mozilla
/
mozilla-history
зеркало из https://github.com/mozilla/mozilla-history.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

added a new and improved factory to caps module. fixed some bugs and 

cleared some warnings.  also move some methods of privilege manager to
principal manager.
This commit is contained in:
arielb%netscape.com 1999-08-06 22:44:35 +00:00
Родитель 2a4498fae9
Коммит 9b8f77f338
37 изменённых файлов: 558 добавлений и 792 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
allmakefiles.sh
Просмотреть файл

@ -331,7 +331,7 @@ sun-java/stubs/src/Makefile
caps/Makefile
caps/idl/Makefile
caps/include/Makefile
caps/public/Makefile
# caps/public/Makefile
caps/src/Makefile
view/Makefile
view/public/Makefile

12
caps/idl/nsICapsManager.idl
Просмотреть файл

@ -62,11 +62,9 @@ interface nsICapsManager : nsISupports {
};
%{C++
#define NS_CCAPSMANAGER_CID \
{ /* fd347500-307f-11d2-97f0-00805f8a28d0 */ \
0xfd347500, \
0x307f, \
0x11d2, \
{0x97, 0xf0, 0x00, 0x80, 0x5f, 0x8a, 0x28, 0xd0} \
}
#define NS_CCAPSMANAGER_CID \
{ 0xe6724a60, 0x4b90, 0x11d3, \
{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
#define NS_CCAPSMANAGER_PROGID "component://netscape/ccapsmanager"
#define NS_CCAPSMANAGER_CLASSNAME "ccapsmanager"
%}

2
caps/idl/nsIPrincipal.idl
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*defines interfaces for codebase and certificate principals*/
#include "nsISupports.idl"
[uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]

1
caps/idl/nsIPrincipalArray.idl
Просмотреть файл

@ -15,6 +15,7 @@
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*used to pass principals through xpcom in arrays*/
#include "nsISupports.idl"
#include "nsIPrincipal.idl"

13
caps/idl/nsIPrincipalManager.idl
Просмотреть файл

@ -15,6 +15,7 @@
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*creates, registers, and performs logical operations on principals*/
#include "nsISupports.idl"
#include "nsIPrincipal.idl"
#include "nsITarget.idl"
@ -22,9 +23,6 @@
interface nsIScriptContext;
//#define NS_ALL_PRIVILEGES ((nsITarget *)NULL)
[uuid(dc7d0bb0-25e1-11d2-8160-006008119d7a)]
interface nsIPrincipalManager : nsISupports
{
@ -37,6 +35,8 @@ interface nsIPrincipalManager : nsISupports
void RegisterPrincipal(in nsIPrincipal prin);
void UnregisterPrincipal(in nsIPrincipal prin, out boolean result);
void CanExtendTrust(in nsIPrincipalArray fromPrinArray, in nsIPrincipalArray toPrinArray, out boolean result);
void NewPrincipalArray(in unsigned long count, out nsIPrincipalArray result);
@ -44,3 +44,10 @@ interface nsIPrincipalManager : nsISupports
void CheckMatchPrincipal(in nsIScriptContext cx, in nsIPrincipal principal, in long callerDepth, out boolean result);
};
%{C++
#define NS_PRINCIPALMANAGER_CID \
{ 0x7ee2a4c0, 0x4b91, 0x11d3, \
{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
#define NS_PRINCIPALMANAGER_PROGID "component://netscape/principalmanager"
#define NS_PRINCIPALMANAGER_CLASSNAME "principalmanager"
%}

1
caps/idl/nsIPrivilege.idl
Просмотреть файл

@ -15,6 +15,7 @@
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*describes the state and duration of privileges*/
#include "nsISupports.idl"
[uuid(0bbbb636-3e11-11d3-ba10-0060b0f199a2)]

10
caps/idl/nsIPrivilegeManager.idl
Просмотреть файл

@ -15,6 +15,7 @@
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/* handles operations dealing with enabling and disabling privileges */
#include "nsISupports.idl"
#include "nsIPrincipal.idl"
#include "nsITarget.idl"
@ -43,4 +44,11 @@ interface nsIPrivilegeManager : nsISupports
void SetPermission(in nsIPrincipal useThisPrin, in nsITarget target, in nsIPrivilege newPrivilege);
};
};
%{C++
#define NS_PRIVILEGEMANAGER_CID \
{ 0x422e8544, 0x4b91, 0x11d3, \
{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
#define NS_PRIVILEGEMANAGER_PROGID "component://netscape/privilegemanager"
#define NS_PRIVILEGEMANAGER_CLASSNAME "privilegemanager"
%}

1
caps/include/MANIFEST
Просмотреть файл

@ -2,7 +2,6 @@ admin.h
jpermission.h
nsCaps.h
nsCCapsManager.h
nsCCapsManagerFactory.h
nsCertificatePrincipal.h
nsCodebasePrincipal.h
nsLoadZig.h

1
caps/include/Makefile.in
Просмотреть файл

@ -28,7 +28,6 @@ EXPORTS = \
jpermission.h \
nsCaps.h \
nsCCapsManager.h \
nsCCapsManagerFactory.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsLoadZig.h \

42
caps/include/admin.h
Просмотреть файл

@ -1,42 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef _ADMIN_H_
#define _ADMIN_H_
PR_BEGIN_EXTERN_C
PR_PUBLIC_API(const char *)
java_netscape_security_getPrincipals(const char *charSetName);
PR_PUBLIC_API(PRBool)
java_netscape_security_removePrincipal(const char *charSetName, char *prinName);
PR_PUBLIC_API(void)
java_netscape_security_getPrivilegeDescs(const char *charSetName, char *prinName,
char** forever, char** session,
char **denied);
PR_PUBLIC_API(PRBool)
java_netscape_security_removePrivilege(const char *charSetName, char *prinName,
char *targetName);
PR_END_EXTERN_C
#endif /* _ADMIN_H_ */

42
caps/include/jpermission.h
Просмотреть файл

@ -1,42 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef _JPERMISSION_H_
#define _JPERMISSION_H_
typedef enum nsPermState {
nsPermState_NotSet,
nsPermState_AllowedForever,
nsPermState_AllowedSession,
nsPermState_ForbiddenForever,
nsPermState_BlankSession
} nsPermState;
PR_PUBLIC_API(void)
java_netscape_security_savePrivilege(nsPermState permState);
PR_PUBLIC_API(nsPermState)
nsJSJavaDisplayDialog(char *prinStr, char *targetStr, char *rsikStr, PRBool isCert, void*cert);
PR_PUBLIC_API(void)
java_netscape_security_getTargetDetails(const char *charSetName,
char* targetName,
char** details,
char **risk);
#endif /* _JPERMISSION_H_ */

1
caps/include/makefile.win
Просмотреть файл

@ -33,7 +33,6 @@ EXPORTS= \
jpermission.h \
nsCaps.h \
nsCCapsManager.h \
nsCCapsManagerFactory.h \
nsCertificatePrincipal.h \
nsCodebasePrincipal.h \
nsLoadZig.h \

28
caps/include/nsCCapsManager.h
Просмотреть файл

@ -39,13 +39,11 @@
*/
class nsCCapsManager : public nsICapsManager {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports and AggregatedQueryInterface:
NS_DECL_AGGREGATED
NS_DECL_ISUPPORTS
////////////////////////////////////////////////////////////////////////////
// from nsICapsManager:
nsPrivilegeManager * thePrivilegeManager;
nsPrincipalManager * thePrincipalManager;
NS_IMETHOD
GetPrincipalManager(nsIPrincipalManager * * prinMan);
@ -95,24 +93,22 @@ DisablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 cal
NS_IMETHOD
IsAllowed(void * annotation, const char * target, PRBool * result);
nsCCapsManager(nsISupports *aOuter);
static nsCCapsManager *
GetSecurityManager();
virtual ~nsCCapsManager(void);
private:
nsCCapsManager(void);
/*
void
CreateNSPrincipalArray(nsIPrincipalArray * prinArray, nsIPrincipalArray * * pPrincipalArray);
NS_METHOD
GetNSPrincipalArray(nsIPrincipalArray * prinArray, nsIPrincipalArray * * pPrincipalArray);
void
SetSystemPrivilegeManager();
void
SetSystemPrincipalManager();
protected:
nsIPrivilegeManager * privilegeManager;
nsIPrincipalManager * principalManager;
*/
};
#endif // nsCCapsManager_h___

0
caps/include/nsCCapsManagerFactory.h
Просмотреть файл

4
caps/include/nsCaps.h
Просмотреть файл

@ -30,8 +30,8 @@ class nsPrivilegeManager;
struct NSJSJavaFrameWrapper;
/* wrappers for nsPrivilegeManager object */
PR_IMPLEMENT(PRBool)
nsCapsInitialize();
//PR_IMPLEMENT(PRBool)
//nsCapsInitialize();
PR_EXTERN(PRBool)
nsCapsRegisterPrincipal(class nsIPrincipal * principal);

