4 * Copyright 2003 Mike McCormack for CodeWeavers Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
31 #include "wine/debug.h"
33 #define NO_SHLWAPI_STREAM
35 #include "cryptuiapi.h"
39 #include "wine/unicode.h"
43 #define MAX_STRING_LEN 1024
45 WINE_DEFAULT_DEBUG_CHANNEL(wininet
);
47 struct WININET_ErrorDlgParams
56 /***********************************************************************
57 * WININET_GetAuthRealm
59 * Determine the name of the (basic) Authentication realm
61 static BOOL
WININET_GetAuthRealm( HINTERNET hRequest
, LPWSTR szBuf
, DWORD sz
, BOOL proxy
)
65 static const WCHAR szRealm
[] = { 'r','e','a','l','m','=',0 };
68 query
= HTTP_QUERY_PROXY_AUTHENTICATE
;
70 query
= HTTP_QUERY_WWW_AUTHENTICATE
;
72 /* extract the Realm from the response and show it */
74 if( !HttpQueryInfoW( hRequest
, query
, szBuf
, &sz
, &index
) )
78 * FIXME: maybe we should check that we're
79 * dealing with 'Basic' Authentication
81 p
= strchrW( szBuf
, ' ' );
82 if( !p
|| strncmpW( p
+1, szRealm
, strlenW(szRealm
) ) )
84 ERR("response wrong? (%s)\n", debugstr_w(szBuf
));
93 q
= strrchrW( p
, '"' );
102 /* These two are not defined in the public headers */
103 extern DWORD WINAPI
WNetCachePassword(LPSTR
,WORD
,LPSTR
,WORD
,BYTE
,WORD
);
104 extern DWORD WINAPI
WNetGetCachedPassword(LPSTR
,WORD
,LPSTR
,LPWORD
,BYTE
);
106 /***********************************************************************
107 * WININET_GetSetPassword
109 static BOOL
WININET_GetSetPassword( HWND hdlg
, LPCWSTR szServer
,
110 LPCWSTR szRealm
, BOOL bSet
)
112 WCHAR szResource
[0x80], szUserPass
[0x40];
114 HWND hUserItem
, hPassItem
;
115 DWORD r
, dwMagic
= 19;
118 static const WCHAR szColon
[] = { ':',0 };
119 static const WCHAR szbs
[] = { '/', 0 };
121 hUserItem
= GetDlgItem( hdlg
, IDC_USERNAME
);
122 hPassItem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
124 /* now try fetch the username and password */
125 lstrcpyW( szResource
, szServer
);
126 lstrcatW( szResource
, szbs
);
127 lstrcatW( szResource
, szRealm
);
130 * WNetCachePassword is only concerned with the length
131 * of the data stored (which we tell it) and it does
132 * not use strlen() internally so we can add WCHAR data
133 * instead of ASCII data and get it back the same way.
138 GetWindowTextW( hUserItem
, szUserPass
,
139 (sizeof szUserPass
-1)/sizeof(WCHAR
) );
140 lstrcatW(szUserPass
, szColon
);
141 u_len
= strlenW( szUserPass
);
142 GetWindowTextW( hPassItem
, szUserPass
+u_len
,
143 (sizeof szUserPass
)/sizeof(WCHAR
)-u_len
);
145 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
146 u_len
= (strlenW( szUserPass
) + 1)*sizeof(WCHAR
);
147 r
= WNetCachePassword( (CHAR
*)szResource
, r_len
,
148 (CHAR
*)szUserPass
, u_len
, dwMagic
, 0 );
150 return ( r
== WN_SUCCESS
);
153 sz
= sizeof szUserPass
;
154 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
155 r
= WNetGetCachedPassword( (CHAR
*)szResource
, r_len
,
156 (CHAR
*)szUserPass
, &sz
, dwMagic
);
157 if( r
!= WN_SUCCESS
)
160 p
= strchrW( szUserPass
, ':' );
164 SetWindowTextW( hUserItem
, szUserPass
);
165 SetWindowTextW( hPassItem
, p
+1 );
171 /***********************************************************************
172 * WININET_SetAuthorization
174 static BOOL
WININET_SetAuthorization( http_request_t
*request
, LPWSTR username
,
175 LPWSTR password
, BOOL proxy
)
177 http_session_t
*session
= request
->session
;
180 p
= heap_strdupW(username
);
184 q
= heap_strdupW(password
);
193 appinfo_t
*hIC
= session
->appInfo
;
195 heap_free(hIC
->proxyUsername
);
196 hIC
->proxyUsername
= p
;
198 heap_free(hIC
->proxyPassword
);
199 hIC
->proxyPassword
= q
;
203 heap_free(session
->userName
);
204 session
->userName
= p
;
206 heap_free(session
->password
);
207 session
->password
= q
;
213 /***********************************************************************
214 * WININET_ProxyPasswordDialog
216 static INT_PTR WINAPI
WININET_ProxyPasswordDialog(
217 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
220 struct WININET_ErrorDlgParams
*params
;
221 WCHAR szRealm
[0x80], szServer
[0x80];
223 if( uMsg
== WM_INITDIALOG
)
225 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
227 /* save the parameter list */
228 params
= (struct WININET_ErrorDlgParams
*) lParam
;
229 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
