diff --git a/caps/idl/MANIFEST b/caps/idl/MANIFEST index 29cdacc6a73..2055f34d376 100644 --- a/caps/idl/MANIFEST +++ b/caps/idl/MANIFEST @@ -1,6 +1,3 @@ nsIPrincipal.idl -nsICodebasePrincipal.idl -nsICertificatePrincipal.idl -nsICodeSourcePrincipal.idl nsIScriptSecurityManager.idl nsICapsSecurityCallbacks.idl \ No newline at end of file diff --git a/caps/idl/Makefile.in b/caps/idl/Makefile.in index a6556d72e20..7bc3d26fd50 100644 --- a/caps/idl/Makefile.in +++ b/caps/idl/Makefile.in @@ -24,13 +24,10 @@ include $(DEPTH)/config/autoconf.mk MODULE = caps -XPIDLSRCS = \ +XPIDLSRCS = \ nsIScriptSecurityManager.idl \ nsICapsSecurityCallbacks.idl \ - nsIPrincipal.idl \ - nsICodebasePrincipal.idl \ - nsICertificatePrincipal.idl \ - nsICodeSourcePrincipal.idl \ + nsIPrincipal.idl \ $(NULL) include $(topsrcdir)/config/rules.mk diff --git a/caps/idl/makefile.win b/caps/idl/makefile.win index 8a898912186..6ee949cf60f 100644 --- a/caps/idl/makefile.win +++ b/caps/idl/makefile.win @@ -19,13 +19,10 @@ DEPTH=..\.. MODULE=caps -XPIDLSRCS= \ +XPIDLSRCS= \ .\nsIScriptSecurityManager.idl \ .\nsICapsSecurityCallbacks.idl \ - .\nsIPrincipal.idl \ - .\nsICertificatePrincipal.idl \ - .\nsICodebasePrincipal.idl \ - .\nsICodeSourcePrincipal.idl \ + .\nsIPrincipal.idl \ $(NULL) include <$(DEPTH)\config\rules.mak> diff --git a/caps/idl/nsICertificatePrincipal.idl b/caps/idl/nsICertificatePrincipal.idl deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/idl/nsICodeSourcePrincipal.idl b/caps/idl/nsICodeSourcePrincipal.idl deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/idl/nsICodebasePrincipal.idl b/caps/idl/nsICodebasePrincipal.idl deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/idl/nsIPrincipal.idl b/caps/idl/nsIPrincipal.idl index 248ba799c34..9fc908c59ad 100644 --- a/caps/idl/nsIPrincipal.idl +++ b/caps/idl/nsIPrincipal.idl @@ -17,8 +17,37 @@ */ #include "nsISupports.idl" + [uuid(ff9313d0-25e1-11d2-8160-006008119d7a)] interface nsIPrincipal : nsISupports { -void IsTrusted([const] in string scope, out boolean pbIsTrusted); + const short PrincipalType_Unknown=-1; + const short PrincipalType_CodebaseExact=1; + const short PrincipalType_CodebaseRegex=2; + const short PrincipalType_Certificate=3; + const short PrincipalType_CertificateFingerPrint=4; + const short PrincipalType_CertificateKey=5; + const short PrincipalType_CertificateChain=6; + + void GetType(out short type); + void IsSecure(out boolean result); + void ToString(out string result); + void HashCode(out unsigned long code); + void Equals(in nsIPrincipal other, out boolean result); }; +[uuid(c29fe440-25e1-11d2-8160-006008119d7a)] +interface nsICodebasePrincipal : nsIPrincipal { + void GetURL(out string ppCodeBaseURL); + void IsCodebaseExact(out boolean result); + void IsCodebaseRegex(out boolean result); +}; + +[uuid(ebfefcd0-25e1-11d2-8160-006008119d7a)] +interface nsICertificatePrincipal : nsIPrincipal { + void GetPublicKey(out string publicKey, out unsigned long publicKeySize); + void GetCompanyName(out string ppCompanyName); + void GetCertificateAuthority(out string ppCertAuthority); + void GetSerialNumber(out string ppSerialNumber); + void GetExpirationDate(out string ppExpDate); + void GetFingerPrint(out string ppFingerPrint); +}; \ No newline at end of file diff --git a/caps/include/MANIFEST b/caps/include/MANIFEST index 2925333dab5..964571fc42e 100644 --- a/caps/include/MANIFEST +++ b/caps/include/MANIFEST @@ -1,20 +1,25 @@ -nsZig.h -nsPrincipal.h -nsPrivilege.h -nsPrivilegeManager.h -nsPrivilegeTable.h -nsSystemPrivilegeTable.h -nsTarget.h -nsUserTarget.h -jpermission.h -nsUserDialogHelper.h -nsZip.h -nsLoadZig.h admin.h +jpermission.h nsCaps.h nsCapsEnums.h nsCCapsManager.h nsCCapsManagerFactory.h nsCertificatePrincipal.h nsCodebasePrincipal.h -nsCCodeSourcePrincipal.h +nsLoadZig.h +nsPrincipalTools.h +nsPrivilege.h +nsPrivilegeManager.h +nsPrivilegeTable.h +nsSystemPrivilegeTable.h +nsTarget.h +nsUserDialogHelper.h +nsUserTarget.h +nsZig.h +nsZip.h + + + + + + diff --git a/caps/include/Makefile.in b/caps/include/Makefile.in index b1459617c25..6de5dcdf120 100644 --- a/caps/include/Makefile.in +++ b/caps/include/Makefile.in @@ -23,26 +23,26 @@ VPATH = @srcdir@ include $(DEPTH)/config/autoconf.mk -EXPORTS = nsZip.h \ - nsZig.h \ - nsLoadZig.h \ - nsPrincipal.h \ - nsPrivilege.h \ - nsPrivilegeManager.h \ - nsPrivilegeTable.h \ +EXPORTS = \ + admin.h \ + jpermission.h \ + nsCaps.h \ + nsCapsEnums.h \ + nsCCapsManager.h \ + nsCCapsManagerFactory.h \ + nsCertificatePrincipal.h \ + nsCodebasePrincipal.h \ + nsLoadZig.h \ + nsPrincipalTools.h \ + nsPrivilege.h \ + nsPrivilegeManager.h \ + nsPrivilegeTable.h \ nsSystemPrivilegeTable.h \ - nsTarget.h \ - nsUserTarget.h \ - jpermission.h \ - nsUserDialogHelper.h \ - admin.h \ - nsCaps.h \ - nsCapsEnums.h \ - nsCCapsManagerFactory.h \ - nsCCapsManager.h \ - nsCertificatePrincipal.h \ - nsCodebasePrincipal.h \ - nsCCodeSourcePrincipal.h + nsTarget.h \ + nsUserDialogHelper.h \ + nsUserTarget.h \ + nsZig.h \ + nsZip.h EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS)) diff --git a/caps/include/makefile.win b/caps/include/makefile.win index 5c526fbe50c..6faa615e41f 100755 --- a/caps/include/makefile.win +++ b/caps/include/makefile.win @@ -28,27 +28,26 @@ IGNORE_MANIFEST=1 MODULE=caps DEPTH=..\.. -EXPORTS=nsZip.h \ - nsZig.h \ - nsLoadZig.h \ - nsPrincipal.h \ - nsPrivilege.h \ - nsPrivilegeManager.h \ - nsPrivilegeTable.h \ - nsSystemPrivilegeTable.h \ - nsTarget.h \ - nsUserTarget.h \ - jpermission.h \ - nsUserDialogHelper.h \ - admin.h \ - nsCaps.h \ - nsCapsEnums.h \ - nsCCapsManager.h \ - nsCertificatePrincipal.h \ - nsCodebasePrincipal.h \ - nsCCapsManagerFactory.h \ - nsCCodeSourcePrincipal.h - +EXPORTS= \ + admin.h \ + jpermission.h \ + nsCaps.h \ + nsCapsEnums.h \ + nsCCapsManager.h \ + nsCCapsManagerFactory.h \ + nsCertificatePrincipal.h \ + nsCodebasePrincipal.h \ + nsLoadZig.h \ + nsPrincipalTools.h \ + nsPrivilege.h \ + nsPrivilegeManager.h \ + nsPrivilegeTable.h \ + nsSystemPrivilegeTable.h \ + nsTarget.h \ + nsUserDialogHelper.h \ + nsUserTarget.h \ + nsZig.h \ + nsZip.h include <$(DEPTH)/config/rules.mak> diff --git a/caps/include/nsCCapsManager.h b/caps/include/nsCCapsManager.h index 79bbee11b07..66128be740b 100644 --- a/caps/include/nsCCapsManager.h +++ b/caps/include/nsCCapsManager.h @@ -16,15 +16,13 @@ * Reserved. */ -#ifndef nsCCapsManager_h___ -#define nsCCapsManager_h___ +#ifndef _NS_CCAPS_MANANGER_H_ +#define _NS_CCAPS_MANAGER_H_ #include "nsIPrincipal.h" #include "nsISupports.h" #include "nsICapsManager.h" #include "nsAgg.h" - -#include "nsPrincipal.h" #include "nsPrivilegeManager.h" /** @@ -37,238 +35,232 @@ */ class nsCCapsManager : public nsICapsManager { public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports and AggregatedQueryInterface: +//////////////////////////////////////////////////////////////////////////// +// from nsISupports and AggregatedQueryInterface: - NS_DECL_AGGREGATED +NS_DECL_AGGREGATED - //////////////////////////////////////////////////////////////////////////// - // from nsICapsManager: +//////////////////////////////////////////////////////////////////////////// +// from nsICapsManager: - NS_IMETHOD - CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin); +NS_IMETHOD +CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin); - NS_IMETHOD - CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin); +NS_IMETHOD +CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin); - /** - * Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal - * and nsICertPrincipal - * - * @param certByteData - The ceritificate's byte array data including the chain. - * @param certByteDataSize - the length of certificate byte array. - * @param codebaseURL - the codebase URL - */ - NS_IMETHOD - CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin); +/** + * Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal + * and nsICertPrincipal + * + * @param certByteData - The ceritificate's byte array data including the chain. + * @param certByteDataSize - the length of certificate byte array. + * @param codebaseURL - the codebase URL + */ +/* +NS_IMETHOD +CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin); +*/ +/** + * Returns the permission for given principal and target + * + * @param prin - is either certificate principal or codebase principal + * @param target - is NS_ALL_PRIVILEGES. + * @param state - the return value is passed in this parameter. + */ +NS_IMETHOD +GetPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * state); - /** - * Returns the permission for given principal and target - * - * @param prin - is either certificate principal or codebase principal - * @param target - is NS_ALL_PRIVILEGES. - * @param state - the return value is passed in this parameter. - */ - NS_IMETHOD - GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state); +/** + * Set the permission state for given principal and target. This wouldn't + * prompt the end user with UI. + * + * @param prin - is either certificate principal or codebase principal + * @param target - is NS_ALL_PRIVILEGES. + * @param state - is permisson state that should be set for the given prin + * and target parameters. + */ +NS_IMETHOD +SetPermission(nsIPrincipal * prin, nsTarget* target, nsPermission state); - /** - * Set the permission state for given principal and target. This wouldn't - * prompt the end user with UI. - * - * @param prin - is either certificate principal or codebase principal - * @param target - is NS_ALL_PRIVILEGES. - * @param state - is permisson state that should be set for the given prin - * and target parameters. - */ - NS_IMETHOD - SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state); - - /** - * Prompts the user if they want to grant permission for the given principal and - * for the given target. - * - * @param prin - is either certificate principal or codebase principal - * @param target - is NS_ALL_PRIVILEGES. - * @param result - is the permission user has given for the given principal and - * target - */ - NS_IMETHOD - AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result); +/** + * Prompts the user if they want to grant permission for the given principal and + * for the given target. + * + * @param prin - is either certificate principal or codebase principal + * @param target - is NS_ALL_PRIVILEGES. + * @param result - is the permission user has given for the given principal and + * target + */ +NS_IMETHOD +AskPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * result); - /* - * All of the following methods are used by JS (the code located - * in lib/libmocha area). - */ +/* + * All of the following methods are used by JS (the code located + * in lib/libmocha area). + */ - /** - * Initializes the capabilities subsytem (ie setting the system principal, initializing - * privilege Manager, creating the capsManager factory etc - * - * @param result - is true if principal was successfully registered with the system - */ - NS_IMETHOD - Initialize(PRBool *result); +/** + * Initializes the capabilities subsytem (ie setting the system principal, initializing + * privilege Manager, creating the capsManager factory etc + * + * @param result - is true if principal was successfully registered with the system + */ +NS_IMETHOD +Initialize(PRBool * result); - NS_IMETHOD - InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface); +NS_IMETHOD +InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface); - /** - * Registers the given Principal with the system. - * - * @param prin - is either certificate principal or codebase principal - * @param result - is true if principal was successfully registered with the system - */ - NS_IMETHOD - RegisterPrincipal(nsIPrincipal* prin, PRBool *result); +/** + * Registers the given Principal with the system. + * + * @param prin - is either certificate principal or codebase principal + * @param result - is true if principal was successfully registered with the system + */ +NS_IMETHOD +RegisterPrincipal(nsIPrincipal * prin); - /** - * Prompts the user if they want to grant permission for the principal located - * at the given stack depth for the given target. - * - * @param context - is the parameter JS needs to determinte the principal - * @param targetName - is the name of the target. - * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the - * principal - * @param result - is true if user has given permission for the given principal and - * target - */ - NS_IMETHOD - EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); +/** + * Prompts the user if they want to grant permission for the principal located + * at the given stack depth for the given target. + * + * @param context - is the parameter JS needs to determinte the principal + * @param targetName - is the name of the target. + * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the + * principal + * @param result - is true if user has given permission for the given principal and + * target + */ +NS_IMETHOD +EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); - /** - * Returns if the user granted permission for the principal located at the given - * stack depth for the given target. - * - * @param context - is the parameter JS needs to determinte the principal - * @param targetName - is the name of the target. - * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the - * principal - * @param result - is true if user has given permission for the given principal and - * target - */ - NS_IMETHOD - IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); +/** + * Returns if the user granted permission for the principal located at the given + * stack depth for the given target. + * + * @param context - is the parameter JS needs to determinte the principal + * @param targetName - is the name of the target. + * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the + * principal + * @param result - is true if user has given permission for the given principal and + * target + */ +NS_IMETHOD +IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); - /** - * Reverts the permission (granted/denied) user gave for the principal located - * at the given stack depth for the given target. - * - * @param context - is the parameter JS needs to determinte the principal - * @param targetName - is the name of the target. - * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the - * principal - * @param result - is true if user has given permission for the given principal and - * target - */ - NS_IMETHOD - RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); +/** + * Reverts the permission (granted/denied) user gave for the principal located + * at the given stack depth for the given target. + * + * @param context - is the parameter JS needs to determinte the principal + * @param targetName - is the name of the target. + * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the + * principal + * @param result - is true if user has given permission for the given principal and + * target + */ +NS_IMETHOD +RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); - /** - * Disable permissions for the principal located at the given stack depth for the - * given target. - * - * @param context - is the parameter JS needs to determinte the principal - * @param targetName - is the name of the target. - * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the - * principal - * @param result - is true if user has given permission for the given principal and - * target - */ - NS_IMETHOD - DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); +/** + * Disable permissions for the principal located at the given stack depth for the + * given target. + * + * @param context - is the parameter JS needs to determinte the principal + * @param targetName - is the name of the target. + * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the + * principal + * @param result - is true if user has given permission for the given principal and + * target + */ +NS_IMETHOD +DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result); - /* XXX: Some of the arguments for the following interfaces may change. - * This is a first cut. I need to talk to joki. We should get rid of void* parameters. - */ - NS_IMETHOD - ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result); +/* XXX: Some of the arguments for the following interfaces may change. + * This is a first cut. I need to talk to joki. We should get rid of void* parameters. + */ +NS_IMETHOD +ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result); - NS_IMETHOD - IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result); +NS_IMETHOD +IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result); - NS_IMETHOD - CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result); +NS_IMETHOD +CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result); - /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */ +/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */ +/* +NS_IMETHOD +NewPrincipal(PRInt16 prinType, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result); - NS_IMETHOD - NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result); +NS_IMETHOD +IsCodebaseExact(nsIPrincipal* principal, PRBool *result); - NS_IMETHOD - IsCodebaseExact(nsIPrincipal* principal, PRBool *result); +NS_IMETHOD +ToString(nsIPrincipal* principal, char* *result); - NS_IMETHOD - ToString(nsIPrincipal* principal, char* *result); +NS_IMETHOD +GetVendor(nsIPrincipal* principal, char* *result); +*/ +NS_IMETHOD +CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result); - NS_IMETHOD - GetVendor(nsIPrincipal* principal, char* *result); +NS_IMETHOD +NewPrincipalArray(PRUint32 count, void* *result); - NS_IMETHOD - CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result); +NS_IMETHOD +FreePrincipalArray(void *prinArray); - NS_IMETHOD - NewPrincipalArray(PRUint32 count, void* *result); +NS_IMETHOD +GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * * result); - NS_IMETHOD - FreePrincipalArray(void *prinArray); +NS_IMETHOD +SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * principal); - NS_IMETHOD - GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *result); +NS_IMETHOD +GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result); - NS_IMETHOD - SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* principal); +/* The following interfaces will replace all of the following old calls. + * + * nsCapsGetPermission(struct nsPrivilege *privilege) + * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target) + * + */ +NS_IMETHOD +IsAllowed(void *annotation, char* target, PRBool *result); - NS_IMETHOD - GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result); +//////////////////////////////////////////////////////////////////////////// +// from nsCCapsManager: - /* The following interfaces will replace all of the following old calls. - * - * nsCapsGetPermission(struct nsPrivilege *privilege) - * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target) - * - */ - NS_IMETHOD - IsAllowed(void *annotation, char* target, PRBool *result); +nsCCapsManager(nsISupports *aOuter); +virtual ~nsCCapsManager(void); - /* XXX: TODO: We need to set up the JS frame walking callbacks */ +void +CreateNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray); +/* +NS_METHOD +GetNSPrincipal(nsIPrincipal * pNSIPrincipal, nsIPrincipal ** ppNSPRincipal); +*/ +NS_METHOD +GetNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray); +nsPermission +ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege); +nsPrivilege * +ConvertPermissionToPrivilege(nsPermission state); - //////////////////////////////////////////////////////////////////////////// - // from nsCCapsManager: - - nsCCapsManager(nsISupports *aOuter); - virtual ~nsCCapsManager(void); - - void - CreateNSPrincipalArray(nsPrincipalArray* prinArray, - nsPrincipalArray* *pPrincipalArray); - - NS_METHOD - GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPRincipal); - - NS_METHOD - GetNSPrincipalArray(nsPrincipalArray* prinArray, - nsPrincipalArray* *pPrincipalArray); - - nsPermission - ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege); - - nsPrivilege * - ConvertPermissionToPrivilege(nsPermission state); - - void - SetSystemPrivilegeManager(); - +void +SetSystemPrivilegeManager(); protected: - nsPrivilegeManager *m_pNSPrivilegeManager; + nsPrivilegeManager * privilegeManager; }; #endif // nsCCapsManager_h___ diff --git a/caps/include/nsCCodeSourcePrincipal.h b/caps/include/nsCCodeSourcePrincipal.h deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/include/nsCaps.h b/caps/include/nsCaps.h index 6584453b224..1fcaf61e94d 100644 --- a/caps/include/nsCaps.h +++ b/caps/include/nsCaps.h @@ -21,14 +21,13 @@ #include "prtypes.h" #include "nsCapsEnums.h" - PR_BEGIN_EXTERN_C -struct nsPrincipal; -struct nsTarget; +class nsTarget; +class nsIPrincipal; +class nsPrivilegeTable; struct nsPrivilegeManager; struct nsPrivilege; -struct nsPrivilegeTable; struct NSJSJavaFrameWrapper; /* wrappers for nsPrivilegeManager object */ @@ -36,19 +35,19 @@ PR_IMPLEMENT(PRBool) nsCapsInitialize(); PR_EXTERN(PRBool) -nsCapsRegisterPrincipal(struct nsPrincipal *principal); +nsCapsRegisterPrincipal(class nsIPrincipal * principal); PR_EXTERN(PRBool) -nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth); +nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth); PR_EXTERN(PRBool) -nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth); +nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth); PR_EXTERN(PRBool) -nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth); +nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth); PR_EXTERN(PRBool) -nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth); +nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth); PR_EXTERN(void*) nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth); @@ -63,38 +62,39 @@ PR_EXTERN(PRBool) nsCapsCanExtendTrust(void* from, void* to); + /* wrappers for nsPrincipal object */ -PR_EXTERN(struct nsPrincipal *) -nsCapsNewPrincipal(nsPrincipalType type, void * key, +PR_EXTERN(class nsIPrincipal *) +nsCapsNewPrincipal(PRInt16 * principalType, void * key, PRUint32 key_len, void *zig); PR_EXTERN(const char *) -nsCapsPrincipalToString(struct nsPrincipal *principal); +nsCapsPrincipalToString(nsIPrincipal * principal); PR_EXTERN(PRBool) -nsCapsIsCodebaseExact(struct nsPrincipal *principal); +nsCapsIsCodebaseExact(nsIPrincipal * principal); PR_EXTERN(const char *) -nsCapsPrincipalGetVendor(struct nsPrincipal *principal); +nsCapsPrincipalGetVendor(nsIPrincipal * principal); PR_EXTERN(void *) nsCapsNewPrincipalArray(PRUint32 count); PR_EXTERN(void) -nsCapsFreePrincipalArray(void *prinArray); +nsCapsFreePrincipalArray(void * prinArray); PR_EXTERN(void *) -nsCapsGetPrincipalArrayElement(void *prinArray, PRUint32 index); +nsCapsGetPrincipalArrayElement(void * prinArray, PRUint32 index); PR_EXTERN(void) -nsCapsSetPrincipalArrayElement(void *prinArray, PRUint32 index, void *element); +nsCapsSetPrincipalArrayElement(void * prinArray, PRUint32 index, void *element); PR_EXTERN(PRUint32) -nsCapsGetPrincipalArraySize(void *prinArray); +nsCapsGetPrincipalArraySize(void * prinArray); /* wrappers for nsTarget object */ -PR_EXTERN(struct nsTarget *) +PR_EXTERN(class nsTarget *) nsCapsFindTarget(char *name); @@ -104,8 +104,8 @@ nsCapsGetPermission(struct nsPrivilege *privilege); /* wrappers for nsPrivilegeTable object */ -PR_EXTERN(struct nsPrivilege *) -nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target); +PR_EXTERN(nsPrivilege *) +nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget * target); /* Methods for stack walking */ diff --git a/caps/include/nsCertificatePrincipal.h b/caps/include/nsCertificatePrincipal.h index a549f6d30cd..34a179841b9 100644 --- a/caps/include/nsCertificatePrincipal.h +++ b/caps/include/nsCertificatePrincipal.h @@ -16,85 +16,64 @@ * Reserved. */ -#ifndef nsCertificatePrincipal_h___ -#define nsCertificatePrincipal_h___ - -#include "nsICertificatePrincipal.h" -#include "nsPrincipal.h" +#ifndef _NS_CERTIFICATE_PRINCIPAL_H_ +#define _NS_CERTIFICATE_PRINCIPAL_H_ +#include "nsVector.h" +#include "nsIPrincipal.h" class nsCertificatePrincipal : public nsICertificatePrincipal { public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports: - NS_DECL_ISUPPORTS - //////////////////////////////////////////////////////////////////////////// - // from nsIPrincipal: + NS_DECL_ISUPPORTS - NS_IMETHOD - IsTrusted(const char* scope, PRBool *pbIsTrusted); - - //////////////////////////////////////////////////////////////////////////// - // from nsICertificatePrincipal: - /** - * Returns the public key of the certificate. - * - * @param publicKey - the Public Key data will be returned in this field. - * @param publicKeySize - the length of public key data is returned in this - * parameter. - */ - NS_IMETHOD - GetPublicKey(char **publicKey, PRUint32 *publicKeySize); + NS_IMETHOD + GetPublicKey(char ** pk, PRUint32 * pkSize); - /** - * Returns the company name of the ceritificate (OU etc parameters of certificate) - * - * @param result - the certificate details about the signer. - */ - NS_IMETHOD - GetCompanyName(char **ppCompanyName); + NS_IMETHOD + GetCompanyName(char ** cn); - /** - * Returns the certificate issuer's data (OU etc parameters of certificate) - * - * @param result - the details about the issuer - */ - NS_IMETHOD - GetCertificateAuthority(char **ppCertAuthority); + NS_IMETHOD + GetCertificateAuthority(char ** ca); - /** - * Returns the serial number of certificate - * - * @param result - Returns the serial number of certificate - */ - NS_IMETHOD - GetSerialNumber(char **ppSerialNumber); + NS_IMETHOD + GetSerialNumber(char ** sn); - /** - * Returns the expiration date of certificate - * - * @param result - Returns the expiration date of certificate - */ - NS_IMETHOD - GetExpirationDate(char **ppExpDate); + NS_IMETHOD + GetExpirationDate(char ** ed); - /** - * Returns the finger print of certificate - * - * @param result - Returns the finger print of certificate - */ - NS_IMETHOD - GetFingerPrint(char **ppFingerPrint); + NS_IMETHOD + GetFingerPrint(char ** fp); - //////////////////////////////////////////////////////////////////////////// - // from nsCertificatePrincipal: - nsCertificatePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result); - nsCertificatePrincipal(nsPrincipal *pNSPrincipal); + NS_IMETHOD + GetType(PRInt16 * type); - virtual ~nsCertificatePrincipal(void); - nsPrincipal *GetPeer(void); + NS_IMETHOD + IsSecure(PRBool * result); + + NS_IMETHOD + ToString(char ** result); + + NS_IMETHOD + HashCode(PRUint32 * code); + + NS_IMETHOD + Equals(nsIPrincipal * other, PRBool * result); + + nsCertificatePrincipal(PRInt16 * type, const unsigned char ** certChain, + PRUint32 * certChainLengths, PRUint32 noOfCerts, nsresult * result); + virtual ~nsCertificatePrincipal(void); protected: - nsPrincipal *m_pNSPrincipal; + PRInt16 itsType; + char * itsKey; + PRUint32 itsKeyLength; + nsVector * itsCertificateArray; + char * itsCompanyName; + char * itsCertificateAuthority; + char * itsSerialNumber; + char * itsExpirationDate; + char * itsFingerPrint; + char * itsNickname; + char * itsString; }; -#endif // nsCCertificatePrincipal_h___ +#endif // _NS_CERTIFICATE_PRINCIPAL_H_ diff --git a/caps/include/nsCodebasePrincipal.h b/caps/include/nsCodebasePrincipal.h index ff2ffed28d5..ed9a58ae3f3 100644 --- a/caps/include/nsCodebasePrincipal.h +++ b/caps/include/nsCodebasePrincipal.h @@ -16,48 +16,46 @@ * Reserved. */ -#ifndef nsCodebasePrincipal_h___ -#define nsCodebasePrincipal_h___ +#ifndef _NS_CODEBASE_PRINCIPAL_H_ +#define _NS_CODEBASE_PRINCIPAL_H_ -#include "nsICodebasePrincipal.h" -#include "nsPrincipal.h" +#include "nsIPrincipal.h" class nsCodebasePrincipal : public nsICodebasePrincipal { public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports: - NS_DECL_ISUPPORTS + NS_DECL_ISUPPORTS - //////////////////////////////////////////////////////////////////////////// - // from nsIPrincipal: + NS_IMETHOD + GetURL(char ** cburl); - NS_IMETHOD - IsTrusted(const char* scope, PRBool *pbIsTrusted); - + NS_IMETHOD + IsCodebaseExact(PRBool * result); - /////////////////////////////////////////////////////////////////////////// - // from nsICodebasePrincipal: + NS_IMETHOD + IsCodebaseRegex(PRBool * result); - /** - * Returns the codebase URL of the principal. - * - * @param result - the resulting codebase URL - */ - NS_IMETHOD - GetURL(char **ppCodeBaseURL); + NS_IMETHOD + GetType(PRInt16 * type); - //////////////////////////////////////////////////////////////////////////// - // from nsCCodebasePrincipal: + NS_IMETHOD + IsSecure(PRBool * result); - nsCodebasePrincipal(const char *codebaseURL, nsresult *result); - nsCodebasePrincipal(nsPrincipal *pNSPrincipal); + NS_IMETHOD + ToString(char ** result); - virtual ~nsCodebasePrincipal(void); - nsPrincipal *GetPeer(void); + NS_IMETHOD + HashCode(PRUint32 * code); + + NS_IMETHOD + Equals(nsIPrincipal * other, PRBool * result); + + nsCodebasePrincipal(PRInt16 * type, const char *codebaseURL); + virtual ~nsCodebasePrincipal(void); protected: - nsPrincipal *m_pNSPrincipal; + const char * codeBaseURL; + PRInt16 * itsType; }; -#endif // nsCCodebasePrincipal_h___ +#endif // _NS_CODEBASE_PRINCIPAL_H_ diff --git a/caps/include/nsPrincipal.h b/caps/include/nsPrincipal.h deleted file mode 100755 index e69de29bb2d..00000000000 diff --git a/caps/include/nsPrincipalTools.h b/caps/include/nsPrincipalTools.h new file mode 100644 index 00000000000..85fb99f5680 --- /dev/null +++ b/caps/include/nsPrincipalTools.h @@ -0,0 +1,34 @@ +#ifndef _NS_PRINCIPAL_TOOLS_H_ +#define _NS_PRINCIPAL_TOOLS_H_ + +#include "nsIPrincipal.h" +#include "nsHashtable.h" + +typedef nsVector nsPrincipalArray; + +class PrincipalKey: public nsHashKey { +public: + nsIPrincipal * itsPrincipal; + + PrincipalKey(nsIPrincipal * prin) { + itsPrincipal = prin; + } + + PRUint32 HashValue(void) const { + PRUint32 * code; + itsPrincipal->HashCode(code); + return *code; + } + + PRBool Equals(const nsHashKey * aKey) const { + PRBool * result; + itsPrincipal->Equals(((const PrincipalKey *) aKey)->itsPrincipal, result); + return *result; + } + + nsHashKey * Clone(void) const { + return new PrincipalKey(itsPrincipal); + } +}; + +#endif _NS_PRINCIPAL_TOOLS_H_ \ No newline at end of file diff --git a/caps/include/nsPrivilege.h b/caps/include/nsPrivilege.h index c5ccee350ac..d9f91d8f50c 100755 --- a/caps/include/nsPrivilege.h +++ b/caps/include/nsPrivilege.h @@ -20,7 +20,7 @@ #define _NS_PRIVILEGE_H_ #include "prtypes.h" -#include "nsCaps.h" +//#include "nsCaps.h" #include "nsCapsEnums.h" PRBool nsPrivilegeInitialize(void); diff --git a/caps/include/nsPrivilegeManager.h b/caps/include/nsPrivilegeManager.h index 78f96e319d8..b93c5da41cf 100755 --- a/caps/include/nsPrivilegeManager.h +++ b/caps/include/nsPrivilegeManager.h @@ -23,11 +23,11 @@ #include "prio.h" #include "prmon.h" #include "nsHashtable.h" - #include "nsVector.h" #include "nsCaps.h" #include "nsTarget.h" -#include "nsPrincipal.h" +#include "nsIPrincipal.h" +#include "nsPrincipalTools.h" #include "nsPrivilege.h" #include "nsPrivilegeTable.h" #include "nsSystemPrivilegeTable.h" @@ -45,190 +45,221 @@ PRBool nsPrivilegeManagerInitialize(void); struct nsPrivilegeManager { public: - /* Public Methods */ +/* Public Methods */ - nsPrivilegeManager(void); - virtual ~nsPrivilegeManager(void); +nsPrivilegeManager(void); +virtual ~nsPrivilegeManager(void); - void registerSystemPrincipal(nsPrincipal *principal); +void +RegisterSystemPrincipal(nsIPrincipal * principal); - void registerPrincipal(nsPrincipal *principal); +void +RegisterPrincipal(nsIPrincipal * principal); - PRBool unregisterPrincipal(nsPrincipal *principal); +PRBool +UnregisterPrincipal(nsIPrincipal * principal); - PRBool isPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth); +PRBool +IsPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth); - PRBool isPrivilegeEnabled(void* context, nsTarget *target, - PRInt32 callerDepth); +PRBool +IsPrivilegeEnabled(void* context, nsTarget *target, + PRInt32 callerDepth); - PRBool enablePrivilege(nsTarget *target, PRInt32 callerDepth); +PRBool +EnablePrivilege(nsTarget *target, PRInt32 callerDepth); - PRBool enablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth); +PRBool +EnablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth); - PRBool enablePrivilege(nsTarget *target, nsPrincipal *preferredPrincipal, - PRInt32 callerDepth); +PRBool +EnablePrivilege(nsTarget *target, nsIPrincipal *preferredPrincipal, + PRInt32 callerDepth); - PRBool enablePrivilege(void* context, nsTarget *target, - nsPrincipal *preferredPrincipal, - PRInt32 callerDepth); +PRBool +EnablePrivilege(void* context, nsTarget *target, nsIPrincipal * preferredPrincipal, + PRInt32 callerDepth); - PRBool revertPrivilege(nsTarget *target, PRInt32 callerDepth); +PRBool +RevertPrivilege(nsTarget *target, PRInt32 callerDepth); - PRBool revertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth); +PRBool +RevertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth); - PRBool disablePrivilege(nsTarget *target, PRInt32 callerDepth); +PRBool +DisablePrivilege(nsTarget *target, PRInt32 callerDepth); - PRBool disablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth); +PRBool +DisablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth); - PRBool enablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth, - nsPrincipal *preferredPrin, void * data, - nsTarget *impersonator); +PRBool +EnablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth, + nsIPrincipal * preferredPrin, void * data, + nsTarget *impersonator); - PRBool enablePrincipalPrivilegeHelper(void* context, nsTarget *target, - PRInt32 callerDepth, - nsPrincipal *preferredPrin, - void * data, - nsTarget *impersonator); +PRBool +EnablePrincipalPrivilegeHelper(void* context, nsTarget *target, + PRInt32 callerDepth, + nsIPrincipal * preferredPrin, + void * data, + nsTarget *impersonator); - nsPrivilegeTable *enableScopePrivilegeHelper(nsTarget *target, - PRInt32 callerDepth, - void *data, - PRBool helpingSetScopePrivilege, - nsPrincipal *prefPrin); +nsPrivilegeTable * +EnableScopePrivilegeHelper(nsTarget *target, + PRInt32 callerDepth, + void *data, + PRBool helpingSetScopePrivilege, + nsIPrincipal * prefPrin); - nsPrivilegeTable *enableScopePrivilegeHelper(void* context, nsTarget *target, - PRInt32 callerDepth, void *data, - PRBool helpingSetScopePrivilege, - nsPrincipal *prefPrin); +nsPrivilegeTable * +EnableScopePrivilegeHelper(void* context, nsTarget *target, + PRInt32 callerDepth, void *data, + PRBool helpingSetScopePrivilege, + nsIPrincipal * prefPrin); - PRBool AskPermission(nsPrincipal* useThisPrin, nsTarget* target, void* data); +PRBool +AskPermission(nsIPrincipal * useThisPrin, nsTarget* target, void* data); - void SetPermission(nsPrincipal *useThisPrin, nsTarget *target, - nsPrivilege *newPrivilege); +void +SetPermission(nsIPrincipal * useThisPrin, nsTarget * target, nsPrivilege * newPrivilege); - void registerPrincipalAndSetPrivileges(nsPrincipal *principal, - nsTarget *target, - nsPrivilege *newPrivilege); +void +RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsTarget * target, nsPrivilege * newPrivilege); - void updatePrivilegeTable(nsTarget *target, - nsPrivilegeTable *privTable, - nsPrivilege *newPrivilege); +void +UpdatePrivilegeTable(nsTarget *target, nsPrivilegeTable * privTable, nsPrivilege * newPrivilege); - PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth); +PRBool +CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth); - PRBool checkPrivilegeGranted(void* context, nsTarget *target, - PRInt32 callerDepth); +PRBool +CheckPrivilegeGranted(void* context, nsTarget *target, + PRInt32 callerDepth); - PRBool checkPrivilegeGranted(nsTarget *target, nsPrincipal *principal, - void *data); +PRBool +CheckPrivilegeGranted(nsTarget *target, nsIPrincipal * principal, void *data); - PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, - void *data); +PRBool +CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, void *data); - PRBool