2
caps/include/nsCertificatePrincipal.h
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*describes principals for use with signed scripts*/
#ifndef _NS_CERTIFICATE_PRINCIPAL_H_
#define _NS_CERTIFICATE_PRINCIPAL_H_
#include "nsVector.h"

2
caps/include/nsCodebasePrincipal.h
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/* describes principals by their orginating uris*/
#ifndef _NS_CODEBASE_PRINCIPAL_H_
#define _NS_CODEBASE_PRINCIPAL_H_

20
caps/include/nsPrincipalArray.h
Просмотреть файл

@ -1,3 +1,21 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*used to pass principals through xpcom in arrays*/
#ifndef _NS_PRINCIPAL_ARRAY_H_
#define _NS_PRINCIPAL_ARRAY_H_
@ -66,4 +84,4 @@ public:
}
};
#endif /* _NS_PRINCIPAL_TOOLS_H_ */
#endif /* _NS_PRINCIPAL_ARRAY_H_ */

30
caps/include/nsPrincipalManager.h
Просмотреть файл

@ -12,17 +12,15 @@
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*creates, registers, and performs logical operations on principals*/
#ifndef _NS_PRINCIPAL_MANAGER_H_
#define _NS_PRINCIPAL_MANAGER_H_
#include "nsIPrincipalManager.h"
#include "nsPrivilegeManager.h"
PRBool nsPrincipalManagerInitialize(void);
#include "nsHashtable.h"
class nsPrincipalManager : public nsIPrincipalManager {
@ -30,6 +28,11 @@ public:
NS_DECL_ISUPPORTS
static nsPrincipalManager *
GetPrincipalManager();
virtual ~nsPrincipalManager(void);
NS_IMETHOD
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal * * prin);
@ -39,6 +42,12 @@ public:
NS_IMETHOD
RegisterPrincipal(nsIPrincipal * prin);
NS_IMETHOD
UnregisterPrincipal(nsIPrincipal * prin, PRBool * result);
void
RegisterSystemPrincipal(nsIPrincipal * principal);
NS_IMETHOD
CanExtendTrust(nsIPrincipalArray * fromPrinArray, nsIPrincipalArray * toPrinArray, PRBool * result);
@ -69,9 +78,6 @@ public:
static nsIPrincipal *
GetUnknownPrincipal(void);
static nsPrincipalManager *
GetPrincipalManager(void);
const char *
GetAllPrincipalsString(void);
@ -81,22 +87,16 @@ public:
void
RemoveFromPrincipalNameToPrincipalTable(nsIPrincipal * prin);
void
SetSystemPrincipal(nsIPrincipal * prin);
nsIPrincipalArray *
GetClassPrincipalsFromStack(PRInt32 callerDepth);
nsIPrincipalArray *
GetClassPrincipalsFromStack(nsIScriptContext * context, PRInt32 callerDepth);
nsPrincipalManager(void);
virtual ~nsPrincipalManager(void);
private:
nsPrincipalManager(void);
nsHashtable * itsPrinNameToPrincipalTable;
static PRBool theInited;
};
#endif /* _NS_PRINCIPAL_MANAGER_H_*/

2
caps/include/nsPrivilege.h
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*describes the state and duration of privileges*/
#ifndef _NS_PRIVILEGE_H_
#define _NS_PRIVILEGE_H_

52
caps/include/nsPrivilegeManager.h
Просмотреть файл

@ -15,10 +15,11 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/* handles operations dealing with enabling and disabling privileges */
#ifndef _NS_PRIVILEGE_MANAGER_H_
#define _NS_PRIVILEGE_MANAGER_H_
#include "nsIPrivilegeManager.h"
#include "prtypes.h"
#include "prio.h"
#include "prmon.h"
@ -28,7 +29,8 @@
#include "nsTarget.h"
#include "nsIPrincipal.h"
#include "nsIPrincipalArray.h"
#include "nsIPrivilegeManager.h"
#include "nsIPrincipalManager.h"
#include "nsPrincipalManager.h"
#include "nsIPrivilege.h"
#include "nsPrivilegeTable.h"
#include "nsSystemPrivilegeTable.h"
@ -40,15 +42,18 @@ PR_BEGIN_EXTERN_C
PRBool CMGetBoolPref(char * pref_name);
PR_END_EXTERN_C
PRBool nsPrivilegeManagerInitialize(void);
class nsPrivilegeManager : public nsIPrivilegeManager {
public:
nsHashtable * itsPrinToPrivTable;
nsHashtable * itsPrinToMacroTargetPrivTable;
NS_DECL_ISUPPORTS
nsPrivilegeManager(void);
static nsPrivilegeManager *
GetPrivilegeManager();
virtual ~nsPrivilegeManager(void);
static nsIPrivilege *
@ -139,9 +144,6 @@ CheckPrivilegeGranted(nsIScriptContext * context, nsITarget * target, PRInt32 ca
NS_IMETHOD
GetPrincipalPrivilege(nsITarget * target, nsIPrincipal * prin, void * data, nsIPrivilege * * result);
static nsPrivilegeManager *
GetPrivilegeManager(void);
char *
CheckPrivilegeEnabled(nsTargetArray * targetArray, PRInt32 callerDepth, void *data);
@ -163,37 +165,23 @@ RemovePrincipalsPrivilege(const char * prinName, const char * targetName, PRBool
void
Remove(nsIPrincipal *prin, nsITarget *target);
/* Helper functions for ADMIN UI */
PRBool
RemovePrincipal(char *prinName);
void
RegisterSystemPrincipal(nsIPrincipal * principal);
void
RegisterPrincipal(nsIPrincipal * principal);
PRBool
UnregisterPrincipal(nsIPrincipal * principal);
void
RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsITarget * target, nsIPrivilege * newPrivilege);
/* End of native methods */
void
Save(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege);
void
Load(void);
private:
nsHashtable * itsPrinToPrivTable;
nsHashtable * itsPrinToMacroTargetPrivTable;
static PRBool theSecurityInited;
nsPrivilegeManager(void);
static char * SignedAppletDBName;
static PRBool theInited;
/* Private Methods */
PRBool
EnablePrivilegePrivate(nsIScriptContext * context, nsITarget *target, nsIPrincipal *preferredPrincipal,
PRInt32 callerDepth);
@ -204,14 +192,6 @@ GetPrincipalPrivilege(nsITarget * target, nsIPrincipalArray * callerPrinArray, v
PRBool
IsPermissionGranted(nsITarget *target, nsIPrincipalArray * callerPrinArray, void *data);
/* The following methods are used to save and load the persistent store */
void
Save(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege);
void
Load(void);
};
#endif /* _NS_PRIVILEGE_MANAGER_H_ */

81
caps/include/nsUserTarget.h
Просмотреть файл

@ -1,81 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef _NS_USER_TARGET_H_
#define _NS_USER_TARGET_H_
#include "prtypes.h"
#include "nsTarget.h"
#include "nsPrivilege.h"
#include "nsPrivilegeManager.h"
#include "nsCom.h"
/* Any methods that is not defined here is in Java */
class nsUserTarget : public nsTarget {
public:
/* Public Methods */
nsUserTarget(char *name);
virtual ~nsUserTarget(void);
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char * riskColor, char * description,
char * detailDescription, char * url)
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, NULL)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor, char *description,
char *detailDescription, char *url,
nsTargetArray * targetArray)
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, targetArray)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, NULL)
{
}
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
char *riskColor,
int desc_id,
int detail_desc_id,
int help_url_id,
nsTargetArray * targetArray)
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
help_url_id, targetArray)
{
}
nsIPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data);
private:
};
#endif /* _NS_USER_TARGET_H_ */

8
caps/src/Makefile.in
Просмотреть файл

@ -22,14 +22,15 @@ VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
MODULE = caps
LIBRARY_NAME = caps
MODULE = caps
LIBRARY_NAME = caps
IS_COMPONENT = 1
CPPSRCS = \
admin.cpp \
nsCaps.cpp \
nsCCapsManager.cpp \
nsCCapsManagerFactory.cpp \
nsCertificatePrincipal.cpp \
nsCodebasePrincipal.cpp \
nsPrincipalArray.cpp \
@ -37,6 +38,7 @@ CPPSRCS = \
nsPrivilege.cpp \
nsPrivilegeManager.cpp \
nsPrivilegeTable.cpp \
nsSecurityManagerFactory.cpp \
nsSystemPrivilegeTable.cpp \
nsTarget.cpp \
nsUserDialogHelper.cpp \

