mozilla
/
mozilla-history
зеркало из https://github.com/mozilla/mozilla-history.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix to the caps security module. I removed the nsPrincipal struct, from now 

on you can access principals by their xpcomed interface nsIPrincipal.
This commit is contained in:
arielb%netscape.com 1999-07-24 03:58:23 +00:00
Родитель 9ae27ebebc
Коммит 76ffc06aa5
43 изменённых файлов: 2422 добавлений и 3088 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
caps/idl/MANIFEST
Просмотреть файл

@ -1,6 +1,3 @@
nsIPrincipal.idl
nsICodebasePrincipal.idl
nsICertificatePrincipal.idl
nsICodeSourcePrincipal.idl
nsIScriptSecurityManager.idl
nsICapsSecurityCallbacks.idl

7
caps/idl/Makefile.in
Просмотреть файл

@ -24,13 +24,10 @@ include $(DEPTH)/config/autoconf.mk
MODULE = caps
XPIDLSRCS = \
XPIDLSRCS = \
nsIScriptSecurityManager.idl \
nsICapsSecurityCallbacks.idl \
nsIPrincipal.idl \
nsICodebasePrincipal.idl \
nsICertificatePrincipal.idl \
nsICodeSourcePrincipal.idl \
nsIPrincipal.idl \
$(NULL)
include $(topsrcdir)/config/rules.mk

7
caps/idl/makefile.win
Просмотреть файл

@ -19,13 +19,10 @@ DEPTH=..\..
MODULE=caps
XPIDLSRCS= \
XPIDLSRCS= \
.\nsIScriptSecurityManager.idl \
.\nsICapsSecurityCallbacks.idl \
.\nsIPrincipal.idl \
.\nsICertificatePrincipal.idl \
.\nsICodebasePrincipal.idl \
.\nsICodeSourcePrincipal.idl \
.\nsIPrincipal.idl \
$(NULL)
include <$(DEPTH)\config\rules.mak>

0
caps/idl/nsICertificatePrincipal.idl
Просмотреть файл

0
caps/idl/nsICodeSourcePrincipal.idl
Просмотреть файл

0
caps/idl/nsICodebasePrincipal.idl
Просмотреть файл

31
caps/idl/nsIPrincipal.idl
Просмотреть файл

@ -17,8 +17,37 @@
*/
#include "nsISupports.idl"
[uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]
interface nsIPrincipal : nsISupports {
void IsTrusted([const] in string scope, out boolean pbIsTrusted);
const short PrincipalType_Unknown=-1;
const short PrincipalType_CodebaseExact=1;
const short PrincipalType_CodebaseRegex=2;
const short PrincipalType_Certificate=3;
const short PrincipalType_CertificateFingerPrint=4;
const short PrincipalType_CertificateKey=5;
const short PrincipalType_CertificateChain=6;
void GetType(out short type);
void IsSecure(out boolean result);
void ToString(out string result);
void HashCode(out unsigned long code);
void Equals(in nsIPrincipal other, out boolean result);
};
[uuid(c29fe440-25e1-11d2-8160-006008119d7a)]
interface nsICodebasePrincipal : nsIPrincipal {
void GetURL(out string ppCodeBaseURL);
void IsCodebaseExact(out boolean result);
void IsCodebaseRegex(out boolean result);
};
[uuid(ebfefcd0-25e1-11d2-8160-006008119d7a)]
interface nsICertificatePrincipal : nsIPrincipal {
void GetPublicKey(out string publicKey, out unsigned long publicKeySize);
void GetCompanyName(out string ppCompanyName);
void GetCertificateAuthority(out string ppCertAuthority);
void GetSerialNumber(out string ppSerialNumber);
void GetExpirationDate(out string ppExpDate);
void GetFingerPrint(out string ppFingerPrint);
};

31
caps/include/MANIFEST
Просмотреть файл

@ -1,20 +1,25 @@
nsZig.h
nsPrincipal.h
nsPrivilege.h
nsPrivilegeManager.h
nsPrivilegeTable.h
nsSystemPrivilegeTable.h
nsTarget.h
nsUserTarget.h
jpermission.h
nsUserDialogHelper.h
nsZip.h
nsLoadZig.h
admin.h
jpermission.h
nsCaps.h
nsCapsEnums.h
nsCCapsManager.h
nsCCapsManagerFactory.h
nsCertificatePrincipal.h
nsCodebasePrincipal.h
nsCCodeSourcePrincipal.h
nsLoadZig.h
nsPrincipalTools.h
nsPrivilege.h
nsPrivilegeManager.h
nsPrivilegeTable.h
nsSystemPrivilegeTable.h
nsTarget.h
nsUserDialogHelper.h
nsUserTarget.h
nsZig.h
nsZip.h

38
caps/include/Makefile.in
Просмотреть файл

@ -23,26 +23,26 @@ VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
EXPORTS = nsZip.h \
nsZig.h \
nsLoadZig.h \
nsPrincipal.h \
nsPrivilege.h \
nsPrivilegeManager.h \
nsPrivilegeTable.h \
EXPORTS = \
admin.h \
jpermission.h \
nsCaps.h \
nsCapsEnums.h \
nsCCapsManager.h \
nsCCapsManagerFactory.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsLoadZig.h \
nsPrincipalTools.h \
nsPrivilege.h \
nsPrivilegeManager.h \
nsPrivilegeTable.h \
nsSystemPrivilegeTable.h \
nsTarget.h \
nsUserTarget.h \
jpermission.h \
nsUserDialogHelper.h \
admin.h \
nsCaps.h \
nsCapsEnums.h \
nsCCapsManagerFactory.h \
nsCCapsManager.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsCCodeSourcePrincipal.h
nsTarget.h \
nsUserDialogHelper.h \
nsUserTarget.h \
nsZig.h \
nsZip.h
EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))

41
caps/include/makefile.win
Просмотреть файл

@ -28,27 +28,26 @@ IGNORE_MANIFEST=1
MODULE=caps
DEPTH=..\..
EXPORTS=nsZip.h \
nsZig.h \
nsLoadZig.h \
nsPrincipal.h \
nsPrivilege.h \
nsPrivilegeManager.h \
nsPrivilegeTable.h \
nsSystemPrivilegeTable.h \
nsTarget.h \
nsUserTarget.h \
jpermission.h \
nsUserDialogHelper.h \
admin.h \
nsCaps.h \
nsCapsEnums.h \
nsCCapsManager.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsCCapsManagerFactory.h \
nsCCodeSourcePrincipal.h
EXPORTS= \
admin.h \
jpermission.h \
nsCaps.h \
nsCapsEnums.h \
nsCCapsManager.h \
nsCCapsManagerFactory.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsLoadZig.h \
nsPrincipalTools.h \
nsPrivilege.h \
nsPrivilegeManager.h \
nsPrivilegeTable.h \
nsSystemPrivilegeTable.h \
nsTarget.h \
nsUserDialogHelper.h \
nsUserTarget.h \
nsZig.h \
nsZip.h
include <$(DEPTH)/config/rules.mak>

382
caps/include/nsCCapsManager.h
Просмотреть файл

@ -16,15 +16,13 @@
* Reserved.
*/
#ifndef nsCCapsManager_h___
#define nsCCapsManager_h___
#ifndef _NS_CCAPS_MANANGER_H_
#define _NS_CCAPS_MANAGER_H_
#include "nsIPrincipal.h"
#include "nsISupports.h"
#include "nsICapsManager.h"
#include "nsAgg.h"
#include "nsPrincipal.h"
#include "nsPrivilegeManager.h"
/**
@ -37,238 +35,232 @@
*/
class nsCCapsManager : public nsICapsManager {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports and AggregatedQueryInterface:
////////////////////////////////////////////////////////////////////////////
// from nsISupports and AggregatedQueryInterface:
NS_DECL_AGGREGATED
NS_DECL_AGGREGATED
////////////////////////////////////////////////////////////////////////////
// from nsICapsManager:
////////////////////////////////////////////////////////////////////////////
// from nsICapsManager:
NS_IMETHOD
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
NS_IMETHOD
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
NS_IMETHOD
CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
NS_IMETHOD
CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
/**
* Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal
* and nsICertPrincipal
*
* @param certByteData - The ceritificate's byte array data including the chain.
* @param certByteDataSize - the length of certificate byte array.
* @param codebaseURL - the codebase URL
*/
NS_IMETHOD
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
/**
* Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal
* and nsICertPrincipal
*
* @param certByteData - The ceritificate's byte array data including the chain.
* @param certByteDataSize - the length of certificate byte array.
* @param codebaseURL - the codebase URL
*/
/*
NS_IMETHOD
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
*/
/**
* Returns the permission for given principal and target
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - the return value is passed in this parameter.
*/
NS_IMETHOD
GetPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * state);
/**
* Returns the permission for given principal and target
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - the return value is passed in this parameter.
*/
NS_IMETHOD
GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state);
/**
* Set the permission state for given principal and target. This wouldn't
* prompt the end user with UI.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - is permisson state that should be set for the given prin
* and target parameters.
*/
NS_IMETHOD
SetPermission(nsIPrincipal * prin, nsTarget* target, nsPermission state);
/**
* Set the permission state for given principal and target. This wouldn't
* prompt the end user with UI.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - is permisson state that should be set for the given prin
* and target parameters.
*/
NS_IMETHOD
SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state);
/**
* Prompts the user if they want to grant permission for the given principal and
* for the given target.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param result - is the permission user has given for the given principal and
* target
*/
NS_IMETHOD
AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result);
/**
* Prompts the user if they want to grant permission for the given principal and
* for the given target.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param result - is the permission user has given for the given principal and
* target
*/
NS_IMETHOD
AskPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * result);
/*
* All of the following methods are used by JS (the code located
* in lib/libmocha area).
*/
/*
* All of the following methods are used by JS (the code located
* in lib/libmocha area).
*/
/**
* Initializes the capabilities subsytem (ie setting the system principal, initializing
* privilege Manager, creating the capsManager factory etc
*
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
Initialize(PRBool *result);
/**
* Initializes the capabilities subsytem (ie setting the system principal, initializing
* privilege Manager, creating the capsManager factory etc
*
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
Initialize(PRBool * result);
NS_IMETHOD
InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
NS_IMETHOD
InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
/**
* Registers the given Principal with the system.
*
* @param prin - is either certificate principal or codebase principal
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
RegisterPrincipal(nsIPrincipal* prin, PRBool *result);
/**
* Registers the given Principal with the system.
*
* @param prin - is either certificate principal or codebase principal
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
RegisterPrincipal(nsIPrincipal * prin);
/**
* Prompts the user if they want to grant permission for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Prompts the user if they want to grant permission for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Returns if the user granted permission for the principal located at the given
* stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Returns if the user granted permission for the principal located at the given
* stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Reverts the permission (granted/denied) user gave for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Reverts the permission (granted/denied) user gave for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Disable permissions for the principal located at the given stack depth for the
* given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/**
* Disable permissions for the principal located at the given stack depth for the
* given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
/* XXX: Some of the arguments for the following interfaces may change.
* This is a first cut. I need to talk to joki. We should get rid of void* parameters.
*/
NS_IMETHOD
ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
/* XXX: Some of the arguments for the following interfaces may change.
* This is a first cut. I need to talk to joki. We should get rid of void* parameters.
*/
NS_IMETHOD
ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
NS_IMETHOD
IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
NS_IMETHOD
IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
NS_IMETHOD
CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
NS_IMETHOD
CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
/*
NS_IMETHOD
NewPrincipal(PRInt16 prinType, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
NS_IMETHOD
NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
NS_IMETHOD
IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
NS_IMETHOD
IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
NS_IMETHOD
ToString(nsIPrincipal* principal, char* *result);
NS_IMETHOD
ToString(nsIPrincipal* principal, char* *result);
NS_IMETHOD
GetVendor(nsIPrincipal* principal, char* *result);
*/
NS_IMETHOD
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
NS_IMETHOD
GetVendor(nsIPrincipal* principal, char* *result);
NS_IMETHOD
NewPrincipalArray(PRUint32 count, void* *result);
NS_IMETHOD
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
NS_IMETHOD
FreePrincipalArray(void *prinArray);
NS_IMETHOD
NewPrincipalArray(PRUint32 count, void* *result);
NS_IMETHOD
GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * * result);
NS_IMETHOD
FreePrincipalArray(void *prinArray);
NS_IMETHOD
SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * principal);
NS_IMETHOD
GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *result);
NS_IMETHOD
GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
NS_IMETHOD
SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* principal);
/* The following interfaces will replace all of the following old calls.
*
* nsCapsGetPermission(struct nsPrivilege *privilege)
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
*
*/
NS_IMETHOD
IsAllowed(void *annotation, char* target, PRBool *result);
NS_IMETHOD
GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
////////////////////////////////////////////////////////////////////////////
// from nsCCapsManager:
/* The following interfaces will replace all of the following old calls.
*
* nsCapsGetPermission(struct nsPrivilege *privilege)
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
*
*/
NS_IMETHOD
IsAllowed(void *annotation, char* target, PRBool *result);
nsCCapsManager(nsISupports *aOuter);
virtual ~nsCCapsManager(void);
/* XXX: TODO: We need to set up the JS frame walking callbacks */
void
CreateNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
/*
NS_METHOD
GetNSPrincipal(nsIPrincipal * pNSIPrincipal, nsIPrincipal ** ppNSPRincipal);
*/
NS_METHOD
GetNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
nsPermission
ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
nsPrivilege *
ConvertPermissionToPrivilege(nsPermission state);
////////////////////////////////////////////////////////////////////////////
// from nsCCapsManager:
nsCCapsManager(nsISupports *aOuter);
virtual ~nsCCapsManager(void);
void
CreateNSPrincipalArray(nsPrincipalArray* prinArray,
nsPrincipalArray* *pPrincipalArray);
NS_METHOD
GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPRincipal);
NS_METHOD
GetNSPrincipalArray(nsPrincipalArray* prinArray,
nsPrincipalArray* *pPrincipalArray);
nsPermission
ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
nsPrivilege *
ConvertPermissionToPrivilege(nsPermission state);
void
SetSystemPrivilegeManager();
void
SetSystemPrivilegeManager();
protected:
nsPrivilegeManager *m_pNSPrivilegeManager;
nsPrivilegeManager * privilegeManager;
};
#endif // nsCCapsManager_h___

