зеркало из https://github.com/mozilla/pjs.git
Fix to the caps security module. I removed the nsPrincipal struct, from now
on you can access principals by their xpcomed interface nsIPrincipal.
This commit is contained in:
Родитель
9ae27ebebc
Коммит
76ffc06aa5
|
@ -1,6 +1,3 @@
|
|||
nsIPrincipal.idl
|
||||
nsICodebasePrincipal.idl
|
||||
nsICertificatePrincipal.idl
|
||||
nsICodeSourcePrincipal.idl
|
||||
nsIScriptSecurityManager.idl
|
||||
nsICapsSecurityCallbacks.idl
|
|
@ -24,13 +24,10 @@ include $(DEPTH)/config/autoconf.mk
|
|||
|
||||
MODULE = caps
|
||||
|
||||
XPIDLSRCS = \
|
||||
XPIDLSRCS = \
|
||||
nsIScriptSecurityManager.idl \
|
||||
nsICapsSecurityCallbacks.idl \
|
||||
nsIPrincipal.idl \
|
||||
nsICodebasePrincipal.idl \
|
||||
nsICertificatePrincipal.idl \
|
||||
nsICodeSourcePrincipal.idl \
|
||||
nsIPrincipal.idl \
|
||||
$(NULL)
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
|
|
@ -19,13 +19,10 @@ DEPTH=..\..
|
|||
|
||||
MODULE=caps
|
||||
|
||||
XPIDLSRCS= \
|
||||
XPIDLSRCS= \
|
||||
.\nsIScriptSecurityManager.idl \
|
||||
.\nsICapsSecurityCallbacks.idl \
|
||||
.\nsIPrincipal.idl \
|
||||
.\nsICertificatePrincipal.idl \
|
||||
.\nsICodebasePrincipal.idl \
|
||||
.\nsICodeSourcePrincipal.idl \
|
||||
.\nsIPrincipal.idl \
|
||||
$(NULL)
|
||||
|
||||
include <$(DEPTH)\config\rules.mak>
|
||||
|
|
|
@ -17,8 +17,37 @@
|
|||
*/
|
||||
|
||||
#include "nsISupports.idl"
|
||||
|
||||
[uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]
|
||||
interface nsIPrincipal : nsISupports {
|
||||
void IsTrusted([const] in string scope, out boolean pbIsTrusted);
|
||||
const short PrincipalType_Unknown=-1;
|
||||
const short PrincipalType_CodebaseExact=1;
|
||||
const short PrincipalType_CodebaseRegex=2;
|
||||
const short PrincipalType_Certificate=3;
|
||||
const short PrincipalType_CertificateFingerPrint=4;
|
||||
const short PrincipalType_CertificateKey=5;
|
||||
const short PrincipalType_CertificateChain=6;
|
||||
|
||||
void GetType(out short type);
|
||||
void IsSecure(out boolean result);
|
||||
void ToString(out string result);
|
||||
void HashCode(out unsigned long code);
|
||||
void Equals(in nsIPrincipal other, out boolean result);
|
||||
};
|
||||
|
||||
[uuid(c29fe440-25e1-11d2-8160-006008119d7a)]
|
||||
interface nsICodebasePrincipal : nsIPrincipal {
|
||||
void GetURL(out string ppCodeBaseURL);
|
||||
void IsCodebaseExact(out boolean result);
|
||||
void IsCodebaseRegex(out boolean result);
|
||||
};
|
||||
|
||||
[uuid(ebfefcd0-25e1-11d2-8160-006008119d7a)]
|
||||
interface nsICertificatePrincipal : nsIPrincipal {
|
||||
void GetPublicKey(out string publicKey, out unsigned long publicKeySize);
|
||||
void GetCompanyName(out string ppCompanyName);
|
||||
void GetCertificateAuthority(out string ppCertAuthority);
|
||||
void GetSerialNumber(out string ppSerialNumber);
|
||||
void GetExpirationDate(out string ppExpDate);
|
||||
void GetFingerPrint(out string ppFingerPrint);
|
||||
};
|
|
@ -1,20 +1,25 @@
|
|||
nsZig.h
|
||||
nsPrincipal.h
|
||||
nsPrivilege.h
|
||||
nsPrivilegeManager.h
|
||||
nsPrivilegeTable.h
|
||||
nsSystemPrivilegeTable.h
|
||||
nsTarget.h
|
||||
nsUserTarget.h
|
||||
jpermission.h
|
||||
nsUserDialogHelper.h
|
||||
nsZip.h
|
||||
nsLoadZig.h
|
||||
admin.h
|
||||
jpermission.h
|
||||
nsCaps.h
|
||||
nsCapsEnums.h
|
||||
nsCCapsManager.h
|
||||
nsCCapsManagerFactory.h
|
||||
nsCertificatePrincipal.h
|
||||
nsCodebasePrincipal.h
|
||||
nsCCodeSourcePrincipal.h
|
||||
nsLoadZig.h
|
||||
nsPrincipalTools.h
|
||||
nsPrivilege.h
|
||||
nsPrivilegeManager.h
|
||||
nsPrivilegeTable.h
|
||||
nsSystemPrivilegeTable.h
|
||||
nsTarget.h
|
||||
nsUserDialogHelper.h
|
||||
nsUserTarget.h
|
||||
nsZig.h
|
||||
nsZip.h
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -23,26 +23,26 @@ VPATH = @srcdir@
|
|||
|
||||
include $(DEPTH)/config/autoconf.mk
|
||||
|
||||
EXPORTS = nsZip.h \
|
||||
nsZig.h \
|
||||
nsLoadZig.h \
|
||||
nsPrincipal.h \
|
||||
nsPrivilege.h \
|
||||
nsPrivilegeManager.h \
|
||||
nsPrivilegeTable.h \
|
||||
EXPORTS = \
|
||||
admin.h \
|
||||
jpermission.h \
|
||||
nsCaps.h \
|
||||
nsCapsEnums.h \
|
||||
nsCCapsManager.h \
|
||||
nsCCapsManagerFactory.h \
|
||||
nsCertificatePrincipal.h \
|
||||
nsCodebasePrincipal.h \
|
||||
nsLoadZig.h \
|
||||
nsPrincipalTools.h \
|
||||
nsPrivilege.h \
|
||||
nsPrivilegeManager.h \
|
||||
nsPrivilegeTable.h \
|
||||
nsSystemPrivilegeTable.h \
|
||||
nsTarget.h \
|
||||
nsUserTarget.h \
|
||||
jpermission.h \
|
||||
nsUserDialogHelper.h \
|
||||
admin.h \
|
||||
nsCaps.h \
|
||||
nsCapsEnums.h \
|
||||
nsCCapsManagerFactory.h \
|
||||
nsCCapsManager.h \
|
||||
nsCertificatePrincipal.h \
|
||||
nsCodebasePrincipal.h \
|
||||
nsCCodeSourcePrincipal.h
|
||||
nsTarget.h \
|
||||
nsUserDialogHelper.h \
|
||||
nsUserTarget.h \
|
||||
nsZig.h \
|
||||
nsZip.h
|
||||
|
||||
EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))
|
||||
|
||||
|
|
|
@ -28,27 +28,26 @@ IGNORE_MANIFEST=1
|
|||
|
||||
MODULE=caps
|
||||
DEPTH=..\..
|
||||
EXPORTS=nsZip.h \
|
||||
nsZig.h \
|
||||
nsLoadZig.h \
|
||||
nsPrincipal.h \
|
||||
nsPrivilege.h \
|
||||
nsPrivilegeManager.h \
|
||||
nsPrivilegeTable.h \
|
||||
nsSystemPrivilegeTable.h \
|
||||
nsTarget.h \
|
||||
nsUserTarget.h \
|
||||
jpermission.h \
|
||||
nsUserDialogHelper.h \
|
||||
admin.h \
|
||||
nsCaps.h \
|
||||
nsCapsEnums.h \
|
||||
nsCCapsManager.h \
|
||||
nsCertificatePrincipal.h \
|
||||
nsCodebasePrincipal.h \
|
||||
nsCCapsManagerFactory.h \
|
||||
nsCCodeSourcePrincipal.h
|
||||
|
||||
EXPORTS= \
|
||||
admin.h \
|
||||
jpermission.h \
|
||||
nsCaps.h \
|
||||
nsCapsEnums.h \
|
||||
nsCCapsManager.h \
|
||||
nsCCapsManagerFactory.h \
|
||||
nsCertificatePrincipal.h \
|
||||
nsCodebasePrincipal.h \
|
||||
nsLoadZig.h \
|
||||
nsPrincipalTools.h \
|
||||
nsPrivilege.h \
|
||||
nsPrivilegeManager.h \
|
||||
nsPrivilegeTable.h \
|
||||
nsSystemPrivilegeTable.h \
|
||||
nsTarget.h \
|
||||
nsUserDialogHelper.h \
|
||||
nsUserTarget.h \
|
||||
nsZig.h \
|
||||
nsZip.h
|
||||
|
||||
include <$(DEPTH)/config/rules.mak>
|
||||
|
||||
|
|
|
@ -16,15 +16,13 @@
|
|||
* Reserved.
