Fix to the caps security module. I removed the nsPrincipal struct, from now

on you can access principals by their xpcomed interface nsIPrincipal.

caps/idl/MANIFEST

@@ -1,6 +1,3 @@
 nsIPrincipal.idl
-nsICodebasePrincipal.idl
-nsICertificatePrincipal.idl
-nsICodeSourcePrincipal.idl
 nsIScriptSecurityManager.idl
 nsICapsSecurityCallbacks.idl

caps/idl/Makefile.in

@@ -24,13 +24,10 @@ include $(DEPTH)/config/autoconf.mk
 
 MODULE = caps
 
-XPIDLSRCS = \
+XPIDLSRCS =                          \
 	nsIScriptSecurityManager.idl \
 	nsICapsSecurityCallbacks.idl \
-	nsIPrincipal.idl \
+	nsIPrincipal.idl             \
-	nsICodebasePrincipal.idl \
-	nsICertificatePrincipal.idl \
-	nsICodeSourcePrincipal.idl \
 	$(NULL)
 
 include $(topsrcdir)/config/rules.mk

caps/idl/makefile.win

@@ -19,13 +19,10 @@ DEPTH=..\..
 
 MODULE=caps
 
-XPIDLSRCS= \
+XPIDLSRCS=                                \
 	   .\nsIScriptSecurityManager.idl \
            .\nsICapsSecurityCallbacks.idl \
-	   .\nsIPrincipal.idl \
+	   .\nsIPrincipal.idl             \
-	   .\nsICertificatePrincipal.idl \
-	   .\nsICodebasePrincipal.idl    \
-	   .\nsICodeSourcePrincipal.idl \
            $(NULL)
 
 include <$(DEPTH)\config\rules.mak>

caps/idl/nsIPrincipal.idl

@@ -17,8 +17,37 @@
  */
 
 #include "nsISupports.idl"
+
 [uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]
 interface nsIPrincipal : nsISupports {
-void IsTrusted([const] in string scope, out boolean pbIsTrusted);
+	const short PrincipalType_Unknown=-1;
+	const short PrincipalType_CodebaseExact=1;
+	const short PrincipalType_CodebaseRegex=2;
+	const short PrincipalType_Certificate=3;
+	const short PrincipalType_CertificateFingerPrint=4;
+	const short PrincipalType_CertificateKey=5;
+	const short PrincipalType_CertificateChain=6;
+
+	void GetType(out short type);
+	void IsSecure(out boolean result);
+	void ToString(out string result);
+	void HashCode(out unsigned long code);
+	void Equals(in nsIPrincipal other, out boolean result);
 };
 
+[uuid(c29fe440-25e1-11d2-8160-006008119d7a)]
+interface nsICodebasePrincipal : nsIPrincipal {
+	void GetURL(out string ppCodeBaseURL);
+	void IsCodebaseExact(out boolean result);
+	void IsCodebaseRegex(out boolean result);
+};
+
+[uuid(ebfefcd0-25e1-11d2-8160-006008119d7a)]
+interface nsICertificatePrincipal : nsIPrincipal {
+	void GetPublicKey(out string publicKey, out unsigned long publicKeySize);
+	void GetCompanyName(out string ppCompanyName);
+	void GetCertificateAuthority(out string ppCertAuthority);
+	void GetSerialNumber(out string ppSerialNumber);
+	void GetExpirationDate(out string ppExpDate);
+	void GetFingerPrint(out string ppFingerPrint);
+};

caps/include/MANIFEST

@@ -1,20 +1,25 @@
-nsZig.h
-nsPrincipal.h
-nsPrivilege.h
-nsPrivilegeManager.h
-nsPrivilegeTable.h
-nsSystemPrivilegeTable.h
-nsTarget.h
-nsUserTarget.h
-jpermission.h
-nsUserDialogHelper.h
-nsZip.h
-nsLoadZig.h
 admin.h
+jpermission.h
 nsCaps.h
 nsCapsEnums.h
 nsCCapsManager.h
 nsCCapsManagerFactory.h
 nsCertificatePrincipal.h
 nsCodebasePrincipal.h
-nsCCodeSourcePrincipal.h
+nsLoadZig.h
+nsPrincipalTools.h
+nsPrivilege.h
+nsPrivilegeManager.h
+nsPrivilegeTable.h
+nsSystemPrivilegeTable.h
+nsTarget.h
+nsUserDialogHelper.h
+nsUserTarget.h
+nsZig.h
+nsZip.h
+
+
+
+
+
+

caps/include/Makefile.in

@@ -23,26 +23,26 @@ VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
 
-EXPORTS	= nsZip.h \
+EXPORTS	=                        \
-	nsZig.h \
+	admin.h                  \
-	nsLoadZig.h \
+	jpermission.h            \
-	nsPrincipal.h \
+	nsCaps.h                 \
-	nsPrivilege.h \
+	nsCapsEnums.h            \
-	nsPrivilegeManager.h \
+	nsCCapsManager.h         \
-	nsPrivilegeTable.h \
+	nsCCapsManagerFactory.h  \
+	nsCertificatePrincipal.h \
+	nsCodebasePrincipal.h    \
+	nsLoadZig.h              \
+	nsPrincipalTools.h       \
+	nsPrivilege.h            \
+	nsPrivilegeManager.h     \
+	nsPrivilegeTable.h       \
 	nsSystemPrivilegeTable.h \
-	nsTarget.h \
+	nsTarget.h               \
-	nsUserTarget.h \
+	nsUserDialogHelper.h     \
-	jpermission.h \
+	nsUserTarget.h           \
-	nsUserDialogHelper.h \
+	nsZig.h                  \	
-	admin.h \
+	nsZip.h 
-	nsCaps.h \
-	nsCapsEnums.h \
-	nsCCapsManagerFactory.h \
-	nsCCapsManager.h \
-	nsCertificatePrincipal.h     \
-	nsCodebasePrincipal.h \
-	nsCCodeSourcePrincipal.h
 
 EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))
 

caps/include/makefile.win

@@ -28,27 +28,26 @@ IGNORE_MANIFEST=1
 
 MODULE=caps 
 DEPTH=..\..
-EXPORTS=nsZip.h \
+EXPORTS=                           \
-	nsZig.h \
+	admin.h                    \
-	nsLoadZig.h \
+	jpermission.h              \
-	nsPrincipal.h \
+	nsCaps.h                   \
-	nsPrivilege.h \
+	nsCapsEnums.h              \
-	nsPrivilegeManager.h \
+	nsCCapsManager.h           \
-	nsPrivilegeTable.h \
+	nsCCapsManagerFactory.h    \
-	nsSystemPrivilegeTable.h \
+	nsCertificatePrincipal.h   \
-	nsTarget.h \
+	nsCodebasePrincipal.h      \
-	nsUserTarget.h \
+	nsLoadZig.h                \
-	jpermission.h \
+	nsPrincipalTools.h         \
-	nsUserDialogHelper.h \
+	nsPrivilege.h              \
-	admin.h \
+	nsPrivilegeManager.h       \
-	nsCaps.h \
+	nsPrivilegeTable.h         \
-	nsCapsEnums.h \
+	nsSystemPrivilegeTable.h   \
-	nsCCapsManager.h       \
+	nsTarget.h                 \
-	nsCertificatePrincipal.h     \
+	nsUserDialogHelper.h       \
-	nsCodebasePrincipal.h \
+	nsUserTarget.h             \
-	nsCCapsManagerFactory.h \
+	nsZig.h                    \
-	nsCCodeSourcePrincipal.h
+	nsZip.h
-
 
 include <$(DEPTH)/config/rules.mak>
 

caps/include/nsCCapsManager.h

@@ -16,15 +16,13 @@
  * Reserved.
  */
 
-#ifndef nsCCapsManager_h___
+#ifndef _NS_CCAPS_MANANGER_H_
-#define nsCCapsManager_h___
+#define _NS_CCAPS_MANAGER_H_
 
 #include "nsIPrincipal.h"
 #include "nsISupports.h"
 #include "nsICapsManager.h"
 #include "nsAgg.h"
-
-#include "nsPrincipal.h"
 #include "nsPrivilegeManager.h"
 
 /**
@@ -37,238 +35,232 @@
  */
 class nsCCapsManager : public nsICapsManager {
 public:
-    ////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////
-    // from nsISupports and AggregatedQueryInterface:
+// from nsISupports and AggregatedQueryInterface:
 
-    NS_DECL_AGGREGATED
+NS_DECL_AGGREGATED
 
-    ////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////
-    // from nsICapsManager:
+// from nsICapsManager:
 
-    NS_IMETHOD
+NS_IMETHOD
-    CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
+CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
 
-    NS_IMETHOD
+NS_IMETHOD
-    CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
+CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
 
-    /**
+/**
-     * Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal 
+ * Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal 
-     * and nsICertPrincipal
+ * and nsICertPrincipal
-     *
+ *
-     * @param certByteData     - The ceritificate's byte array data including the chain.
+ * @param certByteData     - The ceritificate's byte array data including the chain.
-     * @param certByteDataSize - the length of certificate byte array.
+ * @param certByteDataSize - the length of certificate byte array.
-     * @param codebaseURL - the codebase URL
+ * @param codebaseURL - the codebase URL
-     */
+ */
-    NS_IMETHOD
+/*
-    CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
+NS_IMETHOD
+CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
+*/
 
+/**
+ * Returns the permission for given principal and target
+ *
+ * @param prin   - is either certificate principal or codebase principal
+ * @param target - is NS_ALL_PRIVILEGES.
+ * @param state  - the return value is passed in this parameter.
+ */
+NS_IMETHOD
+GetPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * state);
 
-    /**
+/**
-     * Returns the permission for given principal and target
+ * Set the permission state for given principal and target. This wouldn't 
-     *
+ * prompt the end user with UI.
-     * @param prin   - is either certificate principal or codebase principal
+ *
-     * @param target - is NS_ALL_PRIVILEGES.
+ * @param prin   - is either certificate principal or codebase principal
-     * @param state  - the return value is passed in this parameter.
+ * @param target - is NS_ALL_PRIVILEGES.
-     */
+ * @param state  - is permisson state that should be set for the given prin
-    NS_IMETHOD
+ *                 and target parameters.
-    GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state);
+ */
+NS_IMETHOD
+SetPermission(nsIPrincipal * prin, nsTarget* target, nsPermission state);
 
-    /**
+/**
-     * Set the permission state for given principal and target. This wouldn't 
+ * Prompts the user if they want to grant permission for the given principal and 
-     * prompt the end user with UI.
+ * for the given target. 
-     *
+ *
-     * @param prin   - is either certificate principal or codebase principal
+ * @param prin   - is either certificate principal or codebase principal
-     * @param target - is NS_ALL_PRIVILEGES.
+ * @param target - is NS_ALL_PRIVILEGES.
-     * @param state  - is permisson state that should be set for the given prin
+ * @param result - is the permission user has given for the given principal and 
-     *                 and target parameters.
+ *                 target
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state);
+AskPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * result);
-
-    /**
-     * Prompts the user if they want to grant permission for the given principal and 
-     * for the given target. 
-     *
-     * @param prin   - is either certificate principal or codebase principal
-     * @param target - is NS_ALL_PRIVILEGES.
-     * @param result - is the permission user has given for the given principal and 
-     *                 target
-     */
-    NS_IMETHOD
-    AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result);
 
 
 
-    /* 
+/* 
-     * All of the following methods are used by JS (the code located
+ * All of the following methods are used by JS (the code located
-     * in lib/libmocha area).
+ * in lib/libmocha area).
-     */
+ */
 
-    /**
+/**
-     * Initializes the capabilities subsytem (ie setting the system principal, initializing
+ * Initializes the capabilities subsytem (ie setting the system principal, initializing
-     * privilege Manager, creating the capsManager factory etc 
+ * privilege Manager, creating the capsManager factory etc 
-     *
+ *
-     * @param result - is true if principal was successfully registered with the system
+ * @param result - is true if principal was successfully registered with the system
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    Initialize(PRBool *result);
+Initialize(PRBool * result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
+InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
 
-    /**
+/**
-     * Registers the given Principal with the system.
+ * Registers the given Principal with the system.
-     *
+ *
-     * @param prin   - is either certificate principal or codebase principal
+ * @param prin   - is either certificate principal or codebase principal
-     * @param result - is true if principal was successfully registered with the system
+ * @param result - is true if principal was successfully registered with the system
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    RegisterPrincipal(nsIPrincipal* prin, PRBool *result);
+RegisterPrincipal(nsIPrincipal * prin);
 
-    /**
+/**
-     * Prompts the user if they want to grant permission for the principal located
+ * Prompts the user if they want to grant permission for the principal located
-     * at the given stack depth for the given target. 
+ * at the given stack depth for the given target. 
-     *
+ *
-     * @param context      - is the parameter JS needs to determinte the principal 
+ * @param context      - is the parameter JS needs to determinte the principal 
-     * @param targetName   - is the name of the target.
+ * @param targetName   - is the name of the target.
-     * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
+ * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
-     *                       principal 
+ *                       principal 
-     * @param result - is true if user has given permission for the given principal and 
+ * @param result - is true if user has given permission for the given principal and 
-     *                 target
+ *                 target
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
+EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
 
-    /**
+/**
-     * Returns if the user granted permission for the principal located at the given 
+ * Returns if the user granted permission for the principal located at the given 
-     * stack depth for the given target. 
+ * stack depth for the given target. 
-     *
+ *
-     * @param context     - is the parameter JS needs to determinte the principal 
+ * @param context     - is the parameter JS needs to determinte the principal 
-     * @param targetName  - is the name of the target.
+ * @param targetName  - is the name of the target.
-     * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the 
+ * @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the 
-     *                      principal 
+ *                      principal 
-     * @param result - is true if user has given permission for the given principal and 
+ * @param result - is true if user has given permission for the given principal and 
-     *                 target
+ *                 target
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
+IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
 
-    /**
+/**
-     * Reverts the permission (granted/denied) user gave for the principal located
+ * Reverts the permission (granted/denied) user gave for the principal located
-     * at the given stack depth for the given target. 
+ * at the given stack depth for the given target. 
-     *
+ *
-     * @param context      - is the parameter JS needs to determinte the principal 
+ * @param context      - is the parameter JS needs to determinte the principal 
-     * @param targetName   - is the name of the target.
+ * @param targetName   - is the name of the target.
-     * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
+ * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
-     *                       principal 
+ *                       principal 
-     * @param result - is true if user has given permission for the given principal and 
+ * @param result - is true if user has given permission for the given principal and 
-     *                 target
+ *                 target
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
+RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
 
-    /**
+/**
-     * Disable permissions for the principal located at the given stack depth for the 
+ * Disable permissions for the principal located at the given stack depth for the 
-     * given target. 
+ * given target. 
-     *
+ *
-     * @param context      - is the parameter JS needs to determinte the principal 
+ * @param context      - is the parameter JS needs to determinte the principal 
-     * @param targetName   - is the name of the target.
+ * @param targetName   - is the name of the target.
-     * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
+ * @param callerDepth  - is the depth of JS stack frame, which JS uses to determinte the 
-     *                       principal 
+ *                       principal 
-     * @param result - is true if user has given permission for the given principal and 
+ * @param result - is true if user has given permission for the given principal and 
-     *                 target
+ *                 target
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
+DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
 
 
-    /* XXX: Some of the arguments for the following interfaces may change.
+/* XXX: Some of the arguments for the following interfaces may change.
-     * This is a first cut. I need to talk to joki. We should get rid of void* parameters.
+ * This is a first cut. I need to talk to joki. We should get rid of void* parameters.
-     */
+ */
-    NS_IMETHOD
+NS_IMETHOD
-    ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
+ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
+IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
+CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
 