29
caps/src/admin.cpp
Просмотреть файл

@ -12,10 +12,13 @@
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*native java calls from oji into security system*/
// nsresult rv;
// NS_WITH_SERVICE(nsIPrincipalManager, observer, "component://netscape/observer-service",& rv);
#include "prtypes.h"
#include "prmem.h"
@ -38,17 +41,19 @@ extern "C" {
PR_PUBLIC_API(const char *)
java_netscape_security_getPrincipals(const char *charSetName)
{
const char * prins = nsPrincipalManager::GetPrincipalManager()->GetAllPrincipalsString();
PRBool test_admin_api = PR_FALSE;
if (test_admin_api) {
char *a1;
char *a2;
char *a3;
java_netscape_security_getPrivilegeDescs(NULL, "raman tenneti", &a1, &a2, &a3);
java_netscape_security_removePrivilege(NULL, "raman tenneti", "Reading, modification, or deletion of any of your files");
java_netscape_security_removePrincipal(NULL, "raman tenneti");
}
return prins;
const char * prins = nsPrincipalManager::GetPrincipalManager()->GetAllPrincipalsString();
PRBool test_admin_api = PR_FALSE;
if (test_admin_api) {
char *a1;
char *a2;
char *a3;
java_netscape_security_getPrivilegeDescs(NULL, "raman tenneti", &a1, &a2, &a3);
java_netscape_security_removePrivilege(NULL, "raman tenneti", "Reading, modification, or deletion of any of your files");
java_netscape_security_removePrincipal(NULL, "raman tenneti");
}
return prins;
}
PR_PUBLIC_API(PRBool)

88
caps/src/jpermission.c
Просмотреть файл

@ -1,88 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "prtypes.h"
#include "nspr.h"
#include "prmem.h"
#include "prmon.h"
#include "prlog.h"
#include "structs.h"
#include "proto.h"
#include "secnav.h"
#include "jpermission.h"
static char *userTargetErrMsg;
static nsPermState gPermState;
void *gPrincipalCert;
static void
nsUserTargetHandleMonitorError(int rv)
{
if (rv == PR_FAILURE) {
userTargetErrMsg = "IllegalMonitorStateException current thread not owner";
}
else if (PR_GetError() == PR_PENDING_INTERRUPT_ERROR) {
userTargetErrMsg = "ThreadDeath: thread tried to proceed after being stopped";
} else {
userTargetErrMsg = NULL;
}
}
PR_PUBLIC_API(void)
java_netscape_security_savePrivilege(nsPermState permState)
{
PR_CEnterMonitor((void *)&gPermState);
gPermState = permState;
nsUserTargetHandleMonitorError(PR_CNotifyAll((void*)&gPermState));
PR_CExitMonitor((void *)&gPermState);
}
PR_PUBLIC_API(void *)
java_netscape_security_getCert(char *prinStr)
{
return gPrincipalCert;
}
PR_PUBLIC_API(nsPermState)
nsJSJavaDisplayDialog(char *prinStr, char *targetStr, char *riskStr, PRBool isCert, void*cert)
{
nsPermState ret_val=nsPermState_NotSet;
#ifdef MOZ_SECURITY
void * context = XP_FindSomeContext();
PRIntervalTime sleep = (PRIntervalTime)PR_INTERVAL_NO_TIMEOUT;
PR_CEnterMonitor((void *)&gPermState);
/* XXX: The following is a hack, we should passs gPrincipalCert to SECNAV_... code,
* but all this code will change real soon in the new world order
*/
gPrincipalCert = cert;
SECNAV_signedAppletPrivileges(context, prinStr, targetStr,
riskStr, isCert);
nsUserTargetHandleMonitorError(PR_CWait((void*)&gPermState, sleep));
nsUserTargetHandleMonitorError(PR_CNotifyAll((void*)&gPermState));
ret_val = gPermState;
PR_CExitMonitor((void *)&gPermState);
PR_Sleep(500000);
#endif /* MOZ_SECURITY */
return ret_val;
}

40
caps/src/makefile.win
Просмотреть файл

@ -54,23 +54,23 @@ C_OBJS= \
.\$(OBJDIR)\nsZip.obj \
$(NULL)
CPP_OBJS= \
.\$(OBJDIR)\admin.obj \
.\$(OBJDIR)\nsCaps.obj \
.\$(OBJDIR)\nsCCapsManager.obj \
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
.\$(OBJDIR)\nsCertificatePrincipal.obj \
.\$(OBJDIR)\nsCodebasePrincipal.obj \
.\$(OBJDIR)\nsPrincipalArray.obj \
.\$(OBJDIR)\nsPrincipalManager.obj \
.\$(OBJDIR)\nsPrivilege.obj \
.\$(OBJDIR)\nsPrivilegeManager.obj \
.\$(OBJDIR)\nsPrivilegeTable.obj \
.\$(OBJDIR)\nsSystemPrivilegeTable.obj \
.\$(OBJDIR)\nsTarget.obj \
.\$(OBJDIR)\nsUserDialogHelper.obj \
.\$(OBJDIR)\nsUserTarget.obj \
.\$(OBJDIR)\nsZig.obj \
CPP_OBJS= \
.\$(OBJDIR)\admin.obj \
.\$(OBJDIR)\nsCaps.obj \
.\$(OBJDIR)\nsCCapsManager.obj \
.\$(OBJDIR)\nsCertificatePrincipal.obj \
.\$(OBJDIR)\nsCodebasePrincipal.obj \
.\$(OBJDIR)\nsPrincipalArray.obj \
.\$(OBJDIR)\nsPrincipalManager.obj \
.\$(OBJDIR)\nsPrivilege.obj \
.\$(OBJDIR)\nsPrivilegeManager.obj \
.\$(OBJDIR)\nsPrivilegeTable.obj \
.\$(OBJDIR)\nsSecurityManagerFactory.obj \
.\$(OBJDIR)\nsSystemPrivilegeTable.obj \
.\$(OBJDIR)\nsTarget.obj \
.\$(OBJDIR)\nsUserDialogHelper.obj \
.\$(OBJDIR)\nsUserTarget.obj \
.\$(OBJDIR)\nsZig.obj \
$(NULL)
#//------------------------------------------------------------------------
@ -119,6 +119,10 @@ LLIBS = \
include <$(DEPTH)/config/rules.mak>
install:: $(DLL)
$(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin
$(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin\components
$(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).lib $(DIST)\lib
clobber::
rm -f $(DIST)\lib\$(DLLNAME).lib
rm -f $(DIST)\bin\components\$(DLLNAME).dll

