diff --git a/allmakefiles.sh b/allmakefiles.sh index 98aa6a01fdf0..71eeb108ccbe 100755 --- a/allmakefiles.sh +++ b/allmakefiles.sh @@ -331,7 +331,7 @@ sun-java/stubs/src/Makefile caps/Makefile caps/idl/Makefile caps/include/Makefile -caps/public/Makefile +# caps/public/Makefile caps/src/Makefile view/Makefile view/public/Makefile diff --git a/caps/idl/nsICapsManager.idl b/caps/idl/nsICapsManager.idl index 6d2349342183..69c8a81d4fb6 100644 --- a/caps/idl/nsICapsManager.idl +++ b/caps/idl/nsICapsManager.idl @@ -62,11 +62,9 @@ interface nsICapsManager : nsISupports { }; %{C++ -#define NS_CCAPSMANAGER_CID \ -{ /* fd347500-307f-11d2-97f0-00805f8a28d0 */ \ - 0xfd347500, \ - 0x307f, \ - 0x11d2, \ - {0x97, 0xf0, 0x00, 0x80, 0x5f, 0x8a, 0x28, 0xd0} \ -} +#define NS_CCAPSMANAGER_CID \ +{ 0xe6724a60, 0x4b90, 0x11d3, \ +{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }} +#define NS_CCAPSMANAGER_PROGID "component://netscape/ccapsmanager" +#define NS_CCAPSMANAGER_CLASSNAME "ccapsmanager" %} \ No newline at end of file diff --git a/caps/idl/nsIPrincipal.idl b/caps/idl/nsIPrincipal.idl index 754dfab84499..385d74c083d3 100644 --- a/caps/idl/nsIPrincipal.idl +++ b/caps/idl/nsIPrincipal.idl @@ -15,7 +15,7 @@ * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ - +/*defines interfaces for codebase and certificate principals*/ #include "nsISupports.idl" [uuid(ff9313d0-25e1-11d2-8160-006008119d7a)] diff --git a/caps/idl/nsIPrincipalArray.idl b/caps/idl/nsIPrincipalArray.idl index 52126d1a4631..33233921528a 100644 --- a/caps/idl/nsIPrincipalArray.idl +++ b/caps/idl/nsIPrincipalArray.idl @@ -15,6 +15,7 @@ * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ +/*used to pass principals through xpcom in arrays*/ #include "nsISupports.idl" #include "nsIPrincipal.idl" diff --git a/caps/idl/nsIPrincipalManager.idl b/caps/idl/nsIPrincipalManager.idl index 95a6452e5e48..85267204103a 100644 --- a/caps/idl/nsIPrincipalManager.idl +++ b/caps/idl/nsIPrincipalManager.idl @@ -15,6 +15,7 @@ * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ +/*creates, registers, and performs logical operations on principals*/ #include "nsISupports.idl" #include "nsIPrincipal.idl" #include "nsITarget.idl" @@ -22,9 +23,6 @@ interface nsIScriptContext; -//#define NS_ALL_PRIVILEGES ((nsITarget *)NULL) - - [uuid(dc7d0bb0-25e1-11d2-8160-006008119d7a)] interface nsIPrincipalManager : nsISupports { @@ -37,6 +35,8 @@ interface nsIPrincipalManager : nsISupports void RegisterPrincipal(in nsIPrincipal prin); + void UnregisterPrincipal(in nsIPrincipal prin, out boolean result); + void CanExtendTrust(in nsIPrincipalArray fromPrinArray, in nsIPrincipalArray toPrinArray, out boolean result); void NewPrincipalArray(in unsigned long count, out nsIPrincipalArray result); @@ -44,3 +44,10 @@ interface nsIPrincipalManager : nsISupports void CheckMatchPrincipal(in nsIScriptContext cx, in nsIPrincipal principal, in long callerDepth, out boolean result); }; +%{C++ +#define NS_PRINCIPALMANAGER_CID \ +{ 0x7ee2a4c0, 0x4b91, 0x11d3, \ +{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }} +#define NS_PRINCIPALMANAGER_PROGID "component://netscape/principalmanager" +#define NS_PRINCIPALMANAGER_CLASSNAME "principalmanager" +%} \ No newline at end of file diff --git a/caps/idl/nsIPrivilege.idl b/caps/idl/nsIPrivilege.idl index c84460d2e83e..342d31d92554 100644 --- a/caps/idl/nsIPrivilege.idl +++ b/caps/idl/nsIPrivilege.idl @@ -15,6 +15,7 @@ * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ +/*describes the state and duration of privileges*/ #include "nsISupports.idl" [uuid(0bbbb636-3e11-11d3-ba10-0060b0f199a2)] diff --git a/caps/idl/nsIPrivilegeManager.idl b/caps/idl/nsIPrivilegeManager.idl index 66a3cf2c7b80..c747e41a7c90 100644 --- a/caps/idl/nsIPrivilegeManager.idl +++ b/caps/idl/nsIPrivilegeManager.idl @@ -15,6 +15,7 @@ * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ +/* handles operations dealing with enabling and disabling privileges */ #include "nsISupports.idl" #include "nsIPrincipal.idl" #include "nsITarget.idl" @@ -43,4 +44,11 @@ interface nsIPrivilegeManager : nsISupports void SetPermission(in nsIPrincipal useThisPrin, in nsITarget target, in nsIPrivilege newPrivilege); -}; \ No newline at end of file +}; +%{C++ +#define NS_PRIVILEGEMANAGER_CID \ +{ 0x422e8544, 0x4b91, 0x11d3, \ +{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }} +#define NS_PRIVILEGEMANAGER_PROGID "component://netscape/privilegemanager" +#define NS_PRIVILEGEMANAGER_CLASSNAME "privilegemanager" +%} \ No newline at end of file diff --git a/caps/include/MANIFEST b/caps/include/MANIFEST index 8d2698434da4..51927f48f5b6 100644 --- a/caps/include/MANIFEST +++ b/caps/include/MANIFEST @@ -2,7 +2,6 @@ admin.h jpermission.h nsCaps.h nsCCapsManager.h -nsCCapsManagerFactory.h nsCertificatePrincipal.h nsCodebasePrincipal.h nsLoadZig.h diff --git a/caps/include/Makefile.in b/caps/include/Makefile.in index 5dd7c93cf470..6dabd0f184c3 100644 --- a/caps/include/Makefile.in +++ b/caps/include/Makefile.in @@ -28,7 +28,6 @@ EXPORTS = \ jpermission.h \ nsCaps.h \ nsCCapsManager.h \ - nsCCapsManagerFactory.h \ nsCertificatePrincipal.h \ nsCodebasePrincipal.h \ nsLoadZig.h \ diff --git a/caps/include/admin.h b/caps/include/admin.h index 836c82d7d538..3887aecede4b 100644 --- a/caps/include/admin.h +++ b/caps/include/admin.h @@ -12,10 +12,10 @@ * * The Initial Developer of this code under the NPL is Netscape * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ - +/*native java calls from oji into security system*/ #ifndef _ADMIN_H_ #define _ADMIN_H_ diff --git a/caps/include/jpermission.h b/caps/include/jpermission.h index c09629aca5e9..3c8e0d289b18 100644 --- a/caps/include/jpermission.h +++ b/caps/include/jpermission.h @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*native java calls from oji into security system dealing with user targets*/ #ifndef _JPERMISSION_H_ #define _JPERMISSION_H_ diff --git a/caps/include/makefile.win b/caps/include/makefile.win index 1acef4defeba..6251a14bb434 100755 --- a/caps/include/makefile.win +++ b/caps/include/makefile.win @@ -33,7 +33,6 @@ EXPORTS= \ jpermission.h \ nsCaps.h \ nsCCapsManager.h \ - nsCCapsManagerFactory.h \ nsCertificatePrincipal.h \ nsCodebasePrincipal.h \ nsLoadZig.h \ diff --git a/caps/include/nsCCapsManager.h b/caps/include/nsCCapsManager.h index 5fe653aa3004..b1dc9dd47ddc 100644 --- a/caps/include/nsCCapsManager.h +++ b/caps/include/nsCCapsManager.h @@ -39,13 +39,11 @@ */ class nsCCapsManager : public nsICapsManager { public: -//////////////////////////////////////////////////////////////////////////// -// from nsISupports and AggregatedQueryInterface: -NS_DECL_AGGREGATED +NS_DECL_ISUPPORTS -//////////////////////////////////////////////////////////////////////////// -// from nsICapsManager: +nsPrivilegeManager * thePrivilegeManager; +nsPrincipalManager * thePrincipalManager; NS_IMETHOD GetPrincipalManager(nsIPrincipalManager * * prinMan); @@ -95,24 +93,22 @@ DisablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 cal NS_IMETHOD IsAllowed(void * annotation, const char * target, PRBool * result); -nsCCapsManager(nsISupports *aOuter); +static nsCCapsManager * +GetSecurityManager(); + virtual ~nsCCapsManager(void); +private: + +nsCCapsManager(void); + +/* void CreateNSPrincipalArray(nsIPrincipalArray * prinArray, nsIPrincipalArray * * pPrincipalArray); NS_METHOD GetNSPrincipalArray(nsIPrincipalArray * prinArray, nsIPrincipalArray * * pPrincipalArray); - -void -SetSystemPrivilegeManager(); - -void -SetSystemPrincipalManager(); - -protected: - nsIPrivilegeManager * privilegeManager; - nsIPrincipalManager * principalManager; +*/ }; #endif // nsCCapsManager_h___ diff --git a/caps/include/nsCCapsManagerFactory.h b/caps/include/nsCCapsManagerFactory.h deleted file mode 100644 index e5369f5f8be1..000000000000 --- a/caps/include/nsCCapsManagerFactory.h +++ /dev/null @@ -1,52 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#ifndef nsCCapsManagerFactory_h___ -#define nsCCapsManagerFactory_h___ - -#include "nsISupports.h" -#include "nsIFactory.h" - -class nsCCapsManagerFactory : public nsIFactory { -public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports and AggregatedQueryInterface: - - NS_DECL_ISUPPORTS - - //////////////////////////////////////////////////////////////////////////// - // from nsIFactory: - - NS_IMETHOD - CreateInstance(nsISupports *aOuter, REFNSIID aIID, void **aResult); - - NS_IMETHOD - LockFactory(PRBool aLock); - - - //////////////////////////////////////////////////////////////////////////// - // from nsCCapsManagerFactory: - - nsCCapsManagerFactory(void); - virtual ~nsCCapsManagerFactory(void); - -protected: - static nsIFactory *m_pNSIFactory; -}; - -#endif // nsCCapsManagerFactory_h___ diff --git a/caps/include/nsCaps.h b/caps/include/nsCaps.h index 4a159692b3ee..5f36a570f9a9 100644 --- a/caps/include/nsCaps.h +++ b/caps/include/nsCaps.h @@ -30,8 +30,8 @@ class nsPrivilegeManager; struct NSJSJavaFrameWrapper; /* wrappers for nsPrivilegeManager object */ -PR_IMPLEMENT(PRBool) -nsCapsInitialize(); +//PR_IMPLEMENT(PRBool) +//nsCapsInitialize(); PR_EXTERN(PRBool) nsCapsRegisterPrincipal(class nsIPrincipal * principal); diff --git a/caps/include/nsCertificatePrincipal.h b/caps/include/nsCertificatePrincipal.h index 5b5437cb921b..223527982c1d 100644 --- a/caps/include/nsCertificatePrincipal.h +++ b/caps/include/nsCertificatePrincipal.h @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*describes principals for use with signed scripts*/ #ifndef _NS_CERTIFICATE_PRINCIPAL_H_ #define _NS_CERTIFICATE_PRINCIPAL_H_ #include "nsVector.h" diff --git a/caps/include/nsCodebasePrincipal.h b/caps/include/nsCodebasePrincipal.h index eb519ce08533..b698f58c284f 100644 --- a/caps/include/nsCodebasePrincipal.h +++ b/caps/include/nsCodebasePrincipal.h @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/* describes principals by their orginating uris*/ #ifndef _NS_CODEBASE_PRINCIPAL_H_ #define _NS_CODEBASE_PRINCIPAL_H_ diff --git a/caps/include/nsPrincipalArray.h b/caps/include/nsPrincipalArray.h index c9998151de4f..4404f4f15e14 100644 --- a/caps/include/nsPrincipalArray.h +++ b/caps/include/nsPrincipalArray.h @@ -1,3 +1,21 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * + * The contents of this file are subject to the Netscape Public License + * Version 1.0 (the "NPL"); you may not use this file except in + * compliance with the NPL. You may obtain a copy of the NPL at + * http://www.mozilla.org/NPL/ + * + * Software distributed under the NPL is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL + * for the specific language governing rights and limitations under the + * NPL. + * + * The Initial Developer of this code under the NPL is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1999 Netscape Communications Corporation. All Rights + * Reserved. + */ +/*used to pass principals through xpcom in arrays*/ #ifndef _NS_PRINCIPAL_ARRAY_H_ #define _NS_PRINCIPAL_ARRAY_H_ @@ -66,4 +84,4 @@ public: } }; -#endif /* _NS_PRINCIPAL_TOOLS_H_ */ +#endif /* _NS_PRINCIPAL_ARRAY_H_ */ diff --git a/caps/include/nsPrincipalManager.h b/caps/include/nsPrincipalManager.h index a28e36c36197..ba110931c88e 100644 --- a/caps/include/nsPrincipalManager.h +++ b/caps/include/nsPrincipalManager.h @@ -12,17 +12,15 @@ * * The Initial Developer of this code under the NPL is Netscape * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ - +/*creates, registers, and performs logical operations on principals*/ #ifndef _NS_PRINCIPAL_MANAGER_H_ #define _NS_PRINCIPAL_MANAGER_H_ #include "nsIPrincipalManager.h" -#include "nsPrivilegeManager.h" - -PRBool nsPrincipalManagerInitialize(void); +#include "nsHashtable.h" class nsPrincipalManager : public nsIPrincipalManager { @@ -30,6 +28,11 @@ public: NS_DECL_ISUPPORTS + static nsPrincipalManager * + GetPrincipalManager(); + + virtual ~nsPrincipalManager(void); + NS_IMETHOD CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal * * prin); @@ -39,6 +42,12 @@ public: NS_IMETHOD RegisterPrincipal(nsIPrincipal * prin); + NS_IMETHOD + UnregisterPrincipal(nsIPrincipal * prin, PRBool * result); + + void + RegisterSystemPrincipal(nsIPrincipal * principal); + NS_IMETHOD CanExtendTrust(nsIPrincipalArray * fromPrinArray, nsIPrincipalArray * toPrinArray, PRBool * result); @@ -69,9 +78,6 @@ public: static nsIPrincipal * GetUnknownPrincipal(void); - static nsPrincipalManager * - GetPrincipalManager(void); - const char * GetAllPrincipalsString(void); @@ -81,22 +87,16 @@ public: void RemoveFromPrincipalNameToPrincipalTable(nsIPrincipal * prin); - void - SetSystemPrincipal(nsIPrincipal * prin); - nsIPrincipalArray * GetClassPrincipalsFromStack(PRInt32 callerDepth); nsIPrincipalArray * GetClassPrincipalsFromStack(nsIScriptContext * context, PRInt32 callerDepth); - nsPrincipalManager(void); - virtual ~nsPrincipalManager(void); private: + nsPrincipalManager(void); nsHashtable * itsPrinNameToPrincipalTable; - static PRBool theInited; - }; #endif /* _NS_PRINCIPAL_MANAGER_H_*/ diff --git a/caps/include/nsPrivilege.h b/caps/include/nsPrivilege.h index ab0e71925ef9..cb67761bd800 100755 --- a/caps/include/nsPrivilege.h +++ b/caps/include/nsPrivilege.h @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*describes the state and duration of privileges*/ #ifndef _NS_PRIVILEGE_H_ #define _NS_PRIVILEGE_H_ diff --git a/caps/include/nsPrivilegeManager.h b/caps/include/nsPrivilegeManager.h index f13200915bcb..697db7caee2d 100755 --- a/caps/include/nsPrivilegeManager.h +++ b/caps/include/nsPrivilegeManager.h @@ -15,10 +15,11 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/* handles operations dealing with enabling and disabling privileges */ #ifndef _NS_PRIVILEGE_MANAGER_H_ #define _NS_PRIVILEGE_MANAGER_H_ +#include "nsIPrivilegeManager.h" #include "prtypes.h" #include "prio.h" #include "prmon.h" @@ -28,7 +29,8 @@ #include "nsTarget.h" #include "nsIPrincipal.h" #include "nsIPrincipalArray.h" -#include "nsIPrivilegeManager.h" +#include "nsIPrincipalManager.h" +#include "nsPrincipalManager.h" #include "nsIPrivilege.h" #include "nsPrivilegeTable.h" #include "nsSystemPrivilegeTable.h" @@ -40,15 +42,18 @@ PR_BEGIN_EXTERN_C PRBool CMGetBoolPref(char * pref_name); PR_END_EXTERN_C -PRBool nsPrivilegeManagerInitialize(void); - class nsPrivilegeManager : public nsIPrivilegeManager { public: +nsHashtable * itsPrinToPrivTable; +nsHashtable * itsPrinToMacroTargetPrivTable; + NS_DECL_ISUPPORTS -nsPrivilegeManager(void); +static nsPrivilegeManager * +GetPrivilegeManager(); + virtual ~nsPrivilegeManager(void); static nsIPrivilege * @@ -139,9 +144,6 @@ CheckPrivilegeGranted(nsIScriptContext * context, nsITarget * target, PRInt32 ca NS_IMETHOD GetPrincipalPrivilege(nsITarget * target, nsIPrincipal * prin, void * data, nsIPrivilege * * result); -static nsPrivilegeManager * -GetPrivilegeManager(void); - char * CheckPrivilegeEnabled(nsTargetArray * targetArray, PRInt32 callerDepth, void *data); @@ -163,37 +165,23 @@ RemovePrincipalsPrivilege(const char * prinName, const char * targetName, PRBool void Remove(nsIPrincipal *prin, nsITarget *target); -/* Helper functions for ADMIN UI */ PRBool RemovePrincipal(char *prinName); -void -RegisterSystemPrincipal(nsIPrincipal * principal); - -void -RegisterPrincipal(nsIPrincipal * principal); - -PRBool -UnregisterPrincipal(nsIPrincipal * principal); - void RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsITarget * target, nsIPrivilege * newPrivilege); -/* End of native methods */ +void +Save(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege); + +void +Load(void); private: - -nsHashtable * itsPrinToPrivTable; -nsHashtable * itsPrinToMacroTargetPrivTable; - -static PRBool theSecurityInited; +nsPrivilegeManager(void); static char * SignedAppletDBName; -static PRBool theInited; - -/* Private Methods */ - PRBool EnablePrivilegePrivate(nsIScriptContext * context, nsITarget *target, nsIPrincipal *preferredPrincipal, PRInt32 callerDepth); @@ -204,14 +192,6 @@ GetPrincipalPrivilege(nsITarget * target, nsIPrincipalArray * callerPrinArray, v PRBool IsPermissionGranted(nsITarget *target, nsIPrincipalArray * callerPrinArray, void *data); - - /* The following methods are used to save and load the persistent store */ -void -Save(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege); - -void -Load(void); }; - #endif /* _NS_PRIVILEGE_MANAGER_H_ */ diff --git a/caps/include/nsUserTarget.h b/caps/include/nsUserTarget.h index 06ba9086ca97..2a7e0b851ec4 100755 --- a/caps/include/nsUserTarget.h +++ b/caps/include/nsUserTarget.h @@ -72,7 +72,7 @@ public: { } - nsIPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data); + NS_IMETHOD EnablePrivilege(nsIPrincipal * prin, void * data, nsIPrivilege * * result); private: diff --git