зеркало из https://github.com/mozilla/gecko-dev.git
Bug 750859 - Remove (most of) SetCanEnableCapability. r=bz
This commit is contained in:
Родитель
c532e2d4c3
Коммит
e6e34db54d
|
@ -52,7 +52,7 @@ interface nsIContentSecurityPolicy;
|
|||
[ptr] native JSContext(JSContext);
|
||||
[ptr] native JSPrincipals(JSPrincipals);
|
||||
|
||||
[scriptable, uuid(f8c4c89a-d726-421b-8415-3e34b241175b)]
|
||||
[scriptable, uuid(fb783979-b3f8-4e0d-980f-f0f83b0f505d)]
|
||||
interface nsIPrincipal : nsISerializable
|
||||
{
|
||||
/**
|
||||
|
@ -115,8 +115,6 @@ interface nsIPrincipal : nsISerializable
|
|||
// XXXbz again, what if this lives in our hashtable and someone
|
||||
// messes with it? Is that OK?
|
||||
[noscript] short canEnableCapability(in string capability);
|
||||
[noscript] void setCanEnableCapability(in string capability,
|
||||
in short canEnable);
|
||||
[noscript] boolean isCapabilityEnabled(in string capability,
|
||||
in voidPtr annotation);
|
||||
[noscript] void enableCapability(in string capability,
|
||||
|
|
|
@ -41,7 +41,7 @@
|
|||
interface nsIURI;
|
||||
interface nsIChannel;
|
||||
|
||||
[scriptable, uuid(50eda256-4dd2-4c7c-baed-96983910af9f)]
|
||||
[scriptable, uuid(d6cf287a-476a-43ba-aa03-70af4a01044e)]
|
||||
interface nsIScriptSecurityManager : nsIXPCSecurityManager
|
||||
{
|
||||
///////////////// Security Checks //////////////////
|
||||
|
@ -245,12 +245,6 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
|
|||
* Allow 'certificateID' to enable 'capability.' Can only be performed
|
||||
* by code signed by the system certificate.
|
||||
*/
|
||||
// XXXbz Capabilities can't have non-ascii chars?
|
||||
// XXXbz ideally we'd pass a subjectName here too, and the nsISupports
|
||||
// cert we're enabling for...
|
||||
void setCanEnableCapability(in AUTF8String certificateFingerprint,
|
||||
in string capability,
|
||||
in short canEnable);
|
||||
|
||||
///////////////////////
|
||||
/**
|
||||
|
|
|
@ -107,6 +107,9 @@ public:
|
|||
#endif
|
||||
|
||||
protected:
|
||||
// Formerly an IDL method. Now just a protected helper.
|
||||
nsresult SetCanEnableCapability(const char *capability, PRInt16 canEnable);
|
||||
|
||||
nsTArray< nsAutoPtr<nsHashtable> > mAnnotations;
|
||||
nsHashtable* mCapabilities;
|
||||
nsCString mPrefName;
|
||||
|
|
|
@ -526,9 +526,6 @@ private:
|
|||
static void
|
||||
FormatCapabilityString(nsAString& aCapability);
|
||||
|
||||
nsresult
|
||||
SavePrincipal(nsIPrincipal* aToSave);
|
||||
|
||||
/**
|
||||
* Check capability levels for an |aObj| that implements
|
||||
* nsISecurityCheckedComponent.
|
||||
|
|
|
@ -220,14 +220,6 @@ nsNullPrincipal::CanEnableCapability(const char *aCapability,
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNullPrincipal::SetCanEnableCapability(const char *aCapability,
|
||||
PRInt16 aCanEnable)
|
||||
{
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNullPrincipal::IsCapabilityEnabled(const char *aCapability,
|
||||
void *aAnnotation,
|
||||
|
|
|
@ -542,7 +542,7 @@ nsPrincipal::CanEnableCapability(const char *capability, PRInt16 *result)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsresult
|
||||
nsPrincipal::SetCanEnableCapability(const char *capability,
|
||||
PRInt16 canEnable)
|
||||
{
|
||||
|
|
|
@ -2536,64 +2536,6 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
return result;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsScriptSecurityManager::SavePrincipal(nsIPrincipal* aToSave)
|
||||
{
|
||||
//-- Save to mPrincipals
|
||||
mPrincipals.Put(aToSave, aToSave);
|
||||
|
||||
//-- Save to prefs
|
||||
nsXPIDLCString idPrefName;
|
||||
nsXPIDLCString id;
|
||||
nsXPIDLCString subjectName;
|
||||
nsXPIDLCString grantedList;
|
||||
nsXPIDLCString deniedList;
|
||||
bool isTrusted;
|
||||
nsresult rv = aToSave->GetPreferences(getter_Copies(idPrefName),
|
||||
getter_Copies(id),
|
||||
getter_Copies(subjectName),
|
||||
getter_Copies(grantedList),
|
||||
getter_Copies(deniedList),
|
||||
&isTrusted);
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
|
||||
nsCAutoString grantedPrefName;
|
||||
nsCAutoString deniedPrefName;
|
||||
nsCAutoString subjectNamePrefName;
|
||||
rv = GetPrincipalPrefNames( idPrefName,
|
||||
grantedPrefName,
|
||||
deniedPrefName,
|
||||
subjectNamePrefName );
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
|
||||
mIsWritingPrefs = true;
|
||||
if (grantedList) {
|
||||
Preferences::SetCString(grantedPrefName.get(), grantedList);
|
||||
} else {
|
||||
Preferences::ClearUser(grantedPrefName.get());
|
||||
}
|
||||
|
||||
if (deniedList) {
|
||||
Preferences::SetCString(deniedPrefName.get(), deniedList);
|
||||
} else {
|
||||
Preferences::ClearUser(deniedPrefName.get());
|
||||
}
|
||||
|
||||
if (grantedList || deniedList) {
|
||||
Preferences::SetCString(idPrefName, id);
|
||||
Preferences::SetCString(subjectNamePrefName.get(), subjectName);
|
||||
} else {
|
||||
Preferences::ClearUser(idPrefName);
