4 * Copyright 2003 Mike McCormack for CodeWeavers Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
31 #include "wine/debug.h"
33 #define NO_SHLWAPI_STREAM
35 #include "cryptuiapi.h"
39 #include "wine/unicode.h"
43 #define MAX_STRING_LEN 1024
45 WINE_DEFAULT_DEBUG_CHANNEL(wininet
);
47 struct WININET_ErrorDlgParams
56 /***********************************************************************
57 * WININET_GetAuthRealm
59 * Determine the name of the (basic) Authentication realm
61 static BOOL
WININET_GetAuthRealm( HINTERNET hRequest
, LPWSTR szBuf
, DWORD sz
, BOOL proxy
)
65 static const WCHAR szRealm
[] = { 'r','e','a','l','m','=',0 };
68 query
= HTTP_QUERY_PROXY_AUTHENTICATE
;
70 query
= HTTP_QUERY_WWW_AUTHENTICATE
;
72 /* extract the Realm from the response and show it */
74 if( !HttpQueryInfoW( hRequest
, query
, szBuf
, &sz
, &index
) )
78 * FIXME: maybe we should check that we're
79 * dealing with 'Basic' Authentication
81 p
= strchrW( szBuf
, ' ' );
82 if( !p
|| strncmpW( p
+1, szRealm
, strlenW(szRealm
) ) )
84 ERR("response wrong? (%s)\n", debugstr_w(szBuf
));
93 q
= strrchrW( p
, '"' );
102 /* These two are not defined in the public headers */
103 extern DWORD WINAPI
WNetCachePassword(LPSTR
,WORD
,LPSTR
,WORD
,BYTE
,WORD
);
104 extern DWORD WINAPI
WNetGetCachedPassword(LPSTR
,WORD
,LPSTR
,LPWORD
,BYTE
);
106 /***********************************************************************
107 * WININET_GetSetPassword
109 static BOOL
WININET_GetSetPassword( HWND hdlg
, LPCWSTR szServer
,
110 LPCWSTR szRealm
, BOOL bSet
)
112 WCHAR szResource
[0x80], szUserPass
[0x40];
114 HWND hUserItem
, hPassItem
;
115 DWORD r
, dwMagic
= 19;
118 static const WCHAR szColon
[] = { ':',0 };
119 static const WCHAR szbs
[] = { '/', 0 };
121 hUserItem
= GetDlgItem( hdlg
, IDC_USERNAME
);
122 hPassItem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
124 /* now try fetch the username and password */
125 lstrcpyW( szResource
, szServer
);
126 lstrcatW( szResource
, szbs
);
127 lstrcatW( szResource
, szRealm
);
130 * WNetCachePassword is only concerned with the length
131 * of the data stored (which we tell it) and it does
132 * not use strlen() internally so we can add WCHAR data
133 * instead of ASCII data and get it back the same way.
138 GetWindowTextW( hUserItem
, szUserPass
, ARRAY_SIZE( szUserPass
) - 1 );
139 lstrcatW(szUserPass
, szColon
);
140 u_len
= strlenW( szUserPass
);
141 GetWindowTextW( hPassItem
, szUserPass
+u_len
, ARRAY_SIZE( szUserPass
) - u_len
);
143 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
144 u_len
= (strlenW( szUserPass
) + 1)*sizeof(WCHAR
);
145 r
= WNetCachePassword( (CHAR
*)szResource
, r_len
,
146 (CHAR
*)szUserPass
, u_len
, dwMagic
, 0 );
148 return ( r
== WN_SUCCESS
);
151 sz
= sizeof szUserPass
;
152 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
153 r
= WNetGetCachedPassword( (CHAR
*)szResource
, r_len
,
154 (CHAR
*)szUserPass
, &sz
, dwMagic
);
155 if( r
!= WN_SUCCESS
)
158 p
= strchrW( szUserPass
, ':' );
162 SetWindowTextW( hUserItem
, szUserPass
);
163 SetWindowTextW( hPassItem
, p
+1 );
169 /***********************************************************************
170 * WININET_SetAuthorization
172 static BOOL
WININET_SetAuthorization( http_request_t
*request
, LPWSTR username
,
173 LPWSTR password
, BOOL proxy
)
175 http_session_t
*session
= request
->session
;
178 p
= heap_strdupW(username
);
182 q
= heap_strdupW(password
);
191 appinfo_t
*hIC
= session
->appInfo
;
193 heap_free(hIC
->proxyUsername
);
194 hIC
->proxyUsername
= p
;
196 heap_free(hIC
->proxyPassword
);
197 hIC
->proxyPassword
= q
;
201 heap_free(session
->userName
);
202 session
->userName
= p
;
204 heap_free(session
->password
);
205 session
->password
= q
;
211 /***********************************************************************
212 * WININET_ProxyPasswordDialog
214 static INT_PTR WINAPI
WININET_ProxyPasswordDialog(
215 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
218 struct WININET_ErrorDlgParams
*params
;
219 WCHAR szRealm
[0x80], szServer
[0x80];
221 if( uMsg
== WM_INITDIALOG
)
223 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
225 /* save the parameter list */
226 params
= (struct WININET_ErrorDlgParams
*) lParam
;
227 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
