/******************************************************************
RemoveApplicationExceptionFromCurrentProfile
********************************************************************/
static HRESULT RemoveApplicationExceptionFromCurrentProfile(
__in LPCWSTR wzFile,
__in BOOL fIgnoreFailures
)
{
HRESULT hr = S_OK;
INetFwProfile* pfwProfile = NULL;
INetFwAuthorizedApplications* pfwApps = NULL;
// convert to BSTRs to make COM happy
BSTR bstrFile = ::SysAllocString(wzFile);
ExitOnNull(bstrFile, hr, E_OUTOFMEMORY, "failed SysAllocString for path");
// get the firewall profile, which is our entry point for removing exceptions
hr = GetCurrentFirewallProfile(fIgnoreFailures, &pfwProfile);
ExitOnFailure(hr, "failed to get firewall profile");
if (S_FALSE == hr) // user or package author chose to ignore missing firewall
{
ExitFunction();
}
// now get the list of app exceptions and remove the one
hr = pfwProfile->get_AuthorizedApplications(&pfwApps);
ExitOnFailure(hr, "failed to get list of authorized apps");
hr = pfwApps->Remove(bstrFile);
ExitOnFailure(hr, "failed to remove authorized app");
LExit:
ReleaseBSTR(bstrFile);
ReleaseObject(pfwApps);
ReleaseObject(pfwProfile);
return fIgnoreFailures ? S_OK : hr;
}
FW_ERROR_CODE WinXPSP2FireWall::RemoveApplication( const wchar_t* lpszProcessImageFileName )
{
FW_ERROR_CODE ret = FW_NOERROR;
HRESULT hr;
BOOL bAppEnable;
BSTR bstrProcessImageFileName = nullptr;
INetFwAuthorizedApplications* pFWApps = nullptr;
try
{
if( m_pFireWallProfile == nullptr )
throw FW_ERR_INITIALIZED;
if( lpszProcessImageFileName == nullptr )
throw FW_ERR_INVALID_ARG;
FW_ERROR_CODE nError = this->IsAppEnabled( lpszProcessImageFileName, bAppEnable );
if( nError != FW_NOERROR )
throw nError;
// Only remove the application if it is authorized
if( bAppEnable == TRUE )
{
// Retrieve the authorized application collection
hr = m_pFireWallProfile->get_AuthorizedApplications( &pFWApps );
if( FAILED( hr ))
throw FW_ERR_AUTH_APPLICATIONS;
// Allocate a BSTR for the Process Image FileName
bstrProcessImageFileName = SysAllocString( lpszProcessImageFileName );
if( SysStringLen( bstrProcessImageFileName ) == 0)
throw FW_ERR_SYS_ALLOC_STRING;
hr = pFWApps->Remove( bstrProcessImageFileName );
if( FAILED( hr ))
throw FW_ERR_REMOVE_FROM_COLLECTION;
}
}
catch( FW_ERROR_CODE nError)
{
ret = nError;
}
SysFreeString( bstrProcessImageFileName);
if( pFWApps )
pFWApps->Release();
return ret;
}
HRESULT WindowsFirewallRemoveApp(
IN INetFwProfile* fwProfile,
IN const wchar_t* fwProcessImageFileName
)
{
HRESULT hr = S_OK;
BOOL fwAppEnabled;
BSTR fwBstrName = NULL;
BSTR fwBstrProcessImageFileName = NULL;
INetFwAuthorizedApplication* fwApp = NULL;
INetFwAuthorizedApplications* fwApps = NULL;
assert(fwProfile != NULL);
assert(fwProcessImageFileName != NULL);
// First check to see if the application is already authorized.
hr = WindowsFirewallAppIsEnabled(
fwProfile,
fwProcessImageFileName,
&fwAppEnabled
);
if (FAILED(hr))
{
MYTRACE(ACE_TEXT("WindowsFirewallAppIsEnabled failed: 0x%08lx\n"), hr);
goto error;
}
// Only remove the application if it is already authorized.
if (fwAppEnabled)
{
// Retrieve the authorized application collection.
hr = fwProfile->get_AuthorizedApplications(&fwApps);
if (FAILED(hr))
{
MYTRACE(ACE_TEXT("get_AuthorizedApplications failed: 0x%08lx\n"), hr);
goto error;
}
// Create an instance of an authorized application.
hr = CoCreateInstance(
__uuidof(NetFwAuthorizedApplication),
NULL,
CLSCTX_INPROC_SERVER,
__uuidof(INetFwAuthorizedApplication),
(void**)&fwApp
);
if (FAILED(hr))
{
MYTRACE(ACE_TEXT("CoCreateInstance failed: 0x%08lx\n"), hr);
goto error;
}
// Allocate a BSTR for the process image file name.
fwBstrProcessImageFileName = SysAllocString(fwProcessImageFileName);
if (fwBstrProcessImageFileName == NULL)
{
hr = E_OUTOFMEMORY;
MYTRACE(ACE_TEXT("SysAllocString failed: 0x%08lx\n"), hr);
goto error;
}
// Add the application to the collection.
hr = fwApps->Remove(fwBstrProcessImageFileName);
if (FAILED(hr))
{
MYTRACE(ACE_TEXT("Add failed: 0x%08lx\n"), hr);
goto error;
}
MYTRACE(ACE_TEXT(
"Authorized application %lS is now removed in the firewall.\n"),
fwProcessImageFileName
);
}
error:
// Free the BSTRs.
SysFreeString(fwBstrName);
SysFreeString(fwBstrProcessImageFileName);
// Release the authorized application instance.
if (fwApp != NULL)
{
fwApp->Release();
}
// Release the authorized application collection.
if (fwApps != NULL)
{
fwApps->Release();
}
return hr;
}