModuleState ());
HRESULT hr = S_OK;
CCertMgrCookie* pCookie = ConvertCookie (pDataObject);
ASSERT (pCookie);
if ( pCookie )
{
bool bIsComputer = false;
switch (pCookie->m_objecttype)
{
case CERTMGR_SAFER_COMPUTER_ENTRIES:
bIsComputer = true;
break;
case CERTMGR_SAFER_USER_ENTRIES:
break;
default:
ASSERT (0);
hr = E_FAIL;
return hr;
}
CSaferEntries* pSaferEntries = dynamic_cast <CSaferEntries*> (pCookie);
if ( !pSaferEntries )
return E_UNEXPECTED;
SAFER_ENTRY_TYPE saferEntryType = SAFER_ENTRY_TYPE_UNKNOWN;
switch (nCommandID)
{
case IDM_SAFER_NEW_ENTRY_PATH:
saferEntryType = SAFER_ENTRY_TYPE_PATH;
break;
case IDM_SAFER_NEW_ENTRY_HASH:
saferEntryType = SAFER_ENTRY_TYPE_HASH;
break;
case IDM_SAFER_NEW_ENTRY_CERTIFICATE:
saferEntryType = SAFER_ENTRY_TYPE_CERT;
break;
case IDM_SAFER_NEW_ENTRY_INTERNET_ZONE:
saferEntryType = SAFER_ENTRY_TYPE_URLZONE;
break;
default:
ASSERT (0);
break;
}
CSaferEntry* pSaferEntry = new CSaferEntry (
saferEntryType,
bIsComputer,
L"",
L"",
0,
(DWORD) AUTHZ_UNKNOWN_LEVEL,
m_pGPEInformation,
0,
pSaferEntries,
bIsComputer ? m_rsopObjectArrayComputer : m_rsopObjectArrayUser);
ASSERT (pSaferEntry);
if ( pSaferEntry )
{
UINT nIDCaption = 0;
switch (nCommandID)
{
case IDM_SAFER_NEW_ENTRY_PATH:
nIDCaption = IDS_NEW_PATH_RULE;
break;
case IDM_SAFER_NEW_ENTRY_HASH:
nIDCaption = IDS_NEW_HASH_RULE;
break;
case IDM_SAFER_NEW_ENTRY_CERTIFICATE:
nIDCaption = IDS_NEW_CERTIFICATE_RULE;
break;
case IDM_SAFER_NEW_ENTRY_INTERNET_ZONE:
nIDCaption = IDS_NEW_URLZONE_RULE;
break;
default:
ASSERT (0);
hr = E_FAIL;
break;
}
HWND hParent = 0;
hr = m_pConsole->GetMainWindow (&hParent);
ASSERT (SUCCEEDED (hr));
if ( SUCCEEDED (hr) )
{
CWnd parentWnd;
VERIFY (parentWnd.Attach (hParent));
CSaferEntryPropertySheet propSheet (nIDCaption, &parentWnd);
CPropertyPage* pPage = 0;
switch (nCommandID)
{
case IDM_SAFER_NEW_ENTRY_PATH:
{
CSaferEntryPathPropertyPage* pPropPage = new
CSaferEntryPathPropertyPage (*pSaferEntry, 0,
0, false, true, this, bIsComputer);
if ( pPropPage )
{
pPage = pPropPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
case IDM_SAFER_NEW_ENTRY_HASH:
{
CSaferEntryHashPropertyPage* pPropPage = new
CSaferEntryHashPropertyPage (*pSaferEntry, 0,
0, false, this, bIsComputer);
if ( pPropPage )
{
pPage = pPropPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
case IDM_SAFER_NEW_ENTRY_CERTIFICATE:
{
CSaferEntryCertificatePropertyPage* pPropPage = new
CSaferEntryCertificatePropertyPage (*pSaferEntry,
pSaferEntries, 0, 0, false, this, true,
m_pGPEInformation, bIsComputer);
if ( pPropPage )
{
pPage = pPropPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
case IDM_SAFER_NEW_ENTRY_INTERNET_ZONE:
