urlmon: Handle implicit file scheme in MapUrlToZone and GetSecurityId functions.
[wine] / dlls / urlmon / sec_mgr.c
1 /*
2  * Internet Security and Zone Manager
3  *
4  * Copyright (c) 2004 Huw D M Davies
5  * Copyright 2004 Jacek Caban
6  * Copyright 2009 Detlef Riekenberg
7  * Copyright 2011 Thomas Mullaly for CodeWeavers
8  *
9  * This library is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU Lesser General Public
11  * License as published by the Free Software Foundation; either
12  * version 2.1 of the License, or (at your option) any later version.
13  *
14  * This library is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  * Lesser General Public License for more details.
18  *
19  * You should have received a copy of the GNU Lesser General Public
20  * License along with this library; if not, write to the Free Software
21  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22  */
23
24 #include <stdio.h>
25
26 #include "urlmon_main.h"
27 #include "winreg.h"
28 #include "wininet.h"
29
30 #define NO_SHLWAPI_REG
31 #include "shlwapi.h"
32
33 #include "wine/debug.h"
34
35 WINE_DEFAULT_DEBUG_CHANNEL(urlmon);
36
37 static const WCHAR currentlevelW[] = {'C','u','r','r','e','n','t','L','e','v','e','l',0};
38 static const WCHAR descriptionW[] = {'D','e','s','c','r','i','p','t','i','o','n',0};
39 static const WCHAR displaynameW[] = {'D','i','s','p','l','a','y','N','a','m','e',0};
40 static const WCHAR fileW[] = {'f','i','l','e',0};
41 static const WCHAR flagsW[] = {'F','l','a','g','s',0};
42 static const WCHAR iconW[] = {'I','c','o','n',0};
43 static const WCHAR minlevelW[] = {'M','i','n','L','e','v','e','l',0};
44 static const WCHAR recommendedlevelW[] = {'R','e','c','o','m','m','e','n','d','e','d',
45                                           'L','e','v','e','l',0};
46 static const WCHAR wszZonesKey[] = {'S','o','f','t','w','a','r','e','\\',
47                                     'M','i','c','r','o','s','o','f','t','\\',
48                                     'W','i','n','d','o','w','s','\\',
49                                     'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
50                                     'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
51                                     'Z','o','n','e','s','\\',0};
52 static const WCHAR wszZoneMapDomainsKey[] = {'S','o','f','t','w','a','r','e','\\',
53                                              'M','i','c','r','o','s','o','f','t','\\',
54                                              'W','i','n','d','o','w','s','\\',
55                                              'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
56                                              'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
57                                              'Z','o','n','e','M','a','p','\\',
58                                              'D','o','m','a','i','n','s',0};
59
60 static inline BOOL is_drive_path(const WCHAR *path)
61 {
62     return isalphaW(*path) && *(path+1) == ':';
63 }
64
65 /* List of schemes types Windows seems to expect to be hierarchical. */
66 static inline BOOL is_hierarchical_scheme(URL_SCHEME type) {
67     return(type == URL_SCHEME_HTTP || type == URL_SCHEME_FTP ||
68            type == URL_SCHEME_GOPHER || type == URL_SCHEME_NNTP ||
69            type == URL_SCHEME_TELNET || type == URL_SCHEME_WAIS ||
70            type == URL_SCHEME_FILE || type == URL_SCHEME_HTTPS ||
71            type == URL_SCHEME_RES);
72 }
73
74 /********************************************************************
75  * get_string_from_reg [internal]
76  *
77  * helper to get a string from the reg.
78  *
79  */
80 static void get_string_from_reg(HKEY hcu, HKEY hklm, LPCWSTR name, LPWSTR out, DWORD maxlen)
81 {
82     DWORD type = REG_SZ;
83     DWORD len = maxlen * sizeof(WCHAR);
84     DWORD res;
85
86     res = RegQueryValueExW(hcu, name, NULL, &type, (LPBYTE) out, &len);
87
88     if (res && hklm) {
89         len = maxlen * sizeof(WCHAR);
90         type = REG_SZ;
91         res = RegQueryValueExW(hklm, name, NULL, &type, (LPBYTE) out, &len);
92     }
93
94     if (res) {
95         TRACE("%s failed: %d\n", debugstr_w(name), res);
96         *out = '\0';
97     }
98 }
99
100 /********************************************************************
101  * get_dword_from_reg [internal]
102  *
103  * helper to get a dword from the reg.
104  *
105  */
106 static void get_dword_from_reg(HKEY hcu, HKEY hklm, LPCWSTR name, LPDWORD out)
107 {
108     DWORD type = REG_DWORD;
109     DWORD len = sizeof(DWORD);
110     DWORD res;
111
112     res = RegQueryValueExW(hcu, name, NULL, &type, (LPBYTE) out, &len);
113
114     if (res && hklm) {
115         len = sizeof(DWORD);
116         type = REG_DWORD;
117         res = RegQueryValueExW(hklm, name, NULL, &type, (LPBYTE) out, &len);
118     }
119
120     if (res) {
121         TRACE("%s failed: %d\n", debugstr_w(name), res);
122         *out = 0;
123     }
124 }
125
126 static HRESULT get_zone_from_reg(LPCWSTR schema, DWORD *zone)
127 {
128     DWORD res, size;
129     HKEY hkey;
130
131     static const WCHAR wszZoneMapProtocolKey[] =
132         {'S','o','f','t','w','a','r','e','\\',
133          'M','i','c','r','o','s','o','f','t','\\',
134          'W','i','n','d','o','w','s','\\',
135          'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
136          'I','n','t','e','r','n','e','t',' ','S','e','t','t','i','n','g','s','\\',
137          'Z','o','n','e','M','a','p','\\',
138          'P','r','o','t','o','c','o','l','D','e','f','a','u','l','t','s',0};
139
140     res = RegOpenKeyW(HKEY_CURRENT_USER, wszZoneMapProtocolKey, &hkey);
141     if(res != ERROR_SUCCESS) {
142         ERR("Could not open key %s\n", debugstr_w(wszZoneMapProtocolKey));
143         return E_UNEXPECTED;
144     }
145
146     size = sizeof(DWORD);
147     res = RegQueryValueExW(hkey, schema, NULL, NULL, (PBYTE)zone, &size);
148     RegCloseKey(hkey);
149     if(res == ERROR_SUCCESS)
150         return S_OK;
151
152     res = RegOpenKeyW(HKEY_LOCAL_MACHINE, wszZoneMapProtocolKey, &hkey);
153     if(res != ERROR_SUCCESS) {
154         ERR("Could not open key %s\n", debugstr_w(wszZoneMapProtocolKey));
155         return E_UNEXPECTED;
156     }
157
158     size = sizeof(DWORD);
159     res = RegQueryValueExW(hkey, schema, NULL, NULL, (PBYTE)zone, &size);
160     RegCloseKey(hkey);
161     if(res == ERROR_SUCCESS)
162         return S_OK;
163
164     *zone = 3;
165     return S_OK;
166 }
167
168 /********************************************************************
169  * matches_domain_pattern [internal]
170  *
171  * Checks if the given string matches the specified domain pattern.
172  *
173  * This function looks for explicit wildcard domain components iff
174  * they appear at the very beginning of the 'pattern' string
175  *
176  *  pattern = "*.google.com"
177  */
178 static BOOL matches_domain_pattern(LPCWSTR pattern, LPCWSTR str, BOOL implicit_wildcard, LPCWSTR *matched)
179 {
180     BOOL matches = FALSE;
181     DWORD pattern_len = strlenW(pattern);
182     DWORD str_len = strlenW(str);
183
184     TRACE("(%d) Checking if %s matches %s\n", implicit_wildcard, debugstr_w(str), debugstr_w(pattern));
185
186     *matched = NULL;
187     if(str_len >= pattern_len) {
188         /* Check if there's an explicit wildcard in the pattern. */
189         if(pattern[0] == '*' && pattern[1] == '.') {
190             /* Make sure that 'str' matches the wildcard pattern.
191              *
192              * Example:
193              *  pattern = "*.google.com"
194              *
195              * So in this case 'str' would have to end with ".google.com" in order
196              * to map to this pattern.
197              */
198             if(str_len >= pattern_len+1 && !strcmpiW(str+(str_len-pattern_len+1), pattern+1)) {
199                 /* Check if there's another '.' inside of the "unmatched" portion
200                  * of 'str'.
201                  *
202                  * Example:
203                  *  pattern = "*.google.com"
204                  *  str     = "test.testing.google.com"
205                  *
206                  * The currently matched portion is ".google.com" in 'str', we need
207                  * see if there's a '.' inside of the unmatched portion ("test.testing"), because
208                  * if there is and 'implicit_wildcard' isn't set, then this isn't
209                  * a match.
210                  */
211                 const WCHAR *ptr;
212                 if(str_len > pattern_len+1 && (ptr = memrchrW(str, '.', str_len-pattern_len-2))) {
213                     if(implicit_wildcard) {
214                         matches = TRUE;
215                         *matched = ptr+1;
216                     }
217                 } else {
218                     matches = TRUE;
219                     *matched = str;
220                 }
221             }
222         } else if(implicit_wildcard && str_len > pattern_len) {
223             /* When the pattern has an implicit wildcard component, it means
224              * that anything goes in 'str' as long as it ends with the pattern
225              * and that the beginning of the match has a '.' before it.
226              *
227              * Example:
228              *  pattern = "google.com"
229              *  str     = "www.google.com"
230              *
231              * Implicitly matches the pattern, where as:
232              *
233              *  pattern = "google.com"
234              *  str     = "wwwgoogle.com"
235              *
236              * Doesn't match the pattern.
237              */
238             if(str_len > pattern_len) {
239                 if(str[str_len-pattern_len-1] == '.' && !strcmpiW(str+(str_len-pattern_len), pattern)) {
240                     matches = TRUE;
241                     *matched = str+(str_len-pattern_len);
242                 }
243             }
244         } else {
245             /* The pattern doesn't have an implicit wildcard, or an explicit wildcard,
246              * so 'str' has to be an exact match to the 'pattern'.