checkPrivilegeGranted(void* context, nsTarget *target, - PRInt32 callerDepth, void *data); +PRBool +CheckPrivilegeGranted(void * context, nsTarget * target, + PRInt32 callerDepth, void * data); - nsPrivilege *getPrincipalPrivilege(nsTarget *target, nsPrincipal *prin, - void *data); +nsPrivilege * +GetPrincipalPrivilege(nsTarget * target, nsIPrincipal * prin, void * data); - static nsPrivilegeManager * getPrivilegeManager(void); +static nsPrivilegeManager * +GetPrivilegeManager(void); - static nsPrincipalArray* getMyPrincipals(PRInt32 callerDepth); +static nsPrincipalArray * +GetMyPrincipals(PRInt32 callerDepth); - static nsPrincipalArray* getMyPrincipals(void* context, PRInt32 callerDepth); +static nsPrincipalArray * +GetMyPrincipals(void* context, PRInt32 callerDepth); - static nsPrincipal * getSystemPrincipal(void); +static nsIPrincipal * +GetSystemPrincipal(void); - static PRBool hasSystemPrincipal(nsPrincipalArray *prinArray); +static PRBool +HasSystemPrincipal(nsPrincipalArray * prinArray); - static nsPrincipal* getUnsignedPrincipal(void); +static nsIPrincipal * +GetUnsignedPrincipal(void); - static nsPrincipal* getUnknownPrincipal(void); +static nsIPrincipal * +GetUnknownPrincipal(void); - nsSetComparisonType comparePrincipalArray(nsPrincipalArray* prin1Array, - nsPrincipalArray* prin2Array); +nsSetComparisonType +ComparePrincipalArray(nsPrincipalArray * prin1Array, nsPrincipalArray * prin2Array); - nsPrincipalArray* intersectPrincipalArray(nsPrincipalArray* prin1Array, - nsPrincipalArray* prin2Array); +nsPrincipalArray * +IntersectPrincipalArray(nsPrincipalArray * pa1, nsPrincipalArray * pa2); - PRBool canExtendTrust(nsPrincipalArray* prin1Array, - nsPrincipalArray* prin2Array); +PRBool +CanExtendTrust(nsPrincipalArray * pa1, nsPrincipalArray * pa2); - PRBool checkMatchPrincipal(nsPrincipal *principal, PRInt32 callerDepth); +PRBool +CheckMatchPrincipal(nsIPrincipal * principal, PRInt32 callerDepth); - PRBool checkMatchPrincipal(void* context, nsPrincipal *principal, - PRInt32 callerDepth); +PRBool +CheckMatchPrincipal(void* context, nsIPrincipal * principal, PRInt32 callerDepth); - /* Helper functions for ADMIN UI */ - const char * getAllPrincipalsString(void); +/* Helper functions for ADMIN UI */ +const char * +GetAllPrincipalsString(void); - nsPrincipal * getPrincipalFromString(char *prinName); +nsIPrincipal * +GetPrincipalFromString(char *prinName); - void getTargetsWithPrivileges(char *prinName, char** forever, - char** session, char **denied); +void +GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied); - PRBool removePrincipal(char *prinName); +PRBool +RemovePrincipal(char *prinName); - PRBool removePrincipalsPrivilege(char *prinName, char *targetName); +PRBool +RemovePrincipalsPrivilege(char *prinName, char *targetName); - void remove(nsPrincipal *prin, nsTarget *target); - /* The following are old native methods */ - char * checkPrivilegeEnabled(nsTargetArray* targetArray, - PRInt32 callerDepth, void *data); +void +Remove(nsIPrincipal *prin, nsTarget *target); - char * checkPrivilegeEnabled(void* context, nsTargetArray* targetArray, - PRInt32 callerDepth, void *data); +/* The following are old native methods */ +char * +CheckPrivilegeEnabled(nsTargetArray* targetArray, PRInt32 callerDepth, void *data); - nsPrincipalArray* getClassPrincipalsFromStack(PRInt32 callerDepth); +char * +CheckPrivilegeEnabled(void* context, nsTargetArray* targetArray, PRInt32 callerDepth, void *data); - nsPrincipalArray* getClassPrincipalsFromStack(void* context, - PRInt32 callerDepth); +nsPrincipalArray * +GetClassPrincipalsFromStack(PRInt32 callerDepth); - nsPrivilegeTable * getPrivilegeTableFromStack(PRInt32 callerDepth, - PRBool createIfNull); +nsPrincipalArray * +GetClassPrincipalsFromStack(void* context, PRInt32 callerDepth); - nsPrivilegeTable * getPrivilegeTableFromStack(void* context, - PRInt32 callerDepth, - PRBool createIfNull); +nsPrivilegeTable * +GetPrivilegeTableFromStack(PRInt32 callerDepth, PRBool createIfNull); - /* End of native methods */ +nsPrivilegeTable * +GetPrivilegeTableFromStack(void* context, PRInt32 callerDepth, PRBool createIfNull); + +/* End of native methods */ private: - nsHashtable *itsPrinToPrivTable; - nsHashtable *itsPrinToMacroTargetPrivTable; - nsHashtable *itsPrinNameToPrincipalTable; +nsHashtable * itsPrinToPrivTable; +nsHashtable * itsPrinToMacroTargetPrivTable; +nsHashtable * itsPrinNameToPrincipalTable; - static PRBool theSecurityInited; +static PRBool theSecurityInited; - static char * SignedAppletDBName; +static char * SignedAppletDBName; - static PRBool theInited; +static PRBool theInited; - /* Private Field Accessors */ +/* Private Methods */ - /* Private Methods */ +void +AddToPrinNameToPrincipalTable(nsIPrincipal *prin); - void addToPrinNameToPrincipalTable(nsPrincipal *prin); +PRBool +EnablePrivilegePrivate(void* context, nsTarget *target, nsIPrincipal *preferredPrincipal, + PRInt32 callerDepth); - PRBool enablePrivilegePrivate(void* context, nsTarget *target, - nsPrincipal *preferredPrincipal, - PRInt32 callerDepth); +nsPermissionState +GetPrincipalPrivilege(nsTarget *target, nsPrincipalArray* callerPrinArray, void * data); - nsPermissionState getPrincipalPrivilege(nsTarget *target, - nsPrincipalArray* callerPrinArray, - void *data); - - PRBool isPermissionGranted(nsTarget *target, - nsPrincipalArray* callerPrinArray, - void *data); +PRBool +IsPermissionGranted(nsTarget *target, nsPrincipalArray* callerPrinArray, void *data); /* The following methods are used to save and load the persistent store */ - void save(nsPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege); +void +Save(nsIPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege); - void load(void); +void +Load(void); }; diff --git a/caps/include/nsPrivilegeTable.h b/caps/include/nsPrivilegeTable.h index 55a194f9fe7..a7e26fc4ae1 100755 --- a/caps/include/nsPrivilegeTable.h +++ b/caps/include/nsPrivilegeTable.h @@ -25,33 +25,31 @@ #include "nsTarget.h" #include "nsPrivilege.h" -struct nsPrivilegeTable { +class nsPrivilegeTable { public: - /* Public Methods */ nsPrivilegeTable(void); virtual ~nsPrivilegeTable(void); - PRInt32 size(void); + PRInt32 Size(void); - PRBool isEmpty(void); + PRBool IsEmpty(void); - virtual nsPrivilege * get(nsTarget *t); + virtual nsPrivilege * Get(nsTarget * t); - nsPrivilege * put(nsTarget *a, nsPrivilege *priv); + nsPrivilege * Put(nsTarget * a, nsPrivilege * priv); - nsPrivilege * remove(nsTarget *key); + nsPrivilege * Remove(nsTarget * key); - nsPrivilegeTable * clone(void); + nsPrivilegeTable * Clone(void); - void clear(void); + void Clear(void); void Enumerate(nsHashtableEnumFunc aEnumFunc); private: - /* Private Field Accessors */ nsHashtable * itsTable; }; diff --git a/caps/include/nsTarget.h b/caps/include/nsTarget.h index 37ec37dece3..5402cf50f6c 100755 --- a/caps/include/nsTarget.h +++ b/caps/include/nsTarget.h @@ -22,11 +22,10 @@ #include #include "prtypes.h" #include "plhash.h" - #include "nsHashtable.h" #include "nsVector.h" -#include "nsCaps.h" -#include "nsPrincipal.h" +//#include "nsCaps.h" +#include "nsIPrincipal.h" #include "nsPrivilege.h" #include "nsUserDialogHelper.h" @@ -49,9 +48,9 @@ extern char* capsGetString(int id); PR_END_EXTERN_C -extern PRBool CreateSystemTargets(nsPrincipal *sysPrin); +extern PRBool CreateSystemTargets(nsIPrincipal *sysPrin); -struct nsTarget { +class nsTarget { public: @@ -59,84 +58,83 @@ public: virtual ~nsTarget(void); - nsTarget(char *name, nsPrincipal *prin, - PRInt32 risk = JavaSecUI_targetRiskHigh(), - /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */ - char *riskColor = "High", - char *description = NULL, - char *detailDescription = NULL, - char *url = NULL, - nsTargetArray* targetArray = NULL) - { - init(name, prin, targetArray, risk, riskColor, description, - detailDescription, url); + nsTarget(char *name, nsIPrincipal * prin, + PRInt32 risk = JavaSecUI_targetRiskHigh(), + /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */ + char * riskColor = "High", + char * description = NULL, + char * detailDescription = NULL, + char * url = NULL, + nsTargetArray* targetArray = NULL) + { + this->Init(name, prin, targetArray, risk, riskColor, description, detailDescription, url); } - nsTarget(char *name, nsPrincipal *prin, - PRInt32 risk = JavaSecUI_targetRiskHigh(), - /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */ - char *riskColor = "High", - int desc_id = 0, - int detail_desc_id = 0, - int help_url_id = 0, - nsTargetArray* targetArray = NULL); + nsTarget(char *name, nsIPrincipal * prin, + PRInt32 risk = JavaSecUI_targetRiskHigh(), + /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */ + char * riskColor = "High", + int desc_id = 0, + int detail_desc_id = 0, + int help_url_id = 0, + nsTargetArray* targetArray = NULL); - nsTarget * registerTarget(void); + nsTarget * RegisterTarget(void); - nsTarget * registerTarget(void* context); + nsTarget * RegisterTarget(void* context); - static nsTarget * findTarget(nsTarget *target); + static nsTarget * FindTarget(nsTarget *target); - static nsTarget * findTarget(char *name); + static nsTarget * FindTarget(char * name); - static nsTarget * findTarget(char *name, nsPrincipal *prin); + static nsTarget * FindTarget(char * name, nsIPrincipal *prin); - nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray, void *data); + nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray, void *data); - nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray); + nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray); - nsPrivilege * checkPrivilegeEnabled(nsPrincipal *p, void *data); + nsPrivilege * CheckPrivilegeEnabled(nsIPrincipal *p, void *data); - virtual nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data); + virtual nsPrivilege * EnablePrivilege(nsIPrincipal *prin, void *data); - nsPrivilege * getPrincipalPrivilege(nsPrincipal *prin, void *data); + nsPrivilege * GetPrincipalPrivilege(nsIPrincipal *prin, void *data); - nsTargetArray* getFlattenedTargetArray(void); + nsTargetArray* GetFlattenedTargetArray(void); - static nsTargetArray* getAllRegisteredTargets(void); + static nsTargetArray* GetAllRegisteredTargets(void); - char * getRisk(void); + char * GetRisk(void); - char * getRiskColor(void); + char * GetRiskColor(void); - char * getDescription(void); + char * GetDescription(void); - char * getDetailDescription(void); + char * GetDetailDescription(void); - static nsTarget * getTargetFromDescription(char *a); + static nsTarget * GetTargetFromDescription(char *a); - char * getHelpURL(void); + char * GetHelpURL(void); - char * getDetailedInfo(void *a); + char * GetDetailedInfo(void *a); - nsPrincipal * getPrincipal(void); + nsIPrincipal * GetPrincipal(void); - char * getName(void); + char * GetName(void); - PRBool equals(nsTarget *a); + PRBool Equals(nsTarget *a); - PRInt32 hashCode(void); + PRInt32 HashCode(void); - char * toString(void); + char * ToString(void); - PRBool isRegistered(void); + PRBool IsRegistered(void); private: /* Private Field Accessors */ char * itsName; - nsPrincipal * itsPrincipal; + nsIPrincipal * itsPrincipal; PRInt32 itsRisk; @@ -161,9 +159,10 @@ private: static PRBool theInited; /* Private Methods */ - void init(char *name, nsPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk, char *riskColor, char *description, char *detailDescription, char *url); + void Init(char *name, nsIPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk, + char *riskColor, char *description, char *detailDescription, char *url); - void getFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray); + void GetFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray); }; @@ -176,11 +175,11 @@ public: } PRUint32 HashValue(void) const { - return itsTarget->hashCode(); + return itsTarget->HashCode(); } PRBool Equals(const nsHashKey *aKey) const { - return (itsTarget->equals(((const TargetKey *) aKey)->itsTarget)); + return (itsTarget->Equals(((const TargetKey *) aKey)->itsTarget)); } nsHashKey *Clone(void) const { diff --git a/caps/include/nsUserTarget.h b/caps/include/nsUserTarget.h index e8dc83c7b01..b87d28b2f3c 100755 --- a/caps/include/nsUserTarget.h +++ b/caps/include/nsUserTarget.h @@ -21,10 +21,9 @@ #include "prtypes.h" - #include "nsTarget.h" #include "nsPrivilege.h" -#include "nsPrincipal.h" +//#include "nsPrincipal.h" #include "nsCom.h" /* Any methods that is not defined here is in Java */ @@ -37,45 +36,43 @@ public: nsUserTarget(char *name); virtual ~nsUserTarget(void); - nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, - char *riskColor, char *description, - char *detailDescription, char *url) - : nsTarget(name, prin, risk, riskColor, description, detailDescription, - url, NULL) - { - } + nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, + char *riskColor, char *description, + char *detailDescription, char *url) + : nsTarget(name, prin, risk, riskColor, description, detailDescription, url, NULL) + { + } - nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, - char *riskColor, char *description, - char *detailDescription, char *url, - nsTargetArray *targetArray) - : nsTarget(name, prin, risk, riskColor, description, detailDescription, - url, targetArray) - { - } + nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, + char *riskColor, char *description, + char *detailDescription, char *url, + nsTargetArray *targetArray) + : nsTarget(name, prin, risk, riskColor, description, detailDescription, url, targetArray) + { + } - nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, - char *riskColor, - int desc_id, - int detail_desc_id, - int help_url_id) - : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, - help_url_id, NULL) - { - } + nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, + char *riskColor, + int desc_id, + int detail_desc_id, + int help_url_id) + : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, + help_url_id, NULL) + { + } - nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, - char *riskColor, - int desc_id, - int detail_desc_id, - int help_url_id, - nsTargetArray *targetArray) - : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, - help_url_id, targetArray) - { - } + nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, + char *riskColor, + int desc_id, + int detail_desc_id, + int help_url_id, + nsTargetArray *targetArray) + : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, + help_url_id, targetArray) + { + } - nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data); + nsPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data); private: diff --git a/caps/macbuild/Caps.mcp b/caps/macbuild/Caps.mcp index a7f0a88f457..e355fbf59ac 100644 Binary files a/caps/macbuild/Caps.mcp and b/caps/macbuild/Caps.mcp differ diff --git a/caps/macbuild/CapsIDL.mcp b/caps/macbuild/CapsIDL.mcp index 39f0b1f85ed..7ed81ab9690 100644 Binary files a/caps/macbuild/CapsIDL.mcp and b/caps/macbuild/CapsIDL.mcp differ diff --git a/caps/public/Makefile.in b/caps/public/Makefile.in index b885aa40575..f292d8b13aa 100644 --- a/caps/public/Makefile.in +++ b/caps/public/Makefile.in @@ -23,9 +23,9 @@ VPATH = @srcdir@ include $(DEPTH)/config/autoconf.mk -EXPORTS = \ - nsICapsManager.h \ - nsCapsPublicEnums.h \ +EXPORTS = \ + nsICapsManager.h \ + nsCapsPublicEnums.h \ $(NULL) EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS)) diff --git a/caps/public/makefile.win b/caps/public/makefile.win index e225c9680f8..b20e6c5ff65 100644 --- a/caps/public/makefile.win +++ b/caps/public/makefile.win @@ -28,9 +28,9 @@ IGNORE_MANIFEST=1 MODULE=caps DEPTH=..