 
-    /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
+/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
+/*
+NS_IMETHOD
+NewPrincipal(PRInt16 prinType, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
+IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
+ToString(nsIPrincipal* principal, char* *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    ToString(nsIPrincipal* principal, char* *result);
+GetVendor(nsIPrincipal* principal, char* *result);
+*/
+NS_IMETHOD
+CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    GetVendor(nsIPrincipal* principal, char* *result);
+NewPrincipalArray(PRUint32 count, void* *result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
+FreePrincipalArray(void *prinArray);
 
-    NS_IMETHOD
+NS_IMETHOD
-    NewPrincipalArray(PRUint32 count, void* *result);
+GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * * result);
 
-    NS_IMETHOD
+NS_IMETHOD
-    FreePrincipalArray(void *prinArray);
+SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * principal);
 
-    NS_IMETHOD
+NS_IMETHOD
-    GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *result);
+GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
 
-    NS_IMETHOD
+/* The following interfaces will replace all of the following old calls.
-    SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* principal);
+ *
+ * nsCapsGetPermission(struct nsPrivilege *privilege)
+ * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
+ *
+ */
+NS_IMETHOD
+IsAllowed(void *annotation, char* target, PRBool *result);
 
-    NS_IMETHOD
+////////////////////////////////////////////////////////////////////////////
-    GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
+// from nsCCapsManager:
 
-    /* The following interfaces will replace all of the following old calls.
+nsCCapsManager(nsISupports *aOuter);
-     *
+virtual ~nsCCapsManager(void);
-     * nsCapsGetPermission(struct nsPrivilege *privilege)
-     * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
-     *
-     */
-    NS_IMETHOD
-    IsAllowed(void *annotation, char* target, PRBool *result);
 
-    /* XXX: TODO: We need to set up the JS frame walking callbacks */
+void
+CreateNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
+/*
+NS_METHOD
+GetNSPrincipal(nsIPrincipal * pNSIPrincipal, nsIPrincipal ** ppNSPRincipal);
+*/
+NS_METHOD
+GetNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
 
+nsPermission
+ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
 
+nsPrivilege *
+ConvertPermissionToPrivilege(nsPermission state);
 
-    ////////////////////////////////////////////////////////////////////////////
+void
-    // from nsCCapsManager:
+SetSystemPrivilegeManager();
-
-    nsCCapsManager(nsISupports *aOuter);
-    virtual ~nsCCapsManager(void);
-
-    void
-    CreateNSPrincipalArray(nsPrincipalArray* prinArray, 
-                           nsPrincipalArray* *pPrincipalArray);
-
-    NS_METHOD
-    GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPRincipal);
-
-    NS_METHOD
-    GetNSPrincipalArray(nsPrincipalArray* prinArray, 
-                        nsPrincipalArray* *pPrincipalArray);
-
-    nsPermission
-    ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
-
-    nsPrivilege *
-    ConvertPermissionToPrivilege(nsPermission state);
-
-    void
-    SetSystemPrivilegeManager();
-
 
 protected:
-    nsPrivilegeManager    *m_pNSPrivilegeManager;  
+    nsPrivilegeManager * privilegeManager;  
 };
 
 #endif // nsCCapsManager_h___

caps/include/nsCaps.h

@@ -21,14 +21,13 @@
 
 #include "prtypes.h"
 #include "nsCapsEnums.h"
-
 PR_BEGIN_EXTERN_C
 
-struct nsPrincipal;
+class nsTarget;
-struct nsTarget;
+class nsIPrincipal;
+class nsPrivilegeTable;
 struct nsPrivilegeManager;
 struct nsPrivilege;
-struct nsPrivilegeTable;
 struct NSJSJavaFrameWrapper;
 
 /* wrappers for nsPrivilegeManager object */
@@ -36,19 +35,19 @@ PR_IMPLEMENT(PRBool)
 nsCapsInitialize();
 
 PR_EXTERN(PRBool) 
-nsCapsRegisterPrincipal(struct nsPrincipal *principal); 
+nsCapsRegisterPrincipal(class nsIPrincipal * principal); 
 
 PR_EXTERN(PRBool) 
-nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
+nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
 
 PR_EXTERN(PRBool) 
-nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth);
+nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth);
 
 PR_EXTERN(PRBool) 
-nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
+nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
 
 PR_EXTERN(PRBool) 
-nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
+nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
 
 PR_EXTERN(void*) 
 nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
@@ -63,38 +62,39 @@ PR_EXTERN(PRBool)
 nsCapsCanExtendTrust(void* from, void* to);
 
 
+
 /* wrappers for nsPrincipal object */
-PR_EXTERN(struct nsPrincipal *) 
+PR_EXTERN(class nsIPrincipal *) 
-nsCapsNewPrincipal(nsPrincipalType type, void * key, 
+nsCapsNewPrincipal(PRInt16 * principalType, void * key, 
                    PRUint32 key_len, void *zig);
 
 PR_EXTERN(const char *) 
-nsCapsPrincipalToString(struct nsPrincipal *principal);
+nsCapsPrincipalToString(nsIPrincipal * principal);
 
 PR_EXTERN(PRBool) 
-nsCapsIsCodebaseExact(struct nsPrincipal *principal);
+nsCapsIsCodebaseExact(nsIPrincipal * principal);
 
 PR_EXTERN(const char *) 
-nsCapsPrincipalGetVendor(struct nsPrincipal *principal);
+nsCapsPrincipalGetVendor(nsIPrincipal * principal);
 
 PR_EXTERN(void *) 
 nsCapsNewPrincipalArray(PRUint32 count);
 
 PR_EXTERN(void) 
-nsCapsFreePrincipalArray(void *prinArray);
+nsCapsFreePrincipalArray(void * prinArray);
 
 PR_EXTERN(void *) 
-nsCapsGetPrincipalArrayElement(void *prinArray, PRUint32 index);
+nsCapsGetPrincipalArrayElement(void * prinArray, PRUint32 index);
 
 PR_EXTERN(void) 
-nsCapsSetPrincipalArrayElement(void *prinArray, PRUint32 index, void *element);
+nsCapsSetPrincipalArrayElement(void * prinArray, PRUint32 index, void *element);
 
 PR_EXTERN(PRUint32) 
-nsCapsGetPrincipalArraySize(void *prinArray);
+nsCapsGetPrincipalArraySize(void * prinArray);
 
 
 /* wrappers for nsTarget object */
-PR_EXTERN(struct nsTarget *) 
+PR_EXTERN(class nsTarget *) 
 nsCapsFindTarget(char *name);
 
 
@@ -104,8 +104,8 @@ nsCapsGetPermission(struct nsPrivilege *privilege);
 
 
 /* wrappers for nsPrivilegeTable object */
-PR_EXTERN(struct nsPrivilege *)
+PR_EXTERN(nsPrivilege *)
-nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target);
+nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget * target);
 
 /* Methods for stack walking */
 

caps/include/nsCertificatePrincipal.h

@@ -16,85 +16,64 @@
  * Reserved.
  */
 
-#ifndef nsCertificatePrincipal_h___
+#ifndef _NS_CERTIFICATE_PRINCIPAL_H_
-#define nsCertificatePrincipal_h___
+#define _NS_CERTIFICATE_PRINCIPAL_H_
-
+#include "nsVector.h"
-#include "nsICertificatePrincipal.h"
+#include "nsIPrincipal.h"
-#include "nsPrincipal.h"
 
 class nsCertificatePrincipal : public nsICertificatePrincipal {
 public:
-    ////////////////////////////////////////////////////////////////////////////
+	NS_DECL_ISUPPORTS
-    // from nsISupports:
-    NS_DECL_ISUPPORTS
-    ////////////////////////////////////////////////////////////////////////////
-    // from nsIPrincipal:
 
-    NS_IMETHOD
+	NS_IMETHOD
-    IsTrusted(const char* scope, PRBool *pbIsTrusted);
+	GetPublicKey(char ** pk, PRUint32 * pkSize);
-     
-    ////////////////////////////////////////////////////////////////////////////
-    // from nsICertificatePrincipal:
-    /**
-     * Returns the public key of the certificate.
-     *
-     * @param publicKey -     the Public Key data will be returned in this field.
-     * @param publicKeySize - the length of public key data is returned in this
-     *                        parameter.
-     */
-    NS_IMETHOD
-    GetPublicKey(char **publicKey, PRUint32 *publicKeySize);
 
-    /**
+	NS_IMETHOD
-     * Returns the company name of the ceritificate (OU etc parameters of certificate)
+	GetCompanyName(char ** cn);
-     *
-     * @param result - the certificate details about the signer.
-     */
-    NS_IMETHOD
-    GetCompanyName(char **ppCompanyName);
 
-    /**
+	NS_IMETHOD
-     * Returns the certificate issuer's data (OU etc parameters of certificate)
+	GetCertificateAuthority(char ** ca);
-     *
-     * @param result - the details about the issuer
-     */
-    NS_IMETHOD
-    GetCertificateAuthority(char **ppCertAuthority);
 
-    /**
+	NS_IMETHOD
-     * Returns the serial number of certificate 
+	GetSerialNumber(char ** sn);
-     *
-     * @param result - Returns the serial number of certificate 
-     */
-    NS_IMETHOD
-    GetSerialNumber(char **ppSerialNumber);
 
-    /**
+	NS_IMETHOD
-     * Returns the expiration date of certificate 
+	GetExpirationDate(char ** ed);
-     *
-     * @param result - Returns the expiration date of certificate 
-     */
-    NS_IMETHOD
-    GetExpirationDate(char **ppExpDate);
 
-    /**
+	NS_IMETHOD
-     * Returns the finger print of certificate 
+	GetFingerPrint(char ** fp);
-     *
-     * @param result - Returns the finger print of certificate 
-     */
-    NS_IMETHOD
-    GetFingerPrint(char **ppFingerPrint);
 
-    ////////////////////////////////////////////////////////////////////////////
+	NS_IMETHOD
-    // from nsCertificatePrincipal:
+	GetType(PRInt16 * type);
-    nsCertificatePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result);
-    nsCertificatePrincipal(nsPrincipal *pNSPrincipal);
 
-    virtual ~nsCertificatePrincipal(void);
+	NS_IMETHOD
-    nsPrincipal *GetPeer(void);
+	IsSecure(PRBool * result);
+
+	NS_IMETHOD
+	ToString(char ** result);
+
+	NS_IMETHOD
+	HashCode(PRUint32 * code);
+
+	NS_IMETHOD
+	Equals(nsIPrincipal * other, PRBool * result);
+
+	nsCertificatePrincipal(PRInt16 * type, const unsigned char ** certChain,
+					 PRUint32 * certChainLengths, PRUint32 noOfCerts, nsresult * result);
+	virtual ~nsCertificatePrincipal(void);
 
 protected:
-    nsPrincipal *m_pNSPrincipal;
+	PRInt16 itsType;
+	char * itsKey;
+	PRUint32 itsKeyLength;
+	nsVector * itsCertificateArray;
+	char * itsCompanyName;
+	char * itsCertificateAuthority;
+	char * itsSerialNumber;
+	char * itsExpirationDate;
+	char * itsFingerPrint;	
+	char * itsNickname;
+	char * itsString;
 };
 
-#endif // nsCCertificatePrincipal_h___
+#endif // _NS_CERTIFICATE_PRINCIPAL_H_

caps/include/nsCodebasePrincipal.h

@@ -16,48 +16,46 @@
  * Reserved.
  */
 
-#ifndef nsCodebasePrincipal_h___
+#ifndef _NS_CODEBASE_PRINCIPAL_H_
-#define nsCodebasePrincipal_h___
+#define _NS_CODEBASE_PRINCIPAL_H_
 
-#include "nsICodebasePrincipal.h"
+#include "nsIPrincipal.h"
-#include "nsPrincipal.h"
 
 class nsCodebasePrincipal : public nsICodebasePrincipal {
 public:
-    ////////////////////////////////////////////////////////////////////////////
-    // from nsISupports:
 
-    NS_DECL_ISUPPORTS
+	NS_DECL_ISUPPORTS
 
-    ////////////////////////////////////////////////////////////////////////////
+	NS_IMETHOD
-    // from nsIPrincipal:
+	GetURL(char ** cburl);
 
-    NS_IMETHOD
+	NS_IMETHOD 
-    IsTrusted(const char* scope, PRBool *pbIsTrusted);
+	IsCodebaseExact(PRBool * result);
-     
 
-    ///////////////////////////////////////////////////////////////////////////
+	NS_IMETHOD
-    // from nsICodebasePrincipal:
+	IsCodebaseRegex(PRBool * result);
 
-    /**
+	NS_IMETHOD
-     * Returns the codebase URL of the principal.
+	GetType(PRInt16 * type);
-     *
-     * @param result - the resulting codebase URL
-     */
-    NS_IMETHOD
-    GetURL(char **ppCodeBaseURL);
 
-    ////////////////////////////////////////////////////////////////////////////
+	NS_IMETHOD
-    // from nsCCodebasePrincipal:
+	IsSecure(PRBool * result);
 
-    nsCodebasePrincipal(const char *codebaseURL, nsresult *result);
+	NS_IMETHOD
-    nsCodebasePrincipal(nsPrincipal *pNSPrincipal);
+	ToString(char ** result);
 
-    virtual ~nsCodebasePrincipal(void);
+	NS_IMETHOD
-    nsPrincipal *GetPeer(void);
+	HashCode(PRUint32 * code);
+
+	NS_IMETHOD
+	Equals(nsIPrincipal * other, PRBool * result);
+
+	nsCodebasePrincipal(PRInt16 * type, const char *codebaseURL);
+	virtual ~nsCodebasePrincipal(void);
 
 protected:
-    nsPrincipal *m_pNSPrincipal;
+	const char * codeBaseURL;
+	PRInt16  * itsType;
 };
 
-#endif // nsCCodebasePrincipal_h___
+#endif // _NS_CODEBASE_PRINCIPAL_H_

caps/include/nsPrincipalTools.h

@@ -0,0 +1,34 @@
+#ifndef _NS_PRINCIPAL_TOOLS_H_
+#define _NS_PRINCIPAL_TOOLS_H_
+
+#include "nsIPrincipal.h"
+#include "nsHashtable.h"
+
+typedef  nsVector nsPrincipalArray;
+
+class PrincipalKey: public nsHashKey {
+public:
+	nsIPrincipal * itsPrincipal;
+
+	PrincipalKey(nsIPrincipal * prin) {
+		itsPrincipal = prin;
+	}
+
+	PRUint32 HashValue(void) const {
+		PRUint32 * code;
+		itsPrincipal->HashCode(code);
+		return *code;
+	}
+
+	PRBool Equals(const nsHashKey * aKey) const {
+		PRBool * result;
+		itsPrincipal->Equals(((const PrincipalKey *) aKey)->itsPrincipal, result);
+		return *result;
+	}
+
+	nsHashKey * Clone(void) const {
+	  return new PrincipalKey(itsPrincipal);
+	}
+};
+
+#endif _NS_PRINCIPAL_TOOLS_H_

caps/include/nsPrivilege.h

@@ -20,7 +20,7 @@
 #define _NS_PRIVILEGE_H_
 
 #include "prtypes.h"
-#include "nsCaps.h"
+//#include "nsCaps.h"
 #include "nsCapsEnums.h"
 
 PRBool nsPrivilegeInitialize(void);

caps/include/nsPrivilegeManager.h

@@ -23,11 +23,11 @@
 #include "prio.h"
 #include "prmon.h"
 #include "nsHashtable.h"
-
 #include "nsVector.h"
 #include "nsCaps.h"
 #include "nsTarget.h"
-#include "nsPrincipal.h"
+#include "nsIPrincipal.h"
+#include "nsPrincipalTools.h"
 #include "nsPrivilege.h"
 #include "nsPrivilegeTable.h"
 #include "nsSystemPrivilegeTable.h"
@@ -45,190 +45,221 @@ PRBool nsPrivilegeManagerInitialize(void);
 struct nsPrivilegeManager {
 
 public:
-	/* Public Methods */
+/* Public Methods */
 
-	nsPrivilegeManager(void);
+nsPrivilegeManager(void);
-	virtual ~nsPrivilegeManager(void);
+virtual ~nsPrivilegeManager(void);
 