247              */
248             if(!strcmpiW(str, pattern)) {
249                 matches = TRUE;
250                 *matched = str;
251             }
252         }
253     }
254
255     if(matches)
256         TRACE("Found a match: matched=%s\n", debugstr_w(*matched));
257     else
258         TRACE("No match found\n");
259
260     return matches;
261 }
262
263 static BOOL get_zone_for_scheme(HKEY key, LPCWSTR schema, DWORD *zone)
264 {
265     static const WCHAR wildcardW[] = {'*',0};
266
267     DWORD res;
268     DWORD size = sizeof(DWORD);
269     DWORD type;
270
271     /* See if the key contains a value for the scheme first. */
272     res = RegQueryValueExW(key, schema, NULL, &type, (BYTE*)zone, &size);
273     if(res == ERROR_SUCCESS) {
274         if(type == REG_DWORD)
275             return TRUE;
276         WARN("Unexpected value type %d for value %s, expected REG_DWORD\n", type, debugstr_w(schema));
277     }
278
279     /* Try to get the zone for the wildcard scheme. */
280     size = sizeof(DWORD);
281     res = RegQueryValueExW(key, wildcardW, NULL, &type, (BYTE*)zone, &size);
282     if(res != ERROR_SUCCESS)
283         return FALSE;
284
285     if(type != REG_DWORD) {
286         WARN("Unexpected value type %d for value %s, expected REG_DWORD\n", type, debugstr_w(wildcardW));
287         return FALSE;
288     }
289
290     return TRUE;
291 }
292
293 /********************************************************************
294  * search_domain_for_zone [internal]
295  *
296  * Searches the specified 'domain' registry key to see if 'host' maps into it, or any
297  * of it's subdomain registry keys.
298  *
299  * Returns S_OK if a match is found, S_FALSE if no matches were found, or an error code.
300  */
301 static HRESULT search_domain_for_zone(HKEY domains, LPCWSTR domain, DWORD domain_len, LPCWSTR schema,
302                                       LPCWSTR host, DWORD host_len, DWORD *zone)
303 {
304     BOOL found = FALSE;
305     HKEY domain_key;
306     DWORD res;
307     LPCWSTR matched;
308
309     if(host_len >= domain_len && matches_domain_pattern(domain, host, TRUE, &matched)) {
310         res = RegOpenKeyW(domains, domain, &domain_key);
311         if(res != ERROR_SUCCESS) {
312             ERR("Failed to open domain key %s: %d\n", debugstr_w(domain), res);
313             return E_UNEXPECTED;
314         }
315
316         if(matched == host)
317             found = get_zone_for_scheme(domain_key, schema, zone);
318         else {
319             INT domain_offset;
320             DWORD subdomain_count, subdomain_len;
321             BOOL check_domain = TRUE;
322
323             find_domain_name(domain, domain_len, &domain_offset);
324
325             res = RegQueryInfoKeyW(domain_key, NULL, NULL, NULL, &subdomain_count, &subdomain_len,
326                                    NULL, NULL, NULL, NULL, NULL, NULL);
327             if(res != ERROR_SUCCESS) {
328                 ERR("Unable to query info for key %s: %d\n", debugstr_w(domain), res);
329                 RegCloseKey(domain_key);
330                 return E_UNEXPECTED;
331             }
332
333             if(subdomain_count) {
334                 WCHAR *subdomain;
335                 WCHAR *component;
336                 DWORD i;
337
338                 subdomain = heap_alloc((subdomain_len+1)*sizeof(WCHAR));
339                 if(!subdomain) {
340                     RegCloseKey(domain_key);
341                     return E_OUTOFMEMORY;
342                 }
343
344                 component = heap_strndupW(host, matched-host-1);
345                 if(!component) {
346                     heap_free(subdomain);
347                     RegCloseKey(domain_key);
348                     return E_OUTOFMEMORY;
349                 }
350
351                 for(i = 0; i < subdomain_count; ++i) {
352                     DWORD len = subdomain_len+1;
353                     const WCHAR *sub_matched;
354
355                     res = RegEnumKeyExW(domain_key, i, subdomain, &len, NULL, NULL, NULL, NULL);
356                     if(res != ERROR_SUCCESS) {
357                         heap_free(component);
358                         heap_free(subdomain);
359                         RegCloseKey(domain_key);
360                         return E_UNEXPECTED;
361                     }
362
363                     if(matches_domain_pattern(subdomain, component, FALSE, &sub_matched)) {
364                         HKEY subdomain_key;
365
366                         res = RegOpenKeyW(domain_key, subdomain, &subdomain_key);
367                         if(res != ERROR_SUCCESS) {
368                             ERR("Unable to open subdomain key %s of %s: %d\n", debugstr_w(subdomain),
369                                 debugstr_w(domain), res);
370                             heap_free(component);
371                             heap_free(subdomain);
372                             RegCloseKey(domain_key);
373                             return E_UNEXPECTED;
374                         }
375
376                         found = get_zone_for_scheme(subdomain_key, schema, zone);
377                         check_domain = FALSE;
378                         RegCloseKey(subdomain_key);
379                         break;
380                     }
381                 }
382                 heap_free(subdomain);
383                 heap_free(component);
384             }
385
386             /* There's a chance that 'host' implicitly mapped into 'domain', in
387              * which case we check to see if 'domain' contains zone information.
388              *
389              * This can only happen if 'domain' is it's own domain name.
390              *  Example:
391              *      "google.com" (domain name = "google.com")
392              *
393              *  So if:
394              *      host = "www.google.com"
395              *
396              *  Then host would map directly into the "google.com" domain key.
397              *
398              * If 'domain' has more than just it's domain name, or it does not
399              * have a domain name, then we don't perform the check. The reason
400              * for this is that these domains don't allow implicit mappings.
401              *  Example:
402              *      domain = "org" (has no domain name)
403              *      host   = "www.org"
404              *
405              *  The mapping would only happen if the "org" key had an explicit subkey
406              *  called "www".
407              */
408             if(check_domain && !domain_offset && !strchrW(host, matched-host-1))
409                 found = get_zone_for_scheme(domain_key, schema, zone);
410         }
411         RegCloseKey(domain_key);
412     }
413
414     return found ? S_OK : S_FALSE;
415 }
416
417 static HRESULT search_for_domain_mapping(HKEY domains, LPCWSTR schema, LPCWSTR host, DWORD host_len, DWORD *zone)
418 {
419     WCHAR *domain;
420     DWORD domain_count, domain_len, i;
421     DWORD res;
422     HRESULT hres = S_FALSE;
423
424     res = RegQueryInfoKeyW(domains, NULL, NULL, NULL, &domain_count, &domain_len,
425                            NULL, NULL, NULL, NULL, NULL, NULL);
426     if(res != ERROR_SUCCESS) {
427         WARN("Failed to retrieve information about key\n");
428         return E_UNEXPECTED;
429     }
430
431     if(!domain_count)
432         return S_FALSE;
433
434     domain = heap_alloc((domain_len+1)*sizeof(WCHAR));
435     if(!domain)
436         return E_OUTOFMEMORY;
437
438     for(i = 0; i < domain_count; ++i) {
439         DWORD len = domain_len+1;
440
441         res = RegEnumKeyExW(domains, i, domain, &len, NULL, NULL, NULL, NULL);
442         if(res != ERROR_SUCCESS) {
443             heap_free(domain);
444             return E_UNEXPECTED;
445         }
446
447         hres = search_domain_for_zone(domains, domain, len, schema, host, host_len, zone);
448         if(FAILED(hres) || hres == S_OK)
449             break;
450     }
451
452     heap_free(domain);
453     return hres;
454 }
455
456 static HRESULT get_zone_from_domains(IUri *uri, DWORD *zone)
457 {
458     HRESULT hres;
459     BSTR host, scheme;
460     DWORD res;
461     HKEY domains;
462     DWORD scheme_type;
463
464     hres = IUri_GetScheme(uri, &scheme_type);
465     if(FAILED(hres))
466         return hres;
467
468     /* Windows doesn't play nice with unknown scheme types when it tries
469      * to check if a host name maps into any domains.
470      */
471     if(scheme_type == URL_SCHEME_UNKNOWN)
472         return S_FALSE;
473
474     hres = IUri_GetHost(uri, &host);
475     if(FAILED(hres))
476         return hres;
477
478     /* Known hierarchical scheme types must have a host. If they don't Windows
479      * assigns URLZONE_INVALID to the zone.
