4 * Copyright 2003 Mike McCormack for CodeWeavers Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 #include <cryptuiapi.h>
26 #define MAX_STRING_LEN 1024
28 struct WININET_ErrorDlgParams
37 /***********************************************************************
38 * WININET_GetAuthRealm
40 * Determine the name of the (basic) Authentication realm
42 static BOOL
WININET_GetAuthRealm( HINTERNET hRequest
, LPWSTR szBuf
, DWORD sz
, BOOL proxy
)
46 static const WCHAR szRealm
[] = { 'r','e','a','l','m','=',0 };
49 query
= HTTP_QUERY_PROXY_AUTHENTICATE
;
51 query
= HTTP_QUERY_WWW_AUTHENTICATE
;
53 /* extract the Realm from the response and show it */
55 if( !HttpQueryInfoW( hRequest
, query
, szBuf
, &sz
, &index
) )
59 * FIXME: maybe we should check that we're
60 * dealing with 'Basic' Authentication
62 p
= strchrW( szBuf
, ' ' );
63 if( !p
|| strncmpW( p
+1, szRealm
, strlenW(szRealm
) ) )
65 ERR("response wrong? (%s)\n", debugstr_w(szBuf
));
74 q
= strrchrW( p
, '"' );
83 /* These two are not defined in the public headers */
84 extern DWORD WINAPI
WNetCachePassword(LPSTR
,WORD
,LPSTR
,WORD
,BYTE
,WORD
);
85 extern DWORD WINAPI
WNetGetCachedPassword(LPSTR
,WORD
,LPSTR
,LPWORD
,BYTE
);
87 /***********************************************************************
88 * WININET_GetSetPassword
90 static BOOL
WININET_GetSetPassword( HWND hdlg
, LPCWSTR szServer
,
91 LPCWSTR szRealm
, BOOL bSet
)
93 WCHAR szResource
[0x80], szUserPass
[0x40];
95 HWND hUserItem
, hPassItem
;
96 DWORD r
, dwMagic
= 19;
99 static const WCHAR szColon
[] = { ':',0 };
100 static const WCHAR szbs
[] = { '/', 0 };
102 hUserItem
= GetDlgItem( hdlg
, IDC_USERNAME
);
103 hPassItem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
105 /* now try fetch the username and password */
106 lstrcpyW( szResource
, szServer
);
107 lstrcatW( szResource
, szbs
);
108 lstrcatW( szResource
, szRealm
);
111 * WNetCachePassword is only concerned with the length
112 * of the data stored (which we tell it) and it does
113 * not use strlen() internally so we can add WCHAR data
114 * instead of ASCII data and get it back the same way.
119 GetWindowTextW( hUserItem
, szUserPass
,
120 (sizeof szUserPass
-1)/sizeof(WCHAR
) );
121 lstrcatW(szUserPass
, szColon
);
122 u_len
= strlenW( szUserPass
);
123 GetWindowTextW( hPassItem
, szUserPass
+u_len
,
124 (sizeof szUserPass
)/sizeof(WCHAR
)-u_len
);
126 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
127 u_len
= (strlenW( szUserPass
) + 1)*sizeof(WCHAR
);
128 r
= WNetCachePassword( (CHAR
*)szResource
, r_len
,
129 (CHAR
*)szUserPass
, u_len
, dwMagic
, 0 );
131 return ( r
== WN_SUCCESS
);
134 sz
= sizeof szUserPass
;
135 r_len
= (strlenW( szResource
) + 1)*sizeof(WCHAR
);
136 r
= WNetGetCachedPassword( (CHAR
*)szResource
, r_len
,
137 (CHAR
*)szUserPass
, &sz
, dwMagic
);
138 if( r
!= WN_SUCCESS
)
141 p
= strchrW( szUserPass
, ':' );
145 SetWindowTextW( hUserItem
, szUserPass
);
146 SetWindowTextW( hPassItem
, p
+1 );
152 /***********************************************************************
153 * WININET_SetAuthorization
155 static BOOL
WININET_SetAuthorization( http_request_t
*request
, LPWSTR username
,
156 LPWSTR password
, BOOL proxy
)
158 http_session_t
*session
= request
->session
;
161 p
= heap_strdupW(username
);
165 q
= heap_strdupW(password
);
174 appinfo_t
*hIC
= session
->appInfo
;
176 heap_free(hIC
->proxyUsername
);
177 hIC
->proxyUsername
= p
;
179 heap_free(hIC
->proxyPassword
);
180 hIC
->proxyPassword