-	void registerSystemPrincipal(nsPrincipal *principal);
+void 
+RegisterSystemPrincipal(nsIPrincipal * principal);
 
-	void registerPrincipal(nsPrincipal *principal);
+void 
+RegisterPrincipal(nsIPrincipal * principal);
 
-	PRBool unregisterPrincipal(nsPrincipal *principal);
+PRBool 
+UnregisterPrincipal(nsIPrincipal * principal);
 
-	PRBool isPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
+PRBool 
+IsPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
 
-	PRBool isPrivilegeEnabled(void* context, nsTarget *target, 
+PRBool 
-                              PRInt32 callerDepth);
+IsPrivilegeEnabled(void* context, nsTarget *target, 
+                          PRInt32 callerDepth);
 
-	PRBool enablePrivilege(nsTarget *target, PRInt32 callerDepth);
+PRBool 
+EnablePrivilege(nsTarget *target, PRInt32 callerDepth);
 
-	PRBool enablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
+PRBool 
+EnablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
 
-	PRBool enablePrivilege(nsTarget *target, nsPrincipal *preferredPrincipal, 
+PRBool 
-                           PRInt32 callerDepth);
+EnablePrivilege(nsTarget *target, nsIPrincipal *preferredPrincipal, 
+                       PRInt32 callerDepth);
 
-	PRBool enablePrivilege(void* context, nsTarget *target, 
+PRBool 
-                           nsPrincipal *preferredPrincipal, 
+EnablePrivilege(void* context, nsTarget *target, nsIPrincipal * preferredPrincipal, 
-                           PRInt32 callerDepth);
+                       PRInt32 callerDepth);
 
-	PRBool revertPrivilege(nsTarget *target, PRInt32 callerDepth);
+PRBool 
+RevertPrivilege(nsTarget *target, PRInt32 callerDepth);
 
-	PRBool revertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
+PRBool 
+RevertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
 
-	PRBool disablePrivilege(nsTarget *target, PRInt32 callerDepth);
+PRBool 
+DisablePrivilege(nsTarget *target, PRInt32 callerDepth);
 
-	PRBool disablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
+PRBool 
+DisablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
 
-	PRBool enablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth, 
+PRBool
-                                          nsPrincipal *preferredPrin, void * data,
+EnablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth, 
-                                          nsTarget *impersonator);
+								nsIPrincipal * preferredPrin, void * data,
+								nsTarget *impersonator);
 
-	PRBool enablePrincipalPrivilegeHelper(void* context, nsTarget *target, 
+PRBool 
-                                          PRInt32 callerDepth, 
+EnablePrincipalPrivilegeHelper(void* context, nsTarget *target, 
-                                          nsPrincipal *preferredPrin, 
+								PRInt32 callerDepth, 
-                                          void * data, 
+								nsIPrincipal * preferredPrin, 
-                                          nsTarget *impersonator);
+								void * data, 
+								nsTarget *impersonator);
 
-	nsPrivilegeTable *enableScopePrivilegeHelper(nsTarget *target, 
+nsPrivilegeTable * 
-                                                 PRInt32 callerDepth, 
+EnableScopePrivilegeHelper(nsTarget *target, 
-                                                 void *data, 
+							PRInt32 callerDepth, 
-                                                 PRBool helpingSetScopePrivilege, 
+							void *data, 
-                                                 nsPrincipal *prefPrin);
+							PRBool helpingSetScopePrivilege, 
+							nsIPrincipal * prefPrin);
 
-	nsPrivilegeTable *enableScopePrivilegeHelper(void* context, nsTarget *target, 
+nsPrivilegeTable *
-                                                 PRInt32 callerDepth, void *data, 
+EnableScopePrivilegeHelper(void* context, nsTarget *target, 
-                                                 PRBool helpingSetScopePrivilege, 
+							PRInt32 callerDepth, void *data, 
-                                                 nsPrincipal *prefPrin);
+							PRBool helpingSetScopePrivilege, 
+							nsIPrincipal * prefPrin);
 
-	PRBool AskPermission(nsPrincipal* useThisPrin, nsTarget* target, void* data);
+PRBool 
+AskPermission(nsIPrincipal * useThisPrin, nsTarget* target, void* data);
 
-	void SetPermission(nsPrincipal *useThisPrin, nsTarget *target, 
+void 
-                       nsPrivilege *newPrivilege);
+SetPermission(nsIPrincipal * useThisPrin, nsTarget * target, nsPrivilege * newPrivilege);
 
-	void registerPrincipalAndSetPrivileges(nsPrincipal *principal, 
+void 
-                                           nsTarget *target, 
+RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsTarget * target, nsPrivilege * newPrivilege);
-                                           nsPrivilege *newPrivilege);
 
-	void updatePrivilegeTable(nsTarget *target, 
+void 
-                              nsPrivilegeTable *privTable, 
+UpdatePrivilegeTable(nsTarget *target, nsPrivilegeTable * privTable, nsPrivilege * newPrivilege);
-                              nsPrivilege *newPrivilege);
 
-	PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
+PRBool 
+CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
 
-	PRBool checkPrivilegeGranted(void* context, nsTarget *target, 
+PRBool 
-                                 PRInt32 callerDepth);
+CheckPrivilegeGranted(void* context, nsTarget *target, 
+                             PRInt32 callerDepth);
 
-	PRBool checkPrivilegeGranted(nsTarget *target, nsPrincipal *principal, 
+PRBool 
-                                 void *data);
+CheckPrivilegeGranted(nsTarget *target, nsIPrincipal * principal, void *data);
 
-	PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, 
+PRBool 
-                                 void *data);
+CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, void *data);
 
-	PRBool checkPrivilegeGranted(void* context, nsTarget *target, 
+PRBool 
-                                 PRInt32 callerDepth, void *data);
+CheckPrivilegeGranted(void * context, nsTarget * target, 
+                             PRInt32 callerDepth, void * data);
 
-	nsPrivilege *getPrincipalPrivilege(nsTarget *target, nsPrincipal *prin, 
+nsPrivilege *
-                                       void *data);
+GetPrincipalPrivilege(nsTarget * target, nsIPrincipal * prin, void * data);
 
-	static nsPrivilegeManager * getPrivilegeManager(void);
+static nsPrivilegeManager * 
+GetPrivilegeManager(void);
 
-	static nsPrincipalArray* getMyPrincipals(PRInt32 callerDepth);
+static nsPrincipalArray * 
+GetMyPrincipals(PRInt32 callerDepth);
 
-	static nsPrincipalArray* getMyPrincipals(void* context, PRInt32 callerDepth);
+static nsPrincipalArray * 
+GetMyPrincipals(void* context, PRInt32 callerDepth);
 
-	static nsPrincipal * getSystemPrincipal(void);
+static nsIPrincipal * 
+GetSystemPrincipal(void);
 
-	static PRBool hasSystemPrincipal(nsPrincipalArray *prinArray);
+static PRBool 
+HasSystemPrincipal(nsPrincipalArray * prinArray);
 
-	static nsPrincipal* getUnsignedPrincipal(void);
+static nsIPrincipal * 
+GetUnsignedPrincipal(void);
 
-	static nsPrincipal* getUnknownPrincipal(void);
+static nsIPrincipal * 
+GetUnknownPrincipal(void);
 
-	nsSetComparisonType comparePrincipalArray(nsPrincipalArray* prin1Array, 
+nsSetComparisonType 
-                                              nsPrincipalArray* prin2Array);
+ComparePrincipalArray(nsPrincipalArray * prin1Array, nsPrincipalArray * prin2Array);
 
-	nsPrincipalArray* intersectPrincipalArray(nsPrincipalArray* prin1Array, 
+nsPrincipalArray * 
-                                              nsPrincipalArray* prin2Array);
+IntersectPrincipalArray(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
 
-	PRBool canExtendTrust(nsPrincipalArray* prin1Array, 
+PRBool 
-                          nsPrincipalArray* prin2Array);
+CanExtendTrust(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
 
-	PRBool checkMatchPrincipal(nsPrincipal *principal, PRInt32 callerDepth);
+PRBool 
+CheckMatchPrincipal(nsIPrincipal * principal, PRInt32 callerDepth);
 
-	PRBool checkMatchPrincipal(void* context, nsPrincipal *principal, 
+PRBool 
-                               PRInt32 callerDepth);
+CheckMatchPrincipal(void* context, nsIPrincipal * principal, PRInt32 callerDepth);
 
-    /* Helper functions for ADMIN UI */
+/* Helper functions for ADMIN UI */
-	const char * getAllPrincipalsString(void);
+const char * 
+GetAllPrincipalsString(void);
 
-	nsPrincipal * getPrincipalFromString(char *prinName);
+nsIPrincipal * 
+GetPrincipalFromString(char *prinName);
 
-	void getTargetsWithPrivileges(char *prinName, char** forever, 
+void 
-                                  char** session, char **denied);
+GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied);
 
-	PRBool removePrincipal(char *prinName);
+PRBool 
+RemovePrincipal(char *prinName);
 
-	PRBool removePrincipalsPrivilege(char *prinName, char *targetName);
+PRBool 
+RemovePrincipalsPrivilege(char *prinName, char *targetName);
 
-	void remove(nsPrincipal *prin, nsTarget *target);
 
-	/* The following are old native methods */
+void 
-	char * checkPrivilegeEnabled(nsTargetArray* targetArray, 
+Remove(nsIPrincipal *prin, nsTarget *target);
-                                 PRInt32 callerDepth, void *data);
 
-	char * checkPrivilegeEnabled(void* context, nsTargetArray* targetArray, 
+/* The following are old native methods */
-                                 PRInt32 callerDepth, void *data);
+char * 
+CheckPrivilegeEnabled(nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
 
-	nsPrincipalArray* getClassPrincipalsFromStack(PRInt32 callerDepth);
+char * 
+CheckPrivilegeEnabled(void* context, nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
 
-	nsPrincipalArray* getClassPrincipalsFromStack(void* context, 
+nsPrincipalArray * 
-                                                  PRInt32 callerDepth);
+GetClassPrincipalsFromStack(PRInt32 callerDepth);
 
-	nsPrivilegeTable * getPrivilegeTableFromStack(PRInt32 callerDepth, 
+nsPrincipalArray * 
-                                                  PRBool createIfNull);
+GetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
 
-	nsPrivilegeTable * getPrivilegeTableFromStack(void* context, 
+nsPrivilegeTable * 
-                                                  PRInt32 callerDepth, 
+GetPrivilegeTableFromStack(PRInt32 callerDepth, PRBool createIfNull);
-                                                  PRBool createIfNull);
 
-	/* End of native methods */
+nsPrivilegeTable * 
+GetPrivilegeTableFromStack(void* context, PRInt32 callerDepth, PRBool createIfNull);
+
+/* End of native methods */
 
 private:
 
-	nsHashtable *itsPrinToPrivTable;
+nsHashtable * itsPrinToPrivTable;
-	nsHashtable *itsPrinToMacroTargetPrivTable;
+nsHashtable * itsPrinToMacroTargetPrivTable;
-	nsHashtable *itsPrinNameToPrincipalTable;
+nsHashtable * itsPrinNameToPrincipalTable;
 
-	static PRBool theSecurityInited;
+static PRBool theSecurityInited;
 
-	static char * SignedAppletDBName;
+static char * SignedAppletDBName;
 
-	static PRBool theInited;
+static PRBool theInited;
 
-	/* Private Field Accessors */
+/* Private Methods */
 
-	/* Private Methods */
+void 
+AddToPrinNameToPrincipalTable(nsIPrincipal *prin);
 
-	void addToPrinNameToPrincipalTable(nsPrincipal *prin);
+PRBool 
+EnablePrivilegePrivate(void* context, nsTarget *target, nsIPrincipal *preferredPrincipal, 
+                              PRInt32 callerDepth);
 
-	PRBool enablePrivilegePrivate(void* context, nsTarget *target, 
+nsPermissionState 
-                                  nsPrincipal *preferredPrincipal, 
+GetPrincipalPrivilege(nsTarget *target, nsPrincipalArray* callerPrinArray, void * data);
-                                  PRInt32 callerDepth);
 
-	nsPermissionState getPrincipalPrivilege(nsTarget *target, 
+PRBool 
-                                            nsPrincipalArray* callerPrinArray, 
+IsPermissionGranted(nsTarget *target, nsPrincipalArray* callerPrinArray, void *data);
-                                            void *data);
-
-	PRBool isPermissionGranted(nsTarget *target, 
-                               nsPrincipalArray* callerPrinArray, 
-                               void *data);
 
 
   /* The following methods are used to save and load the persistent store */
-	void save(nsPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
+void 
+Save(nsIPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
 
-	void load(void);
+void 
+Load(void);
 
 };
 

caps/include/nsPrivilegeTable.h

@@ -25,33 +25,31 @@
 #include "nsTarget.h"
 #include "nsPrivilege.h"
 
-struct nsPrivilegeTable {
+class nsPrivilegeTable {
 
 public:
 
-	/* Public Methods */
 	nsPrivilegeTable(void);
 	virtual ~nsPrivilegeTable(void);
 
-	PRInt32 size(void);
+	PRInt32 Size(void);
 
-	PRBool isEmpty(void);
+	PRBool IsEmpty(void);
 
-	virtual nsPrivilege * get(nsTarget *t);
+	virtual nsPrivilege * Get(nsTarget * t);
 
-	nsPrivilege * put(nsTarget *a, nsPrivilege *priv);
+	nsPrivilege * Put(nsTarget * a, nsPrivilege * priv);
 
-	nsPrivilege * remove(nsTarget *key);
+	nsPrivilege * Remove(nsTarget * key);
 
-	nsPrivilegeTable * clone(void);
+	nsPrivilegeTable * Clone(void);
 
-	void clear(void);
+	void Clear(void);
 
 	void Enumerate(nsHashtableEnumFunc aEnumFunc);
 
 private:
 
-	/* Private Field Accessors */
 	nsHashtable * itsTable;
 };
 

caps/include/nsTarget.h

@@ -22,11 +22,10 @@
 #include <string.h>
 #include "prtypes.h"
 #include "plhash.h"
-
 #include "nsHashtable.h"
 #include "nsVector.h"
-#include "nsCaps.h"
+//#include "nsCaps.h"
-#include "nsPrincipal.h"
+#include "nsIPrincipal.h"
 #include "nsPrivilege.h"
 #include "nsUserDialogHelper.h"
 
@@ -49,9 +48,9 @@ extern char* capsGetString(int id);
 PR_END_EXTERN_C
 
 
-extern PRBool CreateSystemTargets(nsPrincipal *sysPrin);
+extern PRBool CreateSystemTargets(nsIPrincipal *sysPrin);
 
-struct nsTarget {
+class nsTarget {
 
 public:
 
@@ -59,84 +58,83 @@ public:
 
 	virtual ~nsTarget(void);
 
-	nsTarget(char *name, nsPrincipal *prin, 
+	nsTarget(char *name, nsIPrincipal * prin, 
-             PRInt32 risk = JavaSecUI_targetRiskHigh(), 
+		PRInt32 risk = JavaSecUI_targetRiskHigh(), 
-             /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
+		/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
-             char *riskColor = "High",
+		char * riskColor = "High",
-             char *description = NULL, 
+		char * description = NULL, 
-             char *detailDescription = NULL,
+		char * detailDescription = NULL,
-             char *url = NULL, 
+		char * url = NULL, 
-             nsTargetArray* targetArray = NULL)
+		nsTargetArray* targetArray = NULL)
-    {
+	{
-  		init(name, prin, targetArray, risk, riskColor, description, 
+		this->Init(name, prin, targetArray, risk, riskColor, description, detailDescription, url);
-             detailDescription, url);
     }
 