99
caps/src/nsCCapsManager.cpp
Просмотреть файл

@ -29,46 +29,34 @@
#include "jarutil.h"
#endif /* MOZ_SECURITY */
static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID);
static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID);
static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
#define ALL_JAVA_PERMISSION "AllJavaPermission"
NS_IMPL_AGGREGATED(nsCCapsManager);
static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID);
static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID);
NS_METHOD
nsCCapsManager::AggregatedQueryInterface(const nsIID& aIID, void** aInstancePtr)
NS_IMPL_ISUPPORTS(nsCCapsManager, kICapsManagerIID);
nsCCapsManager *
nsCCapsManager::GetSecurityManager()
{
if (aIID.Equals(kISupportsIID)) {
*aInstancePtr = GetInner();
AddRef();
return NS_OK;
}
if (aIID.Equals(kICapsManagerIID)) {
*aInstancePtr = this;
AddRef();
return NS_OK;
}
return NS_NOINTERFACE;
static nsCCapsManager * capsMan = NULL;
if (!capsMan)
capsMan = new nsCCapsManager();
return capsMan;
}
////////////////////////////////////////////////////////////////////////////
// from nsICapsManager:
NS_IMETHODIMP
nsCCapsManager::GetPrincipalManager(nsIPrincipalManager * * prinMan)
{
* prinMan = principalManager;
* prinMan = (nsIPrincipalManager *)nsPrincipalManager::GetPrincipalManager();
return NS_OK;
}
NS_IMETHODIMP
nsCCapsManager::GetPrivilegeManager(nsIPrivilegeManager * * privMan)
{
* privMan = privilegeManager;
* privMan = (nsIPrivilegeManager *)nsPrivilegeManager::GetPrivilegeManager();
return NS_OK;
}
@ -92,9 +80,9 @@ nsCCapsManager::GetPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI
nsITarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
nsresult result = NS_OK;
if( target == NULL ) return NS_OK;
if (privilegeManager != NULL) {
if (nsPrivilegeManager::GetPrivilegeManager() != NULL) {
nsIPrivilege * privilege;
privilegeManager->GetPrincipalPrivilege(target, prin, NULL, & privilege);
nsPrivilegeManager::GetPrivilegeManager()->GetPrincipalPrivilege(target, prin, NULL, & privilege);
// ARIEL WORK ON THIS SHIT
// * privilegeState = this->ConvertPrivilegeToPermission(privilege);
}
@ -106,11 +94,11 @@ nsCCapsManager::SetPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI
{
nsITarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
if(target == NULL ) return NS_OK;
if (privilegeManager != NULL) {
// if (privilegeManager != NULL) {
// WORK ON THIS ARIEL
// nsPrivilege* privilege = this->ConvertPermissionToPrivilege(privilegeState);
// privilegeManager->SetPermission(prin, target, privilegeState);
}
// }
return NS_OK;
}
@ -122,11 +110,11 @@ nsCCapsManager::AskPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI
* privilegeState = nsIPrivilege::PrivilegeState_Blank;
return NS_OK;
}
if (privilegeManager != NULL) {
if (nsPrivilegeManager::GetPrivilegeManager() != NULL) {
PRBool perm;
privilegeManager->AskPermission(prin, target, NULL, & perm);
nsPrivilegeManager::GetPrivilegeManager()->AskPermission(prin, target, NULL, & perm);
nsIPrivilege * privilege;
privilegeManager->GetPrincipalPrivilege(target, prin, NULL,& privilege);
nsPrivilegeManager::GetPrivilegeManager()->GetPrincipalPrivilege(target, prin, NULL,& privilege);
// * privilegeState = ConvertPrivilegeToPermission(privilege);
}
return NS_OK;
@ -141,7 +129,7 @@ nsCCapsManager::AskPermission(nsIPrincipal * prin, nsITarget * ignoreTarget, PRI
NS_METHOD
nsCCapsManager::Initialize(PRBool * result)
{
* result = nsCapsInitialize();
// * result = nsCapsInitialize();
return NS_OK;
}
@ -174,7 +162,6 @@ NS_METHOD
nsCCapsManager::EnablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool * ret_val)
{
nsITarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
* ret_val = PR_FALSE;
@ -200,14 +187,12 @@ NS_METHOD
nsCCapsManager::IsPrivilegeEnabled(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsITarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL )
{
* ret_val = PR_FALSE;
return NS_OK;
}
if (privilegeManager != NULL)
privilegeManager->IsPrivilegeEnabled(context, target, callerDepth, ret_val);
nsPrivilegeManager::GetPrivilegeManager()->IsPrivilegeEnabled(context, target, callerDepth, ret_val);
return NS_OK;
}
@ -215,13 +200,11 @@ NS_METHOD
nsCCapsManager::RevertPrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsITarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL ) {
* ret_val = PR_FALSE;
return NS_OK;
}
if (privilegeManager != NULL)
privilegeManager->RevertPrivilege(context, target, callerDepth,ret_val);
nsPrivilegeManager::GetPrivilegeManager()->RevertPrivilege(context, target, callerDepth,ret_val);
return NS_OK;
}
@ -229,13 +212,11 @@ NS_METHOD
nsCCapsManager::DisablePrivilege(nsIScriptContext * context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
{
nsITarget *target = nsTarget::FindTarget((char*)targetName);
nsresult result = NS_OK;
if( target == NULL ) {
* ret_val = PR_FALSE;
return NS_OK;
}
if (privilegeManager != NULL)
privilegeManager->DisablePrivilege(context, target, callerDepth,ret_val);
nsPrivilegeManager::GetPrivilegeManager()->DisablePrivilege(context, target, callerDepth,ret_val);
return NS_OK;
}
@ -323,7 +304,6 @@ NS_METHOD
nsCCapsManager::IsAllowed(void *annotation, const char * targetName, PRBool * ret_val)
{
nsITarget *target = nsTarget::FindTarget((char *)targetName);
nsresult result = NS_OK;
if( target == NULL ) {
*ret_val = PR_FALSE;
return NS_OK;
@ -339,23 +319,21 @@ nsCCapsManager::IsAllowed(void *annotation, const char * targetName, PRBool * re
return NS_OK;
}
nsCCapsManager::nsCCapsManager(nsISupports * aOuter):privilegeManager(NULL)
nsCCapsManager::nsCCapsManager()
{
NS_INIT_AGGREGATED(aOuter);
// PRBool result;
// privilegeManager = (Initialize(& result) == NS_OK) ? new nsPrivilegeManager(): NULL;
NS_INIT_REFCNT();
NS_ADDREF(this);
}
nsCCapsManager::~nsCCapsManager()
{
}
/*
void
nsCCapsManager::CreateNSPrincipalArray(nsIPrincipalArray* prinArray,
nsIPrincipalArray* *pPrincipalArray)
{
//prin arrays will either be removed, or updated to use the nsIPrincipal Object
/*
nsIPrincipal* pNSIPrincipal;
nsPrincipal *pNSPrincipal = NULL;
@ -374,8 +352,8 @@ nsCCapsManager::CreateNSPrincipalArray(nsIPrincipalArray* prinArray,
newPrinArray->Set(index, pNSIPrincipal);
}
*pPrincipalArray = newPrinArray;
*/
}
*/
/*
NS_METHOD
nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray,
@ -528,22 +506,3 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state)
return nsPrivilege::findPrivilege(permission, duration);
}
*/
void
nsCCapsManager::SetSystemPrivilegeManager()
{
nsIPrivilegeManager * pNSPrivilegeManager = (nsIPrivilegeManager *)nsPrivilegeManager::GetPrivilegeManager();
if ((privilegeManager != NULL ) && (privilegeManager != pNSPrivilegeManager)) {
delete privilegeManager;
privilegeManager = pNSPrivilegeManager;
}
}
void
nsCCapsManager::SetSystemPrincipalManager()
{
nsIPrincipalManager * prinMan = (nsIPrincipalManager *)nsPrincipalManager::GetPrincipalManager();
if ((principalManager != NULL ) && (principalManager != prinMan)) {
delete principalManager;
principalManager = prinMan;
}
}

0
caps/src/nsCCapsManagerFactory.cpp
Просмотреть файл

33
caps/src/nsCaps.cpp
Просмотреть файл

@ -30,7 +30,6 @@
#include "nsPrivilegeTable.h"
#include "nsITarget.h"
#include "nsCCapsManager.h"
#include "nsCCapsManagerFactory.h"
/*
* With the introduction of '-reg_mode' flag,
@ -54,54 +53,44 @@ static PRBool bNSCapsInitialized_g = PR_FALSE;
*/
/* wrappers for nsPrivilegeManager object */
/*
PR_IMPLEMENT(PRBool)
nsCapsInitialize()
{
if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE;
bNSCapsInitialized_g = PR_TRUE;
nsIPrincipal * sysPrin = NULL;
/*
#if defined(_WIN32)
// sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
#else
// sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
#endif
*/
// if (sysPrin == NULL) {
// nsresult res;
// sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49",
// (unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res);
// }
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
if (nsPrivManager == NULL) {
nsPrivilegeManagerInitialize();
// nsPrivilegeInitialize();
nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
}
PR_ASSERT(nsPrivManager != NULL);
nsPrivManager->RegisterSystemPrincipal(sysPrin);
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
if (nsPrivManager == NULL) nsPrivilegeManagerInitialize();
PR_ASSERT(nsPrivManager != NULL);
nsPrincipalManager * nsPrinManager = nsPrincipalManager::GetPrincipalManager();
if (nsPrinManager == NULL) nsPrincipalManagerInitialize();
nsPrinManager->RegisterSystemPrincipal(sysPrin);
// New a class factory object and the constructor will register itself
// as the factory object in the repository. All other modules should
// FindFactory and use createInstance to create a instance of nsCCapsManager
// and ask for nsICapsManager interface.
/*
nsCCapsManagerFactory *pNSCCapsManagerFactory = new nsCCapsManagerFactory();
if ( pNSCCapsManagerFactory == NULL )
{
return PR_FALSE;
}
*/
return PR_TRUE;
}
*/
/* wrappers for nsPrivilegeManager object */
PR_IMPLEMENT(PRBool)
nsCapsRegisterPrincipal(class nsIPrincipal *principal)
{
nsPrivilegeManager * nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
if(nsPrivManager == NULL) return PR_FALSE;
nsPrivManager->RegisterPrincipal(principal);
nsPrincipalManager * nsPrinManager = nsPrincipalManager::GetPrincipalManager();
if(nsPrinManager == NULL) return PR_FALSE;
nsPrinManager->RegisterPrincipal(principal);
return PR_TRUE;
}

2
caps/src/nsCertificatePrincipal.cpp
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*describes principals for use in signed scripts*/
#include "nsCertificatePrincipal.h"
static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);

2
caps/src/nsCodebasePrincipal.cpp
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/* describes principals by thier orginating uris*/
#include "nsCodebasePrincipal.h"
#include "xp.h"

