Bug 66886 - parent PSM dialogs correctly. This fixes all of the cases in PSM2 and several cases in PSM1. r=javi,danm. sr=mscott.

extensions/psm-glue/src/nsPSMUICallbacks.cpp

@@ -45,13 +45,14 @@
 #include "nsIScriptGlobalObject.h"
 #include "nsIURL.h"
 #include "nsIXULWindow.h"
+#include "nsIChannel.h"
 
 static NS_DEFINE_IID(kAppShellServiceCID, NS_APPSHELL_SERVICE_CID);
 static NS_DEFINE_CID(kNetSupportDialogCID, NS_NETSUPPORTDIALOG_CID);
 
 
 // Happy callbacks
-static char * PromptUserCallback(void *arg, char *prompt, int isPasswd);
+static char * PromptUserCallback(void *arg, char *prompt, void* clientContext, int isPasswd);
 static char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist);
 static void   ApplicationFreeCallback(char *userInput);
 
@@ -334,26 +335,62 @@ void* CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uin
 
     
     
-char * PromptUserCallback(void *arg, char *prompt, int isPasswd)
+char * PromptUserCallback(void *arg, char *prompt, void* clientContext, int isPasswd)
 {
 
     nsresult rv = NS_OK;
     PRUnichar *password;
     PRBool  value;
 
-    NS_WITH_PROXIED_SERVICE(nsIPrompt, dialog, kNetSupportDialogCID, NS_UI_THREAD_EVENTQ, &rv);
-    
-    if (NS_SUCCEEDED(rv)) {
-	    rv = dialog->PromptPassword(nsnull, NS_ConvertASCIItoUCS2(prompt).GetUnicode(),
-                                  NS_ConvertASCIItoUCS2(" ").GetUnicode(),      // hostname
-                                  nsIPrompt::SAVE_PASSWORD_NEVER, &password, &value);
+    nsIChannelSecurityInfo* csi = NS_STATIC_CAST(nsIChannelSecurityInfo*, clientContext);
+    nsCOMPtr<nsIChannel> channel;
+    csi->GetChannel(getter_AddRefs(channel));
+    if (!channel) return nsnull;
 
-        if (NS_SUCCEEDED(rv) && value) {
-            nsString a(password);
-            char* str = a.ToNewCString();
-            Recycle(password);
-            return str;
-        }
+    nsCOMPtr<nsIInterfaceRequestor> callbacks;
+    channel->GetNotificationCallbacks(getter_AddRefs(callbacks));
+    if (!callbacks) return nsnull;
+
+    // The notification callbacks object may not be safe, so
+    // proxy the call to get the nsIPrompt.
+
+    nsCOMPtr<nsIProxyObjectManager> proxyman(do_GetService(NS_XPCOMPROXY_CONTRACTID));
+    if (!proxyman) return nsnull;
+
+    nsCOMPtr<nsIInterfaceRequestor> proxiedCallbacks;
+    proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ,
+                                NS_GET_IID(nsIInterfaceRequestor),
+                                callbacks,
+                                PROXY_SYNC,
+                                getter_AddRefs(proxiedCallbacks));
+    if (!proxiedCallbacks) return nsnull;
+
+    nsCOMPtr<nsIPrompt> iprompt(do_GetInterface(proxiedCallbacks));
+    if (!iprompt) return nsnull;
+
+    // Finally, get a proxy for the nsIPrompt
+
+    nsCOMPtr<nsIPrompt> proxyPrompt;
+    proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ,
+                                NS_GET_IID(nsIPrompt),
+                                iprompt,
+                                PROXY_SYNC,
+                                getter_AddRefs(proxyPrompt));
+
+    if (!proxyPrompt) {
+      NS_ASSERTION(PR_FALSE, "callbacks does not implement nsIPrompt");
+      return nsnull;
+    }
+
+    rv = proxyPrompt->PromptPassword(nsnull, NS_ConvertASCIItoUCS2(prompt).GetUnicode(),
+                                     NS_LITERAL_STRING(" "),      // hostname
+                                     nsIPrompt::SAVE_PASSWORD_NEVER, &password, &value);
+
+    if (NS_SUCCEEDED(rv) && value) {
+        nsString a(password);
+        char* str = a.ToNewCString();
+        Recycle(password);
+        return str;
     }
 
     return nsnull;

extensions/psm-glue/src/nsSSLIOLayer.cpp

@@ -31,6 +31,7 @@
 #include "nsSSLIOLayer.h"
 #include "nsIWebProgressListener.h"
 #include "nsISSLSocketControl.h"
+#include "nsIChannel.h"
 
 static PRDescIdentity  nsSSLIOLayerIdentity;
 static PRIOMethods     nsSSLIOLayerMethods;
@@ -69,6 +70,7 @@ protected:
     CMT_CONTROL* mControl;
     CMSocket*    mSocket;
     PRFileDesc*  mFd;
+    nsIChannel*  mChannel;
     
     nsString     mHostName;
     PRInt32      mHostPort;
@@ -174,7 +176,7 @@ nsSSLIOLayerConnect(PRFileDesc *fd, const PRNetAddr *addr, PRIntervalTime timeou
                                        ipBuffer,
                                        (hostName ? hostName : ipBuffer),
                                        handshake,
-                                       nsnull);
+                                       infoObject);
     }
     
     if (hostName)  Recycle(hostName);
@@ -364,13 +366,13 @@ nsPSMSocketInfo::ProxyStepUp()
     nsCAutoString hostName;
     hostName.AssignWithConversion(mHostName);
     
