зеркало из https://github.com/mozilla/gecko-dev.git
255 строки
8.6 KiB
C++
255 строки
8.6 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef nsPrincipal_h__
|
|
#define nsPrincipal_h__
|
|
|
|
#include "nsAutoPtr.h"
|
|
#include "nsCOMPtr.h"
|
|
#include "nsVoidArray.h"
|
|
#include "nsHashtable.h"
|
|
#include "nsJSPrincipals.h"
|
|
#include "nsTArray.h"
|
|
#include "nsAutoPtr.h"
|
|
#include "nsIProtocolHandler.h"
|
|
#include "nsNetUtil.h"
|
|
#include "nsScriptSecurityManager.h"
|
|
|
|
class nsIObjectInputStream;
|
|
class nsIObjectOutputStream;
|
|
class DomainPolicy;
|
|
|
|
class nsBasePrincipal : public nsJSPrincipals
|
|
{
|
|
public:
|
|
nsBasePrincipal();
|
|
|
|
protected:
|
|
virtual ~nsBasePrincipal();
|
|
|
|
public:
|
|
NS_IMETHOD_(nsrefcnt) AddRef(void);
|
|
NS_IMETHOD_(nsrefcnt) Release(void);
|
|
NS_IMETHOD GetPreferences(char** prefBranch, char** id, char** subjectName, char** grantedList, char** deniedList, bool* isTrusted);
|
|
NS_IMETHOD GetSecurityPolicy(void** aSecurityPolicy);
|
|
NS_IMETHOD SetSecurityPolicy(void* aSecurityPolicy);
|
|
NS_IMETHOD CanEnableCapability(const char* capability, int16_t* _retval);
|
|
NS_IMETHOD IsCapabilityEnabled(const char* capability, void* annotation, bool* _retval);
|
|
NS_IMETHOD EnableCapability(const char* capability, void** annotation);
|
|
NS_IMETHOD GetHasCertificate(bool* aHasCertificate);
|
|
NS_IMETHOD GetFingerprint(nsACString& aFingerprint);
|
|
NS_IMETHOD GetPrettyName(nsACString& aPrettyName);
|
|
NS_IMETHOD GetSubjectName(nsACString& aSubjectName);
|
|
NS_IMETHOD GetCertificate(nsISupports** aCertificate);
|
|
NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp);
|
|
NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp);
|
|
public:
|
|
|
|
// Call this to ensure that this principal has a subject name, a pretty name,
|
|
// and a cert pointer. This method will throw if there is already a
|
|
// different subject name or if this principal has no certificate.
|
|
nsresult EnsureCertData(const nsACString& aSubjectName,
|
|
const nsACString& aPrettyName,
|
|
nsISupports* aCert);
|
|
|
|
enum AnnotationValue { AnnotationEnabled=1, AnnotationDisabled };
|
|
|
|
nsresult SetCapability(const char* capability, void** annotation,
|
|
AnnotationValue value);
|
|
|
|
static const char sInvalid[];
|
|
|
|
protected:
|
|
// Formerly an IDL method. Now just a protected helper.
|
|
nsresult SetCanEnableCapability(const char* capability, int16_t canEnable);
|
|
|
|
nsTArray< nsAutoPtr<nsHashtable> > mAnnotations;
|
|
nsHashtable* mCapabilities;
|
|
nsCString mPrefName;
|
|
static int32_t sCapabilitiesOrdinal;
|
|
|
|
// XXXcaa This is a semi-hack. The best solution here is to keep
|
|
// a reference to an interface here, except there is no interface
|
|
// that we can use yet.