|
||||
*/
|
||||
|
||||
#ifndef nsCCapsManager_h___
|
||||
#define nsCCapsManager_h___
|
||||
#ifndef _NS_CCAPS_MANANGER_H_
|
||||
#define _NS_CCAPS_MANAGER_H_
|
||||
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsISupports.h"
|
||||
#include "nsICapsManager.h"
|
||||
#include "nsAgg.h"
|
||||
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsPrivilegeManager.h"
|
||||
|
||||
/**
|
||||
|
@ -37,238 +35,232 @@
|
|||
*/
|
||||
class nsCCapsManager : public nsICapsManager {
|
||||
public:
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports and AggregatedQueryInterface:
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports and AggregatedQueryInterface:
|
||||
|
||||
NS_DECL_AGGREGATED
|
||||
NS_DECL_AGGREGATED
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsICapsManager:
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsICapsManager:
|
||||
|
||||
NS_IMETHOD
|
||||
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
|
||||
NS_IMETHOD
|
||||
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin);
|
||||
|
||||
NS_IMETHOD
|
||||
CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
|
||||
NS_IMETHOD
|
||||
CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin);
|
||||
|
||||
/**
|
||||
* Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal
|
||||
* and nsICertPrincipal
|
||||
*
|
||||
* @param certByteData - The ceritificate's byte array data including the chain.
|
||||
* @param certByteDataSize - the length of certificate byte array.
|
||||
* @param codebaseURL - the codebase URL
|
||||
*/
|
||||
NS_IMETHOD
|
||||
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
|
||||
/**
|
||||
* Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal
|
||||
* and nsICertPrincipal
|
||||
*
|
||||
* @param certByteData - The ceritificate's byte array data including the chain.
|
||||
* @param certByteDataSize - the length of certificate byte array.
|
||||
* @param codebaseURL - the codebase URL
|
||||
*/
|
||||
/*
|
||||
NS_IMETHOD
|
||||
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin);
|
||||
*/
|
||||
|
||||
/**
|
||||
* Returns the permission for given principal and target
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param state - the return value is passed in this parameter.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * state);
|
||||
|
||||
/**
|
||||
* Returns the permission for given principal and target
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param state - the return value is passed in this parameter.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state);
|
||||
/**
|
||||
* Set the permission state for given principal and target. This wouldn't
|
||||
* prompt the end user with UI.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param state - is permisson state that should be set for the given prin
|
||||
* and target parameters.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
SetPermission(nsIPrincipal * prin, nsTarget* target, nsPermission state);
|
||||
|
||||
/**
|
||||
* Set the permission state for given principal and target. This wouldn't
|
||||
* prompt the end user with UI.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param state - is permisson state that should be set for the given prin
|
||||
* and target parameters.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state);
|
||||
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the given principal and
|
||||
* for the given target.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param result - is the permission user has given for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result);
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the given principal and
|
||||
* for the given target.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param target - is NS_ALL_PRIVILEGES.
|
||||
* @param result - is the permission user has given for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
AskPermission(nsIPrincipal * prin, nsTarget * target, nsPermission * result);
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* All of the following methods are used by JS (the code located
|
||||
* in lib/libmocha area).
|
||||
*/
|
||||
/*
|
||||
* All of the following methods are used by JS (the code located
|
||||
* in lib/libmocha area).
|
||||
*/
|
||||
|
||||
/**
|
||||
* Initializes the capabilities subsytem (ie setting the system principal, initializing
|
||||
* privilege Manager, creating the capsManager factory etc
|
||||
*
|
||||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_IMETHOD
|
||||
Initialize(PRBool *result);
|
||||
/**
|
||||
* Initializes the capabilities subsytem (ie setting the system principal, initializing
|
||||
* privilege Manager, creating the capsManager factory etc
|
||||
*
|
||||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_IMETHOD
|
||||
Initialize(PRBool * result);
|
||||
|
||||
NS_IMETHOD
|
||||
InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
|
||||
NS_IMETHOD
|
||||
InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface);
|
||||
|
||||
/**
|
||||
* Registers the given Principal with the system.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_IMETHOD
|
||||
RegisterPrincipal(nsIPrincipal* prin, PRBool *result);
|
||||
/**
|
||||
* Registers the given Principal with the system.
|
||||
*
|
||||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_IMETHOD
|
||||
RegisterPrincipal(nsIPrincipal * prin);
|
||||
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the principal located
|
||||
* at the given stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the principal located
|
||||
* at the given stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
|
||||
/**
|
||||
* Returns if the user granted permission for the principal located at the given
|
||||
* stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
/**
|
||||
* Returns if the user granted permission for the principal located at the given
|
||||
* stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
|
||||
/**
|
||||
* Reverts the permission (granted/denied) user gave for the principal located
|
||||
* at the given stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
/**
|
||||
* Reverts the permission (granted/denied) user gave for the principal located
|
||||
* at the given stack depth for the given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
|
||||
/**
|
||||
* Disable permissions for the principal located at the given stack depth for the
|
||||
* given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
/**
|
||||
* Disable permissions for the principal located at the given stack depth for the
|
||||
* given target.
|
||||
*
|
||||
* @param context - is the parameter JS needs to determinte the principal
|
||||
* @param targetName - is the name of the target.
|
||||
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
|
||||
* principal
|
||||
* @param result - is true if user has given permission for the given principal and
|
||||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result);
|
||||
|
||||
|
||||
/* XXX: Some of the arguments for the following interfaces may change.
|
||||
* This is a first cut. I need to talk to joki. We should get rid of void* parameters.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
|
||||
/* XXX: Some of the arguments for the following interfaces may change.
|
||||
* This is a first cut. I need to talk to joki. We should get rid of void* parameters.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result);
|
||||
|
||||
NS_IMETHOD
|
||||
IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
|
||||
NS_IMETHOD
|
||||
IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result);
|
||||
|
||||
NS_IMETHOD
|
||||
CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
|
||||
NS_IMETHOD
|
||||
CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result);
|
||||
|
||||
|
||||
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
|
||||
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
|
||||
/*
|
||||
NS_IMETHOD
|
||||
NewPrincipal(PRInt16 prinType, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
|
||||
|
||||
NS_IMETHOD
|
||||
NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result);
|
||||
NS_IMETHOD
|
||||
IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
|
||||
|
||||
NS_IMETHOD
|
||||
IsCodebaseExact(nsIPrincipal* principal, PRBool *result);
|
||||
NS_IMETHOD
|
||||
ToString(nsIPrincipal* principal, char* *result);
|
||||
|
||||
NS_IMETHOD
|
||||
ToString(nsIPrincipal* principal, char* *result);
|
||||
NS_IMETHOD
|
||||
GetVendor(nsIPrincipal* principal, char* *result);
|
||||
*/
|
||||
NS_IMETHOD
|
||||
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
|
||||
|
||||
NS_IMETHOD
|
||||
GetVendor(nsIPrincipal* principal, char* *result);
|
||||
NS_IMETHOD
|
||||
NewPrincipalArray(PRUint32 count, void* *result);
|
||||
|
||||
NS_IMETHOD
|
||||
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result);
|
||||
NS_IMETHOD
|
||||
FreePrincipalArray(void *prinArray);
|
||||
|
||||
NS_IMETHOD
|
||||
NewPrincipalArray(PRUint32 count, void* *result);
|
||||
NS_IMETHOD
|
||||
GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * * result);
|
||||
|
||||
NS_IMETHOD
|
||||
FreePrincipalArray(void *prinArray);
|
||||
NS_IMETHOD
|
||||
SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal * principal);
|
||||
|
||||
NS_IMETHOD
|
||||
GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *result);
|
||||
NS_IMETHOD
|
||||
GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
|
||||
|
||||
NS_IMETHOD
|
||||
SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* principal);
|
||||
/* The following interfaces will replace all of the following old calls.
|
||||
*
|
||||
* nsCapsGetPermission(struct nsPrivilege *privilege)
|
||||
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
|
||||
*
|
||||
*/
|
||||
NS_IMETHOD
|
||||
IsAllowed(void *annotation, char* target, PRBool *result);
|
||||
|
||||
NS_IMETHOD
|
||||
GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result);
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCCapsManager:
|
||||
|
||||
/* The following interfaces will replace all of the following old calls.