0
caps/include/nsCCodeSourcePrincipal.h
Просмотреть файл

42
caps/include/nsCaps.h
Просмотреть файл

@ -21,14 +21,13 @@
#include "prtypes.h"
#include "nsCapsEnums.h"
PR_BEGIN_EXTERN_C
struct nsPrincipal;
struct nsTarget;
class nsTarget;
class nsIPrincipal;
class nsPrivilegeTable;
struct nsPrivilegeManager;
struct nsPrivilege;
struct nsPrivilegeTable;
struct NSJSJavaFrameWrapper;
/* wrappers for nsPrivilegeManager object */
@ -36,19 +35,19 @@ PR_IMPLEMENT(PRBool)
nsCapsInitialize();
PR_EXTERN(PRBool)
nsCapsRegisterPrincipal(struct nsPrincipal *principal);
nsCapsRegisterPrincipal(class nsIPrincipal * principal);
PR_EXTERN(PRBool)
nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
PR_EXTERN(PRBool)
nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth);
nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth);
PR_EXTERN(PRBool)
nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
PR_EXTERN(PRBool)
nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
PR_EXTERN(void*)
nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
@ -63,38 +62,39 @@ PR_EXTERN(PRBool)
nsCapsCanExtendTrust(void* from, void* to);
/* wrappers for nsPrincipal object */
PR_EXTERN(struct nsPrincipal *)
nsCapsNewPrincipal(nsPrincipalType type, void * key,
PR_EXTERN(class nsIPrincipal *)
nsCapsNewPrincipal(PRInt16 * principalType, void * key,
PRUint32 key_len, void *zig);
PR_EXTERN(const char *)
nsCapsPrincipalToString(struct nsPrincipal *principal);
nsCapsPrincipalToString(nsIPrincipal * principal);
PR_EXTERN(PRBool)
nsCapsIsCodebaseExact(struct nsPrincipal *principal);
nsCapsIsCodebaseExact(nsIPrincipal * principal);
PR_EXTERN(const char *)
nsCapsPrincipalGetVendor(struct nsPrincipal *principal);
nsCapsPrincipalGetVendor(nsIPrincipal * principal);
PR_EXTERN(void *)
nsCapsNewPrincipalArray(PRUint32 count);
PR_EXTERN(void)
nsCapsFreePrincipalArray(void *prinArray);
nsCapsFreePrincipalArray(void * prinArray);
PR_EXTERN(void *)
nsCapsGetPrincipalArrayElement(void *prinArray, PRUint32 index);
nsCapsGetPrincipalArrayElement(void * prinArray, PRUint32 index);
PR_EXTERN(void)
nsCapsSetPrincipalArrayElement(void *prinArray, PRUint32 index, void *element);
nsCapsSetPrincipalArrayElement(void * prinArray, PRUint32 index, void *element);
PR_EXTERN(PRUint32)
nsCapsGetPrincipalArraySize(void *prinArray);
nsCapsGetPrincipalArraySize(void * prinArray);
/* wrappers for nsTarget object */
PR_EXTERN(struct nsTarget *)
PR_EXTERN(class nsTarget *)
nsCapsFindTarget(char *name);
@ -104,8 +104,8 @@ nsCapsGetPermission(struct nsPrivilege *privilege);
/* wrappers for nsPrivilegeTable object */
PR_EXTERN(struct nsPrivilege *)
nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target);
PR_EXTERN(nsPrivilege *)
nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget * target);
/* Methods for stack walking */

113
caps/include/nsCertificatePrincipal.h
Просмотреть файл

@ -16,85 +16,64 @@
* Reserved.
*/
#ifndef nsCertificatePrincipal_h___
#define nsCertificatePrincipal_h___
#include "nsICertificatePrincipal.h"
#include "nsPrincipal.h"
#ifndef _NS_CERTIFICATE_PRINCIPAL_H_
#define _NS_CERTIFICATE_PRINCIPAL_H_
#include "nsVector.h"
#include "nsIPrincipal.h"
class nsCertificatePrincipal : public nsICertificatePrincipal {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
NS_DECL_ISUPPORTS
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_DECL_ISUPPORTS
NS_IMETHOD
IsTrusted(const char* scope, PRBool *pbIsTrusted);
////////////////////////////////////////////////////////////////////////////
// from nsICertificatePrincipal:
/**
* Returns the public key of the certificate.
*
* @param publicKey - the Public Key data will be returned in this field.
* @param publicKeySize - the length of public key data is returned in this
* parameter.
*/
NS_IMETHOD
GetPublicKey(char **publicKey, PRUint32 *publicKeySize);
NS_IMETHOD
GetPublicKey(char ** pk, PRUint32 * pkSize);
/**
* Returns the company name of the ceritificate (OU etc parameters of certificate)
*
* @param result - the certificate details about the signer.
*/
NS_IMETHOD
GetCompanyName(char **ppCompanyName);
NS_IMETHOD
GetCompanyName(char ** cn);
/**
* Returns the certificate issuer's data (OU etc parameters of certificate)
*
* @param result - the details about the issuer
*/
NS_IMETHOD
GetCertificateAuthority(char **ppCertAuthority);
NS_IMETHOD
GetCertificateAuthority(char ** ca);
/**
* Returns the serial number of certificate
*
* @param result - Returns the serial number of certificate
*/
NS_IMETHOD
GetSerialNumber(char **ppSerialNumber);
NS_IMETHOD
GetSerialNumber(char ** sn);
/**
* Returns the expiration date of certificate
*
* @param result - Returns the expiration date of certificate
*/
NS_IMETHOD
GetExpirationDate(char **ppExpDate);
NS_IMETHOD
GetExpirationDate(char ** ed);
/**
* Returns the finger print of certificate
*
* @param result - Returns the finger print of certificate
*/
NS_IMETHOD
GetFingerPrint(char **ppFingerPrint);
NS_IMETHOD
GetFingerPrint(char ** fp);
////////////////////////////////////////////////////////////////////////////
// from nsCertificatePrincipal:
nsCertificatePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result);
nsCertificatePrincipal(nsPrincipal *pNSPrincipal);
NS_IMETHOD
GetType(PRInt16 * type);
virtual ~nsCertificatePrincipal(void);
nsPrincipal *GetPeer(void);
NS_IMETHOD
IsSecure(PRBool * result);
NS_IMETHOD
ToString(char ** result);
NS_IMETHOD
HashCode(PRUint32 * code);
NS_IMETHOD
Equals(nsIPrincipal * other, PRBool * result);
nsCertificatePrincipal(PRInt16 * type, const unsigned char ** certChain,
PRUint32 * certChainLengths, PRUint32 noOfCerts, nsresult * result);
virtual ~nsCertificatePrincipal(void);
protected:
nsPrincipal *m_pNSPrincipal;
PRInt16 itsType;
char * itsKey;
PRUint32 itsKeyLength;
nsVector * itsCertificateArray;
char * itsCompanyName;
char * itsCertificateAuthority;
char * itsSerialNumber;
char * itsExpirationDate;
char * itsFingerPrint;
char * itsNickname;
char * itsString;
};
#endif // nsCCertificatePrincipal_h___
#endif // _NS_CERTIFICATE_PRINCIPAL_H_

56
caps/include/nsCodebasePrincipal.h
Просмотреть файл

@ -16,48 +16,46 @@
* Reserved.
*/
#ifndef nsCodebasePrincipal_h___
#define nsCodebasePrincipal_h___
#ifndef _NS_CODEBASE_PRINCIPAL_H_
#define _NS_CODEBASE_PRINCIPAL_H_
#include "nsICodebasePrincipal.h"
#include "nsPrincipal.h"
#include "nsIPrincipal.h"
class nsCodebasePrincipal : public nsICodebasePrincipal {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
NS_DECL_ISUPPORTS
NS_DECL_ISUPPORTS
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_IMETHOD
GetURL(char ** cburl);
NS_IMETHOD
IsTrusted(const char* scope, PRBool *pbIsTrusted);
NS_IMETHOD
IsCodebaseExact(PRBool * result);
///////////////////////////////////////////////////////////////////////////
// from nsICodebasePrincipal:
NS_IMETHOD
IsCodebaseRegex(PRBool * result);
/**
* Returns the codebase URL of the principal.
*
* @param result - the resulting codebase URL
*/
NS_IMETHOD
GetURL(char **ppCodeBaseURL);
NS_IMETHOD
GetType(PRInt16 * type);
////////////////////////////////////////////////////////////////////////////
// from nsCCodebasePrincipal:
NS_IMETHOD
IsSecure(PRBool * result);
nsCodebasePrincipal(const char *codebaseURL, nsresult *result);
nsCodebasePrincipal(nsPrincipal *pNSPrincipal);
NS_IMETHOD
ToString(char ** result);
virtual ~nsCodebasePrincipal(void);
nsPrincipal *GetPeer(void);
NS_IMETHOD
HashCode(PRUint32 * code);
NS_IMETHOD
Equals(nsIPrincipal * other, PRBool * result);
nsCodebasePrincipal(PRInt16 * type, const char *codebaseURL);
virtual ~nsCodebasePrincipal(void);
protected:
nsPrincipal *m_pNSPrincipal;
const char * codeBaseURL;
PRInt16 * itsType;
};
#endif // nsCCodebasePrincipal_h___
#endif // _NS_CODEBASE_PRINCIPAL_H_

0
caps/include/nsPrincipal.h
Просмотреть файл

34
caps/include/nsPrincipalTools.h Normal file
Просмотреть файл

@ -0,0 +1,34 @@
#ifndef _NS_PRINCIPAL_TOOLS_H_
#define _NS_PRINCIPAL_TOOLS_H_
#include "nsIPrincipal.h"
#include "nsHashtable.h"
typedef nsVector nsPrincipalArray;
class PrincipalKey: public nsHashKey {
public:
nsIPrincipal * itsPrincipal;
PrincipalKey(nsIPrincipal * prin) {
itsPrincipal = prin;
}
PRUint32 HashValue(void) const {
PRUint32 * code;
itsPrincipal->HashCode(code);
return *code;
}
PRBool Equals(const nsHashKey * aKey) const {
PRBool * result;
itsPrincipal->Equals(((const PrincipalKey *) aKey)->itsPrincipal, result);
return *result;
}
nsHashKey * Clone(void) const {
return new PrincipalKey(itsPrincipal);
}
};
#endif _NS_PRINCIPAL_TOOLS_H_

2
caps/include/nsPrivilege.h
Просмотреть файл

@ -20,7 +20,7 @@
#define _NS_PRIVILEGE_H_
#include "prtypes.h"
#include "nsCaps.h"
//#include "nsCaps.h"
#include "nsCapsEnums.h"
PRBool nsPrivilegeInitialize(void);