|
|
struct Certificate
|
|
{
|
|
Certificate(const nsACString& aFingerprint, const nsACString& aSubjectName,
|
|
const nsACString& aPrettyName, nsISupports* aCert)
|
|
: fingerprint(aFingerprint),
|
|
subjectName(aSubjectName),
|
|
prettyName(aPrettyName),
|
|
cert(aCert)
|
|
{
|
|
}
|
|
nsCString fingerprint;
|
|
nsCString subjectName;
|
|
nsCString prettyName;
|
|
nsCOMPtr<nsISupports> cert;
|
|
};
|
|
|
|
nsresult SetCertificate(const nsACString& aFingerprint,
|
|
const nsACString& aSubjectName,
|
|
const nsACString& aPrettyName,
|
|
nsISupports* aCert);
|
|
|
|
// Checks whether this principal's certificate equals aOther's.
|
|
bool CertificateEquals(nsIPrincipal *aOther);
|
|
|
|
#ifdef DEBUG
|
|
virtual void dumpImpl() = 0;
|
|
#endif
|
|
|
|
// Keep this is a pointer, even though it may slightly increase the
|
|
// cost of keeping a certificate, this is a good tradeoff though since
|
|
// it is very rare that we actually have a certificate.
|
|
nsAutoPtr<Certificate> mCert;
|
|
|
|
DomainPolicy* mSecurityPolicy;
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> mCSP;
|
|
bool mTrusted;
|
|
};
|
|
|
|
class nsPrincipal : public nsBasePrincipal
|
|
{
|
|
public:
|
|
NS_DECL_ISUPPORTS_INHERITED
|
|
NS_DECL_NSISERIALIZABLE
|
|
NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD EqualsIgnoringDomain(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD GetHashValue(uint32_t* aHashValue);
|
|
NS_IMETHOD GetURI(nsIURI** aURI);
|
|
NS_IMETHOD GetDomain(nsIURI** aDomain);
|
|
NS_IMETHOD SetDomain(nsIURI* aDomain);
|
|
NS_IMETHOD GetOrigin(char** aOrigin);
|
|
NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD SubsumesIgnoringDomain(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal);
|
|
NS_IMETHOD GetExtendedOrigin(nsACString& aExtendedOrigin);
|
|
NS_IMETHOD GetAppStatus(uint16_t* aAppStatus);
|
|
NS_IMETHOD GetAppId(uint32_t* aAppStatus);
|
|
NS_IMETHOD GetIsInBrowserElement(bool* aIsInBrowserElement);
|
|
NS_IMETHOD GetUnknownAppId(bool* aUnknownAppId);
|
|
#ifdef DEBUG
|
|
virtual void dumpImpl();
|
|
#endif
|
|
|
|
nsPrincipal();
|
|
|
|
// Either Init() or InitFromPersistent() must be called before
|
|
// the principal is in a usable state.
|
|
nsresult Init(const nsACString& aCertFingerprint,
|
|
const nsACString& aSubjectName,
|
|
const nsACString& aPrettyName,
|
|
nsISupports* aCert,
|
|
nsIURI* aCodebase,
|
|
uint32_t aAppId,
|
|
bool aInMozBrowser);
|
|
nsresult InitFromPersistent(const char* aPrefName,
|
|
const nsCString& aFingerprint,
|
|
const nsCString& aSubjectName,
|
|
const nsACString& aPrettyName,
|
|
const char* aGrantedList,
|
|
const char* aDeniedList,
|
|
nsISupports* aCert,
|
|
bool aIsCert,
|
|
bool aTrusted,
|
|
uint32_t aAppId,
|
|
bool aInMozBrowser);
|
|
|
|
virtual void GetScriptLocation(nsACString& aStr) MOZ_OVERRIDE;
|
|
void SetURI(nsIURI* aURI);
|
|
|
|
static bool IsPrincipalInherited(nsIURI* aURI) {
|
|
// return true if the loadee URI has
|
|
// the URI_INHERITS_SECURITY_CONTEXT flag set.
|
|
bool doesInheritSecurityContext;
|
|
nsresult rv =
|
|
NS_URIChainHasFlags(aURI,
|
|
nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
&doesInheritSecurityContext);
|
|
|
|
if (NS_SUCCEEDED(rv) && doesInheritSecurityContext) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
|
|
/**
|
|
* Computes the puny-encoded origin of aURI.