|
||||
*
|
||||
* nsCapsGetPermission(struct nsPrivilege *privilege)
|
||||
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
|
||||
*
|
||||
*/
|
||||
NS_IMETHOD
|
||||
IsAllowed(void *annotation, char* target, PRBool *result);
|
||||
nsCCapsManager(nsISupports *aOuter);
|
||||
virtual ~nsCCapsManager(void);
|
||||
|
||||
/* XXX: TODO: We need to set up the JS frame walking callbacks */
|
||||
void
|
||||
CreateNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
|
||||
/*
|
||||
NS_METHOD
|
||||
GetNSPrincipal(nsIPrincipal * pNSIPrincipal, nsIPrincipal ** ppNSPRincipal);
|
||||
*/
|
||||
NS_METHOD
|
||||
GetNSPrincipalArray(nsPrincipalArray* prinArray, nsPrincipalArray* *pPrincipalArray);
|
||||
|
||||
nsPermission
|
||||
ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
|
||||
|
||||
nsPrivilege *
|
||||
ConvertPermissionToPrivilege(nsPermission state);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCCapsManager:
|
||||
|
||||
nsCCapsManager(nsISupports *aOuter);
|
||||
virtual ~nsCCapsManager(void);
|
||||
|
||||
void
|
||||
CreateNSPrincipalArray(nsPrincipalArray* prinArray,
|
||||
nsPrincipalArray* *pPrincipalArray);
|
||||
|
||||
NS_METHOD
|
||||
GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPRincipal);
|
||||
|
||||
NS_METHOD
|
||||
GetNSPrincipalArray(nsPrincipalArray* prinArray,
|
||||
nsPrincipalArray* *pPrincipalArray);
|
||||
|
||||
nsPermission
|
||||
ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege);
|
||||
|
||||
nsPrivilege *
|
||||
ConvertPermissionToPrivilege(nsPermission state);
|
||||
|
||||
void
|
||||
SetSystemPrivilegeManager();
|
||||
|
||||
void
|
||||
SetSystemPrivilegeManager();
|
||||
|
||||
protected:
|
||||
nsPrivilegeManager *m_pNSPrivilegeManager;
|
||||
nsPrivilegeManager * privilegeManager;
|
||||
};
|
||||
|
||||
#endif // nsCCapsManager_h___
|
||||
|
|
|
@ -21,14 +21,13 @@
|
|||
|
||||
#include "prtypes.h"
|
||||
#include "nsCapsEnums.h"
|
||||
|
||||
PR_BEGIN_EXTERN_C
|
||||
|
||||
struct nsPrincipal;
|
||||
struct nsTarget;
|
||||
class nsTarget;
|
||||
class nsIPrincipal;
|
||||
class nsPrivilegeTable;
|
||||
struct nsPrivilegeManager;
|
||||
struct nsPrivilege;
|
||||
struct nsPrivilegeTable;
|
||||
struct NSJSJavaFrameWrapper;
|
||||
|
||||
/* wrappers for nsPrivilegeManager object */
|
||||
|
@ -36,19 +35,19 @@ PR_IMPLEMENT(PRBool)
|
|||
nsCapsInitialize();
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsRegisterPrincipal(struct nsPrincipal *principal);
|
||||
nsCapsRegisterPrincipal(class nsIPrincipal * principal);
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
|
||||
nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth);
|
||||
nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
|
||||
nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth);
|
||||
nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PR_EXTERN(void*)
|
||||
nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
|
||||
|
@ -63,38 +62,39 @@ PR_EXTERN(PRBool)
|
|||
nsCapsCanExtendTrust(void* from, void* to);
|
||||
|
||||
|
||||
|
||||
/* wrappers for nsPrincipal object */
|
||||
PR_EXTERN(struct nsPrincipal *)
|
||||
nsCapsNewPrincipal(nsPrincipalType type, void * key,
|
||||
PR_EXTERN(class nsIPrincipal *)
|
||||
nsCapsNewPrincipal(PRInt16 * principalType, void * key,
|
||||
PRUint32 key_len, void *zig);
|
||||
|
||||
PR_EXTERN(const char *)
|
||||
nsCapsPrincipalToString(struct nsPrincipal *principal);
|
||||
nsCapsPrincipalToString(nsIPrincipal * principal);
|
||||
|
||||
PR_EXTERN(PRBool)
|
||||
nsCapsIsCodebaseExact(struct nsPrincipal *principal);
|
||||
nsCapsIsCodebaseExact(nsIPrincipal * principal);
|
||||
|
||||
PR_EXTERN(const char *)
|
||||
nsCapsPrincipalGetVendor(struct nsPrincipal *principal);
|
||||
nsCapsPrincipalGetVendor(nsIPrincipal * principal);
|
||||
|
||||
PR_EXTERN(void *)
|
||||
nsCapsNewPrincipalArray(PRUint32 count);
|
||||
|
||||
PR_EXTERN(void)
|
||||
nsCapsFreePrincipalArray(void *prinArray);
|
||||
nsCapsFreePrincipalArray(void * prinArray);
|
||||
|
||||
PR_EXTERN(void *)
|
||||
nsCapsGetPrincipalArrayElement(void *prinArray, PRUint32 index);
|
||||
nsCapsGetPrincipalArrayElement(void * prinArray, PRUint32 index);
|
||||
|
||||
PR_EXTERN(void)
|
||||
nsCapsSetPrincipalArrayElement(void *prinArray, PRUint32 index, void *element);
|
||||
nsCapsSetPrincipalArrayElement(void * prinArray, PRUint32 index, void *element);
|
||||
|
||||
PR_EXTERN(PRUint32)
|
||||
nsCapsGetPrincipalArraySize(void *prinArray);
|
||||
nsCapsGetPrincipalArraySize(void * prinArray);
|
||||
|
||||
|
||||
/* wrappers for nsTarget object */
|
||||
PR_EXTERN(struct nsTarget *)
|
||||
PR_EXTERN(class nsTarget *)
|
||||
nsCapsFindTarget(char *name);
|
||||
|
||||
|
||||
|
@ -104,8 +104,8 @@ nsCapsGetPermission(struct nsPrivilege *privilege);
|
|||
|
||||
|
||||
/* wrappers for nsPrivilegeTable object */
|
||||
PR_EXTERN(struct nsPrivilege *)
|
||||
nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target);
|
||||
PR_EXTERN(nsPrivilege *)
|
||||
nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget * target);
|
||||
|
||||
/* Methods for stack walking */
|
||||
|
||||
|
|
|
@ -16,85 +16,64 @@
|
|||
* Reserved.
|
||||
*/
|
||||
|
||||
#ifndef nsCertificatePrincipal_h___
|
||||
#define nsCertificatePrincipal_h___
|
||||
|
||||
#include "nsICertificatePrincipal.h"
|
||||
#include "nsPrincipal.h"
|
||||
#ifndef _NS_CERTIFICATE_PRINCIPAL_H_
|
||||
#define _NS_CERTIFICATE_PRINCIPAL_H_
|
||||
#include "nsVector.h"
|
||||
#include "nsIPrincipal.h"
|
||||
|
||||
class nsCertificatePrincipal : public nsICertificatePrincipal {
|
||||
public:
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports:
|
||||
NS_DECL_ISUPPORTS
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsIPrincipal:
|
||||
NS_DECL_ISUPPORTS
|
||||
|
||||
NS_IMETHOD
|
||||
IsTrusted(const char* scope, PRBool *pbIsTrusted);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsICertificatePrincipal:
|
||||
/**
|
||||
* Returns the public key of the certificate.
|
||||
*
|
||||
* @param publicKey - the Public Key data will be returned in this field.
