10529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// Copyright 2014 The Chromium Authors. All rights reserved. 20529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// Use of this source code is governed by a BSD-style license that can be 30529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// found in the LICENSE file. 40529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 50529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#ifndef CHROME_INSTALLER_UTIL_LEGACY_FIREWALL_MANAGER_WIN_H_ 60529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#define CHROME_INSTALLER_UTIL_LEGACY_FIREWALL_MANAGER_WIN_H_ 70529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 80529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#include <windows.h> 90529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#include <netfw.h> 100529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 110529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#include "base/files/file_path.h" 120529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#include "base/strings/string16.h" 130529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#include "base/win/scoped_comptr.h" 140529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 150529e5d033099cbfc42635f6f6183833b09dff6eBen Murdochnamespace installer { 160529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 170529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// Manages firewall rules using Windows Firewall API. The API is 180529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// available on Windows XP with SP2 and later. Applications should use 190529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// |AdvancedFirewallManager| instead of this class on Windows Vista and later. 200529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch// Most methods need elevation. 210529e5d033099cbfc42635f6f6183833b09dff6eBen Murdochclass LegacyFirewallManager { 220529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch public: 230529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch LegacyFirewallManager(); 240529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch ~LegacyFirewallManager(); 250529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 260529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Initializes object to manage application win name |app_name| and path 270529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // |app_path|. 280529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch bool Init(const base::string16& app_name, const base::FilePath& app_path); 290529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 300529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Returns true if firewall is enabled. 310529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch bool IsFirewallEnabled(); 320529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 330529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Returns true if function can read rule for the current app. Sets |value| 340529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // true, if rule allows incoming connections, or false otherwise. 350529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch bool GetAllowIncomingConnection(bool* value); 360529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 370529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Allows or blocks all incoming connection for current app. Needs elevation. 380529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch bool SetAllowIncomingConnection(bool allow); 390529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 400529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Deletes rule for current app. Needs elevation. 410529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch void DeleteRule(); 420529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 430529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch private: 440529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Returns the authorized applications collection for the local firewall 450529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // policy's current profile or an empty pointer in case of error. 460529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch base::win::ScopedComPtr<INetFwAuthorizedApplications> 470529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch GetAuthorizedApplications(); 480529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 490529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // Creates rule for the current application. If |allow| is true, incoming 500529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch // connections are allowed, blocked otherwise. 510529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch base::win::ScopedComPtr<INetFwAuthorizedApplication> 520529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch CreateChromeAuthorization(bool allow); 530529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 540529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch base::string16 app_name_; 550529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch base::FilePath app_path_; 560529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch base::win::ScopedComPtr<INetFwProfile> current_profile_; 570529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 580529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch DISALLOW_COPY_AND_ASSIGN(LegacyFirewallManager); 590529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch}; 600529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 610529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch} // namespace installer 620529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch 630529e5d033099cbfc42635f6f6183833b09dff6eBen Murdoch#endif // CHROME_INSTALLER_UTIL_LEGACY_FIREWALL_MANAGER_WIN_H_ 64