|
|
*/
|
|
static nsresult GetOriginForURI(nsIURI* aURI, char **aOrigin);
|
|
|
|
nsCOMPtr<nsIURI> mDomain;
|
|
nsCOMPtr<nsIURI> mCodebase;
|
|
uint32_t mAppId;
|
|
bool mInMozBrowser;
|
|
// If mCodebaseImmutable is true, mCodebase is non-null and immutable
|
|
bool mCodebaseImmutable;
|
|
bool mDomainImmutable;
|
|
bool mInitialized;
|
|
|
|
protected:
|
|
virtual ~nsPrincipal();
|
|
|
|
/**
|
|
* Returns the app status of the principal based on mAppId and mInMozBrowser.
|
|
*/
|
|
uint16_t GetAppStatus();
|
|
};
|
|
|
|
class nsExpandedPrincipal : public nsIExpandedPrincipal, public nsBasePrincipal
|
|
{
|
|
public:
|
|
nsExpandedPrincipal(nsTArray< nsCOMPtr<nsIPrincipal> > &aWhiteList);
|
|
|
|
protected:
|
|
virtual ~nsExpandedPrincipal();
|
|
|
|
public:
|
|
NS_DECL_ISUPPORTS_INHERITED
|
|
NS_DECL_NSIEXPANDEDPRINCIPAL
|
|
NS_DECL_NSISERIALIZABLE
|
|
NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD EqualsIgnoringDomain(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD GetHashValue(uint32_t* aHashValue);
|
|
NS_IMETHOD GetURI(nsIURI** aURI);
|
|
NS_IMETHOD GetDomain(nsIURI** aDomain);
|
|
NS_IMETHOD SetDomain(nsIURI* aDomain);
|
|
NS_IMETHOD GetOrigin(char** aOrigin);
|
|
NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD SubsumesIgnoringDomain(nsIPrincipal* other, bool* _retval);
|
|
NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal);
|
|
NS_IMETHOD GetExtendedOrigin(nsACString& aExtendedOrigin);
|
|
NS_IMETHOD GetAppStatus(uint16_t* aAppStatus);
|
|
NS_IMETHOD GetAppId(uint32_t* aAppStatus);
|
|
NS_IMETHOD GetIsInBrowserElement(bool* aIsInBrowserElement);
|
|
NS_IMETHOD GetUnknownAppId(bool* aUnknownAppId);
|
|
#ifdef DEBUG
|
|
virtual void dumpImpl();
|
|
#endif
|
|
|
|
virtual void GetScriptLocation(nsACString &aStr) MOZ_OVERRIDE;
|
|
|
|
private:
|
|
nsTArray< nsCOMPtr<nsIPrincipal> > mPrincipals;
|
|
};
|
|
|
|
#define NS_PRINCIPAL_CLASSNAME "principal"
|
|
#define NS_PRINCIPAL_CONTRACTID "@mozilla.org/principal;1"
|
|
#define NS_PRINCIPAL_CID \
|
|
{ 0x36102b6b, 0x7b62, 0x451a, \
|
|
{ 0xa1, 0xc8, 0xa0, 0xd4, 0x56, 0xc9, 0x2d, 0xc5 }}
|
|
|
|
#define NS_EXPANDEDPRINCIPAL_CLASSNAME "expandedprincipal"
|
|
#define NS_EXPANDEDPRINCIPAL_CONTRACTID "@mozilla.org/expandedprincipal;1"
|
|
#define NS_EXPANDEDPRINCIPAL_CID \
|
|
{ 0xb33a3807, 0xb76c, 0x44e5, \
|
|
{ 0xb9, 0x9d, 0x95, 0x7e, 0xe9, 0xba, 0x6e, 0x39 }}
|
|
|
|
#endif // nsPrincipal_h__
|