{
CSaferEntryInternetZonePropertyPage* pPropPage = new
CSaferEntryInternetZonePropertyPage (*pSaferEntry,
true, 0, 0, false, this, bIsComputer);
if ( pPropPage )
{
pPage = pPropPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
default:
hr = E_FAIL;
break;
}
if ( SUCCEEDED (hr) && pPage )
{
propSheet.AddPage (pPage);
CThemeContextActivator activator;
INT_PTR iRet = propSheet.DoModal ();
if ( IDOK == iRet )
{
hr = m_pConsole->UpdateAllViews (pDataObject, 0, 0);
}
}
delete pSaferEntry;
parentWnd.Detach ();
}
}
else
hr = E_OUTOFMEMORY;
}
else
hr = E_FAIL;
_TRACE (-1, L"Leaving CCertMgrComponentData::OnNewSaferEntry (): 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferTrustedPublisherPropPages (
LPPROPERTYSHEETCALLBACK pCallback,
bool bIsMachineType)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferTrustedPublisherPropPages\n");
HRESULT hr = S_OK;
ASSERT (pCallback);
if ( pCallback )
{
CSaferTrustedPublishersPropertyPage * pTrustedPublisherPage = new
CSaferTrustedPublishersPropertyPage (
bIsMachineType,
m_pGPEInformation, this);
if ( pTrustedPublisherPage )
{
HPROPSHEETPAGE hTrustedPublisherPage = MyCreatePropertySheetPage (&pTrustedPublisherPage->m_psp);
if ( hTrustedPublisherPage )
{
hr = pCallback->AddPage (hTrustedPublisherPage);
ASSERT (SUCCEEDED (hr));
if ( SUCCEEDED (hr) )
{
// Add the precedence page if this is RSOP
if ( m_bIsRSOP )
{
CPolicyPrecedencePropertyPage * pPrecedencePage =
new CPolicyPrecedencePropertyPage (this,
CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH,
CERT_TRUST_PUB_AUTHENTICODE_FLAGS_VALUE_NAME,
bIsMachineType);
if ( pPrecedencePage )
{
HPROPSHEETPAGE hPrecedencePage =
MyCreatePropertySheetPage (&pPrecedencePage->m_psp);
if ( hPrecedencePage )
{
hr = pCallback->AddPage (hPrecedencePage);
ASSERT (SUCCEEDED (hr));
if ( FAILED (hr) )
VERIFY (::DestroyPropertySheetPage (hPrecedencePage));
}
else
{
delete pPrecedencePage;
}
}
else
{
hr = E_OUTOFMEMORY;
}
}
}
else
{
VERIFY (::DestroyPropertySheetPage (hTrustedPublisherPage));
}
}
else
delete pTrustedPublisherPage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
else
hr = E_POINTER;
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferTrustedPublisherPropPages: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferDefinedFileTypesPropPages (
LPPROPERTYSHEETCALLBACK pCallback,
bool bIsComputerType)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferDefinedFileTypesPropPages\n");
HRESULT hr = S_OK;
ASSERT (pCallback);
if ( pCallback )
{
CSaferDefinedFileTypesPropertyPage * pDefinedFileTypesPage = new
CSaferDefinedFileTypesPropertyPage (
m_pGPEInformation,
m_bIsRSOP,
bIsComputerType ?