267
caps/include/nsPrivilegeManager.h
Просмотреть файл

@ -23,11 +23,11 @@
#include "prio.h"
#include "prmon.h"
#include "nsHashtable.h"
#include "nsVector.h"
#include "nsCaps.h"
#include "nsTarget.h"
#include "nsPrincipal.h"
#include "nsIPrincipal.h"
#include "nsPrincipalTools.h"
#include "nsPrivilege.h"
#include "nsPrivilegeTable.h"
#include "nsSystemPrivilegeTable.h"
@ -45,190 +45,221 @@ PRBool nsPrivilegeManagerInitialize(void);
struct nsPrivilegeManager {
public:
/* Public Methods */
/* Public Methods */
nsPrivilegeManager(void);
virtual ~nsPrivilegeManager(void);
nsPrivilegeManager(void);
virtual ~nsPrivilegeManager(void);
void registerSystemPrincipal(nsPrincipal *principal);
void
RegisterSystemPrincipal(nsIPrincipal * principal);
void registerPrincipal(nsPrincipal *principal);
void
RegisterPrincipal(nsIPrincipal * principal);
PRBool unregisterPrincipal(nsPrincipal *principal);
PRBool
UnregisterPrincipal(nsIPrincipal * principal);
PRBool isPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
PRBool
IsPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
PRBool isPrivilegeEnabled(void* context, nsTarget *target,
PRInt32 callerDepth);
PRBool
IsPrivilegeEnabled(void* context, nsTarget *target,
PRInt32 callerDepth);
PRBool enablePrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool
EnablePrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool enablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool
EnablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool enablePrivilege(nsTarget *target, nsPrincipal *preferredPrincipal,
PRInt32 callerDepth);
PRBool
EnablePrivilege(nsTarget *target, nsIPrincipal *preferredPrincipal,
PRInt32 callerDepth);
PRBool enablePrivilege(void* context, nsTarget *target,
nsPrincipal *preferredPrincipal,
PRInt32 callerDepth);
PRBool
EnablePrivilege(void* context, nsTarget *target, nsIPrincipal * preferredPrincipal,
PRInt32 callerDepth);
PRBool revertPrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool
RevertPrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool revertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool
RevertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool disablePrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool
DisablePrivilege(nsTarget *target, PRInt32 callerDepth);
PRBool disablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool
DisablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
PRBool enablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth,
nsPrincipal *preferredPrin, void * data,
nsTarget *impersonator);
PRBool
EnablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth,
nsIPrincipal * preferredPrin, void * data,
nsTarget *impersonator);
PRBool enablePrincipalPrivilegeHelper(void* context, nsTarget *target,
PRInt32 callerDepth,
nsPrincipal *preferredPrin,
void * data,
nsTarget *impersonator);
PRBool
EnablePrincipalPrivilegeHelper(void* context, nsTarget *target,
PRInt32 callerDepth,
nsIPrincipal * preferredPrin,
void * data,
nsTarget *impersonator);
nsPrivilegeTable *enableScopePrivilegeHelper(nsTarget *target,
PRInt32 callerDepth,
void *data,
PRBool helpingSetScopePrivilege,
nsPrincipal *prefPrin);
nsPrivilegeTable *
EnableScopePrivilegeHelper(nsTarget *target,
PRInt32 callerDepth,
void *data,
PRBool helpingSetScopePrivilege,
nsIPrincipal * prefPrin);
nsPrivilegeTable *enableScopePrivilegeHelper(void* context, nsTarget *target,
PRInt32 callerDepth, void *data,
PRBool helpingSetScopePrivilege,
nsPrincipal *prefPrin);
nsPrivilegeTable *
EnableScopePrivilegeHelper(void* context, nsTarget *target,
PRInt32 callerDepth, void *data,
PRBool helpingSetScopePrivilege,
nsIPrincipal * prefPrin);
PRBool AskPermission(nsPrincipal* useThisPrin, nsTarget* target, void* data);
PRBool
AskPermission(nsIPrincipal * useThisPrin, nsTarget* target, void* data);
void SetPermission(nsPrincipal *useThisPrin, nsTarget *target,
nsPrivilege *newPrivilege);
void
SetPermission(nsIPrincipal * useThisPrin, nsTarget * target, nsPrivilege * newPrivilege);
void registerPrincipalAndSetPrivileges(nsPrincipal *principal,
nsTarget *target,
nsPrivilege *newPrivilege);
void
RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsTarget * target, nsPrivilege * newPrivilege);
void updatePrivilegeTable(nsTarget *target,
nsPrivilegeTable *privTable,
nsPrivilege *newPrivilege);
void
UpdatePrivilegeTable(nsTarget *target, nsPrivilegeTable * privTable, nsPrivilege * newPrivilege);
PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
PRBool
CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
PRBool checkPrivilegeGranted(void* context, nsTarget *target,
PRInt32 callerDepth);
PRBool
CheckPrivilegeGranted(void* context, nsTarget *target,
PRInt32 callerDepth);
PRBool checkPrivilegeGranted(nsTarget *target, nsPrincipal *principal,
void *data);
PRBool
CheckPrivilegeGranted(nsTarget *target, nsIPrincipal * principal, void *data);
PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth,
void *data);
PRBool
CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, void *data);
PRBool checkPrivilegeGranted(void* context, nsTarget *target,
PRInt32 callerDepth, void *data);
PRBool
CheckPrivilegeGranted(void * context, nsTarget * target,
PRInt32 callerDepth, void * data);
nsPrivilege *getPrincipalPrivilege(nsTarget *target, nsPrincipal *prin,
void *data);
nsPrivilege *
GetPrincipalPrivilege(nsTarget * target, nsIPrincipal * prin, void * data);
static nsPrivilegeManager * getPrivilegeManager(void);
static nsPrivilegeManager *
GetPrivilegeManager(void);
static nsPrincipalArray* getMyPrincipals(PRInt32 callerDepth);
static nsPrincipalArray *
GetMyPrincipals(PRInt32 callerDepth);
static nsPrincipalArray* getMyPrincipals(void* context, PRInt32 callerDepth);
static nsPrincipalArray *
GetMyPrincipals(void* context, PRInt32 callerDepth);
static nsPrincipal * getSystemPrincipal(void);
static nsIPrincipal *
GetSystemPrincipal(void);
static PRBool hasSystemPrincipal(nsPrincipalArray *prinArray);
static PRBool
HasSystemPrincipal(nsPrincipalArray * prinArray);
static nsPrincipal* getUnsignedPrincipal(void);
static nsIPrincipal *
GetUnsignedPrincipal(void);
static nsPrincipal* getUnknownPrincipal(void);
static nsIPrincipal *
GetUnknownPrincipal(void);
nsSetComparisonType comparePrincipalArray(nsPrincipalArray* prin1Array,
nsPrincipalArray* prin2Array);
nsSetComparisonType
ComparePrincipalArray(nsPrincipalArray * prin1Array, nsPrincipalArray * prin2Array);
nsPrincipalArray* intersectPrincipalArray(nsPrincipalArray* prin1Array,
nsPrincipalArray* prin2Array);
nsPrincipalArray *
IntersectPrincipalArray(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
PRBool canExtendTrust(nsPrincipalArray* prin1Array,
nsPrincipalArray* prin2Array);
PRBool
CanExtendTrust(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
PRBool checkMatchPrincipal(nsPrincipal *principal, PRInt32 callerDepth);
PRBool
CheckMatchPrincipal(nsIPrincipal * principal, PRInt32 callerDepth);
PRBool checkMatchPrincipal(void* context, nsPrincipal *principal,
PRInt32 callerDepth);
PRBool
CheckMatchPrincipal(void* context, nsIPrincipal * principal, PRInt32 callerDepth);
/* Helper functions for ADMIN UI */
const char * getAllPrincipalsString(void);
/* Helper functions for ADMIN UI */
const char *
GetAllPrincipalsString(void);
nsPrincipal * getPrincipalFromString(char *prinName);
nsIPrincipal *
GetPrincipalFromString(char *prinName);
void getTargetsWithPrivileges(char *prinName, char** forever,
char** session, char **denied);
void
GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied);
PRBool removePrincipal(char *prinName);
PRBool
RemovePrincipal(char *prinName);
PRBool removePrincipalsPrivilege(char *prinName, char *targetName);
PRBool
RemovePrincipalsPrivilege(char *prinName, char *targetName);
void remove(nsPrincipal *prin, nsTarget *target);
/* The following are old native methods */
char * checkPrivilegeEnabled(nsTargetArray* targetArray,
PRInt32 callerDepth, void *data);
void
Remove(nsIPrincipal *prin, nsTarget *target);
char * checkPrivilegeEnabled(void* context, nsTargetArray* targetArray,
PRInt32 callerDepth, void *data);
/* The following are old native methods */
char *
CheckPrivilegeEnabled(nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
nsPrincipalArray* getClassPrincipalsFromStack(PRInt32 callerDepth);
char *
CheckPrivilegeEnabled(void* context, nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
nsPrincipalArray* getClassPrincipalsFromStack(void* context,
PRInt32 callerDepth);
nsPrincipalArray *
GetClassPrincipalsFromStack(PRInt32 callerDepth);
nsPrivilegeTable * getPrivilegeTableFromStack(PRInt32 callerDepth,
PRBool createIfNull);
nsPrincipalArray *
GetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
nsPrivilegeTable * getPrivilegeTableFromStack(void* context,
PRInt32 callerDepth,
PRBool createIfNull);
nsPrivilegeTable *
GetPrivilegeTableFromStack(PRInt32 callerDepth, PRBool createIfNull);
/* End of native methods */
nsPrivilegeTable *
GetPrivilegeTableFromStack(void* context, PRInt32 callerDepth, PRBool createIfNull);
/* End of native methods */
private:
nsHashtable *itsPrinToPrivTable;
nsHashtable *itsPrinToMacroTargetPrivTable;
nsHashtable *itsPrinNameToPrincipalTable;
nsHashtable * itsPrinToPrivTable;
nsHashtable * itsPrinToMacroTargetPrivTable;
nsHashtable * itsPrinNameToPrincipalTable;
static PRBool theSecurityInited;
static PRBool theSecurityInited;
static char * SignedAppletDBName;
static char * SignedAppletDBName;
static PRBool theInited;
static PRBool theInited;
/* Private Field Accessors */
/* Private Methods */
/* Private Methods */
void
AddToPrinNameToPrincipalTable(nsIPrincipal *prin);
void addToPrinNameToPrincipalTable(nsPrincipal *prin);
PRBool
EnablePrivilegePrivate(void* context, nsTarget *target, nsIPrincipal *preferredPrincipal,
PRInt32 callerDepth);
PRBool enablePrivilegePrivate(void* context, nsTarget *target,
nsPrincipal *preferredPrincipal,
PRInt32 callerDepth);
nsPermissionState
GetPrincipalPrivilege(nsTarget *target, nsPrincipalArray* callerPrinArray, void * data);
nsPermissionState getPrincipalPrivilege(nsTarget *target,
nsPrincipalArray* callerPrinArray,
void *data);
PRBool isPermissionGranted(nsTarget *target,
nsPrincipalArray* callerPrinArray,
void *data);
PRBool
IsPermissionGranted(nsTarget *target, nsPrincipalArray* callerPrinArray, void *data);
/* The following methods are used to save and load the persistent store */
void save(nsPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
void
Save(nsIPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
void load(void);
void
Load(void);
};

18
caps/include/nsPrivilegeTable.h
Просмотреть файл

@ -25,33 +25,31 @@
#include "nsTarget.h"
#include "nsPrivilege.h"
struct nsPrivilegeTable {
class nsPrivilegeTable {
public:
/* Public Methods */
nsPrivilegeTable(void);
virtual ~nsPrivilegeTable(void);
PRInt32 size(void);
PRInt32 Size(void);
PRBool isEmpty(void);
PRBool IsEmpty(void);
virtual nsPrivilege * get(nsTarget *t);
virtual nsPrivilege * Get(nsTarget * t);
nsPrivilege * put(nsTarget *a, nsPrivilege *priv);
nsPrivilege * Put(nsTarget * a, nsPrivilege * priv);
nsPrivilege * remove(nsTarget *key);
nsPrivilege * Remove(nsTarget * key);
nsPrivilegeTable * clone(void);
nsPrivilegeTable * Clone(void);
void clear(void);
void Clear(void);
void Enumerate(nsHashtableEnumFunc aEnumFunc);
private:
/* Private Field Accessors */
nsHashtable * itsTable;
};

