2 * Copyright 2005-2006 Jacek Caban for CodeWeavers
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 #define NONAMELESSUNION
23 #include <wine/test.h>
34 static const WCHAR url1
[] = {'r','e','s',':','/','/','m','s','h','t','m','l','.','d','l','l',
35 '/','b','l','a','n','k','.','h','t','m',0};
36 static const WCHAR url2
[] = {'i','n','d','e','x','.','h','t','m',0};
37 static const WCHAR url3
[] = {'f','i','l','e',':','/','/','c',':','\\','I','n','d','e','x','.','h','t','m',0};
38 static const WCHAR url4
[] = {'f','i','l','e',':','s','o','m','e','%','2','0','f','i','l','e',
39 '%','2','e','j','p','g',0};
40 static const WCHAR url5
[] = {'h','t','t','p',':','/','/','w','w','w','.','w','i','n','e','h','q',
42 static const WCHAR url6
[] = {'a','b','o','u','t',':','b','l','a','n','k',0};
43 static const WCHAR url7
[] = {'f','t','p',':','/','/','w','i','n','e','h','q','.','o','r','g','/',
44 'f','i','l','e','.','t','e','s','t',0};
45 static const WCHAR url8
[] = {'t','e','s','t',':','1','2','3','a','b','c',0};
46 static const WCHAR url9
[] =
47 {'h','t','t','p',':','/','/','w','w','w','.','w','i','n','e','h','q','.','o','r','g',
48 '/','s','i','t','e','/','a','b','o','u','t',0};
49 static const WCHAR url10
[] = {'f','i','l','e',':','/','/','s','o','m','e','%','2','0','f','i','l','e',
52 static const WCHAR url4e
[] = {'f','i','l','e',':','s','o','m','e',' ','f','i','l','e',
56 static const BYTE secid1
[] = {'f','i','l','e',':',0,0,0,0};
57 static const BYTE secid5
[] = {'h','t','t','p',':','w','w','w','.','w','i','n','e','h','q',
58 '.','o','r','g',3,0,0,0};
59 static const BYTE secid6
[] = {'a','b','o','u','t',':','b','l','a','n','k',3,0,0,0};
60 static const BYTE secid7
[] = {'f','t','p',':','w','i','n','e','h','q','.','o','r','g',
62 static const BYTE secid10
[] =
63 {'f','i','l','e',':','s','o','m','e','%','2','0','f','i','l','e','.','j','p','g',3,0,0,0};
64 static const BYTE secid10_2
[] =
65 {'f','i','l','e',':','s','o','m','e',' ','f','i','l','e','.','j','p','g',3,0,0,0};
67 static struct secmgr_test
{
75 {url1
, 0, S_OK
, sizeof(secid1
), secid1
, S_OK
},
76 {url2
, 100, 0x80041001, 0, NULL
, E_INVALIDARG
},
77 {url3
, 0, S_OK
, sizeof(secid1
), secid1
, S_OK
},
78 {url5
, 3, S_OK
, sizeof(secid5
), secid5
, S_OK
},
79 {url6
, 3, S_OK
, sizeof(secid6
), secid6
, S_OK
},
80 {url7
, 3, S_OK
, sizeof(secid7
), secid7
, S_OK
}
83 static void test_SecurityManager(void)
86 IInternetSecurityManager
*secmgr
= NULL
;
88 DWORD zone
, size
, policy
;
91 hres
= CoInternetCreateSecurityManager(NULL
, &secmgr
, 0);
92 ok(hres
== S_OK
, "CoInternetCreateSecurityManager failed: %08x\n", hres
);
96 for(i
=0; i
< sizeof(secmgr_tests
)/sizeof(secmgr_tests
[0]); i
++) {
98 hres
= IInternetSecurityManager_MapUrlToZone(secmgr
, secmgr_tests
[i
].url
,
100 ok(hres
== secmgr_tests
[i
].zone_hres
/* IE <=6 */
101 || (FAILED(secmgr_tests
[i
].zone_hres
) && hres
== E_INVALIDARG
), /* IE7 */
102 "[%d] MapUrlToZone failed: %08x, expected %08x\n",
103 i
, hres
, secmgr_tests
[i
].zone_hres
);
105 ok(zone
== secmgr_tests
[i
].zone
, "[%d] zone=%d, expected %d\n", i
, zone
,
106 secmgr_tests
[i
].zone
);
108 ok(zone
== secmgr_tests
[i