|
||||
* @param publicKeySize - the length of public key data is returned in this
|
||||
* parameter.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetPublicKey(char **publicKey, PRUint32 *publicKeySize);
|
||||
NS_IMETHOD
|
||||
GetPublicKey(char ** pk, PRUint32 * pkSize);
|
||||
|
||||
/**
|
||||
* Returns the company name of the ceritificate (OU etc parameters of certificate)
|
||||
*
|
||||
* @param result - the certificate details about the signer.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetCompanyName(char **ppCompanyName);
|
||||
NS_IMETHOD
|
||||
GetCompanyName(char ** cn);
|
||||
|
||||
/**
|
||||
* Returns the certificate issuer's data (OU etc parameters of certificate)
|
||||
*
|
||||
* @param result - the details about the issuer
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetCertificateAuthority(char **ppCertAuthority);
|
||||
NS_IMETHOD
|
||||
GetCertificateAuthority(char ** ca);
|
||||
|
||||
/**
|
||||
* Returns the serial number of certificate
|
||||
*
|
||||
* @param result - Returns the serial number of certificate
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetSerialNumber(char **ppSerialNumber);
|
||||
NS_IMETHOD
|
||||
GetSerialNumber(char ** sn);
|
||||
|
||||
/**
|
||||
* Returns the expiration date of certificate
|
||||
*
|
||||
* @param result - Returns the expiration date of certificate
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetExpirationDate(char **ppExpDate);
|
||||
NS_IMETHOD
|
||||
GetExpirationDate(char ** ed);
|
||||
|
||||
/**
|
||||
* Returns the finger print of certificate
|
||||
*
|
||||
* @param result - Returns the finger print of certificate
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetFingerPrint(char **ppFingerPrint);
|
||||
NS_IMETHOD
|
||||
GetFingerPrint(char ** fp);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCertificatePrincipal:
|
||||
nsCertificatePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result);
|
||||
nsCertificatePrincipal(nsPrincipal *pNSPrincipal);
|
||||
NS_IMETHOD
|
||||
GetType(PRInt16 * type);
|
||||
|
||||
virtual ~nsCertificatePrincipal(void);
|
||||
nsPrincipal *GetPeer(void);
|
||||
NS_IMETHOD
|
||||
IsSecure(PRBool * result);
|
||||
|
||||
NS_IMETHOD
|
||||
ToString(char ** result);
|
||||
|
||||
NS_IMETHOD
|
||||
HashCode(PRUint32 * code);
|
||||
|
||||
NS_IMETHOD
|
||||
Equals(nsIPrincipal * other, PRBool * result);
|
||||
|
||||
nsCertificatePrincipal(PRInt16 * type, const unsigned char ** certChain,
|
||||
PRUint32 * certChainLengths, PRUint32 noOfCerts, nsresult * result);
|
||||
virtual ~nsCertificatePrincipal(void);
|
||||
|
||||
protected:
|
||||
nsPrincipal *m_pNSPrincipal;
|
||||
PRInt16 itsType;
|
||||
char * itsKey;
|
||||
PRUint32 itsKeyLength;
|
||||
nsVector * itsCertificateArray;
|
||||
char * itsCompanyName;
|
||||
char * itsCertificateAuthority;
|
||||
char * itsSerialNumber;
|
||||
char * itsExpirationDate;
|
||||
char * itsFingerPrint;
|
||||
char * itsNickname;
|
||||
char * itsString;
|
||||
};
|
||||
|
||||
#endif // nsCCertificatePrincipal_h___
|
||||
#endif // _NS_CERTIFICATE_PRINCIPAL_H_
|
||||
|
|
|
@ -16,48 +16,46 @@
|
|||
* Reserved.
|
||||
*/
|
||||
|
||||
#ifndef nsCodebasePrincipal_h___
|
||||
#define nsCodebasePrincipal_h___
|
||||
#ifndef _NS_CODEBASE_PRINCIPAL_H_
|
||||
#define _NS_CODEBASE_PRINCIPAL_H_
|
||||
|
||||
#include "nsICodebasePrincipal.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsIPrincipal.h"
|
||||
|
||||
class nsCodebasePrincipal : public nsICodebasePrincipal {
|
||||
public:
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports:
|
||||
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_ISUPPORTS
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsIPrincipal:
|
||||
NS_IMETHOD
|
||||
GetURL(char ** cburl);
|
||||
|
||||
NS_IMETHOD
|
||||
IsTrusted(const char* scope, PRBool *pbIsTrusted);
|
||||
|
||||
NS_IMETHOD
|
||||
IsCodebaseExact(PRBool * result);
|
||||
|
||||
///////////////////////////////////////////////////////////////////////////
|
||||
// from nsICodebasePrincipal:
|
||||
NS_IMETHOD
|
||||
IsCodebaseRegex(PRBool * result);
|
||||
|
||||
/**
|
||||
* Returns the codebase URL of the principal.
|
||||
*
|
||||
* @param result - the resulting codebase URL
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetURL(char **ppCodeBaseURL);
|
||||
NS_IMETHOD
|
||||
GetType(PRInt16 * type);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCCodebasePrincipal:
|
||||
NS_IMETHOD
|
||||
IsSecure(PRBool * result);
|
||||
|
||||
nsCodebasePrincipal(const char *codebaseURL, nsresult *result);
|
||||
nsCodebasePrincipal(nsPrincipal *pNSPrincipal);
|
||||
NS_IMETHOD
|
||||
ToString(char ** result);
|
||||
|
||||
virtual ~nsCodebasePrincipal(void);
|
||||
nsPrincipal *GetPeer(void);
|
||||
NS_IMETHOD
|
||||
HashCode(PRUint32 * code);
|
||||
|
||||
NS_IMETHOD
|
||||
Equals(nsIPrincipal * other, PRBool * result);
|
||||
|
||||
nsCodebasePrincipal(PRInt16 * type, const char *codebaseURL);
|
||||
virtual ~nsCodebasePrincipal(void);
|
||||
|
||||
protected:
|
||||
nsPrincipal *m_pNSPrincipal;
|
||||
const char * codeBaseURL;
|
||||
PRInt16 * itsType;
|
||||
};
|
||||
|
||||
#endif // nsCCodebasePrincipal_h___
|
||||
#endif // _NS_CODEBASE_PRINCIPAL_H_
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
#ifndef _NS_PRINCIPAL_TOOLS_H_
|
||||
#define _NS_PRINCIPAL_TOOLS_H_
|
||||
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsHashtable.h"
|
||||
|
||||
typedef nsVector nsPrincipalArray;
|
||||
|
||||
class PrincipalKey: public nsHashKey {
|
||||
public:
|
||||
nsIPrincipal * itsPrincipal;
|
||||
|
||||
PrincipalKey(nsIPrincipal * prin) {
|
||||
itsPrincipal = prin;
|
||||
}
|
||||
|
||||
PRUint32 HashValue(void) const {
|
||||
PRUint32 * code;
|
||||
itsPrincipal->HashCode(code);
|
||||
return *code;
|
||||
}
|
||||
|
||||
PRBool Equals(const nsHashKey * aKey) const {
|
||||
PRBool * result;
|
||||
itsPrincipal->Equals(((const PrincipalKey *) aKey)->itsPrincipal, result);
|
||||
return *result;
|
||||
}
|
||||
|
||||
nsHashKey * Clone(void) const {
|
||||
return new PrincipalKey(itsPrincipal);
|
||||
}
|
||||
};
|
||||
|
||||
#endif _NS_PRINCIPAL_TOOLS_H_
|
|
@ -20,7 +20,7 @@
|
|||
#define _NS_PRIVILEGE_H_
|
||||
|
||||
#include "prtypes.h"
|
||||
#include "nsCaps.h"
|
||||
//#include "nsCaps.h"
|
||||
#include "nsCapsEnums.h"
|
||||
|
||||
PRBool nsPrivilegeInitialize(void);
|
||||
|
|
|
@ -23,11 +23,11 @@
|
|||
#include "prio.h"
|
||||
#include "prmon.h"
|
||||
#include "nsHashtable.h"
|
||||
|
||||
#include "nsVector.h"
|
||||
#include "nsCaps.h"
|
||||
#include "nsTarget.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsPrincipalTools.h"
|
||||
#include "nsPrivilege.h"
|
||||
#include "nsPrivilegeTable.h"
|
||||
#include "nsSystemPrivilegeTable.h"
|
||||
|
@ -45,190 +45,221 @@ PRBool nsPrivilegeManagerInitialize(void);
|
|||
struct nsPrivilegeManager {
|
||||
|
||||
public:
|
||||
/* Public Methods */
|
||||
/* Public Methods */
|
||||
|
||||
nsPrivilegeManager(void);
|
||||
virtual ~nsPrivilegeManager(void);
|
||||
nsPrivilegeManager(void);
|
||||
virtual ~nsPrivilegeManager(void);
|
||||
|
||||
void registerSystemPrincipal(nsPrincipal *principal);
|
||||
void
|
||||
RegisterSystemPrincipal(nsIPrincipal * principal);
|
||||
|
||||
void registerPrincipal(nsPrincipal *principal);
