summaryrefslogtreecommitdiff
path: root/src/inc/corpolicy.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/inc/corpolicy.h')
-rw-r--r--src/inc/corpolicy.h129
1 files changed, 129 insertions, 0 deletions
diff --git a/src/inc/corpolicy.h b/src/inc/corpolicy.h
new file mode 100644
index 0000000000..ce37db463e
--- /dev/null
+++ b/src/inc/corpolicy.h
@@ -0,0 +1,129 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+
+#ifndef _CORPOLICY_H
+#define _CORPOLICY_H
+
+#include <ole2.h> // Definitions of OLE types.
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "product_version.h"
+
+// {D41E4F1D-A407-11d1-8BC9-00C04FA30A41}
+#define COR_POLICY_PROVIDER_DOWNLOAD \
+{ 0xd41e4f1d, 0xa407, 0x11d1, {0x8b, 0xc9, 0x0, 0xc0, 0x4f, 0xa3, 0xa, 0x41 } }
+
+// {D41E4F1E-A407-11d1-8BC9-00C04FA30A41}
+#define COR_POLICY_PROVIDER_CHECK \
+{ 0xd41e4f1e, 0xa407, 0x11d1, {0x8b, 0xc9, 0x0, 0xc0, 0x4f, 0xa3, 0xa, 0x41 } }
+
+
+// {D41E4F1F-A407-11d1-8BC9-00C04FA30A41}
+#define COR_POLICY_LOCKDOWN_CHECK \
+{ 0xd41e4f1f, 0xa407, 0x11d1, {0x8b, 0xc9, 0x0, 0xc0, 0x4f, 0xa3, 0xa, 0x41 } }
+
+
+#ifndef FEATURE_CORECLR
+// See if we're set up to do a version check
+#if (VER_MAJORVERSION < 4)
+#error "Looks like major version isn't set correctly. Are you including product_version.h?"
+#endif
+
+// The following check has been added to ensure the right thing is done
+// for SxS compatibility of mscorsecimpl.dll when moving to a new framework
+// version.
+//
+// The library is registered using a full path and a GUID in the following location:
+// HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\*
+// With a new SxS version of the framework, we need to move to a new
+// GUID so older versions continue to work unimpacted.
+//
+// The check will fail when the runtime version changes; when it does,
+// please do the following:
+//
+// If the new version is NOT a SxS release with the version number in the #if,
+// update the version number in the #if below to the new version and you're done.
+//
+// If the new release is a SxS release, then there's a bit more work involved:
+// 1. Change COREE_POLICY_PROVIDER in CorPolicy.h to a new GUID.
+// 2. Update batchSetup to use the new GUID. To do so, update
+// all occurrences of the GUID in
+// ndp\clr\src\dlls\mscorsecimpl\mscorsecimpl.vrg
+// 3. Update "real" setup to use the new GUID. To do so, update
+// all occurrences of the GUID in
+// setupauthoring\netfx\clr\Components\mscorsec.dll.ddc
+// 4. Update the version number in the #if below.
+
+#if !(VER_MAJORVERSION == 4 && VER_MINORVERSION == 0)
+#error "The guid for mscorsecimpl needs to change when the runtime version changes"
+#endif
+
+// {A7F4C378-21BE-494e-BA0F-BB12C5D208C5}
+#define COREE_POLICY_PROVIDER \
+{ 0xa7f4c378, 0x21be, 0x494e, {0xba, 0x0f, 0xbb, 0x12, 0xc5, 0xd2, 0x08, 0xc5 } }
+
+#endif //#ifndef FEATURE_CORECLR
+
+// This structure is returned from the winverify trust call, free up the structure
+// using CoTaskMemAlloc except for COREE_POLICY_PROVIDER which uses LocalALLoc.
+
+typedef struct _COR_TRUST {
+ DWORD cbSize; // Size of structure
+ DWORD flag; // Reserved
+ BOOL fAllActiveXPermissions; // ActiveX explicitly asked for all (must have been signed)
+ BOOL fAllPermissions; // Cor permissions, explicit ask for all
+ DWORD dwEncodingType; // Encoding type
+ PBYTE pbCorPermissions; // Encoded cor permission blob
+ DWORD cbCorPermissions;
+ PBYTE pbSigner; // Encoded signer.
+ DWORD cbSigner;
+ LPCWSTR pwszZone; // Zone index (copied from action data)
+ GUID guidZone; // Not used currently
+ HRESULT hVerify; // Authenticode policy return
+} COR_TRUST, *PCOR_TRUST;
+
+// Pass this structure into WinVerifyTrust (corpol trust provider). The result
+// is returned in pbCorTrust.
+typedef struct _COR_POLICY_PROVIDER {
+ DWORD cbSize; // Size of policy provider
+ LPVOID pZoneManager; // Zone interface manager
+ LPCWSTR pwszZone; // Zone index
+ BOOL fNoBadUI; // Optional bad ui
+ PCOR_TRUST pbCorTrust; // Returned cor information (CoTaskMemAlloc)
+ DWORD cbCorTrust; // Total allocated size of pCorTrust
+ DWORD dwActionID; // Optional ActionID ID
+ DWORD dwUnsignedActionID; // Optional ActionID ID
+ BOOL VMBased; // Called from VM (FALSE by DEFAULT)
+ DWORD dwZoneIndex; // IE zone numbers
+} COR_POLICY_PROVIDER, *PCOR_POLICY_PROVIDER;
+
+// Returned flags in COR_TRUST flag
+#define COR_NOUI_DISPLAYED 0x1
+#define COR_DELAYED_PERMISSIONS 0x02 // The subject was unsigned, returned
+ // look up information in pbCorPermissions
+ // to be passed into GetUnsignedPermissions().
+ // If this flag is not set and pbCorPermissions
+ // is not NULL then pbCorPermissions contains
+ // encoded permissions
+
+//--------------------------------------------------------------------
+// For COR_POLICY_LOCKDOWN_CHECK:
+// -----------------------------
+
+// Structure to pass into WVT
+typedef struct _COR_LOCKDOWN {
+ DWORD cbSize; // Size of policy provider
+ DWORD flag; // reserved
+ BOOL fAllPublishers; // Trust all publishers or just ones in the trusted data base
+} COR_LOCKDOWN, *PCOR_LOCKDOWN;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // _CORPOLICY_H