= q
;
184 heap_free(session
->userName
);
185 session
->userName
= p
;
187 heap_free(session
->password
);
188 session
->password
= q
;
194 /***********************************************************************
195 * WININET_ProxyPasswordDialog
197 static INT_PTR WINAPI
WININET_ProxyPasswordDialog(
198 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
201 struct WININET_ErrorDlgParams
*params
;
202 WCHAR szRealm
[0x80], szServer
[0x80];
204 if( uMsg
== WM_INITDIALOG
)
206 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
208 /* save the parameter list */
209 params
= (struct WININET_ErrorDlgParams
*) lParam
;
210 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
212 /* extract the Realm from the proxy response and show it */
213 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
214 szRealm
, sizeof szRealm
/sizeof(WCHAR
), TRUE
) )
216 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
217 SetWindowTextW( hitem
, szRealm
);
220 hitem
= GetDlgItem( hdlg
, IDC_PROXY
);
221 SetWindowTextW( hitem
, params
->req
->session
->appInfo
->proxy
);
223 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
228 params
= (struct WININET_ErrorDlgParams
*)
229 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
236 WCHAR username
[0x20], password
[0x20];
239 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
241 GetWindowTextW( hitem
, username
, sizeof username
/sizeof(WCHAR
) );
244 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
246 GetWindowTextW( hitem
, password
, sizeof password
/sizeof(WCHAR
) );
248 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
250 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
251 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
252 szRealm
, sizeof szRealm
/sizeof(WCHAR
), TRUE
) )
253 WININET_GetSetPassword( hdlg
, params
->req
->session
->appInfo
->proxy
, szRealm
, TRUE
);
254 WININET_SetAuthorization( params
->req
, username
, password
, TRUE
);
256 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
259 if( wParam
== IDCANCEL
)
261 EndDialog( hdlg
, 0 );
269 /***********************************************************************
270 * WININET_PasswordDialog
272 static INT_PTR WINAPI
WININET_PasswordDialog(
273 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
276 struct WININET_ErrorDlgParams
*params
;
277 WCHAR szRealm
[0x80], szServer
[0x80];
279 if( uMsg
== WM_INITDIALOG
)
281 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
283 /* save the parameter list */
284 params
= (struct WININET_ErrorDlgParams
*) lParam
;
285 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
287 /* extract the Realm from the response and show it */
288 if( WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
289 szRealm
, sizeof szRealm
/sizeof(WCHAR
), FALSE
) )
291 hitem
= GetDlgItem( hdlg
, IDC_REALM
);
292 SetWindowTextW( hitem
, szRealm
);
295 hitem
= GetDlgItem( hdlg
, IDC_SERVER
);
296 SetWindowTextW( hitem
, params
->req
->session
->hostName
);
298 WININET_GetSetPassword( hdlg
, szServer
, szRealm
, FALSE
);
303 params
= (struct WININET_ErrorDlgParams
*)
304 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
311 WCHAR username
[0x20], password
[0x20];
314 hitem
= GetDlgItem( hdlg
, IDC_USERNAME
);
316 GetWindowTextW( hitem
, username
, sizeof username
/sizeof(WCHAR
) );
319 hitem
= GetDlgItem( hdlg
, IDC_PASSWORD
);
321 GetWindowTextW( hitem
, password
, sizeof password
/sizeof(WCHAR
) );
323 hitem
= GetDlgItem( hdlg
, IDC_SAVEPASSWORD
);