|
||||
void
|
||||
RegisterPrincipal(nsIPrincipal * principal);
|
||||
|
||||
PRBool unregisterPrincipal(nsPrincipal *principal);
|
||||
PRBool
|
||||
UnregisterPrincipal(nsIPrincipal * principal);
|
||||
|
||||
PRBool isPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
IsPrivilegeEnabled(nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool isPrivilegeEnabled(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth);
|
||||
PRBool
|
||||
IsPrivilegeEnabled(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
EnablePrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
EnablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrivilege(nsTarget *target, nsPrincipal *preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
PRBool
|
||||
EnablePrivilege(nsTarget *target, nsIPrincipal *preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrivilege(void* context, nsTarget *target,
|
||||
nsPrincipal *preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
PRBool
|
||||
EnablePrivilege(void* context, nsTarget *target, nsIPrincipal * preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
|
||||
PRBool revertPrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
RevertPrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool revertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
RevertPrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool disablePrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
DisablePrivilege(nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool disablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
DisablePrivilege(void* context, nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth,
|
||||
nsPrincipal *preferredPrin, void * data,
|
||||
nsTarget *impersonator);
|
||||
PRBool
|
||||
EnablePrincipalPrivilegeHelper(nsTarget *target, PRInt32 callerDepth,
|
||||
nsIPrincipal * preferredPrin, void * data,
|
||||
nsTarget *impersonator);
|
||||
|
||||
PRBool enablePrincipalPrivilegeHelper(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth,
|
||||
nsPrincipal *preferredPrin,
|
||||
void * data,
|
||||
nsTarget *impersonator);
|
||||
PRBool
|
||||
EnablePrincipalPrivilegeHelper(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth,
|
||||
nsIPrincipal * preferredPrin,
|
||||
void * data,
|
||||
nsTarget *impersonator);
|
||||
|
||||
nsPrivilegeTable *enableScopePrivilegeHelper(nsTarget *target,
|
||||
PRInt32 callerDepth,
|
||||
void *data,
|
||||
PRBool helpingSetScopePrivilege,
|
||||
nsPrincipal *prefPrin);
|
||||
nsPrivilegeTable *
|
||||
EnableScopePrivilegeHelper(nsTarget *target,
|
||||
PRInt32 callerDepth,
|
||||
void *data,
|
||||
PRBool helpingSetScopePrivilege,
|
||||
nsIPrincipal * prefPrin);
|
||||
|
||||
nsPrivilegeTable *enableScopePrivilegeHelper(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth, void *data,
|
||||
PRBool helpingSetScopePrivilege,
|
||||
nsPrincipal *prefPrin);
|
||||
nsPrivilegeTable *
|
||||
EnableScopePrivilegeHelper(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth, void *data,
|
||||
PRBool helpingSetScopePrivilege,
|
||||
nsIPrincipal * prefPrin);
|
||||
|
||||
PRBool AskPermission(nsPrincipal* useThisPrin, nsTarget* target, void* data);
|
||||
PRBool
|
||||
AskPermission(nsIPrincipal * useThisPrin, nsTarget* target, void* data);
|
||||
|
||||
void SetPermission(nsPrincipal *useThisPrin, nsTarget *target,
|
||||
nsPrivilege *newPrivilege);
|
||||
void
|
||||
SetPermission(nsIPrincipal * useThisPrin, nsTarget * target, nsPrivilege * newPrivilege);
|
||||
|
||||
void registerPrincipalAndSetPrivileges(nsPrincipal *principal,
|
||||
nsTarget *target,
|
||||
nsPrivilege *newPrivilege);
|
||||
void
|
||||
RegisterPrincipalAndSetPrivileges(nsIPrincipal * principal, nsTarget * target, nsPrivilege * newPrivilege);
|
||||
|
||||
void updatePrivilegeTable(nsTarget *target,
|
||||
nsPrivilegeTable *privTable,
|
||||
nsPrivilege *newPrivilege);
|
||||
void
|
||||
UpdatePrivilegeTable(nsTarget *target, nsPrivilegeTable * privTable, nsPrivilege * newPrivilege);
|
||||
|
||||
PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
|
||||
PRBool
|
||||
CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth);
|
||||
|
||||
PRBool checkPrivilegeGranted(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth);
|
||||
PRBool
|
||||
CheckPrivilegeGranted(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth);
|
||||
|
||||
PRBool checkPrivilegeGranted(nsTarget *target, nsPrincipal *principal,
|
||||
void *data);
|
||||
PRBool
|
||||
CheckPrivilegeGranted(nsTarget *target, nsIPrincipal * principal, void *data);
|
||||
|
||||
PRBool checkPrivilegeGranted(nsTarget *target, PRInt32 callerDepth,
|
||||
void *data);
|
||||
PRBool
|
||||
CheckPrivilegeGranted(nsTarget *target, PRInt32 callerDepth, void *data);
|
||||
|
||||
PRBool checkPrivilegeGranted(void* context, nsTarget *target,
|
||||
PRInt32 callerDepth, void *data);
|
||||
PRBool
|
||||
CheckPrivilegeGranted(void * context, nsTarget * target,
|
||||
PRInt32 callerDepth, void * data);
|
||||
|
||||
nsPrivilege *getPrincipalPrivilege(nsTarget *target, nsPrincipal *prin,
|
||||
void *data);
|
||||
nsPrivilege *
|
||||
GetPrincipalPrivilege(nsTarget * target, nsIPrincipal * prin, void * data);
|
||||
|
||||
static nsPrivilegeManager * getPrivilegeManager(void);
|
||||
static nsPrivilegeManager *
|
||||
GetPrivilegeManager(void);
|
||||
|
||||
static nsPrincipalArray* getMyPrincipals(PRInt32 callerDepth);
|
||||
static nsPrincipalArray *
|
||||
GetMyPrincipals(PRInt32 callerDepth);
|
||||
|
||||
static nsPrincipalArray* getMyPrincipals(void* context, PRInt32 callerDepth);
|
||||
static nsPrincipalArray *
|
||||
GetMyPrincipals(void* context, PRInt32 callerDepth);
|
||||
|
||||
static nsPrincipal * getSystemPrincipal(void);
|
||||
static nsIPrincipal *
|
||||
GetSystemPrincipal(void);
|
||||
|
||||
static PRBool hasSystemPrincipal(nsPrincipalArray *prinArray);
|
||||
static PRBool
|
||||
HasSystemPrincipal(nsPrincipalArray * prinArray);
|
||||
|
||||
static nsPrincipal* getUnsignedPrincipal(void);
|
||||
static nsIPrincipal *
|
||||
GetUnsignedPrincipal(void);
|
||||
|
||||
static nsPrincipal* getUnknownPrincipal(void);
|
||||
static nsIPrincipal *
|
||||
GetUnknownPrincipal(void);
|
||||
|
||||
nsSetComparisonType comparePrincipalArray(nsPrincipalArray* prin1Array,
|
||||
nsPrincipalArray* prin2Array);
|
||||
nsSetComparisonType
|
||||
ComparePrincipalArray(nsPrincipalArray * prin1Array, nsPrincipalArray * prin2Array);
|
||||
|
||||
nsPrincipalArray* intersectPrincipalArray(nsPrincipalArray* prin1Array,
|
||||
nsPrincipalArray* prin2Array);
|
||||
nsPrincipalArray *
|
||||
IntersectPrincipalArray(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
|
||||
|
||||
PRBool canExtendTrust(nsPrincipalArray* prin1Array,
|
||||
nsPrincipalArray* prin2Array);
|
||||
PRBool
|
||||
CanExtendTrust(nsPrincipalArray * pa1, nsPrincipalArray * pa2);
|
||||
|
||||
PRBool checkMatchPrincipal(nsPrincipal *principal, PRInt32 callerDepth);
|
||||
PRBool
|
||||
CheckMatchPrincipal(nsIPrincipal * principal, PRInt32 callerDepth);
|
||||
|
||||
PRBool checkMatchPrincipal(void* context, nsPrincipal *principal,
|
||||
PRInt32 callerDepth);
|
||||
PRBool
|
||||
CheckMatchPrincipal(void* context, nsIPrincipal * principal, PRInt32 callerDepth);