m_rsopObjectArrayComputer : m_rsopObjectArrayUser,
bIsComputerType);
if ( pDefinedFileTypesPage )
{
HPROPSHEETPAGE hDefinedFileTypesPage = MyCreatePropertySheetPage (&pDefinedFileTypesPage->m_psp);
if ( hDefinedFileTypesPage )
{
hr = pCallback->AddPage (hDefinedFileTypesPage);
ASSERT (SUCCEEDED (hr));
if ( SUCCEEDED (hr) )
{
if ( m_bIsRSOP )
{
CPolicyPrecedencePropertyPage * pPrecedencePage =
new CPolicyPrecedencePropertyPage (this,
SAFER_HKLM_REGBASE,
SAFER_EXETYPES_REGVALUE,
bIsComputerType);
if ( pPrecedencePage )
{
HPROPSHEETPAGE hPrecedencePage =
MyCreatePropertySheetPage (&pPrecedencePage->m_psp);
if ( hPrecedencePage )
{
hr = pCallback->AddPage (hPrecedencePage);
ASSERT (SUCCEEDED (hr));
if ( FAILED (hr) )
VERIFY (::DestroyPropertySheetPage (hPrecedencePage));
}
else
delete pPrecedencePage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
}
else
{
VERIFY (::DestroyPropertySheetPage (hDefinedFileTypesPage));
}
}
else
delete pDefinedFileTypesPage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
else
hr = E_POINTER;
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferDefinedFileTypesPropPages: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferEnforcementPropPages (
LPPROPERTYSHEETCALLBACK pCallback,
bool bIsComputerType)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferEnforcementPropPages\n");
HRESULT hr = S_OK;
ASSERT (pCallback);
if ( pCallback )
{
CSaferEnforcementPropertyPage * pEnforcementPage = new
CSaferEnforcementPropertyPage (
m_pGPEInformation, this,
m_bIsRSOP,
bIsComputerType ?
m_rsopObjectArrayComputer : m_rsopObjectArrayUser,
bIsComputerType);
if ( pEnforcementPage )
{
HPROPSHEETPAGE hEnforcementPage = MyCreatePropertySheetPage (&pEnforcementPage->m_psp);
if ( hEnforcementPage )
{
hr = pCallback->AddPage (hEnforcementPage);
ASSERT (SUCCEEDED (hr));
if ( SUCCEEDED (hr) )
{
if ( m_bIsRSOP )
{
CPolicyPrecedencePropertyPage * pPrecedencePage =
new CPolicyPrecedencePropertyPage (this,
SAFER_HKLM_REGBASE,
SAFER_TRANSPARENTENABLED_REGVALUE,
bIsComputerType);
if ( pPrecedencePage )
{
HPROPSHEETPAGE hPrecedencePage =
MyCreatePropertySheetPage (&pPrecedencePage->m_psp);
if ( hPrecedencePage )
{
hr = pCallback->AddPage (hPrecedencePage);
ASSERT (SUCCEEDED (hr));
if ( FAILED (hr) )
VERIFY (::DestroyPropertySheetPage (hPrecedencePage));
}
else
delete pPrecedencePage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
}
else
{
VERIFY (::DestroyPropertySheetPage (hEnforcementPage));
}
}
else
delete pEnforcementPage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
else
hr = E_POINTER;
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferEnforcementPropPages: 0x%x\n", hr);
return hr;
}
HRESULT CCertMgrComponentData::AddSaferEntryPropertyPage (
LPPROPERTYSHEETCALLBACK pCallback,
CCertMgrCookie* pCookie,
LPDATAOBJECT pDataObject,
LONG_PTR lNotifyHandle)
{
_TRACE (1, L"Entering CCertMgrComponentData::AddSaferEntryPropertyPage\n");
ASSERT (pCallback && pCookie);
if ( !pCallback || !pCookie )
return E_POINTER;