229 /* extract the Realm from the proxy response and show it */
230 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
231 szRealm
, ARRAY_SIZE( szRealm
), TRUE
) )
233 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
234 SetWindowTextW( hitem
, szRealm
);
237 hitem
= GetDlgItem( hdlg
, IDC_PROXY
);
238 SetWindowTextW( hitem
, params
->req
->session
->appInfo
->proxy
);
240 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
245 params
= (struct WININET_ErrorDlgParams
*)
246 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
253 WCHAR username
[0x20], password
[0x20];
256 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
258 GetWindowTextW( hitem
, username
, ARRAY_SIZE( username
));
261 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
263 GetWindowTextW( hitem
, password
, ARRAY_SIZE( password
));
265 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
267 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
268 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
269 szRealm
, ARRAY_SIZE( szRealm
), TRUE
) )
270 WININET_GetSetPassword( hdlg
, params
->req
->session
->appInfo
->proxy
, szRealm
, TRUE
);
271 WININET_SetAuthorization( params
->req
, username
, password
, TRUE
);
273 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
276 if( wParam
== IDCANCEL
)
278 EndDialog( hdlg
, 0 );
286 /***********************************************************************
287 * WININET_PasswordDialog
289 static INT_PTR WINAPI
WININET_PasswordDialog(
290 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
293 struct WININET_ErrorDlgParams
*params
;
294 WCHAR szRealm
[0x80], szServer
[0x80];
296 if( uMsg
== WM_INITDIALOG
)
298 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
300 /* save the parameter list */
301 params
= (struct WININET_ErrorDlgParams
*) lParam
;
302 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
304 /* extract the Realm from the response and show it */
305 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
306 szRealm
, ARRAY_SIZE( szRealm
), FALSE
) )
308 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
309 SetWindowTextW( hitem
, szRealm
);
312 hitem
= GetDlgItem( hdlg
, IDC_SERVER
);
313 SetWindowTextW( hitem
, params
->req
->session
->hostName
);
315 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
320 params
= (struct WININET_ErrorDlgParams
*)
321 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
328 WCHAR username
[0x20], password
[0x20];
331 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
333 GetWindowTextW( hitem
, username
, ARRAY_SIZE( username
));
336 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
338 GetWindowTextW( hitem
, password
, ARRAY_SIZE( password
));
340 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
342 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
343 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
344 szRealm
, ARRAY_SIZE( szRealm
), FALSE
))
346 WININET_GetSetPassword( hdlg
, params
->req
->session
->hostName
, szRealm
, TRUE
);
348 WININET_SetAuthorization( params
->req
, username
, password
, FALSE
);
350 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
353 if( wParam
== IDCANCEL
)
355 EndDialog( hdlg
, 0 );
363 /***********************************************************************
364 * WININET_InvalidCertificateDialog
366 static INT_PTR WINAPI
WININET_InvalidCertificateDialog(
367 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
369 struct WININET_ErrorDlgParams
*params
;
373 if( uMsg
== WM_INITDIALOG
)
375 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
377 /* save the parameter list */
378 params
= (struct WININET_ErrorDlgParams
*) lParam
;
379 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
381 switch( params
->dwError
)
383 case ERROR_INTERNET_INVALID_CA
:
384 LoadStringW( WININET_hModule
, IDS_CERT_CA_INVALID
, buf
, 1024 );
386 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
387 LoadStringW( WININET_hModule
, IDS_CERT_DATE_INVALID
, buf
, 1024 );
389 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
390 LoadStringW( WININET_hModule
, IDS_CERT_CN_INVALID
, buf
, 1024 );
392 case ERROR_INTERNET_SEC_CERT_ERRORS
:
393 /* FIXME: We should fetch information about the
394 * certificate here and show all the relevant errors.