35
caps/src/nsPrincipalArray.cpp
Просмотреть файл

@ -1,3 +1,21 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*used to pass principals through xpcom in arrays*/
#include "nsPrincipalArray.h"
static NS_DEFINE_IID(kIPrincipalArrayIID, NS_IPRINCIPALARRAY_IID);
@ -66,13 +84,13 @@ nsPrincipalArray::ComparePrincipalArray(nsIPrincipalArray * other, PRInt16 * com
nsIPrincipal * prin;
PRUint32 i;
other->GetPrincipalArraySize(& i);
for (i; i-- > 0;) {
while (i-- > 0) {
other->GetPrincipalArrayElement(i,& prin);
PrincipalKey prinKey(prin);
p2Hashtable->Put(& prinKey, (void *)PR_TRUE);
}
this->GetPrincipalArraySize(& i);
for (i; i-- > 0;) {
while (i-- > 0) {
this->GetPrincipalArrayElement(i,& prin);
PrincipalKey prinKey(prin);
value = (PRBool)p2Hashtable->Get(&prinKey);
@ -84,7 +102,7 @@ nsPrincipalArray::ComparePrincipalArray(nsIPrincipalArray * other, PRInt16 * com
if (value == PR_TRUE) p2Hashtable->Put(&prinKey, (void *)PR_FALSE);
}
other->GetPrincipalArraySize(& i);
for (i; i-- > 0;) {
while(i-- > 0) {
other->GetPrincipalArrayElement(i,& prin);
PrincipalKey prinKey(prin);
value = (PRBool)p2Hashtable->Get(&prinKey);
@ -105,16 +123,16 @@ nsPrincipalArray::IntersectPrincipalArray(nsIPrincipalArray * other, nsIPrincipa
this->GetPrincipalArraySize(& thisLength);
other->GetPrincipalArraySize(& otherLength);
nsVector * in = new nsVector();
PRUint32 count = 0;
nsIPrincipal * prin1, * prin2;
PRUint32 i = 0, j=0;
nsIPrincipal * prin1 = NULL, * prin2 = NULL;
PRUint32 i = 0, j = 0, count = 0;
in->SetSize(thisLength, 1);
PRUint32 inLength = in->GetSize();
PRBool doesIntersect = PR_FALSE, eq = PR_FALSE;
for (i=0; i < thisLength; i++) {
for (j=0; j < otherLength; j++) {
this->GetPrincipalArrayElement(i,& prin1);
other->GetPrincipalArrayElement(j,& prin2);
PRBool eq;
prin1->Equals(prin2, & eq);
if (eq) {
in->Set(i, (void *)PR_TRUE);
@ -126,10 +144,9 @@ nsPrincipalArray::IntersectPrincipalArray(nsIPrincipalArray * other, nsIPrincipa
}
}
* result = new nsPrincipalArray(count);
PRBool doesIntersect;
PR_ASSERT(inLength == thisLength);
PR_ASSERT(inLength == inLength);
for (i=0; i < inLength; i++) {
for (i = 0; i < inLength; i++) {
doesIntersect = (PRBool)in->Get(i);
if (doesIntersect) {
PR_ASSERT(j < count);

126
caps/src/nsPrincipalManager.cpp
Просмотреть файл

@ -15,7 +15,7 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*creates, registers, and performs logical operations on principals*/
#include "prmem.h"
#include "prmon.h"
#include "prlog.h"
@ -27,6 +27,7 @@
#include "nsCaps.h"
#include "nsCertificatePrincipal.h"
#include "nsCodebasePrincipal.h"
#include "nsPrivilegeManager.h"
#define UNSIGNED_PRINCIPAL_KEY "4a:52:4f:53:4b:49:4e:44"
#define UNKNOWN_PRINCIPAL_KEY "52:4f:53:4b:49:4e:44:4a"
@ -39,8 +40,8 @@ static nsIPrincipalArray * theUnsignedPrincipalArray = NULL;
char * gListOfPrincipals;
static PRBool RDF_RemovePrincipal(nsIPrincipal * prin);
static PRBool GetPrincipalString(nsHashKey * aKey, void * aData, void * closure);
static nsPrincipalManager * thePrincipalManager = NULL;
static NS_DEFINE_IID(kIPrincipalManagerIID, NS_IPRINCIPALMANAGER_IID);
@ -189,8 +190,7 @@ nsPrincipalManager::GetMyPrincipals(PRInt32 callerDepth)
nsIPrincipalArray *
nsPrincipalManager::GetMyPrincipals(nsIScriptContext * context, PRInt32 callerDepth)
{
return (thePrincipalManager == NULL)
? NULL : thePrincipalManager->GetClassPrincipalsFromStack(context, callerDepth);
return nsPrincipalManager::GetPrincipalManager()->GetClassPrincipalsFromStack(context, callerDepth);
}
@ -213,7 +213,7 @@ nsPrincipalManager::AddToPrincipalNameToPrincipalTable(nsIPrincipal * prin)
if (prinName == NULL) return;
StringKey prinNameKey(prinName);
nsCaps_lock();
if (itsPrinNameToPrincipalTable->Get(& prinNameKey) == NULL)
if (!itsPrinNameToPrincipalTable->Get(& prinNameKey))
itsPrinNameToPrincipalTable->Put(& prinNameKey, prin);
nsCaps_unlock();
@ -260,21 +260,67 @@ nsPrincipalManager::GetAllPrincipalsString(void)
return principalStrings;
}
nsPrincipalManager *
nsPrincipalManager::GetPrincipalManager(void)
{
return thePrincipalManager;
}
void
nsPrincipalManager::SetSystemPrincipal(nsIPrincipal * prin)
void
nsPrincipalManager::RegisterSystemPrincipal(nsIPrincipal * prin)
{
nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
PrincipalKey prinKey(prin);
nsCaps_lock();
if (!itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey))
itsPrivilegeManager->itsPrinToPrivTable->Put(& prinKey, new nsSystemPrivilegeTable());
if (!itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey))
itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsSystemPrivilegeTable());
theSystemPrincipal = prin;
CreateSystemTargets(prin);
// Load the signed applet's ACL from the persistence store
itsPrivilegeManager->Load();
nsCaps_unlock();
}
NS_IMETHODIMP
nsPrincipalManager::RegisterPrincipal(nsIPrincipal * prin)
{
nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
PrincipalKey prinKey(prin);
nsCaps_lock();
if (!itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey))
itsPrivilegeManager->itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable());
if (!itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey)) {
itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsPrivilegeTable());
}
this->AddToPrincipalNameToPrincipalTable(prin);
nsCaps_unlock();
return NS_OK;
}
NS_IMETHODIMP
nsPrincipalManager::UnregisterPrincipal(nsIPrincipal * prin, PRBool * result)
{
nsPrivilegeManager * itsPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
PRBool eq;
prin->Equals(this->GetSystemPrincipal(),& eq);
if (result) {
* result = PR_FALSE;
return NS_OK;
}
PrincipalKey prinKey(prin);
nsCaps_lock();
/* Get the privilegetables and free them up */
nsPrivilegeTable * pt =
(nsPrivilegeTable *)itsPrivilegeManager->itsPrinToPrivTable->Get(& prinKey);
nsPrivilegeTable * mpt =
(nsPrivilegeTable *)itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Get(& prinKey);
if(pt) delete pt;
if(mpt) delete mpt;
/* Remove the principal */
void * old_prin = itsPrivilegeManager->itsPrinToPrivTable->Remove(& prinKey);
void * old_prin1 = itsPrivilegeManager->itsPrinToMacroTargetPrivTable->Remove(& prinKey);
/* remove principal from PrinNameToPrincipalTable */
this->RemoveFromPrincipalNameToPrincipalTable(prin);
/* remove the principal from RDF also */
RDF_RemovePrincipal(prin);
nsCaps_unlock();
* result = ((old_prin == NULL) && (old_prin1 == NULL)) ? PR_FALSE : PR_TRUE;
return NS_OK;
}
@ -289,8 +335,16 @@ nsPrincipalManager::NewPrincipalArray(PRUint32 count, nsIPrincipalArray * * resu
nsPrincipalManager::nsPrincipalManager(void)
{
NS_INIT_REFCNT();
NS_ADDREF(this);
nsCaps_lock();
itsPrinNameToPrincipalTable = new nsHashtable();
theUnsignedPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNSIGNED_PRINCIPAL_KEY);
theUnsignedPrincipalArray = new nsPrincipalArray();
theUnsignedPrincipalArray->AddPrincipalArrayElement(theUnsignedPrincipal);
theUnknownPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNKNOWN_PRINCIPAL_KEY);
theUnknownPrincipalArray = new nsPrincipalArray();
theUnknownPrincipalArray->AddPrincipalArrayElement(theUnknownPrincipal);
nsCaps_unlock();
}
@ -300,17 +354,41 @@ nsPrincipalManager::~nsPrincipalManager(void) {
nsCaps_unlock();
}
PRBool
nsPrincipalManagerInitialize(void)
nsPrincipalManager *
nsPrincipalManager::GetPrincipalManager()
{
theUnsignedPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNSIGNED_PRINCIPAL_KEY);
theUnsignedPrincipalArray = new nsPrincipalArray();
theUnsignedPrincipalArray->AddPrincipalArrayElement(theUnsignedPrincipal);
theUnknownPrincipal = new nsCertificatePrincipal(nsIPrincipal::PrincipalType_Certificate, UNKNOWN_PRINCIPAL_KEY);
theUnknownPrincipalArray = new nsPrincipalArray();
theUnknownPrincipalArray->AddPrincipalArrayElement(theUnknownPrincipal);
thePrincipalManager = new nsPrincipalManager();
return PR_TRUE;
static nsPrincipalManager * prinMan = NULL;
if(!prinMan)
prinMan = new nsPrincipalManager();
return prinMan;
}
PRBool nsPrincipalManager::theInited = nsPrincipalManagerInitialize();
static PRBool
RDF_RemovePrincipal(nsIPrincipal * prin)
{
PRBool found = PR_FALSE;
#ifdef ENABLE_RDF
nsCaps_lock();
RDFJSec_InitPrivilegeDB();
RDF_Cursor prin_cursor = RDFJSec_ListAllPrincipals();
if (prin_cursor == NULL) {
nsCaps_unlock();
return PR_FALSE;
}
JSec_Principal jsec_prin;
nsIPrincipal * cur_prin = NULL;
while ((jsec_prin = RDFJSec_NextPrincipal(prin_cursor)) != NULL) {
if ((cur_prin = RDF_getPrincipal(jsec_prin)) == NULL) continue;
PRBool eq;
prin->Equals(cur_prin,& eq);
if (eq) {
found = PR_TRUE;
break;
}
}
RDFJSec_ReleaseCursor(prin_cursor);
if (found) RDFJSec_DeletePrincipal(jsec_prin);
nsCaps_unlock();
#endif /* ENABLE_RDF */
return found;
}