HRESULT hr = S_OK;
bool bIsComputer = false;
switch (pCookie->m_objecttype)
{
case CERTMGR_SAFER_COMPUTER_ENTRY:
bIsComputer = true;
break;
case CERTMGR_SAFER_USER_ENTRY:
break;
default:
ASSERT (0);
hr = E_FAIL;
return hr;
}
CSaferEntry* pSaferEntry = dynamic_cast <CSaferEntry*> (pCookie);
ASSERT (pSaferEntry);
if ( pSaferEntry )
{
pSaferEntry->Refresh ();
switch (pSaferEntry->GetType ())
{
case SAFER_ENTRY_TYPE_PATH:
{
CSaferEntryPathPropertyPage* pPage = new
CSaferEntryPathPropertyPage (*pSaferEntry,
lNotifyHandle, pDataObject,
m_bIsRSOP, false, this, bIsComputer);
if ( pPage )
{
HPROPSHEETPAGE hPage = MyCreatePropertySheetPage (&pPage->m_psp);
if ( hPage )
{
hr = pCallback->AddPage (hPage);
if ( FAILED (hr) )
{
VERIFY (::DestroyPropertySheetPage (hPage));
}
}
else
delete pPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
case SAFER_ENTRY_TYPE_HASH:
{
CSaferEntryHashPropertyPage* pPage = new
CSaferEntryHashPropertyPage (*pSaferEntry,
lNotifyHandle, pDataObject,
m_bIsRSOP, this, bIsComputer);
if ( pPage )
{
HPROPSHEETPAGE hPage = MyCreatePropertySheetPage (&pPage->m_psp);
if ( hPage )
{
hr = pCallback->AddPage (hPage);
if ( FAILED (hr) )
{
VERIFY (::DestroyPropertySheetPage (hPage));
}
}
else
delete pPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
case SAFER_ENTRY_TYPE_CERT:
{
CSaferEntries* pSaferEntries = 0;
hr = pSaferEntry->GetSaferEntriesNode (&pSaferEntries);
if ( SUCCEEDED (hr) )
{
CSaferEntryCertificatePropertyPage* pPage = new
CSaferEntryCertificatePropertyPage (*pSaferEntry,
pSaferEntries, lNotifyHandle, pDataObject,
m_bIsRSOP, this, false, m_pGPEInformation, bIsComputer);
if ( pPage )
{
HPROPSHEETPAGE hPage = MyCreatePropertySheetPage (&pPage->m_psp);
if ( hPage )
{
hr = pCallback->AddPage (hPage);
if ( FAILED (hr) )
{
VERIFY (::DestroyPropertySheetPage (hPage));
}
}
else
delete pPage;
}
else
hr = E_OUTOFMEMORY;
pSaferEntries->Release ();
}
}
break;
case SAFER_ENTRY_TYPE_URLZONE:
{
CSaferEntryInternetZonePropertyPage* pPage = new
CSaferEntryInternetZonePropertyPage (*pSaferEntry,
false, lNotifyHandle, pDataObject,
m_bIsRSOP, this, bIsComputer);
if ( pPage )
{
HPROPSHEETPAGE hPage = MyCreatePropertySheetPage (&pPage->m_psp);
if ( hPage )
{
hr = pCallback->AddPage (hPage);
if ( FAILED (hr) )
{
VERIFY (::DestroyPropertySheetPage (hPage));
}
}
else
delete pPage;
}
else
hr = E_OUTOFMEMORY;
}
break;
default:
hr = E_FAIL;
break;
}
if ( SUCCEEDED (hr) && m_bIsRSOP )
{
CString szValue;
switch (pSaferEntry->GetType ())
{
case SAFER_ENTRY_TYPE_PATH:
case SAFER_ENTRY_TYPE_HASH:
case SAFER_ENTRY_TYPE_URLZONE:
szValue = SAFER_IDS_ITEMDATA_REGVALUE;
break;
case SAFER_ENTRY_TYPE_CERT:
szValue = STR_BLOB;
break;
default:
ASSERT (0);
break;
}
CPolicyPrecedencePropertyPage * pPrecedencePage =
new CPolicyPrecedencePropertyPage (this,
pSaferEntry->GetRSOPRegistryKey (),
szValue,
bIsComputer);
if ( pPrecedencePage )
{
HPROPSHEETPAGE hPrecedencePage = MyCreatePropertySheetPage (&pPrecedencePage->m_psp);
if ( hPrecedencePage )