|
||||
Preferences::ClearUser(subjectNamePrefName.get());
|
||||
}
|
||||
|
||||
mIsWritingPrefs = false;
|
||||
|
||||
nsIPrefService* prefService = Preferences::GetService();
|
||||
NS_ENSURE_TRUE(prefService, NS_ERROR_FAILURE);
|
||||
return prefService->SavePrefFile(nsnull);
|
||||
}
|
||||
|
||||
///////////////// Capabilities API /////////////////////
|
||||
NS_IMETHODIMP
|
||||
nsScriptSecurityManager::IsCapabilityEnabled(const char *capability,
|
||||
|
@ -2864,71 +2806,6 @@ nsScriptSecurityManager::DisableCapability(const char *capability)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
//////////////// Master Certificate Functions ///////////////////////////////////////
|
||||
NS_IMETHODIMP
|
||||
nsScriptSecurityManager::SetCanEnableCapability(const nsACString& certFingerprint,
|
||||
const char* capability,
|
||||
PRInt16 canEnable)
|
||||
{
|
||||
NS_ENSURE_ARG(!certFingerprint.IsEmpty());
|
||||
|
||||
nsresult rv;
|
||||
nsIPrincipal* subjectPrincipal = doGetSubjectPrincipal(&rv);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
//-- Get the system certificate
|
||||
if (!mSystemCertificate)
|
||||
{
|
||||
nsCOMPtr<nsIFile> systemCertFile;
|
||||
nsCOMPtr<nsIProperties> directoryService =
|
||||
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
|
||||
if (!directoryService) return NS_ERROR_FAILURE;
|
||||
rv = directoryService->Get(NS_XPCOM_CURRENT_PROCESS_DIR, NS_GET_IID(nsIFile),
|
||||
getter_AddRefs(systemCertFile));
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
systemCertFile->AppendNative(NS_LITERAL_CSTRING("systemSignature.jar"));
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
nsCOMPtr<nsIZipReader> systemCertZip = do_CreateInstance(kZipReaderCID, &rv);
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
rv = systemCertZip->Open(systemCertFile);
|
||||
if (NS_SUCCEEDED(rv))
|
||||
{
|
||||
rv = systemCertZip->GetCertificatePrincipal(EmptyCString(),
|
||||
getter_AddRefs(mSystemCertificate));
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
//-- Make sure the caller's principal is the system certificate
|
||||
bool isEqual = false;
|
||||
if (mSystemCertificate)
|
||||
{
|
||||
rv = mSystemCertificate->Equals(subjectPrincipal, &isEqual);
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
}
|
||||
if (!isEqual)
|
||||
{
|
||||
JSContext* cx = GetCurrentJSContext();
|
||||
if (!cx) return NS_ERROR_FAILURE;
|
||||
static const char msg1[] = "Only code signed by the system certificate may call SetCanEnableCapability or Invalidate";
|
||||
static const char msg2[] = "Attempt to call SetCanEnableCapability or Invalidate when no system certificate has been established";
|
||||
SetPendingException(cx, mSystemCertificate ? msg1 : msg2);
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
//-- Get the target principal
|
||||
nsCOMPtr<nsIPrincipal> objectPrincipal;
|
||||
rv = DoGetCertificatePrincipal(certFingerprint, EmptyCString(),
|
||||
EmptyCString(), nsnull,
|
||||
nsnull, false,
|
||||
getter_AddRefs(objectPrincipal));
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
rv = objectPrincipal->SetCanEnableCapability(capability, canEnable);
|
||||
if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
|
||||
return SavePrincipal(objectPrincipal);
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////
|
||||
// Methods implementing nsIXPCSecurityManager //
|
||||
////////////////////////////////////////////////
|
||||
|
|
|
@ -167,14 +167,6 @@ nsSystemPrincipal::CanEnableCapability(const char *capability,
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSystemPrincipal::SetCanEnableCapability(const char *capability,
|
||||
PRInt16 canEnable)
|
||||
{
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSystemPrincipal::IsCapabilityEnabled(const char *capability,
|
||||
void *annotation,
|
||||
|
|
|
@ -872,14 +872,6 @@ FullTrustSecMan::DisableCapability(const char *capability)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
FullTrustSecMan::SetCanEnableCapability(const nsACString & certificateFingerprint,
|
||||
const char *capability,
|
||||
PRInt16 canEnable)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
FullTrustSecMan::GetObjectPrincipal(JSContext * cx,
|
||||
JSObject * obj,
|
||||
|
|
|
@ -1521,15 +1521,6 @@ FullTrustSecMan::DisableCapability(const char *capability)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
/* void setCanEnableCapability (in AUTF8String certificateFingerprint, in string capability, in short canEnable); */
|
||||
NS_IMETHODIMP
|
||||
FullTrustSecMan::SetCanEnableCapability(const nsACString & certificateFingerprint,
|
||||
const char *capability,
|
||||
PRInt16 canEnable)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/* [noscript] nsIPrincipal getObjectPrincipal (in JSContextPtr cx, in JSObjectPtr obj); */
|
||||
NS_IMETHODIMP
|
||||
FullTrustSecMan::GetObjectPrincipal(JSContext * cx, JSObject * obj,
|
||||
|
|
Загрузка…
Ссылка в новой задаче