396 LoadStringW( WININET_hModule
, IDS_CERT_ERRORS
, buf
, 1024 );
399 FIXME( "No message for error %d\n", params
->dwError
);
403 hitem
= GetDlgItem( hdlg
, IDC_CERT_ERROR
);
404 SetWindowTextW( hitem
, buf
);
409 params
= (struct WININET_ErrorDlgParams
*)
410 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
417 if( params
->dwFlags
& FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
419 http_request_t
*req
= params
->req
;
420 DWORD flags
, size
= sizeof(flags
);
422 InternetQueryOptionW( req
->hdr
.hInternet
, INTERNET_OPTION_SECURITY_FLAGS
, &flags
, &size
);
423 switch( params
->dwError
)
425 case ERROR_INTERNET_INVALID_CA
:
426 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
428 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
429 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
431 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
432 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
434 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
435 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
437 case ERROR_INTERNET_SEC_CERT_ERRORS
:
438 if(flags
& _SECURITY_FLAG_CERT_REV_FAILED
)
439 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
440 if(flags
& _SECURITY_FLAG_CERT_INVALID_CA
)
441 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
442 if(flags
& _SECURITY_FLAG_CERT_INVALID_CN
)
443 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
444 if(flags
& _SECURITY_FLAG_CERT_INVALID_DATE
)
445 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
448 /* FIXME: Use helper function */
449 flags
|= SECURITY_FLAG_SECURE
;
450 req
->security_flags
|= flags
;
451 if(is_valid_netconn(req
->netconn
))
452 req
->netconn
->security_flags
|= flags
;
455 EndDialog( hdlg
, ERROR_SUCCESS
);
458 if( wParam
== IDCANCEL
)
460 TRACE("Pressed cancel.\n");
462 EndDialog( hdlg
, ERROR_CANCELLED
);
471 /***********************************************************************
474 DWORD WINAPI
InternetErrorDlg(HWND hWnd
, HINTERNET hRequest
,
475 DWORD dwError
, DWORD dwFlags
, LPVOID
* lppvData
)
477 struct WININET_ErrorDlgParams params
;
478 http_request_t
*req
= NULL
;
479 DWORD res
= ERROR_SUCCESS
;
481 TRACE("%p %p %d %08x %p\n", hWnd
, hRequest
, dwError
, dwFlags
, lppvData
);
483 if( !hWnd
&& !(dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) )
484 return ERROR_INVALID_HANDLE
;
487 req
= (http_request_t
*)get_handle_object(hRequest
);
489 return ERROR_INVALID_HANDLE
;
490 if(req
->hdr
.htype
!= WH_HHTTPREQ
)
491 return ERROR_SUCCESS
; /* Yes, that was tested */
496 params
.dwError
= dwError
;
497 params
.dwFlags
= dwFlags
;
498 params
.lppvData
= lppvData
;
503 case ERROR_INTERNET_INCORRECT_PASSWORD
: {
504 if( !dwError
&& !(dwFlags
& FLAGS_ERROR_UI_FILTER_FOR_ERRORS
) )
507 return ERROR_INVALID_HANDLE
;
509 switch(req
->status_code
) {
510 case HTTP_STATUS_PROXY_AUTH_REQ
:
511 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_PROXYDLG
),
512 hWnd
, WININET_ProxyPasswordDialog
, (LPARAM
) ¶ms
);
514 case HTTP_STATUS_DENIED
:
515 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_AUTHDLG
),
516 hWnd
, WININET_PasswordDialog
, (LPARAM
) ¶ms
);
519 WARN("unhandled status %u\n", req
->status_code
);
523 case ERROR_INTERNET_SEC_CERT_ERRORS
:
524 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
525 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
526 case ERROR_INTERNET_INVALID_CA
:
527 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
528 if( dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) {
529 res
= ERROR_CANCELLED
;
533 return ERROR_INVALID_HANDLE
;
536 if( dwFlags
& ~FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
537 FIXME("%08x contains unsupported flags.\n", dwFlags
);
539 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_INVCERTDLG
),
540 hWnd
, WININET_InvalidCertificateDialog
, (LPARAM
) ¶ms
);
542 case ERROR_INTERNET_HTTP_TO_HTTPS_ON_REDIR
:
543 case ERROR_INTERNET_POST_IS_NON_SECURE
:
544 FIXME("Need to display dialog for error %d\n", dwError
);
548 res
= ERROR_NOT_SUPPORTED
;
552 WININET_Release(&req
->hdr
);
556 /***********************************************************************
557 * InternetShowSecurityInfoByURLA (@)
559 BOOL WINAPI
InternetShowSecurityInfoByURLA(LPCSTR url
, HWND window
)
561 FIXME("stub: %s %p\n", url
, window
);
565 /***********************************************************************
566 * InternetShowSecurityInfoByURLW (@)
568 BOOL WINAPI
InternetShowSecurityInfoByURLW(LPCWSTR url
, HWND window
)
570 FIXME("stub: %s %p\n", debugstr_w(url
), window
);
574 /***********************************************************************
575 * ParseX509EncodedCertificateForListBoxEntry (@)
577 DWORD WINAPI
ParseX509EncodedCertificateForListBoxEntry(LPBYTE cert
, DWORD len
, LPSTR szlistbox
, LPDWORD listbox
)
579 FIXME("stub: %p %d %s %p\n", cert
, len
, debugstr_a(szlistbox
), listbox
);
580 return ERROR_CALL_NOT_IMPLEMENTED
;
583 /***********************************************************************
584 * ShowX509EncodedCertificate (@)
586 DWORD WINAPI
ShowX509EncodedCertificate(HWND parent
, LPBYTE cert
, DWORD len
)
588 PCCERT_CONTEXT certContext
= CertCreateCertificateContext(X509_ASN_ENCODING
,
594 CRYPTUI_VIEWCERTIFICATE_STRUCTW view
;
596 memset(&view
, 0, sizeof(view
));
597 view
.hwndParent
= parent
;
598 view
.pCertContext
= certContext
;
599 if (CryptUIDlgViewCertificateW(&view
, NULL
))
602 ret
= GetLastError();
603 CertFreeCertificateContext(certContext
);
606 ret
= GetLastError();