{
hr = pCallback->AddPage (hPrecedencePage);
ASSERT (SUCCEEDED (hr));
if ( FAILED (hr) )
VERIFY (::DestroyPropertySheetPage (hPrecedencePage));
}
else
delete pPrecedencePage;
}
else
{
hr = E_OUTOFMEMORY;
}
}
}
else
hr = E_FAIL;
_TRACE (-1, L"Leaving CCertMgrComponentData::AddSaferEntryPropertyPage: 0x%x\n", hr);
return hr;
}
bool CSaferWindowsExtension::FoundInRSOPFilter (BSTR bstrKey) const
{
static size_t nSaferKeyLen = wcslen (SAFER_HKLM_REGBASE);
static size_t nSaferPKKeyLen =
wcslen (CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH);
static size_t nTrustedPublisherKeyLane =
wcslen (CERT_TRUST_PUB_SAFER_GROUP_POLICY_TRUSTED_PUBLISHER_STORE_REGPATH);
static size_t nDisallowedKeyLen =
wcslen (CERT_TRUST_PUB_SAFER_GROUP_POLICY_DISALLOWED_STORE_REGPATH);
if ( !_wcsnicmp (SAFER_HKLM_REGBASE, bstrKey, nSaferKeyLen) ||
!_wcsnicmp (CERT_TRUST_PUB_SAFER_GROUP_POLICY_REGPATH, bstrKey,
nSaferPKKeyLen) ||
!_wcsnicmp (CERT_TRUST_PUB_SAFER_GROUP_POLICY_TRUSTED_PUBLISHER_STORE_REGPATH,
bstrKey, nTrustedPublisherKeyLane) ||
!_wcsnicmp (CERT_TRUST_PUB_SAFER_GROUP_POLICY_DISALLOWED_STORE_REGPATH,
bstrKey, nDisallowedKeyLen) )
{
return true;
}
else
return false;
}
HRESULT CCertMgrComponentData::SaferEnumerateLevels (bool bIsComputer)
{
_TRACE (1, L"Entering CCertMgrComponent::SaferEnumerateLevels ()\n");
HRESULT hr = S_OK;
if ( !m_pdwSaferLevels )
{
if ( m_pGPEInformation )
{
DWORD cbBuffer = 0;
CPolicyKey policyKey (m_pGPEInformation,
SAFER_HKLM_REGBASE,
bIsComputer);
SetRegistryScope (policyKey.GetKey (), bIsComputer);
BOOL bRVal = SaferGetPolicyInformation(
SAFER_SCOPEID_REGISTRY,
SaferPolicyLevelList,
cbBuffer,
m_pdwSaferLevels,
&cbBuffer,
0);
if ( !bRVal && GetLastError () == ERROR_INSUFFICIENT_BUFFER )
{
DWORD nLevels = cbBuffer/sizeof (DWORD);
m_pdwSaferLevels = new DWORD[nLevels+1];
if ( m_pdwSaferLevels )
{
memset (m_pdwSaferLevels, NO_MORE_SAFER_LEVELS,
sizeof (DWORD) * (nLevels + 1));
bRVal = SaferGetPolicyInformation(
SAFER_SCOPEID_REGISTRY,
SaferPolicyLevelList,
cbBuffer,
m_pdwSaferLevels,
&cbBuffer,
0);
ASSERT (bRVal);
if ( !bRVal )
{
DWORD dwErr = GetLastError ();
hr = HRESULT_FROM_WIN32 (dwErr);
_TRACE (0, L"SaferGetPolicyInformation(SAFER_SCOPEID_REGISTRY, SaferPolicyLevelList) failed: %d\n",
dwErr);
}
}
else
hr = E_OUTOFMEMORY;
}
else if ( !bRVal )
{
ASSERT (0);
DWORD dwErr = GetLastError ();
hr = HRESULT_FROM_WIN32 (dwErr);
_TRACE (0, L"SaferGetPolicyInformation(SAFER_SCOPEID_REGISTRY, SaferPolicyLevelList) failed: %d\n",
dwErr);
}
}
else
{
// Is RSOP
const int RSOP_SAFER_LEVELS = 3; // SAFER_LEVELID_FULLYTRUSTED, SAFER_LEVELID_DISALLOWED + 1
m_pdwSaferLevels = new DWORD[RSOP_SAFER_LEVELS];
if ( m_pdwSaferLevels )
{
memset (m_pdwSaferLevels, NO_MORE_SAFER_LEVELS,
sizeof (DWORD) * RSOP_SAFER_LEVELS);
m_pdwSaferLevels[0] = SAFER_LEVELID_FULLYTRUSTED;
m_pdwSaferLevels[1] = SAFER_LEVELID_DISALLOWED;
}
else
hr = E_OUTOFMEMORY;
}
}
_TRACE (-1, L"Leaving CCertMgrComponent::SaferEnumerateLevels (): 0x%x\n", hr);
return hr;
}