\.. -EXPORTS= \ - nsICapsManager.h \ - nsCapsPublicEnums.h +EXPORTS= \ + nsICapsManager.h \ + nsCapsPublicEnums.h diff --git a/caps/public/nsCapsPublicEnums.h b/caps/public/nsCapsPublicEnums.h index bbb46894114..e69de29bb2d 100644 --- a/caps/public/nsCapsPublicEnums.h +++ b/caps/public/nsCapsPublicEnums.h @@ -1,81 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#ifndef _NS_CAPS_PUBLIC_ENUMS_H_ -#define _NS_CAPS_PUBLIC_ENUMS_H_ - - -enum nsPermission { - nsPermission_Unknown, - nsPermission_AllowedSession, - nsPermission_DeniedSession, - nsPermission_AllowedForever, - nsPermission_DeniedForever -}; - -/** - * number of possible permissions (allowed, forbidden, or blank) - * - * The code in nsPrivilegeInitialize assumes that nsPermissionState - * are ordered sequentially from 0 to N. - * - */ -typedef enum nsPermissionState { - nsPermissionState_Forbidden = 0, - nsPermissionState_Allowed, - nsPermissionState_Blank, - nsPermissionState_NumberOfPermissions -} nsPermissionState; - -/** - * number of possible durations (scope, session, or forever) - * - * The code in nsPrivilegeInitialize assumes that nsDurationState - * are ordered sequentially from 0 to N. - * - */ -typedef enum nsDurationState { - nsDurationState_Scope=0, - nsDurationState_Session, - nsDurationState_Forever, - nsDurationState_NumberOfDurations -} nsDurationState; - - -typedef enum nsSetComparisonType { - nsSetComparisonType_ProperSubset=-1, - nsSetComparisonType_Equal=0, - nsSetComparisonType_NoSubset=1 -} nsSetComparisonType; - - -/* The following should match what is in nsJVM plugin's java security code */ -typedef enum nsPrincipalType { - nsPrincipalType_Unknown=-1, - nsPrincipalType_CodebaseExact=10, - nsPrincipalType_CodebaseRegexp, - nsPrincipalType_Cert, - nsPrincipalType_CertFingerPrint, - nsPrincipalType_CertKey, - /* CertChain principal is being added for Javasoft's JVM. They will pass the - * whole chain to the nsPrincipal constructor. - */ - nsPrincipalType_CertChain -} nsPrincipalType; - -#endif /* _NS_CAPS_PUBLIC_ENUMS_H_ */ diff --git a/caps/public/nsICapsManager.h b/caps/public/nsICapsManager.h index b475326bf7a..c05ac609765 100644 --- a/caps/public/nsICapsManager.h +++ b/caps/public/nsICapsManager.h @@ -23,10 +23,11 @@ #include "nsIFactory.h" #include "nsIPrincipal.h" #include "nsCapsPublicEnums.h" - -class nsITarget; +#include "nsTarget.h" +//class nsITarget; class nsICapsSecurityCallbacks; + #define NS_ALL_PRIVILEGES ((nsITarget*)NULL) @@ -80,9 +81,10 @@ public: * @param codebaseURL - the codebase URL * @param prin - the return value is passed in this parameter. */ +/* NS_IMETHOD CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin) = 0; - +*/ /** * Returns the permission for given principal and target @@ -92,7 +94,7 @@ public: * @param state - the return value is passed in this parameter. */ NS_IMETHOD - GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state) = 0; + GetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *state) = 0; /** * Set the permission state for given principal and target. This wouldn't @@ -104,7 +106,7 @@ public: * and target parameters. */ NS_IMETHOD - SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state) = 0; + SetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission state) = 0; /** * Prompts the user if they want to grant permission for the given principal and @@ -116,7 +118,7 @@ public: * target */ NS_IMETHOD - AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result) = 0; + AskPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *result) = 0; /* @@ -147,8 +149,8 @@ public: * @param prin - is either certificate principal or codebase principal * @param result - is true if principal was successfully registered with the system */ - NS_IMETHOD - RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0; +// NS_IMETHOD +// RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0; /** * Prompts the user if they want to grant permission for the principal located @@ -221,22 +223,22 @@ public: /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */ - +/* NS_IMETHOD NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result) = 0; NS_IMETHOD IsCodebaseExact(nsIPrincipal* principal, PRBool *result) = 0; - +*/ NS_IMETHOD CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result) = 0; - +/* NS_IMETHOD ToString(nsIPrincipal* principal, char* *result) = 0; NS_IMETHOD GetVendor(nsIPrincipal* principal, char* *result) = 0; - +*/ NS_IMETHOD NewPrincipalArray(PRUint32 count, void* *result) = 0; diff --git a/caps/src/Makefile.in b/caps/src/Makefile.in index 83a540f02c4..44128f961ad 100644 --- a/caps/src/Makefile.in +++ b/caps/src/Makefile.in @@ -27,23 +27,21 @@ MODULE = caps LIBRARY_NAME = caps -CPPSRCS = \ - nsUserDialogHelper.cpp \ - nsZig.cpp \ - nsPrincipal.cpp \ +CPPSRCS = \ + admin.cpp \ + nsCaps.cpp \ + nsCCapsManager.cpp \ + nsCCapsManagerFactory.cpp \ + nsCertificatePrincipal.cpp \ + nsCodebasePrincipal.cpp \ nsPrivilege.cpp \ nsPrivilegeManager.cpp \ nsPrivilegeTable.cpp \ nsSystemPrivilegeTable.cpp \ nsTarget.cpp \ + nsUserDialogHelper.cpp \ nsUserTarget.cpp \ - admin.cpp \ - nsCaps.cpp \ - nsCCapsManager.cpp \ - nsCertificatePrincipal.cpp \ - nsCodebasePrincipal.cpp \ - nsCCapsManagerFactory.cpp \ - nsCCodeSourcePrincipal.cpp \ + nsZig.cpp \ $(NULL) REQUIRES = nspr xpcom security layer js jar pref img util rdf caps @@ -52,10 +50,10 @@ ifndef MOZ_NATIVE_ZLIB REQUIRES += zlib endif -CSRCS = \ - nsZip.c \ - nsLoadZig.c \ +CSRCS = \ jpermission.c \ + nsLoadZig.c \ + nsZip.c \ $(NULL) include $(topsrcdir)/config/rules.mk diff --git a/caps/src/admin.cpp b/caps/src/admin.cpp index 18b220bec87..434552d5641 100644 --- a/caps/src/admin.cpp +++ b/caps/src/admin.cpp @@ -21,15 +21,12 @@ #include "prmem.h" #include "prmon.h" #include "prlog.h" - #include "admin.h" #include "nsPrivilegeManager.h" - #ifdef __cplusplus extern "C" { #endif /* __cplusplus */ - /* * A D M I N U I A P I * @@ -40,8 +37,8 @@ extern "C" { PR_PUBLIC_API(const char *) java_netscape_security_getPrincipals(const char *charSetName) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - const char *prins = nsPrivManager->getAllPrincipalsString(); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + const char *prins = nsPrivManager->GetAllPrincipalsString(); PRBool test_admin_api = PR_FALSE; if (test_admin_api) { char *a1; @@ -57,25 +54,24 @@ java_netscape_security_getPrincipals(const char *charSetName) PR_PUBLIC_API(PRBool) java_netscape_security_removePrincipal(const char *charSetName, char *prinName) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - return nsPrivManager->removePrincipal(prinName); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return nsPrivManager->RemovePrincipal(prinName); } PR_PUBLIC_API(void) java_netscape_security_getPrivilegeDescs(const char *charSetName, char *prinName, - char** forever, char** session, - char **denied) + char** forever, char** session, char **denied) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - nsPrivManager->getTargetsWithPrivileges(prinName, forever, session, denied); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + nsPrivManager->GetTargetsWithPrivileges(prinName, forever, session, denied); } PR_PUBLIC_API(PRBool) java_netscape_security_removePrivilege(const char *charSetName, char *prinName, char *targetName) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - return nsPrivManager->removePrincipalsPrivilege(prinName, targetName); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return nsPrivManager->RemovePrincipalsPrivilege(prinName, targetName); } diff --git a/caps/src/makefile.win b/caps/src/makefile.win index 945d856edfa..86b837a862d 100755 --- a/caps/src/makefile.win +++ b/caps/src/makefile.win @@ -49,29 +49,27 @@ DLL=.\$(OBJDIR)\$(DLLNAME).dll #//------------------------------------------------------------------------ C_OBJS= \ - .\$(OBJDIR)\nsZip.obj \ - .\$(OBJDIR)\nsLoadZig.obj \ .\$(OBJDIR)\jpermission.obj \ + .\$(OBJDIR)\nsLoadZig.obj \ + .\$(OBJDIR)\nsZip.obj \ $(NULL) -CPP_OBJS= \ +CPP_OBJS= \ + .\$(OBJDIR)\admin.obj \ + .\$(OBJDIR)\nsCaps.obj \ + .\$(OBJDIR)\nsCCapsManager.obj \ + .\$(OBJDIR)\nsCCapsManagerFactory.obj \ + .\$(OBJDIR)\nsCertificatePrincipal.obj \ + .\$(OBJDIR)\nsCodebasePrincipal.obj \ .\$(OBJDIR)\nsUserDialogHelper.obj \ - .\$(OBJDIR)\nsZig.obj \ - .\$(OBJDIR)\nsPrincipal.obj \ .\$(OBJDIR)\nsPrivilege.obj \ .\$(OBJDIR)\nsPrivilegeManager.obj \ .\$(OBJDIR)\nsPrivilegeTable.obj \ .\$(OBJDIR)\nsSystemPrivilegeTable.obj \ .\$(OBJDIR)\nsTarget.obj \ .\$(OBJDIR)\nsUserTarget.obj \ - .\$(OBJDIR)\admin.obj \ - .\$(OBJDIR)\nsCaps.obj \ - .\$(OBJDIR)\nsCCapsManager.obj \ - .\$(OBJDIR)\nsCertificatePrincipal.obj \ - .\$(OBJDIR)\nsCodebasePrincipal.obj \ - .\$(OBJDIR)\nsCCapsManagerFactory.obj \ - .\$(OBJDIR)\nsCCodeSourcePrincipal.obj \ + .\$(OBJDIR)\nsZig.obj \ $(NULL) diff --git a/caps/src/nsCCapsManager.cpp b/caps/src/nsCCapsManager.cpp index 709b413f44b..0da84cabf38 100644 --- a/caps/src/nsCCapsManager.cpp +++ b/caps/src/nsCCapsManager.cpp @@ -18,16 +18,12 @@ #include "nsIComponentManager.h" #include "nsCapsEnums.h" #include "nsCCapsManager.h" -#include "nsICodebasePrincipal.h" -#include "nsICertificatePrincipal.h" #include "nsCodebasePrincipal.h" #include "nsCertificatePrincipal.h" -#include "nsCCodeSourcePrincipal.h" #include "nsCaps.h" #include "nsICapsSecurityCallbacks.h" #include "nsLoadZig.h" #include "secnav.h" - #ifdef MOZ_SECURITY #include "navhook.h" #include "jarutil.h" @@ -39,11 +35,6 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID); #define ALL_JAVA_PERMISSION "AllJavaPermission" -//////////////////////////////////////////////////////////////////////////// -// from nsISupports and AggregatedQueryInterface: - -// Thes macro expands to the aggregated query interface scheme. - NS_IMPL_AGGREGATED(nsCCapsManager); NS_METHOD @@ -73,7 +64,7 @@ nsCCapsManager::CreateCodebasePrincipal(const char *codebaseURL, { nsresult result = NS_OK; nsCodebasePrincipal *pNSCCodebasePrincipal = - new nsCodebasePrincipal(codebaseURL, &result); + new nsCodebasePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact, codebaseURL); if (pNSCCodebasePrincipal == NULL) { return NS_ERROR_OUT_OF_MEMORY; @@ -91,7 +82,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain, { nsresult result = NS_OK; nsCertificatePrincipal *pNSCCertPrincipal = - new nsCertificatePrincipal(certChain, certChainLengths, noOfCerts, &result); + new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate, + certChain, certChainLengths, noOfCerts, &result); if (pNSCCertPrincipal == NULL) { return NS_ERROR_OUT_OF_MEMORY; @@ -100,7 +92,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain, *prin = (nsIPrincipal *)pNSCCertPrincipal; return NS_OK; } - +//code source prins are deprecated, use codebase of certificate prins instead +/* NS_METHOD nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, @@ -120,7 +113,7 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain, *prin = (nsIPrincipal *)pNSCCodeSourcePrincipal; return NS_OK; } - +*/ /** @@ -131,32 +124,17 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain, * @param state - the return value is passed in this parameter. */ NS_METHOD -nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal, - nsITarget* ignoreTarget, - nsPermission *state) +nsCCapsManager::GetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state) { - *state = nsPermission_Unknown; - nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION); - nsresult result = NS_OK; - if( target == NULL ) - { - return NS_OK; - } - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipal *pNSPrincipal = NULL; - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); - if( result != NS_OK) - { - return result; - } - - nsPrivilege* privilege = - m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal, - NULL); - *state = ConvertPrivilegeToPermission(privilege); - } - return NS_OK; + *state = nsPermission_Unknown; + nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION); + nsresult result = NS_OK; + if( target == NULL ) return NS_OK; + if (privilegeManager != NULL) { + nsPrivilege* privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL); + * state = this->ConvertPrivilegeToPermission(privilege); + } + return NS_OK; } /** @@ -169,28 +147,15 @@ nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal, * and target parameters. */ NS_METHOD -nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal, - nsITarget* ignoreTarget, - nsPermission state) -{ - nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION); - nsresult result = NS_OK; - if( target == NULL ) - { - return NS_OK; - } - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipal *pNSPrincipal = NULL; - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); - if( result != NS_OK) - { - return result; - } - nsPrivilege* privilege = ConvertPermissionToPrivilege(state); - m_pNSPrivilegeManager->SetPermission(pNSPrincipal, target, privilege); - } - return NS_OK; +nsCCapsManager::SetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission state) +{ + nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION); + if(target == NULL ) return NS_OK; + if (privilegeManager != NULL) { + nsPrivilege* privilege = this->ConvertPermissionToPrivilege(state); + privilegeManager->SetPermission(prin, target, privilege); + } + return NS_OK; } /** @@ -203,32 +168,19 @@ nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal, * target */ NS_METHOD -nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal, - nsITarget* ignoreTarget, - nsPermission *state) +nsCCapsManager::AskPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state) { - nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION); - nsresult result = NS_OK; - if( target == NULL ) - { - *state = nsPermission_Unknown; - return NS_OK; - } - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipal *pNSPrincipal = NULL; - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); - if( result != NS_OK) - { - return result; - } - m_pNSPrivilegeManager->AskPermission(pNSPrincipal,target, NULL); - nsPrivilege* privilege = - m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal, - NULL); - *state = ConvertPrivilegeToPermission(privilege); - } - return NS_OK; + nsTarget *target = nsTarget::FindTarget(ALL_JAVA_PERMISSION); + if( target == NULL ) { + *state = nsPermission_Unknown; + return NS_OK; + } + if (privilegeManager != NULL) { + privilegeManager->AskPermission(prin, target, NULL); + nsPrivilege * privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL); + *state = ConvertPrivilegeToPermission(privilege); + } + return NS_OK; } /** @@ -238,23 +190,22 @@ nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal, * @param result - is true if principal was successfully registered with the system */ NS_METHOD -nsCCapsManager::Initialize(PRBool *result) +nsCCapsManager::Initialize(PRBool * result) { - *result = nsCapsInitialize(); - return NS_OK; + *result = nsCapsInitialize(); + return NS_OK; } /** - * Initializes the capabilities frame walking code. - * - * @param aInterface - interface for calling frame walking code. - */ + * Initializes the capabilities frame walking code. + * + * @param aInterface - interface for calling frame walking code. + */ NS_METHOD nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface) { - //XXX write me - - return NS_OK; + //XXX write me + return NS_OK; } /** @@ -264,20 +215,10 @@ nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface) * @param result - is true if principal was successfully registered with the system */ NS_METHOD -nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val) +nsCCapsManager::RegisterPrincipal(nsIPrincipal * prin) { - nsresult result = NS_OK; - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipal *pNSPrincipal = NULL; - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); - if( result != NS_OK) - { - return result; - } - m_pNSPrivilegeManager->registerPrincipal(pNSPrincipal); - } - return NS_OK; + if (privilegeManager != NULL) privilegeManager->RegisterPrincipal(prin); + return NS_OK; } /** @@ -294,17 +235,15 @@ nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val) NS_METHOD nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { - nsTarget *target = nsTarget::findTarget((char*)targetName); + nsTarget *target = nsTarget::FindTarget((char*)targetName); nsresult result = NS_OK; if( target == NULL ) { *ret_val = PR_FALSE; return NS_OK; } - if (m_pNSPrivilegeManager != NULL) - { - *ret_val = m_pNSPrivilegeManager->enablePrivilege(context, target, callerDepth); - } + if (privilegeManager != NULL) + *ret_val = privilegeManager->EnablePrivilege(context, target, callerDepth); return NS_OK; } @@ -322,16 +261,16 @@ nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 c NS_METHOD nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { - nsTarget *target = nsTarget::findTarget((char*)targetName); + nsTarget *target = nsTarget::FindTarget((char*)targetName); nsresult result = NS_OK; if( target == NULL ) { *ret_val = PR_FALSE; return NS_OK; } - if (m_pNSPrivilegeManager != NULL) + if (privilegeManager != NULL) { - *ret_val = m_pNSPrivilegeManager->isPrivilegeEnabled(context, target, callerDepth); + *ret_val = privilegeManager->IsPrivilegeEnabled(context, target, callerDepth); } return NS_OK; } @@ -350,18 +289,15 @@ nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt3 NS_METHOD nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { - nsTarget *target = nsTarget::findTarget((char*)targetName); - nsresult result = NS_OK; - if( target == NULL ) - { - *ret_val = PR_FALSE; - return NS_OK; - } - if (m_pNSPrivilegeManager != NULL) - { - *ret_val = m_pNSPrivilegeManager->revertPrivilege(context, target, callerDepth); - } - return NS_OK; + nsTarget *target = nsTarget::FindTarget((char*)targetName); + nsresult result = NS_OK; + if( target == NULL ) { + * ret_val = PR_FALSE; + return NS_OK; + } + if (privilegeManager != NULL) + * ret_val = privilegeManager->RevertPrivilege(context, target, callerDepth); + return NS_OK; } /** @@ -378,18 +314,15 @@ nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 c NS_METHOD nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val) { - nsTarget *target = nsTarget::findTarget((char*)targetName); - nsresult result = NS_OK; - if( target == NULL ) - { - *ret_val = PR_FALSE; - return NS_OK; - } - if (m_pNSPrivilegeManager != NULL) - { - *ret_val = m_pNSPrivilegeManager->disablePrivilege(context, target, callerDepth); - } - return NS_OK; + nsTarget *target = nsTarget::FindTarget((char*)targetName); + nsresult result = NS_OK; + if( target == NULL ) { + * ret_val = PR_FALSE; + return NS_OK; + } + if (privilegeManager != NULL) + * ret_val = privilegeManager->DisablePrivilege(context, target, callerDepth); + return NS_OK; } @@ -399,83 +332,68 @@ nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32 NS_METHOD nsCCapsManager::ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *ret_val) { - nsresult result = NS_OK; - *ret_val = nsSetComparisonType_NoSubset; - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipalArray *newPrin1Array=NULL; - nsPrincipalArray *newPrin2Array=NULL; - result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array); - if (result != NS_OK) { - return result; - } - result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array); - if (result != NS_OK) { - return result; - } - *ret_val = m_pNSPrivilegeManager->comparePrincipalArray(newPrin1Array, newPrin2Array); - nsCapsFreePrincipalArray(newPrin1Array); - nsCapsFreePrincipalArray(newPrin2Array); - } - return NS_OK; + nsresult result = NS_OK; + *ret_val = nsSetComparisonType_NoSubset; + if (privilegeManager != NULL) { + nsPrincipalArray * newPrin1Array=NULL; + nsPrincipalArray * newPrin2Array=NULL; + result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array); + if (result != NS_OK) return result; + result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array); + if (result != NS_OK) return result; + *ret_val = privilegeManager->ComparePrincipalArray(newPrin1Array, newPrin2Array); + nsCapsFreePrincipalArray(newPrin1Array); + nsCapsFreePrincipalArray(newPrin2Array); + } + return NS_OK; } NS_METHOD -nsCCapsManager::IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *ret_val) +nsCCapsManager::IntersectPrincipalArray(void * prin1Array, void * prin2Array, void * * ret_val) { - nsresult result = NS_OK; - *ret_val = NULL; - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipalArray *newPrin1Array=NULL; - nsPrincipalArray *newPrin2Array=NULL; - nsPrincipalArray *intersectPrinArray=NULL; - result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array); - if (result != NS_OK) { - return result; - } - result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array); - if (result != NS_OK) { - return result; - } - intersectPrinArray = m_pNSPrivilegeManager->intersectPrincipalArray(newPrin1Array, - newPrin2Array); - CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val); - nsCapsFreePrincipalArray(newPrin1Array); - nsCapsFreePrincipalArray(newPrin2Array); - } - return NS_OK; + nsresult result = NS_OK; + *ret_val = NULL; + if (privilegeManager != NULL) { + nsPrincipalArray *newPrin1Array=NULL; + nsPrincipalArray *newPrin2Array=NULL; + nsPrincipalArray *intersectPrinArray=NULL; + result = this->GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array); + if (result != NS_OK) return result; + result = this->GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array); + if (result != NS_OK) return result; + intersectPrinArray = privilegeManager->IntersectPrincipalArray(newPrin1Array, newPrin2Array); + this->CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val); + nsCapsFreePrincipalArray(newPrin1Array); + nsCapsFreePrincipalArray(newPrin2Array); + } + return NS_OK; } NS_METHOD -nsCCapsManager::CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *ret_val) +nsCCapsManager::CanExtendTrust(void * fromPrinArray, void * toPrinArray, PRBool * ret_val) { - nsresult result = NS_OK; - *ret_val = nsSetComparisonType_NoSubset; - if (m_pNSPrivilegeManager != NULL) - { - nsPrincipalArray *newPrin1Array=NULL; - nsPrincipalArray *newPrin2Array=NULL; - result = GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array); - if (result != NS_OK) { - return result; - } - result = GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array); - if (result != NS_OK) { - return result; - } - *ret_val = m_pNSPrivilegeManager->canExtendTrust(newPrin1Array, newPrin2Array); - nsCapsFreePrincipalArray(newPrin1Array); - nsCapsFreePrincipalArray(newPrin2Array); - } - return NS_OK; + nsresult result = NS_OK; + *ret_val = nsSetComparisonType_NoSubset; + if (privilegeManager != NULL) { + nsPrincipalArray *newPrin1Array=NULL; + nsPrincipalArray *newPrin2Array=NULL; + result = this->GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array); + if (result != NS_OK) return result; + result = this->GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array); + if (result != NS_OK) return result; + *ret_val = privilegeManager->CanExtendTrust(newPrin1Array, newPrin2Array); + nsCapsFreePrincipalArray(newPrin1Array); + nsCapsFreePrincipalArray(newPrin2Array); + } + return NS_OK; } /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */ - +/************** +//Principals must be created by type, the nsPrincipal data member is deprecated NS_METHOD -nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val) +nsCCapsManager::NewPrincipal(PRInt16 *principalType, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val) { nsIPrincipal* pNSIPrincipal; nsPrincipal *pNSPrincipal = new nsPrincipal(type, key, key_len, zig); @@ -487,9 +405,14 @@ nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, *ret_val = pNSIPrincipal; return NS_OK; } +*********************/ +//XXX: todo: This method is covered by to nsIPrincipal object, should not be part of caps +//XXX: nsPrincipal struct if deprecated, access as nsIPrincipal +//do not use IsCodebaseExact, Tostring, or any other of the principal specific objects from here +/* NS_METHOD -nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val) +nsCCapsManager::IsCodebaseExact(nsIPrincipal * pNSIPrincipal, PRBool *ret_val) { nsresult result = NS_OK; nsPrincipal *pNSPrincipal = NULL; @@ -499,25 +422,25 @@ nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val) return result; } *ret_val = pNSPrincipal->isCodebaseExact(); - return NS_OK; } +*/ +/* NS_METHOD -nsCCapsManager::ToString(nsIPrincipal* pNSIPrincipal, char* *ret_val) +nsCCapsManager::ToString(nsIPrincipal* prin, char* *ret_val) { nsresult result = NS_OK; - nsPrincipal *pNSPrincipal = NULL; + nsIPrincipal *temp = NULL; *ret_val = NULL; - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); - if( result != NS_OK) { - return result; - } - *ret_val = pNSPrincipal->toString(); - + result = GetNSPrincipal(prin, &temp); + if( result != NS_OK) return result; + *ret_val = temp->ToString(); return NS_OK; } +*/ +/* NS_METHOD nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val) { @@ -529,9 +452,9 @@ nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val) return result; } *ret_val = pNSPrincipal->getVendor(); - return NS_OK; } +*/ NS_METHOD nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val) @@ -547,86 +470,51 @@ nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val) NS_METHOD nsCCapsManager::CreateMixedPrincipalArray(void *aZig, char* name, const char* codebase, void** result) { - *result = NULL; - PRBool hasCodebase; - int i; - PRUint32 count; - nsIPrincipal *principal; - - hasCodebase = (PRBool)codebase; - - /* First count the number of principals */ - count = codebase ? 1 : 0; - -//Should possibly be #ifdef MOZ_SECURITY but I don't want to break the sec build + /* + *result = NULL; + PRBool hasCodebase; + int i; + PRUint32 count; + nsIPrincipal *principal; + hasCodebase = (PRBool)codebase; + count = codebase ? 1 : 0; #if 0 - SOBITEM *item; - ZIG_Context * zig_aCx = NULL; - ZIG *zig = (ZIG*)aZig; - - if (zig && name) { - /* Make sure file is signed */ - if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) { - int zig_count=0; - /* count the number of signers */ - while (SOB_find_next(zig_aCx, &item) >= 0) { - zig_count++; - } - SOB_find_end(zig_aCx); - count += zig_count; - } - else { - zig = NULL; - } - } + SOBITEM *item; + ZIG_Context * zig_aCx = NULL; + ZIG *zig = (ZIG*)aZig; + if (zig && name) { + if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) { + int zig_count=0; + while (SOB_find_next(zig_aCx, &item) >= 0) zig_count++; + SOB_find_end(zig_aCx); + count += zig_count; + } else zig = NULL; + } #endif - if (count == 0) { - return NS_OK; - } - - NewPrincipalArray(count, result); - - if (*result == NULL) { - return NS_ERROR_FAILURE; - } - + if (count == 0) return NS_OK; + NewPrincipalArray(count, result); + if (*result == NULL) return NS_ERROR_FAILURE; #if 0 - if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) { - return NS_ERROR_FAILURE; - } - i = 0; - while (zig && SOB_find_next(zig_aCx, &item) >= 0) { - FINGERZIG *fingPrint; - - fingPrint = (FINGERZIG *) item->data; - - /* create a new nsIPrincipal(CERT_KEY, fingPrint->key) */ - NewPrincipal(nsPrincipalType_CertKey, - fingPrint->key, - fingPrint->length, - zig, - &principal); - RegisterPrincipal(principal, NULL); - SetPrincipalArrayElement(*result, i++, principal); - } - - if (zig) { - SOB_find_end(zig_aCx); - } + if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) return NS_ERROR_FAILURE; + i = 0; + while (zig && SOB_find_next(zig_aCx, &item) >= 0) { + FINGERZIG *fingPrint; + fingPrint = (FINGERZIG *) item->data; + this->NewPrincipal(nsPrincipal::PrincipalType_CertificateKey, fingPrint->key, + fingPrint->length, zig, &principal); + RegisterPrincipal(principal, NULL); + SetPrincipalArrayElement(*result, i++, principal); + } + if (zig) SOB_find_end(zig_aCx); #endif - - if (codebase) { - // Add a codebase principal. - NewPrincipal(nsPrincipalType_CodebaseExact, - (void*)codebase, - PL_strlen(codebase), - NULL, - &principal); - RegisterPrincipal(principal, NULL); - SetPrincipalArrayElement(*result, i++, principal); - } - - return NS_OK; + if (codebase) { + this->NewPrincipal(nsIPrincipal::PrincipalType_CodebaseExact, (void*)codebase, + PL_strlen(codebase), NULL, &principal); + RegisterPrincipal(principal, NULL); + SetPrincipalArrayElement(*result, i++, principal); + } + */ + return NS_OK; } NS_METHOD @@ -639,14 +527,19 @@ nsCCapsManager::FreePrincipalArray(void *prinArray) NS_METHOD nsCCapsManager::GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *ret_val) { + //method is deprecated, Principals must be accessed and indexed as nsIPrincipals, not by data member + /* nsIPrincipal* pNSIPrincipal; nsPrincipal *pNSPrincipal = (nsPrincipal *)nsCapsGetPrincipalArrayElement(prinArrayArg, index); - if (pNSPrincipal->isCodebase()) { - pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal); - } else { + (pNSPrincipal->isCodebase()) ? + pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal) + : pNSIPrincipal = (nsIPrincipal*)new nsCertificatePrincipal(pNSPrincipal); } + *ret_val = pNSIPrincipal; + */ + *ret_val = NULL; return NS_OK; } @@ -665,49 +558,37 @@ nsCCapsManager::GetPrincipalArraySize(void *prinArrayArg, PRUint32 *ret_val) } /* The following interfaces will replace all of the following old calls. - * * nsCapsGetPermission(struct nsPrivilege *privilege) * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target) - * */ NS_METHOD nsCCapsManager::IsAllowed(void *annotation, char* targetName, PRBool *ret_val) { - nsTarget *target = nsTarget::findTarget(targetName); - nsresult result = NS_OK; - if( target == NULL ) - { - *ret_val = PR_FALSE; - return NS_OK; - } - struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((struct nsPrivilegeTable *)annotation, - target); - if (pNSPrivilege == NULL) { - *ret_val = PR_FALSE; - return NS_OK; - } - nsPermissionState perm = nsCapsGetPermission(pNSPrivilege); - - *ret_val = (perm == nsPermissionState_Allowed); - return NS_OK; + nsTarget *target = nsTarget::FindTarget(targetName); + nsresult result = NS_OK; + if( target == NULL ) { + *ret_val = PR_FALSE; + return NS_OK; + } + struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((nsPrivilegeTable * )annotation, target); + if (pNSPrivilege == NULL) { + *ret_val = PR_FALSE; + return NS_OK; + } + nsPermissionState perm = nsCapsGetPermission(pNSPrivilege); + *ret_val = (perm == nsPermissionState_Allowed); + return NS_OK; } //////////////////////////////////////////////////////////////////////////// // from nsCCapsManager: -nsCCapsManager::nsCCapsManager(nsISupports *aOuter):m_pNSPrivilegeManager(NULL) +nsCCapsManager::nsCCapsManager(nsISupports *aOuter):privilegeManager(NULL) { - NS_INIT_AGGREGATED(aOuter); - PRBool result; - if (Initialize(&result) == NS_OK) - { - m_pNSPrivilegeManager = new nsPrivilegeManager(); - } - else - { - m_pNSPrivilegeManager = NULL; - } + NS_INIT_AGGREGATED(aOuter); + PRBool result; + privilegeManager = (Initialize(&result) == NS_OK) ? new nsPrivilegeManager(): NULL; } nsCCapsManager::~nsCCapsManager() @@ -718,6 +599,8 @@ void nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray) { + //prin arrays will either be removed, or updated to use the nsIPrincipal Object +/* nsIPrincipal* pNSIPrincipal; nsPrincipal *pNSPrincipal = NULL; @@ -736,39 +619,39 @@ nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray, newPrinArray->Set(index, pNSIPrincipal); } *pPrincipalArray = newPrinArray; + */ } - - NS_METHOD nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray) { +/* nsIPrincipal* pNSIPrincipal; - nsPrincipal *pNSPrincipal = NULL; + nsIPrincipal *pNSPrincipal = NULL; nsresult result = NS_OK; PRUint32 count = prinArray->GetSize(); nsPrincipalArray *newPrinArray = new nsPrincipalArray(); newPrinArray->SetSize(count, 1); *pPrincipalArray = NULL; - for (PRUint32 index = 0; index < count; index++) { pNSIPrincipal = (nsIPrincipal*)prinArray->Get(index); - result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); +// result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal); if( result != NS_OK) { nsCapsFreePrincipalArray(newPrinArray); return result; } - newPrinArray->Set(index, pNSPrincipal); +// newPrinArray->Set(index, pNSPrincipal); } *pPrincipalArray = newPrinArray; return result; + */ + return NS_OK; } - +/* NS_METHOD -nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, - nsPrincipal **ppNSPrincipal) +nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPrincipal) { nsISupports *pNSISupports = NULL; nsPrincipal *pNSPrincipal = NULL; @@ -781,7 +664,7 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID); NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID); - NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID); +// NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID); if (pNSIPrincipal->QueryInterface(kICodeSourcePrincipalIID, (void**)&pNSISupports) == NS_OK) @@ -792,19 +675,21 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, PRBool bIsTrusted = PR_FALSE; if(pNSICertPrincipal != NULL ) { - pNSICertPrincipal->IsTrusted(NULL, &bIsTrusted); + pNSICertPrincipal->IsSecure(&bIsTrusted); } if (bIsTrusted) { nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSICertPrincipal; - pNSPrincipal = pNSCCertPrincipal->GetPeer(); +// peer object is deprecated, no longer use nsPrincipal object +// pNSPrincipal = pNSCCertPrincipal->GetPeer(); pNSCCertPrincipal->Release(); } else if(pNSICodebasePrincipal != NULL ) { nsCodebasePrincipal *pNSCCodebasePrincipal = (nsCodebasePrincipal *)pNSICodebasePrincipal; - pNSPrincipal = pNSCCodebasePrincipal->GetPeer(); +// peer object is deprecated, no longer use nsPrincipal object +// pNSPrincipal = pNSCCodebasePrincipal->GetPeer(); pNSCCodebasePrincipal->Release(); } else @@ -817,7 +702,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, (void**)&pNSISupports) == NS_OK) { nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSIPrincipal; - pNSPrincipal = pNSCCertPrincipal->GetPeer(); +// peer object is deprecated, no longer use nsPrincipal object +// pNSPrincipal = pNSCCertPrincipal->GetPeer(); pNSCCertPrincipal->Release(); } else @@ -826,7 +712,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, { nsCodebasePrincipal *pNSCCodebasePrincipal = (nsCodebasePrincipal *)pNSIPrincipal; - pNSPrincipal = pNSCCodebasePrincipal->GetPeer(); +// peer object is deprecated, no longer use nsPrincipal object +// pNSPrincipal = pNSCCodebasePrincipal->GetPeer(); pNSCCodebasePrincipal->Release(); } else @@ -834,12 +721,12 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, return NS_ERROR_NO_INTERFACE; } *ppNSPrincipal = pNSPrincipal; - return NS_OK; + return NS_OK; } - +*/ nsPermission -nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege) +nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege * pNSPrivilege) { if(pNSPrivilege->isAllowedForever()) return nsPermission_AllowedForever; @@ -887,13 +774,9 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state) void nsCCapsManager::SetSystemPrivilegeManager() { - nsPrivilegeManager *pNSPrivilegeManager = - nsPrivilegeManager::getPrivilegeManager(); - if ( (m_pNSPrivilegeManager != NULL ) - && (m_pNSPrivilegeManager != pNSPrivilegeManager) - ) - { - delete m_pNSPrivilegeManager; - m_pNSPrivilegeManager = pNSPrivilegeManager; - } + nsPrivilegeManager *pNSPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager(); + if ((privilegeManager != NULL ) && (privilegeManager != pNSPrivilegeManager)) { + delete privilegeManager; + privilegeManager = pNSPrivilegeManager; + } } diff --git a/caps/src/nsCCodeSourcePrincipal.cpp b/caps/src/nsCCodeSourcePrincipal.cpp deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/src/nsCaps.cpp b/caps/src/nsCaps.cpp index 1cbccef52b1..6e6250b11f5 100644 --- a/caps/src/nsCaps.cpp +++ b/caps/src/nsCaps.cpp @@ -21,12 +21,11 @@ #include "prmem.h" #include "prmon.h" #include "prlog.h" - #include "nsCaps.h" #include "nsPrivilegeManager.h" +#include "nsCertificatePrincipal.h" #include "nsPrivilege.h" #include "nsPrivilegeTable.h" -#include "nsPrincipal.h" #include "nsTarget.h" #include "nsCCapsManager.h" #include "nsCCapsManagerFactory.h" @@ -56,29 +55,29 @@ static PRBool bNSCapsInitialized_g = PR_FALSE; PR_IMPLEMENT(PRBool) nsCapsInitialize() { - if(bNSCapsInitialized_g == PR_TRUE) - { - return PR_TRUE; - } - bNSCapsInitialized_g = PR_TRUE; + if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE; + bNSCapsInitialized_g = PR_TRUE; + nsIPrincipal * sysPrin; +/* #if defined(_WIN32) - nsPrincipal *sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class"); +// sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class"); #else - nsPrincipal *sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class"); +// sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class"); #endif - if (sysPrin == NULL) { - sysPrin = new nsPrincipal(nsPrincipalType_Cert, "52:54:45:4e:4e:45:54:49", - strlen("52:54:45:4e:4e:45:54:49")); +*/ + if (sysPrin == NULL) { + nsresult res; + sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49", + (unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res); } - - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); if (nsPrivManager == NULL) { nsPrivilegeManagerInitialize(); nsPrivilegeInitialize(); - nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); + nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); } PR_ASSERT(nsPrivManager != NULL); - nsPrivManager->registerSystemPrincipal(sysPrin); + nsPrivManager->RegisterSystemPrincipal(sysPrin); // New a class factory object and the constructor will register itself // as the factory object in the repository. All other modules should // FindFactory and use createInstance to create a instance of nsCCapsManager @@ -96,169 +95,155 @@ nsCapsInitialize() /* wrappers for nsPrivilegeManager object */ PR_IMPLEMENT(PRBool) -nsCapsRegisterPrincipal(struct nsPrincipal *principal) +nsCapsRegisterPrincipal(class nsIPrincipal *principal) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - nsPrivManager->registerPrincipal(principal); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + if(nsPrivManager == NULL) return PR_FALSE; + nsPrivManager->RegisterPrincipal(principal); return PR_TRUE; } PR_IMPLEMENT(PRBool) -nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth) +nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - return nsPrivManager->enablePrivilege(context, target, callerDepth); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->EnablePrivilege(context, target, callerDepth); } PR_IMPLEMENT(PRBool) -nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth) +nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - return nsPrivManager->isPrivilegeEnabled(context, target, callerDepth); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->IsPrivilegeEnabled(context, target, callerDepth); } PR_IMPLEMENT(PRBool) -nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth) +nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - return nsPrivManager->revertPrivilege(context, target, callerDepth); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL ) ? PR_FALSE : nsPrivManager->RevertPrivilege(context, target, callerDepth); } PR_IMPLEMENT(PRBool) -nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth) +nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - return nsPrivManager->disablePrivilege(context, target, callerDepth); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->DisablePrivilege(context, target, callerDepth); } PR_IMPLEMENT(void*) nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return NULL; - return (void *)nsPrivManager->getClassPrincipalsFromStack(context, callerDepth); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? NULL + : (void *)nsPrivManager->GetClassPrincipalsFromStack(context, callerDepth); } PR_IMPLEMENT(nsSetComparisonType) nsCapsComparePrincipalArray(void* prin1Array, void* prin2Array) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return nsSetComparisonType_NoSubset; - return nsPrivManager->comparePrincipalArray((nsPrincipalArray*)prin1Array, - (nsPrincipalArray*)prin2Array); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? nsSetComparisonType_NoSubset + : nsPrivManager->ComparePrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array); } PR_IMPLEMENT(void*) nsCapsIntersectPrincipalArray(void* prin1Array, void* prin2Array) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return NULL; - return nsPrivManager->intersectPrincipalArray((nsPrincipalArray*)prin1Array, - (nsPrincipalArray*)prin2Array); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? NULL + : nsPrivManager->IntersectPrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array); } PR_IMPLEMENT(PRBool) nsCapsCanExtendTrust(void* from, void* to) { - nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager(); - if( nsPrivManager == NULL ) - return PR_FALSE; - return nsPrivManager->canExtendTrust((nsPrincipalArray*)from, - (nsPrincipalArray*)to); + nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager(); + return (nsPrivManager == NULL) ? PR_FALSE + : nsPrivManager->CanExtendTrust((nsPrincipalArray *)from, (nsPrincipalArray *)to); } /* wrappers for nsPrincipal object */ -PR_IMPLEMENT(struct nsPrincipal *) -nsCapsNewPrincipal(nsPrincipalType type, void * key, - PRUint32 key_len, void *zig) +/* +PR_IMPLEMENT(class nsIPrincipal *) +nsCapsNewPrincipal(PRInt16 prinType, void * key, PRUint32 key_len, void *zig) { - return new nsPrincipal(type, key, key_len, zig); +// XXX ARIEL FIX: +// this is absolutely wrong, must be fixed ASAP +// return new nsIPrincipal(prinType, key, key_len, zig); + return NULL; } +*/ PR_IMPLEMENT(const char *) -nsCapsPrincipalToString(struct nsPrincipal *principal) +nsCapsPrincipalToString(class nsIPrincipal *principal) { - return principal->toString(); + char * prinStr; + principal->ToString(& prinStr); + return prinStr; } PR_IMPLEMENT(PRBool) -nsCapsIsCodebaseExact(struct nsPrincipal *principal) +nsCapsIsCodebaseExact(class nsIPrincipal *principal) { - return principal->isCodebaseExact(); + PRInt16 prinType; + principal->GetType(& prinType); + return (prinType == (PRInt16) nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE; } PR_IMPLEMENT(const char *) -nsCapsPrincipalGetVendor(struct nsPrincipal *principal) +nsCapsPrincipalGetVendor(class nsIPrincipal *principal) { - return principal->getVendor(); + //deprecated returning NULL + //return principal->getVendor(); + return NULL; } PR_EXTERN(void *) nsCapsNewPrincipalArray(PRUint32 count) { - nsPrincipalArray *prinArray = new nsPrincipalArray(); - prinArray->SetSize(count, 1); - return prinArray; + nsPrincipalArray *prinArray = new nsPrincipalArray(); + prinArray->SetSize(count, 1); + return prinArray; } PR_EXTERN(void) nsCapsFreePrincipalArray(void *prinArrayArg) { - nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; - if (prinArray) { - prinArray->RemoveAll(); - delete prinArray; - } + nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; + if (prinArray) { + prinArray->RemoveAll(); + delete prinArray; + } } PR_EXTERN(void *) nsCapsGetPrincipalArrayElement(void *prinArrayArg, PRUint32 index) { - nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; - if (prinArray == NULL) { - return NULL; - } - return prinArray->Get(index); + nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; + return (prinArray == NULL) ? NULL : prinArray->Get(index); } PR_EXTERN(void) nsCapsSetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, void *element) { - nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; - if (prinArray == NULL) { - return; - } - prinArray->Set(index, element); + nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; + if (prinArray == NULL) return; + prinArray->Set(index, element); } PR_EXTERN(PRUint32) nsCapsGetPrincipalArraySize(void *prinArrayArg) { nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg; - if (prinArray == NULL) { - return 0; - } - return prinArray->GetSize(); + return (prinArray == NULL) ? 0 : prinArray->GetSize(); } /* wrappers for nsTarget object */ -PR_IMPLEMENT(struct nsTarget *) +PR_IMPLEMENT(class nsTarget *) nsCapsFindTarget(char *name) { - return nsTarget::findTarget(name); + return nsTarget::FindTarget(name); } /* wrappers for nsPrivilege object */ @@ -270,9 +255,9 @@ nsCapsGetPermission(struct nsPrivilege *privilege) /* wrappers for nsPrivilegeTable object */ PR_IMPLEMENT(struct nsPrivilege *) -nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target) +nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget *target) { - return annotation->get(target); +return annotation->Get(target); } @@ -284,7 +269,6 @@ setNewNSJSJavaFrameWrapperCallback(struct NSJSJavaFrameWrapper * (*fp)(void *)) nsCapsNewNSJSJavaFrameWrapperCallback = fp; } - void (*nsCapsFreeNSJSJavaFrameWrapperCallback)(struct NSJSJavaFrameWrapper *); PR_IMPLEMENT(void) setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *)) @@ -292,7 +276,6 @@ setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *)) nsCapsFreeNSJSJavaFrameWrapperCallback = fp; } - void (*nsCapsGetStartFrameCallback)(struct NSJSJavaFrameWrapper *); PR_IMPLEMENT(void) setGetStartFrameCallback(void (*fp)(struct NSJSJavaFrameWrapper *)) @@ -307,7 +290,6 @@ setIsEndOfFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *)) nsCapsIsEndOfFrameCallback = fp; } - PRBool (*nsCapsIsValidFrameCallback)(struct NSJSJavaFrameWrapper *); PR_IMPLEMENT(void) setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *)) @@ -315,7 +297,6 @@ setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *)) nsCapsIsValidFrameCallback = fp; } - void * (*nsCapsGetNextFrameCallback)(struct NSJSJavaFrameWrapper *, int *); PR_IMPLEMENT(void) setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *)) @@ -323,28 +304,25 @@ setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *)) nsCapsGetNextFrameCallback = fp; } - void * (*nsCapsGetPrincipalArrayCallback)(struct NSJSJavaFrameWrapper *); PR_IMPLEMENT(void) setOJIGetPrincipalArrayCallback(void * (*fp)(struct NSJSJavaFrameWrapper *)) { - nsCapsGetPrincipalArrayCallback = fp; + nsCapsGetPrincipalArrayCallback = fp; } - void * (*nsCapsGetAnnotationCallback)(struct NSJSJavaFrameWrapper *); PR_IMPLEMENT(void) setOJIGetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *)) { - nsCapsGetAnnotationCallback = fp; + nsCapsGetAnnotationCallback = fp; } - void * (*nsCapsSetAnnotationCallback)(struct NSJSJavaFrameWrapper *, void *); PR_IMPLEMENT(void) setOJISetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, void *)) { - nsCapsSetAnnotationCallback = fp; + nsCapsSetAnnotationCallback = fp; } /* @@ -359,7 +337,6 @@ nsCapsEnableRegistrationModeFlag(void) registrationModeFlag = PR_TRUE; } - /* * This function disables the registration mode flag. * Disabling this flag allows all valid urls types to diff --git a/caps/src/nsCertificatePrincipal.cpp b/caps/src/nsCertificatePrincipal.cpp index d963bd5b47d..41e50aa0ced 100644 --- a/caps/src/nsCertificatePrincipal.cpp +++ b/caps/src/nsCertificatePrincipal.cpp @@ -17,143 +17,92 @@ */ #include "nsCertificatePrincipal.h" -#include "nsPrincipal.h" static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID); -//////////////////////////////////////////////////////////////////////////// -// from nsISupports: - -// These macros produce simple version of QueryInterface and AddRef. -// See the nsISupports.h header file for DETAILS. - -NS_IMPL_ISUPPORTS(nsCertificatePrincipal,kICertificatePrincipalIID); - -//////////////////////////////////////////////////////////////////////////// -// from nsIPrincipal: +NS_IMPL_ISUPPORTS(nsCertificatePrincipal, kICertificatePrincipalIID); NS_IMETHODIMP -nsCertificatePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted) +nsCertificatePrincipal::GetPublicKey(char ** publicKey, PRUint32 * publicKeyLength) { - if(m_pNSPrincipal == NULL) - { - *pbIsTrusted = PR_FALSE; - return NS_ERROR_ILLEGAL_VALUE; - } - *pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal(); - return NS_OK; + publicKey = & this->itsKey; + publicKeyLength = & this->itsKeyLength; + return (itsKey == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } - -//////////////////////////////////////////////////////////////////////////// -// from nsICertificatePrincipal: -/** - * Returns the public key of the certificate. - * - * @param publicKey - the Public Key data will be returned in this field. - * @param publicKeySize - the length of public key data is returned in this - * parameter. - */ + NS_IMETHODIMP -nsCertificatePrincipal::GetPublicKey(char **publicKey, PRUint32 *publicKeySize) +nsCertificatePrincipal::GetCompanyName(char * * companyName) { - // XXX raman: fix it. - PR_ASSERT(PR_FALSE); - return NS_OK; + companyName = & this->itsCompanyName; + return (itsCompanyName == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } -/** - * Returns the company name of the ceritificate (OU etc parameters of certificate) - * - * @param result - the certificate details about the signer. - */ NS_IMETHODIMP -nsCertificatePrincipal::GetCompanyName(char **ppCompanyName) +nsCertificatePrincipal::GetCertificateAuthority(char * * certificateAuthority) { - if(m_pNSPrincipal == NULL) - { - *ppCompanyName = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCompanyName = m_pNSPrincipal->getCompanyName(); - return NS_OK; + certificateAuthority = & this->itsCertificateAuthority; + return (itsCertificateAuthority == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } -/** - * Returns the certificate issuer's data (OU etc parameters of certificate) - * - * @param result - the details about the issuer - */ NS_IMETHODIMP -nsCertificatePrincipal::GetCertificateAuthority(char **ppCertAuthority) +nsCertificatePrincipal::GetSerialNumber(char * * serialNumber) { - if(m_pNSPrincipal == NULL) - { - *ppCertAuthority = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCertAuthority = m_pNSPrincipal->getSecAuth(); - return NS_OK; + serialNumber = & this->itsSerialNumber; + return (itsSerialNumber == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } -/** - * Returns the serial number of certificate - * - * @param result - Returns the serial number of certificate - */ NS_IMETHODIMP -nsCertificatePrincipal::GetSerialNumber(char **ppSerialNumber) +nsCertificatePrincipal::GetExpirationDate(char * * expirationDate) { - if(m_pNSPrincipal == NULL) - { - *ppSerialNumber = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppSerialNumber = m_pNSPrincipal->getSerialNo(); - return NS_OK; + expirationDate = & this->itsExpirationDate; + return (itsExpirationDate == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } -/** - * Returns the expiration date of certificate - * - * @param result - Returns the expiration date of certificate - */ NS_IMETHODIMP -nsCertificatePrincipal::GetExpirationDate(char **ppExpDate) +nsCertificatePrincipal::GetFingerPrint(char * * fingerPrint) { - if(m_pNSPrincipal == NULL) - { - *ppExpDate = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppExpDate = m_pNSPrincipal->getExpDate(); - return NS_OK; + fingerPrint = & this->itsFingerPrint; + return (itsFingerPrint == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK; } -/** - * Returns the finger print of certificate - * - * @param result - Returns the finger print of certificate - */ NS_IMETHODIMP -nsCertificatePrincipal::GetFingerPrint(char **ppFingerPrint) +nsCertificatePrincipal::GetType(PRInt16 * type) { - if(m_pNSPrincipal == NULL) - { - *ppFingerPrint = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppFingerPrint = m_pNSPrincipal->getFingerPrint(); - return NS_OK; + type = & this->itsType; + return NS_OK; } -//////////////////////////////////////////////////////////////////////////// -// from nsCertificatePrincipal: - -nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain, - PRUint32 *certChainLengths, - PRUint32 noOfCerts, - nsresult *result) +NS_IMETHODIMP +nsCertificatePrincipal::IsSecure(PRBool * result) { + *result = (this->itsType == (PRInt16)nsIPrincipal::PrincipalType_Unknown) ? PR_FALSE : PR_TRUE; + return NS_OK; +} + +NS_IMETHODIMP +nsCertificatePrincipal::ToString(char **result) +{ + return NS_OK; +} + +NS_IMETHODIMP +nsCertificatePrincipal::HashCode(PRUint32 * code) +{ + code=0; + return NS_OK; +} + +NS_IMETHODIMP +nsCertificatePrincipal::Equals(nsIPrincipal * other, PRBool * result) +{ + return NS_OK; +} + +nsCertificatePrincipal::nsCertificatePrincipal(PRInt16 * type, const unsigned char **certChain, + PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result) +{ + this->itsType = * type; + /* m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain, certChainLengths, noOfCerts); if(m_pNSPrincipal == NULL) @@ -162,21 +111,9 @@ nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain, return; } *result = NS_OK; -} - -nsCertificatePrincipal::nsCertificatePrincipal(nsPrincipal *pNSPrincipal) -{ - m_pNSPrincipal = pNSPrincipal; + */ } nsCertificatePrincipal::~nsCertificatePrincipal(void) { - delete m_pNSPrincipal; -} - -nsPrincipal* -nsCertificatePrincipal::GetPeer(void) -{ - return m_pNSPrincipal; -} - +} \ No newline at end of file diff --git a/caps/src/nsCodebasePrincipal.cpp b/caps/src/nsCodebasePrincipal.cpp index 9f329951ca9..a794cf4db34 100644 --- a/caps/src/nsCodebasePrincipal.cpp +++ b/caps/src/nsCodebasePrincipal.cpp @@ -17,81 +17,78 @@ */ #include "nsCodebasePrincipal.h" -#include "nsPrincipal.h" #include "xp.h" static NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID); -//////////////////////////////////////////////////////////////////////////// -// from nsISupports: - -// These macros produce simple version of QueryInterface and AddRef. -// See the nsISupports.h header file for DETAILS. NS_IMPL_ISUPPORTS(nsCodebasePrincipal, kICodebasePrincipalIID); -//////////////////////////////////////////////////////////////////////////// -// from nsIPrincipal: +NS_IMETHODIMP +nsCodebasePrincipal::GetURL(char **cburl) +{ + cburl = (char **)&codeBaseURL; + return NS_OK; +} NS_IMETHODIMP -nsCodebasePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted) +nsCodebasePrincipal::IsCodebaseExact(PRBool * result) { - if(m_pNSPrincipal == NULL) - { - *pbIsTrusted = PR_FALSE; - return NS_ERROR_ILLEGAL_VALUE; - } - *pbIsTrusted = m_pNSPrincipal->isSecurePrincipal(); - return NS_OK; + * result = (this->itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE; + return NS_OK; } - - -/** - * Returns the codebase URL of the principal. - * - * @param result - the resulting codebase URL - */ NS_IMETHODIMP -nsCodebasePrincipal::GetURL(char **ppCodeBaseURL) +nsCodebasePrincipal::IsCodebaseRegex(PRBool * result) { - if(m_pNSPrincipal == NULL) - { - *ppCodeBaseURL = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCodeBaseURL = m_pNSPrincipal->getKey(); - return NS_OK; + * result = (itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseRegex) ? PR_TRUE : PR_FALSE; + return NS_OK; } -//////////////////////////////////////////////////////////////////////////// -// from nsCCodebasePrincipal: - -nsCodebasePrincipal::nsCodebasePrincipal(const char *codebaseURL, - nsresult *result) +NS_IMETHODIMP +nsCodebasePrincipal::GetType(PRInt16 * type) { - m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact, - (void *)codebaseURL, - XP_STRLEN(codebaseURL)); - if(m_pNSPrincipal == NULL) - { - *result = NS_ERROR_OUT_OF_MEMORY; - return; - } - *result = NS_OK; + type = itsType; + return NS_OK; } -nsCodebasePrincipal::nsCodebasePrincipal(nsPrincipal *pNSPrincipal) +NS_IMETHODIMP +nsCodebasePrincipal::IsSecure(PRBool * result) +{ + /* + if ((0 == memcmp("https:", itsKey, strlen("https:"))) || + (0 == memcmp("file:", itsKey, strlen("file:")))) + return PR_TRUE; + */ + return PR_FALSE; +} + +NS_IMETHODIMP +nsCodebasePrincipal::ToString(char **result) { - m_pNSPrincipal = pNSPrincipal; + return NS_OK; +} + +NS_IMETHODIMP +nsCodebasePrincipal::HashCode(PRUint32 * code) +{ + code=0; + return NS_OK; +} + +NS_IMETHODIMP +nsCodebasePrincipal::Equals(nsIPrincipal * other, PRBool * result) +{ + PRInt16 * oType; + other->GetType(oType); + *result = (itsType == oType) ? PR_TRUE : PR_FALSE; + return NS_OK; +} +nsCodebasePrincipal::nsCodebasePrincipal(PRInt16 * type, const char * codeBaseURL) +{ + this->itsType=type; + this->codeBaseURL=codeBaseURL; } nsCodebasePrincipal::~nsCodebasePrincipal(void) { - delete m_pNSPrincipal; -} - -nsPrincipal* -nsCodebasePrincipal::GetPeer(void) -{ - return m_pNSPrincipal; -} +} \ No newline at end of file diff --git a/caps/src/nsPrincipal.cpp b/caps/src/nsPrincipal.cpp deleted file mode 100755 index e69de29bb2d..00000000000 diff --git a/caps/src/nsPrivilegeManager.cpp b/caps/src/nsPrivilegeManager.cpp index 9111e078986..cf2e1f3879f 100755 --- a/caps/src/nsPrivilegeManager.cpp +++ b/caps/src/nsPrivilegeManager.cpp @@ -25,22 +25,17 @@ #include "plbase64.h" #include "plstr.h" #include "jpermission.h" - #ifdef ENABLE_RDF #include "rdf.h" #include "jsec2rdf.h" #endif /* ENABLE_RDF */ static nsPrivilegeManager * thePrivilegeManager = NULL; - -static nsPrincipal *theSystemPrincipal = NULL; - -static nsPrincipal *theUnsignedPrincipal; -static nsPrincipalArray *theUnsignedPrincipalArray; - -static nsPrincipal *theUnknownPrincipal; -static nsPrincipalArray *theUnknownPrincipalArray; - +static nsIPrincipal * theSystemPrincipal = NULL; +static nsIPrincipal * theUnsignedPrincipal; +static nsPrincipalArray * theUnsignedPrincipalArray; +static nsIPrincipal * theUnknownPrincipal; +static nsPrincipalArray * theUnknownPrincipalArray; static PRMonitor *caps_lock = NULL; @@ -48,69 +43,58 @@ static PRMonitor *caps_lock = NULL; * a void * as argument and it passed that argument as a parameter to the * callback function. */ -char *gListOfPrincipals; -char *gForever; -char *gSession; -char *gDenied; +char * gListOfPrincipals; +char * gForever; +char * gSession; +char * gDenied; nsPrivilegeTable *gPrivilegeTable; -static PRBool getPrincipalString(nsHashKey *aKey, void *aData, void* closure); +static PRBool GetPrincipalString(nsHashKey *aKey, void *aData, void* closure); #ifdef ENABLE_RDF -static nsPrincipal *RDF_getPrincipal(JSec_Principal jsec_pr); +static nsIPrincipal * RDF_getPrincipal(JSec_Principal jsec_pr); static JSec_Principal RDF_CreatePrincipal(nsPrincipal *prin); #endif /* ENABLE_RDF */ -static PRBool RDF_RemovePrincipal(nsPrincipal *prin); -static PRBool RDF_RemovePrincipalsPrivilege(nsPrincipal *prin, nsTarget *target); - +static PRBool RDF_RemovePrincipal(nsIPrincipal *prin); +static PRBool RDF_RemovePrincipalsPrivilege(nsIPrincipal *prin, nsTarget *target); PR_BEGIN_EXTERN_C #include "xp.h" #include "prefapi.h" -PRBool CMGetBoolPref(char * pref_name) +PRBool +CMGetBoolPref(char * pref_name) { #ifdef MOZ_SECURITY - XP_Bool pref; - - if (PREF_GetBoolPref(pref_name, &pref) >=0) { - return pref; - } + XP_Bool pref; + if (PREF_GetBoolPref(pref_name, &pref) >=0) return pref; #endif /* MOZ_SECURITY */ - return FALSE; + return FALSE; } PR_END_EXTERN_C PRBool nsCaps_lock(void) { - if(caps_lock == NULL) - { - caps_lock = PR_NewMonitor(); - if(caps_lock == NULL) - return PR_FALSE; - } - PR_EnterMonitor(caps_lock); - return PR_TRUE; + if(caps_lock == NULL) { + caps_lock = PR_NewMonitor(); + if(caps_lock == NULL) return PR_FALSE; + } + PR_EnterMonitor(caps_lock); + return PR_TRUE; } void nsCaps_unlock(void) { - PR_ASSERT(caps_lock != NULL); - - if(caps_lock != NULL) - { - PR_ExitMonitor(caps_lock); - } + PR_ASSERT(caps_lock != NULL); + if(caps_lock != NULL) PR_ExitMonitor(caps_lock); } - -// // PUBLIC METHODS -// + nsPrivilegeManager::nsPrivilegeManager(void) { @@ -119,351 +103,306 @@ nsPrivilegeManager::nsPrivilegeManager(void) itsPrinToMacroTargetPrivTable = new nsHashtable(); itsPrinNameToPrincipalTable = new nsHashtable(); nsCaps_unlock(); - } nsPrivilegeManager::~nsPrivilegeManager(void) { - nsCaps_lock(); - if (itsPrinToPrivTable) - delete itsPrinToPrivTable; - if (itsPrinToMacroTargetPrivTable) - delete itsPrinToMacroTargetPrivTable; - if (itsPrinNameToPrincipalTable) - delete itsPrinNameToPrincipalTable; - nsCaps_unlock(); + nsCaps_lock(); + if (itsPrinToPrivTable) delete itsPrinToPrivTable; + if (itsPrinToMacroTargetPrivTable) delete itsPrinToMacroTargetPrivTable; + if (itsPrinNameToPrincipalTable) delete itsPrinNameToPrincipalTable; + nsCaps_unlock(); } -void nsPrivilegeManager::addToPrinNameToPrincipalTable(nsPrincipal *prin) +void +nsPrivilegeManager::AddToPrinNameToPrincipalTable(nsIPrincipal * prin) { - char *prinName = prin->toString(); - if (prinName == NULL) { - return; - } - StringKey prinNameKey(prinName); - nsCaps_lock(); - if (NULL == itsPrinNameToPrincipalTable->Get(&prinNameKey)) { - itsPrinNameToPrincipalTable->Put(&prinNameKey, prin); - } - nsCaps_unlock(); + char *prinName; + prin->ToString(&prinName); + if (prinName == NULL) return; + StringKey prinNameKey(prinName); + nsCaps_lock(); + if (NULL == itsPrinNameToPrincipalTable->Get(&prinNameKey)) + itsPrinNameToPrincipalTable->Put(&prinNameKey, prin); + nsCaps_unlock(); } -void nsPrivilegeManager::registerSystemPrincipal(nsPrincipal *prin) +void +nsPrivilegeManager::RegisterSystemPrincipal(nsIPrincipal * prin) { - PrincipalKey prinKey(prin); - nsCaps_lock(); - if (NULL == itsPrinToPrivTable->Get(&prinKey)) { - itsPrinToPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); - } - if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) { - itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); - } - theSystemPrincipal = prin; - CreateSystemTargets(prin); - // Load the signed applet's ACL from the persistence store - load(); - nsCaps_unlock(); + PrincipalKey prinKey(prin); + nsCaps_lock(); + if (NULL == itsPrinToPrivTable->Get(&prinKey)) + itsPrinToPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); + if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) + itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsSystemPrivilegeTable()); + theSystemPrincipal = prin; + CreateSystemTargets(prin); + // Load the signed applet's ACL from the persistence store + this->Load(); + nsCaps_unlock(); } -void nsPrivilegeManager::registerPrincipal(nsPrincipal *prin) +void +nsPrivilegeManager::RegisterPrincipal(nsIPrincipal * prin) { - // - // the new PrivilegeTable will have all privileges "blank forever" - // until changed by calls to enablePrincipalPrivilegeHelper - // - PrincipalKey prinKey(prin); - nsCaps_lock(); - if (NULL == itsPrinToPrivTable->Get(&prinKey)) { - itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable()); - } - if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) { - itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsPrivilegeTable()); - } - addToPrinNameToPrincipalTable(prin); - nsCaps_unlock(); + // + // the new PrivilegeTable will have all privileges "blank forever" + // until changed by calls to enablePrincipalPrivilegeHelper + // + PrincipalKey prinKey(prin); + nsCaps_lock(); + if (NULL == itsPrinToPrivTable->Get(&prinKey)) { + itsPrinToPrivTable->Put(&prinKey, new nsPrivilegeTable()); + } + if (NULL == itsPrinToMacroTargetPrivTable->Get(&prinKey)) { + itsPrinToMacroTargetPrivTable->Put(&prinKey, new nsPrivilegeTable()); + } + this->AddToPrinNameToPrincipalTable(prin); + nsCaps_unlock(); } -PRBool nsPrivilegeManager::unregisterPrincipal(nsPrincipal *prin) +PRBool +nsPrivilegeManager::UnregisterPrincipal(nsIPrincipal * prin) { - if (prin->equals(getSystemPrincipal())) { - return PR_FALSE; - } - PrincipalKey prinKey(prin); - nsCaps_lock(); - - /* Get the privilegetables and free them up */ - nsPrivilegeTable *pt = - (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); - if (pt != NULL) { - delete pt; - } - nsPrivilegeTable *mpt = - (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); - if (mpt != NULL) { - delete mpt; - } - - /* Remove the principal */ - void *old_prin = itsPrinToPrivTable->Remove(&prinKey); - void *old_prin1 = itsPrinToMacroTargetPrivTable->Remove(&prinKey); - - /* remove principal from PrinNameToPrincipalTable */ - char *prinName = prin->toString(); - StringKey prinNameKey(prinName); - itsPrinNameToPrincipalTable->Remove(&prinNameKey); - - /* remove the principal from RDF also */ - RDF_RemovePrincipal(prin); - - nsCaps_unlock(); - if ((old_prin == NULL) && (old_prin1 == NULL)) { - return PR_FALSE; - } - return PR_TRUE; + PRBool result; + prin->Equals(this->GetSystemPrincipal(),&result); + if (result) return PR_FALSE; + PrincipalKey prinKey(prin); + nsCaps_lock(); + /* Get the privilegetables and free them up */ + nsPrivilegeTable *pt = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); + if (pt != NULL) delete pt; + nsPrivilegeTable *mpt = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); + if (mpt != NULL) delete mpt; + /* Remove the principal */ + void *old_prin = itsPrinToPrivTable->Remove(&prinKey); + void *old_prin1 = itsPrinToMacroTargetPrivTable->Remove(&prinKey); + /* remove principal from PrinNameToPrincipalTable */ + char * prinName; + prin->ToString(& prinName); + StringKey prinNameKey(prinName); + itsPrinNameToPrincipalTable->Remove(&prinNameKey); + /* remove the principal from RDF also */ + RDF_RemovePrincipal(prin); + nsCaps_unlock(); + return ((old_prin == NULL) && (old_prin1 == NULL)) ? PR_FALSE : PR_TRUE; } -PRBool nsPrivilegeManager::isPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth) +PRBool +nsPrivilegeManager::IsPrivilegeEnabled(nsTarget * target, PRInt32 callerDepth) { - return isPrivilegeEnabled(NULL, target, callerDepth); + return this->IsPrivilegeEnabled(NULL, target, callerDepth); } -PRBool nsPrivilegeManager::isPrivilegeEnabled(void *context, nsTarget *target, PRInt32 callerDepth) +PRBool +nsPrivilegeManager::IsPrivilegeEnabled(void *context, nsTarget * target, PRInt32 callerDepth) { - nsTargetArray * targetArray = new nsTargetArray(); - nsTarget *targ = nsTarget::findTarget(target); - if (targ != target) { - return PR_FALSE; - } - targetArray->Add(targ); - return (checkPrivilegeEnabled(context, targetArray, callerDepth, NULL) != NULL) ? PR_FALSE : PR_TRUE; + nsTargetArray * targetArray = new nsTargetArray(); + nsTarget *targ = nsTarget::FindTarget(target); + if (targ != target) return PR_FALSE; + targetArray->Add(targ); + return (this->CheckPrivilegeEnabled(context, targetArray, callerDepth, NULL) != NULL) ? PR_FALSE : PR_TRUE; } -PRBool nsPrivilegeManager::enablePrivilege(nsTarget *target, PRInt32 callerDepth) +PRBool +nsPrivilegeManager::EnablePrivilege(nsTarget * target, PRInt32 callerDepth) { - return enablePrivilegePrivate(NULL, target, NULL, callerDepth); + return this->EnablePrivilegePrivate(NULL, target, NULL, callerDepth); } -PRBool nsPrivilegeManager::enablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth) +PRBool +nsPrivilegeManager::EnablePrivilege(void* context, nsTarget * target, PRInt32 callerDepth) { - return enablePrivilegePrivate(context, target, NULL, callerDepth); + return this->EnablePrivilegePrivate(context, target, NULL, callerDepth); } -PRBool nsPrivilegeManager::enablePrivilege(nsTarget *target, - nsPrincipal *preferredPrincipal, +PRBool +nsPrivilegeManager::EnablePrivilege(nsTarget *target, + nsIPrincipal * preferredPrincipal, PRInt32 callerDepth) { - return enablePrivilegePrivate(NULL, target, preferredPrincipal, callerDepth); + return this->EnablePrivilegePrivate(NULL, target, preferredPrincipal, callerDepth); } -PRBool nsPrivilegeManager::enablePrivilege(void* context, nsTarget *target, - nsPrincipal *preferredPrincipal, +PRBool +nsPrivilegeManager::EnablePrivilege(void* context, nsTarget * target, nsIPrincipal * preferredPrincipal, PRInt32 callerDepth) { - return enablePrivilegePrivate(context, target, preferredPrincipal, callerDepth); + return this->EnablePrivilegePrivate(context, target, preferredPrincipal, callerDepth); } -PRBool nsPrivilegeManager::revertPrivilege(nsTarget *target, +PRBool +nsPrivilegeManager::RevertPrivilege(nsTarget *target, PRInt32 callerDepth) { - return revertPrivilege(NULL, target, callerDepth); + return this->RevertPrivilege(NULL, target, callerDepth); } -PRBool nsPrivilegeManager::revertPrivilege(void* context, nsTarget *target, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::RevertPrivilege(void* context, nsTarget * target, PRInt32 callerDepth) { - nsTarget *targ = nsTarget::findTarget(target); - if (targ != target) { - //throw new ForbiddenTargetException(target + " is not a registered target"); - return PR_FALSE; - } - - nsPrivilegeTable *privTable = getPrivilegeTableFromStack(context, callerDepth, - PR_TRUE); - nsCaps_lock(); - privTable->put(target, nsPrivilege::findPrivilege(nsPermissionState_Blank, - nsDurationState_Scope)); - nsCaps_unlock(); - return PR_TRUE; + nsTarget *targ = nsTarget::FindTarget(target); + if (targ != target) return PR_FALSE; + nsPrivilegeTable *privTable = this->GetPrivilegeTableFromStack(context, callerDepth, PR_TRUE); + nsCaps_lock(); + privTable->Put(target, nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Scope)); + nsCaps_unlock(); + return PR_TRUE; } -PRBool nsPrivilegeManager::disablePrivilege(nsTarget *target, PRInt32 callerDepth) +PRBool +nsPrivilegeManager::DisablePrivilege(nsTarget * target, PRInt32 callerDepth) { - return disablePrivilege(NULL, target, callerDepth); + return this->DisablePrivilege(NULL, target, callerDepth); } -PRBool nsPrivilegeManager::disablePrivilege(void* context, nsTarget *target, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::DisablePrivilege(void * context, nsTarget * target, PRInt32 callerDepth) { - nsTarget *targ = nsTarget::findTarget(target); - if (targ != target) { - //throw new ForbiddenTargetException(target + " is not a registered target"); - return PR_FALSE; - } - nsPrivilegeTable *privTable = getPrivilegeTableFromStack(context, callerDepth, - PR_TRUE); - nsCaps_lock(); - privTable->put(target, nsPrivilege::findPrivilege(nsPermissionState_Forbidden, - nsDurationState_Scope)); - nsCaps_unlock(); - return PR_TRUE; + nsTarget * targ = nsTarget::FindTarget(target); + if (targ != target) return PR_FALSE; + nsPrivilegeTable *privTable = this->GetPrivilegeTableFromStack(context, callerDepth, PR_TRUE); + nsCaps_lock(); + privTable->Put(target, nsPrivilege::findPrivilege(nsPermissionState_Forbidden, nsDurationState_Scope)); + nsCaps_unlock(); + return PR_TRUE; } -PRBool nsPrivilegeManager::enablePrincipalPrivilegeHelper(nsTarget *target, - PRInt32 callerDepth, - nsPrincipal *preferredPrin, - void * data, - nsTarget *impersonator) +PRBool +nsPrivilegeManager::EnablePrincipalPrivilegeHelper(nsTarget *target, + PRInt32 callerDepth, + nsIPrincipal * preferredPrin, + void * data, + nsTarget *impersonator) { - return enablePrincipalPrivilegeHelper(NULL, target, callerDepth, preferredPrin, - data, impersonator); + return this->EnablePrincipalPrivilegeHelper(NULL, target, callerDepth, preferredPrin, data, impersonator); } -PRBool nsPrivilegeManager::enablePrincipalPrivilegeHelper(void *context, - nsTarget *target, - PRInt32 callerDepth, - nsPrincipal *preferredPrin, - void * data, - nsTarget *impersonator) +PRBool +nsPrivilegeManager::EnablePrincipalPrivilegeHelper(void *context, + nsTarget *target, + PRInt32 callerDepth, + nsIPrincipal * preferredPrin, + void * data, + nsTarget *impersonator) { - nsPrincipalArray* callerPrinArray; - nsPrincipal *useThisPrin = NULL; + nsPrincipalArray* callerPrinArray; + nsIPrincipal * useThisPrin = NULL; + /* Get the registered target */ + nsTarget *targ = nsTarget::FindTarget(target); + if (targ != target) return PR_FALSE; + callerPrinArray = this->GetClassPrincipalsFromStack(context, callerDepth); + if (preferredPrin != NULL) { + nsIPrincipal *callerPrin; + for (PRUint32 i = callerPrinArray->GetSize(); i-- > 0;) { + callerPrin = (nsIPrincipal *)callerPrinArray->Get(i); + PRBool result; + callerPrin->Equals(preferredPrin, & result); + if (result +//XXX ARIEL: update this code soon +// && +// ((callerPrin->isCert() || +// callerPrin->isCertFingerprint())) + ) { - /* Get the registered target */ - nsTarget *targ = nsTarget::findTarget(target); - if (targ != target) { - return PR_FALSE; - /* throw new ForbiddenTargetException(target + " is not a registered target"); */ - } - callerPrinArray = getClassPrincipalsFromStack(context, callerDepth); + useThisPrin = callerPrin; + break; + } + } + if ((useThisPrin == NULL) && (impersonator)){ + nsTarget *t1; + t1 = impersonator; + if (PR_FALSE == this->IsPrivilegeEnabled(context, t1, 0)) return PR_FALSE; + useThisPrin = preferredPrin; + callerPrinArray = new nsPrincipalArray(); + callerPrinArray->Add(preferredPrin); + } + } + if (this->IsPermissionGranted(target, callerPrinArray, data)) return PR_TRUE; - if (preferredPrin != NULL) { - nsPrincipal *callerPrin; - for (PRUint32 i = callerPrinArray->GetSize(); i-- > 0;) { - callerPrin = (nsPrincipal *)callerPrinArray->Get(i); - if ((callerPrin->equals(preferredPrin)) && - ((callerPrin->isCert() || - callerPrin->isCertFingerprint()))) { - - useThisPrin = callerPrin; - break; - } - } - if ((useThisPrin == NULL) && (impersonator)){ - nsTarget *t1; - t1 = impersonator; - if (PR_FALSE == isPrivilegeEnabled(context, t1, 0)) - return PR_FALSE; - useThisPrin = preferredPrin; - callerPrinArray = new nsPrincipalArray(); - callerPrinArray->Add(preferredPrin); - } - } - - if (isPermissionGranted(target, callerPrinArray, data)) - return PR_TRUE; - - // - // before we do the user dialog, we need to figure out which principal - // gets the user's blessing. The applet is allowed to bias this - // by offering a preferred principal. We only honor this if the - // principal is *registered* (stored in itsPrinToPrivTable) and - // is based on cryptographic credentials, rather than a codebase. - // - // if no preferredPrin is specified, or we don't like preferredPrin, - // we'll use the first principal on the calling class. We know that - // cryptographic credentials go first in the list, so this should - // get us something reasonable. - // - - if (useThisPrin == NULL) { - if (callerPrinArray->GetSize() == 0) - // throw new ForbiddenTargetException("request's caller has no principal!"); - - return PR_FALSE; - useThisPrin = (nsPrincipal *)callerPrinArray->Get(0); - } - - // Do a user dialog - return AskPermission(useThisPrin, target, data); + // + // before we do the user dialog, we need to figure out which principal + // gets the user's blessing. The applet is allowed to bias this + // by offering a preferred principal. We only honor this if the + // principal is *registered* (stored in itsPrinToPrivTable) and + // is based on cryptographic credentials, rather than a codebase. + // + // if no preferredPrin is specified, or we don't like preferredPrin, + // we'll use the first principal on the calling class. We know that + // cryptographic credentials go first in the list, so this should + // get us something reasonable. + // + if (useThisPrin == NULL) { + if (callerPrinArray->GetSize() == 0) return PR_FALSE; + // throw new ForbiddenTargetException("request's caller has no principal!"); + useThisPrin = (nsIPrincipal *)callerPrinArray->Get(0); + } + // Do