1 /* 2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 #include <jni.h> 27 #include <windows.h> 28 #include "jni_util.h" 29 #include "jdk_util.h" 30 #include <urlmon.h> 31 32 typedef HRESULT (WINAPI *CoInternetCreateSecurityManagerType) 33 (IServiceProvider*,IInternetSecurityManager**,DWORD); 34 35 static CoInternetCreateSecurityManagerType fn_CoInternetCreateSecurityManager; 36 37 JNIEXPORT jboolean JNICALL 38 Java_sun_net_www_protocol_http_ntlm_NTLMAuthentication_isTrustedSiteAvailable 39 (JNIEnv *env, jclass clazz) 40 { 41 HMODULE libUrlmon = JDK_LoadSystemLibrary("urlmon.dll"); 42 if (libUrlmon != NULL) { 43 fn_CoInternetCreateSecurityManager = (CoInternetCreateSecurityManagerType) 44 GetProcAddress(libUrlmon, "CoInternetCreateSecurityManager"); 45 if (fn_CoInternetCreateSecurityManager != NULL) { 46 return JNI_TRUE; 47 } 48 } 49 return JNI_FALSE; 50 } 51 52 JNIEXPORT jboolean JNICALL 53 Java_sun_net_www_protocol_http_ntlm_NTLMAuthentication_isTrustedSite0 54 (JNIEnv *env, jclass clazz, jstring url) 55 { 56 HRESULT hr; 57 DWORD dwZone; 58 DWORD pPolicy = 0; 59 IInternetSecurityManager *spSecurityManager; 60 jboolean ret; 61 62 if (fn_CoInternetCreateSecurityManager == NULL) 63 return JNI_FALSE; 64 65 // Create IInternetSecurityManager 66 hr = fn_CoInternetCreateSecurityManager(NULL, &spSecurityManager, (DWORD)0); 67 if (FAILED(hr)) { 68 return JNI_FALSE; 69 } 70 71 const LPCWSTR bstrURL = (LPCWSTR)((*env)->GetStringChars(env, url, NULL)); 72 if (bstrURL == NULL) { 73 if (!(*env)->ExceptionCheck(env)) 74 JNU_ThrowOutOfMemoryError(env, NULL); 75 spSecurityManager->lpVtbl->Release(spSecurityManager); 76 return JNI_FALSE; 77 } 78 79 // Determines the policy for the URLACTION_CREDENTIALS_USE action and display 80 // a user interface, if the policy indicates that the user should be queried 81 hr = spSecurityManager->lpVtbl->ProcessUrlAction( 82 spSecurityManager, 83 bstrURL, 84 URLACTION_CREDENTIALS_USE, 85 (LPBYTE)&pPolicy, 86 sizeof(DWORD), 0, 0, 0, 0); 87 88 if (FAILED(hr)) { 89 ret = JNI_FALSE; 90 goto cleanupAndReturn; 91 } 92 93 // If these two User Authentication Logon options is selected 94 // Anonymous logon 95 // Prompt for user name and password 96 if (pPolicy == URLPOLICY_CREDENTIALS_ANONYMOUS_ONLY || 97 pPolicy == URLPOLICY_CREDENTIALS_MUST_PROMPT_USER) { 98 ret = JNI_FALSE; 99 goto cleanupAndReturn; 100 } 101 102 // Option "Automatic logon with current user name and password" is selected 103 if (pPolicy == URLPOLICY_CREDENTIALS_SILENT_LOGON_OK) { 104 ret = JNI_TRUE; 105 goto cleanupAndReturn; 106 } 107 108 // Option "Automatic logon only in intranet zone" is selected 109 if (pPolicy == URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT) { 110 111 // Gets the zone index from the specified URL 112 hr = spSecurityManager->lpVtbl->MapUrlToZone( 113 spSecurityManager, bstrURL, &dwZone, 0); 114 if (FAILED(hr)) { 115 ret = JNI_FALSE; 116 goto cleanupAndReturn; 117 } 118 119 // Check if the URL is in Local or Intranet zone 120 if (dwZone == URLZONE_INTRANET || dwZone == URLZONE_LOCAL_MACHINE) { 121 ret = JNI_TRUE; 122 goto cleanupAndReturn; 123 } 124 } 125 ret = JNI_FALSE; 126 127 cleanupAndReturn: 128 (*env)->ReleaseStringChars(env, url, bstrURL); 129 spSecurityManager->lpVtbl->Release(spSecurityManager); 130 return ret; 131 }