|
||||
|
||||
/* Helper functions for ADMIN UI */
|
||||
const char * getAllPrincipalsString(void);
|
||||
/* Helper functions for ADMIN UI */
|
||||
const char *
|
||||
GetAllPrincipalsString(void);
|
||||
|
||||
nsPrincipal * getPrincipalFromString(char *prinName);
|
||||
nsIPrincipal *
|
||||
GetPrincipalFromString(char *prinName);
|
||||
|
||||
void getTargetsWithPrivileges(char *prinName, char** forever,
|
||||
char** session, char **denied);
|
||||
void
|
||||
GetTargetsWithPrivileges(char *prinName, char** forever, char** session, char **denied);
|
||||
|
||||
PRBool removePrincipal(char *prinName);
|
||||
PRBool
|
||||
RemovePrincipal(char *prinName);
|
||||
|
||||
PRBool removePrincipalsPrivilege(char *prinName, char *targetName);
|
||||
PRBool
|
||||
RemovePrincipalsPrivilege(char *prinName, char *targetName);
|
||||
|
||||
void remove(nsPrincipal *prin, nsTarget *target);
|
||||
|
||||
/* The following are old native methods */
|
||||
char * checkPrivilegeEnabled(nsTargetArray* targetArray,
|
||||
PRInt32 callerDepth, void *data);
|
||||
void
|
||||
Remove(nsIPrincipal *prin, nsTarget *target);
|
||||
|
||||
char * checkPrivilegeEnabled(void* context, nsTargetArray* targetArray,
|
||||
PRInt32 callerDepth, void *data);
|
||||
/* The following are old native methods */
|
||||
char *
|
||||
CheckPrivilegeEnabled(nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
|
||||
|
||||
nsPrincipalArray* getClassPrincipalsFromStack(PRInt32 callerDepth);
|
||||
char *
|
||||
CheckPrivilegeEnabled(void* context, nsTargetArray* targetArray, PRInt32 callerDepth, void *data);
|
||||
|
||||
nsPrincipalArray* getClassPrincipalsFromStack(void* context,
|
||||
PRInt32 callerDepth);
|
||||
nsPrincipalArray *
|
||||
GetClassPrincipalsFromStack(PRInt32 callerDepth);
|
||||
|
||||
nsPrivilegeTable * getPrivilegeTableFromStack(PRInt32 callerDepth,
|
||||
PRBool createIfNull);
|
||||
nsPrincipalArray *
|
||||
GetClassPrincipalsFromStack(void* context, PRInt32 callerDepth);
|
||||
|
||||
nsPrivilegeTable * getPrivilegeTableFromStack(void* context,
|
||||
PRInt32 callerDepth,
|
||||
PRBool createIfNull);
|
||||
nsPrivilegeTable *
|
||||
GetPrivilegeTableFromStack(PRInt32 callerDepth, PRBool createIfNull);
|
||||
|
||||
/* End of native methods */
|
||||
nsPrivilegeTable *
|
||||
GetPrivilegeTableFromStack(void* context, PRInt32 callerDepth, PRBool createIfNull);
|
||||
|
||||
/* End of native methods */
|
||||
|
||||
private:
|
||||
|
||||
nsHashtable *itsPrinToPrivTable;
|
||||
nsHashtable *itsPrinToMacroTargetPrivTable;
|
||||
nsHashtable *itsPrinNameToPrincipalTable;
|
||||
nsHashtable * itsPrinToPrivTable;
|
||||
nsHashtable * itsPrinToMacroTargetPrivTable;
|
||||
nsHashtable * itsPrinNameToPrincipalTable;
|
||||
|
||||
static PRBool theSecurityInited;
|
||||
static PRBool theSecurityInited;
|
||||
|
||||
static char * SignedAppletDBName;
|
||||
static char * SignedAppletDBName;
|
||||
|
||||
static PRBool theInited;
|
||||
static PRBool theInited;
|
||||
|
||||
/* Private Field Accessors */
|
||||
/* Private Methods */
|
||||
|
||||
/* Private Methods */
|
||||
void
|
||||
AddToPrinNameToPrincipalTable(nsIPrincipal *prin);
|
||||
|
||||
void addToPrinNameToPrincipalTable(nsPrincipal *prin);
|
||||
PRBool
|
||||
EnablePrivilegePrivate(void* context, nsTarget *target, nsIPrincipal *preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
|
||||
PRBool enablePrivilegePrivate(void* context, nsTarget *target,
|
||||
nsPrincipal *preferredPrincipal,
|
||||
PRInt32 callerDepth);
|
||||
nsPermissionState
|
||||
GetPrincipalPrivilege(nsTarget *target, nsPrincipalArray* callerPrinArray, void * data);
|
||||
|
||||
nsPermissionState getPrincipalPrivilege(nsTarget *target,
|
||||
nsPrincipalArray* callerPrinArray,
|
||||
void *data);
|
||||
|
||||
PRBool isPermissionGranted(nsTarget *target,
|
||||
nsPrincipalArray* callerPrinArray,
|
||||
void *data);
|
||||
PRBool
|
||||
IsPermissionGranted(nsTarget *target, nsPrincipalArray* callerPrinArray, void *data);
|
||||
|
||||
|
||||
/* The following methods are used to save and load the persistent store */
|
||||
void save(nsPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
|
||||
void
|
||||
Save(nsIPrincipal *prin, nsTarget *target, nsPrivilege *newPrivilege);
|
||||
|
||||
void load(void);
|
||||
void
|
||||
Load(void);
|
||||
|
||||
};
|
||||
|
||||
|
|
|
@ -25,33 +25,31 @@
|
|||
#include "nsTarget.h"
|
||||
#include "nsPrivilege.h"
|
||||
|
||||
struct nsPrivilegeTable {
|
||||
class nsPrivilegeTable {
|
||||
|
||||
public:
|
||||
|
||||
/* Public Methods */
|
||||
nsPrivilegeTable(void);
|
||||
virtual ~nsPrivilegeTable(void);
|
||||
|
||||
PRInt32 size(void);
|
||||
PRInt32 Size(void);
|
||||
|
||||
PRBool isEmpty(void);
|
||||
PRBool IsEmpty(void);
|
||||
|
||||
virtual nsPrivilege * get(nsTarget *t);
|
||||
virtual nsPrivilege * Get(nsTarget * t);
|
||||
|
||||
nsPrivilege * put(nsTarget *a, nsPrivilege *priv);
|
||||
nsPrivilege * Put(nsTarget * a, nsPrivilege * priv);
|
||||
|
||||
nsPrivilege * remove(nsTarget *key);
|
||||
nsPrivilege * Remove(nsTarget * key);
|
||||
|
||||
nsPrivilegeTable * clone(void);
|
||||
nsPrivilegeTable * Clone(void);
|
||||
|
||||
void clear(void);
|
||||
void Clear(void);
|
||||
|
||||
void Enumerate(nsHashtableEnumFunc aEnumFunc);
|
||||
|
||||
private:
|
||||
|
||||
/* Private Field Accessors */
|
||||
nsHashtable * itsTable;
|
||||
};
|
||||
|
||||
|
|
|
@ -22,11 +22,10 @@
|
|||
#include <string.h>
|
||||
#include "prtypes.h"
|
||||
#include "plhash.h"
|
||||
|
||||
#include "nsHashtable.h"
|
||||
#include "nsVector.h"
|
||||
#include "nsCaps.h"
|
||||
#include "nsPrincipal.h"
|
||||
//#include "nsCaps.h"
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsPrivilege.h"
|
||||
#include "nsUserDialogHelper.h"
|
||||
|
||||
|
@ -49,9 +48,9 @@ extern char* capsGetString(int id);
|
|||
PR_END_EXTERN_C
|
||||
|
||||
|
||||
extern PRBool CreateSystemTargets(nsPrincipal *sysPrin);
|
||||
extern PRBool CreateSystemTargets(nsIPrincipal *sysPrin);
|
||||
|
||||
struct nsTarget {
|
||||
class nsTarget {
|
||||
|
||||
public:
|
||||
|
||||
|
@ -59,84 +58,83 @@ public:
|
|||
|
||||
virtual ~nsTarget(void);
|
||||
|
||||
nsTarget(char *name, nsPrincipal *prin,
|
||||
PRInt32 risk = JavaSecUI_targetRiskHigh(),
|
||||
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
|
||||
char *riskColor = "High",
|
||||
char *description = NULL,
|
||||
char *detailDescription = NULL,
|
||||
char *url = NULL,
|
||||
nsTargetArray* targetArray = NULL)
|
||||
{
|
||||
init(name, prin, targetArray, risk, riskColor, description,
|
||||
detailDescription, url);
|
||||
nsTarget(char *name, nsIPrincipal * prin,
|
||||
PRInt32 risk = JavaSecUI_targetRiskHigh(),
|
||||
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
|
||||
char * riskColor = "High",
|
||||
char * description = NULL,
|
||||
char * detailDescription = NULL,
|
||||
char * url = NULL,
|
||||
nsTargetArray* targetArray = NULL)
|
||||
{
|
||||
this->Init(name, prin, targetArray, risk, riskColor, description, detailDescription, url);
|
||||
}
|
||||
|
||||
nsTarget(char *name, nsPrincipal *prin,
|
||||
PRInt32 risk = JavaSecUI_targetRiskHigh(),
|
||||
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
|
||||
char *riskColor = "High",
|
||||
int desc_id = 0,
|