107
caps/include/nsTarget.h
Просмотреть файл

@ -22,11 +22,10 @@
#include <string.h>
#include "prtypes.h"
#include "plhash.h"
#include "nsHashtable.h"
#include "nsVector.h"
#include "nsCaps.h"
#include "nsPrincipal.h"
//#include "nsCaps.h"
#include "nsIPrincipal.h"
#include "nsPrivilege.h"
#include "nsUserDialogHelper.h"
@ -49,9 +48,9 @@ extern char* capsGetString(int id);
PR_END_EXTERN_C
extern PRBool CreateSystemTargets(nsPrincipal *sysPrin);
extern PRBool CreateSystemTargets(nsIPrincipal *sysPrin);
struct nsTarget {
class nsTarget {
public:
@ -59,84 +58,83 @@ public:
virtual ~nsTarget(void);
nsTarget(char *name, nsPrincipal *prin,
PRInt32 risk = JavaSecUI_targetRiskHigh(),
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
char *riskColor = "High",
char *description = NULL,
char *detailDescription = NULL,
char *url = NULL,
nsTargetArray* targetArray = NULL)
{
init(name, prin, targetArray, risk, riskColor, description,
detailDescription, url);
nsTarget(char *name, nsIPrincipal * prin,
PRInt32 risk = JavaSecUI_targetRiskHigh(),
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
char * riskColor = "High",
char * description = NULL,
char * detailDescription = NULL,
char * url = NULL,
nsTargetArray* targetArray = NULL)
{
this->Init(name, prin, targetArray, risk, riskColor, description, detailDescription, url);
}
nsTarget(char *name, nsPrincipal *prin,
PRInt32 risk = JavaSecUI_targetRiskHigh(),
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
char *riskColor = "High",
int desc_id = 0,
int detail_desc_id = 0,
int help_url_id = 0,
nsTargetArray* targetArray = NULL);
nsTarget(char *name, nsIPrincipal * prin,
PRInt32 risk = JavaSecUI_targetRiskHigh(),
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
char * riskColor = "High",
int desc_id = 0,
int detail_desc_id = 0,
int help_url_id = 0,
nsTargetArray* targetArray = NULL);
nsTarget * registerTarget(void);
nsTarget * RegisterTarget(void);
nsTarget * registerTarget(void* context);
nsTarget * RegisterTarget(void* context);
static nsTarget * findTarget(nsTarget *target);
static nsTarget * FindTarget(nsTarget *target);
static nsTarget * findTarget(char *name);
static nsTarget * FindTarget(char * name);
static nsTarget * findTarget(char *name, nsPrincipal *prin);
static nsTarget * FindTarget(char * name, nsIPrincipal *prin);
nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray, void *data);
nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray, void *data);
nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray);
nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray);
nsPrivilege * checkPrivilegeEnabled(nsPrincipal *p, void *data);
nsPrivilege * CheckPrivilegeEnabled(nsIPrincipal *p, void *data);
virtual nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
virtual nsPrivilege * EnablePrivilege(nsIPrincipal *prin, void *data);
nsPrivilege * getPrincipalPrivilege(nsPrincipal *prin, void *data);
nsPrivilege * GetPrincipalPrivilege(nsIPrincipal *prin, void *data);
nsTargetArray* getFlattenedTargetArray(void);
nsTargetArray* GetFlattenedTargetArray(void);
static nsTargetArray* getAllRegisteredTargets(void);
static nsTargetArray* GetAllRegisteredTargets(void);
char * getRisk(void);
char * GetRisk(void);
char * getRiskColor(void);
char * GetRiskColor(void);
char * getDescription(void);
char * GetDescription(void);
char * getDetailDescription(void);
char * GetDetailDescription(void);
static nsTarget * getTargetFromDescription(char *a);
static nsTarget * GetTargetFromDescription(char *a);
char * getHelpURL(void);
char * GetHelpURL(void);
char * getDetailedInfo(void *a);
char * GetDetailedInfo(void *a);
nsPrincipal * getPrincipal(void);
nsIPrincipal * GetPrincipal(void);
char * getName(void);
char * GetName(void);
PRBool equals(nsTarget *a);
PRBool Equals(nsTarget *a);
PRInt32 hashCode(void);
PRInt32 HashCode(void);
char * toString(void);
char * ToString(void);
PRBool isRegistered(void);
PRBool IsRegistered(void);
private:
/* Private Field Accessors */
char * itsName;
nsPrincipal * itsPrincipal;
nsIPrincipal * itsPrincipal;
PRInt32 itsRisk;
@ -161,9 +159,10 @@ private:
static PRBool theInited;
/* Private Methods */
void init(char *name, nsPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk, char *riskColor, char *description, char *detailDescription, char *url);
void Init(char *name, nsIPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk,
char *riskColor, char *description, char *detailDescription, char *url);
void getFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
void GetFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
};
@ -176,11 +175,11 @@ public:
}
PRUint32 HashValue(void) const {
return itsTarget->hashCode();
return itsTarget->HashCode();
}
PRBool Equals(const nsHashKey *aKey) const {
return (itsTarget->equals(((const TargetKey *) aKey)->itsTarget));
return (itsTarget->Equals(((const TargetKey *) aKey)->itsTarget));
}
nsHashKey *Clone(void) const {

71
caps/include/nsUserTarget.h
Просмотреть файл

@ -21,10 +21,9 @@
#include "prtypes.h"
#include "nsTarget.h"
#include "nsPrivilege.h"
#include "nsPrincipal.h"
//#include "nsPrincipal.h"
#include "nsCom.h"
/* Any methods that is not defined here is in Java */
@ -37,45 +36,43 @@ public:
nsUserTarget(char *name);
virtual ~nsUserTarget(void);
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
char *riskColor, char *description,
char *detailDescription, char *url)
: nsTarget(name, prin, risk, riskColor, description, detailDescription,
url, NULL)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor, char *description,
char *detailDescription, char *url)
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, NULL)
{
}
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
char *riskColor, char *description,
char *detailDescription, char *url,
nsTargetArray *targetArray)
: nsTarget(name, prin, risk, riskColor, description, detailDescription,
url, targetArray)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor, char *description,
char *detailDescription, char *url,
nsTargetArray *targetArray)
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, targetArray)
{
}
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, NULL)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, NULL)
{
}
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id,
nsTargetArray *targetArray)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, targetArray)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id,
nsTargetArray *targetArray)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, targetArray)
{
}
nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
nsPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data);
private:

Двоичные данные
caps/macbuild/Caps.mcp
Просмотреть файл

Двоичный файл не отображается.

Двоичные данные
caps/macbuild/CapsIDL.mcp
Просмотреть файл

Двоичный файл не отображается.

6
caps/public/Makefile.in
Просмотреть файл

@ -23,9 +23,9 @@ VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
EXPORTS = \
nsICapsManager.h \
nsCapsPublicEnums.h \
EXPORTS = \
nsICapsManager.h \
nsCapsPublicEnums.h \
$(NULL)
EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))

6
caps/public/makefile.win
Просмотреть файл

@ -28,9 +28,9 @@ IGNORE_MANIFEST=1
MODULE=caps
DEPTH=..\..
EXPORTS= \
nsICapsManager.h \
nsCapsPublicEnums.h
EXPORTS= \
nsICapsManager.h \
nsCapsPublicEnums.h

81
caps/public/nsCapsPublicEnums.h
Просмотреть файл

@ -1,81 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef _NS_CAPS_PUBLIC_ENUMS_H_
#define _NS_CAPS_PUBLIC_ENUMS_H_
enum nsPermission {
nsPermission_Unknown,
nsPermission_AllowedSession,
nsPermission_DeniedSession,
nsPermission_AllowedForever,
nsPermission_DeniedForever
};
/**
* number of possible permissions (allowed, forbidden, or blank)
*
* The code in nsPrivilegeInitialize assumes that nsPermissionState
* are ordered sequentially from 0 to N.
*
*/
typedef enum nsPermissionState {
nsPermissionState_Forbidden = 0,
nsPermissionState_Allowed,
nsPermissionState_Blank,
nsPermissionState_NumberOfPermissions
} nsPermissionState;
/**
* number of possible durations (scope, session, or forever)
*
* The code in nsPrivilegeInitialize assumes that nsDurationState
* are ordered sequentially from 0 to N.
*
*/
typedef enum nsDurationState {
nsDurationState_Scope=0,
nsDurationState_Session,
nsDurationState_Forever,
nsDurationState_NumberOfDurations
} nsDurationState;
typedef enum nsSetComparisonType {
nsSetComparisonType_ProperSubset=-1,
nsSetComparisonType_Equal=0,
nsSetComparisonType_NoSubset=1
} nsSetComparisonType;
/* The following should match what is in nsJVM plugin's java security code */
typedef enum nsPrincipalType {
nsPrincipalType_Unknown=-1,
nsPrincipalType_CodebaseExact=10,
nsPrincipalType_CodebaseRegexp,
nsPrincipalType_Cert,
nsPrincipalType_CertFingerPrint,
nsPrincipalType_CertKey,
/* CertChain principal is being added for Javasoft's JVM. They will pass the
* whole chain to the nsPrincipal constructor.
*/
nsPrincipalType_CertChain
} nsPrincipalType;
#endif /* _NS_CAPS_PUBLIC_ENUMS_H_ */

26
caps/public/nsICapsManager.h
Просмотреть файл

@ -23,10 +23,11 @@
#include "nsIFactory.h"
#include "nsIPrincipal.h"
#include "nsCapsPublicEnums.h"
class nsITarget;
#include "nsTarget.h"
//class nsITarget;
class nsICapsSecurityCallbacks;
#define NS_ALL_PRIVILEGES ((nsITarget*)NULL)
@ -80,9 +81,10 @@ public:
* @param codebaseURL - the codebase URL
* @param prin - the return value is passed in this parameter.
*/
/*
NS_IMETHOD
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin) = 0;
*/
/**
* Returns the permission for given principal and target
@ -92,7 +94,7 @@ public:
* @param state - the return value is passed in this parameter.
*/
NS_IMETHOD
GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state) = 0;
GetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *state) = 0;
/**
* Set the permission state for given principal and target. This wouldn't
@ -104,7 +106,7 @@ public:
* and target parameters.
*/
NS_IMETHOD
SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state) = 0;
SetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission state) = 0;
/**
* Prompts the user if they want to grant permission for the given principal and
@ -116,7 +118,7 @@ public:
* target
*/
NS_IMETHOD
AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result) = 0;
AskPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *result) = 0;
/*
@ -147,8 +149,8 @@ public:
* @param prin - is either certificate principal or codebase principal
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
// NS_IMETHOD
// RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
/**
* Prompts the user if they want to grant permission for the principal located
@ -221,22 +223,22 @@ public:
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
/*
NS_IMETHOD
NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result) = 0;
NS_IMETHOD
IsCodebaseExact(nsIPrincipal* principal, PRBool *result) = 0;
*/
NS_IMETHOD
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result) = 0;
/*
NS_IMETHOD
ToString(nsIPrincipal* principal, char* *result) = 0;
NS_IMETHOD
GetVendor(nsIPrincipal* principal, char* *result) = 0;
*/
NS_IMETHOD
NewPrincipalArray(PRUint32 count, void* *result) = 0;

26
caps/src/Makefile.in
Просмотреть файл

@ -27,23 +27,21 @@ MODULE = caps
LIBRARY_NAME = caps
CPPSRCS = \
nsUserDialogHelper.cpp \
nsZig.cpp \
nsPrincipal.cpp \
CPPSRCS = \
admin.cpp \
nsCaps.cpp \
nsCCapsManager.cpp \
nsCCapsManagerFactory.cpp \
nsCertificatePrincipal.cpp \
nsCodebasePrincipal.cpp \
nsPrivilege.cpp \
nsPrivilegeManager.cpp \
nsPrivilegeTable.cpp \
nsSystemPrivilegeTable.cpp \
nsTarget.cpp \
nsUserDialogHelper.cpp \
nsUserTarget.cpp \
admin.cpp \
nsCaps.cpp \
nsCCapsManager.cpp \
nsCertificatePrincipal.cpp \
nsCodebasePrincipal.cpp \
nsCCapsManagerFactory.cpp \
nsCCodeSourcePrincipal.cpp \
nsZig.cpp \
$(NULL)
REQUIRES = nspr xpcom security layer js jar pref img util rdf caps
@ -52,10 +50,10 @@ ifndef MOZ_NATIVE_ZLIB
REQUIRES += zlib
endif
CSRCS = \
nsZip.c \
nsLoadZig.c \
CSRCS = \
jpermission.c \
nsLoadZig.c \
nsZip.c \
$(NULL)
include $(topsrcdir)/config/rules.mk

22
caps/src/admin.cpp
Просмотреть файл

@ -21,15 +21,12 @@
#include "prmem.h"
#include "prmon.h"
#include "prlog.h"
#include "admin.h"
#include "nsPrivilegeManager.h"
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
/*
* A D M I N U I A P I
*
@ -40,8 +37,8 @@ extern "C" {
PR_PUBLIC_API(const char *)
java_netscape_security_getPrincipals(const char *charSetName)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
const char *prins = nsPrivManager->getAllPrincipalsString();
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
const char *prins = nsPrivManager->GetAllPrincipalsString();
PRBool test_admin_api = PR_FALSE;
if (test_admin_api) {
char *a1;
@ -57,25 +54,24 @@ java_netscape_security_getPrincipals(const char *charSetName)
PR_PUBLIC_API(PRBool)
java_netscape_security_removePrincipal(const char *charSetName, char *prinName)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
return nsPrivManager->removePrincipal(prinName);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return nsPrivManager->RemovePrincipal(prinName);
}
PR_PUBLIC_API(void)
java_netscape_security_getPrivilegeDescs(const char *charSetName, char *prinName,
char** forever, char** session,
char **denied)
char** forever, char** session, char **denied)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
nsPrivManager->getTargetsWithPrivileges(prinName, forever, session, denied);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
nsPrivManager->GetTargetsWithPrivileges(prinName, forever, session, denied);
}
PR_PUBLIC_API(PRBool)
java_netscape_security_removePrivilege(const char *charSetName, char *prinName,
char *targetName)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
return nsPrivManager->removePrincipalsPrivilege(prinName, targetName);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return nsPrivManager->RemovePrincipalsPrivilege(prinName, targetName);
}

22
caps/src/makefile.win
Просмотреть файл

@ -49,29 +49,27 @@ DLL=.\$(OBJDIR)\$(DLLNAME).dll
#//------------------------------------------------------------------------
C_OBJS= \
.\$(OBJDIR)\nsZip.obj \
.\$(OBJDIR)\nsLoadZig.obj \
.\$(OBJDIR)\jpermission.obj \
.\$(OBJDIR)\nsLoadZig.obj \
.\$(OBJDIR)\nsZip.obj \
$(NULL)
CPP_OBJS= \
CPP_OBJS= \
.\$(OBJDIR)\admin.obj \
.\$(OBJDIR)\nsCaps.obj \
.\$(OBJDIR)\nsCCapsManager.obj \
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
.\$(OBJDIR)\nsCertificatePrincipal.obj \
.\$(OBJDIR)\nsCodebasePrincipal.obj \
.\$(OBJDIR)\nsUserDialogHelper.obj \
.\$(OBJDIR)\nsZig.obj \
.\$(OBJDIR)\nsPrincipal.obj \
.\$(OBJDIR)\nsPrivilege.obj \
.\$(OBJDIR)\nsPrivilegeManager.obj \
.\$(OBJDIR)\nsPrivilegeTable.obj \
.\$(OBJDIR)\nsSystemPrivilegeTable.obj \
.\$(OBJDIR)\nsTarget.obj \
.\$(OBJDIR)\nsUserTarget.obj \
.\$(OBJDIR)\admin.obj \
.\$(OBJDIR)\nsCaps.obj \
.\$(OBJDIR)\nsCCapsManager.obj \
.\$(OBJDIR)\nsCertificatePrincipal.obj \
.\$(OBJDIR)\nsCodebasePrincipal.obj \
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
.\$(OBJDIR)\nsCCodeSourcePrincipal.obj \
.\$(OBJDIR)\nsZig.obj \
$(NULL)