4
caps/src/nsPrivilege.cpp
Просмотреть файл

@ -12,10 +12,10 @@
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*describes the state and duration of privileges*/
#include "nsPrivilege.h"
#include "xp.h"

344
caps/src/nsPrivilegeManager.cpp
Просмотреть файл

@ -15,11 +15,10 @@
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/* handles operations dealing with enabling and disabling privileges */
#include "nsPrivilegeManager.h"
#include "nsPrivilege.h"
#include "nsPrincipalArray.h"
#include "nsPrincipalManager.h"
#include "prmem.h"
#include "prmon.h"
#include "prlog.h"
@ -32,17 +31,8 @@
#include "jsec2rdf.h"
#endif /* ENABLE_RDF */
static nsPrivilegeManager * thePrivilegeManager = NULL;
/*
static nsIPrincipal * theSystemPrincipal = NULL;
static nsIPrincipal * theUnsignedPrincipal;
static nsIPrincipal * theUnknownPrincipal;
static nsIPrincipalArray * theUnknownPrincipalArray;
static nsIPrincipalArray * theUnsignedPrincipalArray;
*/
static nsIPrivilege * thePrivilegeCache[nsIPrivilege::PrivilegeState_NumberOfPrivileges][nsIPrivilege::PrivilegeDuration_NumberOfDurations];
static PRMonitor *caps_lock = NULL;
static PRMonitor * caps_lock = NULL;
/* We could avoid the following globals if nsHashTable's Enumerate accepted
* a void * as argument and it passed that argument as a parameter to the
@ -53,14 +43,13 @@ char * gSession;
char * gDenied;
nsPrivilegeTable * gPrivilegeTable;
static PRBool RDF_RemovePrincipalsPrivilege(nsIPrincipal * prin, nsITarget * target);
#ifdef ENABLE_RDF
static nsIPrincipal * RDF_getPrincipal(JSec_Principal jsec_pr);
static JSec_Principal RDF_CreatePrincipal(nsPrincipal *prin);
#endif /* ENABLE_RDF */
static PRBool RDF_RemovePrincipal(nsIPrincipal *prin);
static PRBool RDF_RemovePrincipalsPrivilege(nsIPrincipal * prin, nsITarget * target);
PR_BEGIN_EXTERN_C
#include "xp.h"
#include "prefapi.h"
@ -101,20 +90,42 @@ NS_IMPL_ISUPPORTS(nsPrivilegeManager, kIPrivilegeManagerIID);
nsPrivilegeManager::nsPrivilegeManager(void)
{
nsCaps_lock();
itsPrinToPrivTable = new nsHashtable();
itsPrinToMacroTargetPrivTable = new nsHashtable();
nsCaps_unlock();
NS_INIT_REFCNT();
NS_ADDREF(this);
nsCaps_lock();
itsPrinToPrivTable = new nsHashtable();
itsPrinToMacroTargetPrivTable = new nsHashtable();
PRInt16 privState = 0, durationState = 0;
for (PRUint16 i = 0; i < nsIPrivilege::PrivilegeState_NumberOfPrivileges; i++) {
for(PRUint16 j = 0; j < nsIPrivilege::PrivilegeDuration_NumberOfDurations; j++) {
privState = i;
durationState = j;
thePrivilegeCache[i][j] = new nsPrivilege(privState, durationState);
}
}
#ifdef ENABLE_RDF
RDFJSec_InitPrivilegeDB();
#endif /* ENABLE_RDF */
nsCaps_unlock();
}
nsPrivilegeManager::~nsPrivilegeManager(void)
{
nsCaps_lock();
if (itsPrinToPrivTable) delete itsPrinToPrivTable;
if (itsPrinToMacroTargetPrivTable) delete itsPrinToMacroTargetPrivTable;
if(itsPrinToPrivTable) delete itsPrinToPrivTable;
if(itsPrinToMacroTargetPrivTable) delete itsPrinToMacroTargetPrivTable;
nsCaps_unlock();
}
nsPrivilegeManager *
nsPrivilegeManager::GetPrivilegeManager()
{
static nsPrivilegeManager * privMan = NULL;
if(!privMan)
privMan = new nsPrivilegeManager();
return privMan;
}
nsIPrivilege *
nsPrivilegeManager::FindPrivilege(PRInt16 privState, PRInt16 privDuration) {
return thePrivilegeCache[privState][privDuration];
@ -178,66 +189,6 @@ nsPrivilegeManager::Add(nsIPrivilege * priv1, nsIPrivilege * priv2) {
return (p1state < p2state) ? priv1 : priv2;
}
void
nsPrivilegeManager::RegisterSystemPrincipal(nsIPrincipal * prin)
{
PrincipalKey prinKey(prin);
nsCaps_lock();
if (NULL == itsPrinToPrivTable->Get(&prinKey))
itsPrinToPrivTable->Put(&prinKey, new nsSystemPrivilegeTable());
if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey))
itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsSystemPrivilegeTable());
// nsPrincipalManager::GetPrincipalManager()->SetSystemPrincipal(prin);
CreateSystemTargets(prin);
// Load the signed applet's ACL from the persistence store
this->Load();
nsCaps_unlock();
}
void
nsPrivilegeManager::RegisterPrincipal(nsIPrincipal * prin)
{
//
// the new PrivilegeTable will have all privileges "blank forever"
// until changed by calls to enablePrincipalPrivilegeHelper
//
PrincipalKey prinKey(prin);
nsCaps_lock();
if (NULL == itsPrinToPrivTable->Get(&prinKey)) {
itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable());
}
if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) {
itsPrinToMacroTargetPrivTable->Put(& prinKey, new nsPrivilegeTable());
}
// nsPrincipalManager::GetPrincipalManager()->AddToPrincipalNameToPrincipalTable(prin);
nsCaps_unlock();
}
PRBool
nsPrivilegeManager::UnregisterPrincipal(nsIPrincipal * prin)
{
PRBool result;
prin->Equals(nsPrincipalManager::GetPrincipalManager()->GetSystemPrincipal(),& result);
if (result) return PR_FALSE;
PrincipalKey prinKey(prin);
nsCaps_lock();
/* Get the privilegetables and free them up */
nsPrivilegeTable *pt = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey);
if (pt != NULL) delete pt;
nsPrivilegeTable *mpt = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey);
if (mpt != NULL) delete mpt;
/* Remove the principal */
void *old_prin = itsPrinToPrivTable->Remove(&prinKey);
void *old_prin1 = itsPrinToMacroTargetPrivTable->Remove(&prinKey);
/* remove principal from PrinNameToPrincipalTable */
nsPrincipalManager::GetPrincipalManager()->RemoveFromPrincipalNameToPrincipalTable(prin);
/* remove the principal from RDF also */
RDF_RemovePrincipal(prin);
nsCaps_unlock();
return ((old_prin == NULL) && (old_prin1 == NULL)) ? PR_FALSE : PR_TRUE;
}
PRBool
nsPrivilegeManager::IsPrivilegeEnabled(nsITarget * target, PRInt32 callerDepth)
{
@ -356,7 +307,7 @@ nsPrivilegeManager::EnablePrincipalPrivilegeHelper(nsIScriptContext * context, n
nsIPrincipal * callerPrin;
PRUint32 i;
callerPrinArray->GetPrincipalArraySize(& i);
for (i; i-- > 0;) {
while (i-- > 0) {
callerPrinArray->GetPrincipalArrayElement(i, & callerPrin);
PRBool result;
callerPrin->Equals(preferredPrin, & result);
@ -516,20 +467,18 @@ nsPrivilegeManager::SetPermission(nsIPrincipal * useThisPrin, nsITarget * target
void
nsPrivilegeManager::RegisterPrincipalAndSetPrivileges(nsIPrincipal * prin, nsITarget *target,
nsIPrivilege * newPrivilege)
nsPrivilegeManager::RegisterPrincipalAndSetPrivileges(nsIPrincipal * prin, nsITarget * target, nsIPrivilege * newPrivilege)
{
nsPrivilegeTable *privTable;
this->RegisterPrincipal(prin);
//Store the list of targets for which the user has given privilege
PrincipalKey prinKey(prin);
nsCaps_lock();
privTable = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey);
privTable->Put(target, newPrivilege);
nsCaps_unlock();
privTable = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey);
this->UpdatePrivilegeTable(target, privTable, newPrivilege);
nsPrivilegeTable *privTable;
nsPrincipalManager::GetPrincipalManager()->RegisterPrincipal(prin);
//Store the list of targets for which the user has given privilege
PrincipalKey prinKey(prin);
nsCaps_lock();
privTable = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey);
privTable->Put(target, newPrivilege);
nsCaps_unlock();
privTable = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey);
this->UpdatePrivilegeTable(target, privTable, newPrivilege);
}
@ -540,14 +489,14 @@ nsPrivilegeManager::UpdatePrivilegeTable(nsITarget * target, nsPrivilegeTable *
target->GetFlattenedTargetArray(& primitiveTargets);
nsIPrivilege * oldPrivilege, * privilege;
nsITarget * primTarget;
nsCaps_lock();