a/caps/src/Makefile.in b/caps/src/Makefile.in index f38a3c8906dd..7b65ff817977 100644 --- a/caps/src/Makefile.in +++ b/caps/src/Makefile.in @@ -22,14 +22,15 @@ VPATH = @srcdir@ include $(DEPTH)/config/autoconf.mk -MODULE = caps -LIBRARY_NAME = caps +MODULE = caps +LIBRARY_NAME = caps + +IS_COMPONENT = 1 CPPSRCS = \ admin.cpp \ nsCaps.cpp \ nsCCapsManager.cpp \ - nsCCapsManagerFactory.cpp \ nsCertificatePrincipal.cpp \ nsCodebasePrincipal.cpp \ nsPrincipalArray.cpp \ @@ -37,6 +38,7 @@ CPPSRCS = \ nsPrivilege.cpp \ nsPrivilegeManager.cpp \ nsPrivilegeTable.cpp \ + nsSecurityManagerFactory.cpp \ nsSystemPrivilegeTable.cpp \ nsTarget.cpp \ nsUserDialogHelper.cpp \ diff --git a/caps/src/admin.cpp b/caps/src/admin.cpp index 99b697314dcf..98165c15f7f1 100644 --- a/caps/src/admin.cpp +++ b/caps/src/admin.cpp @@ -12,10 +12,13 @@ * * The Initial Developer of this code under the NPL is Netscape * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ +/*native java calls from oji into security system*/ +// nsresult rv; +// NS_WITH_SERVICE(nsIPrincipalManager, observer, "component://netscape/observer-service",& rv); #include "prtypes.h" #include "prmem.h" @@ -38,17 +41,19 @@ extern "C" { PR_PUBLIC_API(const char *) java_netscape_security_getPrincipals(const char *charSetName) { - const char * prins = nsPrincipalManager::GetPrincipalManager()->GetAllPrincipalsString(); - PRBool test_admin_api = PR_FALSE; - if (test_admin_api) { - char *a1; - char *a2; - char *a3; - java_netscape_security_getPrivilegeDescs(NULL, "raman tenneti", &a1, &a2, &a3); - java_netscape_security_removePrivilege(NULL, "raman tenneti", "Reading, modification, or deletion of any of your files"); - java_netscape_security_removePrincipal(NULL, "raman tenneti"); - } - return prins; + + + const char * prins = nsPrincipalManager::GetPrincipalManager()->GetAllPrincipalsString(); + PRBool test_admin_api = PR_FALSE; + if (test_admin_api) { + char *a1; + char *a2; + char *a3; + java_netscape_security_getPrivilegeDescs(NULL, "raman tenneti", &a1, &a2, &a3); + java_netscape_security_removePrivilege(NULL, "raman tenneti", "Reading, modification, or deletion of any of your files"); + java_netscape_security_removePrincipal(NULL, "raman tenneti"); + } + return prins; } PR_PUBLIC_API(PRBool) diff --git a/caps/src/jpermission.c b/caps/src/jpermission.c index fde5eb96c27c..071e95737409 100644 --- a/caps/src/jpermission.c +++ b/caps/src/jpermission.c @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*native java calls from oji into security system dealing with user targets*/ #include "prtypes.h" #include "nspr.h" #include "prmem.h" diff --git a/caps/src/makefile.win b/caps/src/makefile.win index f41547cd8bd7..1057b4ae2a24 100755 --- a/caps/src/makefile.win +++ b/caps/src/makefile.win @@ -54,23 +54,23 @@ C_OBJS= \ .\$(OBJDIR)\nsZip.obj \ $(NULL) -CPP_OBJS= \ - .\$(OBJDIR)\admin.obj \ - .\$(OBJDIR)\nsCaps.obj \ - .\$(OBJDIR)\nsCCapsManager.obj \ - .\$(OBJDIR)\nsCCapsManagerFactory.obj \ - .\$(OBJDIR)\nsCertificatePrincipal.obj \ - .\$(OBJDIR)\nsCodebasePrincipal.obj \ - .\$(OBJDIR)\nsPrincipalArray.obj \ - .\$(OBJDIR)\nsPrincipalManager.obj \ - .\$(OBJDIR)\nsPrivilege.obj \ - .\$(OBJDIR)\nsPrivilegeManager.obj \ - .\$(OBJDIR)\nsPrivilegeTable.obj \ - .\$(OBJDIR)\nsSystemPrivilegeTable.obj \ - .\$(OBJDIR)\nsTarget.obj \ - .\$(OBJDIR)\nsUserDialogHelper.obj \ - .\$(OBJDIR)\nsUserTarget.obj \ - .\$(OBJDIR)\nsZig.obj \ +CPP_OBJS= \ + .\$(OBJDIR)\admin.obj \ + .\$(OBJDIR)\nsCaps.obj \ + .\$(OBJDIR)\nsCCapsManager.obj \ + .\$(OBJDIR)\nsCertificatePrincipal.obj \ + .\$(OBJDIR)\nsCodebasePrincipal.obj \ + .\$(OBJDIR)\nsPrincipalArray.obj \ + .\$(OBJDIR)\nsPrincipalManager.obj \ + .\$(OBJDIR)\nsPrivilege.obj \ + .\$(OBJDIR)\nsPrivilegeManager.obj \ + .\$(OBJDIR)\nsPrivilegeTable.obj \ + .\$(OBJDIR)\nsSecurityManagerFactory.obj \ + .\$(OBJDIR)\nsSystemPrivilegeTable.obj \ + .\$(OBJDIR)\nsTarget.obj \ + .\$(OBJDIR)\nsUserDialogHelper.obj \ + .\$(OBJDIR)\nsUserTarget.obj \ + .\$(OBJDIR)\nsZig.obj \ $(NULL) #//------------------------------------------------------------------------ @@ -119,6 +119,10 @@ LLIBS = \ include <$(DEPTH)/config/rules.mak> install:: $(DLL) - $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin + $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin\components $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).lib $(DIST)\lib +clobber:: + rm -f $(DIST)\lib\$(DLLNAME).lib + rm -f $(DIST)\bin\components\$(DLLNAME).dll + diff --git a/caps/src/nsCCapsManager.cpp b/caps/src/nsCCapsManager.cpp index 7f0233f13c53..dce90a5abf52 100644 --- a/caps/src/nsCCapsManager.cpp +++ b/caps/src/nsCCapsManager.cpp @@ -29,46 +29,34 @@ #include "jarutil.h" #endif /* MOZ_SECURITY */ -static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID); -static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID); -static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID); - #define ALL_JAVA_PERMISSION "AllJavaPermission" -NS_IMPL_AGGREGATED(nsCCapsManager); +static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID); +static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID); -NS_METHOD -nsCCapsManager::AggregatedQueryInterface(const nsIID& aIID, void** aInstancePtr) +NS_IMPL_ISUPPORTS(nsCCapsManager, kICapsManagerIID); + + +nsCCapsManager * +nsCCapsManager::GetSecurityManager() { - if (aIID.Equals(kISupportsIID)) { - *aInstancePtr = GetInner(); - AddRef(); - return NS_OK; - } - if (aIID.Equals(kICapsManagerIID)) { - *aInstancePtr = this; - AddRef(); - return NS_OK; - } - return NS_NOINTERFACE; + static nsCCapsManager * capsMan = NULL; + if (!capsMan) + capsMan = new nsCCapsManager(); + return capsMan; } - - -//////////////////////////////////////////////////////////////////////////// -// from nsICapsManager: - NS_IMETHODIMP nsCCapsManager::GetPrincipalManager(nsIPrincipalManager * * prinMan) { - * prinMan = principalManager; + * prinMan = (nsIPrincipalManager *)nsPrincipalManager::GetPrincipalManager(); return NS_OK; } NS_IMETHODIMP nsCCapsManager::GetPrivilegeManager(nsIPrivilegeManager * * privMan) { - * privMan = privilegeManager; + * privMan = (nsIPrivilegeManager *)nsPrivilegeManager::GetPrivilegeManager(); return NS_OK; } @@ -92,9 +80,9 @@ nsCCapsManager::GetPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI nsITarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION); nsresult result = NS_OK; if( target == NULL ) return NS_OK; - if (privilegeManager != NULL) { + if (nsPrivilegeManager::GetPrivilegeManager() != NULL) { nsIPrivilege * privilege; - privilegeManager->GetPrincipalPrivilege(target, prin, NULL, & privilege); + nsPrivilegeManager::GetPrivilegeManager()->GetPrincipalPrivilege(target, prin, NULL, & privilege); // ARIEL WORK ON THIS SHIT // * privilegeState = this->ConvertPrivilegeToPermission(privilege); } @@ -106,11 +94,11 @@ nsCCapsManager::SetPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI { nsITarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION); if(target == NULL ) return NS_OK; - if (privilegeManager != NULL) { +// if (privilegeManager != NULL) { // WORK ON THIS ARIEL // nsPrivilege* privilege = this->ConvertPermissionToPrivilege(privilegeState); // privilegeManager->SetPermission(prin, target, privilegeState); - } +// } return NS_OK; } @@ -122,11 +110,11 @@ nsCCapsManager::AskPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI * privilegeState = nsIPrivilege::PrivilegeState_Blank; return NS_OK; } - if (privilegeManager != NULL) { + if (nsPrivilegeManager::GetPrivilegeManager() != NULL) { PRBool perm; - privilegeManager->AskPermission(prin, target, NULL, & perm); + nsPrivilegeManager::GetPrivilegeManager()->AskPermission(prin, target, NULL, & perm); nsIPrivilege * privilege; - privilegeManager->GetPrincipalPrivilege(target, prin, NULL,& privilege); + nsPrivilegeManager::GetPrivilegeManager()->GetPrincipalPrivilege(target, prin, NULL,& privilege); // * privilegeState = ConvertPrivilegeToPermission(privilege); } return NS_OK; @@ -141,7 +129,7 @@ nsCCapsManager::AskPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI NS_METHOD nsCCapsManager::Initialize(PRBool * result) { - * result = nsCapsInitialize(); +// * result = nsCapsInitialize(); return NS_OK; } @@ -174,7 +162,6 @@ NS_METHOD nsCCapsManager::EnablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool * ret_val) { nsITarget *target = nsTarget::FindTarget((char*)targetName); - nsresult result = NS_OK; if( target == NULL ) { * ret_val = PR_FALSE; @@ -200,14 +187,12 @@ NS_METHOD nsCCapsManager::IsPrivilegeEnabled(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { nsITarget *target = nsTarget::FindTarget((char*)targetName); - nsresult result = NS_OK; if( target == NULL ) { * ret_val = PR_FALSE; return NS_OK; } - if (privilegeManager != NULL) - privilegeManager->IsPrivilegeEnabled(context, target, callerDepth, ret_val); + nsPrivilegeManager::GetPrivilegeManager()->IsPrivilegeEnabled(context, target, callerDepth, ret_val); return NS_OK; } @@ -215,13 +200,11 @@ NS_METHOD nsCCapsManager::RevertPrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { nsITarget *target = nsTarget::FindTarget((char*)targetName); - nsresult result = NS_OK; if( target == NULL ) { * ret_val = PR_FALSE; return NS_OK; } - if (privilegeManager != NULL) - privilegeManager->RevertPrivilege(context, target, callerDepth,ret_val); + nsPrivilegeManager::GetPrivilegeManager()->RevertPrivilege(context, target, callerDepth,ret_val); return NS_OK; } @@ -229,13 +212,11 @@ NS_METHOD nsCCapsManager::DisablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { nsITarget *target = nsTarget::FindTarget((char*)targetName); - nsresult result = NS_OK; if( target == NULL ) { * ret_val = PR_FALSE; return NS_OK; } - if (privilegeManager != NULL) - privilegeManager->DisablePrivilege(context, target, callerDepth,ret_val); + nsPrivilegeManager::GetPrivilegeManager()->DisablePrivilege(context, target, callerDepth,ret_val); return NS_OK; } @@ -323,7 +304,6 @@ NS_METHOD nsCCapsManager::IsAllowed(void *annotation, const char * targetName, PRBool * ret_val) { nsITarget *target = nsTarget::FindTarget((char *)targetName); - nsresult result = NS_OK; if( target == NULL ) { *ret_val = PR_FALSE; return NS_OK; @@ -339,23 +319,21 @@ nsCCapsManager::IsAllowed(void *annotation, const char * targetName, PRBool * re return NS_OK; } -nsCCapsManager::nsCCapsManager(nsISupports * aOuter):privilegeManager(NULL) +nsCCapsManager::nsCCapsManager() { - NS_INIT_AGGREGATED(aOuter); -// PRBool result; -// privilegeManager = (Initialize(& result) == NS_OK) ? new nsPrivilegeManager(): NULL; + NS_INIT_REFCNT(); + NS_ADDREF(this); } nsCCapsManager::~nsCCapsManager() { } - +/* void nsCCapsManager::CreateNSPrincipalArray(nsIPrincipalArray* prinArray, nsIPrincipalArray* *pPrincipalArray) { //prin arrays will either be removed, or updated to use the nsIPrincipal Object -/* nsIPrincipal* pNSIPrincipal; nsPrincipal *pNSPrincipal = NULL; @@ -374,8 +352,8 @@ nsCCapsManager::CreateNSPrincipalArray(nsIPrincipalArray* prinArray, newPrinArray->Set(index, pNSIPrincipal); } *pPrincipalArray = newPrinArray; - */ } +*/ /* NS_METHOD nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray, @@ -528,22 +506,3 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state) return nsPrivilege::findPrivilege(permission, duration); } */ -void -nsCCapsManager::SetSystemPrivilegeManager() -{ - nsIPrivilegeManager * pNSPrivilegeManager = (nsIPrivilegeManager *)nsPrivilegeManager::GetPrivilegeManager(); - if ((privilegeManager != NULL ) && (privilegeManager != pNSPrivilegeManager)) { - delete privilegeManager; - privilegeManager = pNSPrivilegeManager; - } -} - -void -nsCCapsManager::SetSystemPrincipalManager() -{ - nsIPrincipalManager * prinMan = (nsIPrincipalManager *)nsPrincipalManager::GetPrincipalManager(); - if ((principalManager != NULL ) && (principalManager != prinMan)) { - delete principalManager; - principalManager = prinMan; - } -} diff --git a/caps/src/nsCCapsManagerFactory.cpp b/caps/src/nsCCapsManagerFactory.cpp deleted file mode 100644 index 84ac544309db..000000000000 --- a/caps/src/nsCCapsManagerFactory.cpp +++ /dev/null @@ -1,149 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ -#include "prtypes.h" -#include "prmem.h" -#include "prmon.h" -#include "prlog.h" - -#include "nsCCapsManager.h" -#include "nsCCapsManagerFactory.h" -#include "nsIComponentManager.h" - -static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID); -static NS_DEFINE_IID(kIFactoryIID, NS_IFACTORY_IID); -static NS_DEFINE_IID(kCCapsManagerCID, NS_CCAPSMANAGER_CID); - -nsIFactory *nsCCapsManagerFactory::m_pNSIFactory = NULL; - -/*+++++++++++++++++++++++++++++++++++++++++++++++++ - * NSGetFactory: - * Provides entry point to liveconnect dll. - +++++++++++++++++++++++++++++++++++++++++++++++++*/ - -extern "C" NS_EXPORT nsresult -NSGetFactory(nsISupports* servMgr, - const nsCID &aClass, - const char *aClassName, - const char *aProgID, - nsIFactory **aFactory) -{ - - if (!aClass.Equals(kCCapsManagerCID)) { - return NS_ERROR_FACTORY_NOT_LOADED; // XXX right error? - } - nsCCapsManagerFactory* pCCapsManagerFactory = new nsCCapsManagerFactory(); - if (pCCapsManagerFactory == NULL) - return NS_ERROR_OUT_OF_MEMORY; - pCCapsManagerFactory->AddRef(); - *aFactory = pCCapsManagerFactory; - return NS_OK; -} - -extern "C" NS_EXPORT PRBool -NSCanUnload(nsISupports* serviceMgr) -{ - return PR_FALSE; -} - - - - - -//////////////////////////////////////////////////////////////////////////// -// from nsISupports - -NS_METHOD -nsCCapsManagerFactory::QueryInterface(const nsIID& aIID, void** aInstancePtr) -{ - PR_ASSERT(NULL != aInstancePtr); - if (NULL == aInstancePtr) { - return NS_ERROR_NULL_POINTER; - } - if (aIID.Equals(kIFactoryIID) || - aIID.Equals(kISupportsIID)) { - *aInstancePtr = (void*) this; - AddRef(); - return NS_OK; - } - return NS_NOINTERFACE; -} - -NS_IMPL_ADDREF(nsCCapsManagerFactory) -NS_IMPL_RELEASE(nsCCapsManagerFactory) - - -//////////////////////////////////////////////////////////////////////////// -// from nsIFactory: - -NS_METHOD -nsCCapsManagerFactory::CreateInstance(nsISupports *aOuter, REFNSIID aIID, void **aResult) -{ - nsCCapsManager *pNSCCapsManager = NULL; - *aResult = NULL; - - if (aOuter && !aIID.Equals(kISupportsIID)) - return NS_NOINTERFACE; // XXX right error? - pNSCCapsManager = new nsCCapsManager(aOuter); - if (pNSCCapsManager->QueryInterface(aIID, - (void**)aResult) != NS_OK) { - // then we're trying get a interface other than nsISupports and - // nsICapsManager - return NS_ERROR_FAILURE; - } - return NS_OK; -} - -NS_METHOD -nsCCapsManagerFactory::LockFactory(PRBool aLock) -{ - return NS_OK; -} - - - -//////////////////////////////////////////////////////////////////////////// -// from nsCCapsManagerFactory: - -nsCCapsManagerFactory::nsCCapsManagerFactory(void) -{ - if( m_pNSIFactory != NULL) - { - return; - } - - NS_INIT_REFCNT(); - nsresult err = NS_OK; - - err = this->QueryInterface(kIFactoryIID, (void**)&m_pNSIFactory); - if ( (err == NS_OK) && (m_pNSIFactory != NULL) ) - { - nsComponentManager::RegisterFactory(kCCapsManagerCID, 0, 0, - m_pNSIFactory, PR_FALSE); - } -} - -nsCCapsManagerFactory::~nsCCapsManagerFactory() -{ - if(mRefCnt == 0) - { - nsComponentManager::UnregisterFactory(kCCapsManagerCID, (nsIFactory *)m_pNSIFactory); - - } -} - - diff --git a/caps/src/nsCaps.cpp b/caps/src/nsCaps.cpp index 78b3487fdfae..d8a0552b51f3 100644 --- a/caps/src/nsCaps.cpp +++ b/caps/src/nsCaps.cpp @@ -30,7 +30,6 @@ #include "nsPrivilegeTable.h" #include "nsITarget.h" #include "nsCCapsManager.h" -#include "nsCCapsManagerFactory.h" /* * With the introduction of '-reg_mode' flag, @@ -54,54 +53,44 @@ static PRBool bNSCapsInitialized_g = PR_FALSE; */ /* wrappers for nsPrivilegeManager object */ +/* PR_IMPLEMENT(PRBool) nsCapsInitialize() { if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE; bNSCapsInitialized_g = PR_TRUE; nsIPrincipal * sysPrin = NULL; -/* #if defined(_WIN32) // sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class"); #else // sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class"); #endif -*/ // if (sysPrin == NULL) { // nsresult res; // sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49", // (unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res); // } - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); - if (nsPrivManager == NULL) { - nsPrivilegeManagerInitialize(); -// nsPrivilegeInitialize(); - nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); - } - PR_ASSERT(nsPrivManager != NULL); - nsPrivManager->RegisterSystemPrincipal(sysPrin); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + if (nsPrivManager == NULL) nsPrivilegeManagerInitialize(); + PR_ASSERT(nsPrivManager != NULL); + nsPrincipalManager * nsPrinManager = nsPrincipalManager::GetPrincipalManager(); + if (nsPrinManager == NULL) nsPrincipalManagerInitialize(); + nsPrinManager->RegisterSystemPrincipal(sysPrin); // New a class factory object and the constructor will register itself // as the factory object in the repository. All other modules should // FindFactory and use createInstance to create a instance of nsCCapsManager // and ask for nsICapsManager interface. - /* - nsCCapsManagerFactory *pNSCCapsManagerFactory = new nsCCapsManagerFactory(); - if ( pNSCCapsManagerFactory == NULL ) - { - return PR_FALSE; - } - */ return PR_TRUE; } - +*/ /* wrappers for nsPrivilegeManager object */ PR_IMPLEMENT(PRBool) nsCapsRegisterPrincipal(class nsIPrincipal *principal) { - nsPrivilegeManager * nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); - if(nsPrivManager == NULL) return PR_FALSE; - nsPrivManager->RegisterPrincipal(principal); + nsPrincipalManager * nsPrinManager = nsPrincipalManager::GetPrincipalManager(); + if(nsPrinManager == NULL) return PR_FALSE; + nsPrinManager->RegisterPrincipal(principal); return PR_TRUE; } diff --git a/caps/src/nsCertificatePrincipal.cpp b/caps/src/nsCertificatePrincipal.cpp index 67ad7bfc64a5..bfcae010ad32 100644 --- a/caps/src/nsCertificatePrincipal.cpp +++ b/caps/src/nsCertificatePrincipal.cpp @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*describes principals for use in signed scripts*/ #include "nsCertificatePrincipal.h" static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID); diff --git a/caps/src/nsCodebasePrincipal.cpp b/caps/src/nsCodebasePrincipal.cpp index 8ebb2ff3305e..7c0435a5dafc 100644 --- a/caps/src/nsCodebasePrincipal.cpp +++ b/caps/src/nsCodebasePrincipal.cpp @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/* describes principals by thier orginating uris*/ #include "nsCodebasePrincipal.h" #include "xp.h" diff --git a/caps/src/nsPrincipalArray.cpp b/caps/src/nsPrincipalArray.cpp index f1e47e6554b7..13fefd803622 100644 --- a/caps/src/nsPrincipalArray.cpp +++ b/caps/src/nsPrincipalArray.cpp @@ -1,3 +1,21 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * + * The contents of this file are subject to the Netscape Public License + * Version 1.0 (the "NPL"); you may not use this file except in + * compliance with the NPL. You may obtain a copy of the NPL at + * http://www.mozilla.org/NPL/ + * + * Software distributed under the NPL is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL + * for the specific language governing rights and limitations under the + * NPL. + * + * The Initial Developer of this code under the NPL is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1999 Netscape Communications Corporation. All Rights + * Reserved. + */ +/*used to pass principals through xpcom in arrays*/ #include "nsPrincipalArray.h" static NS_DEFINE_IID(kIPrincipalArrayIID, NS_IPRINCIPALARRAY_IID); @@ -66,13 +84,13 @@ nsPrincipalArray::ComparePrincipalArray(nsIPrincipalArray * other, PRInt16 * com nsIPrincipal * prin; PRUint32 i; other->GetPrincipalArraySize(& i); - for (i; i-- > 0;) { + while (i-- > 0) { other->GetPrincipalArrayElement(i,& prin); PrincipalKey prinKey(prin); p2Hashtable->Put(& prinKey, (void *)PR_TRUE); } this->GetPrincipalArraySize(& i); - for (i; i-- > 0;) { + while (i-- > 0) { this->GetPrincipalArrayElement(i,& prin); PrincipalKey prinKey(prin); value = (PRBool)p2Hashtable->Get(&prinKey); @@ -84,7 +102,7 @@ nsPrincipalArray::ComparePrincipalArray(nsIPrincipalArray * other, PRInt16 * com if (value == PR_TRUE) p2Hashtable->Put(&prinKey, (void *)PR_FALSE); } other->GetPrincipalArraySize(& i); - for (i; i-- > 0;) { + while(i-- > 0) { other->GetPrincipalArrayElement(i,& prin); PrincipalKey prinKey(prin); value = (PRBool)p2Hashtable->Get(&prinKey); @@ -105,16 +123,16 @@ nsPrincipalArray::IntersectPrincipalArray(nsIPrincipalArray * other, nsIPrincipa this->GetPrincipalArraySize(& thisLength); other->GetPrincipalArraySize(& otherLength); nsVector * in = new nsVector(); - PRUint32 count = 0; - nsIPrincipal * prin1, * prin2; - PRUint32 i = 0, j=0; + nsIPrincipal * prin1 = NULL, * prin2 = NULL; + PRUint32 i = 0, j = 0, count = 0; in->SetSize(thisLength, 1); PRUint32 inLength = in->GetSize(); + PRBool doesIntersect = PR_FALSE, eq = PR_FALSE; for (i=0; i < thisLength; i++) { for (j=0; j < otherLength; j++) { this->GetPrincipalArrayElement(i,& prin1); other->GetPrincipalArrayElement(j,& prin2); - PRBool eq; + prin1->Equals(prin2, & eq); if (eq) { in->Set(i, (void *)PR_TRUE); @@ -126,10 +144,9 @@ nsPrincipalArray::IntersectPrincipalArray(nsIPrincipalArray * other, nsIPrincipa } } * result = new nsPrincipalArray(count); - PRBool doesIntersect; PR_ASSERT(inLength == thisLength); PR_ASSERT(inLength == inLength); - for (i=0; i < inLength; i++) { + for (i = 0; i < inLength; i++) { doesIntersect = (PRBool)in->Get(i); if (doesIntersect) { PR_ASSERT(j < count); diff --git a/caps/src/nsPrincipalManager.cpp b/caps/src/nsPrincipalManager.cpp index 24ac06ab4e4d..93229106affc 100644 --- a/caps/src/nsPrincipalManager.cpp +++ b/caps/src/nsPrincipalManager.cpp @@ -15,7 +15,7 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/*creates, registers, and performs logical operations on principals*/ #include "prmem.h" #include "prmon.h" #include "prlog.h" @@ -27,6 +27,7 @@ #include "nsCaps.h" #include "nsCertificatePrincipal.h" #include "nsCodebasePrincipal.h" +#include "nsPrivilegeManager.h" #define UNSIGNED_PRINCIPAL_KEY "4a:52:4f:53:4b:49:4e:44" #define UNKNOWN_PRINCIPAL_KEY "52:4f:53:4b:49:4e:44:4a" @@ -39,8 +40,8 @@ static nsIPrincipalArray * theUnsignedPrincipalArray = NULL; char * gListOfPrincipals; +static PRBool RDF_RemovePrincipal(nsIPrincipal * prin); static PRBool GetPrincipalString(nsHashKey * aKey, void * aData, void * closure); -static nsPrincipalManager * thePrincipalManager = NULL; static NS_DEFINE_IID(kIPrincipalManagerIID, NS_IPRINCIPALMANAGER_IID); @@ -189,8 +190,7 @@ nsPrincipalManager::GetMyPrincipals(PRInt32 callerDepth) nsIPrincipalArray * nsPrincipalManager::GetMyPrincipals(nsIScriptContext * context, PRInt32 callerDepth) { - return (thePrincipalManager == NULL) - ? NULL : thePrincipalManager->GetClassPrincipalsFromStack(context, callerDepth); + return nsPrincipalManager::GetPrincipalManager()->GetClassPrincipalsFromStack(context, callerDepth); } @@ -213,7 +213,7 @@ nsPrincipalManager::AddToPrincipalNameToPrincipalTable(nsIPrincipal * prin) if (prinName == NULL) return; StringKey prinNameKey(prinName); nsCaps_lock(); - if (itsPrinNameToPrincipalTable->Get(& prinNameKey) == NULL) + if (!itsPrinNameToPrincipalTable->Get(& prinNameKey)) itsPrinNameToPrincipalTable->Put(& prinNameKey, prin); nsCaps_unlock(); @@ -260,21 +260,67 @@ nsPrincipalManager::GetAllPrincipalsString(void) return principalStrings; } -nsPrincipalManager * -nsPrincipalManager::GetPrincipalManager(void) -{ - return thePrincipalManager; -} - -void -nsPrincipalManager::SetSystemPrincipal(nsIPrincipal * prin) +void +nsPrincipalManager::RegisterSystemPrincipal(nsIPrincipal * prin) { + nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager(); + PrincipalKey prinKey(prin); + nsCaps_lock(); + if (!itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey)) + itsPrivilegeManager->itsPrinToPrivTable->Put(& prinKey, new nsSystemPrivilegeTable()); + if (!itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey)) + itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsSystemPrivilegeTable()); theSystemPrincipal = prin; + CreateSystemTargets(prin); + // Load the signed applet's ACL from the persistence store + itsPrivilegeManager->Load(); + nsCaps_unlock(); } NS_IMETHODIMP nsPrincipalManager::RegisterPrincipal(nsIPrincipal * prin) { + nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager(); + PrincipalKey prinKey(prin); + nsCaps_lock(); + if (!itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey)) + itsPrivilegeManager->itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable()); + if (!itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey)) { + itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsPrivilegeTable()); + } + this->AddToPrincipalNameToPrincipalTable(prin); + nsCaps_unlock(); + return NS_OK; +} + +NS_IMETHODIMP +nsPrincipalManager::UnregisterPrincipal(nsIPrincipal * prin, PRBool * result) +{ + nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager(); + PRBool eq; + prin->Equals(this->GetSystemPrincipal(),& eq); + if (result) { + * result = PR_FALSE; + return NS_OK; + } + PrincipalKey prinKey(prin); + nsCaps_lock(); + /* Get the privilegetables and free them up */ + nsPrivilegeTable * pt = + (nsPrivilegeTable *)itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey); + nsPrivilegeTable * mpt = + (nsPrivilegeTable *)itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey); + if(pt) delete pt; + if(mpt) delete mpt; + /* Remove the principal */ + void * old_prin = itsPrivilegeManager->itsPrinToPrivTable->Remove(& prinKey); + void * old_prin1 = itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Remove(& prinKey); + /* remove principal from PrinNameToPrincipalTable */ + this->RemoveFromPrincipalNameToPrincipalTable(prin); + /* remove the principal from RDF also */ + RDF_RemovePrincipal(prin); + nsCaps_unlock(); + * result = ((old_prin == NULL) && (old_prin1 == NULL)) ? PR_FALSE : PR_TRUE; return NS_OK; } @@ -289,8 +335,16 @@ nsPrincipalManager::NewPrincipalArray(PRUint32 count, nsIPrincipalArray * * resu nsPrincipalManager::nsPrincipalManager(void) { + NS_INIT_REFCNT(); + NS_ADDREF(this); nsCaps_lock(); itsPrinNameToPrincipalTable = new nsHashtable(); + theUnsignedPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNSIGNED_PRINCIPAL_KEY); + theUnsignedPrincipalArray = new nsPrincipalArray(); + theUnsignedPrincipalArray->AddPrincipalArrayElement(theUnsignedPrincipal); + theUnknownPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNKNOWN_PRINCIPAL_KEY); + theUnknownPrincipalArray = new nsPrincipalArray(); + theUnknownPrincipalArray->AddPrincipalArrayElement(theUnknownPrincipal); nsCaps_unlock(); } @@ -300,17 +354,41 @@ nsPrincipalManager::~nsPrincipalManager(void) { nsCaps_unlock(); } -PRBool -nsPrincipalManagerInitialize(void) +nsPrincipalManager * +nsPrincipalManager::GetPrincipalManager() { - theUnsignedPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNSIGNED_PRINCIPAL_KEY); - theUnsignedPrincipalArray = new nsPrincipalArray(); - theUnsignedPrincipalArray->AddPrincipalArrayElement(theUnsignedPrincipal); - theUnknownPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNKNOWN_PRINCIPAL_KEY); - theUnknownPrincipalArray = new nsPrincipalArray(); - theUnknownPrincipalArray->AddPrincipalArrayElement(theUnknownPrincipal); - thePrincipalManager = new nsPrincipalManager(); - return PR_TRUE; + static nsPrincipalManager * prinMan = NULL; + if(!prinMan) + prinMan = new nsPrincipalManager(); + return prinMan; } -PRBool nsPrincipalManager::theInited = nsPrincipalManagerInitialize(); +static PRBool +RDF_RemovePrincipal(nsIPrincipal * prin) +{ + PRBool found = PR_FALSE; +#ifdef ENABLE_RDF + nsCaps_lock(); + RDFJSec_InitPrivilegeDB(); + RDF_Cursor prin_cursor = RDFJSec_ListAllPrincipals(); + if (prin_cursor == NULL) { + nsCaps_unlock(); + return PR_FALSE; + } + JSec_Principal jsec_prin; + nsIPrincipal * cur_prin = NULL; + while ((jsec_prin = RDFJSec_NextPrincipal(prin_cursor)) != NULL) { + if ((cur_prin = RDF_getPrincipal(jsec_prin)) == NULL) continue; + PRBool eq; + prin->Equals(cur_prin,& eq); + if (eq) { + found = PR_TRUE; + break; + } + } + RDFJSec_ReleaseCursor(prin_cursor); + if (found) RDFJSec_DeletePrincipal(jsec_prin); + nsCaps_unlock(); +#endif /* ENABLE_RDF */ + return found; +} \ No newline at end of file diff --git a/caps/src/nsPrivilege.cpp b/caps/src/nsPrivilege.cpp index 089d95333f71..31ee6dae84fa 100755 --- a/caps/src/nsPrivilege.cpp +++ b/caps/src/nsPrivilege.cpp @@ -12,10 +12,10 @@ * * The Initial Developer of this code under the NPL is Netscape * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Copyright (C) 1999 Netscape Communications Corporation. All Rights * Reserved. */ - +/*describes the state and duration of privileges*/ #include "nsPrivilege.h" #include "xp.h" diff --git a/caps/src/nsPrivilegeManager.cpp b/caps/src/nsPrivilegeManager.cpp index 2a74f5a3c9d3..da721e80315d 100755 --- a/caps/src/nsPrivilegeManager.cpp +++ b/caps/src/nsPrivilegeManager.cpp @@ -15,11 +15,10 @@ * Copyright (C) 1998 Netscape Communications Corporation. All Rights * Reserved. */ - +/* handles operations dealing with enabling and disabling privileges */ #include "nsPrivilegeManager.h" #include "nsPrivilege.h" #include "nsPrincipalArray.h" -#include "nsPrincipalManager.h" #include "prmem.h" #include "prmon.h" #include "prlog.h" @@ -32,17 +31,8 @@ #include "jsec2rdf.h" #endif /* ENABLE_RDF */ - -static nsPrivilegeManager * thePrivilegeManager = NULL; -/* -static nsIPrincipal * theSystemPrincipal = NULL; -static nsIPrincipal * theUnsignedPrincipal; -static nsIPrincipal * theUnknownPrincipal; -static nsIPrincipalArray * theUnknownPrincipalArray; -static nsIPrincipalArray * theUnsignedPrincipalArray; -*/ static nsIPrivilege * thePrivilegeCache[nsIPrivilege::PrivilegeState_NumberOfPrivileges][nsIPrivilege::PrivilegeDuration_NumberOfDurations]; -static PRMonitor *caps_lock = NULL; +static PRMonitor * caps_lock = NULL; /* We could avoid the following globals if nsHashTable's Enumerate accepted * a void * as argument and it passed that argument as a parameter to the @@ -53,14 +43,13 @@ char * gSession; char * gDenied; nsPrivilegeTable * gPrivilegeTable; +static PRBool RDF_RemovePrincipalsPrivilege(nsIPrincipal * prin, nsITarget * target); + #ifdef ENABLE_RDF static nsIPrincipal * RDF_getPrincipal(JSec_Principal jsec_pr); static JSec_Principal RDF_CreatePrincipal(nsPrincipal *prin); #endif /* ENABLE_RDF */ -static PRBool RDF_RemovePrincipal(nsIPrincipal *prin); -static PRBool RDF_RemovePrincipalsPrivilege(nsIPrincipal * prin, nsITarget * target); - PR_BEGIN_EXTERN_C #include "xp.h" #include "prefapi.h" @@ -101,20 +90,42 @@ NS_IMPL_ISUPPORTS(nsPrivilegeManager, kIPrivilegeManagerIID); nsPrivilegeManager::nsPrivilegeManager(void) { - nsCaps_lock(); - itsPrinToPrivTable = new nsHashtable(); - itsPrinToMacroTargetPrivTable = new nsHashtable(); - nsCaps_unlock(); + NS_INIT_REFCNT(); + NS_ADDREF(this); + nsCaps_lock(); + itsPrinToPrivTable = new nsHashtable(); + itsPrinToMacroTargetPrivTable = new nsHashtable(); + PRInt16 privState = 0, durationState = 0; + for (PRUint16 i = 0; i < nsIPrivilege::PrivilegeState_NumberOfPrivileges; i++) { + for(PRUint16 j = 0; j < nsIPrivilege::PrivilegeDuration_NumberOfDurations; j++) { + privState = i; + durationState = j; + thePrivilegeCache[i][j] = new nsPrivilege(privState, durationState); + } + } +#ifdef ENABLE_RDF + RDFJSec_InitPrivilegeDB(); +#endif /* ENABLE_RDF */ + nsCaps_unlock(); } nsPrivilegeManager::~nsPrivilegeManager(void) { nsCaps_lock(); - if (itsPrinToPrivTable) delete itsPrinToPrivTable; - if (itsPrinToMacroTargetPrivTable) delete itsPrinToMacroTargetPrivTable; + if(itsPrinToPrivTable) delete itsPrinToPrivTable; + if(itsPrinToMacroTargetPrivTable) delete itsPrinToMacroTargetPrivTable; nsCaps_unlock(); } +nsPrivilegeManager * +nsPrivilegeManager::GetPrivilegeManager() +{ + static nsPrivilegeManager * privMan = NULL; + if(!privMan) + privMan = new nsPrivilegeManager(); + return privMan; +} + nsIPrivilege * nsPrivilegeManager::FindPrivilege(PRInt16 privState, PRInt16 privDuration) { return thePrivilegeCache[privState][privDuration]; @@ -178,66 +189,6 @@ nsPrivilegeManager::Add(nsIPrivilege * priv1, nsIPrivilege * priv2) { return (p1state < p2state) ? priv1 : priv2; } -void -nsPrivilegeManager::RegisterSystemPrincipal(nsIPrincipal * prin) -{ - PrincipalKey prinKey(prin); - nsCaps_lock(); - if (NULL == itsPrinToPrivTable->Get(&prinKey)) - itsPrinToPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); - if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) - itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); -// nsPrincipalManager::GetPrincipalManager()->SetSystemPrincipal(prin); - CreateSystemTargets(prin); - // Load the signed applet's ACL from the persistence store - this->Load(); - nsCaps_unlock(); -} - -void -nsPrivilegeManager::RegisterPrincipal(nsIPrincipal * prin) -{ - // - // the new PrivilegeTable will have all privileges "blank forever" - // until changed by calls to enablePrincipalPrivilegeHelper - // - PrincipalKey prinKey(prin); - nsCaps_lock(); - if (NULL == itsPrinToPrivTable->Get(&prinKey)) { - itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable()); - } - if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) { - itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsPrivilegeTable()); - } -// nsPrincipalManager::GetPrincipalManager()->AddToPrincipalNameToPrincipalTable(prin); - nsCaps_unlock(); -} - - -PRBool -nsPrivilegeManager::UnregisterPrincipal(nsIPrincipal * prin) -{ - PRBool result; - prin->Equals(nsPrincipalManager::GetPrincipalManager()->GetSystemPrincipal(),& result); - if (result) return PR_FALSE; - PrincipalKey prinKey(prin); - nsCaps_lock(); - /* Get the privilegetables and free them up */ - nsPrivilegeTable *pt = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); - if (pt != NULL) delete pt; - nsPrivilegeTable *mpt = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); - if (mpt != NULL) delete mpt; - /* Remove the principal */ - void *old_prin = itsPrinToPrivTable->Remove(&prinKey); - void *old_prin1 = itsPrinToMacroTargetPrivTable->Remove(&prinKey); - /* remove principal from PrinNameToPrincipalTable */ - nsPrincipalManager::GetPrincipalManager()->RemoveFromPrincipalNameToPrincipalTable(prin); - /* remove the principal from RDF also */ - RDF_RemovePrincipal(prin); - nsCaps_unlock(); - return ((old_prin == NULL) && (old_prin1 == NULL)) ? PR_FALSE : PR_TRUE; -} - PRBool nsPrivilegeManager::IsPrivilegeEnabled(nsITarget * target, PRInt32 callerDepth) { @@ -356,7 +307,7 @@ nsPrivilegeManager::EnablePrincipalPrivilegeHelper(nsIScriptContext * context, n nsIPrincipal * callerPrin; PRUint32 i; callerPrinArray->GetPrincipalArraySize(& i); - for (i; i-- > 0;) { + while (i-- > 0) { callerPrinArray->GetPrincipalArrayElement(i, & callerPrin); PRBool result; callerPrin->Equals(preferredPrin, & result); @@ -516,20 +467,18 @@ nsPrivilegeManager::SetPermission(nsIPrincipal * useThisPrin, nsITarget * target void -nsPrivilegeManager::RegisterPrincipalAndSetPrivileges(nsIPrincipal * prin, nsITarget *target, - nsIPrivilege * newPrivilege) +nsPrivilegeManager::RegisterPrincipalAndSetPrivileges(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege) { - nsPrivilegeTable *privTable; - this->RegisterPrincipal(prin); - //Store the list of targets for which the user has given privilege - PrincipalKey prinKey(prin); - nsCaps_lock(); - privTable = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); - privTable->Put(target, newPrivilege); - nsCaps_unlock(); - - privTable = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); - this->UpdatePrivilegeTable(target, privTable, newPrivilege); + nsPrivilegeTable *privTable; + nsPrincipalManager::GetPrincipalManager()->RegisterPrincipal(prin); + //Store the list of targets for which the user has given privilege + PrincipalKey prinKey(prin); + nsCaps_lock(); + privTable = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); + privTable->Put(target, newPrivilege); + nsCaps_unlock(); + privTable = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); + this->UpdatePrivilegeTable(target, privTable, newPrivilege); } @@ -540,14 +489,14 @@ nsPrivilegeManager::UpdatePrivilegeTable(nsITarget * target, nsPrivilegeTable * target->GetFlattenedTargetArray(& primitiveTargets); nsIPrivilege * oldPrivilege, * privilege; nsITarget * primTarget; - nsCaps_lock(); - for (int i = primitiveTargets->GetSize(); i-- > 0;) { - primTarget = (nsITarget *)primitiveTargets->Get(i); - oldPrivilege = privTable->Get(primTarget); - privilege = (oldPrivilege != NULL) ? nsPrivilegeManager::Add(oldPrivilege, newPrivilege) : newPrivilege; - privTable->Put(primTarget, privilege); - } - nsCaps_unlock(); + nsCaps_lock(); + for (int i = primitiveTargets->GetSize(); i-- > 0;) { + primTarget = (nsITarget *)primitiveTargets->Get(i); + oldPrivilege = privTable->Get(primTarget); + privilege = (oldPrivilege != NULL) ? nsPrivilegeManager::Add(oldPrivilege, newPrivilege) : newPrivilege; + privTable->Put(primTarget, privilege); + } + nsCaps_unlock(); } PRBool @@ -587,125 +536,13 @@ nsPrivilegeManager::CheckPrivilegeGranted(nsITarget *target, PRInt32 callerDepth NS_IMETHODIMP nsPrivilegeManager::CheckPrivilegeGranted(nsIScriptContext * context, nsITarget * target, PRInt32 callerDepth, void * data, PRBool * result) { - nsIPrincipalArray* callerPrinArray = + nsIPrincipalArray * callerPrinArray = nsPrincipalManager::GetPrincipalManager()->GetClassPrincipalsFromStack((nsIScriptContext *)context, callerDepth); PRInt16 privilegeState = this->GetPrincipalPrivilege(target, callerPrinArray, data); * result = (privilegeState == nsIPrivilege::PrivilegeState_Allowed) ? PR_TRUE : PR_FALSE; return NS_OK; } -nsPrivilegeManager * -nsPrivilegeManager::GetPrivilegeManager(void) -{ - return thePrivilegeManager; -} -/* -nsIPrincipalArray * -nsPrivilegeManager::GetMyPrincipals(PRInt32 callerDepth) -{ - return nsPrivilegeManager::GetMyPrincipals(NULL, callerDepth); -} - -nsIPrincipalArray * -nsPrivilegeManager::GetMyPrincipals(void* context, PRInt32 callerDepth) -{ - return (thePrivilegeManager == NULL) ? NULL - : thePrivilegeManager->GetClassPrincipalsFromStack(context, callerDepth); -} -*/ -/* -nsIPrincipal * -nsPrivilegeManager::GetSystemPrincipal(void) -{ - return theSystemPrincipal; -} -*/ -/* -PRBool -nsPrivilegeManager::HasSystemPrincipal(nsIPrincipalArray *prinArray) -{ - nsIPrincipal * sysPrin = nsPrivilegeManager::GetSystemPrincipal(); - nsIPrincipal * prin; - if (sysPrin == NULL) return PR_FALSE; - PRUint32 i; - prinArray->GetPrincipalArraySize(& i); - for (i; i-- > 0;) { - prinArray->GetPrincipalArrayElement(i,& prin); - PRBool result; - sysPrin->Equals(prin, & result); - if (result) return PR_TRUE; - } - return PR_FALSE; -} -*/ -/* -nsIPrincipal * -nsPrivilegeManager::GetUnsignedPrincipal(void) -{ - return theUnsignedPrincipal; -} -*/ -/* -nsIPrincipal * -nsPrivilegeManager::GetUnknownPrincipal(void) -{ - return theUnknownPrincipal; -} -*/ -/* -PRBool -nsPrivilegeManager::CanExtendTrust(nsIPrincipalArray * from, nsIPrincipalArray * to) -{ - if ((from == NULL) || (to == NULL)) return PR_FALSE; - nsIPrincipalArray * intersect; - from->IntersectPrincipalArray(to,& intersect); - PRUint32 intersectSize = 0, fromSize = 0; - intersect->GetPrincipalArraySize(& intersectSize); - from->GetPrincipalArraySize(& fromSize); - if (intersectSize == fromSize) return PR_TRUE; - if (intersectSize == 0 || (intersectSize != (fromSize - 1))) return PR_FALSE; - nsIPrincipal * prin; - PRUint32 i; - for (i=0; i < intersectSize; i++) { - intersect->GetPrincipalArrayElement(i, & prin); - PRInt16 prinType = nsIPrincipal::PrincipalType_Unknown; - prin->GetType(& prinType); - if (prinType == nsIPrincipal::PrincipalType_CodebaseExact || - prinType == nsIPrincipal::PrincipalType_CodebaseRegex) - return PR_FALSE; - } - PRUint32 codebaseCount = 0; - for (i=0; i < fromSize; i++) { - from->GetPrincipalArrayElement(i, & prin); - PRInt16 prinType = nsIPrincipal::PrincipalType_Unknown; - prin->GetType(& prinType); - if (prinType == nsIPrincipal::PrincipalType_CodebaseExact || - prinType == nsIPrincipal::PrincipalType_CodebaseRegex) - codebaseCount++; - } - return (codebaseCount == 1) ? PR_TRUE : PR_FALSE; -} -*/ -/* -PRBool -nsPrivilegeManager::CheckMatchPrincipal(nsIPrincipal * prin, PRInt32 callerDepth) -{ - return this->CheckMatchPrincipal(NULL, prin, callerDepth); -} -*/ -/* -PRBool -nsPrivilegeManager::CheckMatchPrincipal(void * context, nsIPrincipal * prin, PRInt32 callerDepth) -{ - nsIPrincipalArray * prinArray = new nsPrincipalArray(0); - prinArray->AddPrincipalArrayElement(prin); - nsIPrincipalArray * classPrinArray = this->GetClassPrincipalsFromStack(context, callerDepth); - PRInt16 compType = 0; - prinArray->ComparePrincipalArray(classPrinArray,& compType); - return (compType != nsPrincipalArray::SetComparisonType_NoSubset) ? PR_TRUE : PR_FALSE; -} -*/ - static PRBool GetPermissionsString(nsHashKey * aKey, void * aData, void * closure) { @@ -722,8 +559,7 @@ GetPermissionsString(nsHashKey * aKey, void * aData, void * closure) } void -nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever, - char** session, char **denied) +nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied) { /* Admin UI */ nsCaps_lock(); @@ -755,14 +591,14 @@ nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever, PRBool nsPrivilegeManager::RemovePrincipal(char * prinName) { - /* Admin UI */ + nsPrincipalManager * itsPrincipalManager = nsPrincipalManager::GetPrincipalManager(); nsCaps_lock(); - nsIPrincipal * prin = nsPrincipalManager::GetPrincipalManager()->GetPrincipalFromString(prinName); + nsIPrincipal * prin = itsPrincipalManager->GetPrincipalFromString(prinName); if (prin == NULL) { nsCaps_unlock(); return PR_FALSE; } - this->UnregisterPrincipal(prin); + itsPrincipalManager->UnregisterPrincipal(prin,NULL); nsCaps_unlock(); return PR_TRUE; } @@ -828,9 +664,7 @@ nsPrivilegeManager::Remove(nsIPrincipal * prin, nsITarget * target) nsCaps_unlock(); } -// PRIVATE METHODS - -PRBool +PRBool nsPrivilegeManager::EnablePrivilegePrivate(nsIScriptContext * context, nsITarget *target, nsIPrincipal * prefPrin, PRInt32 callerDepth) { if (PR_FALSE == this->EnablePrincipalPrivilegeHelper(context, target, callerDepth, prefPrin, NULL, NULL)) return PR_FALSE; @@ -845,7 +679,7 @@ nsPrivilegeManager::GetPrincipalPrivilege(nsITarget * target, nsIPrincipalArray PRBool isAllowed = PR_FALSE; PRUint32 i; callerPrinArray->GetPrincipalArraySize(& i); - for (i; i-- > 0; ) { + while (i-- > 0) { callerPrinArray->GetPrincipalArrayElement(i,& principal); this->GetPrincipalPrivilege(target, principal, data,& privilege); if (privilege == NULL) continue; @@ -1126,45 +960,6 @@ RDF_CreatePrincipal(nsIPrincipal *prin) } #endif /* ENABLE_RDF */ - -static PRBool -RDF_RemovePrincipal(nsIPrincipal *prin) -{ - PRBool found = PR_FALSE; - -#ifdef ENABLE_RDF - nsCaps_lock(); - RDFJSec_InitPrivilegeDB(); - - RDF_Cursor prin_cursor = RDFJSec_ListAllPrincipals(); - if (prin_cursor == NULL) { - nsCaps_unlock(); - return PR_FALSE; - } - - JSec_Principal jsec_prin; - nsIPrincipal *cur_prin = NULL; - while ((jsec_prin = RDFJSec_NextPrincipal(prin_cursor)) != NULL) { - if ((cur_prin = RDF_getPrincipal(jsec_prin)) == NULL) { - continue; - } - if (prin->equals(cur_prin)) { - found = PR_TRUE; - break; - } - } - - RDFJSec_ReleaseCursor(prin_cursor); - if (found) { - RDFJSec_DeletePrincipal(jsec_prin); - } - nsCaps_unlock(); - -#endif /* ENABLE_RDF */ - return found; -} - - #ifdef ENABLE_RDF static nsIPrincipal * @@ -1303,24 +1098,3 @@ nsPrivilegeManager::Load(void) #endif /* ENABLE_RDF */ } - -PRBool -nsPrivilegeManagerInitialize(void) -{ - thePrivilegeManager = new nsPrivilegeManager(); - PRInt16 privState = 0, durationState = 0; - for (PRInt16 i = 0; i < nsIPrivilege::PrivilegeState_NumberOfPrivileges; i++) { - for(PRInt16 j = 0; j < nsIPrivilege::PrivilegeDuration_NumberOfDurations; j++) { - privState = i; - durationState = j; - thePrivilegeCache[i][j] = new nsPrivilege(privState, durationState); - } - } -#ifdef ENABLE_RDF - RDFJSec_InitPrivilegeDB(); -#endif /* ENABLE_RDF */ - - return PR_TRUE; -} - -PRBool nsPrivilegeManager::theInited = nsPrivilegeManagerInitialize(); diff --git a/caps/src/nsSecurityManagerFactory.cpp b/caps/src/nsSecurityManagerFactory.cpp new file mode 100644 index 000000000000..4a48d2b17630 --- /dev/null +++ b/caps/src/nsSecurityManagerFactory.cpp @@ -0,0 +1,184 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * + * The contents of this file are subject to the Netscape Public License + * Version 1.0 (the "NPL"); you may not use this file except in + * compliance with the NPL. You may obtain a copy of the NPL at + * http://www.mozilla.org/NPL/ + * + * Software distributed under the NPL is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL + * for the specific language governing rights and limitations under the + * NPL. + * + * The Initial Developer of this code under the NPL is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Reserved. + */ +/*Factory for internal browser security resource managers*/ + +#include "nsIComponentManager.h" +#include "nsIServiceManager.h" +#include "nsISupports.h" +#include "nsIGenericFactory.h" +#include "nsICapsManager.h" +#include "nsCCapsManager.h" +#include "nsIPrincipalManager.h" +#include "nsPrincipalManager.h" +#include "nsIPrivilegeManager.h" +#include "nsPrivilegeManager.h" + +static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID); +static NS_DEFINE_CID(kComponentManagerCID, NS_COMPONENTMANAGER_CID); +static NS_DEFINE_CID(kGenericFactoryCID, NS_GENERICFACTORY_CID); +static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID); +static NS_DEFINE_CID(kPrivilegeManagerCID, NS_PRIVILEGEMANAGER_CID); +static NS_DEFINE_CID(kPrincipalManagerCID, NS_PRINCIPALMANAGER_CID); + +static NS_IMETHODIMP +Construct_nsISecurityManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult) +{ + nsresult rv; + nsISupports *obj; + if(!aResult) + { + rv = NS_ERROR_NULL_POINTER; + goto done; + } + *aResult = NULL; + if(aOuter) + { + rv = NS_ERROR_NO_AGGREGATION; + goto done; + } + obj = nsCCapsManager::GetSecurityManager(); + if(!obj) + { + rv = NS_ERROR_OUT_OF_MEMORY; + goto done; + } + rv = obj->QueryInterface(aIID, aResult); + NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface"); +done: + return rv; +} + +static NS_IMETHODIMP +Construct_nsIPrivilegeManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult) +{ + nsresult rv; + nsISupports * obj; + if(!aResult) + { + rv = NS_ERROR_NULL_POINTER; + goto done; + } + *aResult = NULL; + if(aOuter) + { + rv = NS_ERROR_NO_AGGREGATION; + goto done; + } + obj = nsPrivilegeManager::GetPrivilegeManager(); + if(!obj) + { + rv = NS_ERROR_OUT_OF_MEMORY; + goto done; + } + rv = obj->QueryInterface(aIID, aResult); + NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface"); +done: + return rv; +} + +static NS_IMETHODIMP +Construct_nsIPrincipalManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult) +{ + nsresult rv; + nsISupports * obj; + if(!aResult) + { + rv = NS_ERROR_NULL_POINTER; + goto done; + } + *aResult = NULL; + if(aOuter) + { + rv = NS_ERROR_NO_AGGREGATION; + goto done; + } + obj = nsPrincipalManager::GetPrincipalManager(); + if(!obj) + { + rv = NS_ERROR_OUT_OF_MEMORY; + goto done; + } + rv = obj->QueryInterface(aIID, aResult); + NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface"); +done: + return rv; +} + +extern "C" PR_IMPLEMENT(nsresult) +NSGetFactory(nsISupports * aServMgr, const nsCID & aClass, const char * aClassName, + const char * aProgID, nsIFactory * * aFactory) +{ + nsresult rv; + NS_ASSERTION(aFactory != nsnull, "bad factory pointer"); + NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv); + if (NS_FAILED(rv)) return rv; + nsIGenericFactory * factory; + rv = compMgr->CreateInstance(kGenericFactoryCID, nsnull, nsIGenericFactory::GetIID(), (void * *)& factory); + if (NS_FAILED(rv)) return rv; + if(aClass.Equals(kCCapsManagerCID)) rv = factory->SetConstructor(Construct_nsISecurityManager); + else if(aClass.Equals(kPrivilegeManagerCID)) rv = factory->SetConstructor(Construct_nsIPrivilegeManager); + else if(aClass.Equals(kPrincipalManagerCID)) rv = factory->SetConstructor(Construct_nsIPrincipalManager); + else + { + NS_ASSERTION(0, "incorrectly registered"); + rv = NS_ERROR_NO_INTERFACE; + } + if (NS_FAILED(rv)) { + NS_RELEASE(factory); + return rv; + } + * aFactory = factory; + return NS_OK; +} + +/***************************************************************************/ + +extern "C" NS_EXPORT PRBool +NSCanUnload(nsISupports* aServMgr) +{ + return PR_FALSE; +} + +extern "C" NS_EXPORT nsresult +NSRegisterSelf(nsISupports * aServMgr, const char * aPath) +{ + nsresult rv; +#ifdef DEBUG + printf("*** Register Security\n"); +#endif + NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv); + if (NS_FAILED(rv)) return rv; + rv = compMgr->RegisterComponent(kCCapsManagerCID,NS_CCAPSMANAGER_CLASSNAME,NS_CCAPSMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE); + rv = compMgr->RegisterComponent(kPrivilegeManagerCID,NS_PRIVILEGEMANAGER_CLASSNAME,NS_PRIVILEGEMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE); + rv = compMgr->RegisterComponent(kPrincipalManagerCID,NS_PRINCIPALMANAGER_CLASSNAME,NS_PRINCIPALMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE); + return rv; +} +extern "C" NS_EXPORT nsresult +NSUnregisterSelf(nsISupports * aServMgr, const char * aPath) +{ + nsresult rv; +#ifdef DEBUG + printf("*** Unregister XPConnect\n"); +#endif + NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv); + if (NS_FAILED(rv)) return rv; + rv = compMgr->UnregisterComponent(kCCapsManagerCID, aPath); + rv = compMgr->UnregisterComponent(kPrivilegeManagerCID, aPath); + rv = compMgr->UnregisterComponent(kPrincipalManagerCID, aPath); + return rv; +} \ No newline at end of file diff --git a/caps/src/nsUserTarget.cpp b/caps/src/nsUserTarget.cpp index 8f2aef622b54..cb52cb65d86d 100755 --- a/caps/src/nsUserTarget.cpp +++ b/caps/src/nsUserTarget.cpp @@ -44,8 +44,8 @@ nsUserTarget::~nsUserTarget(void) } #define OPTION "