585
caps/src/nsCCapsManager.cpp
Просмотреть файл

@ -18,16 +18,12 @@
#include "nsIComponentManager.h"
#include "nsCapsEnums.h"
#include "nsCCapsManager.h"
#include "nsICodebasePrincipal.h"
#include "nsICertificatePrincipal.h"
#include "nsCodebasePrincipal.h"
#include "nsCertificatePrincipal.h"
#include "nsCCodeSourcePrincipal.h"
#include "nsCaps.h"
#include "nsICapsSecurityCallbacks.h"
#include "nsLoadZig.h"
#include "secnav.h"
#ifdef MOZ_SECURITY
#include "navhook.h"
#include "jarutil.h"
@ -39,11 +35,6 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
#define ALL_JAVA_PERMISSION "AllJavaPermission"
////////////////////////////////////////////////////////////////////////////
// from nsISupports and AggregatedQueryInterface:
// Thes macro expands to the aggregated query interface scheme.
NS_IMPL_AGGREGATED(nsCCapsManager);
NS_METHOD
@ -73,7 +64,7 @@ nsCCapsManager::CreateCodebasePrincipal(const char *codebaseURL,
{
nsresult result = NS_OK;
nsCodebasePrincipal *pNSCCodebasePrincipal =
new nsCodebasePrincipal(codebaseURL, &result);
new nsCodebasePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact, codebaseURL);
if (pNSCCodebasePrincipal == NULL)
{
return NS_ERROR_OUT_OF_MEMORY;
@ -91,7 +82,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
{
nsresult result = NS_OK;
nsCertificatePrincipal *pNSCCertPrincipal =
new nsCertificatePrincipal(certChain, certChainLengths, noOfCerts, &result);
new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,
certChain, certChainLengths, noOfCerts, &result);
if (pNSCCertPrincipal == NULL)
{
return NS_ERROR_OUT_OF_MEMORY;
@ -100,7 +92,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
*prin = (nsIPrincipal *)pNSCCertPrincipal;
return NS_OK;
}
//code source prins are deprecated, use codebase of certificate prins instead
/*
NS_METHOD
nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
PRUint32 *certChainLengths,
@ -120,7 +113,7 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
*prin = (nsIPrincipal *)pNSCCodeSourcePrincipal;
return NS_OK;
}
*/
/**
@ -131,32 +124,17 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
* @param state - the return value is passed in this parameter.
*/
NS_METHOD
nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
nsITarget* ignoreTarget,
nsPermission *state)
nsCCapsManager::GetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
{
*state = nsPermission_Unknown;
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
nsresult result = NS_OK;
if( target == NULL )
{
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipal *pNSPrincipal = NULL;
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK)
{
return result;
}
nsPrivilege* privilege =
m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal,
NULL);
*state = ConvertPrivilegeToPermission(privilege);
}
return NS_OK;
*state = nsPermission_Unknown;
nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
nsresult result = NS_OK;
if( target == NULL ) return NS_OK;
if (privilegeManager != NULL) {
nsPrivilege* privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
* state = this->ConvertPrivilegeToPermission(privilege);
}
return NS_OK;
}
/**
@ -169,28 +147,15 @@ nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
* and target parameters.
*/
NS_METHOD
nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal,
nsITarget* ignoreTarget,
nsPermission state)
{
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
nsresult result = NS_OK;
if( target == NULL )
{
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipal *pNSPrincipal = NULL;
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK)
{
return result;
}
nsPrivilege* privilege = ConvertPermissionToPrivilege(state);
m_pNSPrivilegeManager->SetPermission(pNSPrincipal, target, privilege);
}
return NS_OK;
nsCCapsManager::SetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission state)
{
nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
if(target == NULL ) return NS_OK;
if (privilegeManager != NULL) {
nsPrivilege* privilege = this->ConvertPermissionToPrivilege(state);
privilegeManager->SetPermission(prin, target, privilege);
}
return NS_OK;
}
/**
@ -203,32 +168,19 @@ nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal,
* target
*/
NS_METHOD
nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal,
nsITarget* ignoreTarget,
nsPermission *state)
nsCCapsManager::AskPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
{
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
nsresult result = NS_OK;
if( target == NULL )
{
*state = nsPermission_Unknown;
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipal *pNSPrincipal = NULL;
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK)
{
return result;
}
m_pNSPrivilegeManager->AskPermission(pNSPrincipal,target, NULL);
nsPrivilege* privilege =
m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal,
NULL);
*state = ConvertPrivilegeToPermission(privilege);
}
return NS_OK;
nsTarget *target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
if( target == NULL ) {
*state = nsPermission_Unknown;
return NS_OK;
}
if (privilegeManager != NULL) {
privilegeManager->AskPermission(prin, target, NULL);
nsPrivilege * privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
*state = ConvertPrivilegeToPermission(privilege);
}
return NS_OK;
}
/**
@ -238,23 +190,22 @@ nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal,
* @param result - is true if principal was successfully registered with the system
*/
NS_METHOD
nsCCapsManager::Initialize(PRBool *result)
nsCCapsManager::Initialize(PRBool * result)
{
*result = nsCapsInitialize();
return NS_OK;
*result = nsCapsInitialize();
return NS_OK;
}
/**
* Initializes the capabilities frame walking code.
*
* @param aInterface - interface for calling frame walking code.
*/
* Initializes the capabilities frame walking code.
*
* @param aInterface - interface for calling frame walking code.
*/
NS_METHOD
nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
{
//XXX write me
return NS_OK;
//XXX write me
return NS_OK;
}
/**
@ -264,20 +215,10 @@ nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
* @param result - is true if principal was successfully registered with the system
*/
NS_METHOD
nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
nsCCapsManager::RegisterPrincipal(nsIPrincipal * prin)
{
nsresult result = NS_OK;
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipal *pNSPrincipal = NULL;
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK)
{
return result;
}
m_pNSPrivilegeManager->registerPrincipal(pNSPrincipal);
}
return NS_OK;
if (privilegeManager != NULL) privilegeManager->RegisterPrincipal(prin);
return NS_OK;
}
/**
@ -294,17 +235,15 @@ nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
NS_METHOD
nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsTarget *target = nsTarget::findTarget((char*)targetName);
nsTarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
*ret_val = PR_FALSE;
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
*ret_val = m_pNSPrivilegeManager->enablePrivilege(context, target, callerDepth);
}
if (privilegeManager != NULL)
*ret_val = privilegeManager->EnablePrivilege(context, target, callerDepth);
return NS_OK;
}
@ -322,16 +261,16 @@ nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 c
NS_METHOD
nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsTarget *target = nsTarget::findTarget((char*)targetName);
nsTarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
*ret_val = PR_FALSE;
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
if (privilegeManager != NULL)
{
*ret_val = m_pNSPrivilegeManager->isPrivilegeEnabled(context, target, callerDepth);
*ret_val = privilegeManager->IsPrivilegeEnabled(context, target, callerDepth);
}
return NS_OK;
}
@ -350,18 +289,15 @@ nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt3
NS_METHOD
nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsTarget *target = nsTarget::findTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
*ret_val = PR_FALSE;
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
*ret_val = m_pNSPrivilegeManager->revertPrivilege(context, target, callerDepth);
}
return NS_OK;
nsTarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL ) {
* ret_val = PR_FALSE;
return NS_OK;
}
if (privilegeManager != NULL)
* ret_val = privilegeManager->RevertPrivilege(context, target, callerDepth);
return NS_OK;
}
/**
@ -378,18 +314,15 @@ nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 c
NS_METHOD
nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsTarget *target = nsTarget::findTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
*ret_val = PR_FALSE;
return NS_OK;
}
if (m_pNSPrivilegeManager != NULL)
{
*ret_val = m_pNSPrivilegeManager->disablePrivilege(context, target, callerDepth);
}
return NS_OK;
nsTarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL ) {
* ret_val = PR_FALSE;
return NS_OK;
}
if (privilegeManager != NULL)
* ret_val = privilegeManager->DisablePrivilege(context, target, callerDepth);
return NS_OK;
}
@ -399,83 +332,68 @@ nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32
NS_METHOD
nsCCapsManager::ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *ret_val)
{
nsresult result = NS_OK;
*ret_val = nsSetComparisonType_NoSubset;
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipalArray *newPrin1Array=NULL;
nsPrincipalArray *newPrin2Array=NULL;
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
if (result != NS_OK) {
return result;
}
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
if (result != NS_OK) {
return result;
}
*ret_val = m_pNSPrivilegeManager->comparePrincipalArray(newPrin1Array, newPrin2Array);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
nsresult result = NS_OK;
*ret_val = nsSetComparisonType_NoSubset;
if (privilegeManager != NULL) {
nsPrincipalArray * newPrin1Array=NULL;
nsPrincipalArray * newPrin2Array=NULL;
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
if (result != NS_OK) return result;
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
if (result != NS_OK) return result;
*ret_val = privilegeManager->ComparePrincipalArray(newPrin1Array, newPrin2Array);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
}
NS_METHOD
nsCCapsManager::IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *ret_val)
nsCCapsManager::IntersectPrincipalArray(void * prin1Array, void * prin2Array, void * * ret_val)
{
nsresult result = NS_OK;
*ret_val = NULL;
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipalArray *newPrin1Array=NULL;
nsPrincipalArray *newPrin2Array=NULL;
nsPrincipalArray *intersectPrinArray=NULL;
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
if (result != NS_OK) {
return result;
}
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
if (result != NS_OK) {
return result;
}
intersectPrinArray = m_pNSPrivilegeManager->intersectPrincipalArray(newPrin1Array,
newPrin2Array);
CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
nsresult result = NS_OK;
*ret_val = NULL;
if (privilegeManager != NULL) {
nsPrincipalArray *newPrin1Array=NULL;
nsPrincipalArray *newPrin2Array=NULL;
nsPrincipalArray *intersectPrinArray=NULL;
result = this->GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
if (result != NS_OK) return result;
result = this->GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
if (result != NS_OK) return result;
intersectPrinArray = privilegeManager->IntersectPrincipalArray(newPrin1Array, newPrin2Array);
this->CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
}
NS_METHOD
nsCCapsManager::CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *ret_val)
nsCCapsManager::CanExtendTrust(void * fromPrinArray, void * toPrinArray, PRBool * ret_val)
{
nsresult result = NS_OK;
*ret_val = nsSetComparisonType_NoSubset;
if (m_pNSPrivilegeManager != NULL)
{
nsPrincipalArray *newPrin1Array=NULL;
nsPrincipalArray *newPrin2Array=NULL;
result = GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
if (result != NS_OK) {
return result;
}
result = GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
if (result != NS_OK) {
return result;
}
*ret_val = m_pNSPrivilegeManager->canExtendTrust(newPrin1Array, newPrin2Array);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
nsresult result = NS_OK;