a user dialog + return AskPermission(useThisPrin, target, data); } nsPrivilegeTable * -nsPrivilegeManager::enableScopePrivilegeHelper(nsTarget *target, +nsPrivilegeManager::EnableScopePrivilegeHelper(nsTarget *target, PRInt32 callerDepth, void *data, PRBool helpingSetScopePrivilege, - nsPrincipal *prefPrin) + nsIPrincipal *prefPrin) { - return enableScopePrivilegeHelper(NULL, target, callerDepth, data, + return this->EnableScopePrivilegeHelper(NULL, target, callerDepth, data, helpingSetScopePrivilege, prefPrin); } nsPrivilegeTable * -nsPrivilegeManager::enableScopePrivilegeHelper(void* context, nsTarget *target, +nsPrivilegeManager::EnableScopePrivilegeHelper(void* context, nsTarget *target, PRInt32 callerDepth, void *data, PRBool helpingSetScopePrivilege, - nsPrincipal *prefPrin) + nsIPrincipal * prefPrin) { nsPrivilegeTable *privTable; - nsPrivilege *allowedScope; + nsPrivilege * allowedScope; PRBool res; - nsTarget *targ = nsTarget::findTarget(target); - if (targ != target) { + nsTarget * targ = nsTarget::FindTarget(target); + if (targ != target) return NULL; //throw new ForbiddenTargetException(target + " is not a registered target"); - return NULL; - } - if (prefPrin != NULL) { - res = checkPrivilegeGranted(target, prefPrin, data); - } else { - res = checkPrivilegeGranted(context, target, callerDepth, data); - } - if (res == PR_FALSE) - return NULL; - - privTable = getPrivilegeTableFromStack(context, callerDepth, + (prefPrin != NULL) ? + res = this->CheckPrivilegeGranted(target, prefPrin, data) : + res = this->CheckPrivilegeGranted(context, target, callerDepth, data); + if (res == PR_FALSE) return NULL; + privTable = this->GetPrivilegeTableFromStack(context, callerDepth, (helpingSetScopePrivilege ? PR_FALSE : PR_TRUE)); if (helpingSetScopePrivilege) { - if (privTable == NULL) { - privTable = new nsPrivilegeTable(); - } + if (privTable == NULL) privTable = new nsPrivilegeTable(); } - allowedScope = nsPrivilege::findPrivilege(nsPermissionState_Allowed, - nsDurationState_Scope); - updatePrivilegeTable(target, privTable, allowedScope); + allowedScope = nsPrivilege::findPrivilege(nsPermissionState_Allowed, nsDurationState_Scope); + this->UpdatePrivilegeTable(target, privTable, allowedScope); return privTable; } - -PRBool nsPrivilegeManager::AskPermission(nsPrincipal* useThisPrin, - nsTarget* target, - void* data) +PRBool +nsPrivilegeManager::AskPermission(nsIPrincipal * useThisPrin, nsTarget * target, void * data) { PRBool ret_val = PR_FALSE; nsPrivilege* newPrivilege = NULL; - /* Get the Lock to display the dialog */ nsCaps_lock(); - nsPrincipalArray* callerPrinArray = new nsPrincipalArray(); callerPrinArray->Add(useThisPrin); - - if (PR_TRUE == isPermissionGranted(target, callerPrinArray, data)) { + if (PR_TRUE == this->IsPermissionGranted(target, callerPrinArray, data)) { ret_val = PR_TRUE; goto done; } - // Do a user dialog - newPrivilege = target->enablePrivilege(useThisPrin, data); - + newPrivilege = target->EnablePrivilege(useThisPrin, data); // Forbidden for session is equivelent to decide later. // If the privilege is DECIDE_LATER then throw exception. // That is user should be prompted again when this applet @@ -475,9 +414,7 @@ PRBool nsPrivilegeManager::AskPermission(nsPrincipal* useThisPrin, ret_val = PR_FALSE; goto done; } - - SetPermission(useThisPrin, target, newPrivilege); - + this->SetPermission(useThisPrin, target, newPrivilege); // if newPrivilege is FORBIDDEN then throw an exception if (newPrivilege->isForbidden()) { // "User didn't grant the " + target->getName() + " privilege."; @@ -495,230 +432,205 @@ done: } void -nsPrivilegeManager::SetPermission(nsPrincipal *useThisPrin, +nsPrivilegeManager::SetPermission(nsIPrincipal * useThisPrin, nsTarget *target, nsPrivilege *newPrivilege) { + /* registerPrincipalAndSetPrivileges(useThisPrin, target, newPrivilege); - +//XXX ARIEL - THIS LOOKS SO WRONG, FIX IT!!!!!!!!!!!!!!! //System.out.println("Privilege table modified for: " + // useThisPrin.toVerboseString() + " for target " + // target + " Privilege " + newPrivilege); // Save the signed applet's ACL to the persistence store - char* err = useThisPrin->savePrincipalPermanently(); +// char* err = useThisPrin->savePrincipalPermanently(); if ((err == NULL) && (newPrivilege->getDuration() == nsDurationState_Forever)) { //XXX: How do we save permanent access for unsigned principals /// - if (!useThisPrin->equals(theUnsignedPrincipal)) { - save(useThisPrin, target, newPrivilege); - } + PRBool * result; + useThisPrin->Equals(theUnsignedPrincipal, result); + if (!result) save(useThisPrin, target, newPrivilege); } + */ } void -nsPrivilegeManager::registerPrincipalAndSetPrivileges(nsPrincipal *prin, - nsTarget *target, +nsPrivilegeManager::RegisterPrincipalAndSetPrivileges(nsIPrincipal * prin, nsTarget *target, nsPrivilege *newPrivilege) { nsPrivilegeTable *privTable; - registerPrincipal(prin); + this->RegisterPrincipal(prin); //Store the list of targets for which the user has given privilege PrincipalKey prinKey(prin); nsCaps_lock(); privTable = (nsPrivilegeTable *)itsPrinToMacroTargetPrivTable->Get(&prinKey); - privTable->put(target, newPrivilege); + privTable->Put(target, newPrivilege); nsCaps_unlock(); privTable = (nsPrivilegeTable *)itsPrinToPrivTable->Get(&prinKey); - updatePrivilegeTable(target, privTable, newPrivilege); + this->UpdatePrivilegeTable(target, privTable, newPrivilege); } -void nsPrivilegeManager::updatePrivilegeTable(nsTarget *target, - nsPrivilegeTable *privTable, - nsPrivilege *newPrivilege) +void +nsPrivilegeManager::UpdatePrivilegeTable(nsTarget *target, nsPrivilegeTable *privTable, nsPrivilege *newPrivilege) { - nsTargetArray* primitiveTargets = target->getFlattenedTargetArray(); - nsPrivilege *oldPrivilege; - nsPrivilege *privilege; - nsTarget *primTarget; - + nsTargetArray * primitiveTargets = target->GetFlattenedTargetArray(); + nsPrivilege * oldPrivilege; + nsPrivilege * privilege; + nsTarget * primTarget; nsCaps_lock(); for (int i = primitiveTargets->GetSize(); i-- > 0;) { primTarget = (nsTarget *)primitiveTargets->Get(i); - oldPrivilege = privTable->get(primTarget); + oldPrivilege = privTable->Get(primTarget); if (oldPrivilege != NULL) { privilege = nsPrivilege::add(oldPrivilege, newPrivilege); } else { privilege = newPrivilege; } - privTable->put(primTarget, privilege); + privTable->Put(primTarget, privilege); } nsCaps_unlock(); } -PRBool nsPrivilegeManager::checkPrivilegeGranted(nsTarget *target, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth) { - return checkPrivilegeGranted(NULL, target, callerDepth, NULL); + return this->CheckPrivilegeGranted(NULL, target, callerDepth, NULL); } -PRBool nsPrivilegeManager::checkPrivilegeGranted(void* context, nsTarget *target, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::CheckPrivilegeGranted(void* context, nsTarget *target, PRInt32 callerDepth) { - return checkPrivilegeGranted(context, target, callerDepth, NULL); + return this->CheckPrivilegeGranted(context, target, callerDepth, NULL); } -PRBool nsPrivilegeManager::checkPrivilegeGranted(nsTarget *target, - nsPrincipal *prin, - void *data) +PRBool +nsPrivilegeManager::CheckPrivilegeGranted(nsTarget *target, nsIPrincipal *prin, void *data) { - nsPrivilege * privilege = getPrincipalPrivilege(target, prin, data); - if (!privilege->isAllowed()) { - //throw new ForbiddenTargetException("access to target denied"); - return PR_FALSE; - } - return PR_TRUE; + nsPrivilege * privilege = this->GetPrincipalPrivilege(target, prin, data); + return (privilege->isAllowed()) ? PR_TRUE : PR_FALSE; } -PRBool nsPrivilegeManager::checkPrivilegeGranted(nsTarget *target, - PRInt32 callerDepth, - void *data) +PRBool +nsPrivilegeManager::CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, void *data) { - return checkPrivilegeGranted(NULL, target, callerDepth, data); + return CheckPrivilegeGranted(NULL, target, callerDepth, data); } -PRBool nsPrivilegeManager::checkPrivilegeGranted(void* context, nsTarget *target, - PRInt32 callerDepth, - void *data) +PRBool +nsPrivilegeManager::CheckPrivilegeGranted(void* context, nsTarget *target, PRInt32 callerDepth, void *data) { - nsPrincipalArray* callerPrinArray = - getClassPrincipalsFromStack(context, callerDepth); - - nsPermissionState privilege = - getPrincipalPrivilege(target, callerPrinArray, data); - if (privilege != nsPermissionState_Allowed) { - //throw new ForbiddenTargetException("access to target denied"); - return PR_FALSE; - } - return PR_TRUE; + nsPrincipalArray* callerPrinArray = GetClassPrincipalsFromStack(context, callerDepth); + nsPermissionState privilege = GetPrincipalPrivilege(target, callerPrinArray, data); + return (privilege == nsPermissionState_Allowed) ? PR_TRUE : PR_FALSE; } -nsPrivilegeManager * nsPrivilegeManager::getPrivilegeManager(void) +nsPrivilegeManager * +nsPrivilegeManager::GetPrivilegeManager(void) { - return thePrivilegeManager; + return thePrivilegeManager; } -nsPrincipalArray* nsPrivilegeManager::getMyPrincipals(PRInt32 callerDepth) +nsPrincipalArray * +nsPrivilegeManager::GetMyPrincipals(PRInt32 callerDepth) { - return getMyPrincipals(NULL, callerDepth); + return nsPrivilegeManager::GetMyPrincipals(NULL, callerDepth); } -nsPrincipalArray* nsPrivilegeManager::getMyPrincipals(void* context, - PRInt32 callerDepth) +nsPrincipalArray * +nsPrivilegeManager::GetMyPrincipals(void* context, PRInt32 callerDepth) { - if (thePrivilegeManager == NULL) - return NULL; - return thePrivilegeManager->getClassPrincipalsFromStack(context, callerDepth); + return (thePrivilegeManager == NULL) ? NULL + : thePrivilegeManager->GetClassPrincipalsFromStack(context, callerDepth); } -nsPrincipal* nsPrivilegeManager::getSystemPrincipal(void) +nsIPrincipal * +nsPrivilegeManager::GetSystemPrincipal(void) { - return theSystemPrincipal; + return theSystemPrincipal; } -PRBool nsPrivilegeManager::hasSystemPrincipal(nsPrincipalArray *prinArray) +PRBool +nsPrivilegeManager::HasSystemPrincipal(nsPrincipalArray *prinArray) { - nsPrincipal *sysPrin = getSystemPrincipal(); - nsPrincipal *prin; - - if (sysPrin == NULL) - return PR_FALSE; - for (int i = prinArray->GetSize(); i-- > 0;) { - prin = (nsPrincipal *)prinArray->Get(i); - if (sysPrin->equals(prin)) - return PR_TRUE; - } - return PR_FALSE; + nsIPrincipal * sysPrin = nsPrivilegeManager::GetSystemPrincipal(); + nsIPrincipal * prin; + if (sysPrin == NULL) return PR_FALSE; + for (int i = prinArray->GetSize(); i-- > 0;) { + prin = (nsIPrincipal *)prinArray->Get(i); + PRBool result; + sysPrin->Equals(prin, & result); + if (result) return PR_TRUE; + } + return PR_FALSE; } -nsPrincipal* nsPrivilegeManager::getUnsignedPrincipal(void) +nsIPrincipal * +nsPrivilegeManager::GetUnsignedPrincipal(void) { - return theUnsignedPrincipal; + return theUnsignedPrincipal; } -nsPrincipal* nsPrivilegeManager::getUnknownPrincipal(void) +nsIPrincipal * +nsPrivilegeManager::GetUnknownPrincipal(void) { - return theUnknownPrincipal; + return theUnknownPrincipal; } nsSetComparisonType -nsPrivilegeManager::comparePrincipalArray(nsPrincipalArray* p1, - nsPrincipalArray* p2) +nsPrivilegeManager::ComparePrincipalArray(nsPrincipalArray * p1, nsPrincipalArray * p2) { nsHashtable *p2Hashtable = new nsHashtable(); PRBool value; - nsPrincipal *prin; + nsIPrincipal * prin; PRUint32 i; - for (i = p2->GetSize(); i-- > 0;) { - prin = (nsPrincipal *)p2->Get(i); + prin = (nsIPrincipal *)p2->Get(i); PrincipalKey prinKey(prin); p2Hashtable->Put(&prinKey, (void *)PR_TRUE); } - for (i = p1->GetSize(); i-- > 0;) { - prin = (nsPrincipal *)p1->Get(i); + prin = (nsIPrincipal *)p1->Get(i); PrincipalKey prinKey(prin); value = (PRBool)p2Hashtable->Get(&prinKey); - if (!value) { - // We found an extra element in p1 - return nsSetComparisonType_NoSubset; - } - if (value == PR_TRUE) { - p2Hashtable->Put(&prinKey, (void *)PR_FALSE); - } + if (!value) return nsSetComparisonType_NoSubset; + if (value == PR_TRUE) p2Hashtable->Put(&prinKey, (void *)PR_FALSE); } - for (i = p2->GetSize(); i-- > 0;) { - prin = (nsPrincipal *)p2->Get(i); + prin = (nsIPrincipal *)p2->Get(i); PrincipalKey prinKey(prin); value = (PRBool)p2Hashtable->Get(&prinKey); - if (value == PR_TRUE) { - // We found an extra element in p2 - return nsSetComparisonType_ProperSubset; - } + if (value == PR_TRUE) return nsSetComparisonType_ProperSubset; } - return nsSetComparisonType_Equal; } nsPrincipalArray* -nsPrivilegeManager::intersectPrincipalArray(nsPrincipalArray* p1, - nsPrincipalArray* p2) +nsPrivilegeManager::IntersectPrincipalArray(nsPrincipalArray * p1, nsPrincipalArray * p2) { int p1_length = p1->GetSize(); int p2_length = p2->GetSize(); nsPrincipalArray *in = new nsPrincipalArray(); int count = 0; - nsPrincipal *prin1; - nsPrincipal *prin2; + nsIPrincipal * prin1; + nsIPrincipal * prin2; int i; - in->SetSize(p1_length, 1); int in_length = in->GetSize(); - for (i=0; i < p1_length; i++) { for (int j=0; j < p2_length; j++) { - prin1 = (nsPrincipal *)p1->Get(i); - prin2 = (nsPrincipal *)p2->Get(j); - if (prin1->equals(prin2)) { + prin1 = (nsIPrincipal *)p1->Get(i); + prin2 = (nsIPrincipal *)p2->Get(j); + PRBool eq; + prin1->Equals(prin2, & eq); + if (eq) { in->Set(i, (void *)PR_TRUE); count++; break; @@ -727,10 +639,8 @@ nsPrivilegeManager::intersectPrincipalArray(nsPrincipalArray* p1, } } } - nsPrincipalArray *result = new nsPrincipalArray(); result->SetSize(count, 1); - PRBool doesIntersect; int j=0; PR_ASSERT(in_length == (int)(p1->GetSize())); @@ -743,58 +653,55 @@ nsPrivilegeManager::intersectPrincipalArray(nsPrincipalArray* p1, j++; } } - return result; } -PRBool nsPrivilegeManager::canExtendTrust(nsPrincipalArray* from, - nsPrincipalArray* to) +PRBool +nsPrivilegeManager::CanExtendTrust(nsPrincipalArray * from, nsPrincipalArray * to) { - if ((from == NULL) || (to == NULL)) - return PR_FALSE; - nsPrincipalArray * intersect = intersectPrincipalArray(from, to); - if (intersect->GetSize() == from->GetSize()) - return PR_TRUE; + if ((from == NULL) || (to == NULL)) return PR_FALSE; + nsPrincipalArray * intersect = this->IntersectPrincipalArray(from, to); + if (intersect->GetSize() == from->GetSize()) return PR_TRUE; if (intersect->GetSize() == 0 || (intersect->GetSize() != (from->GetSize() - 1))) return PR_FALSE; int intersect_size = intersect->GetSize(); - nsPrincipal *prin; + nsIPrincipal * prin; int i; for (i=0; i < intersect_size; i++) { - prin = (nsPrincipal *)intersect->Get(i); - if (prin->isCodebase()) - return PR_FALSE; + prin = (nsIPrincipal *)intersect->Get(i); +//XXX ARIEL: update this call +// if (prin->isCodebase()) return PR_FALSE; } int codebaseCount = 0; int from_size = from->GetSize(); for (i=0; i < from_size; i++) { - prin = (nsPrincipal *)from->Get(i); - if (prin->isCodebase()) - codebaseCount++; + prin = (nsIPrincipal *)from->Get(i); +//XXX ARIEL: update this call +// if (prin->isCodebase()) codebaseCount++; } return (codebaseCount == 1) ? PR_TRUE : PR_FALSE; } -PRBool nsPrivilegeManager::checkMatchPrincipal(nsPrincipal *prin, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::CheckMatchPrincipal(nsIPrincipal * prin, PRInt32 callerDepth) { - return checkMatchPrincipal(NULL, prin, callerDepth); + return this->CheckMatchPrincipal(NULL, prin, callerDepth); } -PRBool nsPrivilegeManager::checkMatchPrincipal(void* context, nsPrincipal *prin, - PRInt32 callerDepth) +PRBool +nsPrivilegeManager::CheckMatchPrincipal(void * context, nsIPrincipal * prin, PRInt32 callerDepth) { nsPrincipalArray *prinArray = new nsPrincipalArray(); prinArray->Add(prin); - nsPrincipalArray *classPrinArray = getClassPrincipalsFromStack(context, - callerDepth); - return (comparePrincipalArray(prinArray, classPrinArray) != nsSetComparisonType_NoSubset) ? PR_TRUE : PR_FALSE; + nsPrincipalArray *classPrinArray = this->GetClassPrincipalsFromStack(context, callerDepth); + return (this->ComparePrincipalArray(prinArray, classPrinArray) != nsSetComparisonType_NoSubset) ? PR_TRUE : PR_FALSE; } -static PRBool getPrincipalString(nsHashKey *aKey, void *aData, void* closure) +static PRBool +GetPrincipalString(nsHashKey * aKey, void * aData, void * closure) { /* Admin UI */ /* XXX: Ignore empty strings */ @@ -808,354 +715,270 @@ static PRBool getPrincipalString(nsHashKey *aKey, void *aData, void* closure) } -const char * nsPrivilegeManager::getAllPrincipalsString(void) +const char * +nsPrivilegeManager::GetAllPrincipalsString(void) { - /* Admin UI */ - char *principalStrings=NULL; - if (itsPrinNameToPrincipalTable == NULL) { - return NULL; - } - - nsCaps_lock(); - gListOfPrincipals = NULL; - itsPrinNameToPrincipalTable->Enumerate(getPrincipalString); - if (gListOfPrincipals) { - /* Make a copy of the principals and return it */ - principalStrings = PL_strdup(gListOfPrincipals); - PR_Free(gListOfPrincipals); - } - gListOfPrincipals = NULL; - nsCaps_unlock(); - - return principalStrings; + /* Admin UI */ + char *principalStrings=NULL; + if (itsPrinNameToPrincipalTable == NULL) return NULL; + nsCaps_lock(); + gListOfPrincipals = NULL; + itsPrinNameToPrincipalTable->Enumerate(GetPrincipalString); + if (gListOfPrincipals) { + principalStrings = PL_strdup(gListOfPrincipals); + PR_Free(gListOfPrincipals); + } + gListOfPrincipals = NULL; + nsCaps_unlock(); + return principalStrings; } -nsPrincipal * nsPrivilegeManager::getPrincipalFromString(char *prinName) +nsIPrincipal * +nsPrivilegeManager::GetPrincipalFromString(char *prinName) { /* Admin UI */ StringKey prinNameKey(prinName); nsCaps_lock(); - nsPrincipal *prin = - (nsPrincipal *)itsPrinNameToPrincipalTable->Get(&prinNameKey); + nsIPrincipal * prin = (nsIPrincipal *)itsPrinNameToPrincipalTable->Get(&prinNameKey); nsCaps_unlock(); return prin; } -static PRBool getPermissionsString(nsHashKey *aKey, void *aData, void* closure) +static PRBool +GetPermissionsString(nsHashKey * aKey, void * aData, void * closure) { - /* Admin UI */ - TargetKey *targetKey = (TargetKey *) aKey; - nsTarget *target = targetKey->itsTarget; - nsPrivilege *priv = (nsPrivilege *)aData; - char *desc = target->getDescription(); - if (priv->isAllowedForever()) { - gForever = PR_sprintf_append(gForever, "