480      */
481     if((scheme_type != URL_SCHEME_UNKNOWN && scheme_type != URL_SCHEME_FILE)
482         && is_hierarchical_scheme(scheme_type) && !*host) {
483         *zone = URLZONE_INVALID;
484
485         SysFreeString(host);
486
487         /* The MapUrlToZone functions return S_OK when this condition occurs. */
488         return S_OK;
489     }
490
491     hres = IUri_GetSchemeName(uri, &scheme);
492     if(FAILED(hres)) {
493         SysFreeString(host);
494         return hres;
495     }
496
497     /* First try CURRENT_USER. */
498     res = RegOpenKeyW(HKEY_CURRENT_USER, wszZoneMapDomainsKey, &domains);
499     if(res == ERROR_SUCCESS) {
500         hres = search_for_domain_mapping(domains, scheme, host, SysStringLen(host), zone);
501         RegCloseKey(domains);
502     } else
503         WARN("Failed to open HKCU's %s key\n", debugstr_w(wszZoneMapDomainsKey));
504
505     /* If that doesn't work try LOCAL_MACHINE. */
506     if(hres == S_FALSE) {
507         res = RegOpenKeyW(HKEY_LOCAL_MACHINE, wszZoneMapDomainsKey, &domains);
508         if(res == ERROR_SUCCESS) {
509             hres = search_for_domain_mapping(domains, scheme, host, SysStringLen(host), zone);
510             RegCloseKey(domains);
511         } else
512             WARN("Failed to open HKLM's %s key\n", debugstr_w(wszZoneMapDomainsKey));
513     }
514
515     SysFreeString(host);
516     SysFreeString(scheme);
517     return hres;
518 }
519
520 static HRESULT map_security_uri_to_zone(IUri *uri, DWORD *zone)
521 {
522     HRESULT hres;
523     BSTR scheme;
524
525     *zone = URLZONE_INVALID;
526
527     hres = IUri_GetSchemeName(uri, &scheme);
528     if(FAILED(hres))
529         return hres;
530
531     if(!strcmpiW(scheme, fileW)) {
532         BSTR path;
533         WCHAR *ptr, *path_start, root[20];
534
535         hres = IUri_GetPath(uri, &path);
536         if(FAILED(hres)) {
537             SysFreeString(scheme);
538             return hres;
539         }
540
541         if(*path == '/' && is_drive_path(path+1))
542             path_start = path+1;
543         else
544             path_start = path;
545
546         if((ptr = strchrW(path_start, ':')) && ptr-path_start+1 < sizeof(root)/sizeof(WCHAR)) {
547             UINT type;
548
549             memcpy(root, path_start, (ptr-path_start+1)*sizeof(WCHAR));
550             root[ptr-path_start+1] = 0;
551
552             type = GetDriveTypeW(root);
553
554             switch(type) {
555             case DRIVE_UNKNOWN:
556             case DRIVE_NO_ROOT_DIR:
557                 break;
558             case DRIVE_REMOVABLE:
559             case DRIVE_FIXED:
560             case DRIVE_CDROM:
561             case DRIVE_RAMDISK:
562                 *zone = URLZONE_LOCAL_MACHINE;
563                 hres = S_OK;
564                 break;
565             case DRIVE_REMOTE:
566                 *zone = URLZONE_INTERNET;
567                 hres = S_OK;
568                 break;
569             default:
570                 FIXME("unsupported drive type %d\n", type);
571             }
572         }
573         SysFreeString(path);
574     }
575
576     if(*zone == URLZONE_INVALID) {
577         hres = get_zone_from_domains(uri, zone);
578         if(hres == S_FALSE)
579             hres = get_zone_from_reg(scheme, zone);
580     }
581
582     SysFreeString(scheme);
583     return hres;
584 }
585
586 static HRESULT map_url_to_zone(LPCWSTR url, DWORD *zone, LPWSTR *ret_url)
587 {
588     IUri *secur_uri;
589     LPWSTR secur_url;
590     HRESULT hres;
591
592     *zone = URLZONE_INVALID;
593
594     hres = CoInternetGetSecurityUrl(url, &secur_url, PSU_SECURITY_URL_ONLY, 0);
595     if(hres != S_OK) {
596         DWORD size = strlenW(url)*sizeof(WCHAR);
597
598         secur_url = CoTaskMemAlloc(size);
599         if(!secur_url)
600             return E_OUTOFMEMORY;
601
602         memcpy(secur_url, url, size);
603     }
604
605     hres = CreateUri(secur_url, Uri_CREATE_ALLOW_IMPLICIT_FILE_SCHEME, 0, &secur_uri);
606     if(FAILED(hres)) {
607         CoTaskMemFree(secur_url);
608         return hres;
609     }
610
611     hres = map_security_uri_to_zone(secur_uri, zone);
612     IUri_Release(secur_uri);
613
614     if(FAILED(hres) || !ret_url)
615         CoTaskMemFree(secur_url);
616     else
617         *ret_url = secur_url;
618
619     return hres;
620 }
621
622 static HRESULT map_uri_to_zone(IUri *uri, DWORD *zone, IUri **ret_uri)
623 {
624     HRESULT hres;
625     IUri *secur_uri;
626
627     hres = CoInternetGetSecurityUrlEx(uri, &secur_uri, PSU_SECURITY_URL_ONLY, 0);
628     if(FAILED(hres))
629         return hres;
630
631     hres = map_security_uri_to_zone(secur_uri, zone);
632     if(FAILED(hres) || !ret_uri)
633         IUri_Release(secur_uri);
634     else
635         *ret_uri = secur_uri;
636
637     return hres;
638 }
639
640 static HRESULT open_zone_key(HKEY parent_key, DWORD zone, HKEY *hkey)
641 {
642     static const WCHAR wszFormat[] = {'%','s','%','u',0};
643
644     WCHAR key_name[sizeof(wszZonesKey)/sizeof(WCHAR)+12];
645     DWORD res;
646
647     wsprintfW(key_name, wszFormat, wszZonesKey, zone);
648
649     res = RegOpenKeyW(parent_key, key_name, hkey);
650
651     if(res != ERROR_SUCCESS) {
652         WARN("RegOpenKey failed\n");
653         return E_INVALIDARG;
654     }
655
656     return S_OK;
657 }
658
659 static HRESULT get_action_policy(DWORD zone, DWORD action, BYTE *policy, DWORD size, URLZONEREG zone_reg)
660 {
661     HKEY parent_key;
662     HKEY hkey;
663     LONG res;
664     HRESULT hres;
665
666     switch(action) {
667     case URLACTION_SCRIPT_OVERRIDE_SAFETY:
668     case URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY:
669         *(DWORD*)policy = URLPOLICY_DISALLOW;
670         return S_OK;
671     }
672
673     switch(zone_reg) {
674     case URLZONEREG_DEFAULT:
675     case URLZONEREG_HKCU:
676         parent_key = HKEY_CURRENT_USER;
677         break;
678     case URLZONEREG_HKLM:
679         parent_key = HKEY_LOCAL_MACHINE;
680         break;
681     default:
682         WARN("Unknown URLZONEREG: %d\n", zone_reg);
683         return E_FAIL;
684     };
685
686     hres = open_zone_key(parent_key, zone, &hkey);
687     if(SUCCEEDED(hres)) {
688         WCHAR action_str[16];
689         DWORD len = size;
690
691         static const WCHAR formatW[] = {'%','X',0};
692
693         wsprintfW(action_str, formatW, action);
694
695         res = RegQueryValueExW(hkey, action_str, NULL, NULL, policy, &len);
696         if(res == ERROR_MORE_DATA) {
697             hres = E_INVALIDARG;
698         }else if(res == ERROR_FILE_NOT_FOUND) {
699             hres = E_FAIL;
700         }else if(res != ERROR_SUCCESS) {
701             ERR("RegQueryValue failed: %d\n", res);
702             hres = E_UNEXPECTED;
703         }
704
705         RegCloseKey(hkey);
706     }
707
708     if(FAILED(hres) && zone_reg == URLZONEREG_DEFAULT)
709         return get_action_policy(zone, action, policy, size, URLZONEREG_HKLM);
710
711     return hres;
712 }
713
714 static HRESULT generate_security_id(IUri *uri, BYTE *secid, DWORD *secid_len, DWORD zone)
715 {
716     DWORD len;
717     HRESULT hres;
718     DWORD scheme_type;
719
720     if(zone == URLZONE_INVALID)
721         return E_INVALIDARG;
722
723     hres = IUri_GetScheme(uri, &scheme_type);
724     if(FAILED(hres))
725         return hres;
726
727     /* Windows handles opaque URLs differently then hierarchical ones. */
728     if(!is_hierarchical_scheme(scheme_type) && scheme_type != URL_SCHEME_WILDCARD) {
729         BSTR display_uri;
730
731         hres = IUri_GetDisplayUri(uri, &display_uri);
732         if(FAILED(hres))
733             return hres;
734
735         len = WideCharToMultiByte(CP_ACP, 0, display_uri, -1, NULL, 0, NULL, NULL)-1;
736
737         if(len+sizeof(DWORD) > *secid_len) {
738             SysFreeString(display_uri);
739             return HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER);
740         }
741
742         WideCharToMultiByte(CP_ACP, 0, display_uri, -1, (LPSTR)secid, len, NULL, NULL);
743         SysFreeString(display_uri);
744
745         *(DWORD*)(secid+len) = zone;
746     } else {
747         BSTR host, scheme;
748         DWORD host_len, scheme_len;
749         BYTE *ptr;
750
751         hres = IUri_GetHost(uri, &host);
752         if(FAILED(hres))
753             return hres;
754
755         /* The host can't be empty for Wildcard URIs. */
756         if(scheme_type == URL_SCHEME_WILDCARD && !*host) {
757             SysFreeString(host);
758             return E_INVALIDARG;
759         }
760
761         hres = IUri_GetSchemeName(uri, &scheme);
762         if(FAILED(hres)) {
763             SysFreeString(host);
764             return hres;
765         }
766
767         host_len = WideCharToMultiByte(CP_ACP, 0, host, -1, NULL, 0, NULL, NULL)-1;
768         scheme_len = WideCharToMultiByte(CP_ACP, 0, scheme, -1, NULL, 0, NULL, NULL)-1;
769
770         len = host_len+scheme_len+sizeof(BYTE);
771
772         if(len+sizeof(DWORD) > *secid_len) {
773             SysFreeString(host);
774             SysFreeString(scheme);
775             return HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER);
776         }
777
778         WideCharToMultiByte(CP_ACP, 0, scheme, -1, (LPSTR)secid, len, NULL, NULL);
779         SysFreeString(scheme);
780
781         ptr = secid+scheme_len;
782         *ptr++ = ':';
783
784         WideCharToMultiByte(CP_ACP, 0, host, -1, (LPSTR)ptr, host_len, NULL, NULL);
785         SysFreeString(host);
786
787         ptr += host_len;
788
789         *(DWORD*)ptr = zone;
790     }
791
792     *secid_len = len+sizeof(DWORD);
793
794     return S_OK;
795 }
796
797 static HRESULT get_security_id_for_url(LPCWSTR url, BYTE *secid, DWORD *secid_len)
798 {
799     HRESULT hres;
800     DWORD zone = URLZONE_INVALID;
801     LPWSTR secur_url = NULL;
