Bug fixes to make caps stuff work with jvm's codesource principals

1998-10-28 03:31:17 +00:00 · 1998-10-28 03:31:17 +00:00 · 23466e2008
--- a/caps/include/nsCCodeSourcePrincipal.h
+++ b/caps/include/nsCCodeSourcePrincipal.h
@ -114,6 +114,8 @@ public:
    // from nsCCodeSourcePrincipal:
    nsCCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsresult *result);
    virtual ~nsCCodeSourcePrincipal(void);
+    nsICertPrincipal     *GetCertPrincipal()     { return m_pNSICertPrincipal;}
+    nsICodebasePrincipal *GetCodebasePrincipal() { return m_pNSICodebasePrincipal; }

 protected:
    nsICertPrincipal     *m_pNSICertPrincipal;
--- a/caps/public/nsICodeSourcePrincipal.h
+++ b/caps/public/nsICodeSourcePrincipal.h
@ -99,7 +99,7 @@ class nsICodeSourcePrincipal : public nsIPrincipal {
    GetURL(const char **ppCodeBaseURL) = 0;
 };

-#define NS_ICCODESOURCEPRINCIPAL_IID                 \
+#define NS_ICODESOURCEPRINCIPAL_IID                  \
 { /* 68cb0890-436a-11d2-b940-00805f52351a */         \
    0x68cb0890,                                      \
    0x436a,                                          \
--- a/caps/src/nsCCapsManager.cpp
+++ b/caps/src/nsCCapsManager.cpp
@ -126,11 +126,11 @@ nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
                              nsITarget* ignoreTarget, 
                              nsPermission *state)
 {
+   *state = nsPermission_Unknown;
   nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
   nsresult result = NS_OK;
   if( target == NULL )
   {
-      *state = nsPermission_Unknown;
      return NS_OK;
   }
   if (m_pNSPrivilegeManager != NULL)
@ -237,13 +237,51 @@ nsCCapsManager::~nsCCapsManager()

 NS_METHOD
 nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, 
-                               nsPrincipal **ppNSPRincipal)
+                               nsPrincipal **ppNSPrincipal)
 {
   nsISupports *pNSISupports   = NULL;
   nsPrincipal *pNSPrinicipal  = NULL;
+   *ppNSPrincipal = NULL;
+
+   if ( pNSIPrincipal == NULL )
+   {
+      return NS_ERROR_NULL_POINTER;
+   }

   NS_DEFINE_IID(kICertPrincipalIID, NS_ICERTPRINCIPAL_IID);
   NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
+   NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
+
+   if (pNSIPrincipal->QueryInterface(kICodeSourcePrincipalIID,
+                            (void**)&pNSISupports) == NS_OK) 
+   {
+      nsCCodeSourcePrincipal *pNSCCodeSourcePrincipal = (nsCCodeSourcePrincipal *)pNSIPrincipal;
+      nsICertPrincipal       *pNSICertPrincipal       = pNSCCodeSourcePrincipal->GetCertPrincipal();
+      nsICodebasePrincipal   *pNSICodebasePrincipal   = pNSCCodeSourcePrincipal->GetCodebasePrincipal();
+      PRBool bIsTrusted = PR_FALSE;
+      if(pNSICertPrincipal != NULL )
+      {
+          pNSICertPrincipal->IsTrusted(NULL, &bIsTrusted);
+      }
+      if (bIsTrusted)
+      {
+          nsCCertPrincipal *pNSCCertPrincipal = (nsCCertPrincipal *)pNSICertPrincipal;
+          pNSPrinicipal = pNSCCertPrincipal->GetPeer();
+          pNSCCertPrincipal->Release();
+      }
+      else
+      if(pNSICodebasePrincipal != NULL )
+      {
+          nsCCodebasePrincipal *pNSCCodebasePrincipal = (nsCCodebasePrincipal *)pNSICodebasePrincipal;
+          pNSPrinicipal = pNSCCodebasePrincipal->GetPeer();
+          pNSCCodebasePrincipal->Release();
+      }
+      else
+      {
+         return NS_ERROR_NULL_POINTER;
+      }
+   }
+   else
   if (pNSIPrincipal->QueryInterface(kICertPrincipalIID,
                            (void**)&pNSISupports) == NS_OK) 
   {
@ -264,7 +302,7 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
   {
      return NS_ERROR_NO_INTERFACE;
   }
-   *ppNSPRincipal = pNSPrinicipal;
+   *ppNSPrincipal = pNSPrinicipal;
   return NS_OK;
 }

@ -287,7 +325,6 @@ nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege)
 nsPrivilege *
 nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state)
 {
-    nsPrivilege *pNSPrivilege;
    nsPermissionState permission;
    nsDurationState duration;

--- a/caps/src/nsCCodeSourcePrincipal.cpp
+++ b/caps/src/nsCCodeSourcePrincipal.cpp
@ -21,7 +21,7 @@
 #include "nsCCertPrincipal.h"
 #include "nsPrincipal.h"

-NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICCODESOURCEPRINCIPAL_IID);
+NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);

 ////////////////////////////////////////////////////////////////////////////
 // from nsISupports:
--- a/caps/src/nsPrincipal.cpp
+++ b/caps/src/nsPrincipal.cpp
@ -737,6 +737,9 @@ nsPrincipal::getCertAttribute(int attrib)

    if (itsType == nsPrincipalType_CertChain) {
      char *attributeStr;
+      if (itsCertArray) {
+        return "Untrusted certificate (unknown attributes)";
+      }
      CERTCertificate *cert = (CERTCertificate *)itsCertArray->Get(0);
      switch (attrib) {
 #ifdef MOZ_SECURITY