-    return CMT_ProxyStepUp(mControl, mSocket, nsnull, hostName);
+    return CMT_ProxyStepUp(mControl, mSocket, this, hostName);
 }
 
 NS_IMETHODIMP
 nsPSMSocketInfo::TLSStepUp()
 {
-    return CMT_TLSStepUp(mControl, mSocket, nsnull);
+    return CMT_TLSStepUp(mControl, mSocket, this);
 }
 
 NS_IMETHODIMP
@@ -574,6 +576,21 @@ nsPSMSocketInfo::GetSecurityState(PRInt32 *aSecurityState)
     return NS_OK;
 }
 
+NS_IMETHODIMP
+nsPSMSocketInfo::GetChannel(nsIChannel** aChannel)
+{
+    *aChannel = mChannel;
+    NS_IF_ADDREF(*aChannel);
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::SetChannel(nsIChannel* aChannel)
+{
+    mChannel = aChannel;
+    return NS_OK;
+}
+
 nsresult
 nsSSLIOLayerNewSocket( const char *host, 
                        PRInt32 port, 

netwerk/base/src/nsSocketTransport.cpp

@@ -1026,6 +1026,9 @@ nsresult nsSocketTransport::doConnection(PRInt16 aSelectFlags)
                 if (nsCRT::strcmp(mSocketTypes[type], "ssl") == 0 ||
                     nsCRT::strcmp(mSocketTypes[type], "tls") == 0) {
                     mSecurityInfo = socketInfo;
+                    nsCOMPtr<nsIChannelSecurityInfo> secinfo(do_QueryInterface(mSecurityInfo));
+                    if (secinfo)
+                      secinfo->SetChannel(this);
                 }
                 else if (nsCRT::strcmp(mSocketTypes[type], "ssl-forcehandshake") == 0) {
                     mSecurityInfo = socketInfo;

netwerk/socket/base/nsIChannelSecurityInfo.idl

@@ -24,6 +24,8 @@
 
 #include "nsISupports.idl"
 
+interface nsIChannel;
+
 [noscript, uuid(98d9cc72-1dd1-11b2-9156-eaf4d18b60d1)]
 interface nsIChannelSecurityInfo : nsISupports {
     readonly attribute string           hostName;
@@ -32,8 +34,9 @@ interface nsIChannelSecurityInfo : nsISupports {
     readonly attribute string           proxyName;
     readonly attribute PRInt32          proxyPort;
 
+    attribute nsIChannel                channel;
     attribute boolean                   forceHandshake;
     readonly attribute long             securityState;
-    readonly attribute wstring           shortSecurityDescription;
+    readonly attribute wstring          shortSecurityDescription;
 };
 

security/manager/ssl/src/nsNSSCallbacks.cpp

@@ -29,10 +29,11 @@
 #include "nsCOMPtr.h"
 #include "nsIServiceManager.h"
 #include "nsReadableUtils.h"
-
 #include "nsINetSupportDialogService.h"
 #include "nsIPrompt.h"
 #include "nsProxiedService.h"
+#include "nsIChannel.h"
+#include "nsIInterfaceRequestor.h"
 
 #include "ssl.h"
 #include "cert.h"
@@ -48,18 +49,50 @@ char* PK11PasswordPrompt(PK11SlotInfo* slot, PRBool retry, void* arg) {
   if (retry)
     return nsnull;
 
-  NS_WITH_PROXIED_SERVICE(nsIPrompt, dialog, kNetSupportDialogCID,
-                          NS_UI_THREAD_EVENTQ, &rv);
-  if (NS_FAILED(rv)) return nsnull;
+  nsIChannelSecurityInfo* csi = NS_STATIC_CAST(nsIChannelSecurityInfo*, arg);
+  nsCOMPtr<nsIChannel> channel;
+  csi->GetChannel(getter_AddRefs(channel));
+  if (!channel) return nsnull;
+
+  nsCOMPtr<nsIInterfaceRequestor> callbacks;
+  channel->GetNotificationCallbacks(getter_AddRefs(callbacks));
+  if (!callbacks) return nsnull;
+
+  // The notification callbacks object may not be safe, so
+  // proxy the call to get the nsIPrompt.
+
+  nsCOMPtr<nsIProxyObjectManager> proxyman(do_GetService(NS_XPCOMPROXY_CONTRACTID));
+  nsCOMPtr<nsIInterfaceRequestor> proxiedCallbacks;
+  proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ,
+                              NS_GET_IID(nsIInterfaceRequestor),
+                              callbacks,
+                              PROXY_SYNC,
+                              getter_AddRefs(proxiedCallbacks));
+
+  nsCOMPtr<nsIPrompt> prompt(do_GetInterface(proxiedCallbacks));
+
+  // Finally, get a proxy for the nsIPrompt
+
+  nsCOMPtr<nsIPrompt> proxyPrompt;
+  proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ,
+	                          NS_GET_IID(nsIPrompt),
+                              prompt,
+                              PROXY_SYNC,
+                              getter_AddRefs(proxyPrompt));
+
+  if (!proxyPrompt) {
+    NS_ASSERTION(PR_FALSE, "callbacks does not implement nsIPrompt");
+    return nsnull;
+  }
 