325 SendMessageW( hitem
, BM_GETSTATE
, 0, 0 ) &&
326 WININET_GetAuthRealm( params
->req
->hdr
.hInternet
,
327 szRealm
, sizeof szRealm
/sizeof(WCHAR
), FALSE
))
329 WININET_GetSetPassword( hdlg
, params
->req
->session
->hostName
, szRealm
, TRUE
);
331 WININET_SetAuthorization( params
->req
, username
, password
, FALSE
);
333 EndDialog( hdlg
, ERROR_INTERNET_FORCE_RETRY
);
336 if( wParam
== IDCANCEL
)
338 EndDialog( hdlg
, 0 );
346 /***********************************************************************
347 * WININET_InvalidCertificateDialog
349 static INT_PTR WINAPI
WININET_InvalidCertificateDialog(
350 HWND hdlg
, UINT uMsg
, WPARAM wParam
, LPARAM lParam
)
352 struct WININET_ErrorDlgParams
*params
;
356 if( uMsg
== WM_INITDIALOG
)
358 TRACE("WM_INITDIALOG (%08lx)\n", lParam
);
360 /* save the parameter list */
361 params
= (struct WININET_ErrorDlgParams
*) lParam
;
362 SetWindowLongPtrW( hdlg
, GWLP_USERDATA
, lParam
);
364 switch( params
->dwError
)
366 case ERROR_INTERNET_INVALID_CA
:
367 LoadStringW( WININET_hModule
, IDS_CERT_CA_INVALID
, buf
, 1024 );
369 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
370 LoadStringW( WININET_hModule
, IDS_CERT_DATE_INVALID
, buf
, 1024 );
372 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
373 LoadStringW( WININET_hModule
, IDS_CERT_CN_INVALID
, buf
, 1024 );
375 case ERROR_INTERNET_SEC_CERT_ERRORS
:
376 /* FIXME: We should fetch information about the
377 * certificate here and show all the relevant errors.
379 LoadStringW( WININET_hModule
, IDS_CERT_ERRORS
, buf
, 1024 );
382 FIXME( "No message for error %d\n", params
->dwError
);
386 hitem
= GetDlgItem( hdlg
, IDC_CERT_ERROR
);
387 SetWindowTextW( hitem
, buf
);
392 params
= (struct WININET_ErrorDlgParams
*)
393 GetWindowLongPtrW( hdlg
, GWLP_USERDATA
);
402 if( params
->dwFlags
& FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
404 http_request_t
*req
= params
->req
;
405 DWORD flags
, size
= sizeof(flags
);
407 InternetQueryOptionW( req
->hdr
.hInternet
, INTERNET_OPTION_SECURITY_FLAGS
, &flags
, &size
);
408 switch( params
->dwError
)
410 case ERROR_INTERNET_INVALID_CA
:
411 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
413 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
414 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
416 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
417 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
419 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
420 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
422 case ERROR_INTERNET_SEC_CERT_ERRORS
:
423 if(flags
& _SECURITY_FLAG_CERT_REV_FAILED
)
424 flags
|= SECURITY_FLAG_IGNORE_REVOCATION
;
425 if(flags
& _SECURITY_FLAG_CERT_INVALID_CA
)
426 flags
|= SECURITY_FLAG_IGNORE_UNKNOWN_CA
;
427 if(flags
& _SECURITY_FLAG_CERT_INVALID_CN
)
428 flags
|= SECURITY_FLAG_IGNORE_CERT_CN_INVALID
;
429 if(flags
& _SECURITY_FLAG_CERT_INVALID_DATE
)
430 flags
|= SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
;
433 /* FIXME: Use helper function */
434 flags
|= SECURITY_FLAG_SECURE
;
435 req
->security_flags
|= flags
;
436 if(is_valid_netconn(req
->netconn
))
437 req
->netconn
->security_flags
|= flags
;
440 EndDialog( hdlg
, res
? ERROR_SUCCESS
: ERROR_NOT_SUPPORTED
);
443 if( wParam
== IDCANCEL
)
445 TRACE("Pressed cancel.\n");
447 EndDialog( hdlg
, ERROR_CANCELLED
);
456 /***********************************************************************
459 DWORD WINAPI
InternetErrorDlg(HWND hWnd