802     IUri *uri;
803
804     hres = map_url_to_zone(url, &zone, &secur_url);
805     if(FAILED(hres))
806         return hres == 0x80041001 ? E_INVALIDARG : hres;
807
808     hres = CreateUri(secur_url, Uri_CREATE_ALLOW_IMPLICIT_FILE_SCHEME, 0, &uri);
809     CoTaskMemFree(secur_url);
810     if(FAILED(hres))
811         return hres;
812
813     hres = generate_security_id(uri, secid, secid_len, zone);
814     IUri_Release(uri);
815
816     return hres;
817 }
818
819 static HRESULT get_security_id_for_uri(IUri *uri, BYTE *secid, DWORD *secid_len)
820 {
821     HRESULT hres;
822     IUri *secur_uri;
823     DWORD zone = URLZONE_INVALID;
824
825     hres = map_uri_to_zone(uri, &zone, &secur_uri);
826     if(FAILED(hres))
827         return hres;
828
829     hres = generate_security_id(secur_uri, secid, secid_len, zone);
830     IUri_Release(secur_uri);
831
832     return hres;
833 }
834
835 /***********************************************************************
836  *           InternetSecurityManager implementation
837  *
838  */
839 typedef struct {
840     IInternetSecurityManagerEx2 IInternetSecurityManagerEx2_iface;
841
842     LONG ref;
843
844     IInternetSecurityMgrSite *mgrsite;
845     IInternetSecurityManager *custom_manager;
846 } SecManagerImpl;
847
848 static inline SecManagerImpl *impl_from_IInternetSecurityManagerEx2(IInternetSecurityManagerEx2 *iface)
849 {
850     return CONTAINING_RECORD(iface, SecManagerImpl, IInternetSecurityManagerEx2_iface);
851 }
852
853 static HRESULT WINAPI SecManagerImpl_QueryInterface(IInternetSecurityManagerEx2* iface,REFIID riid,void** ppvObject)
854 {
855     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
856
857     TRACE("(%p)->(%s,%p)\n",This,debugstr_guid(riid),ppvObject);
858
859     /* Perform a sanity check on the parameters.*/
860     if ( (This==0) || (ppvObject==0) )
861         return E_INVALIDARG;
862
863     /* Initialize the return parameter */
864     *ppvObject = 0;
865
866     /* Compare the riid with the interface IDs implemented by this object.*/
867     if (IsEqualIID(&IID_IUnknown, riid) ||
868         IsEqualIID(&IID_IInternetSecurityManager, riid) ||
869         IsEqualIID(&IID_IInternetSecurityManagerEx, riid) ||
870         IsEqualIID(&IID_IInternetSecurityManagerEx2, riid))
871         *ppvObject = iface;
872
873     /* Check that we obtained an interface.*/
874     if (!*ppvObject) {
875         WARN("not supported interface %s\n", debugstr_guid(riid));
876         return E_NOINTERFACE;
877     }
878
879     /* Query Interface always increases the reference count by one when it is successful */
880     IInternetSecurityManager_AddRef(iface);
881
882     return S_OK;
883 }
884
885 static ULONG WINAPI SecManagerImpl_AddRef(IInternetSecurityManagerEx2* iface)
886 {
887     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
888     ULONG refCount = InterlockedIncrement(&This->ref);
889
890     TRACE("(%p) ref=%u\n", This, refCount);
891
892     return refCount;
893 }
894
895 static ULONG WINAPI SecManagerImpl_Release(IInternetSecurityManagerEx2* iface)
896 {
897     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
898     ULONG refCount = InterlockedDecrement(&This->ref);
899
900     TRACE("(%p) ref=%u\n", This, refCount);
901
902     /* destroy the object if there's no more reference on it */
903     if (!refCount){
904         if(This->mgrsite)
905             IInternetSecurityMgrSite_Release(This->mgrsite);
906         if(This->custom_manager)
907             IInternetSecurityManager_Release(This->custom_manager);
908
909         heap_free(This);
910
911         URLMON_UnlockModule();
912     }
913
914     return refCount;
915 }
916
917 static HRESULT WINAPI SecManagerImpl_SetSecuritySite(IInternetSecurityManagerEx2 *iface,
918                                                      IInternetSecurityMgrSite *pSite)
919 {
920     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
921
922     TRACE("(%p)->(%p)\n", This, pSite);
923
924     if(This->mgrsite)
925         IInternetSecurityMgrSite_Release(This->mgrsite);
926
927     if(This->custom_manager) {
928         IInternetSecurityManager_Release(This->custom_manager);
929         This->custom_manager = NULL;
930     }
931
932     This->mgrsite = pSite;
933
934     if(pSite) {
935         IServiceProvider *servprov;
936         HRESULT hres;
937
938         IInternetSecurityMgrSite_AddRef(pSite);
939
940         hres = IInternetSecurityMgrSite_QueryInterface(pSite, &IID_IServiceProvider,
941                 (void**)&servprov);
942         if(SUCCEEDED(hres)) {
943             IServiceProvider_QueryService(servprov, &SID_SInternetSecurityManager,
944                     &IID_IInternetSecurityManager, (void**)&This->custom_manager);
945             IServiceProvider_Release(servprov);
946         }
947     }
948
949     return S_OK;
950 }
951
952 static HRESULT WINAPI SecManagerImpl_GetSecuritySite(IInternetSecurityManagerEx2 *iface,
953                                                      IInternetSecurityMgrSite **ppSite)
954 {
955     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
956
957     TRACE("(%p)->(%p)\n", This, ppSite);
958
959     if(!ppSite)
960         return E_INVALIDARG;
961
962     if(This->mgrsite)
963         IInternetSecurityMgrSite_AddRef(This->mgrsite);
964
965     *ppSite = This->mgrsite;
966     return S_OK;
967 }
968
969 static HRESULT WINAPI SecManagerImpl_MapUrlToZone(IInternetSecurityManagerEx2 *iface,
970                                                   LPCWSTR pwszUrl, DWORD *pdwZone,
971                                                   DWORD dwFlags)
972 {
973     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
974     HRESULT hres;
975
976     TRACE("(%p)->(%s %p %08x)\n", iface, debugstr_w(pwszUrl), pdwZone, dwFlags);
977
978     if(This->custom_manager) {
979         hres = IInternetSecurityManager_MapUrlToZone(This->custom_manager,
980                 pwszUrl, pdwZone, dwFlags);
981         if(hres != INET_E_DEFAULT_ACTION)
982             return hres;
983     }
984
985     if(!pwszUrl) {
986         *pdwZone = URLZONE_INVALID;
987         return E_INVALIDARG;
988     }
989
990     if(dwFlags)
991         FIXME("not supported flags: %08x\n", dwFlags);
992
993     return map_url_to_zone(pwszUrl, pdwZone, NULL);
994 }
995
996 static HRESULT WINAPI SecManagerImpl_GetSecurityId(IInternetSecurityManagerEx2 *iface,
997         LPCWSTR pwszUrl, BYTE *pbSecurityId, DWORD *pcbSecurityId, DWORD_PTR dwReserved)
998 {
999     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1000
1001     TRACE("(%p)->(%s %p %p %08lx)\n", iface, debugstr_w(pwszUrl), pbSecurityId,
1002           pcbSecurityId, dwReserved);
1003
1004     if(This->custom_manager) {
1005         HRESULT hres;
1006
1007         hres = IInternetSecurityManager_GetSecurityId(This->custom_manager,
1008                 pwszUrl, pbSecurityId, pcbSecurityId, dwReserved);
1009         if(hres != INET_E_DEFAULT_ACTION)
1010             return hres;
1011     }
1012
1013     if(!pwszUrl || !pbSecurityId || !pcbSecurityId)
1014         return E_INVALIDARG;
1015
1016     if(dwReserved)
1017         FIXME("dwReserved is not supported\n");
1018
1019     return get_security_id_for_url(pwszUrl, pbSecurityId, pcbSecurityId);
1020 }
1021
1022
1023 static HRESULT WINAPI SecManagerImpl_ProcessUrlAction(IInternetSecurityManagerEx2 *iface,
1024                                                       LPCWSTR pwszUrl, DWORD dwAction,
1025                                                       BYTE *pPolicy, DWORD cbPolicy,
1026                                                       BYTE *pContext, DWORD cbContext,
1027                                                       DWORD dwFlags, DWORD dwReserved)
1028 {
1029     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1030     DWORD zone, policy;
1031     HRESULT hres;
1032
1033     TRACE("(%p)->(%s %08x %p %08x %p %08x %08x %08x)\n", iface, debugstr_w(pwszUrl), dwAction,
1034           pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
1035
1036     if(This->custom_manager) {
1037         hres = IInternetSecurityManager_ProcessUrlAction(This->custom_manager, pwszUrl, dwAction,
1038                 pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
1039         if(hres != INET_E_DEFAULT_ACTION)
1040             return hres;
1041     }
1042
1043     if(dwFlags || dwReserved)
1044         FIXME("Unsupported arguments\n");
1045
1046     if(!pwszUrl)
1047         return E_INVALIDARG;
1048
1049     hres = map_url_to_zone(pwszUrl, &zone, NULL);
1050     if(FAILED(hres))
1051         return hres;
1052
1053     hres = get_action_policy(zone, dwAction, (BYTE*)&policy, sizeof(policy), URLZONEREG_DEFAULT);
1054     if(FAILED(hres))
1055         return hres;
1056
1057     TRACE("policy %x\n", policy);
1058     if(cbPolicy >= sizeof(DWORD))
1059         *(DWORD*)pPolicy = policy;
1060
1061     switch(GetUrlPolicyPermissions(policy)) {
1062     case URLPOLICY_ALLOW:
1063     case URLPOLICY_CHANNEL_SOFTDIST_PRECACHE:
1064         return S_OK;
1065     case URLPOLICY_DISALLOW:
1066         return S_FALSE;
1067     case URLPOLICY_QUERY:
1068         FIXME("URLPOLICY_QUERY not implemented\n");
1069         return E_FAIL;
1070     default:
1071         FIXME("Not implemented policy %x\n", policy);
1072     }
1073
1074     return E_FAIL;
1075 }
1076                                                
1077
1078 static HRESULT WINAPI SecManagerImpl_QueryCustomPolicy(IInternetSecurityManagerEx2 *iface,
1079                                                        LPCWSTR pwszUrl, REFGUID guidKey,
1080                                                        BYTE **ppPolicy, DWORD *pcbPolicy,
1081                                                        BYTE *pContext, DWORD cbContext,
1082                                                        DWORD dwReserved)