-	nsTarget(char *name, nsPrincipal *prin, 
+	nsTarget(char *name, nsIPrincipal * prin, 
-             PRInt32 risk = JavaSecUI_targetRiskHigh(), 
+		PRInt32 risk = JavaSecUI_targetRiskHigh(), 
-             /* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
+		/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
-             char *riskColor = "High",
+		char * riskColor = "High",
-             int desc_id = 0, 
+		int desc_id = 0, 
-             int detail_desc_id = 0,
+		int detail_desc_id = 0,
-             int help_url_id = 0, 
+		int help_url_id = 0, 
-             nsTargetArray* targetArray = NULL);
+		nsTargetArray* targetArray = NULL);
 
-	nsTarget * registerTarget(void);
+	nsTarget * RegisterTarget(void);
 
-	nsTarget * registerTarget(void* context);
+	nsTarget * RegisterTarget(void* context);
 
-	static nsTarget * findTarget(nsTarget *target);
+	static nsTarget * FindTarget(nsTarget *target);
 
-	static nsTarget * findTarget(char *name);
+	static nsTarget * FindTarget(char * name);
 
-	static nsTarget * findTarget(char *name, nsPrincipal *prin);
+	static nsTarget * FindTarget(char * name, nsIPrincipal *prin);
 
-	nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray, void *data);
+	nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray, void *data);
 
-	nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray);
+	nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray);
 
-	nsPrivilege * checkPrivilegeEnabled(nsPrincipal *p, void *data);
+	nsPrivilege * CheckPrivilegeEnabled(nsIPrincipal *p, void *data);
 
-	virtual nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
+	virtual nsPrivilege * EnablePrivilege(nsIPrincipal *prin, void *data);
 
-	nsPrivilege * getPrincipalPrivilege(nsPrincipal *prin, void *data);
+	nsPrivilege * GetPrincipalPrivilege(nsIPrincipal *prin, void *data);
 
-	nsTargetArray* getFlattenedTargetArray(void);
+	nsTargetArray* GetFlattenedTargetArray(void);
 
-	static nsTargetArray* getAllRegisteredTargets(void);
+	static nsTargetArray* GetAllRegisteredTargets(void);
 
-	char * getRisk(void);
+	char * GetRisk(void);
 
-	char * getRiskColor(void);
+	char * GetRiskColor(void);
 
-	char * getDescription(void);
+	char * GetDescription(void);
 
-	char * getDetailDescription(void);
+	char * GetDetailDescription(void);
 
-	static nsTarget * getTargetFromDescription(char *a);
+	static nsTarget * GetTargetFromDescription(char *a);
 
-	char * getHelpURL(void);
+	char * GetHelpURL(void);
 
-	char * getDetailedInfo(void *a);
+	char * GetDetailedInfo(void *a);
 
-	nsPrincipal * getPrincipal(void);
+	nsIPrincipal * GetPrincipal(void);
 
-	char * getName(void);
+	char * GetName(void);
 
-	PRBool equals(nsTarget *a);
+	PRBool Equals(nsTarget *a);
 
-	PRInt32 hashCode(void);
+	PRInt32 HashCode(void);
 
-	char * toString(void);
+	char * ToString(void);
 
-	PRBool isRegistered(void);
+	PRBool IsRegistered(void);
 
 private:
 
 	/* Private Field Accessors */
 	char * itsName;
 
-	nsPrincipal * itsPrincipal;
+	nsIPrincipal * itsPrincipal;
 
 	PRInt32 itsRisk;
 
@@ -161,9 +159,10 @@ private:
 	static PRBool theInited;
 
 	/* Private Methods */
-	void init(char *name, nsPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk, char *riskColor, char *description, char *detailDescription, char *url);
+	void Init(char *name, nsIPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk,
+				char *riskColor, char *description, char *detailDescription, char *url);
 
-	void getFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
+	void GetFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
 
 };
 
@@ -176,11 +175,11 @@ public:
   }
   
   PRUint32 HashValue(void) const {
-    return itsTarget->hashCode();
+    return itsTarget->HashCode();
   }
 
   PRBool Equals(const nsHashKey *aKey) const {
-    return (itsTarget->equals(((const TargetKey *) aKey)->itsTarget));
+    return (itsTarget->Equals(((const TargetKey *) aKey)->itsTarget));
   }
 
   nsHashKey *Clone(void) const {

caps/include/nsUserTarget.h

@@ -21,10 +21,9 @@
 
 
 #include "prtypes.h"
-
 #include "nsTarget.h"
 #include "nsPrivilege.h"
-#include "nsPrincipal.h"
+//#include "nsPrincipal.h"
 #include "nsCom.h"
 
 /* Any methods that is not defined here is in Java */
@@ -37,45 +36,43 @@ public:
 	nsUserTarget(char *name);
 	virtual ~nsUserTarget(void);
 
-    nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, 
+	nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, 
-                 char *riskColor, char *description, 
+					char *riskColor, char *description, 
-                 char *detailDescription, char *url)
+					char *detailDescription, char *url)
-      : nsTarget(name, prin, risk, riskColor, description, detailDescription, 
+	: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, NULL)
-                 url, NULL)
+	{
-    {
+	}
-    }
 
-    nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, 
+	nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, 
-                 char *riskColor, char *description, 
+					char *riskColor, char *description, 
-                 char *detailDescription, char *url, 
+					char *detailDescription, char *url, 
-                 nsTargetArray *targetArray) 
+					nsTargetArray *targetArray) 
-      : nsTarget(name, prin, risk, riskColor, description, detailDescription, 
+	: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, targetArray)
-                 url, targetArray)
+	{
-    {
+	}
-    }
 
-    nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, 
+	nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, 
-                 char *riskColor, 
+					char *riskColor, 
-                 int desc_id, 
+					int desc_id, 
-                 int detail_desc_id,
+					int detail_desc_id,
-                 int help_url_id)
+					int help_url_id)
-      : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, 
+	: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, 
-                 help_url_id, NULL)
+					help_url_id, NULL)
-    {
+	{
-    }
+	}
 
-    nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk, 
+	nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk, 
-                 char *riskColor, 
+					char *riskColor, 
-                 int desc_id, 
+					int desc_id, 
-                 int detail_desc_id,
+					int detail_desc_id,
-                 int help_url_id,
+					int help_url_id,
-                 nsTargetArray *targetArray) 
+					nsTargetArray *targetArray) 
-      : nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, 
+	: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id, 
-                 help_url_id, targetArray)
+					help_url_id, targetArray)
-    {
+	{
-    }
+	}
 
-	nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
+	nsPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data);
 
 private:
 

caps/public/Makefile.in

@@ -23,9 +23,9 @@ VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
 
-EXPORTS	= \
+EXPORTS	=                    \
-	nsICapsManager.h  \
+	nsICapsManager.h     \
-	nsCapsPublicEnums.h \
+	nsCapsPublicEnums.h  \
 	$(NULL)
 
 EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))

caps/public/makefile.win

@@ -28,9 +28,9 @@ IGNORE_MANIFEST=1
 
 MODULE=caps 
 DEPTH=..\..
-EXPORTS= \
+EXPORTS=                          \
- nsICapsManager.h         \
+	 nsICapsManager.h         \
- nsCapsPublicEnums.h      
+	 nsCapsPublicEnums.h      
 
 
 

caps/public/nsCapsPublicEnums.h

@@ -1,81 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * The contents of this file are subject to the Netscape Public License
- * Version 1.0 (the "NPL"); you may not use this file except in
- * compliance with the NPL.  You may obtain a copy of the NPL at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the NPL is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
- * for the specific language governing rights and limitations under the
- * NPL.
- *
- * The Initial Developer of this code under the NPL is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
- * Reserved.
- */
-
-#ifndef _NS_CAPS_PUBLIC_ENUMS_H_
-#define _NS_CAPS_PUBLIC_ENUMS_H_
-
-
-enum nsPermission {
-    nsPermission_Unknown,
-    nsPermission_AllowedSession,
-    nsPermission_DeniedSession,
-    nsPermission_AllowedForever,
-    nsPermission_DeniedForever
-};
-
-/**
- * number of possible permissions (allowed, forbidden, or blank)
- *
- * The code in nsPrivilegeInitialize assumes that nsPermissionState 
- * are ordered sequentially from 0 to N.
- *
- */
-typedef enum nsPermissionState {
-    nsPermissionState_Forbidden = 0, 
-    nsPermissionState_Allowed,
-    nsPermissionState_Blank,
-    nsPermissionState_NumberOfPermissions
-} nsPermissionState;
-
-/**
- * number of possible durations (scope, session, or forever)
- *
- * The code in nsPrivilegeInitialize assumes that nsDurationState 
- * are ordered sequentially from 0 to N.
- *
- */
-typedef enum nsDurationState {
-    nsDurationState_Scope=0, 
-    nsDurationState_Session,
-    nsDurationState_Forever, 
-    nsDurationState_NumberOfDurations
-} nsDurationState;
-
-
-typedef enum nsSetComparisonType {
-  nsSetComparisonType_ProperSubset=-1,
-  nsSetComparisonType_Equal=0,
-  nsSetComparisonType_NoSubset=1
-} nsSetComparisonType;
-
-
-/* The following should match what is in nsJVM plugin's java security code */
-typedef enum nsPrincipalType {
-  nsPrincipalType_Unknown=-1, 
-  nsPrincipalType_CodebaseExact=10,
-  nsPrincipalType_CodebaseRegexp,
-  nsPrincipalType_Cert,
-  nsPrincipalType_CertFingerPrint,
-  nsPrincipalType_CertKey,
-  /* CertChain principal is being added for Javasoft's JVM. They will pass the 
-   * whole chain to the nsPrincipal constructor. 
-   */
-  nsPrincipalType_CertChain
-} nsPrincipalType;
-
-#endif /* _NS_CAPS_PUBLIC_ENUMS_H_ */

caps/public/nsICapsManager.h

@@ -23,10 +23,11 @@
 #include "nsIFactory.h"
 #include "nsIPrincipal.h"
 #include "nsCapsPublicEnums.h"
-
+#include "nsTarget.h"
-class nsITarget;
+//class nsITarget;
 class nsICapsSecurityCallbacks;
 
+
 #define NS_ALL_PRIVILEGES         ((nsITarget*)NULL)
 
 
@@ -80,9 +81,10 @@ public:
      * @param codebaseURL - the codebase URL
      * @param prin  - the return value is passed in this parameter.
      */
+/*
     NS_IMETHOD
     CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin) = 0;
-
+*/
 
     /**
      * Returns the permission for given principal and target
@@ -92,7 +94,7 @@ public:
      * @param state  - the return value is passed in this parameter.
      */
     NS_IMETHOD
-    GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state) = 0;
+    GetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *state) = 0;
 
     /**
      * Set the permission state for given principal and target. This wouldn't 
@@ -104,7 +106,7 @@ public:
      *                 and target parameters.
      */
     NS_IMETHOD
-    SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state) = 0;
+    SetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission state) = 0;
 
     /**
      * Prompts the user if they want to grant permission for the given principal and 
@@ -116,7 +118,7 @@ public:
      *                 target
      */
     NS_IMETHOD
-    AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result) = 0;
+    AskPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *result) = 0;
 
 
     /* 
@@ -147,8 +149,8 @@ public:
      * @param prin   - is either certificate principal or codebase principal
      * @param result - is true if principal was successfully registered with the system
      */
-    NS_IMETHOD
+//    NS_IMETHOD
-    RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
+//    RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
 
     /**
      * Prompts the user if they want to grant permission for the principal located
@@ -221,22 +223,22 @@ public:
 
 
     /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
-
+/*
     NS_IMETHOD
     NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result) = 0;
 
     NS_IMETHOD
     IsCodebaseExact(nsIPrincipal* principal, PRBool *result) = 0;
-
+*/
     NS_IMETHOD
     CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result) = 0;
-
+/*
     NS_IMETHOD
     ToString(nsIPrincipal* principal, char* *result) = 0;
 
     NS_IMETHOD
     GetVendor(nsIPrincipal* principal, char* *result) = 0;
-
+*/
     NS_IMETHOD
     NewPrincipalArray(PRUint32 count, void* *result) = 0;
 

caps/src/Makefile.in

@@ -27,23 +27,21 @@ MODULE		= caps
 
 LIBRARY_NAME	= caps
 
-CPPSRCS		=	        \
+CPPSRCS		=	        		  \
-                nsUserDialogHelper.cpp            \
+		admin.cpp                         \
-		nsZig.cpp                         \
+		nsCaps.cpp                        \
-		nsPrincipal.cpp                   \
+		nsCCapsManager.cpp		  \
+		nsCCapsManagerFactory.cpp	  \
+		nsCertificatePrincipal.cpp	  \
+		nsCodebasePrincipal.cpp	          \
 		nsPrivilege.cpp                   \
 		nsPrivilegeManager.cpp            \
 		nsPrivilegeTable.cpp              \
 		nsSystemPrivilegeTable.cpp        \
 		nsTarget.cpp                      \
+                nsUserDialogHelper.cpp            \
 		nsUserTarget.cpp                  \
-		admin.cpp                         \
+		nsZig.cpp                         \
-		nsCaps.cpp                        \
-		nsCCapsManager.cpp		  \
-		nsCertificatePrincipal.cpp		  \
-		nsCodebasePrincipal.cpp	  \
-		nsCCapsManagerFactory.cpp	  \
-		nsCCodeSourcePrincipal.cpp        \
 		$(NULL)
 
 REQUIRES	= nspr xpcom security layer js jar pref img util rdf caps 
@@ -52,10 +50,10 @@ ifndef MOZ_NATIVE_ZLIB
 REQUIRES += zlib
 endif
 
-CSRCS		=	        \
+CSRCS		=	                        \
-		nsZip.c                         \
-		nsLoadZig.c                     \
 		jpermission.c                   \
+		nsLoadZig.c                     \
+		nsZip.c                         \
 		$(NULL)
 
 include $(topsrcdir)/config/rules.mk

caps/src/admin.cpp

@@ -21,15 +21,12 @@
 #include "prmem.h"
 #include "prmon.h"
 #include "prlog.h"
-
 #include "admin.h"
 #include "nsPrivilegeManager.h"
-
 #ifdef __cplusplus
 extern "C" {
 #endif /* __cplusplus */
 
-
 /* 
  *             A D M I N   U I   A P I 
  *
@@ -40,8 +37,8 @@ extern "C" {
 PR_PUBLIC_API(const char *)
 java_netscape_security_getPrincipals(const char *charSetName)
 {
-    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-    const char *prins = nsPrivManager->getAllPrincipalsString();
+    const char *prins = nsPrivManager->GetAllPrincipalsString();
     PRBool test_admin_api = PR_FALSE;
     if (test_admin_api) {
       char *a1;
@@ -57,25 +54,24 @@ java_netscape_security_getPrincipals(const char *charSetName)
 PR_PUBLIC_API(PRBool)
 java_netscape_security_removePrincipal(const char *charSetName, char *prinName)
 {
-    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-    return nsPrivManager->removePrincipal(prinName);
+    return nsPrivManager->RemovePrincipal(prinName);
 }
 
 PR_PUBLIC_API(void)
 java_netscape_security_getPrivilegeDescs(const char *charSetName, char *prinName,
-                                         char** forever, char** session, 
+                                         char** forever, char** session, char **denied)
-                                         char **denied)
 {
-    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-    nsPrivManager->getTargetsWithPrivileges(prinName, forever, session, denied);
+    nsPrivManager->GetTargetsWithPrivileges(prinName, forever, session, denied);
 }
 
 PR_PUBLIC_API(PRBool)
 java_netscape_security_removePrivilege(const char *charSetName, char *prinName, 
                                        char *targetName)
 {
-    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+    nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-    return nsPrivManager->removePrincipalsPrivilege(prinName, targetName);
+    return nsPrivManager->RemovePrincipalsPrivilege(prinName, targetName);
 }
 
 

caps/src/makefile.win

@@ -49,29 +49,27 @@ DLL=.\$(OBJDIR)\$(DLLNAME).dll
 #//------------------------------------------------------------------------
 