for (int i = primitiveTargets->GetSize(); i-- > 0;) {
primTarget = (nsITarget *)primitiveTargets->Get(i);
oldPrivilege = privTable->Get(primTarget);
privilege = (oldPrivilege != NULL) ? nsPrivilegeManager::Add(oldPrivilege, newPrivilege) : newPrivilege;
privTable->Put(primTarget, privilege);
}
nsCaps_unlock();
nsCaps_lock();
for (int i = primitiveTargets->GetSize(); i-- > 0;) {
primTarget = (nsITarget *)primitiveTargets->Get(i);
oldPrivilege = privTable->Get(primTarget);
privilege = (oldPrivilege != NULL) ? nsPrivilegeManager::Add(oldPrivilege, newPrivilege) : newPrivilege;
privTable->Put(primTarget, privilege);
}
nsCaps_unlock();
}
PRBool
@ -587,125 +536,13 @@ nsPrivilegeManager::CheckPrivilegeGranted(nsITarget *target, PRInt32 callerDepth
NS_IMETHODIMP
nsPrivilegeManager::CheckPrivilegeGranted(nsIScriptContext * context, nsITarget * target, PRInt32 callerDepth, void * data, PRBool * result)
{
nsIPrincipalArray* callerPrinArray =
nsIPrincipalArray * callerPrinArray =
nsPrincipalManager::GetPrincipalManager()->GetClassPrincipalsFromStack((nsIScriptContext *)context, callerDepth);
PRInt16 privilegeState = this->GetPrincipalPrivilege(target, callerPrinArray, data);
* result = (privilegeState == nsIPrivilege::PrivilegeState_Allowed) ? PR_TRUE : PR_FALSE;
return NS_OK;
}
nsPrivilegeManager *
nsPrivilegeManager::GetPrivilegeManager(void)
{
return thePrivilegeManager;
}
/*
nsIPrincipalArray *
nsPrivilegeManager::GetMyPrincipals(PRInt32 callerDepth)
{
return nsPrivilegeManager::GetMyPrincipals(NULL, callerDepth);
}
nsIPrincipalArray *
nsPrivilegeManager::GetMyPrincipals(void* context, PRInt32 callerDepth)
{
return (thePrivilegeManager == NULL) ? NULL
: thePrivilegeManager->GetClassPrincipalsFromStack(context, callerDepth);
}
*/
/*
nsIPrincipal *
nsPrivilegeManager::GetSystemPrincipal(void)
{
return theSystemPrincipal;
}
*/
/*
PRBool
nsPrivilegeManager::HasSystemPrincipal(nsIPrincipalArray *prinArray)
{
nsIPrincipal * sysPrin = nsPrivilegeManager::GetSystemPrincipal();
nsIPrincipal * prin;
if (sysPrin == NULL) return PR_FALSE;
PRUint32 i;
prinArray->GetPrincipalArraySize(& i);
for (i; i-- > 0;) {
prinArray->GetPrincipalArrayElement(i,& prin);
PRBool result;
sysPrin->Equals(prin, & result);
if (result) return PR_TRUE;
}
return PR_FALSE;
}
*/
/*
nsIPrincipal *
nsPrivilegeManager::GetUnsignedPrincipal(void)
{
return theUnsignedPrincipal;
}
*/
/*
nsIPrincipal *
nsPrivilegeManager::GetUnknownPrincipal(void)
{
return theUnknownPrincipal;
}
*/
/*
PRBool
nsPrivilegeManager::CanExtendTrust(nsIPrincipalArray * from, nsIPrincipalArray * to)
{
if ((from == NULL) || (to == NULL)) return PR_FALSE;
nsIPrincipalArray * intersect;
from->IntersectPrincipalArray(to,& intersect);
PRUint32 intersectSize = 0, fromSize = 0;
intersect->GetPrincipalArraySize(& intersectSize);
from->GetPrincipalArraySize(& fromSize);
if (intersectSize == fromSize) return PR_TRUE;
if (intersectSize == 0 || (intersectSize != (fromSize - 1))) return PR_FALSE;
nsIPrincipal * prin;
PRUint32 i;
for (i=0; i < intersectSize; i++) {
intersect->GetPrincipalArrayElement(i, & prin);
PRInt16 prinType = nsIPrincipal::PrincipalType_Unknown;
prin->GetType(& prinType);
if (prinType == nsIPrincipal::PrincipalType_CodebaseExact ||
prinType == nsIPrincipal::PrincipalType_CodebaseRegex)
return PR_FALSE;
}
PRUint32 codebaseCount = 0;
for (i=0; i < fromSize; i++) {
from->GetPrincipalArrayElement(i, & prin);
PRInt16 prinType = nsIPrincipal::PrincipalType_Unknown;
prin->GetType(& prinType);
if (prinType == nsIPrincipal::PrincipalType_CodebaseExact ||
prinType == nsIPrincipal::PrincipalType_CodebaseRegex)
codebaseCount++;
}
return (codebaseCount == 1) ? PR_TRUE : PR_FALSE;
}
*/
/*
PRBool
nsPrivilegeManager::CheckMatchPrincipal(nsIPrincipal * prin, PRInt32 callerDepth)
{
return this->CheckMatchPrincipal(NULL, prin, callerDepth);
}
*/
/*
PRBool
nsPrivilegeManager::CheckMatchPrincipal(void * context, nsIPrincipal * prin, PRInt32 callerDepth)
{
nsIPrincipalArray * prinArray = new nsPrincipalArray(0);
prinArray->AddPrincipalArrayElement(prin);
nsIPrincipalArray * classPrinArray = this->GetClassPrincipalsFromStack(context, callerDepth);
PRInt16 compType = 0;
prinArray->ComparePrincipalArray(classPrinArray,& compType);
return (compType != nsPrincipalArray::SetComparisonType_NoSubset) ? PR_TRUE : PR_FALSE;
}
*/
static PRBool
GetPermissionsString(nsHashKey * aKey, void * aData, void * closure)
{
@ -722,8 +559,7 @@ GetPermissionsString(nsHashKey * aKey, void * aData, void * closure)
}
void
nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever,
char** session, char **denied)
nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied)
{
/* Admin UI */
nsCaps_lock();
@ -755,14 +591,14 @@ nsPrivilegeManager::GetTargetsWithPrivileges(char *prinName, char** forever,
PRBool
nsPrivilegeManager::RemovePrincipal(char * prinName)
{
/* Admin UI */
nsPrincipalManager * itsPrincipalManager = nsPrincipalManager::GetPrincipalManager();
nsCaps_lock();
nsIPrincipal * prin = nsPrincipalManager::GetPrincipalManager()->GetPrincipalFromString(prinName);
nsIPrincipal * prin = itsPrincipalManager->GetPrincipalFromString(prinName);
if (prin == NULL) {
nsCaps_unlock();
return PR_FALSE;
}
this->UnregisterPrincipal(prin);
itsPrincipalManager->UnregisterPrincipal(prin,NULL);
nsCaps_unlock();
return PR_TRUE;
}
@ -828,9 +664,7 @@ nsPrivilegeManager::Remove(nsIPrincipal * prin, nsITarget * target)
nsCaps_unlock();
}
// PRIVATE METHODS
PRBool
PRBool
nsPrivilegeManager::EnablePrivilegePrivate(nsIScriptContext * context, nsITarget *target, nsIPrincipal * prefPrin, PRInt32 callerDepth)
{
if (PR_FALSE == this->EnablePrincipalPrivilegeHelper(context, target, callerDepth, prefPrin, NULL, NULL)) return PR_FALSE;
@ -845,7 +679,7 @@ nsPrivilegeManager::GetPrincipalPrivilege(nsITarget * target, nsIPrincipalArray
PRBool isAllowed = PR_FALSE;
PRUint32 i;
callerPrinArray->GetPrincipalArraySize(& i);
for (i; i-- > 0; ) {
while (i-- > 0) {
callerPrinArray->GetPrincipalArrayElement(i,& principal);
this->GetPrincipalPrivilege(target, principal, data,& privilege);
if (privilege == NULL) continue;
@ -1126,45 +960,6 @@ RDF_CreatePrincipal(nsIPrincipal *prin)
}
#endif /* ENABLE_RDF */
static PRBool
RDF_RemovePrincipal(nsIPrincipal *prin)
{
PRBool found = PR_FALSE;
#ifdef ENABLE_RDF
nsCaps_lock();
RDFJSec_InitPrivilegeDB();
RDF_Cursor prin_cursor = RDFJSec_ListAllPrincipals();
if (prin_cursor == NULL) {
nsCaps_unlock();
return PR_FALSE;
}
JSec_Principal jsec_prin;
nsIPrincipal *cur_prin = NULL;
while ((jsec_prin = RDFJSec_NextPrincipal(prin_cursor)) != NULL) {
if ((cur_prin = RDF_getPrincipal(jsec_prin)) == NULL) {
continue;
}
if (prin->equals(cur_prin)) {
found = PR_TRUE;
break;
}
}
RDFJSec_ReleaseCursor(prin_cursor);
if (found) {
RDFJSec_DeletePrincipal(jsec_prin);
}
nsCaps_unlock();
#endif /* ENABLE_RDF */
return found;
}
#ifdef ENABLE_RDF
static nsIPrincipal *
@ -1303,24 +1098,3 @@ nsPrivilegeManager::Load(void)
#endif /* ENABLE_RDF */
}
PRBool
nsPrivilegeManagerInitialize(void)
{
thePrivilegeManager = new nsPrivilegeManager();
PRInt16 privState = 0, durationState = 0;
for (PRInt16 i = 0; i < nsIPrivilege::PrivilegeState_NumberOfPrivileges; i++) {
for(PRInt16 j = 0; j < nsIPrivilege::PrivilegeDuration_NumberOfDurations; j++) {
privState = i;
durationState = j;
thePrivilegeCache[i][j] = new nsPrivilege(privState, durationState);
}
}
#ifdef ENABLE_RDF
RDFJSec_InitPrivilegeDB();
#endif /* ENABLE_RDF */
return PR_TRUE;
}
PRBool nsPrivilegeManager::theInited = nsPrivilegeManagerInitialize();