||||
int detail_desc_id = 0,
|
||||
int help_url_id = 0,
|
||||
nsTargetArray* targetArray = NULL);
|
||||
nsTarget(char *name, nsIPrincipal * prin,
|
||||
PRInt32 risk = JavaSecUI_targetRiskHigh(),
|
||||
/* XXX: char *riskColor = JavaSecUI_getString(CAPS_TARGET_RISK_COLOR_HIGH), */
|
||||
char * riskColor = "High",
|
||||
int desc_id = 0,
|
||||
int detail_desc_id = 0,
|
||||
int help_url_id = 0,
|
||||
nsTargetArray* targetArray = NULL);
|
||||
|
||||
nsTarget * registerTarget(void);
|
||||
nsTarget * RegisterTarget(void);
|
||||
|
||||
nsTarget * registerTarget(void* context);
|
||||
nsTarget * RegisterTarget(void* context);
|
||||
|
||||
static nsTarget * findTarget(nsTarget *target);
|
||||
static nsTarget * FindTarget(nsTarget *target);
|
||||
|
||||
static nsTarget * findTarget(char *name);
|
||||
static nsTarget * FindTarget(char * name);
|
||||
|
||||
static nsTarget * findTarget(char *name, nsPrincipal *prin);
|
||||
static nsTarget * FindTarget(char * name, nsIPrincipal *prin);
|
||||
|
||||
nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray, void *data);
|
||||
nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray, void *data);
|
||||
|
||||
nsPrivilege * checkPrivilegeEnabled(nsTargetArray* prinArray);
|
||||
nsPrivilege * CheckPrivilegeEnabled(nsTargetArray* prinArray);
|
||||
|
||||
nsPrivilege * checkPrivilegeEnabled(nsPrincipal *p, void *data);
|
||||
nsPrivilege * CheckPrivilegeEnabled(nsIPrincipal *p, void *data);
|
||||
|
||||
virtual nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
|
||||
virtual nsPrivilege * EnablePrivilege(nsIPrincipal *prin, void *data);
|
||||
|
||||
nsPrivilege * getPrincipalPrivilege(nsPrincipal *prin, void *data);
|
||||
nsPrivilege * GetPrincipalPrivilege(nsIPrincipal *prin, void *data);
|
||||
|
||||
nsTargetArray* getFlattenedTargetArray(void);
|
||||
nsTargetArray* GetFlattenedTargetArray(void);
|
||||
|
||||
static nsTargetArray* getAllRegisteredTargets(void);
|
||||
static nsTargetArray* GetAllRegisteredTargets(void);
|
||||
|
||||
char * getRisk(void);
|
||||
char * GetRisk(void);
|
||||
|
||||
char * getRiskColor(void);
|
||||
char * GetRiskColor(void);
|
||||
|
||||
char * getDescription(void);
|
||||
char * GetDescription(void);
|
||||
|
||||
char * getDetailDescription(void);
|
||||
char * GetDetailDescription(void);
|
||||
|
||||
static nsTarget * getTargetFromDescription(char *a);
|
||||
static nsTarget * GetTargetFromDescription(char *a);
|
||||
|
||||
char * getHelpURL(void);
|
||||
char * GetHelpURL(void);
|
||||
|
||||
char * getDetailedInfo(void *a);
|
||||
char * GetDetailedInfo(void *a);
|
||||
|
||||
nsPrincipal * getPrincipal(void);
|
||||
nsIPrincipal * GetPrincipal(void);
|
||||
|
||||
char * getName(void);
|
||||
char * GetName(void);
|
||||
|
||||
PRBool equals(nsTarget *a);
|
||||
PRBool Equals(nsTarget *a);
|
||||
|
||||
PRInt32 hashCode(void);
|
||||
PRInt32 HashCode(void);
|
||||
|
||||
char * toString(void);
|
||||
char * ToString(void);
|
||||
|
||||
PRBool isRegistered(void);
|
||||
PRBool IsRegistered(void);
|
||||
|
||||
private:
|
||||
|
||||
/* Private Field Accessors */
|
||||
char * itsName;
|
||||
|
||||
nsPrincipal * itsPrincipal;
|
||||
nsIPrincipal * itsPrincipal;
|
||||
|
||||
PRInt32 itsRisk;
|
||||
|
||||
|
@ -161,9 +159,10 @@ private:
|
|||
static PRBool theInited;
|
||||
|
||||
/* Private Methods */
|
||||
void init(char *name, nsPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk, char *riskColor, char *description, char *detailDescription, char *url);
|
||||
void Init(char *name, nsIPrincipal *prin, nsTargetArray* targetArray, PRInt32 risk,
|
||||
char *riskColor, char *description, char *detailDescription, char *url);
|
||||
|
||||
void getFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
|
||||
void GetFlattenedTargets(nsHashtable *targHash, nsTargetArray* expandedTargetArray);
|
||||
|
||||
};
|
||||
|
||||
|
@ -176,11 +175,11 @@ public:
|
|||
}
|
||||
|
||||
PRUint32 HashValue(void) const {
|
||||
return itsTarget->hashCode();
|
||||
return itsTarget->HashCode();
|
||||
}
|
||||
|
||||
PRBool Equals(const nsHashKey *aKey) const {
|
||||
return (itsTarget->equals(((const TargetKey *) aKey)->itsTarget));
|
||||
return (itsTarget->Equals(((const TargetKey *) aKey)->itsTarget));
|
||||
}
|
||||
|
||||
nsHashKey *Clone(void) const {
|
||||
|
|
|
@ -21,10 +21,9 @@
|
|||
|
||||
|
||||
#include "prtypes.h"
|
||||
|
||||
#include "nsTarget.h"
|
||||
#include "nsPrivilege.h"
|
||||
#include "nsPrincipal.h"
|
||||
//#include "nsPrincipal.h"
|
||||
#include "nsCom.h"
|
||||
|
||||
/* Any methods that is not defined here is in Java */
|
||||
|
@ -37,45 +36,43 @@ public:
|
|||
nsUserTarget(char *name);
|
||||
virtual ~nsUserTarget(void);
|
||||
|
||||
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
|
||||
char *riskColor, char *description,
|
||||
char *detailDescription, char *url)
|
||||
: nsTarget(name, prin, risk, riskColor, description, detailDescription,
|
||||
url, NULL)
|
||||
{
|
||||
}
|
||||
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
|
||||
char *riskColor, char *description,
|
||||
char *detailDescription, char *url)
|
||||
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, NULL)
|
||||
{
|
||||
}
|
||||
|
||||
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
|
||||
char *riskColor, char *description,
|
||||
char *detailDescription, char *url,
|
||||
nsTargetArray *targetArray)
|
||||
: nsTarget(name, prin, risk, riskColor, description, detailDescription,
|
||||
url, targetArray)
|
||||
{
|
||||
}
|
||||
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
|
||||
char *riskColor, char *description,
|
||||
char *detailDescription, char *url,
|
||||
nsTargetArray *targetArray)
|
||||
: nsTarget(name, prin, risk, riskColor, description, detailDescription, url, targetArray)
|
||||
{
|
||||
}
|
||||
|
||||
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
|
||||
char *riskColor,
|
||||
int desc_id,
|
||||
int detail_desc_id,
|
||||
int help_url_id)
|
||||
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
|
||||
help_url_id, NULL)
|
||||
{
|
||||
}
|
||||
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
|
||||
char *riskColor,
|
||||
int desc_id,
|
||||
int detail_desc_id,
|
||||
int help_url_id)
|
||||
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
|
||||
help_url_id, NULL)
|
||||
{
|
||||
}
|
||||
|
||||
nsUserTarget(char *name, nsPrincipal *prin, PRInt32 risk,
|
||||
char *riskColor,
|
||||
int desc_id,
|
||||
int detail_desc_id,
|
||||
int help_url_id,
|
||||
nsTargetArray *targetArray)
|
||||
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
|
||||
help_url_id, targetArray)
|
||||
{
|
||||
}
|
||||
nsUserTarget(char *name, nsIPrincipal * prin, PRInt32 risk,
|
||||
char *riskColor,
|
||||
int desc_id,
|
||||
int detail_desc_id,
|
||||
int help_url_id,
|
||||
nsTargetArray *targetArray)
|
||||
: nsTarget(name, prin, risk, riskColor, desc_id, detail_desc_id,
|
||||
help_url_id, targetArray)
|
||||
{
|
||||
}
|
||||
|
||||
nsPrivilege * enablePrivilege(nsPrincipal *prin, void *data);
|
||||
nsPrivilege * EnablePrivilege(nsIPrincipal * prin, void *data);
|
||||
|
||||
private:
|
||||
|
||||
|
|
Двоичные данные
caps/macbuild/Caps.mcp
Двоичные данные
caps/macbuild/Caps.mcp
Двоичный файл не отображается.