 C_OBJS=                                     \
-    .\$(OBJDIR)\nsZip.obj                   \
-    .\$(OBJDIR)\nsLoadZig.obj               \
     .\$(OBJDIR)\jpermission.obj             \
+    .\$(OBJDIR)\nsLoadZig.obj               \
+    .\$(OBJDIR)\nsZip.obj                   \
     $(NULL)
 
 
-CPP_OBJS=                                       \
+CPP_OBJS=                                   \
+    .\$(OBJDIR)\admin.obj                   \
+    .\$(OBJDIR)\nsCaps.obj                  \
+    .\$(OBJDIR)\nsCCapsManager.obj          \
+    .\$(OBJDIR)\nsCCapsManagerFactory.obj   \
+    .\$(OBJDIR)\nsCertificatePrincipal.obj  \
+    .\$(OBJDIR)\nsCodebasePrincipal.obj     \
     .\$(OBJDIR)\nsUserDialogHelper.obj      \
-    .\$(OBJDIR)\nsZig.obj                   \
-    .\$(OBJDIR)\nsPrincipal.obj             \
     .\$(OBJDIR)\nsPrivilege.obj             \
     .\$(OBJDIR)\nsPrivilegeManager.obj      \
     .\$(OBJDIR)\nsPrivilegeTable.obj        \
     .\$(OBJDIR)\nsSystemPrivilegeTable.obj  \
     .\$(OBJDIR)\nsTarget.obj                \
     .\$(OBJDIR)\nsUserTarget.obj            \
-    .\$(OBJDIR)\admin.obj                   \
+    .\$(OBJDIR)\nsZig.obj                   \
-    .\$(OBJDIR)\nsCaps.obj                  \
-    .\$(OBJDIR)\nsCCapsManager.obj          \
-    .\$(OBJDIR)\nsCertificatePrincipal.obj        \
-    .\$(OBJDIR)\nsCodebasePrincipal.obj    \
-    .\$(OBJDIR)\nsCCapsManagerFactory.obj   \
-    .\$(OBJDIR)\nsCCodeSourcePrincipal.obj  \
     $(NULL)
 
 

caps/src/nsCCapsManager.cpp

@@ -18,16 +18,12 @@
 #include "nsIComponentManager.h"
 #include "nsCapsEnums.h"
 #include "nsCCapsManager.h"
-#include "nsICodebasePrincipal.h"
-#include "nsICertificatePrincipal.h"
 #include "nsCodebasePrincipal.h"
 #include "nsCertificatePrincipal.h"
-#include "nsCCodeSourcePrincipal.h"
 #include "nsCaps.h"
 #include "nsICapsSecurityCallbacks.h"
 #include "nsLoadZig.h"
 #include "secnav.h"
-
 #ifdef MOZ_SECURITY
 #include "navhook.h"
 #include "jarutil.h"
@@ -39,11 +35,6 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
 
 #define ALL_JAVA_PERMISSION "AllJavaPermission"
 
-////////////////////////////////////////////////////////////////////////////
-// from nsISupports and AggregatedQueryInterface:
-
-// Thes macro expands to the aggregated query interface scheme.
-
 NS_IMPL_AGGREGATED(nsCCapsManager);
 
 NS_METHOD
@@ -73,7 +64,7 @@ nsCCapsManager::CreateCodebasePrincipal(const char *codebaseURL,
 {
    nsresult result = NS_OK;
    nsCodebasePrincipal *pNSCCodebasePrincipal = 
-       new nsCodebasePrincipal(codebaseURL, &result);
+       new nsCodebasePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact, codebaseURL);
    if (pNSCCodebasePrincipal == NULL)
    {
       return NS_ERROR_OUT_OF_MEMORY;
@@ -91,7 +82,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
 {
    nsresult result = NS_OK;
    nsCertificatePrincipal *pNSCCertPrincipal = 
-       new nsCertificatePrincipal(certChain, certChainLengths, noOfCerts, &result);
+       new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,
+       							 certChain, certChainLengths, noOfCerts, &result);
    if (pNSCCertPrincipal == NULL)
    {
       return NS_ERROR_OUT_OF_MEMORY;
@@ -100,7 +92,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
    *prin = (nsIPrincipal *)pNSCCertPrincipal;
    return NS_OK;
 }
-
+//code source prins are deprecated, use codebase of certificate prins instead
+/*
 NS_METHOD
 nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain, 
                                           PRUint32 *certChainLengths, 
@@ -120,7 +113,7 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
    *prin = (nsIPrincipal *)pNSCCodeSourcePrincipal;
    return NS_OK;
 }
-
+*/
 
 
 /**
@@ -131,32 +124,17 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
 * @param state  - the return value is passed in this parameter.
 */
 NS_METHOD
-nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal, 
+nsCCapsManager::GetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
-                              nsITarget* ignoreTarget, 
-                              nsPermission *state)
 {
-   *state = nsPermission_Unknown;
+	*state = nsPermission_Unknown;
-   nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
+	nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   if( target == NULL )
+	if( target == NULL ) return NS_OK;
-   {
+	if (privilegeManager != NULL) {
-      return NS_OK;
+		nsPrivilege* privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
-   }
+		* state = this->ConvertPrivilegeToPermission(privilege);
-   if (m_pNSPrivilegeManager != NULL)
+	}
-   {
+	return NS_OK;
-      nsPrincipal *pNSPrincipal  = NULL;
-      result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
-      if( result != NS_OK)
-      {
-        return result;
-      }
-
-      nsPrivilege* privilege = 
-          m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal, 
-                                                       NULL);
-      *state = ConvertPrivilegeToPermission(privilege);
-   }
-   return NS_OK;
 }
 
 /**
@@ -169,28 +147,15 @@ nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
 *                 and target parameters.
 */
 NS_METHOD
-nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal, 
+nsCCapsManager::SetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission state)
-                              nsITarget* ignoreTarget,
+{
-                              nsPermission state)
+	nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
-{  
+	if(target == NULL ) return NS_OK;
-   nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
+	if (privilegeManager != NULL) {
-   nsresult result = NS_OK;
+		nsPrivilege* privilege = this->ConvertPermissionToPrivilege(state);
-   if( target == NULL )
+		privilegeManager->SetPermission(prin, target, privilege);
-   {
+	}
-      return NS_OK;
+	return NS_OK;
-   }
-   if (m_pNSPrivilegeManager != NULL)
-   {
-      nsPrincipal *pNSPrincipal  = NULL;
-      result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
-      if( result != NS_OK)
-      {
-        return result;
-      }
-      nsPrivilege* privilege = ConvertPermissionToPrivilege(state);
-      m_pNSPrivilegeManager->SetPermission(pNSPrincipal, target, privilege);
-   }
-   return NS_OK;
 }
 
 /**
@@ -203,32 +168,19 @@ nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal,
 *                 target
 */
 NS_METHOD
-nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal, 
+nsCCapsManager::AskPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
-                              nsITarget* ignoreTarget, 
-                              nsPermission *state)
 {
-   nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
+	nsTarget *target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
-   nsresult result = NS_OK;
+	if( target == NULL ) {
-   if( target == NULL )
+	   *state = nsPermission_Unknown;
-   {
+	   return NS_OK;
-      *state = nsPermission_Unknown;
+	}
-      return NS_OK;
+	if (privilegeManager != NULL) {
-   }
+	   privilegeManager->AskPermission(prin, target, NULL);
-   if (m_pNSPrivilegeManager != NULL)
+	   nsPrivilege * privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
-   {
+	   *state = ConvertPrivilegeToPermission(privilege);
-      nsPrincipal *pNSPrincipal  = NULL;
+	}
-      result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
+	return NS_OK;
-      if( result != NS_OK)
-      {
-        return result;
-      }
-      m_pNSPrivilegeManager->AskPermission(pNSPrincipal,target, NULL);
-      nsPrivilege* privilege = 
-          m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal, 
-                                                       NULL);
-      *state = ConvertPrivilegeToPermission(privilege);
-   }
-   return NS_OK;
 }
 
 /**
@@ -238,23 +190,22 @@ nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal,
  * @param result - is true if principal was successfully registered with the system
  */
 NS_METHOD
-nsCCapsManager::Initialize(PRBool *result)
+nsCCapsManager::Initialize(PRBool * result)
 {
-    *result = nsCapsInitialize();
+	*result = nsCapsInitialize();
-    return NS_OK;
+	return NS_OK;
 }
 
 /**
-  * Initializes the capabilities frame walking code.
+	* Initializes the capabilities frame walking code.
-  *
+	*
-  * @param aInterface - interface for calling frame walking code.
+	* @param aInterface - interface for calling frame walking code.
-  */
+	*/
 NS_METHOD
 nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
 {
-  //XXX write me  
+	//XXX write me  
-  
+	return NS_OK;
-  return NS_OK;
 }
 
 /**
@@ -264,20 +215,10 @@ nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
  * @param result - is true if principal was successfully registered with the system
  */
 NS_METHOD
-nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
+nsCCapsManager::RegisterPrincipal(nsIPrincipal * prin)
 {
-   nsresult result = NS_OK;
+	if (privilegeManager != NULL) privilegeManager->RegisterPrincipal(prin);
-   if (m_pNSPrivilegeManager != NULL)
+	return NS_OK;
-   {
-      nsPrincipal *pNSPrincipal  = NULL;
-      result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
-      if( result != NS_OK)
-      {
-        return result;
-      }
-      m_pNSPrivilegeManager->registerPrincipal(pNSPrincipal);
-   }
-   return NS_OK;
 }
 
 /**
@@ -294,17 +235,15 @@ nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
 NS_METHOD
 nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
 {
-   nsTarget *target = nsTarget::findTarget((char*)targetName);
+   nsTarget *target = nsTarget::FindTarget((char*)targetName);
    nsresult result = NS_OK;
    if( target == NULL )
    {
       *ret_val = PR_FALSE;
       return NS_OK;
    }
-   if (m_pNSPrivilegeManager != NULL)
+   if (privilegeManager != NULL)
-   {
+      *ret_val = privilegeManager->EnablePrivilege(context, target, callerDepth);
-      *ret_val = m_pNSPrivilegeManager->enablePrivilege(context, target, callerDepth);
-   }
    return NS_OK;
 }
 
@@ -322,16 +261,16 @@ nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 c
 NS_METHOD
 nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
 {
-   nsTarget *target = nsTarget::findTarget((char*)targetName);
+   nsTarget *target = nsTarget::FindTarget((char*)targetName);
    nsresult result = NS_OK;
    if( target == NULL )
    {
       *ret_val = PR_FALSE;
       return NS_OK;
    }
-   if (m_pNSPrivilegeManager != NULL)
+   if (privilegeManager != NULL)
    {
-      *ret_val = m_pNSPrivilegeManager->isPrivilegeEnabled(context, target, callerDepth);
+      *ret_val = privilegeManager->IsPrivilegeEnabled(context, target, callerDepth);
    }
    return NS_OK;
 }
@@ -350,18 +289,15 @@ nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt3
 NS_METHOD
 nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
 {
-   nsTarget *target = nsTarget::findTarget((char*)targetName);
+	nsTarget *target = nsTarget::FindTarget((char*)targetName);
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   if( target == NULL )
+	if( target == NULL ) {
-   {
+		* ret_val = PR_FALSE;
-      *ret_val = PR_FALSE;
+		return NS_OK;
-      return NS_OK;
+	}
-   }
+	if (privilegeManager != NULL)
-   if (m_pNSPrivilegeManager != NULL)
+		* ret_val = privilegeManager->RevertPrivilege(context, target, callerDepth);
-   {
+	return NS_OK;
-      *ret_val = m_pNSPrivilegeManager->revertPrivilege(context, target, callerDepth);
-   }
-   return NS_OK;
 }
 
 /**
@@ -378,18 +314,15 @@ nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 c
 NS_METHOD
 nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
 {
-   nsTarget *target = nsTarget::findTarget((char*)targetName);
+	nsTarget *target = nsTarget::FindTarget((char*)targetName);
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   if( target == NULL )
+	if( target == NULL ) {
-   {
+		* ret_val = PR_FALSE;
-      *ret_val = PR_FALSE;
+		return NS_OK;
-      return NS_OK;
+	}
-   }
+	if (privilegeManager != NULL)
-   if (m_pNSPrivilegeManager != NULL)
+		* ret_val = privilegeManager->DisablePrivilege(context, target, callerDepth);
-   {
+	return NS_OK;
-      *ret_val = m_pNSPrivilegeManager->disablePrivilege(context, target, callerDepth);
-   }
-   return NS_OK;
 }
 
 
@@ -399,83 +332,68 @@ nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32
 NS_METHOD
 nsCCapsManager::ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *ret_val)
 {
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   *ret_val = nsSetComparisonType_NoSubset;
+	*ret_val = nsSetComparisonType_NoSubset;
-   if (m_pNSPrivilegeManager != NULL)
+	if (privilegeManager != NULL) {
-   {
+		nsPrincipalArray * newPrin1Array=NULL;
-     nsPrincipalArray *newPrin1Array=NULL;
+		nsPrincipalArray * newPrin2Array=NULL;
-     nsPrincipalArray *newPrin2Array=NULL;
+		result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
+		if (result != NS_OK) return result;
-     if (result != NS_OK) {
+		result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
-         return result;
+		if (result != NS_OK) return result;
-     }
+		*ret_val = privilegeManager->ComparePrincipalArray(newPrin1Array, newPrin2Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
+		nsCapsFreePrincipalArray(newPrin1Array);
-     if (result != NS_OK) {
+		nsCapsFreePrincipalArray(newPrin2Array);
-         return result;
+	}
-     }
+	return NS_OK;
-     *ret_val = m_pNSPrivilegeManager->comparePrincipalArray(newPrin1Array, newPrin2Array);
-     nsCapsFreePrincipalArray(newPrin1Array);
-     nsCapsFreePrincipalArray(newPrin2Array);
-   }
-   return NS_OK;
 }
 
 NS_METHOD
-nsCCapsManager::IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *ret_val)
+nsCCapsManager::IntersectPrincipalArray(void * prin1Array, void * prin2Array, void * * ret_val)
 {
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   *ret_val = NULL;
+	*ret_val = NULL;
-   if (m_pNSPrivilegeManager != NULL)
+	if (privilegeManager != NULL) {
-   {
+		nsPrincipalArray *newPrin1Array=NULL;
-     nsPrincipalArray *newPrin1Array=NULL;
+		nsPrincipalArray *newPrin2Array=NULL;
-     nsPrincipalArray *newPrin2Array=NULL;
+		nsPrincipalArray *intersectPrinArray=NULL;
-     nsPrincipalArray *intersectPrinArray=NULL;
+		result = this->GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
+		if (result != NS_OK) return result;
-     if (result != NS_OK) {
+		result = this->GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
-         return result;
+		if (result != NS_OK) return result;
-     }
+		intersectPrinArray = privilegeManager->IntersectPrincipalArray(newPrin1Array, newPrin2Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
+		this->CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
-     if (result != NS_OK) {
+		nsCapsFreePrincipalArray(newPrin1Array);
-         return result;
+		nsCapsFreePrincipalArray(newPrin2Array);
-     }
+	}
-     intersectPrinArray = m_pNSPrivilegeManager->intersectPrincipalArray(newPrin1Array, 
+	return NS_OK;
-                                                                         newPrin2Array);
-     CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
-     nsCapsFreePrincipalArray(newPrin1Array);
-     nsCapsFreePrincipalArray(newPrin2Array);
-   }
-   return NS_OK;
 }
 