].zone
|| zone
== -1, "[%d] zone=%d\n", i
, zone
);
111 memset(buf
, 0xf0, sizeof(buf
));
112 hres
= IInternetSecurityManager_GetSecurityId(secmgr
, secmgr_tests
[i
].url
,
114 ok(hres
== secmgr_tests
[i
].secid_hres
,
115 "[%d] GetSecurityId failed: %08x, expected %08x\n",
116 i
, hres
, secmgr_tests
[i
].secid_hres
);
117 if(secmgr_tests
[i
].secid
) {
118 ok(size
== secmgr_tests
[i
].secid_size
, "[%d] size=%d, expected %d\n",
119 i
, size
, secmgr_tests
[i
].secid_size
);
120 ok(!memcmp(buf
, secmgr_tests
[i
].secid
, size
), "[%d] wrong secid\n", i
);
125 hres
= IInternetSecurityManager_MapUrlToZone(secmgr
, url10
, &zone
, 0);
126 ok(hres
== S_OK
, "MapUrlToZone failed: %08x, expected S_OK\n", hres
);
127 ok(zone
== 3, "zone=%d, expected 3\n", zone
);
129 /* win2k3 translates %20 into a space */
131 memset(buf
, 0xf0, sizeof(buf
));
132 hres
= IInternetSecurityManager_GetSecurityId(secmgr
, url10
, buf
, &size
, 0);
133 ok(hres
== S_OK
, "GetSecurityId failed: %08x, expected S_OK\n", hres
);
134 ok(size
== sizeof(secid10
) ||
135 size
== sizeof(secid10_2
), /* win2k3 */
137 ok(!memcmp(buf
, secid10
, size
) ||
138 !memcmp(buf
, secid10_2
, size
), /* win2k3 */
142 hres
= IInternetSecurityManager_MapUrlToZone(secmgr
, NULL
, &zone
, 0);
143 ok(hres
== E_INVALIDARG
, "MapUrlToZone failed: %08x, expected E_INVALIDARG\n", hres
);
144 ok(zone
== 100 || zone
== -1, "zone=%d\n", zone
);
147 hres
= IInternetSecurityManager_GetSecurityId(secmgr
, NULL
, buf
, &size
, 0);
148 ok(hres
== E_INVALIDARG
,
149 "GetSecurityId failed: %08x, expected E_INVALIDARG\n", hres
);
150 hres
= IInternetSecurityManager_GetSecurityId(secmgr
, secmgr_tests
[1].url
,
152 ok(hres
== E_INVALIDARG
,
153 "GetSecurityId failed: %08x, expected E_INVALIDARG\n", hres
);
154 hres
= IInternetSecurityManager_GetSecurityId(secmgr
, secmgr_tests
[1].url
,
156 ok(hres
== E_INVALIDARG
,
157 "GetSecurityId failed: %08x, expected E_INVALIDARG\n", hres
);
159 hres
= IInternetSecurityManager_ProcessUrlAction(secmgr
, NULL
, URLACTION_SCRIPT_RUN
, (BYTE
*)&policy
,
160 sizeof(WCHAR
), NULL
, 0, 0, 0);
161 ok(hres
== E_INVALIDARG
, "ProcessUrlAction failed: %08x, expected E_INVALIDARG\n", hres
);
163 IInternetSecurityManager_Release(secmgr
);
166 /* Check if Internet Explorer is configured to run in "Enhanced Security Configuration" (aka hardened mode) */
167 /* Note: this code is duplicated in dlls/mshtml/tests/dom.c, dlls/mshtml/tests/script.c and dlls/urlmon/tests/sec_mgr.c */
168 static BOOL
is_ie_hardened(void)
171 DWORD ie_harden
, type
, size
;
174 if(RegOpenKeyExA(HKEY_CURRENT_USER
, "Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap",
175 0, KEY_QUERY_VALUE
, &zone_map
) == ERROR_SUCCESS
) {
176 size
= sizeof(DWORD
);
177 if (RegQueryValueExA(zone_map
, "IEHarden", NULL
, &type
, (LPBYTE
) &ie_harden
, &size
) != ERROR_SUCCESS
||
181 RegCloseKey(zone_map
);
184 return ie_harden
!= 0;
187 static void test_url_action(IInternetSecurityManager
*secmgr
, IInternetZoneManager
*zonemgr
, DWORD action
)
189 DWORD res
, size
, policy
, reg_policy
;
194 /* FIXME: HKEY_CURRENT_USER is most of the time the default but this can be changed on a system.