1083 {
1084     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1085     HRESULT hres;
1086
1087     TRACE("(%p)->(%s %s %p %p %p %08x %08x )\n", iface, debugstr_w(pwszUrl), debugstr_guid(guidKey),
1088           ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
1089
1090     if(This->custom_manager) {
1091         hres = IInternetSecurityManager_QueryCustomPolicy(This->custom_manager, pwszUrl, guidKey,
1092                 ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
1093         if(hres != INET_E_DEFAULT_ACTION)
1094             return hres;
1095     }
1096
1097     WARN("Unknown guidKey %s\n", debugstr_guid(guidKey));
1098     return HRESULT_FROM_WIN32(ERROR_NOT_FOUND);
1099 }
1100
1101 static HRESULT WINAPI SecManagerImpl_SetZoneMapping(IInternetSecurityManagerEx2 *iface,
1102                                                     DWORD dwZone, LPCWSTR pwszPattern, DWORD dwFlags)
1103 {
1104     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1105     HRESULT hres;
1106
1107     TRACE("(%p)->(%08x %s %08x)\n", iface, dwZone, debugstr_w(pwszPattern),dwFlags);
1108
1109     if(This->custom_manager) {
1110         hres = IInternetSecurityManager_SetZoneMapping(This->custom_manager, dwZone,
1111                 pwszPattern, dwFlags);
1112         if(hres != INET_E_DEFAULT_ACTION)
1113             return hres;
1114     }
1115
1116     FIXME("Default action is not implemented\n");
1117     return E_NOTIMPL;
1118 }
1119
1120 static HRESULT WINAPI SecManagerImpl_GetZoneMappings(IInternetSecurityManagerEx2 *iface,
1121         DWORD dwZone, IEnumString **ppenumString, DWORD dwFlags)
1122 {
1123     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1124     HRESULT hres;
1125
1126     TRACE("(%p)->(%08x %p %08x)\n", iface, dwZone, ppenumString,dwFlags);
1127
1128     if(This->custom_manager) {
1129         hres = IInternetSecurityManager_GetZoneMappings(This->custom_manager, dwZone,
1130                 ppenumString, dwFlags);
1131         if(hres != INET_E_DEFAULT_ACTION)
1132             return hres;
1133     }
1134
1135     FIXME("Default action is not implemented\n");
1136     return E_NOTIMPL;
1137 }
1138
1139 static HRESULT WINAPI SecManagerImpl_ProcessUrlActionEx(IInternetSecurityManagerEx2 *iface,
1140         LPCWSTR pwszUrl, DWORD dwAction, BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext,
1141         DWORD dwFlags, DWORD dwReserved, DWORD *pdwOutFlags)
1142 {
1143     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1144     FIXME("(%p)->(%s %08x %p %d %p %d %08x %08x %p) stub\n", This, debugstr_w(pwszUrl), dwAction, pPolicy, cbPolicy,
1145           pContext, cbContext, dwFlags, dwReserved, pdwOutFlags);
1146     return E_NOTIMPL;
1147 }
1148
1149 static HRESULT WINAPI SecManagerImpl_MapUrlToZoneEx2(IInternetSecurityManagerEx2 *iface,
1150         IUri *pUri, DWORD *pdwZone, DWORD dwFlags, LPWSTR *ppwszMappedUrl, DWORD *pdwOutFlags)
1151 {
1152     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1153
1154     TRACE("(%p)->(%p %p %08x %p %p)\n", This, pUri, pdwZone, dwFlags, ppwszMappedUrl, pdwOutFlags);
1155
1156     if(This->custom_manager) {
1157         HRESULT hres;
1158         IInternetSecurityManagerEx2 *sec_mgr2;
1159
1160         hres = IInternetSecurityManager_QueryInterface(This->custom_manager, &IID_IInternetSecurityManagerEx2,
1161                 (void**)&sec_mgr2);
1162         if(SUCCEEDED(hres)) {
1163             hres = IInternetSecurityManagerEx2_MapUrlToZoneEx2(sec_mgr2, pUri, pdwZone, dwFlags, ppwszMappedUrl, pdwOutFlags);
1164             IInternetSecurityManagerEx2_Release(sec_mgr2);
1165         } else {
1166             BSTR url;
1167
1168             hres = IUri_GetDisplayUri(pUri, &url);
1169             if(FAILED(hres))
1170                 return hres;
1171
1172             hres = IInternetSecurityManager_MapUrlToZone(This->custom_manager, url, pdwZone, dwFlags);
1173             SysFreeString(url);
1174         }
1175
1176         if(hres != INET_E_DEFAULT_ACTION)
1177             return hres;
1178     }
1179
1180     if(!pdwZone)
1181         return E_INVALIDARG;
1182
1183     if(!pUri) {
1184         *pdwZone = URLZONE_INVALID;
1185         return E_INVALIDARG;
1186     }
1187
1188     if(dwFlags)
1189         FIXME("Unsupported flags: %08x\n", dwFlags);
1190
1191     return map_uri_to_zone(pUri, pdwZone, NULL);
1192 }
1193
1194 static HRESULT WINAPI SecManagerImpl_ProcessUrlActionEx2(IInternetSecurityManagerEx2 *iface,
1195         IUri *pUri, DWORD dwAction, BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext,
1196         DWORD dwFlags, DWORD_PTR dwReserved, DWORD *pdwOutFlags)
1197 {
1198     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1199     FIXME("(%p)->(%p %08x %p %d %p %d %08x %08x %p) stub\n", This, pUri, dwAction, pPolicy,
1200           cbPolicy, pContext, cbContext, dwFlags, (DWORD)dwReserved, pdwOutFlags);
1201     return E_NOTIMPL;
1202 }
1203
1204 static HRESULT WINAPI SecManagerImpl_GetSecurityIdEx2(IInternetSecurityManagerEx2 *iface,
1205         IUri *pUri, BYTE *pbSecurityId, DWORD *pcbSecurityId, DWORD_PTR dwReserved)
1206 {
1207     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1208     TRACE("(%p)->(%p %p %p %08x) stub\n", This, pUri, pbSecurityId, pcbSecurityId, (DWORD)dwReserved);
1209
1210     if(dwReserved)
1211         FIXME("dwReserved is not supported yet\n");
1212
1213     if(!pUri || !pcbSecurityId || !pbSecurityId)
1214         return E_INVALIDARG;
1215
1216     return get_security_id_for_uri(pUri, pbSecurityId, pcbSecurityId);
1217 }
1218
1219 static HRESULT WINAPI SecManagerImpl_QueryCustomPolicyEx2(IInternetSecurityManagerEx2 *iface,
1220         IUri *pUri, REFGUID guidKey, BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext,
1221         DWORD cbContext, DWORD_PTR dwReserved)
1222 {
1223     SecManagerImpl *This = impl_from_IInternetSecurityManagerEx2(iface);
1224     FIXME("(%p)->(%p %s %p %p %p %d %08x) stub\n", This, pUri, debugstr_guid(guidKey), ppPolicy, pcbPolicy,
1225           pContext, cbContext, (DWORD)dwReserved);
1226     return E_NOTIMPL;
1227 }
1228
1229 static const IInternetSecurityManagerEx2Vtbl VT_SecManagerImpl =
1230 {
1231     SecManagerImpl_QueryInterface,
1232     SecManagerImpl_AddRef,
1233     SecManagerImpl_Release,
1234     SecManagerImpl_SetSecuritySite,
1235     SecManagerImpl_GetSecuritySite,
1236     SecManagerImpl_MapUrlToZone,
1237     SecManagerImpl_GetSecurityId,
1238     SecManagerImpl_ProcessUrlAction,
1239     SecManagerImpl_QueryCustomPolicy,
1240     SecManagerImpl_SetZoneMapping,
1241     SecManagerImpl_GetZoneMappings,
1242     SecManagerImpl_ProcessUrlActionEx,
1243     SecManagerImpl_MapUrlToZoneEx2,
1244     SecManagerImpl_ProcessUrlActionEx2,
1245     SecManagerImpl_GetSecurityIdEx2,
1246     SecManagerImpl_QueryCustomPolicyEx2
1247 };
1248
1249 HRESULT SecManagerImpl_Construct(IUnknown *pUnkOuter, LPVOID *ppobj)
1250 {
1251     SecManagerImpl *This;
1252
1253     TRACE("(%p,%p)\n",pUnkOuter,ppobj);
1254     This = heap_alloc(sizeof(*This));
1255
1256     /* Initialize the virtual function table. */
1257     This->IInternetSecurityManagerEx2_iface.lpVtbl = &VT_SecManagerImpl;
1258
1259     This->ref = 1;
1260     This->mgrsite = NULL;
1261     This->custom_manager = NULL;
1262
1263     *ppobj = This;
1264
1265     URLMON_LockModule();
1266
1267     return S_OK;
1268 }
1269
1270 /***********************************************************************
1271  *           InternetZoneManager implementation
1272  *
1273  */
1274 typedef struct {
1275     IInternetZoneManagerEx2 IInternetZoneManagerEx2_iface;
1276     LONG ref;
1277     LPDWORD *zonemaps;
1278     DWORD zonemap_count;
1279 } ZoneMgrImpl;
1280
1281 static inline ZoneMgrImpl *impl_from_IInternetZoneManagerEx2(IInternetZoneManagerEx2 *iface)
1282 {
1283     return CONTAINING_RECORD(iface, ZoneMgrImpl, IInternetZoneManagerEx2_iface);
1284 }
1285
1286
1287 /***********************************************************************
1288  * build_zonemap_from_reg [internal]
1289  *
1290  * Enumerate the Zones in the Registry and return the Zones in a DWORD-array
1291  * The number of the Zones is returned in data[0]
1292  */
1293 static LPDWORD build_zonemap_from_reg(void)
1294 {
1295     WCHAR name[32];
1296     HKEY hkey;
1297     LPDWORD data = NULL;
1298     DWORD allocated = 6; /* space for the zonecount and Zone "0" up to Zone "4" */
1299     DWORD used = 0;
1300     DWORD res;
1301     DWORD len;
1302
1303
1304     res = RegOpenKeyW(HKEY_CURRENT_USER, wszZonesKey, &hkey);
1305     if (res)
1306         return NULL;
1307
1308     data = heap_alloc(allocated * sizeof(DWORD));
1309     if (!data)
1310         goto cleanup;
1311
1312     while (!res) {
1313         name[0] = '\0';
1314         len = sizeof(name) / sizeof(name[0]);
1315         res = RegEnumKeyExW(hkey, used, name, &len, NULL, NULL, NULL, NULL);
1316
1317         if (!res) {
1318             used++;
1319             if (used == allocated) {
1320                 LPDWORD new_data;
1321
1322                 allocated *= 2;
1323                 new_data = heap_realloc_zero(data, allocated * sizeof(DWORD));
1324                 if (!new_data)
1325                     goto cleanup;
1326
1327                 data = new_data;
1328             }
1329             data[used] = atoiW(name);
1330         }
1331     }
1332     if (used) {
1333         RegCloseKey(hkey);
1334         data[0] = used;
1335         return data;
1336     }
1337
1338 cleanup:
1339     /* something failed */
1340     RegCloseKey(hkey);
1341     heap_free(data);
1342     return NULL;
1343 }
1344
1345 /********************************************************************
1346  *      IInternetZoneManager_QueryInterface
1347  */
1348 static HRESULT WINAPI ZoneMgrImpl_QueryInterface(IInternetZoneManagerEx2* iface, REFIID riid, void** ppvObject)