 NS_METHOD
-nsCCapsManager::CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *ret_val)
+nsCCapsManager::CanExtendTrust(void * fromPrinArray, void * toPrinArray, PRBool * ret_val)
 {
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   *ret_val = nsSetComparisonType_NoSubset;
+	*ret_val = nsSetComparisonType_NoSubset;
-   if (m_pNSPrivilegeManager != NULL)
+	if (privilegeManager != NULL) {
-   {
+		nsPrincipalArray *newPrin1Array=NULL;
-     nsPrincipalArray *newPrin1Array=NULL;
+		nsPrincipalArray *newPrin2Array=NULL;
-     nsPrincipalArray *newPrin2Array=NULL;
+		result = this->GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
+		if (result != NS_OK) return result;
-     if (result != NS_OK) {
+		result = this->GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
-         return result;
+		if (result != NS_OK) return result;
-     }
+		*ret_val = privilegeManager->CanExtendTrust(newPrin1Array, newPrin2Array);
-     result = GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
+		nsCapsFreePrincipalArray(newPrin1Array);
-     if (result != NS_OK) {
+		nsCapsFreePrincipalArray(newPrin2Array);
-         return result;
+	}
-     }
+	return NS_OK;
-     *ret_val = m_pNSPrivilegeManager->canExtendTrust(newPrin1Array, newPrin2Array);
-     nsCapsFreePrincipalArray(newPrin1Array);
-     nsCapsFreePrincipalArray(newPrin2Array);
-   }
-   return NS_OK;
 }
 
 
 /* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
-
+/**************
+//Principals must be created by type, the nsPrincipal data member is deprecated
 NS_METHOD
-nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
+nsCCapsManager::NewPrincipal(PRInt16 *principalType, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
 {
   nsIPrincipal* pNSIPrincipal;
   nsPrincipal *pNSPrincipal = new nsPrincipal(type, key, key_len, zig);
@@ -487,9 +405,14 @@ nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len,
   *ret_val = pNSIPrincipal;
   return NS_OK;
 }
+*********************/
+//XXX: todo: This method is covered by to nsIPrincipal object, should not be part of caps
+//XXX: nsPrincipal struct if deprecated, access as nsIPrincipal
+//do not use IsCodebaseExact, Tostring, or any other of the principal specific objects from here
 
+/*
 NS_METHOD
-nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
+nsCCapsManager::IsCodebaseExact(nsIPrincipal * pNSIPrincipal, PRBool *ret_val)
 {
    nsresult result = NS_OK;
    nsPrincipal *pNSPrincipal  = NULL;
@@ -499,25 +422,25 @@ nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
        return result;
    }
    *ret_val = pNSPrincipal->isCodebaseExact();
-    
    return NS_OK;
 }
+*/
 
+/*
 NS_METHOD
-nsCCapsManager::ToString(nsIPrincipal* pNSIPrincipal, char* *ret_val)
+nsCCapsManager::ToString(nsIPrincipal* prin, char* *ret_val)
 {
    nsresult result = NS_OK;
-   nsPrincipal *pNSPrincipal  = NULL;
+   nsIPrincipal *temp  = NULL;
    *ret_val = NULL;
-   result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
+   result = GetNSPrincipal(prin, &temp);
-   if( result != NS_OK) {
+   if( result != NS_OK) return result;
-       return result;
+   *ret_val = temp->ToString();
-   }
-   *ret_val = pNSPrincipal->toString();
-    
    return NS_OK;
 }
+*/
 
+/*
 NS_METHOD
 nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
 {
@@ -529,9 +452,9 @@ nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
        return result;
    }
    *ret_val = pNSPrincipal->getVendor();
-    
    return NS_OK;
 }
+*/
 
 NS_METHOD
 nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
@@ -547,86 +470,51 @@ nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
 NS_METHOD
 nsCCapsManager::CreateMixedPrincipalArray(void *aZig, char* name, const char* codebase, void** result)
 {
-  *result = NULL;
+	/*
-  PRBool hasCodebase;
+	*result = NULL;
-  int i;
+	PRBool hasCodebase;
-  PRUint32 count;
+	int i;
-  nsIPrincipal *principal;
+	PRUint32 count;
-
+	nsIPrincipal *principal;
-  hasCodebase = (PRBool)codebase;
+	hasCodebase = (PRBool)codebase;
-
+	count = codebase ? 1 : 0;
-  /* First count the number of principals */
-  count = codebase ? 1 : 0;
-
-//Should possibly be #ifdef MOZ_SECURITY but I don't want to break the sec build
 #if 0
-  SOBITEM *item;
+	SOBITEM *item;
-  ZIG_Context * zig_aCx = NULL;
+	ZIG_Context * zig_aCx = NULL;
-  ZIG *zig = (ZIG*)aZig;
+	ZIG *zig = (ZIG*)aZig;
-
+	if (zig && name) {
-  if (zig && name) {
+		if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
-    /* Make sure file is signed */
+			int zig_count=0;
-    if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
+			while (SOB_find_next(zig_aCx, &item) >= 0) zig_count++;
-      int zig_count=0;
+			SOB_find_end(zig_aCx);
-      /* count the number of signers */
+			count += zig_count;
-      while (SOB_find_next(zig_aCx, &item) >= 0) {
+		} else  zig = NULL;
-        zig_count++;
+	}
-      }
-      SOB_find_end(zig_aCx);
-      count += zig_count;
-    } 
-    else {
-      zig = NULL;
-    }
-  }
 #endif
-  if (count == 0) {
+	if (count == 0) return NS_OK;
-    return NS_OK;
+	NewPrincipalArray(count, result);
-  }
+	if (*result == NULL) return NS_ERROR_FAILURE;
-
-  NewPrincipalArray(count, result);
-
-  if (*result == NULL) {
-    return NS_ERROR_FAILURE;
-  }
-
 #if 0
-  if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) {
+	if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) return NS_ERROR_FAILURE;
-    return NS_ERROR_FAILURE;
+	i = 0;
-  }
+	while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
-  i = 0;
+		FINGERZIG *fingPrint;
-  while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
+		fingPrint = (FINGERZIG *) item->data;
-    FINGERZIG *fingPrint;
+		this->NewPrincipal(nsPrincipal::PrincipalType_CertificateKey, fingPrint->key,
-
+		                           fingPrint->length, zig, &principal);
-    fingPrint = (FINGERZIG *) item->data;
+		RegisterPrincipal(principal, NULL);
-
+		SetPrincipalArrayElement(*result, i++, principal);
-    /* create a  new nsIPrincipal(CERT_KEY, fingPrint->key) */
+	}
-    NewPrincipal(nsPrincipalType_CertKey,
+	if (zig) SOB_find_end(zig_aCx);
-                               fingPrint->key,
-                               fingPrint->length,
-                               zig, 
-                               &principal);
-    RegisterPrincipal(principal, NULL);
-    SetPrincipalArrayElement(*result, i++, principal);
-  }
-
-  if (zig) {
-    SOB_find_end(zig_aCx);
-  }
 #endif
-
+	if (codebase) {
-  if (codebase) {
+		this->NewPrincipal(nsIPrincipal::PrincipalType_CodebaseExact, (void*)codebase,
-    // Add a codebase principal.
+		                           PL_strlen(codebase), NULL, &principal);
-    NewPrincipal(nsPrincipalType_CodebaseExact,
+		RegisterPrincipal(principal, NULL);
-                               (void*)codebase,
+		SetPrincipalArrayElement(*result, i++, principal);
-                               PL_strlen(codebase),
+	}
-                               NULL,
+	*/
-                               &principal);
+	return NS_OK;
-    RegisterPrincipal(principal, NULL);
-    SetPrincipalArrayElement(*result, i++, principal);
-  }
-
-  return NS_OK;
 }
 
 NS_METHOD
@@ -639,14 +527,19 @@ nsCCapsManager::FreePrincipalArray(void *prinArray)
 NS_METHOD
 nsCCapsManager::GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *ret_val)
 {
+	//method is deprecated, Principals must be accessed and indexed as nsIPrincipals, not by data member
+	/*
  nsIPrincipal* pNSIPrincipal;
  nsPrincipal *pNSPrincipal = (nsPrincipal *)nsCapsGetPrincipalArrayElement(prinArrayArg, index);
- if (pNSPrincipal->isCodebase()) {
+ (pNSPrincipal->isCodebase()) ?
-     pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal);
+     pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal)
- } else {
+	 :
      pNSIPrincipal = (nsIPrincipal*)new nsCertificatePrincipal(pNSPrincipal);
  }
+
  *ret_val = pNSIPrincipal;
+ */
+ *ret_val = NULL;
   return NS_OK;
 }
 
@@ -665,49 +558,37 @@ nsCCapsManager::GetPrincipalArraySize(void *prinArrayArg, PRUint32 *ret_val)
 }
 
 /* The following interfaces will replace all of the following old calls.
- *
  * nsCapsGetPermission(struct nsPrivilege *privilege)
  * nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
- *
  */
 NS_METHOD
 nsCCapsManager::IsAllowed(void *annotation, char* targetName, PRBool *ret_val)
 {
-   nsTarget *target = nsTarget::findTarget(targetName);
+	nsTarget *target = nsTarget::FindTarget(targetName);
-   nsresult result = NS_OK;
+	nsresult result = NS_OK;
-   if( target == NULL )
+	if( target == NULL ) {
-   {
+		*ret_val = PR_FALSE;
-      *ret_val = PR_FALSE;
+		return NS_OK;
-      return NS_OK;
+	}
-   }
+	struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((nsPrivilegeTable * )annotation, target);
-   struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((struct nsPrivilegeTable *)annotation,
+	if (pNSPrivilege == NULL) {
-                                                          target);
+	   *ret_val = PR_FALSE;
-   if (pNSPrivilege == NULL) {
+	   return NS_OK;
-       *ret_val = PR_FALSE;
+	}
-       return NS_OK;
+	nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
-    }
+	*ret_val = (perm == nsPermissionState_Allowed);
-    nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
+	return NS_OK;
-
-    *ret_val = (perm == nsPermissionState_Allowed);
-    return NS_OK;
 }
 
 
 ////////////////////////////////////////////////////////////////////////////
 // from nsCCapsManager:
 
-nsCCapsManager::nsCCapsManager(nsISupports *aOuter):m_pNSPrivilegeManager(NULL) 
+nsCCapsManager::nsCCapsManager(nsISupports *aOuter):privilegeManager(NULL) 
 {
-    NS_INIT_AGGREGATED(aOuter);
+	NS_INIT_AGGREGATED(aOuter);
-    PRBool result;
+	PRBool result;
-    if (Initialize(&result) == NS_OK)
+	privilegeManager = (Initialize(&result) == NS_OK) ? new nsPrivilegeManager(): NULL;
-    {
-      m_pNSPrivilegeManager = new nsPrivilegeManager();
-    }
-    else
-    { 
-      m_pNSPrivilegeManager = NULL;
-    }
 }
 
 nsCCapsManager::~nsCCapsManager()
@@ -718,6 +599,8 @@ void
 nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray, 
                                        nsPrincipalArray* *pPrincipalArray)
 {
+	//prin arrays will either be removed, or updated to use the nsIPrincipal Object
+/*
  nsIPrincipal* pNSIPrincipal;
  nsPrincipal *pNSPrincipal  = NULL;
 
@@ -736,39 +619,39 @@ nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray,
     newPrinArray->Set(index, pNSIPrincipal);
  }
  *pPrincipalArray = newPrinArray;
+ */
 }
-
-
 NS_METHOD
 nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray, 
                                     nsPrincipalArray* *pPrincipalArray)
 {
+/*
  nsIPrincipal* pNSIPrincipal;
- nsPrincipal *pNSPrincipal  = NULL;
+ nsIPrincipal *pNSPrincipal  = NULL;
  nsresult result = NS_OK;
 
  PRUint32 count = prinArray->GetSize();
  nsPrincipalArray *newPrinArray = new nsPrincipalArray();
  newPrinArray->SetSize(count, 1);
  *pPrincipalArray = NULL;
-
  for (PRUint32 index = 0; index < count; index++) {
     pNSIPrincipal = (nsIPrincipal*)prinArray->Get(index);
-    result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
+//    result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
     if( result != NS_OK)
     {
        nsCapsFreePrincipalArray(newPrinArray);
        return result;
     }
-    newPrinArray->Set(index, pNSPrincipal);
+//    newPrinArray->Set(index, pNSPrincipal);
  }
  *pPrincipalArray = newPrinArray;
  return result;
+ */
+ return NS_OK;
 }
-
+/*
 NS_METHOD
-nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, 
+nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPrincipal)
-                               nsPrincipal **ppNSPrincipal)
 {
    nsISupports *pNSISupports   = NULL;
    nsPrincipal *pNSPrincipal  = NULL;
@@ -781,7 +664,7 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
 
    NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
    NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
-   NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
+//   NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
 
    if (pNSIPrincipal->QueryInterface(kICodeSourcePrincipalIID,
                             (void**)&pNSISupports) == NS_OK) 
@@ -792,19 +675,21 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
       PRBool bIsTrusted = PR_FALSE;
       if(pNSICertPrincipal != NULL )
       {
-          pNSICertPrincipal->IsTrusted(NULL, &bIsTrusted);
+          pNSICertPrincipal->IsSecure(&bIsTrusted);
       }
       if (bIsTrusted)
       {
           nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSICertPrincipal;
-          pNSPrincipal = pNSCCertPrincipal->GetPeer();
+//			peer object is deprecated, no longer use nsPrincipal object
+//          pNSPrincipal = pNSCCertPrincipal->GetPeer();
           pNSCCertPrincipal->Release();
       }
       else
       if(pNSICodebasePrincipal != NULL )
       {
           nsCodebasePrincipal *pNSCCodebasePrincipal = (nsCodebasePrincipal *)pNSICodebasePrincipal;
-          pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
+//			peer object is deprecated, no longer use nsPrincipal object
+//          pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
           pNSCCodebasePrincipal->Release();
       }
       else
@@ -817,7 +702,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
                             (void**)&pNSISupports) == NS_OK) 
    {
       nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSIPrincipal;
-      pNSPrincipal = pNSCCertPrincipal->GetPeer();
+//			peer object is deprecated, no longer use nsPrincipal object
+//      pNSPrincipal = pNSCCertPrincipal->GetPeer();
       pNSCCertPrincipal->Release();
    }
    else
@@ -826,7 +712,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
    {
       nsCodebasePrincipal *pNSCCodebasePrincipal = 
           (nsCodebasePrincipal *)pNSIPrincipal;
-      pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
+//			peer object is deprecated, no longer use nsPrincipal object
+//      pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
       pNSCCodebasePrincipal->Release();
    }
    else
@@ -834,12 +721,12 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
       return NS_ERROR_NO_INTERFACE;
    }
    *ppNSPrincipal = pNSPrincipal;
-   return NS_OK;
+	return NS_OK;
 }
-
+*/
 
 nsPermission
-nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege)
+nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege * pNSPrivilege)
 {
   	if(pNSPrivilege->isAllowedForever())
      return nsPermission_AllowedForever;
@@ -887,13 +774,9 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state)
 void
 nsCCapsManager::SetSystemPrivilegeManager()
 {
-    nsPrivilegeManager *pNSPrivilegeManager = 
+	nsPrivilegeManager *pNSPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
-        nsPrivilegeManager::getPrivilegeManager();
+	if ((privilegeManager  != NULL ) && (privilegeManager != pNSPrivilegeManager)) {
-     if (   (m_pNSPrivilegeManager  != NULL )
+		delete privilegeManager;
-         && (m_pNSPrivilegeManager != pNSPrivilegeManager)
+		privilegeManager = pNSPrivilegeManager;
-        )
+	}
-     {
-        delete m_pNSPrivilegeManager;
-        m_pNSPrivilegeManager = pNSPrivilegeManager;
-     }
 }

caps/src/nsCaps.cpp

@@ -21,12 +21,11 @@
 #include "prmem.h"
 #include "prmon.h"
 #include "prlog.h"
-
 #include "nsCaps.h"
 #include "nsPrivilegeManager.h"
+#include "nsCertificatePrincipal.h"
 #include "nsPrivilege.h"
 #include "nsPrivilegeTable.h"
-#include "nsPrincipal.h"
 #include "nsTarget.h"
 #include "nsCCapsManager.h"
 #include "nsCCapsManagerFactory.h"
@@ -56,29 +55,29 @@ static PRBool bNSCapsInitialized_g = PR_FALSE;
 PR_IMPLEMENT(PRBool) 
 nsCapsInitialize() 
 {
-  if(bNSCapsInitialized_g == PR_TRUE)
+	if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE;
-  {
+	bNSCapsInitialized_g = PR_TRUE;
-     return PR_TRUE;
+	nsIPrincipal * sysPrin;
-  }
+/*
-  bNSCapsInitialized_g = PR_TRUE;
 #if defined(_WIN32)
-  nsPrincipal *sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
+//	sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
 #else
-  nsPrincipal *sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
+//	sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
 #endif
-  if (sysPrin == NULL) {
+*/
-    sysPrin = new nsPrincipal(nsPrincipalType_Cert, "52:54:45:4e:4e:45:54:49", 
+	if (sysPrin == NULL) {
-                                         strlen("52:54:45:4e:4e:45:54:49"));
+		nsresult res;
+		sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49", 
+									(unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res);
   }
-  
+  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
   if (nsPrivManager == NULL) {
     nsPrivilegeManagerInitialize();
     nsPrivilegeInitialize();
-    nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+    nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
   }
   PR_ASSERT(nsPrivManager != NULL);
-  nsPrivManager->registerSystemPrincipal(sysPrin);
+  nsPrivManager->RegisterSystemPrincipal(sysPrin);
   // New a class factory object and the constructor will register itself
   // as the factory object in the repository. All other modules should
   // FindFactory and use createInstance to create a instance of nsCCapsManager
@@ -96,169 +95,155 @@ nsCapsInitialize()
 