, HINTERNET hRequest
,
460 DWORD dwError
, DWORD dwFlags
, LPVOID
* lppvData
)
462 struct WININET_ErrorDlgParams params
;
463 http_request_t
*req
= NULL
;
464 DWORD res
= ERROR_SUCCESS
;
466 TRACE("%p %p %d %08x %p\n", hWnd
, hRequest
, dwError
, dwFlags
, lppvData
);
468 if( !hWnd
&& !(dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) )
469 return ERROR_INVALID_HANDLE
;
472 req
= (http_request_t
*)get_handle_object(hRequest
);
474 return ERROR_INVALID_HANDLE
;
475 if(req
->hdr
.htype
!= WH_HHTTPREQ
)
476 return ERROR_SUCCESS
; /* Yes, that was tested */
481 params
.dwError
= dwError
;
482 params
.dwFlags
= dwFlags
;
483 params
.lppvData
= lppvData
;
488 case ERROR_INTERNET_INCORRECT_PASSWORD
: {
489 if( !dwError
&& !(dwFlags
& FLAGS_ERROR_UI_FILTER_FOR_ERRORS
) )
492 return ERROR_INVALID_HANDLE
;
494 switch(req
->status_code
) {
495 case HTTP_STATUS_PROXY_AUTH_REQ
:
496 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_PROXYDLG
),
497 hWnd
, WININET_ProxyPasswordDialog
, (LPARAM
) ¶ms
);
499 case HTTP_STATUS_DENIED
:
500 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_AUTHDLG
),
501 hWnd
, WININET_PasswordDialog
, (LPARAM
) ¶ms
);
504 WARN("unhandled status %u\n", req
->status_code
);
508 case ERROR_INTERNET_SEC_CERT_ERRORS
:
509 case ERROR_INTERNET_SEC_CERT_CN_INVALID
:
510 case ERROR_INTERNET_SEC_CERT_DATE_INVALID
:
511 case ERROR_INTERNET_INVALID_CA
:
512 case ERROR_INTERNET_SEC_CERT_REV_FAILED
:
513 if( dwFlags
& FLAGS_ERROR_UI_FLAGS_NO_UI
) {
514 res
= ERROR_CANCELLED
;
518 return ERROR_INVALID_HANDLE
;
521 if( dwFlags
& ~FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS
)
522 FIXME("%08x contains unsupported flags.\n", dwFlags
);
524 res
= DialogBoxParamW( WININET_hModule
, MAKEINTRESOURCEW( IDD_INVCERTDLG
),
525 hWnd
, WININET_InvalidCertificateDialog
, (LPARAM
) ¶ms
);
527 case ERROR_INTERNET_HTTP_TO_HTTPS_ON_REDIR
:
528 case ERROR_INTERNET_POST_IS_NON_SECURE
:
529 FIXME("Need to display dialog for error %d\n", dwError
);
533 res
= ERROR_NOT_SUPPORTED
;
537 WININET_Release(&req
->hdr
);
541 /***********************************************************************
542 * InternetShowSecurityInfoByURLA (@)
544 BOOL WINAPI
InternetShowSecurityInfoByURLA(LPCSTR url
, HWND window
)
546 FIXME("stub: %s %p\n", url
, window
);
550 /***********************************************************************
551 * InternetShowSecurityInfoByURLW (@)
553 BOOL WINAPI
InternetShowSecurityInfoByURLW(LPCWSTR url
, HWND window
)
555 FIXME("stub: %s %p\n", debugstr_w(url
), window
);
559 /***********************************************************************
560 * ParseX509EncodedCertificateForListBoxEntry (@)
562 DWORD WINAPI
ParseX509EncodedCertificateForListBoxEntry(LPBYTE cert
, DWORD len
, LPSTR szlistbox
, LPDWORD listbox
)
564 FIXME("stub: %p %d %s %p\n", cert
, len
, debugstr_a(szlistbox
), listbox
);
565 return ERROR_CALL_NOT_IMPLEMENTED
;
568 /***********************************************************************
569 * ShowX509EncodedCertificate (@)
571 DWORD WINAPI
ShowX509EncodedCertificate(HWND parent
, LPBYTE cert
, DWORD len
)
573 PCCERT_CONTEXT certContext
= CertCreateCertificateContext(X509_ASN_ENCODING
,
579 CRYPTUI_VIEWCERTIFICATE_STRUCTW view
;
581 memset(&view
, 0, sizeof(view
));
582 view
.hwndParent
= parent
;
583 view
.pCertContext
= certContext
;
584 if (CryptUIDlgViewCertificateW(&view
, NULL
))
587 ret
= GetLastError();
588 CertFreeCertificateContext(certContext
);
591 ret
= GetLastError();