1349 {
1350     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1351
1352     TRACE("(%p)->(%s,%p)\n", This, debugstr_guid(riid), ppvObject);
1353
1354     if(!This || !ppvObject)
1355         return E_INVALIDARG;
1356
1357     if(IsEqualIID(&IID_IUnknown, riid)) {
1358         TRACE("(%p)->(IID_IUnknown %p)\n", This, ppvObject);
1359     }else if(IsEqualIID(&IID_IInternetZoneManager, riid)) {
1360         TRACE("(%p)->(IID_InternetZoneManager %p)\n", This, ppvObject);
1361     }else if(IsEqualIID(&IID_IInternetZoneManagerEx, riid)) {
1362         TRACE("(%p)->(IID_InternetZoneManagerEx %p)\n", This, ppvObject);
1363     }else if(IsEqualIID(&IID_IInternetZoneManagerEx2, riid)) {
1364         TRACE("(%p)->(IID_InternetZoneManagerEx2 %p)\n", This, ppvObject);
1365     }
1366     else
1367     {
1368         FIXME("Unknown interface: %s\n", debugstr_guid(riid));
1369         *ppvObject = NULL;
1370         return E_NOINTERFACE;
1371     }
1372
1373     *ppvObject = iface;
1374     IInternetZoneManager_AddRef(iface);
1375     return S_OK;
1376 }
1377
1378 /********************************************************************
1379  *      IInternetZoneManager_AddRef
1380  */
1381 static ULONG WINAPI ZoneMgrImpl_AddRef(IInternetZoneManagerEx2* iface)
1382 {
1383     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1384     ULONG refCount = InterlockedIncrement(&This->ref);
1385
1386     TRACE("(%p)->(ref before=%u)\n",This, refCount - 1);
1387
1388     return refCount;
1389 }
1390
1391 /********************************************************************
1392  *      IInternetZoneManager_Release
1393  */
1394 static ULONG WINAPI ZoneMgrImpl_Release(IInternetZoneManagerEx2* iface)
1395 {
1396     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1397     ULONG refCount = InterlockedDecrement(&This->ref);
1398
1399     TRACE("(%p)->(ref before=%u)\n",This, refCount + 1);
1400
1401     if(!refCount) {
1402         while (This->zonemap_count) heap_free(This->zonemaps[--This->zonemap_count]);
1403         heap_free(This->zonemaps);
1404         heap_free(This);
1405         URLMON_UnlockModule();
1406     }
1407     
1408     return refCount;
1409 }
1410
1411 /********************************************************************
1412  *      IInternetZoneManager_GetZoneAttributes
1413  */
1414 static HRESULT WINAPI ZoneMgrImpl_GetZoneAttributes(IInternetZoneManagerEx2* iface,
1415                                                     DWORD dwZone,
1416                                                     ZONEATTRIBUTES* pZoneAttributes)
1417 {
1418     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1419     HRESULT hr;
1420     HKEY hcu;
1421     HKEY hklm = NULL;
1422
1423     TRACE("(%p)->(%d %p)\n", This, dwZone, pZoneAttributes);
1424
1425     if (!pZoneAttributes)
1426         return E_INVALIDARG;
1427
1428     hr = open_zone_key(HKEY_CURRENT_USER, dwZone, &hcu);
1429     if (FAILED(hr))
1430         return S_OK;  /* IE6 and older returned E_FAIL here */
1431
1432     hr = open_zone_key(HKEY_LOCAL_MACHINE, dwZone, &hklm);
1433     if (FAILED(hr))
1434         TRACE("Zone %d not in HKLM\n", dwZone);
1435
1436     get_string_from_reg(hcu, hklm, displaynameW, pZoneAttributes->szDisplayName, MAX_ZONE_PATH);
1437     get_string_from_reg(hcu, hklm, descriptionW, pZoneAttributes->szDescription, MAX_ZONE_DESCRIPTION);
1438     get_string_from_reg(hcu, hklm, iconW, pZoneAttributes->szIconPath, MAX_ZONE_PATH);
1439     get_dword_from_reg(hcu, hklm, minlevelW, &pZoneAttributes->dwTemplateMinLevel);
1440     get_dword_from_reg(hcu, hklm, currentlevelW, &pZoneAttributes->dwTemplateCurrentLevel);
1441     get_dword_from_reg(hcu, hklm, recommendedlevelW, &pZoneAttributes->dwTemplateRecommended);
1442     get_dword_from_reg(hcu, hklm, flagsW, &pZoneAttributes->dwFlags);
1443
1444     RegCloseKey(hklm);
1445     RegCloseKey(hcu);
1446     return S_OK;
1447 }
1448
1449 /********************************************************************
1450  *      IInternetZoneManager_SetZoneAttributes
1451  */
1452 static HRESULT WINAPI ZoneMgrImpl_SetZoneAttributes(IInternetZoneManagerEx2* iface,
1453                                                     DWORD dwZone,
1454                                                     ZONEATTRIBUTES* pZoneAttributes)
1455 {
1456     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1457     HRESULT hr;
1458     HKEY hcu;
1459
1460     TRACE("(%p)->(%d %p)\n", This, dwZone, pZoneAttributes);
1461
1462     if (!pZoneAttributes)
1463         return E_INVALIDARG;
1464
1465     hr = open_zone_key(HKEY_CURRENT_USER, dwZone, &hcu);
1466     if (FAILED(hr))
1467         return S_OK;  /* IE6 returned E_FAIL here */
1468
1469     /* cbSize is ignored */
1470     RegSetValueExW(hcu, displaynameW, 0, REG_SZ, (LPBYTE) pZoneAttributes->szDisplayName,
1471                     (lstrlenW(pZoneAttributes->szDisplayName)+1)* sizeof(WCHAR));
1472
1473     RegSetValueExW(hcu, descriptionW, 0, REG_SZ, (LPBYTE) pZoneAttributes->szDescription,
1474                     (lstrlenW(pZoneAttributes->szDescription)+1)* sizeof(WCHAR));
1475
1476     RegSetValueExW(hcu, iconW, 0, REG_SZ, (LPBYTE) pZoneAttributes->szIconPath,
1477                     (lstrlenW(pZoneAttributes->szIconPath)+1)* sizeof(WCHAR));
1478
1479     RegSetValueExW(hcu, minlevelW, 0, REG_DWORD,
1480                     (const BYTE*) &pZoneAttributes->dwTemplateMinLevel, sizeof(DWORD));
1481
1482     RegSetValueExW(hcu, currentlevelW, 0, REG_DWORD,
1483                     (const BYTE*) &pZoneAttributes->dwTemplateCurrentLevel, sizeof(DWORD));
1484
1485     RegSetValueExW(hcu, recommendedlevelW, 0, REG_DWORD,
1486                     (const BYTE*) &pZoneAttributes->dwTemplateRecommended, sizeof(DWORD));
1487
1488     RegSetValueExW(hcu, flagsW, 0, REG_DWORD, (const BYTE*) &pZoneAttributes->dwFlags, sizeof(DWORD));
1489     RegCloseKey(hcu);
1490     return S_OK;
1491
1492 }
1493
1494 /********************************************************************
1495  *      IInternetZoneManager_GetZoneCustomPolicy
1496  */
1497 static HRESULT WINAPI ZoneMgrImpl_GetZoneCustomPolicy(IInternetZoneManagerEx2* iface,
1498                                                       DWORD dwZone,
1499                                                       REFGUID guidKey,
1500                                                       BYTE** ppPolicy,
1501                                                       DWORD* pcbPolicy,
1502                                                       URLZONEREG ulrZoneReg)
1503 {
1504     FIXME("(%p)->(%08x %s %p %p %08x) stub\n", iface, dwZone, debugstr_guid(guidKey),
1505                                                     ppPolicy, pcbPolicy, ulrZoneReg);
1506     return E_NOTIMPL;
1507 }
1508
1509 /********************************************************************
1510  *      IInternetZoneManager_SetZoneCustomPolicy
1511  */
1512 static HRESULT WINAPI ZoneMgrImpl_SetZoneCustomPolicy(IInternetZoneManagerEx2* iface,
1513                                                       DWORD dwZone,
1514                                                       REFGUID guidKey,
1515                                                       BYTE* ppPolicy,
1516                                                       DWORD cbPolicy,
1517                                                       URLZONEREG ulrZoneReg)
1518 {
1519     FIXME("(%p)->(%08x %s %p %08x %08x) stub\n", iface, dwZone, debugstr_guid(guidKey),
1520                                                     ppPolicy, cbPolicy, ulrZoneReg);
1521     return E_NOTIMPL;
1522 }
1523
1524 /********************************************************************
1525  *      IInternetZoneManager_GetZoneActionPolicy
1526  */
1527 static HRESULT WINAPI ZoneMgrImpl_GetZoneActionPolicy(IInternetZoneManagerEx2* iface,
1528         DWORD dwZone, DWORD dwAction, BYTE* pPolicy, DWORD cbPolicy, URLZONEREG urlZoneReg)
1529 {
1530     TRACE("(%p)->(%d %08x %p %d %d)\n", iface, dwZone, dwAction, pPolicy,
1531             cbPolicy, urlZoneReg);
1532
1533     if(!pPolicy)
1534         return E_INVALIDARG;
1535
1536     return get_action_policy(dwZone, dwAction, pPolicy, cbPolicy, urlZoneReg);
1537 }
1538
1539 /********************************************************************
1540  *      IInternetZoneManager_SetZoneActionPolicy
1541  */
1542 static HRESULT WINAPI ZoneMgrImpl_SetZoneActionPolicy(IInternetZoneManagerEx2* iface,
1543                                                       DWORD dwZone,
1544                                                       DWORD dwAction,
1545                                                       BYTE* pPolicy,
1546                                                       DWORD cbPolicy,
1547                                                       URLZONEREG urlZoneReg)
1548 {
1549     FIXME("(%p)->(%08x %08x %p %08x %08x) stub\n", iface, dwZone, dwAction, pPolicy,
1550                                                        cbPolicy, urlZoneReg);
1551     return E_NOTIMPL;
1552 }
1553
1554 /********************************************************************
1555  *      IInternetZoneManager_PromptAction
1556  */
1557 static HRESULT WINAPI ZoneMgrImpl_PromptAction(IInternetZoneManagerEx2* iface,
1558                                                DWORD dwAction,
1559                                                HWND hwndParent,
1560                                                LPCWSTR pwszUrl,
1561                                                LPCWSTR pwszText,
1562                                                DWORD dwPromptFlags)
1563 {
1564     FIXME("%p %08x %p %s %s %08x\n", iface, dwAction, hwndParent,
1565           debugstr_w(pwszUrl), debugstr_w(pwszText), dwPromptFlags );
1566     return E_NOTIMPL;
1567 }
1568
1569 /********************************************************************