 /* wrappers for nsPrivilegeManager object */
 PR_IMPLEMENT(PRBool) 
-nsCapsRegisterPrincipal(struct nsPrincipal *principal) 
+nsCapsRegisterPrincipal(class nsIPrincipal *principal) 
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+  if(nsPrivManager == NULL) return PR_FALSE; 
-   return PR_FALSE; 
+  nsPrivManager->RegisterPrincipal(principal);
-  nsPrivManager->registerPrincipal(principal);
   return PR_TRUE;
 }
 
 PR_IMPLEMENT(PRBool) 
-nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
+nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->EnablePrivilege(context, target, callerDepth);
-   return PR_FALSE; 
-  return nsPrivManager->enablePrivilege(context, target, callerDepth);
 }
 
 PR_IMPLEMENT(PRBool) 
-nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth)
+nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->IsPrivilegeEnabled(context, target, callerDepth);
-   return PR_FALSE; 
-  return nsPrivManager->isPrivilegeEnabled(context, target, callerDepth);
 }
 
 PR_IMPLEMENT(PRBool) 
-nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
+nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL ) ? PR_FALSE : nsPrivManager->RevertPrivilege(context, target, callerDepth);
-   return PR_FALSE; 
-  return nsPrivManager->revertPrivilege(context, target, callerDepth);
 }
 
 PR_IMPLEMENT(PRBool) 
-nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
+nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->DisablePrivilege(context, target, callerDepth);
-   return PR_FALSE; 
-  return nsPrivManager->disablePrivilege(context, target, callerDepth);
 }
 
 PR_IMPLEMENT(void*) 
 nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? NULL 
-   return NULL; 
+	: (void *)nsPrivManager->GetClassPrincipalsFromStack(context, callerDepth);
-  return (void *)nsPrivManager->getClassPrincipalsFromStack(context, callerDepth);
 }
 
 PR_IMPLEMENT(nsSetComparisonType) 
 nsCapsComparePrincipalArray(void* prin1Array, void* prin2Array)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? nsSetComparisonType_NoSubset 
-   return nsSetComparisonType_NoSubset; 
+	: nsPrivManager->ComparePrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
-  return nsPrivManager->comparePrincipalArray((nsPrincipalArray*)prin1Array, 
-                                              (nsPrincipalArray*)prin2Array);
 }
 
 PR_IMPLEMENT(void*) 
 nsCapsIntersectPrincipalArray(void* prin1Array, void* prin2Array)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? NULL 
-   return NULL; 
+	: nsPrivManager->IntersectPrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
-  return nsPrivManager->intersectPrincipalArray((nsPrincipalArray*)prin1Array, 
-                                                (nsPrincipalArray*)prin2Array);
 }
 
 PR_IMPLEMENT(PRBool) 
 nsCapsCanExtendTrust(void* from, void* to)
 {
-  nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
+	nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
-  if( nsPrivManager == NULL )
+	return (nsPrivManager == NULL) ? PR_FALSE
-   return PR_FALSE; 
+	: nsPrivManager->CanExtendTrust((nsPrincipalArray *)from, (nsPrincipalArray *)to);
-  return nsPrivManager->canExtendTrust((nsPrincipalArray*)from, 
-                                       (nsPrincipalArray*)to);
 }
 
 /* wrappers for nsPrincipal object */
-PR_IMPLEMENT(struct nsPrincipal *) 
+/*
-nsCapsNewPrincipal(nsPrincipalType type, void * key, 
+PR_IMPLEMENT(class nsIPrincipal *) 
-                   PRUint32 key_len, void *zig)
+nsCapsNewPrincipal(PRInt16 prinType, void * key, PRUint32 key_len, void *zig)
 {
-  return new nsPrincipal(type, key, key_len, zig);
+// XXX ARIEL FIX:
+// this is absolutely wrong, must be fixed ASAP
+//  return new nsIPrincipal(prinType, key, key_len, zig);
+	return NULL;
 }
+*/
 
 PR_IMPLEMENT(const char *) 
-nsCapsPrincipalToString(struct nsPrincipal *principal)
+nsCapsPrincipalToString(class nsIPrincipal *principal)
 {
-  return principal->toString();
+	char * prinStr;
+	principal->ToString(& prinStr);
+	return prinStr;
 }
 
 PR_IMPLEMENT(PRBool) 
-nsCapsIsCodebaseExact(struct nsPrincipal *principal)
+nsCapsIsCodebaseExact(class nsIPrincipal *principal)
 {
-  return principal->isCodebaseExact();
+	PRInt16 prinType;
+	principal->GetType(& prinType);
+	return (prinType == (PRInt16) nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
 }
 
 PR_IMPLEMENT(const char *) 
-nsCapsPrincipalGetVendor(struct nsPrincipal *principal)
+nsCapsPrincipalGetVendor(class nsIPrincipal *principal)
 {
-  return principal->getVendor();
+	//deprecated returning NULL
+	//return principal->getVendor();
+	return NULL;
 }
 
 PR_EXTERN(void *) 
 nsCapsNewPrincipalArray(PRUint32 count)
 {
-  nsPrincipalArray *prinArray = new nsPrincipalArray();
+	nsPrincipalArray *prinArray = new nsPrincipalArray();
-  prinArray->SetSize(count, 1);
+	prinArray->SetSize(count, 1);
-  return prinArray;
+	return prinArray;
 }
 
 PR_EXTERN(void) 
 nsCapsFreePrincipalArray(void *prinArrayArg)
 {
-  nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
+	nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
-  if (prinArray) {
+	if (prinArray) {
-    prinArray->RemoveAll();
+		prinArray->RemoveAll();
-    delete prinArray;
+		delete prinArray;
-  }
+	}
 }
 
 PR_EXTERN(void *) 
 nsCapsGetPrincipalArrayElement(void *prinArrayArg, PRUint32 index)
 {
-  nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
+	nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
-  if (prinArray == NULL) {
+	return (prinArray == NULL) ? NULL : prinArray->Get(index);
-    return NULL;
-  }
-  return prinArray->Get(index);
 }
 
 PR_EXTERN(void) 
 nsCapsSetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, void *element)
 {
-  nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
+	nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
-  if (prinArray == NULL) {
+	if (prinArray == NULL) return;
-    return;
+	prinArray->Set(index, element);
-  }
-  prinArray->Set(index, element);
 }
 
 PR_EXTERN(PRUint32) 
 nsCapsGetPrincipalArraySize(void *prinArrayArg) 
 {
   nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
-  if (prinArray == NULL) {
+  return (prinArray == NULL) ? 0 : prinArray->GetSize();
-    return 0;
-  }
-  return prinArray->GetSize();
 }
 
 /* wrappers for nsTarget object */
-PR_IMPLEMENT(struct nsTarget *) 
+PR_IMPLEMENT(class nsTarget *) 
 nsCapsFindTarget(char *name)
 {
-  return nsTarget::findTarget(name);
+  return nsTarget::FindTarget(name);
 }
 
 /* wrappers for nsPrivilege object */
@@ -270,9 +255,9 @@ nsCapsGetPermission(struct nsPrivilege *privilege)
 
 /* wrappers for nsPrivilegeTable object */
 PR_IMPLEMENT(struct nsPrivilege *)
-nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
+nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget *target)
 {
-  return annotation->get(target);
+return annotation->Get(target);
 }
 
 
@@ -284,7 +269,6 @@ setNewNSJSJavaFrameWrapperCallback(struct NSJSJavaFrameWrapper * (*fp)(void *))
     nsCapsNewNSJSJavaFrameWrapperCallback = fp;
 }
 
-
 void (*nsCapsFreeNSJSJavaFrameWrapperCallback)(struct NSJSJavaFrameWrapper *);
 PR_IMPLEMENT(void)
 setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
@@ -292,7 +276,6 @@ setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
     nsCapsFreeNSJSJavaFrameWrapperCallback = fp;
 }
 
-
 void (*nsCapsGetStartFrameCallback)(struct NSJSJavaFrameWrapper *);
 PR_IMPLEMENT(void)
 setGetStartFrameCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
@@ -307,7 +290,6 @@ setIsEndOfFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
     nsCapsIsEndOfFrameCallback = fp;
 }
 
-
 PRBool (*nsCapsIsValidFrameCallback)(struct NSJSJavaFrameWrapper *);
 PR_IMPLEMENT(void)
 setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
@@ -315,7 +297,6 @@ setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
     nsCapsIsValidFrameCallback = fp;
 }
 
-
 void * (*nsCapsGetNextFrameCallback)(struct NSJSJavaFrameWrapper *, int *);
 PR_IMPLEMENT(void)
 setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
@@ -323,28 +304,25 @@ setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
     nsCapsGetNextFrameCallback = fp;
 }
 
-
 void * (*nsCapsGetPrincipalArrayCallback)(struct NSJSJavaFrameWrapper *);
 PR_IMPLEMENT(void)
 setOJIGetPrincipalArrayCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
 {
-    nsCapsGetPrincipalArrayCallback = fp;
+	nsCapsGetPrincipalArrayCallback = fp;
 }
 
-
 void * (*nsCapsGetAnnotationCallback)(struct NSJSJavaFrameWrapper *);
 PR_IMPLEMENT(void)
 setOJIGetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
 {
-    nsCapsGetAnnotationCallback = fp;
+	nsCapsGetAnnotationCallback = fp;
 }
 
-
 void * (*nsCapsSetAnnotationCallback)(struct NSJSJavaFrameWrapper *, void *);
 PR_IMPLEMENT(void)
 setOJISetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, void *))
 {
-    nsCapsSetAnnotationCallback = fp;
+	nsCapsSetAnnotationCallback = fp;
 }
 
 /* 
@@ -359,7 +337,6 @@ nsCapsEnableRegistrationModeFlag(void)
 	registrationModeFlag = PR_TRUE;
 }
 
-
 /*
  * This function disables the registration mode flag.
  * Disabling this flag allows all valid urls types to

caps/src/nsCertificatePrincipal.cpp

@@ -17,143 +17,92 @@
  */
 
 #include "nsCertificatePrincipal.h"
-#include "nsPrincipal.h"
 
 static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
 
-////////////////////////////////////////////////////////////////////////////
+NS_IMPL_ISUPPORTS(nsCertificatePrincipal, kICertificatePrincipalIID);
-// from nsISupports:
-
-// These macros produce simple version of QueryInterface and AddRef.
-// See the nsISupports.h header file for DETAILS.
-
-NS_IMPL_ISUPPORTS(nsCertificatePrincipal,kICertificatePrincipalIID);
-
-////////////////////////////////////////////////////////////////////////////
-// from nsIPrincipal:
 
 NS_IMETHODIMP
-nsCertificatePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
+nsCertificatePrincipal::GetPublicKey(char ** publicKey, PRUint32 * publicKeyLength)
 {
-   if(m_pNSPrincipal == NULL)
+	publicKey = & this->itsKey;
-   {
+	publicKeyLength = & this->itsKeyLength;
-      *pbIsTrusted = PR_FALSE;
+	return (itsKey == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal();
-   return NS_OK;
 }
-     
+
-////////////////////////////////////////////////////////////////////////////
-// from nsICertificatePrincipal:
-/**
- * Returns the public key of the certificate.
- *
- * @param publicKey -     the Public Key data will be returned in this field.
- * @param publicKeySize - the length of public key data is returned in this
- *                        parameter.
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetPublicKey(char **publicKey, PRUint32 *publicKeySize)
+nsCertificatePrincipal::GetCompanyName(char * * companyName)
 {
-   // XXX raman: fix it.
+	companyName = & this->itsCompanyName;
-   PR_ASSERT(PR_FALSE);
+	return (itsCompanyName == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-   return NS_OK;
 }
 
-/**
- * Returns the company name of the ceritificate (OU etc parameters of certificate)
- *
- * @param result - the certificate details about the signer.
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetCompanyName(char **ppCompanyName)
+nsCertificatePrincipal::GetCertificateAuthority(char * * certificateAuthority)
 {
-   if(m_pNSPrincipal == NULL)
+	certificateAuthority = & this->itsCertificateAuthority;
-   {
+	return (itsCertificateAuthority == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-      *ppCompanyName = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppCompanyName = m_pNSPrincipal->getCompanyName();
-   return NS_OK;
 }
 
-/**
- * Returns the certificate issuer's data (OU etc parameters of certificate)
- *
- * @param result - the details about the issuer
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetCertificateAuthority(char **ppCertAuthority)
+nsCertificatePrincipal::GetSerialNumber(char * * serialNumber)
 {
-   if(m_pNSPrincipal == NULL)
+	serialNumber = & this->itsSerialNumber;
-   {
+	return (itsSerialNumber == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-      *ppCertAuthority = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppCertAuthority = m_pNSPrincipal->getSecAuth();
-   return NS_OK;
 }
 
-/**
- * Returns the serial number of certificate 
- *
- * @param result - Returns the serial number of certificate 
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetSerialNumber(char **ppSerialNumber)
+nsCertificatePrincipal::GetExpirationDate(char * * expirationDate)
 {
-   if(m_pNSPrincipal == NULL)
+	expirationDate = & this->itsExpirationDate;
-   {
+	return (itsExpirationDate == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-      *ppSerialNumber = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppSerialNumber = m_pNSPrincipal->getSerialNo();
-   return NS_OK;
 }
 
-/**
- * Returns the expiration date of certificate 
- *
- * @param result - Returns the expiration date of certificate 
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetExpirationDate(char **ppExpDate)
+nsCertificatePrincipal::GetFingerPrint(char * * fingerPrint)
 {
-   if(m_pNSPrincipal == NULL)
+	fingerPrint = & this->itsFingerPrint;
-   {
+	return (itsFingerPrint == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
-      *ppExpDate = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppExpDate = m_pNSPrincipal->getExpDate();
-   return NS_OK;
 }
 
-/**
- * Returns the finger print of certificate 
- *
- * @param result - Returns the finger print of certificate 
- */
 NS_IMETHODIMP
-nsCertificatePrincipal::GetFingerPrint(char **ppFingerPrint)
+nsCertificatePrincipal::GetType(PRInt16 * type)
 {
-   if(m_pNSPrincipal == NULL)
+	type = & this->itsType;
-   {
+	return NS_OK;
-      *ppFingerPrint = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppFingerPrint = m_pNSPrincipal->getFingerPrint();
-   return NS_OK;
 }
 
-////////////////////////////////////////////////////////////////////////////
+NS_IMETHODIMP
-// from nsCertificatePrincipal:
+nsCertificatePrincipal::IsSecure(PRBool * result)
-
-nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain, 
-                                   PRUint32 *certChainLengths, 
-                                   PRUint32 noOfCerts, 
-                                   nsresult *result)
 {
+	*result =  (this->itsType == (PRInt16)nsIPrincipal::PrincipalType_Unknown) ? PR_FALSE : PR_TRUE;
+	return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsCertificatePrincipal::ToString(char **result)
+{
+	return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::HashCode(PRUint32 * code) 
+{
+	code=0;
+	return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::Equals(nsIPrincipal * other, PRBool * result)
+{
+	return NS_OK;
+}
+
+nsCertificatePrincipal::nsCertificatePrincipal(PRInt16 * type, const unsigned char **certChain, 
+								PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result)
+{
+	this->itsType = * type;
+	/*
    m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain, 
                                     certChainLengths, noOfCerts);
    if(m_pNSPrincipal == NULL)
@@ -162,21 +111,9 @@ nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain,
       return;
    }
    *result = NS_OK;
-}
+   */
-
-nsCertificatePrincipal::nsCertificatePrincipal(nsPrincipal *pNSPrincipal)
-{
-   m_pNSPrincipal = pNSPrincipal;
 }
 
 nsCertificatePrincipal::~nsCertificatePrincipal(void)
 {
-   delete m_pNSPrincipal;
+}
-}
-
-nsPrincipal*
-nsCertificatePrincipal::GetPeer(void)
-{
-   return m_pNSPrincipal;
-}
-

caps/src/nsCodebasePrincipal.cpp

@@ -17,81 +17,78 @@
  */
 
 #include "nsCodebasePrincipal.h"
-#include "nsPrincipal.h"
 #include "xp.h"
 
 static NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
-////////////////////////////////////////////////////////////////////////////
-// from nsISupports:
-
-// These macros produce simple version of QueryInterface and AddRef.
-// See the nsISupports.h header file for DETAILS.
 