231 /* extract the Realm from the proxy response and show it */
232 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
233 szRealm
, sizeof szRealm
/sizeof(WCHAR
), TRUE
) )
235 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
236 SetWindowTextW( hitem
, szRealm
);
239 hitem
= GetDlgItem( hdlg
, IDC_PROXY
);
240 SetWindowTextW( hitem
, params
->req
->session
->appInfo
->proxy
);
242 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
247 params
= (struct WININET_ErrorDlgParams
*)
248 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
255 WCHAR username
[0x20], password
[0x20];
258 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
260 GetWindowTextW( hitem
, username
, sizeof username
/sizeof(WCHAR
) );
263 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
265 GetWindowTextW( hitem
, password
, sizeof password
/sizeof(WCHAR
) );
267 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
269 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
270 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
271 szRealm
, sizeof szRealm
/sizeof(WCHAR
), TRUE
) )
272 WININET_GetSetPassword( hdlg
, params
->req
->session
->appInfo
->proxy
, szRealm
, TRUE
);
273 WININET_SetAuthorization( params
->req
, username
, password
, TRUE
);
275 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
278 if( wParam
== IDCANCEL
)
280 EndDialog( hdlg
, 0 );
288 /***********************************************************************
289 * WININET_PasswordDialog
291 static INT_PTR WINAPI
WININET_PasswordDialog(
292 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
295 struct WININET_ErrorDlgParams
*params
;
296 WCHAR szRealm
[0x80], szServer
[0x80];
298 if( uMsg
== WM_INITDIALOG
)
300 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
302 /* save the parameter list */
303 params
= (struct WININET_ErrorDlgParams
*) lParam
;
304 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
306 /* extract the Realm from the response and show it */
307 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
308 szRealm
, sizeof szRealm
/sizeof(WCHAR
), FALSE
) )
310 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
311 SetWindowTextW( hitem
, szRealm
);
314 hitem
= GetDlgItem( hdlg
, IDC_SERVER
);
315 SetWindowTextW( hitem
, params
->req
->session
->hostName
);
317 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
322 params
= (struct WININET_ErrorDlgParams
*)
323 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
330 WCHAR username
[0x20], password
[0x20];
333 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
335 GetWindowTextW( hitem
, username
, sizeof username
/sizeof(WCHAR
) );
338 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
340 GetWindowTextW( hitem
, password
, sizeof password
/sizeof(WCHAR
) );
342 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
344 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
345 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
346 szRealm
, sizeof szRealm
/sizeof(WCHAR
), FALSE
))
348 WININET_GetSetPassword( hdlg
, params
->req
->session
->hostName
, szRealm
, TRUE
);
350 WININET_SetAuthorization( params
->req
, username
, password
, FALSE
);
352 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
355 if( wParam
== IDCANCEL
)
357 EndDialog( hdlg
, 0 );
365 /***********************************************************************
366 * WININET_InvalidCertificateDialog
368 static INT_PTR WINAPI
WININET_InvalidCertificateDialog(
369 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
371 struct WININET_ErrorDlgParams
*params
;
375 if( uMsg
== WM_INITDIALOG
)
377 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
379 /* save the parameter list */
380 params
= (struct WININET_ErrorDlgParams
*) lParam
;
381 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
383 switch( params
->dwError
)
385 case ERROR_INTERNET_INVALID_CA
:
386 LoadStringW( WININET_hModule
, IDS_CERT_CA_INVALID
, buf
, 1024 );
388 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
389 LoadStringW( WININET_hModule
, IDS_CERT_DATE_INVALID
, buf
, 1024 );
391 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
392 LoadStringW( WININET_hModule
, IDS_CERT_CN_INVALID
, buf
, 1024 );
394 case ERROR_INTERNET_SEC_CERT_ERRORS
:
395 /* FIXME: We should fetch information about the
396 * certificate here and show all the relevant errors.