*ret_val = nsSetComparisonType_NoSubset;
if (privilegeManager != NULL) {
nsPrincipalArray *newPrin1Array=NULL;
nsPrincipalArray *newPrin2Array=NULL;
result = this->GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
if (result != NS_OK) return result;
result = this->GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
if (result != NS_OK) return result;
*ret_val = privilegeManager->CanExtendTrust(newPrin1Array, newPrin2Array);
nsCapsFreePrincipalArray(newPrin1Array);
nsCapsFreePrincipalArray(newPrin2Array);
}
return NS_OK;
}
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
/**************
//Principals must be created by type, the nsPrincipal data member is deprecated
NS_METHOD
nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
nsCCapsManager::NewPrincipal(PRInt16 *principalType, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
{
nsIPrincipal* pNSIPrincipal;
nsPrincipal *pNSPrincipal = new nsPrincipal(type, key, key_len, zig);
@ -487,9 +405,14 @@ nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len,
*ret_val = pNSIPrincipal;
return NS_OK;
}
*********************/
//XXX: todo: This method is covered by to nsIPrincipal object, should not be part of caps
//XXX: nsPrincipal struct if deprecated, access as nsIPrincipal
//do not use IsCodebaseExact, Tostring, or any other of the principal specific objects from here
/*
NS_METHOD
nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
nsCCapsManager::IsCodebaseExact(nsIPrincipal * pNSIPrincipal, PRBool *ret_val)
{
nsresult result = NS_OK;
nsPrincipal *pNSPrincipal = NULL;
@ -499,25 +422,25 @@ nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
return result;
}
*ret_val = pNSPrincipal->isCodebaseExact();
return NS_OK;
}
*/
/*
NS_METHOD
nsCCapsManager::ToString(nsIPrincipal* pNSIPrincipal, char* *ret_val)
nsCCapsManager::ToString(nsIPrincipal* prin, char* *ret_val)
{
nsresult result = NS_OK;
nsPrincipal *pNSPrincipal = NULL;
nsIPrincipal *temp = NULL;
*ret_val = NULL;
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK) {
return result;
}
*ret_val = pNSPrincipal->toString();
result = GetNSPrincipal(prin, &temp);
if( result != NS_OK) return result;
*ret_val = temp->ToString();
return NS_OK;
}
*/
/*
NS_METHOD
nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
{
@ -529,9 +452,9 @@ nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
return result;
}
*ret_val = pNSPrincipal->getVendor();
return NS_OK;
}
*/
NS_METHOD
nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
@ -547,86 +470,51 @@ nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
NS_METHOD
nsCCapsManager::CreateMixedPrincipalArray(void *aZig, char* name, const char* codebase, void** result)
{
*result = NULL;
PRBool hasCodebase;
int i;
PRUint32 count;
nsIPrincipal *principal;
hasCodebase = (PRBool)codebase;
/* First count the number of principals */
count = codebase ? 1 : 0;
//Should possibly be #ifdef MOZ_SECURITY but I don't want to break the sec build
/*
*result = NULL;
PRBool hasCodebase;
int i;
PRUint32 count;
nsIPrincipal *principal;
hasCodebase = (PRBool)codebase;
count = codebase ? 1 : 0;
#if 0
SOBITEM *item;
ZIG_Context * zig_aCx = NULL;
ZIG *zig = (ZIG*)aZig;
if (zig && name) {
/* Make sure file is signed */
if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
int zig_count=0;
/* count the number of signers */
while (SOB_find_next(zig_aCx, &item) >= 0) {
zig_count++;
}
SOB_find_end(zig_aCx);
count += zig_count;
}
else {
zig = NULL;
}
}
SOBITEM *item;
ZIG_Context * zig_aCx = NULL;
ZIG *zig = (ZIG*)aZig;
if (zig && name) {
if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
int zig_count=0;
while (SOB_find_next(zig_aCx, &item) >= 0) zig_count++;
SOB_find_end(zig_aCx);
count += zig_count;
} else zig = NULL;
}
#endif
if (count == 0) {
return NS_OK;
}
NewPrincipalArray(count, result);
if (*result == NULL) {
return NS_ERROR_FAILURE;
}
if (count == 0) return NS_OK;
NewPrincipalArray(count, result);
if (*result == NULL) return NS_ERROR_FAILURE;
#if 0
if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) {
return NS_ERROR_FAILURE;
}
i = 0;
while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
FINGERZIG *fingPrint;
fingPrint = (FINGERZIG *) item->data;
/* create a new nsIPrincipal(CERT_KEY, fingPrint->key) */
NewPrincipal(nsPrincipalType_CertKey,
fingPrint->key,
fingPrint->length,
zig,
&principal);
RegisterPrincipal(principal, NULL);
SetPrincipalArrayElement(*result, i++, principal);
}
if (zig) {
SOB_find_end(zig_aCx);
}
if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) return NS_ERROR_FAILURE;
i = 0;
while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
FINGERZIG *fingPrint;
fingPrint = (FINGERZIG *) item->data;
this->NewPrincipal(nsPrincipal::PrincipalType_CertificateKey, fingPrint->key,
fingPrint->length, zig, &principal);
RegisterPrincipal(principal, NULL);
SetPrincipalArrayElement(*result, i++, principal);
}
if (zig) SOB_find_end(zig_aCx);
#endif
if (codebase) {
// Add a codebase principal.
NewPrincipal(nsPrincipalType_CodebaseExact,
(void*)codebase,
PL_strlen(codebase),
NULL,
&principal);
RegisterPrincipal(principal, NULL);
SetPrincipalArrayElement(*result, i++, principal);
}
return NS_OK;
if (codebase) {
this->NewPrincipal(nsIPrincipal::PrincipalType_CodebaseExact, (void*)codebase,
PL_strlen(codebase), NULL, &principal);
RegisterPrincipal(principal, NULL);
SetPrincipalArrayElement(*result, i++, principal);
}
*/
return NS_OK;
}
NS_METHOD
@ -639,14 +527,19 @@ nsCCapsManager::FreePrincipalArray(void *prinArray)
NS_METHOD
nsCCapsManager::GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *ret_val)
{
//method is deprecated, Principals must be accessed and indexed as nsIPrincipals, not by data member
/*
nsIPrincipal* pNSIPrincipal;
nsPrincipal *pNSPrincipal = (nsPrincipal *)nsCapsGetPrincipalArrayElement(prinArrayArg, index);
if (pNSPrincipal->isCodebase()) {
pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal);
} else {
(pNSPrincipal->isCodebase()) ?
pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal)
:
pNSIPrincipal = (nsIPrincipal*)new nsCertificatePrincipal(pNSPrincipal);
}
*ret_val = pNSIPrincipal;
*/
*ret_val = NULL;
return NS_OK;
}
@ -665,49 +558,37 @@ nsCCapsManager::GetPrincipalArraySize(void *prinArrayArg, PRUint32 *ret_val)
}
/* The following interfaces will replace all of the following old calls.
*
* nsCapsGetPermission(struct nsPrivilege *privilege)
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
*
*/
NS_METHOD
nsCCapsManager::IsAllowed(void *annotation, char* targetName, PRBool *ret_val)
{
nsTarget *target = nsTarget::findTarget(targetName);
nsresult result = NS_OK;
if( target == NULL )
{
*ret_val = PR_FALSE;
return NS_OK;
}
struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((struct nsPrivilegeTable *)annotation,
target);
if (pNSPrivilege == NULL) {
*ret_val = PR_FALSE;
return NS_OK;
}
nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
*ret_val = (perm == nsPermissionState_Allowed);
return NS_OK;
nsTarget *target = nsTarget::FindTarget(targetName);
nsresult result = NS_OK;
if( target == NULL ) {
*ret_val = PR_FALSE;
return NS_OK;
}
struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((nsPrivilegeTable * )annotation, target);
if (pNSPrivilege == NULL) {
*ret_val = PR_FALSE;
return NS_OK;
}
nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
*ret_val = (perm == nsPermissionState_Allowed);
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsCCapsManager:
nsCCapsManager::nsCCapsManager(nsISupports *aOuter):m_pNSPrivilegeManager(NULL)
nsCCapsManager::nsCCapsManager(nsISupports *aOuter):privilegeManager(NULL)
{
NS_INIT_AGGREGATED(aOuter);
PRBool result;
if (Initialize(&result) == NS_OK)
{
m_pNSPrivilegeManager = new nsPrivilegeManager();
}
else
{
m_pNSPrivilegeManager = NULL;
}
NS_INIT_AGGREGATED(aOuter);
PRBool result;
privilegeManager = (Initialize(&result) == NS_OK) ? new nsPrivilegeManager(): NULL;
}
nsCCapsManager::~nsCCapsManager()
@ -718,6 +599,8 @@ void
nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray,
nsPrincipalArray* *pPrincipalArray)
{
//prin arrays will either be removed, or updated to use the nsIPrincipal Object
/*
nsIPrincipal* pNSIPrincipal;
nsPrincipal *pNSPrincipal = NULL;
@ -736,39 +619,39 @@ nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray,
newPrinArray->Set(index, pNSIPrincipal);
}
*pPrincipalArray = newPrinArray;
*/
}
NS_METHOD
nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray,
nsPrincipalArray* *pPrincipalArray)
{
/*
nsIPrincipal* pNSIPrincipal;
nsPrincipal *pNSPrincipal = NULL;
nsIPrincipal *pNSPrincipal = NULL;
nsresult result = NS_OK;
PRUint32 count = prinArray->GetSize();
nsPrincipalArray *newPrinArray = new nsPrincipalArray();
newPrinArray->SetSize(count, 1);
*pPrincipalArray = NULL;
for (PRUint32 index = 0; index < count; index++) {
pNSIPrincipal = (nsIPrincipal*)prinArray->Get(index);
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
// result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
if( result != NS_OK)
{
nsCapsFreePrincipalArray(newPrinArray);
return result;
}
newPrinArray->Set(index, pNSPrincipal);
// newPrinArray->Set(index, pNSPrincipal);
}
*pPrincipalArray = newPrinArray;
return result;
*/
return NS_OK;
}
/*
NS_METHOD
nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
nsPrincipal **ppNSPrincipal)
nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPrincipal)
{
nsISupports *pNSISupports = NULL;
nsPrincipal *pNSPrincipal = NULL;
@ -781,7 +664,7 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
// NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
if (pNSIPrincipal->QueryInterface(kICodeSourcePrincipalIID,
(void**)&pNSISupports) == NS_OK)
@ -792,19 +675,21 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
PRBool bIsTrusted = PR_FALSE;
if(pNSICertPrincipal != NULL )
{
pNSICertPrincipal->IsTrusted(NULL, &bIsTrusted);
pNSICertPrincipal->IsSecure(&bIsTrusted);
}
if (bIsTrusted)
{
nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSICertPrincipal;
pNSPrincipal = pNSCCertPrincipal->GetPeer();
// peer object is deprecated, no longer use nsPrincipal object
// pNSPrincipal = pNSCCertPrincipal->GetPeer();
pNSCCertPrincipal->Release();
}
else
if(pNSICodebasePrincipal != NULL )
{
nsCodebasePrincipal *pNSCCodebasePrincipal = (nsCodebasePrincipal *)pNSICodebasePrincipal;
pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
// peer object is deprecated, no longer use nsPrincipal object
// pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
pNSCCodebasePrincipal->Release();
}
else
@ -817,7 +702,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
(void**)&pNSISupports) == NS_OK)
{
nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSIPrincipal;
pNSPrincipal = pNSCCertPrincipal->GetPeer();
// peer object is deprecated, no longer use nsPrincipal object
// pNSPrincipal = pNSCCertPrincipal->GetPeer();
pNSCCertPrincipal->Release();
}
else
@ -826,7 +712,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
{
nsCodebasePrincipal *pNSCCodebasePrincipal =
(nsCodebasePrincipal *)pNSIPrincipal;
pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
// peer object is deprecated, no longer use nsPrincipal object
// pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
pNSCCodebasePrincipal->Release();
}
else
@ -834,12 +721,12 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
return NS_ERROR_NO_INTERFACE;
}
*ppNSPrincipal = pNSPrincipal;
return NS_OK;
return NS_OK;
}
*/
nsPermission
nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege)
nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege * pNSPrivilege)
{
if(pNSPrivilege->isAllowedForever())
return nsPermission_AllowedForever;
@ -887,13 +774,9 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state)
void
nsCCapsManager::SetSystemPrivilegeManager()
{
nsPrivilegeManager *pNSPrivilegeManager =
nsPrivilegeManager::getPrivilegeManager();
if ( (m_pNSPrivilegeManager != NULL )
&& (m_pNSPrivilegeManager != pNSPrivilegeManager)
)
{
delete m_pNSPrivilegeManager;
m_pNSPrivilegeManager = pNSPrivilegeManager;
}
nsPrivilegeManager *pNSPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
if ((privilegeManager != NULL ) && (privilegeManager != pNSPrivilegeManager)) {
delete privilegeManager;
privilegeManager = pNSPrivilegeManager;
}
}