195 * The test should be changed to cope with that, if need be.
197 res
= RegOpenKeyA(HKEY_CURRENT_USER
,
198 "Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3", &hkey
);
199 if(res
!= ERROR_SUCCESS
) {
200 ok(0, "Could not open zone key\n");
204 wsprintf(buf
, "%X", action
);
205 size
= sizeof(DWORD
);
206 res
= RegQueryValueExA(hkey
, buf
, NULL
, NULL
, (BYTE
*)®_policy
, &size
);
208 if(res
!= ERROR_SUCCESS
|| size
!= sizeof(DWORD
)) {
210 hres
= IInternetSecurityManager_ProcessUrlAction(secmgr
, url9
, action
, (BYTE
*)&policy
,
211 sizeof(WCHAR
), NULL
, 0, 0, 0);
212 ok(hres
== E_FAIL
, "ProcessUrlAction(%x) failed: %08x, expected E_FAIL\n", action
, hres
);
213 ok(policy
== 0xdeadbeef, "(%x) policy=%x\n", action
, policy
);
216 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, (BYTE
*)&policy
,
217 sizeof(DWORD
), URLZONEREG_DEFAULT
);
218 ok(hres
== E_FAIL
, "GetZoneActionPolicy failed: %08x, expected E_FAIL\n", hres
);
219 ok(policy
== 0xdeadbeef, "(%x) policy=%x\n", action
, policy
);
224 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, (BYTE
*)&policy
,
225 sizeof(DWORD
), URLZONEREG_DEFAULT
);
226 ok(hres
== S_OK
, "GetZoneActionPolicy failed: %08x\n", hres
);
227 ok(policy
== reg_policy
, "(%x) policy=%x, expected %x\n", action
, policy
, reg_policy
);
229 if(policy
!= URLPOLICY_QUERY
) {
230 if(winetest_interactive
|| ! is_ie_hardened()) {
232 hres
= IInternetSecurityManager_ProcessUrlAction(secmgr
, url9
, action
, (BYTE
*)&policy
,
233 sizeof(WCHAR
), NULL
, 0, 0, 0);
234 if(reg_policy
== URLPOLICY_DISALLOW
)
235 ok(hres
== S_FALSE
, "ProcessUrlAction(%x) failed: %08x, expected S_FALSE\n", action
, hres
);
237 ok(hres
== S_OK
, "ProcessUrlAction(%x) failed: %08x\n", action
, hres
);
238 ok(policy
== 0xdeadbeef, "(%x) policy=%x\n", action
, policy
);
240 skip("IE running in Enhanced Security Configuration\n");
245 static void test_special_url_action(IInternetSecurityManager
*secmgr
, IInternetZoneManager
*zonemgr
, DWORD action
)
251 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, (BYTE
*)&policy
,
252 sizeof(DWORD
), URLZONEREG_DEFAULT
);
253 ok(hres
== S_OK
, "GetZoneActionPolicy failed: %08x\n", hres
);
254 ok(policy
== URLPOLICY_DISALLOW
, "(%x) policy=%x, expected URLPOLICY_DISALLOW\n", action
, policy
);
257 hres
= IInternetSecurityManager_ProcessUrlAction(secmgr
, url1
, action
, (BYTE
*)&policy
,
258 sizeof(WCHAR
), NULL
, 0, 0, 0);
259 ok(hres
== S_FALSE
, "ProcessUrlAction(%x) failed: %08x, expected S_FALSE\n", action
, hres
);
262 static void test_polices(void)
