15976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org/* 25976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * libjingle 35976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * Copyright 2004--2005, Google Inc. 45976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 55976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * Redistribution and use in source and binary forms, with or without 65976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * modification, are permitted provided that the following conditions are met: 75976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 85976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 1. Redistributions of source code must retain the above copyright notice, 95976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * this list of conditions and the following disclaimer. 105976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 2. Redistributions in binary form must reproduce the above copyright notice, 115976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * this list of conditions and the following disclaimer in the documentation 125976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * and/or other materials provided with the distribution. 135976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 3. The name of the author may not be used to endorse or promote products 145976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * derived from this software without specific prior written permission. 155976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * 165976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 175976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 185976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 195976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 205976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 215976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 225976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 235976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 245976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 255976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 265976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org */ 275976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 285976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org#include "talk/base/winfirewall.h" 295976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 305976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org#include "talk/base/win32.h" 315976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 325976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org#include <comdef.h> 335976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org#include <netfw.h> 345976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 355976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org#define RELEASE(lpUnk) do { \ 365976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if ((lpUnk) != NULL) { \ 375976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org (lpUnk)->Release(); \ 385976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org (lpUnk) = NULL; \ 395976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } \ 405976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} while (0) 415976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 425976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgnamespace talk_base { 435976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 445976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org////////////////////////////////////////////////////////////////////// 455976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org// WinFirewall 465976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org////////////////////////////////////////////////////////////////////// 475976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 485976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgWinFirewall::WinFirewall() : mgr_(NULL), policy_(NULL), profile_(NULL) { 495976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 505976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 515976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgWinFirewall::~WinFirewall() { 525976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org Shutdown(); 535976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 545976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 555976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::Initialize(HRESULT* result) { 565976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (mgr_) { 575976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (result) { 585976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org *result = S_OK; 595976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 605976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return true; 615976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 625976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 635976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org HRESULT hr = CoCreateInstance(__uuidof(NetFwMgr), 645976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 0, CLSCTX_INPROC_SERVER, 655976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org __uuidof(INetFwMgr), 665976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org reinterpret_cast<void **>(&mgr_)); 675976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (mgr_ != NULL)) 685976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = mgr_->get_LocalPolicy(&policy_); 695976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (policy_ != NULL)) 705976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = policy_->get_CurrentProfile(&profile_); 715976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 725976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (result) 735976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org *result = hr; 745976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return SUCCEEDED(hr) && (profile_ != NULL); 755976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 765976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 775976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgvoid WinFirewall::Shutdown() { 785976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org RELEASE(profile_); 795976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org RELEASE(policy_); 805976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org RELEASE(mgr_); 815976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 825976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 835976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::Enabled() const { 845976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (!profile_) 855976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return false; 865976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 875976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org VARIANT_BOOL fwEnabled = VARIANT_FALSE; 885976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org profile_->get_FirewallEnabled(&fwEnabled); 895976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return (fwEnabled != VARIANT_FALSE); 905976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 915976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 925976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::QueryAuthorized(const char* filename, bool* authorized) 935976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org const { 945976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return QueryAuthorizedW(ToUtf16(filename).c_str(), authorized); 955976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 965976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 975976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::QueryAuthorizedW(const wchar_t* filename, bool* authorized) 985976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org const { 995976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org *authorized = false; 1005976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org bool success = false; 1015976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1025976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (!profile_) 1035976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return false; 1045976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1055976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org _bstr_t bfilename = filename; 1065976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1075976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org INetFwAuthorizedApplications* apps = NULL; 1085976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org HRESULT hr = profile_->get_AuthorizedApplications(&apps); 1095976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (apps != NULL)) { 1105976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org INetFwAuthorizedApplication* app = NULL; 1115976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = apps->Item(bfilename, &app); 1125976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (app != NULL)) { 1135976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org VARIANT_BOOL fwEnabled = VARIANT_FALSE; 1145976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = app->get_Enabled(&fwEnabled); 1155976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org app->Release(); 1165976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1175976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr)) { 1185976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org success = true; 1195976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org *authorized = (fwEnabled != VARIANT_FALSE); 1205976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 1215976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } else if (hr == HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND)) { 1225976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org // No entry in list of authorized apps 1235976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org success = true; 1245976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } else { 1255976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org // Unexpected error 1265976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 1275976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org apps->Release(); 1285976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 1295976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1305976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return success; 1315976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 1325976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1335976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::AddApplication(const char* filename, 1345976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org const char* friendly_name, 1355976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org bool authorized, 1365976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org HRESULT* result) { 1375976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return AddApplicationW(ToUtf16(filename).c_str(), 1385976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org ToUtf16(friendly_name).c_str(), authorized, result); 1395976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 1405976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1415976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.orgbool WinFirewall::AddApplicationW(const wchar_t* filename, 1425976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org const wchar_t* friendly_name, 1435976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org bool authorized, 1445976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org HRESULT* result) { 1455976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org INetFwAuthorizedApplications* apps = NULL; 1465976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org HRESULT hr = profile_->get_AuthorizedApplications(&apps); 1475976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (apps != NULL)) { 1485976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org INetFwAuthorizedApplication* app = NULL; 1495976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = CoCreateInstance(__uuidof(NetFwAuthorizedApplication), 1505976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 0, CLSCTX_INPROC_SERVER, 1515976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org __uuidof(INetFwAuthorizedApplication), 1525976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org reinterpret_cast<void **>(&app)); 1535976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr) && (app != NULL)) { 1545976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org _bstr_t bstr = filename; 1555976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = app->put_ProcessImageFileName(bstr); 1565976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org bstr = friendly_name; 1575976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr)) 1585976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = app->put_Name(bstr); 1595976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr)) 1605976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = app->put_Enabled(authorized ? VARIANT_TRUE : VARIANT_FALSE); 1615976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (SUCCEEDED(hr)) 1625976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org hr = apps->Add(app); 1635976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org app->Release(); 1645976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 1655976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org apps->Release(); 1665976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org } 1675976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org if (result) 1685976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org *result = hr; 1695976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org return SUCCEEDED(hr); 1705976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} 1715976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org 1725976650443d68ccfadf1dea24999ee459dd2819mflodman@webrtc.org} // namespace talk_base 173