398 LoadStringW( WININET_hModule
, IDS_CERT_ERRORS
, buf
, 1024 );
401 FIXME( "No message for error %d\n", params
->dwError
);
405 hitem
= GetDlgItem( hdlg
, IDC_CERT_ERROR
);
406 SetWindowTextW( hitem
, buf
);
411 params
= (struct WININET_ErrorDlgParams
*)
412 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
421 if( params
->dwFlags
& FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
423 http_request_t
*req
= params
->req
;
424 DWORD flags
, size
= sizeof(flags
);
426 InternetQueryOptionW( req
->hdr
.hInternet
, INTERNET_OPTION_SECURITY_FLAGS
, &flags
, &size
);
427 switch( params
->dwError
)
429 case ERROR_INTERNET_INVALID_CA
:
430 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
432 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
433 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
435 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
436 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
438 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
439 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
441 case ERROR_INTERNET_SEC_CERT_ERRORS
:
442 if(flags
& _SECURITY_FLAG_CERT_REV_FAILED
)
443 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
444 if(flags
& _SECURITY_FLAG_CERT_INVALID_CA
)
445 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
446 if(flags
& _SECURITY_FLAG_CERT_INVALID_CN
)
447 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
448 if(flags
& _SECURITY_FLAG_CERT_INVALID_DATE
)
449 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
452 /* FIXME: Use helper function */
453 flags
|= SECURITY_FLAG_SECURE
;
454 req
->security_flags
|= flags
;
455 if(is_valid_netconn(req
->netconn
))
456 req
->netconn
->security_flags
|= flags
;
459 EndDialog( hdlg
, res
? ERROR_SUCCESS
: ERROR_NOT_SUPPORTED
);
462 if( wParam
== IDCANCEL
)
464 TRACE("Pressed cancel.\n");
466 EndDialog( hdlg
, ERROR_CANCELLED
);
475 /***********************************************************************
478 DWORD WINAPI
InternetErrorDlg(HWND hWnd
, HINTERNET hRequest
,
479 DWORD dwError
, DWORD dwFlags
, LPVOID
* lppvData
)
481 struct WININET_ErrorDlgParams params
;
482 http_request_t
*req
= NULL
;
483 DWORD res
= ERROR_SUCCESS
;
485 TRACE("%p %p %d %08x %p\n", hWnd
, hRequest
, dwError
, dwFlags
, lppvData
);
487 if( !hWnd
&& !(dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) )
488 return ERROR_INVALID_HANDLE
;
491 req
= (http_request_t
*)get_handle_object(hRequest
);
493 return ERROR_INVALID_HANDLE
;
494 if(req
->hdr
.htype
!= WH_HHTTPREQ
)
495 return ERROR_SUCCESS
; /* Yes, that was tested */
500 params
.dwError
= dwError
;
501 params
.dwFlags
= dwFlags
;
502 params
.lppvData
= lppvData
;
507 case ERROR_INTERNET_INCORRECT_PASSWORD
: {
508 if( !dwError
&& !(dwFlags
& FLAGS_ERROR_UI_FILTER_FOR_ERRORS
) )
511 return ERROR_INVALID_HANDLE
;
513 switch(req
->status_code
) {
514 case HTTP_STATUS_PROXY_AUTH_REQ
:
515 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_PROXYDLG
),
516 hWnd
, WININET_ProxyPasswordDialog
, (LPARAM
) ¶ms
);
518 case HTTP_STATUS_DENIED
:
519 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_AUTHDLG
),
520 hWnd
, WININET_PasswordDialog
, (LPARAM
) ¶ms
);
523 WARN("unhandled status %u\n", req
->status_code
);
527 case ERROR_INTERNET_SEC_CERT_ERRORS
:
528 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
529 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
530 case ERROR_INTERNET_INVALID_CA
:
531 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
532 if( dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) {
533 res
= ERROR_CANCELLED
;
537 return ERROR_INVALID_HANDLE
;
540 if( dwFlags
& ~FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
541 FIXME("%08x contains unsupported flags.\n", dwFlags
);
543 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_INVCERTDLG
),
544 hWnd
, WININET_InvalidCertificateDialog
, (LPARAM
) ¶ms
);
546 case ERROR_INTERNET_HTTP_TO_HTTPS_ON_REDIR
:
547 case ERROR_INTERNET_POST_IS_NON_SECURE
:
548 FIXME("Need to display dialog for error %d\n", dwError
);
552 res
= ERROR_NOT_SUPPORTED
;
556 WININET_Release(&req
->hdr
);
560 /***********************************************************************
561 * InternetShowSecurityInfoByURLA (@)
563 BOOL WINAPI
InternetShowSecurityInfoByURLA(LPCSTR url
, HWND window
)
565 FIXME("stub: %s %p\n", url
, window
);
569 /***********************************************************************
570 * InternetShowSecurityInfoByURLW (@)
572 BOOL WINAPI
InternetShowSecurityInfoByURLW(LPCWSTR url
, HWND window
)
574 FIXME("stub: %s %p\n", debugstr_w(url
), window
);
578 /***********************************************************************
579 * ShowX509EncodedCertificate (@)
581 DWORD WINAPI
ShowX509EncodedCertificate(HWND parent
, LPBYTE cert
, DWORD len
)
583 PCCERT_CONTEXT certContext
= CertCreateCertificateContext(X509_ASN_ENCODING
,
589 CRYPTUI_VIEWCERTIFICATE_STRUCTW view
;
591 memset(&view
, 0, sizeof(view
));
592 view
.hwndParent
= parent
;
593 view
.pCertContext
= certContext
;
594 if (CryptUIDlgViewCertificateW(&view
, NULL
))
597 ret
= GetLastError();
598 CertFreeCertificateContext(certContext
);
601 ret
= GetLastError();