0
caps/src/nsCCodeSourcePrincipal.cpp
Просмотреть файл

191
caps/src/nsCaps.cpp
Просмотреть файл

@ -21,12 +21,11 @@
#include "prmem.h"
#include "prmon.h"
#include "prlog.h"
#include "nsCaps.h"
#include "nsPrivilegeManager.h"
#include "nsCertificatePrincipal.h"
#include "nsPrivilege.h"
#include "nsPrivilegeTable.h"
#include "nsPrincipal.h"
#include "nsTarget.h"
#include "nsCCapsManager.h"
#include "nsCCapsManagerFactory.h"
@ -56,29 +55,29 @@ static PRBool bNSCapsInitialized_g = PR_FALSE;
PR_IMPLEMENT(PRBool)
nsCapsInitialize()
{
if(bNSCapsInitialized_g == PR_TRUE)
{
return PR_TRUE;
}
bNSCapsInitialized_g = PR_TRUE;
if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE;
bNSCapsInitialized_g = PR_TRUE;
nsIPrincipal * sysPrin;
/*
#if defined(_WIN32)
nsPrincipal *sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
// sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
#else
nsPrincipal *sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
// sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
#endif
if (sysPrin == NULL) {
sysPrin = new nsPrincipal(nsPrincipalType_Cert, "52:54:45:4e:4e:45:54:49",
strlen("52:54:45:4e:4e:45:54:49"));
*/
if (sysPrin == NULL) {
nsresult res;
sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49",
(unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res);
}
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
if (nsPrivManager == NULL) {
nsPrivilegeManagerInitialize();
nsPrivilegeInitialize();
nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
}
PR_ASSERT(nsPrivManager != NULL);
nsPrivManager->registerSystemPrincipal(sysPrin);
nsPrivManager->RegisterSystemPrincipal(sysPrin);
// New a class factory object and the constructor will register itself
// as the factory object in the repository. All other modules should
// FindFactory and use createInstance to create a instance of nsCCapsManager
@ -96,169 +95,155 @@ nsCapsInitialize()
/* wrappers for nsPrivilegeManager object */
PR_IMPLEMENT(PRBool)
nsCapsRegisterPrincipal(struct nsPrincipal *principal)
nsCapsRegisterPrincipal(class nsIPrincipal *principal)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
nsPrivManager->registerPrincipal(principal);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
if(nsPrivManager == NULL) return PR_FALSE;
nsPrivManager->RegisterPrincipal(principal);
return PR_TRUE;
}
PR_IMPLEMENT(PRBool)
nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
return nsPrivManager->enablePrivilege(context, target, callerDepth);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->EnablePrivilege(context, target, callerDepth);
}
PR_IMPLEMENT(PRBool)
nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth)
nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
return nsPrivManager->isPrivilegeEnabled(context, target, callerDepth);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->IsPrivilegeEnabled(context, target, callerDepth);
}
PR_IMPLEMENT(PRBool)
nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
return nsPrivManager->revertPrivilege(context, target, callerDepth);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL ) ? PR_FALSE : nsPrivManager->RevertPrivilege(context, target, callerDepth);
}
PR_IMPLEMENT(PRBool)
nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
return nsPrivManager->disablePrivilege(context, target, callerDepth);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->DisablePrivilege(context, target, callerDepth);
}
PR_IMPLEMENT(void*)
nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return NULL;
return (void *)nsPrivManager->getClassPrincipalsFromStack(context, callerDepth);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? NULL
: (void *)nsPrivManager->GetClassPrincipalsFromStack(context, callerDepth);
}
PR_IMPLEMENT(nsSetComparisonType)
nsCapsComparePrincipalArray(void* prin1Array, void* prin2Array)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return nsSetComparisonType_NoSubset;
return nsPrivManager->comparePrincipalArray((nsPrincipalArray*)prin1Array,
(nsPrincipalArray*)prin2Array);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? nsSetComparisonType_NoSubset
: nsPrivManager->ComparePrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
}
PR_IMPLEMENT(void*)
nsCapsIntersectPrincipalArray(void* prin1Array, void* prin2Array)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return NULL;
return nsPrivManager->intersectPrincipalArray((nsPrincipalArray*)prin1Array,
(nsPrincipalArray*)prin2Array);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? NULL
: nsPrivManager->IntersectPrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
}
PR_IMPLEMENT(PRBool)
nsCapsCanExtendTrust(void* from, void* to)
{
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
if( nsPrivManager == NULL )
return PR_FALSE;
return nsPrivManager->canExtendTrust((nsPrincipalArray*)from,
(nsPrincipalArray*)to);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
return (nsPrivManager == NULL) ? PR_FALSE
: nsPrivManager->CanExtendTrust((nsPrincipalArray *)from, (nsPrincipalArray *)to);
}
/* wrappers for nsPrincipal object */
PR_IMPLEMENT(struct nsPrincipal *)
nsCapsNewPrincipal(nsPrincipalType type, void * key,
PRUint32 key_len, void *zig)
/*
PR_IMPLEMENT(class nsIPrincipal *)
nsCapsNewPrincipal(PRInt16 prinType, void * key, PRUint32 key_len, void *zig)
{
return new nsPrincipal(type, key, key_len, zig);
// XXX ARIEL FIX:
// this is absolutely wrong, must be fixed ASAP
// return new nsIPrincipal(prinType, key, key_len, zig);
return NULL;
}
*/
PR_IMPLEMENT(const char *)
nsCapsPrincipalToString(struct nsPrincipal *principal)
nsCapsPrincipalToString(class nsIPrincipal *principal)
{
return principal->toString();
char * prinStr;
principal->ToString(& prinStr);
return prinStr;
}
PR_IMPLEMENT(PRBool)
nsCapsIsCodebaseExact(struct nsPrincipal *principal)
nsCapsIsCodebaseExact(class nsIPrincipal *principal)
{
return principal->isCodebaseExact();
PRInt16 prinType;
principal->GetType(& prinType);
return (prinType == (PRInt16) nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
}
PR_IMPLEMENT(const char *)
nsCapsPrincipalGetVendor(struct nsPrincipal *principal)
nsCapsPrincipalGetVendor(class nsIPrincipal *principal)
{
return principal->getVendor();
//deprecated returning NULL
//return principal->getVendor();
return NULL;
}
PR_EXTERN(void *)
nsCapsNewPrincipalArray(PRUint32 count)
{
nsPrincipalArray *prinArray = new nsPrincipalArray();
prinArray->SetSize(count, 1);
return prinArray;
nsPrincipalArray *prinArray = new nsPrincipalArray();
prinArray->SetSize(count, 1);
return prinArray;
}
PR_EXTERN(void)
nsCapsFreePrincipalArray(void *prinArrayArg)
{
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray) {
prinArray->RemoveAll();
delete prinArray;
}
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray) {
prinArray->RemoveAll();
delete prinArray;
}
}
PR_EXTERN(void *)
nsCapsGetPrincipalArrayElement(void *prinArrayArg, PRUint32 index)
{
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray == NULL) {
return NULL;
}
return prinArray->Get(index);
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
return (prinArray == NULL) ? NULL : prinArray->Get(index);
}
PR_EXTERN(void)
nsCapsSetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, void *element)
{
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray == NULL) {
return;
}
prinArray->Set(index, element);
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray == NULL) return;
prinArray->Set(index, element);
}
PR_EXTERN(PRUint32)
nsCapsGetPrincipalArraySize(void *prinArrayArg)
{
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
if (prinArray == NULL) {
return 0;
}
return prinArray->GetSize();
return (prinArray == NULL) ? 0 : prinArray->GetSize();
}
/* wrappers for nsTarget object */
PR_IMPLEMENT(struct nsTarget *)
PR_IMPLEMENT(class nsTarget *)
nsCapsFindTarget(char *name)
{
return nsTarget::findTarget(name);
return nsTarget::FindTarget(name);
}
/* wrappers for nsPrivilege object */
@ -270,9 +255,9 @@ nsCapsGetPermission(struct nsPrivilege *privilege)
/* wrappers for nsPrivilegeTable object */
PR_IMPLEMENT(struct nsPrivilege *)
nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget *target)
{
return annotation->get(target);
return annotation->Get(target);
}
@ -284,7 +269,6 @@ setNewNSJSJavaFrameWrapperCallback(struct NSJSJavaFrameWrapper * (*fp)(void *))
nsCapsNewNSJSJavaFrameWrapperCallback = fp;
}
void (*nsCapsFreeNSJSJavaFrameWrapperCallback)(struct NSJSJavaFrameWrapper *);
PR_IMPLEMENT(void)
setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
@ -292,7 +276,6 @@ setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
nsCapsFreeNSJSJavaFrameWrapperCallback = fp;
}
void (*nsCapsGetStartFrameCallback)(struct NSJSJavaFrameWrapper *);
PR_IMPLEMENT(void)
setGetStartFrameCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
@ -307,7 +290,6 @@ setIsEndOfFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
nsCapsIsEndOfFrameCallback = fp;
}
PRBool (*nsCapsIsValidFrameCallback)(struct NSJSJavaFrameWrapper *);
PR_IMPLEMENT(void)
setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
@ -315,7 +297,6 @@ setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
nsCapsIsValidFrameCallback = fp;
}
void * (*nsCapsGetNextFrameCallback)(struct NSJSJavaFrameWrapper *, int *);
PR_IMPLEMENT(void)
setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
@ -323,28 +304,25 @@ setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
nsCapsGetNextFrameCallback = fp;
}
void * (*nsCapsGetPrincipalArrayCallback)(struct NSJSJavaFrameWrapper *);
PR_IMPLEMENT(void)
setOJIGetPrincipalArrayCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
{
nsCapsGetPrincipalArrayCallback = fp;
nsCapsGetPrincipalArrayCallback = fp;
}
void * (*nsCapsGetAnnotationCallback)(struct NSJSJavaFrameWrapper *);
PR_IMPLEMENT(void)
setOJIGetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
{
nsCapsGetAnnotationCallback = fp;
nsCapsGetAnnotationCallback = fp;
}
void * (*nsCapsSetAnnotationCallback)(struct NSJSJavaFrameWrapper *, void *);
PR_IMPLEMENT(void)
setOJISetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, void *))
{
nsCapsSetAnnotationCallback = fp;
nsCapsSetAnnotationCallback = fp;
}
/*
@ -359,7 +337,6 @@ nsCapsEnableRegistrationModeFlag(void)
registrationModeFlag = PR_TRUE;
}
/*
* This function disables the registration mode flag.
* Disabling this flag allows all valid urls types to

175
caps/src/nsCertificatePrincipal.cpp
Просмотреть файл

@ -17,143 +17,92 @@
*/
#include "nsCertificatePrincipal.h"
#include "nsPrincipal.h"
static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
// These macros produce simple version of QueryInterface and AddRef.
// See the nsISupports.h header file for DETAILS.
NS_IMPL_ISUPPORTS(nsCertificatePrincipal,kICertificatePrincipalIID);
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_IMPL_ISUPPORTS(nsCertificatePrincipal, kICertificatePrincipalIID);
NS_IMETHODIMP
nsCertificatePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
nsCertificatePrincipal::GetPublicKey(char ** publicKey, PRUint32 * publicKeyLength)
{
if(m_pNSPrincipal == NULL)
{
*pbIsTrusted = PR_FALSE;
return NS_ERROR_ILLEGAL_VALUE;
}
*pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal();
return NS_OK;
publicKey = & this->itsKey;
publicKeyLength = & this->itsKeyLength;
return (itsKey == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsICertificatePrincipal:
/**
* Returns the public key of the certificate.
*
* @param publicKey - the Public Key data will be returned in this field.
* @param publicKeySize - the length of public key data is returned in this
* parameter.
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetPublicKey(char **publicKey, PRUint32 *publicKeySize)
nsCertificatePrincipal::GetCompanyName(char * * companyName)
{
// XXX raman: fix it.
PR_ASSERT(PR_FALSE);
return NS_OK;
companyName = & this->itsCompanyName;
return (itsCompanyName == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
/**
* Returns the company name of the ceritificate (OU etc parameters of certificate)
*
* @param result - the certificate details about the signer.
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetCompanyName(char **ppCompanyName)
nsCertificatePrincipal::GetCertificateAuthority(char * * certificateAuthority)
{
if(m_pNSPrincipal == NULL)
{
*ppCompanyName = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCompanyName = m_pNSPrincipal->getCompanyName();
return NS_OK;
certificateAuthority = & this->itsCertificateAuthority;
return (itsCertificateAuthority == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
/**
* Returns the certificate issuer's data (OU etc parameters of certificate)
*
* @param result - the details about the issuer
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetCertificateAuthority(char **ppCertAuthority)
nsCertificatePrincipal::GetSerialNumber(char * * serialNumber)
{
if(m_pNSPrincipal == NULL)
{
*ppCertAuthority = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCertAuthority = m_pNSPrincipal->getSecAuth();
return NS_OK;
serialNumber = & this->itsSerialNumber;
return (itsSerialNumber == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
/**
* Returns the serial number of certificate
*
* @param result - Returns the serial number of certificate
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetSerialNumber(char **ppSerialNumber)
nsCertificatePrincipal::GetExpirationDate(char * * expirationDate)
{
if(m_pNSPrincipal == NULL)
{
*ppSerialNumber = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppSerialNumber = m_pNSPrincipal->getSerialNo();
return NS_OK;
expirationDate = & this->itsExpirationDate;
return (itsExpirationDate == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
/**
* Returns the expiration date of certificate
*
* @param result - Returns the expiration date of certificate
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetExpirationDate(char **ppExpDate)
nsCertificatePrincipal::GetFingerPrint(char * * fingerPrint)
{
if(m_pNSPrincipal == NULL)
{
*ppExpDate = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppExpDate = m_pNSPrincipal->getExpDate();
return NS_OK;
fingerPrint = & this->itsFingerPrint;
return (itsFingerPrint == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
}
/**
* Returns the finger print of certificate
*
* @param result - Returns the finger print of certificate
*/
NS_IMETHODIMP
nsCertificatePrincipal::GetFingerPrint(char **ppFingerPrint)
nsCertificatePrincipal::GetType(PRInt16 * type)
{
if(m_pNSPrincipal == NULL)
{
*ppFingerPrint = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppFingerPrint = m_pNSPrincipal->getFingerPrint();
return NS_OK;
type = & this->itsType;
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsCertificatePrincipal:
nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain,
PRUint32 *certChainLengths,
PRUint32 noOfCerts,
nsresult *result)
NS_IMETHODIMP
nsCertificatePrincipal::IsSecure(PRBool * result)
{
*result = (this->itsType == (PRInt16)nsIPrincipal::PrincipalType_Unknown) ? PR_FALSE : PR_TRUE;
return NS_OK;
}
NS_IMETHODIMP
nsCertificatePrincipal::ToString(char **result)
{
return NS_OK;
}
NS_IMETHODIMP
nsCertificatePrincipal::HashCode(PRUint32 * code)
{
code=0;
return NS_OK;
}
NS_IMETHODIMP
nsCertificatePrincipal::Equals(nsIPrincipal * other, PRBool * result)
{
return NS_OK;
}
nsCertificatePrincipal::nsCertificatePrincipal(PRInt16 * type, const unsigned char **certChain,
PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result)
{
this->itsType = * type;
/*
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain,
certChainLengths, noOfCerts);
if(m_pNSPrincipal == NULL)
@ -162,21 +111,9 @@ nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain,
return;
}
*result = NS_OK;
}
nsCertificatePrincipal::nsCertificatePrincipal(nsPrincipal *pNSPrincipal)
{
m_pNSPrincipal = pNSPrincipal;
*/
}
nsCertificatePrincipal::~nsCertificatePrincipal(void)
{
delete m_pNSPrincipal;
}
nsPrincipal*
nsCertificatePrincipal::GetPeer(void)
{
return m_pNSPrincipal;
}
}