   nsString promptString;
   nsNSSComponent::GetPIPNSSBundleString(NS_LITERAL_STRING("CertPassPrompt"),
                                         promptString);
   PRUnichar *uniString = promptString.ToNewUnicode();
-  rv = dialog->PromptPassword(nsnull, uniString,
-                              NS_LITERAL_STRING(" "),
-                              nsIPrompt::SAVE_PASSWORD_NEVER,
-                              &password, &value);
+  rv = proxyPrompt->PromptPassword(nsnull, uniString,
+                                   NS_LITERAL_STRING(" "),
+                                   nsIPrompt::SAVE_PASSWORD_NEVER,
+                                   &password, &value);
   nsMemory::Free(uniString);
   if (NS_SUCCEEDED(rv) && value) {
     char* str = nsString(password).ToNewCString();

security/manager/ssl/src/nsNSSIOLayer.cpp

@@ -37,11 +37,11 @@
 #include "nsNSSIOLayer.h"
 #include "nsNSSCallbacks.h"
 
-#include "nsString.h"
 #include "prlog.h"
 #include "nsISecurityManagerComponent.h"
 #include "nsIServiceManager.h"
 #include "nsIWebProgressListener.h"
+#include "nsIChannel.h"
 
 #include "ssl.h"
 #include "secerr.h"
@@ -61,7 +61,8 @@ extern PRLogModuleInfo* gPIPNSSLog;
 nsNSSSocketInfo::nsNSSSocketInfo()
   : mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE),
     mForceHandshake(PR_FALSE),
-    mUseTLS(PR_FALSE)
+    mUseTLS(PR_FALSE),
+    mChannel(nsnull)
 { 
   NS_INIT_ISUPPORTS();
 }
@@ -140,6 +141,21 @@ nsNSSSocketInfo::SetProxyPort(PRInt32 aPort)
   return NS_OK;
 }
 
+NS_IMETHODIMP
+nsNSSSocketInfo::GetChannel(nsIChannel** aChannel)
+{
+  *aChannel = mChannel;
+  NS_IF_ADDREF(*aChannel);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsNSSSocketInfo::SetChannel(nsIChannel* aChannel)
+{
+  mChannel = aChannel;
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 nsNSSSocketInfo::GetSecurityState(PRInt32* state)
 {
@@ -502,13 +518,13 @@ nsSSLIOLayerAddToSocket(const char* host,
 
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%p] Socket set up\n", (void*)sslSock));
   infoObject->QueryInterface(NS_GET_IID(nsISupports), (void**) (info));
-  if (SECSuccess != SSL_Enable(sslSock, SSL_SECURITY, PR_TRUE)) {
+  if (SECSuccess != SSL_OptionSet(sslSock, SSL_SECURITY, PR_TRUE)) {
     goto loser;
   }
-  if (SECSuccess != SSL_Enable(sslSock, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE)) {
+  if (SECSuccess != SSL_OptionSet(sslSock, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE)) {
     goto loser;
   }
-  if (SECSuccess != SSL_Enable(sslSock, SSL_ENABLE_FDX, PR_TRUE)) {
+  if (SECSuccess != SSL_OptionSet(sslSock, SSL_ENABLE_FDX, PR_TRUE)) {
     goto loser;
   }
   if (SECSuccess != SSL_BadCertHook(sslSock, nsNSSBadCertHandler,

security/manager/ssl/src/nsNSSIOLayer.h

@@ -26,9 +26,11 @@
 
 #include "prtypes.h"
 #include "prio.h"
+#include "nsString.h"
 #include "nsIChannelSecurityInfo.h"
 #include "nsISSLSocketControl.h"
-#include "nsString.h"
+
+class nsIChannel;
 
 class nsNSSSocketInfo : public nsIChannelSecurityInfo,
                         public nsISSLSocketControl
@@ -60,6 +62,8 @@ protected:
   nsString mProxyName;
   PRInt32 mProxyPort;
   
+  nsIChannel* mChannel; // note, don't use an owning reference
+                        // to avoid circular references
   PRInt32 mSecurityState;
   nsString mShortDesc;
   PRBool mForceHandshake;