264 IInternetZoneManager
*zonemgr
= NULL
;
265 IInternetSecurityManager
*secmgr
= NULL
;
268 hres
= CoInternetCreateSecurityManager(NULL
, &secmgr
, 0);
269 ok(hres
== S_OK
, "CoInternetCreateSecurityManager failed: %08x\n", hres
);
270 hres
= CoInternetCreateZoneManager(NULL
, &zonemgr
, 0);
271 ok(hres
== S_OK
, "CoInternetCreateZoneManager failed: %08x\n", hres
);
273 test_url_action(secmgr
, zonemgr
, URLACTION_SCRIPT_RUN
);
274 test_url_action(secmgr
, zonemgr
, URLACTION_ACTIVEX_OVERRIDE_OBJECT_SAFETY
);
275 test_url_action(secmgr
, zonemgr
, URLACTION_CHANNEL_SOFTDIST_PERMISSIONS
);
276 test_url_action(secmgr
, zonemgr
, 0xdeadbeef);
278 test_special_url_action(secmgr
, zonemgr
, URLACTION_SCRIPT_OVERRIDE_SAFETY
);
280 IInternetSecurityManager_Release(secmgr
);
281 IInternetZoneManager_Release(zonemgr
);
284 static void test_ZoneManager(void)
286 IInternetZoneManager
*zonemgr
= NULL
;
289 DWORD action
= URLACTION_CREDENTIALS_USE
; /* Implemented on all IE versions */
291 hres
= CoInternetCreateZoneManager(NULL
, &zonemgr
, 0);
292 ok(hres
== S_OK
, "CoInternetCreateZoneManager failed: %08x\n", hres
);
296 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, buf
,
297 sizeof(DWORD
), URLZONEREG_DEFAULT
);
298 ok(hres
== S_OK
, "GetZoneActionPolicy failed: %08x\n", hres
);
299 ok(*(DWORD
*)buf
== URLPOLICY_CREDENTIALS_SILENT_LOGON_OK
||
300 *(DWORD
*)buf
== URLPOLICY_CREDENTIALS_MUST_PROMPT_USER
||
301 *(DWORD
*)buf
== URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT
||
302 *(DWORD
*)buf
== URLPOLICY_CREDENTIALS_ANONYMOUS_ONLY
,
303 "unexpected policy=%d\n", *(DWORD
*)buf
);
305 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, NULL
,
306 sizeof(DWORD
), URLZONEREG_DEFAULT
);
307 ok(hres
== E_INVALIDARG
, "GetZoneActionPolicy failed: %08x, expected E_INVALIDARG\n", hres
);
309 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, action
, buf
,
310 2, URLZONEREG_DEFAULT
);
311 ok(hres
== E_INVALIDARG
, "GetZoneActionPolicy failed: %08x, expected E_INVALIDARG\n", hres
);
313 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 3, 0x1fff, buf
,
314 sizeof(DWORD
), URLZONEREG_DEFAULT
);
315 ok(hres
== E_FAIL
, "GetZoneActionPolicy failed: %08x, expected E_FAIL\n", hres
);
317 hres
= IInternetZoneManager_GetZoneActionPolicy(zonemgr
, 13, action
, buf
,
318 sizeof(DWORD
), URLZONEREG_DEFAULT
);
319 ok(hres
== E_INVALIDARG
, "GetZoneActionPolicy failed: %08x, expected E_INVALIDARG\n", hres
);
321 IInternetZoneManager_Release(zonemgr
);
330 test_SecurityManager();