184
caps/src/nsSecurityManagerFactory.cpp Normal file
Просмотреть файл

@ -0,0 +1,184 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
/*Factory for internal browser security resource managers*/
#include "nsIComponentManager.h"
#include "nsIServiceManager.h"
#include "nsISupports.h"
#include "nsIGenericFactory.h"
#include "nsICapsManager.h"
#include "nsCCapsManager.h"
#include "nsIPrincipalManager.h"
#include "nsPrincipalManager.h"
#include "nsIPrivilegeManager.h"
#include "nsPrivilegeManager.h"
static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
static NS_DEFINE_CID(kComponentManagerCID, NS_COMPONENTMANAGER_CID);
static NS_DEFINE_CID(kGenericFactoryCID, NS_GENERICFACTORY_CID);
static NS_DEFINE_CID(kCCapsManagerCID, NS_CCAPSMANAGER_CID);
static NS_DEFINE_CID(kPrivilegeManagerCID, NS_PRIVILEGEMANAGER_CID);
static NS_DEFINE_CID(kPrincipalManagerCID, NS_PRINCIPALMANAGER_CID);
static NS_IMETHODIMP
Construct_nsISecurityManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult)
{
nsresult rv;
nsISupports *obj;
if(!aResult)
{
rv = NS_ERROR_NULL_POINTER;
goto done;
}
*aResult = NULL;
if(aOuter)
{
rv = NS_ERROR_NO_AGGREGATION;
goto done;
}
obj = nsCCapsManager::GetSecurityManager();
if(!obj)
{
rv = NS_ERROR_OUT_OF_MEMORY;
goto done;
}
rv = obj->QueryInterface(aIID, aResult);
NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface");
done:
return rv;
}
static NS_IMETHODIMP
Construct_nsIPrivilegeManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult)
{
nsresult rv;
nsISupports * obj;
if(!aResult)
{
rv = NS_ERROR_NULL_POINTER;
goto done;
}
*aResult = NULL;
if(aOuter)
{
rv = NS_ERROR_NO_AGGREGATION;
goto done;
}
obj = nsPrivilegeManager::GetPrivilegeManager();
if(!obj)
{
rv = NS_ERROR_OUT_OF_MEMORY;
goto done;
}
rv = obj->QueryInterface(aIID, aResult);
NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface");
done:
return rv;
}
static NS_IMETHODIMP
Construct_nsIPrincipalManager(nsISupports * aOuter, REFNSIID aIID, void * * aResult)
{
nsresult rv;
nsISupports * obj;
if(!aResult)
{
rv = NS_ERROR_NULL_POINTER;
goto done;
}
*aResult = NULL;
if(aOuter)
{
rv = NS_ERROR_NO_AGGREGATION;
goto done;
}
obj = nsPrincipalManager::GetPrincipalManager();
if(!obj)
{
rv = NS_ERROR_OUT_OF_MEMORY;
goto done;
}
rv = obj->QueryInterface(aIID, aResult);
NS_ASSERTION(NS_SUCCEEDED(rv), "unable to find correct interface");
done:
return rv;
}
extern "C" PR_IMPLEMENT(nsresult)
NSGetFactory(nsISupports * aServMgr, const nsCID & aClass, const char * aClassName,
const char * aProgID, nsIFactory * * aFactory)
{
nsresult rv;
NS_ASSERTION(aFactory != nsnull, "bad factory pointer");
NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv);
if (NS_FAILED(rv)) return rv;
nsIGenericFactory * factory;
rv = compMgr->CreateInstance(kGenericFactoryCID, nsnull, nsIGenericFactory::GetIID(), (void * *)& factory);
if (NS_FAILED(rv)) return rv;
if(aClass.Equals(kCCapsManagerCID)) rv = factory->SetConstructor(Construct_nsISecurityManager);
else if(aClass.Equals(kPrivilegeManagerCID)) rv = factory->SetConstructor(Construct_nsIPrivilegeManager);
else if(aClass.Equals(kPrincipalManagerCID)) rv = factory->SetConstructor(Construct_nsIPrincipalManager);
else
{
NS_ASSERTION(0, "incorrectly registered");
rv = NS_ERROR_NO_INTERFACE;
}
if (NS_FAILED(rv)) {
NS_RELEASE(factory);
return rv;
}
* aFactory = factory;
return NS_OK;
}
/***************************************************************************/
extern "C" NS_EXPORT PRBool
NSCanUnload(nsISupports* aServMgr)
{
return PR_FALSE;
}
extern "C" NS_EXPORT nsresult
NSRegisterSelf(nsISupports * aServMgr, const char * aPath)
{
nsresult rv;
#ifdef DEBUG
printf("*** Register Security\n");
#endif
NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv);
if (NS_FAILED(rv)) return rv;
rv = compMgr->RegisterComponent(kCCapsManagerCID,NS_CCAPSMANAGER_CLASSNAME,NS_CCAPSMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE);
rv = compMgr->RegisterComponent(kPrivilegeManagerCID,NS_PRIVILEGEMANAGER_CLASSNAME,NS_PRIVILEGEMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE);
rv = compMgr->RegisterComponent(kPrincipalManagerCID,NS_PRINCIPALMANAGER_CLASSNAME,NS_PRINCIPALMANAGER_PROGID, aPath, PR_TRUE, PR_TRUE);
return rv;
}
extern "C" NS_EXPORT nsresult
NSUnregisterSelf(nsISupports * aServMgr, const char * aPath)
{
nsresult rv;
#ifdef DEBUG
printf("*** Unregister XPConnect\n");
#endif
NS_WITH_SERVICE1(nsIComponentManager, compMgr, aServMgr, kComponentManagerCID,& rv);
if (NS_FAILED(rv)) return rv;
rv = compMgr->UnregisterComponent(kCCapsManagerCID, aPath);
rv = compMgr->UnregisterComponent(kPrivilegeManagerCID, aPath);
rv = compMgr->UnregisterComponent(kPrincipalManagerCID, aPath);
return rv;
}

7
caps/src/nsUserTarget.cpp
Просмотреть файл

@ -44,8 +44,8 @@ nsUserTarget::~nsUserTarget(void)
}
#define OPTION "<option>"
nsIPrivilege *
nsUserTarget::EnablePrivilege(nsIPrincipal * prin, void *data)
NS_IMETHODIMP
nsUserTarget::EnablePrivilege(nsIPrincipal * prin, void * data, nsIPrivilege * * result)
{
PRInt16 prinType;
prin->GetType(& prinType);
@ -59,5 +59,6 @@ nsUserTarget::EnablePrivilege(nsIPrincipal * prin, void *data)
privDuration = nsIPrivilege::PrivilegeDuration_Session;
}
}
return nsPrivilegeManager::FindPrivilege(privState, privDuration);
* result = nsPrivilegeManager::FindPrivilege(privState, privDuration);
return NS_OK;
}