107
caps/src/nsCodebasePrincipal.cpp
Просмотреть файл

@ -17,81 +17,78 @@
*/
#include "nsCodebasePrincipal.h"
#include "nsPrincipal.h"
#include "xp.h"
static NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
// These macros produce simple version of QueryInterface and AddRef.
// See the nsISupports.h header file for DETAILS.
NS_IMPL_ISUPPORTS(nsCodebasePrincipal, kICodebasePrincipalIID);
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_IMETHODIMP
nsCodebasePrincipal::GetURL(char **cburl)
{
cburl = (char **)&codeBaseURL;
return NS_OK;
}
NS_IMETHODIMP
nsCodebasePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
nsCodebasePrincipal::IsCodebaseExact(PRBool * result)
{
if(m_pNSPrincipal == NULL)
{
*pbIsTrusted = PR_FALSE;
return NS_ERROR_ILLEGAL_VALUE;
}
*pbIsTrusted = m_pNSPrincipal->isSecurePrincipal();
return NS_OK;
* result = (this->itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
return NS_OK;
}
/**
* Returns the codebase URL of the principal.
*
* @param result - the resulting codebase URL
*/
NS_IMETHODIMP
nsCodebasePrincipal::GetURL(char **ppCodeBaseURL)
nsCodebasePrincipal::IsCodebaseRegex(PRBool * result)
{
if(m_pNSPrincipal == NULL)
{
*ppCodeBaseURL = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCodeBaseURL = m_pNSPrincipal->getKey();
return NS_OK;
* result = (itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseRegex) ? PR_TRUE : PR_FALSE;
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsCCodebasePrincipal:
nsCodebasePrincipal::nsCodebasePrincipal(const char *codebaseURL,
nsresult *result)
NS_IMETHODIMP
nsCodebasePrincipal::GetType(PRInt16 * type)
{
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact,
(void *)codebaseURL,
XP_STRLEN(codebaseURL));
if(m_pNSPrincipal == NULL)
{
*result = NS_ERROR_OUT_OF_MEMORY;
return;
}
*result = NS_OK;
type = itsType;
return NS_OK;
}
nsCodebasePrincipal::nsCodebasePrincipal(nsPrincipal *pNSPrincipal)
NS_IMETHODIMP
nsCodebasePrincipal::IsSecure(PRBool * result)
{
/*
if ((0 == memcmp("https:", itsKey, strlen("https:"))) ||
(0 == memcmp("file:", itsKey, strlen("file:"))))
return PR_TRUE;
*/
return PR_FALSE;
}
NS_IMETHODIMP
nsCodebasePrincipal::ToString(char **result)
{
m_pNSPrincipal = pNSPrincipal;
return NS_OK;
}
NS_IMETHODIMP
nsCodebasePrincipal::HashCode(PRUint32 * code)
{
code=0;
return NS_OK;
}
NS_IMETHODIMP
nsCodebasePrincipal::Equals(nsIPrincipal * other, PRBool * result)
{
PRInt16 * oType;
other->GetType(oType);
*result = (itsType == oType) ? PR_TRUE : PR_FALSE;
return NS_OK;
}
nsCodebasePrincipal::nsCodebasePrincipal(PRInt16 * type, const char * codeBaseURL)
{
this->itsType=type;
this->codeBaseURL=codeBaseURL;
}
nsCodebasePrincipal::~nsCodebasePrincipal(void)
{
delete m_pNSPrincipal;
}
nsPrincipal*
nsCodebasePrincipal::GetPeer(void)
{
return m_pNSPrincipal;
}
}

0
caps/src/nsPrincipal.cpp
Просмотреть файл

1678
caps/src/nsPrivilegeManager.cpp
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

92
caps/src/nsPrivilegeTable.cpp
Просмотреть файл

@ -25,84 +25,77 @@
nsPrivilegeTable::nsPrivilegeTable(void)
{
itsTable = NULL;
this->itsTable = NULL;
}
nsPrivilegeTable::~nsPrivilegeTable(void)
{
/* XXX: We need to incr and decr objects that we put into this hashtable.
* There is a big memory leak.
*
* We need to delete all the entries in the privilege Table
*/
if (itsTable)
delete itsTable;
itsTable = NULL;
/* XXX: We need to incr and decr objects that we put into this hashtable.
* There is a big memory leak.
*
* We need to delete all the entries in the privilege Table
*/
if (this->itsTable) delete this->itsTable;
this->itsTable = NULL;
}
PRInt32 nsPrivilegeTable::size(void)
PRInt32
nsPrivilegeTable::Size(void)
{
if (itsTable != NULL)
return itsTable->Count();
else return 0;
return (itsTable != NULL) ? itsTable->Count() : 0;
}
PRBool nsPrivilegeTable::isEmpty(void)
PRBool
nsPrivilegeTable::IsEmpty(void)
{
if (itsTable == NULL) return PR_TRUE;
else return ((itsTable->Count() > 0) ? PR_FALSE : PR_TRUE);
return ((itsTable == NULL) && (itsTable->Count() == 0)) ? PR_TRUE : PR_FALSE;
}
nsPrivilege * nsPrivilegeTable::get(nsTarget *target)
nsPrivilege *
nsPrivilegeTable::Get(nsTarget *target)
{
if (itsTable == NULL) {
return nsPrivilege::findPrivilege(nsPermissionState_Blank,
nsDurationState_Session);
}
TargetKey targKey(target);
nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
if (priv == NULL) {
return nsPrivilege::findPrivilege(nsPermissionState_Blank,
nsDurationState_Session);
}
return priv;
if (itsTable == NULL)
return nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session);
TargetKey targKey(target);
nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
return (priv == NULL)
? nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session) : priv;
}
nsPrivilege * nsPrivilegeTable::put(nsTarget *target, nsPrivilege *priv)
nsPrivilege *
nsPrivilegeTable::Put(nsTarget * target, nsPrivilege * priv)
{
nsCaps_lock();
if (itsTable == NULL) itsTable = new nsHashtable();
if (itsTable == NULL) this->itsTable = new nsHashtable();
TargetKey targKey(target);
nsPrivilege *priv2 = (nsPrivilege *)itsTable->Put(&targKey, (void *)priv);
nsCaps_unlock();
return priv2;
}
nsPrivilege * nsPrivilegeTable::remove(nsTarget *target)
nsPrivilege *
nsPrivilegeTable::Remove(nsTarget *target)
{
if (itsTable == NULL) return NULL;
TargetKey targKey(target);
nsCaps_lock();
nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
nsCaps_unlock();
return priv;
if (itsTable == NULL) return NULL;
TargetKey targKey(target);
nsCaps_lock();
nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
nsCaps_unlock();
return priv;
}
nsPrivilegeTable * nsPrivilegeTable::clone(void)
nsPrivilegeTable *
nsPrivilegeTable::Clone(void)
{
nsCaps_lock();
nsPrivilegeTable *newbie = new nsPrivilegeTable();
if (itsTable != NULL) {
newbie->itsTable = itsTable->Clone();
}
if (itsTable != NULL) newbie->itsTable = itsTable->Clone();
nsCaps_unlock();
return newbie;
}
void nsPrivilegeTable::clear(void)
void
nsPrivilegeTable::Clear(void)
{
/* XXX: free the entries also */
nsCaps_lock();
@ -111,8 +104,7 @@ void nsPrivilegeTable::clear(void)
nsCaps_unlock();
}
void nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
if (itsTable != NULL) {
itsTable->Enumerate(aEnumFunc);
}
}
void
nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
if (itsTable != NULL) itsTable->Enumerate(aEnumFunc);
}

1161
caps/src/nsTarget.cpp
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

49
caps/src/nsUserTarget.cpp
Просмотреть файл

@ -51,32 +51,35 @@ nsUserTarget::~nsUserTarget(void)
}
#define OPTION "<option>"
nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
nsPrivilege *
nsUserTarget::EnablePrivilege(nsIPrincipal *prin, void *data)
{
char *riskStr = getRisk();
char *desc = getDescription();
char *prinStr = prin->toString();
char *targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
XP_STRCPY(targetStr, OPTION);
XP_STRCAT(targetStr, desc);
PRBool isCert = (prin->isCodebase()) ? PR_FALSE : PR_TRUE;
void *cert = prin->getCertificate();
nsPermState permState = nsPermState_AllowedSession;
char * riskStr = this->GetRisk();
char * desc = this->GetDescription();
char * prinStr;
prin->ToString(& prinStr);
char * targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
XP_STRCPY(targetStr, OPTION);
XP_STRCAT(targetStr, desc);
PRInt16 prinType;
prin->GetType(& prinType);
// void *cert;
// if(prinType == (PRInt16) nsIPrincipal::PrincipalType_Certificate)
// cert = ((nsICertificatePrincipal *) prin)->GetCertificate();
nsPermState permState = nsPermState_AllowedSession;
/*
* Check Registration Mode flag and the url code base
* to set permission state
*/
if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
if (prin->isFileCodeBase()) {
permState = nsPermState_AllowedSession;
}
} else if (displayUI) {
/* set displayUI to TRUE, to enable UI */
nsCaps_lock();
permState = displayPermissionDialog(prinStr, targetStr, riskStr, isCert, cert);
nsCaps_unlock();
}
// if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
// if (prinType == (PRInt16) nsIPrincipal::PrincipalType_Codebase) permState = nsPermState_AllowedSession;
// } else if (displayUI) {
/* set displayUI to TRUE, to enable UI */
// nsCaps_lock();
// permState = displayPermissionDialog(prinStr, targetStr, riskStr,
// isCert, cert);
// nsCaps_unlock();
// }
nsPermissionState permVal;
nsDurationState durationVal;
@ -96,6 +99,4 @@ nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
}
delete []targetStr;
return nsPrivilege::findPrivilege(permVal, durationVal);
}
}

30
dom/src/base/nsJSSecurityManager.cpp
Просмотреть файл

@ -1330,28 +1330,25 @@ nsJSSecurityManager::PrintPrincipalsToConsole(JSContext *aCx, JSPrincipals *aPri
{
void *principalsArray;
nsIPrincipal *principal;
char *vendor;
//cd .. char *vendor;
PRUint32 i, count;
static char emptyStr[] = "<empty>\n";
principalsArray = aPrincipals->getPrincipalArray(aCx, aPrincipals);
if (principalsArray == nsnull) {
PrintToConsole(emptyStr);
return;
}
PrintToConsole("[\n");
mCapsManager->GetPrincipalArraySize(principalsArray, &count);
for (i = 0; i < count; i++) {
mCapsManager->GetPrincipalArrayElement(principalsArray, i, &principal);
mCapsManager->GetVendor(principal, &vendor);
if (vendor == nsnull) {
JS_ReportOutOfMemory(aCx);
return;
}
PrintToConsole(vendor);
PrintToConsole(",\n");
// mCapsManager->GetVendor(principal, &vendor);
// if (vendor == nsnull) {
// JS_ReportOutOfMemory(aCx);
// return;
// }
// PrintToConsole(vendor);
// PrintToConsole(",\n");
}
PrintToConsole("]\n");
}
@ -1373,24 +1370,19 @@ nsJSSecurityManager::InvalidateCertPrincipals(JSContext *aCx, JSPrincipals *aPri
char*
nsJSSecurityManager::FindOriginURL(JSContext *aCx, JSObject *aGlobal)
{
nsISupports *tmp1, *tmp2;
nsISupports * tmp1, * tmp2;
nsIScriptGlobalObjectData* globalData = nsnull;
nsAutoString urlString;
tmp1 = (nsISupports*)JS_GetPrivate(aCx, aGlobal);
tmp1 = (nsISupports *)JS_GetPrivate(aCx, aGlobal);
if (nsnull != tmp1 &&
NS_OK == tmp1->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
globalData->GetOrigin(&urlString);
}
if (urlString.Length() == 0) {
/* Must be a new, empty window? Use running origin. */
tmp2 = (nsISupports*)JS_GetPrivate(aCx, JS_GetGlobalObject(aCx));
/* Compare running and current to avoid infinite recursion. */
if (tmp1 == tmp2) {
urlString = gUnknownOriginStr;
}
if (tmp1 == tmp2) urlString = gUnknownOriginStr;
else if (nsnull != tmp2 &&
NS_OK == tmp2->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
globalData->GetOrigin(&urlString);

3
modules/oji/src/lcglue.cpp
Просмотреть файл

@ -256,6 +256,9 @@ map_java_object_to_js_object_impl(JNIEnv *env, void *pluginInstancePtr, char* *e
#if 0
// This needs to be modified at least temporarily. Caps is undergoing some rearchitecture
// nsPrincipal doesn't exist anymore, we're trying to move towards using nsIPrincipal and a PrincipalTools.h
// which includes the definitions for arrays.
// TODO: Need raman's help. This needs to convert between C++ [] array data type to a nsVector object.
void*
ConvertNSIPrincipalArrayToObject(JNIEnv *pJNIEnv, JSContext *pJSContext, void **ppNSIPrincipalArrayIN, int numPrincipals, void *pNSISecurityContext)