1570  *      IInternetZoneManager_LogAction
1571  */
1572 static HRESULT WINAPI ZoneMgrImpl_LogAction(IInternetZoneManagerEx2* iface,
1573                                             DWORD dwAction,
1574                                             LPCWSTR pwszUrl,
1575                                             LPCWSTR pwszText,
1576                                             DWORD dwLogFlags)
1577 {
1578     FIXME("(%p)->(%08x %s %s %08x) stub\n", iface, dwAction, debugstr_w(pwszUrl),
1579                                               debugstr_w(pwszText), dwLogFlags);
1580     return E_NOTIMPL;
1581 }
1582
1583 /********************************************************************
1584  *      IInternetZoneManager_CreateZoneEnumerator
1585  */
1586 static HRESULT WINAPI ZoneMgrImpl_CreateZoneEnumerator(IInternetZoneManagerEx2* iface,
1587                                                        DWORD* pdwEnum,
1588                                                        DWORD* pdwCount,
1589                                                        DWORD dwFlags)
1590 {
1591     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1592     LPDWORD * new_maps;
1593     LPDWORD data;
1594     DWORD i;
1595
1596     TRACE("(%p)->(%p, %p, 0x%08x)\n", This, pdwEnum, pdwCount, dwFlags);
1597     if (!pdwEnum || !pdwCount || (dwFlags != 0))
1598         return E_INVALIDARG;
1599
1600     data = build_zonemap_from_reg();
1601     TRACE("found %d zones\n", data ? data[0] : -1);
1602
1603     if (!data)
1604         return E_FAIL;
1605
1606     for (i = 0; i < This->zonemap_count; i++) {
1607         if (This->zonemaps && !This->zonemaps[i]) {
1608             This->zonemaps[i] = data;
1609             *pdwEnum = i;
1610             *pdwCount = data[0];
1611             return S_OK;
1612         }
1613     }
1614
1615     if (This->zonemaps) {
1616         /* try to double the nr. of pointers in the array */
1617         new_maps = heap_realloc_zero(This->zonemaps, This->zonemap_count * 2 * sizeof(LPDWORD));
1618         if (new_maps)
1619             This->zonemap_count *= 2;
1620     }
1621     else
1622     {
1623         This->zonemap_count = 2;
1624         new_maps = heap_alloc_zero(This->zonemap_count * sizeof(LPDWORD));
1625     }
1626
1627     if (!new_maps) {
1628         heap_free(data);
1629         return E_FAIL;
1630     }
1631     This->zonemaps = new_maps;
1632     This->zonemaps[i] = data;
1633     *pdwEnum = i;
1634     *pdwCount = data[0];
1635     return S_OK;
1636 }
1637
1638 /********************************************************************
1639  *      IInternetZoneManager_GetZoneAt
1640  */
1641 static HRESULT WINAPI ZoneMgrImpl_GetZoneAt(IInternetZoneManagerEx2* iface,
1642                                             DWORD dwEnum,
1643                                             DWORD dwIndex,
1644                                             DWORD* pdwZone)
1645 {
1646     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1647     LPDWORD data;
1648
1649     TRACE("(%p)->(0x%08x, %d, %p)\n", This, dwEnum, dwIndex, pdwZone);
1650
1651     /* make sure, that dwEnum and dwIndex are in the valid range */
1652     if (dwEnum < This->zonemap_count) {
1653         if ((data = This->zonemaps[dwEnum])) {
1654             if (dwIndex < data[0]) {
1655                 *pdwZone = data[dwIndex + 1];
1656                 return S_OK;
1657             }
1658         }
1659     }
1660     return E_INVALIDARG;
1661 }
1662
1663 /********************************************************************
1664  *      IInternetZoneManager_DestroyZoneEnumerator
1665  */
1666 static HRESULT WINAPI ZoneMgrImpl_DestroyZoneEnumerator(IInternetZoneManagerEx2* iface,
1667                                                         DWORD dwEnum)
1668 {
1669     ZoneMgrImpl* This = impl_from_IInternetZoneManagerEx2(iface);
1670     LPDWORD data;
1671
1672     TRACE("(%p)->(0x%08x)\n", This, dwEnum);
1673     /* make sure, that dwEnum is valid */
1674     if (dwEnum < This->zonemap_count) {
1675         if ((data = This->zonemaps[dwEnum])) {
1676             This->zonemaps[dwEnum] = NULL;
1677             heap_free(data);
1678             return S_OK;
1679         }
1680     }
1681     return E_INVALIDARG;
1682 }
1683
1684 /********************************************************************
1685  *      IInternetZoneManager_CopyTemplatePoliciesToZone
1686  */
1687 static HRESULT WINAPI ZoneMgrImpl_CopyTemplatePoliciesToZone(IInternetZoneManagerEx2* iface,
1688                                                              DWORD dwTemplate,
1689                                                              DWORD dwZone,
1690                                                              DWORD dwReserved)
1691 {
1692     FIXME("(%p)->(%08x %08x %08x) stub\n", iface, dwTemplate, dwZone, dwReserved);
1693     return E_NOTIMPL;
1694 }
1695
1696 /********************************************************************
1697  *      IInternetZoneManagerEx_GetZoneActionPolicyEx
1698  */
1699 static HRESULT WINAPI ZoneMgrImpl_GetZoneActionPolicyEx(IInternetZoneManagerEx2* iface,
1700                                                         DWORD dwZone,
1701                                                         DWORD dwAction,
1702                                                         BYTE* pPolicy,
1703                                                         DWORD cbPolicy,
1704                                                         URLZONEREG urlZoneReg,
1705                                                         DWORD dwFlags)
1706 {
1707     TRACE("(%p)->(%d, 0x%x, %p, %d, %d, 0x%x)\n", iface, dwZone,
1708             dwAction, pPolicy, cbPolicy, urlZoneReg, dwFlags);
1709
1710     if(!pPolicy)
1711         return E_INVALIDARG;
1712
1713     if (dwFlags)
1714         FIXME("dwFlags 0x%x ignored\n", dwFlags);
1715
1716     return get_action_policy(dwZone, dwAction, pPolicy, cbPolicy, urlZoneReg);
1717 }
1718
1719 /********************************************************************
1720  *      IInternetZoneManagerEx_SetZoneActionPolicyEx
1721  */
1722 static HRESULT WINAPI ZoneMgrImpl_SetZoneActionPolicyEx(IInternetZoneManagerEx2* iface,
1723                                                         DWORD dwZone,
1724                                                         DWORD dwAction,
1725                                                         BYTE* pPolicy,
1726                                                         DWORD cbPolicy,
1727                                                         URLZONEREG urlZoneReg,
1728                                                         DWORD dwFlags)
1729 {
1730     FIXME("(%p)->(%d, 0x%x, %p, %d, %d, 0x%x) stub\n", iface, dwZone, dwAction, pPolicy,
1731                                                        cbPolicy, urlZoneReg, dwFlags);
1732     return E_NOTIMPL;
1733 }
1734
1735 /********************************************************************
1736  *      IInternetZoneManagerEx2_GetZoneAttributesEx
1737  */
1738 static HRESULT WINAPI ZoneMgrImpl_GetZoneAttributesEx(IInternetZoneManagerEx2* iface,
1739                                                       DWORD dwZone,
1740                                                       ZONEATTRIBUTES* pZoneAttributes,
1741                                                       DWORD dwFlags)
1742 {
1743     TRACE("(%p)->(%d, %p, 0x%x)\n", iface, dwZone, pZoneAttributes, dwFlags);
1744
1745     if (dwFlags)
1746         FIXME("dwFlags 0x%x ignored\n", dwFlags);
1747
1748     return IInternetZoneManager_GetZoneAttributes(iface, dwZone, pZoneAttributes);
1749 }
1750
1751
1752 /********************************************************************
1753  *      IInternetZoneManagerEx2_GetZoneSecurityState
1754  */
1755 static HRESULT WINAPI ZoneMgrImpl_GetZoneSecurityState(IInternetZoneManagerEx2* iface,
1756                                                        DWORD dwZoneIndex,
1757                                                        BOOL fRespectPolicy,
1758                                                        LPDWORD pdwState,
1759                                                        BOOL *pfPolicyEncountered)
1760 {
1761     FIXME("(%p)->(%d, %d, %p, %p) stub\n", iface, dwZoneIndex, fRespectPolicy,
1762                                            pdwState, pfPolicyEncountered);
1763
1764     *pdwState = SECURITY_IE_STATE_GREEN;
1765
1766     if (pfPolicyEncountered)
1767         *pfPolicyEncountered = FALSE;
1768
1769     return S_OK;
1770 }
1771
1772 /********************************************************************
1773  *      IInternetZoneManagerEx2_GetIESecurityState
1774  */
1775 static HRESULT WINAPI ZoneMgrImpl_GetIESecurityState(IInternetZoneManagerEx2* iface,
1776                                                      BOOL fRespectPolicy,
1777                                                      LPDWORD pdwState,
1778                                                      BOOL *pfPolicyEncountered,
1779                                                      BOOL fNoCache)
1780 {
1781     FIXME("(%p)->(%d, %p, %p, %d) stub\n", iface, fRespectPolicy, pdwState,
1782                                            pfPolicyEncountered, fNoCache);
1783
1784     *pdwState = SECURITY_IE_STATE_GREEN;
1785
1786     if (pfPolicyEncountered)
1787         *pfPolicyEncountered = FALSE;
1788
1789     return S_OK;
1790 }
1791
1792 /********************************************************************
1793  *      IInternetZoneManagerEx2_FixInsecureSettings
1794  */
1795 static HRESULT WINAPI ZoneMgrImpl_FixInsecureSettings(IInternetZoneManagerEx2* iface)
1796 {
1797     FIXME("(%p) stub\n", iface);
1798     return S_OK;
1799 }
1800
1801 /********************************************************************
1802  *      IInternetZoneManager_Construct