 NS_IMPL_ISUPPORTS(nsCodebasePrincipal, kICodebasePrincipalIID);
 
-////////////////////////////////////////////////////////////////////////////
+NS_IMETHODIMP
-// from nsIPrincipal:
+nsCodebasePrincipal::GetURL(char **cburl)
+{
+	cburl = (char **)&codeBaseURL;
+	return NS_OK;
+}
 
 NS_IMETHODIMP
-nsCodebasePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
+nsCodebasePrincipal::IsCodebaseExact(PRBool * result)
 {
-   if(m_pNSPrincipal == NULL)
+	* result = (this->itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
-   {
+	return NS_OK;
-      *pbIsTrusted = PR_FALSE;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *pbIsTrusted = m_pNSPrincipal->isSecurePrincipal();
-   return NS_OK;
 }
-     
 
-
-/**
- * Returns the codebase URL of the principal.
- *
- * @param result - the resulting codebase URL
- */
 NS_IMETHODIMP
-nsCodebasePrincipal::GetURL(char **ppCodeBaseURL)
+nsCodebasePrincipal::IsCodebaseRegex(PRBool * result)
 {
-   if(m_pNSPrincipal == NULL)
+	* result = (itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseRegex) ? PR_TRUE : PR_FALSE;
-   {
+	return NS_OK;
-      *ppCodeBaseURL = NULL;
-      return NS_ERROR_ILLEGAL_VALUE;
-   }
-   *ppCodeBaseURL = m_pNSPrincipal->getKey();
-   return NS_OK;
 }
 
-////////////////////////////////////////////////////////////////////////////
+NS_IMETHODIMP
-// from nsCCodebasePrincipal:
+nsCodebasePrincipal::GetType(PRInt16 * type)
-
-nsCodebasePrincipal::nsCodebasePrincipal(const char *codebaseURL, 
-                                           nsresult *result)
 {
-   m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact, 
+	type = itsType;
-                                    (void *)codebaseURL, 
+	return NS_OK;
-                                    XP_STRLEN(codebaseURL));
-   if(m_pNSPrincipal == NULL)
-   {
-      *result = NS_ERROR_OUT_OF_MEMORY;
-      return;
-   }
-   *result = NS_OK;
 }
 
-nsCodebasePrincipal::nsCodebasePrincipal(nsPrincipal *pNSPrincipal)
+NS_IMETHODIMP 
+nsCodebasePrincipal::IsSecure(PRBool * result)
+{ 
+	/*
+	if ((0 == memcmp("https:", itsKey, strlen("https:"))) ||
+      (0 == memcmp("file:", itsKey, strlen("file:"))))
+    return PR_TRUE;
+	*/
+	return PR_FALSE;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::ToString(char **result)
 {
-   m_pNSPrincipal = pNSPrincipal;
+	return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::HashCode(PRUint32 * code)
+{
+	code=0;
+	return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::Equals(nsIPrincipal * other, PRBool * result)
+{
+	PRInt16 * oType;
+	other->GetType(oType);
+	*result = (itsType == oType) ? PR_TRUE : PR_FALSE;	
+	return NS_OK;
+}
+nsCodebasePrincipal::nsCodebasePrincipal(PRInt16 * type, const char * codeBaseURL)
+{
+	this->itsType=type;
+	this->codeBaseURL=codeBaseURL;
 }
 
 nsCodebasePrincipal::~nsCodebasePrincipal(void)
 {
-   delete m_pNSPrincipal;
+}
-}
-
-nsPrincipal*
-nsCodebasePrincipal::GetPeer(void)
-{
-   return m_pNSPrincipal;
-}

caps/src/nsPrivilegeTable.cpp

@@ -25,84 +25,77 @@
 
 nsPrivilegeTable::nsPrivilegeTable(void)
 {
-  itsTable = NULL;
+	this->itsTable = NULL;
 }
 
 nsPrivilegeTable::~nsPrivilegeTable(void)
 {
-  /* XXX: We need to incr and decr objects that we put into this hashtable.
+	/* XXX: We need to incr and decr objects that we put into this hashtable.
-   * There is a big memory leak.
+	 * There is a big memory leak.
-   *
+	 *
-   * We need to delete all the entries in the privilege Table
+	 * We need to delete all the entries in the privilege Table
-   */
+	 */
-  if (itsTable)
+	if (this->itsTable) delete this->itsTable;
-    delete itsTable;
+	this->itsTable = NULL;
-  itsTable = NULL;
 }
 
-PRInt32 nsPrivilegeTable::size(void)
+PRInt32
+nsPrivilegeTable::Size(void)
 {
-  if (itsTable != NULL) 
+	return (itsTable != NULL) ? itsTable->Count() : 0;
-    return itsTable->Count();
-  else return 0;
 }
 
-PRBool nsPrivilegeTable::isEmpty(void)
+PRBool
+nsPrivilegeTable::IsEmpty(void)
 {
-  if (itsTable == NULL) return PR_TRUE;
+	return ((itsTable == NULL) && (itsTable->Count() == 0)) ? PR_TRUE : PR_FALSE;
-  else return ((itsTable->Count() > 0) ? PR_FALSE : PR_TRUE);
 }
 
-nsPrivilege * nsPrivilegeTable::get(nsTarget *target)
+nsPrivilege * 
+nsPrivilegeTable::Get(nsTarget *target)
 {
-  if (itsTable == NULL) {
+	if (itsTable == NULL) 
-    return nsPrivilege::findPrivilege(nsPermissionState_Blank,
+		return nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session);
-                                      nsDurationState_Session);
+	TargetKey targKey(target);
-  }
+	nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
-
+	return (priv == NULL)
-  TargetKey targKey(target);
+	? nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session) : priv;
-  
-  nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
-  if (priv == NULL) {
-    return nsPrivilege::findPrivilege(nsPermissionState_Blank,
-                                      nsDurationState_Session);
-  }
-  return priv;
 }
 
-nsPrivilege * nsPrivilegeTable::put(nsTarget *target, nsPrivilege *priv)
+nsPrivilege * 
+nsPrivilegeTable::Put(nsTarget * target, nsPrivilege * priv)
 {
   nsCaps_lock();
-  if (itsTable == NULL) itsTable = new nsHashtable();
+  if (itsTable == NULL) this->itsTable = new nsHashtable();
-
   TargetKey targKey(target);
   nsPrivilege *priv2 = (nsPrivilege *)itsTable->Put(&targKey, (void *)priv);
   nsCaps_unlock();
   return priv2;
 }
 
-nsPrivilege * nsPrivilegeTable::remove(nsTarget *target)
+nsPrivilege * 
+nsPrivilegeTable::Remove(nsTarget *target)
 {
-  if (itsTable == NULL) return NULL;
+	if (itsTable == NULL) return NULL;
-  TargetKey targKey(target);
+	TargetKey targKey(target);
-  nsCaps_lock();
+	nsCaps_lock();
-  nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
+	nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
-  nsCaps_unlock();
+	nsCaps_unlock();
-  return priv;
+	return priv;
 }
 
-nsPrivilegeTable * nsPrivilegeTable::clone(void)
+nsPrivilegeTable * 
+nsPrivilegeTable::Clone(void)
 {
   nsCaps_lock();
   nsPrivilegeTable *newbie = new nsPrivilegeTable();
-  if (itsTable != NULL) {
+  if (itsTable != NULL) newbie->itsTable = itsTable->Clone();
-    newbie->itsTable = itsTable->Clone();
-  }
   nsCaps_unlock();
   return newbie;
 }
 
-void nsPrivilegeTable::clear(void)
+void 
+nsPrivilegeTable::Clear(void)
 {
   /* XXX: free the entries also */
   nsCaps_lock();
@@ -111,8 +104,7 @@ void nsPrivilegeTable::clear(void)
   nsCaps_unlock();
 }
 
-void nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
+void 
-  if (itsTable != NULL) {
+nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
-    itsTable->Enumerate(aEnumFunc);
+	if (itsTable != NULL) itsTable->Enumerate(aEnumFunc);
-  }
+}
-}

caps/src/nsUserTarget.cpp

@@ -51,32 +51,35 @@ nsUserTarget::~nsUserTarget(void)
 }
 
 #define OPTION "<option>"
-nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
+nsPrivilege * 
+nsUserTarget::EnablePrivilege(nsIPrincipal *prin, void *data)
 {
-  char *riskStr = getRisk();
+	char * riskStr = this->GetRisk();
-  char *desc = getDescription();
+	char * desc = this->GetDescription();
-  char *prinStr = prin->toString();
+	char * prinStr;
-  char *targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
+	prin->ToString(& prinStr);
-  XP_STRCPY(targetStr, OPTION);
+	char * targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
-  XP_STRCAT(targetStr, desc);
+	XP_STRCPY(targetStr, OPTION);
-  PRBool isCert = (prin->isCodebase()) ? PR_FALSE : PR_TRUE;
+	XP_STRCAT(targetStr, desc);
-  void *cert = prin->getCertificate();
+	PRInt16 prinType;
-  nsPermState permState = nsPermState_AllowedSession;
+	prin->GetType(& prinType);
-
+//	void *cert;
+//	if(prinType == (PRInt16) nsIPrincipal::PrincipalType_Certificate)
+//		cert = ((nsICertificatePrincipal *) prin)->GetCertificate();
+	nsPermState permState = nsPermState_AllowedSession;
   /* 
    * Check Registration Mode flag and the url code base 
    * to set permission state 
    */
-  if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
+//  if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
-	  if (prin->isFileCodeBase()) {
+//	  if (prinType == (PRInt16) nsIPrincipal::PrincipalType_Codebase) permState = nsPermState_AllowedSession;
-		permState = nsPermState_AllowedSession;
+//  } else if (displayUI) {
-	  }
+		/* set displayUI to TRUE, to enable UI */
-  } else if (displayUI) {
+//		nsCaps_lock();
-	/* set displayUI to TRUE, to enable UI */
+//		permState = displayPermissionDialog(prinStr, targetStr, riskStr,
-    nsCaps_lock();
+//		 isCert, cert); 
-    permState = displayPermissionDialog(prinStr, targetStr, riskStr, isCert, cert); 
+//		nsCaps_unlock();
-    nsCaps_unlock();
+//
	}
-  }
 
   nsPermissionState permVal; 
   nsDurationState durationVal;
@@ -96,6 +99,4 @@ nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
   }
   delete []targetStr;
   return nsPrivilege::findPrivilege(permVal, durationVal);
-}
+}
-
-

dom/src/base/nsJSSecurityManager.cpp

@@ -1330,28 +1330,25 @@ nsJSSecurityManager::PrintPrincipalsToConsole(JSContext *aCx, JSPrincipals *aPri
 {
   void *principalsArray;
   nsIPrincipal *principal;
-  char *vendor;
+//cd ..  char *vendor;
   PRUint32 i, count;
   static char emptyStr[] = "<empty>\n";
-
   principalsArray = aPrincipals->getPrincipalArray(aCx, aPrincipals);
-
   if (principalsArray == nsnull) {
     PrintToConsole(emptyStr);
     return;
   }
-
   PrintToConsole("[\n");
   mCapsManager->GetPrincipalArraySize(principalsArray, &count);
   for (i = 0; i < count; i++) {
     mCapsManager->GetPrincipalArrayElement(principalsArray, i, &principal);
-    mCapsManager->GetVendor(principal, &vendor);
+//    mCapsManager->GetVendor(principal, &vendor);
-    if (vendor == nsnull) {
+//    if (vendor == nsnull) {
-      JS_ReportOutOfMemory(aCx);
+//      JS_ReportOutOfMemory(aCx);
-      return;
+//      return;
-    }
+//    }
-    PrintToConsole(vendor);
+//    PrintToConsole(vendor);
-    PrintToConsole(",\n");
+//    PrintToConsole(",\n");
   }
   PrintToConsole("]\n");
 }
@@ -1373,24 +1370,19 @@ nsJSSecurityManager::InvalidateCertPrincipals(JSContext *aCx, JSPrincipals *aPri
 char*
 nsJSSecurityManager::FindOriginURL(JSContext *aCx, JSObject *aGlobal)
 {
-  nsISupports *tmp1, *tmp2;
+  nsISupports * tmp1, * tmp2;
   nsIScriptGlobalObjectData* globalData = nsnull;
   nsAutoString urlString;
-
+  tmp1 = (nsISupports *)JS_GetPrivate(aCx, aGlobal);
-  tmp1 = (nsISupports*)JS_GetPrivate(aCx, aGlobal);
   if (nsnull != tmp1 && 
       NS_OK == tmp1->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
     globalData->GetOrigin(&urlString);
   }
-    
   if (urlString.Length() == 0) {
     /* Must be a new, empty window?  Use running origin. */
     tmp2 = (nsISupports*)JS_GetPrivate(aCx, JS_GetGlobalObject(aCx));
-
     /* Compare running and current to avoid infinite recursion. */
-    if (tmp1 == tmp2) {
+    if (tmp1 == tmp2) urlString = gUnknownOriginStr;
-      urlString = gUnknownOriginStr;
-    } 
     else if (nsnull != tmp2 && 
              NS_OK == tmp2->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
       globalData->GetOrigin(&urlString);

modules/oji/src/lcglue.cpp

@@ -256,6 +256,9 @@ map_java_object_to_js_object_impl(JNIEnv *env, void *pluginInstancePtr, char* *e
 
 
 #if 0 
+// This needs to be modified at least temporarily.  Caps is undergoing some rearchitecture
+// nsPrincipal doesn't exist anymore, we're trying to move towards using nsIPrincipal and a PrincipalTools.h
+// which includes the definitions for arrays.
 // TODO: Need raman's help. This needs to convert between C++ [] array data type to a nsVector object.
 void* 
 ConvertNSIPrincipalArrayToObject(JNIEnv *pJNIEnv, JSContext *pJSContext, void  **ppNSIPrincipalArrayIN, int numPrincipals, void *pNSISecurityContext)