1803  */
1804 static const IInternetZoneManagerEx2Vtbl ZoneMgrImplVtbl = {
1805     ZoneMgrImpl_QueryInterface,
1806     ZoneMgrImpl_AddRef,
1807     ZoneMgrImpl_Release,
1808     /* IInternetZoneManager */
1809     ZoneMgrImpl_GetZoneAttributes,
1810     ZoneMgrImpl_SetZoneAttributes,
1811     ZoneMgrImpl_GetZoneCustomPolicy,
1812     ZoneMgrImpl_SetZoneCustomPolicy,
1813     ZoneMgrImpl_GetZoneActionPolicy,
1814     ZoneMgrImpl_SetZoneActionPolicy,
1815     ZoneMgrImpl_PromptAction,
1816     ZoneMgrImpl_LogAction,
1817     ZoneMgrImpl_CreateZoneEnumerator,
1818     ZoneMgrImpl_GetZoneAt,
1819     ZoneMgrImpl_DestroyZoneEnumerator,
1820     ZoneMgrImpl_CopyTemplatePoliciesToZone,
1821     /* IInternetZoneManagerEx */
1822     ZoneMgrImpl_GetZoneActionPolicyEx,
1823     ZoneMgrImpl_SetZoneActionPolicyEx,
1824     /* IInternetZoneManagerEx2 */
1825     ZoneMgrImpl_GetZoneAttributesEx,
1826     ZoneMgrImpl_GetZoneSecurityState,
1827     ZoneMgrImpl_GetIESecurityState,
1828     ZoneMgrImpl_FixInsecureSettings,
1829 };
1830
1831 HRESULT ZoneMgrImpl_Construct(IUnknown *pUnkOuter, LPVOID *ppobj)
1832 {
1833     ZoneMgrImpl* ret = heap_alloc_zero(sizeof(ZoneMgrImpl));
1834
1835     TRACE("(%p %p)\n", pUnkOuter, ppobj);
1836     ret->IInternetZoneManagerEx2_iface.lpVtbl = &ZoneMgrImplVtbl;
1837     ret->ref = 1;
1838     *ppobj = (IInternetZoneManagerEx*)ret;
1839
1840     URLMON_LockModule();
1841
1842     return S_OK;
1843 }
1844
1845 /***********************************************************************
1846  *           CoInternetCreateSecurityManager (URLMON.@)
1847  *
1848  */
1849 HRESULT WINAPI CoInternetCreateSecurityManager( IServiceProvider *pSP,
1850     IInternetSecurityManager **ppSM, DWORD dwReserved )
1851 {
1852     TRACE("%p %p %d\n", pSP, ppSM, dwReserved );
1853
1854     if(pSP)
1855         FIXME("pSP not supported\n");
1856
1857     return SecManagerImpl_Construct(NULL, (void**) ppSM);
1858 }
1859
1860 /********************************************************************
1861  *      CoInternetCreateZoneManager (URLMON.@)
1862  */
1863 HRESULT WINAPI CoInternetCreateZoneManager(IServiceProvider* pSP, IInternetZoneManager** ppZM, DWORD dwReserved)
1864 {
1865     TRACE("(%p %p %x)\n", pSP, ppZM, dwReserved);
1866     return ZoneMgrImpl_Construct(NULL, (void**)ppZM);
1867 }
1868
1869 static HRESULT parse_security_url(const WCHAR *url, PSUACTION action, WCHAR **result) {
1870     IInternetProtocolInfo *protocol_info;
1871     WCHAR *tmp, *new_url = NULL, *alloc_url = NULL;
1872     DWORD size, new_size;
1873     HRESULT hres = S_OK, parse_hres;
1874
1875     while(1) {
1876         TRACE("parsing %s\n", debugstr_w(url));
1877
1878         protocol_info = get_protocol_info(url);
1879         if(!protocol_info)
1880             break;
1881
1882         size = strlenW(url)+1;
1883         new_url = CoTaskMemAlloc(size*sizeof(WCHAR));
1884         if(!new_url) {
1885             hres = E_OUTOFMEMORY;
1886             break;
1887         }
1888
1889         new_size = 0;
1890         parse_hres = IInternetProtocolInfo_ParseUrl(protocol_info, url, PARSE_SECURITY_URL, 0, new_url, size, &new_size, 0);
1891         if(parse_hres == S_FALSE) {
1892             if(!new_size) {
1893                 hres = E_UNEXPECTED;
1894                 break;
1895             }
1896
1897             tmp = CoTaskMemRealloc(new_url, new_size*sizeof(WCHAR));
1898             if(!tmp) {
1899                 hres = E_OUTOFMEMORY;
1900                 break;
1901             }
1902             new_url = tmp;
1903             parse_hres = IInternetProtocolInfo_ParseUrl(protocol_info, url, PARSE_SECURITY_URL, 0, new_url,
1904                     new_size, &new_size, 0);
1905             if(parse_hres == S_FALSE) {
1906                 hres = E_FAIL;
1907                 break;
1908             }
1909         }
1910
1911         if(parse_hres != S_OK || !strcmpW(url, new_url))
1912             break;
1913
1914         CoTaskMemFree(alloc_url);
1915         url = alloc_url = new_url;
1916         new_url = NULL;
1917     }
1918
1919     CoTaskMemFree(new_url);
1920
1921     if(hres != S_OK) {
1922         WARN("failed: %08x\n", hres);
1923         CoTaskMemFree(alloc_url);
1924         return hres;
1925     }
1926
1927     if(action == PSU_DEFAULT && (protocol_info = get_protocol_info(url))) {
1928         size = strlenW(url)+1;
1929         new_url = CoTaskMemAlloc(size * sizeof(WCHAR));
1930         if(new_url) {
1931             new_size = 0;
1932             parse_hres = IInternetProtocolInfo_ParseUrl(protocol_info, url, PARSE_SECURITY_DOMAIN, 0,
1933                     new_url, size, &new_size, 0);
1934             if(parse_hres == S_FALSE) {
1935                 if(new_size) {
1936                     tmp = CoTaskMemRealloc(new_url, new_size*sizeof(WCHAR));
1937                     if(tmp) {
1938                         new_url = tmp;
1939                         parse_hres = IInternetProtocolInfo_ParseUrl(protocol_info, url, PARSE_SECURITY_DOMAIN, 0, new_url,
1940                                 new_size, &new_size, 0);
1941                         if(parse_hres == S_FALSE)
1942                             hres = E_FAIL;
1943                     }else {
1944                         hres = E_OUTOFMEMORY;
1945                     }
1946                 }else {
1947                     hres = E_UNEXPECTED;
1948                 }
1949             }
1950
1951             if(hres == S_OK && parse_hres == S_OK) {
1952                 CoTaskMemFree(alloc_url);
1953                 url = alloc_url = new_url;
1954                 new_url = NULL;
1955             }
1956
1957             CoTaskMemFree(new_url);
1958         }else {
1959             hres = E_OUTOFMEMORY;
1960         }
1961         IInternetProtocolInfo_Release(protocol_info);
1962     }
1963
1964     if(FAILED(hres)) {
1965         WARN("failed %08x\n", hres);
1966         CoTaskMemFree(alloc_url);
1967         return hres;
1968     }
1969
1970     if(!alloc_url) {
1971         size = strlenW(url)+1;
1972         alloc_url = CoTaskMemAlloc(size * sizeof(WCHAR));
1973         if(!alloc_url)
1974             return E_OUTOFMEMORY;
1975         memcpy(alloc_url, url, size * sizeof(WCHAR));
1976     }
1977
1978     *result = alloc_url;
1979     return S_OK;
1980 }
1981
1982 /********************************************************************
1983  *      CoInternetGetSecurityUrl (URLMON.@)
1984  */
1985 HRESULT WINAPI CoInternetGetSecurityUrl(LPCWSTR pwzUrl, LPWSTR *ppwzSecUrl, PSUACTION psuAction, DWORD dwReserved)
1986 {
1987     WCHAR *secure_url;
1988     HRESULT hres;
1989
1990     TRACE("(%p,%p,%u,%u)\n", pwzUrl, ppwzSecUrl, psuAction, dwReserved);
1991
1992     hres = parse_security_url(pwzUrl, psuAction, &secure_url);
1993     if(FAILED(hres))
1994         return hres;
1995
1996     if(psuAction != PSU_SECURITY_URL_ONLY) {
1997         PARSEDURLW parsed_url = { sizeof(parsed_url) };
1998         DWORD size;
1999
2000         /* FIXME: Use helpers from uri.c */
2001         if(SUCCEEDED(ParseURLW(secure_url, &parsed_url))) {
2002             WCHAR *new_url;
2003
2004             switch(parsed_url.nScheme) {
2005             case URL_SCHEME_FTP:
2006             case URL_SCHEME_HTTP:
2007             case URL_SCHEME_HTTPS:
2008                 size = strlenW(secure_url)+1;
2009                 new_url = CoTaskMemAlloc(size * sizeof(WCHAR));
2010                 if(new_url)
2011                     hres = UrlGetPartW(secure_url, new_url, &size, URL_PART_HOSTNAME, URL_PARTFLAG_KEEPSCHEME);
2012                 else
2013                     hres = E_OUTOFMEMORY;
2014                 CoTaskMemFree(secure_url);
2015                 if(hres != S_OK) {
2016                     WARN("UrlGetPart failed: %08x\n", hres);
2017                     CoTaskMemFree(new_url);
2018                     return FAILED(hres) ? hres : E_FAIL;
2019                 }
2020                 secure_url = new_url;
2021             }
2022         }
2023     }
2024
2025     *ppwzSecUrl = secure_url;
2026     return S_OK;
2027 }
2028
2029 /********************************************************************
2030  *      CoInternetGetSecurityUrlEx (URLMON.@)
2031  */
2032 HRESULT WINAPI CoInternetGetSecurityUrlEx(IUri *pUri, IUri **ppSecUri, PSUACTION psuAction, DWORD_PTR dwReserved)
2033 {
2034     URL_SCHEME scheme_type;
2035     BSTR secure_uri;
2036     WCHAR *ret_url;
2037     HRESULT hres;
2038
2039     TRACE("(%p,%p,%u,%u)\n", pUri, ppSecUri, psuAction, (DWORD)dwReserved);
2040
2041     if(!pUri || !ppSecUri)
2042         return E_INVALIDARG;
2043
2044     hres = IUri_GetDisplayUri(pUri, &secure_uri);
2045     if(FAILED(hres))
2046         return hres;
2047
2048     hres = parse_security_url(secure_uri, psuAction, &ret_url);
2049     SysFreeString(secure_uri);
2050     if(FAILED(hres))
2051         return hres;
2052
2053     /* File URIs have to hierarchical. */
2054     hres = IUri_GetScheme(pUri, (DWORD*)&scheme_type);
2055     if(SUCCEEDED(hres) && scheme_type == URL_SCHEME_FILE) {
2056         const WCHAR *tmp = ret_url;
2057
2058         /* Check and see if a "//" is after the scheme name. */
2059         tmp += sizeof(fileW)/sizeof(WCHAR);
2060         if(*tmp != '/' || *(tmp+1) != '/')
2061             hres = E_INVALIDARG;
2062     }
2063
2064     if(SUCCEEDED(hres))
2065         hres = CreateUri(ret_url, Uri_CREATE_ALLOW_IMPLICIT_WILDCARD_SCHEME, 0, ppSecUri);
2066     CoTaskMemFree(ret_url);
2067     return hres;
2068 }
2069
2070 /********************************************************************
2071  *      CompareSecurityIds (URLMON.@)
2072  */
2073 HRESULT WINAPI CompareSecurityIds(BYTE *secid1, DWORD size1, BYTE *secid2, DWORD size2, DWORD reserved)
2074 {
2075     FIXME("(%p %d %p %d %x)\n", secid1, size1, secid2, size2, reserved);
2076     return E_NOTIMPL;
2077 }