Двоичные данные
caps/macbuild/CapsIDL.mcp
Двоичные данные
caps/macbuild/CapsIDL.mcp
Двоичный файл не отображается.
|
@ -23,9 +23,9 @@ VPATH = @srcdir@
|
|||
|
||||
include $(DEPTH)/config/autoconf.mk
|
||||
|
||||
EXPORTS = \
|
||||
nsICapsManager.h \
|
||||
nsCapsPublicEnums.h \
|
||||
EXPORTS = \
|
||||
nsICapsManager.h \
|
||||
nsCapsPublicEnums.h \
|
||||
$(NULL)
|
||||
|
||||
EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))
|
||||
|
|
|
@ -28,9 +28,9 @@ IGNORE_MANIFEST=1
|
|||
|
||||
MODULE=caps
|
||||
DEPTH=..\..
|
||||
EXPORTS= \
|
||||
nsICapsManager.h \
|
||||
nsCapsPublicEnums.h
|
||||
EXPORTS= \
|
||||
nsICapsManager.h \
|
||||
nsCapsPublicEnums.h
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1,81 +0,0 @@
|
|||
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/*
|
||||
* The contents of this file are subject to the Netscape Public License
|
||||
* Version 1.0 (the "NPL"); you may not use this file except in
|
||||
* compliance with the NPL. You may obtain a copy of the NPL at
|
||||
* http://www.mozilla.org/NPL/
|
||||
*
|
||||
* Software distributed under the NPL is distributed on an "AS IS" basis,
|
||||
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
|
||||
* for the specific language governing rights and limitations under the
|
||||
* NPL.
|
||||
*
|
||||
* The Initial Developer of this code under the NPL is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
|
||||
* Reserved.
|
||||
*/
|
||||
|
||||
#ifndef _NS_CAPS_PUBLIC_ENUMS_H_
|
||||
#define _NS_CAPS_PUBLIC_ENUMS_H_
|
||||
|
||||
|
||||
enum nsPermission {
|
||||
nsPermission_Unknown,
|
||||
nsPermission_AllowedSession,
|
||||
nsPermission_DeniedSession,
|
||||
nsPermission_AllowedForever,
|
||||
nsPermission_DeniedForever
|
||||
};
|
||||
|
||||
/**
|
||||
* number of possible permissions (allowed, forbidden, or blank)
|
||||
*
|
||||
* The code in nsPrivilegeInitialize assumes that nsPermissionState
|
||||
* are ordered sequentially from 0 to N.
|
||||
*
|
||||
*/
|
||||
typedef enum nsPermissionState {
|
||||
nsPermissionState_Forbidden = 0,
|
||||
nsPermissionState_Allowed,
|
||||
nsPermissionState_Blank,
|
||||
nsPermissionState_NumberOfPermissions
|
||||
} nsPermissionState;
|
||||
|
||||
/**
|
||||
* number of possible durations (scope, session, or forever)
|
||||
*
|
||||
* The code in nsPrivilegeInitialize assumes that nsDurationState
|
||||
* are ordered sequentially from 0 to N.
|
||||
*
|
||||
*/
|
||||
typedef enum nsDurationState {
|
||||
nsDurationState_Scope=0,
|
||||
nsDurationState_Session,
|
||||
nsDurationState_Forever,
|
||||
nsDurationState_NumberOfDurations
|
||||
} nsDurationState;
|
||||
|
||||
|
||||
typedef enum nsSetComparisonType {
|
||||
nsSetComparisonType_ProperSubset=-1,
|
||||
nsSetComparisonType_Equal=0,
|
||||
nsSetComparisonType_NoSubset=1
|
||||
} nsSetComparisonType;
|
||||
|
||||
|
||||
/* The following should match what is in nsJVM plugin's java security code */
|
||||
typedef enum nsPrincipalType {
|
||||
nsPrincipalType_Unknown=-1,
|
||||
nsPrincipalType_CodebaseExact=10,
|
||||
nsPrincipalType_CodebaseRegexp,
|
||||
nsPrincipalType_Cert,
|
||||
nsPrincipalType_CertFingerPrint,
|
||||
nsPrincipalType_CertKey,
|
||||
/* CertChain principal is being added for Javasoft's JVM. They will pass the
|
||||
* whole chain to the nsPrincipal constructor.
|
||||
*/
|
||||
nsPrincipalType_CertChain
|
||||
} nsPrincipalType;
|
||||
|
||||
#endif /* _NS_CAPS_PUBLIC_ENUMS_H_ */
|
|
@ -23,10 +23,11 @@
|
|||
#include "nsIFactory.h"
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsCapsPublicEnums.h"
|
||||
|
||||
class nsITarget;
|
||||
#include "nsTarget.h"
|
||||
//class nsITarget;
|
||||
class nsICapsSecurityCallbacks;
|
||||
|
||||
|
||||
#define NS_ALL_PRIVILEGES ((nsITarget*)NULL)
|
||||
|
||||
|
||||
|
@ -80,9 +81,10 @@ public:
|
|||
* @param codebaseURL - the codebase URL
|
||||
* @param prin - the return value is passed in this parameter.
|
||||
*/
|
||||
/*
|
||||
NS_IMETHOD
|
||||
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin) = 0;
|
||||
|
||||
*/
|
||||
|
||||
/**
|
||||
* Returns the permission for given principal and target
|
||||
|
@ -92,7 +94,7 @@ public:
|
|||
* @param state - the return value is passed in this parameter.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state) = 0;
|
||||
GetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *state) = 0;
|
||||
|
||||
/**
|
||||
* Set the permission state for given principal and target. This wouldn't
|
||||
|
@ -104,7 +106,7 @@ public:
|
|||
* and target parameters.
|
||||
*/
|
||||
NS_IMETHOD
|
||||
SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state) = 0;
|
||||
SetPermission(nsIPrincipal* prin, nsTarget * target, nsPermission state) = 0;
|
||||
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the given principal and
|
||||
|
@ -116,7 +118,7 @@ public:
|
|||
* target
|
||||
*/
|
||||
NS_IMETHOD
|
||||
AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result) = 0;
|
||||
AskPermission(nsIPrincipal* prin, nsTarget * target, nsPermission *result) = 0;
|
||||
|
||||
|
||||
/*
|
||||
|
@ -147,8 +149,8 @@ public:
|
|||
* @param prin - is either certificate principal or codebase principal
|
||||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_IMETHOD
|
||||
RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
|
||||
// NS_IMETHOD
|
||||
// RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
|
||||
|
||||
/**
|
||||
* Prompts the user if they want to grant permission for the principal located
|
||||
|
@ -221,22 +223,22 @@ public:
|
|||
|
||||
|
||||
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
|
||||
|
||||
/*
|
||||
NS_IMETHOD
|
||||
NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result) = 0;
|
||||
|
||||
NS_IMETHOD
|
||||
IsCodebaseExact(nsIPrincipal* principal, PRBool *result) = 0;
|
||||
|
||||
*/
|
||||
NS_IMETHOD
|
||||
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result) = 0;
|
||||
|
||||
/*
|
||||
NS_IMETHOD
|
||||
ToString(nsIPrincipal* principal, char* *result) = 0;
|
||||
|
||||
NS_IMETHOD
|
||||
GetVendor(nsIPrincipal* principal, char* *result) = 0;
|
||||
|
||||
*/
|
||||
NS_IMETHOD
|
||||
NewPrincipalArray(PRUint32 count, void* *result) = 0;
|
||||
|
||||
|
|
|
@ -27,23 +27,21 @@ MODULE = caps
|
|||
|
||||
LIBRARY_NAME = caps
|
||||
|
||||
CPPSRCS = \
|
||||
nsUserDialogHelper.cpp \
|
||||
nsZig.cpp \
|
||||
nsPrincipal.cpp \
|
||||
CPPSRCS = \
|
||||
admin.cpp \
|
||||
nsCaps.cpp \
|
||||
nsCCapsManager.cpp \
|
||||
nsCCapsManagerFactory.cpp \
|
||||
nsCertificatePrincipal.cpp \
|
||||
nsCodebasePrincipal.cpp \
|
||||
nsPrivilege.cpp \
|
||||
nsPrivilegeManager.cpp \
|
||||
nsPrivilegeTable.cpp \
|
||||
nsSystemPrivilegeTable.cpp \
|
||||
nsTarget.cpp \
|
||||
nsUserDialogHelper.cpp \
|
||||
nsUserTarget.cpp \
|
||||
admin.cpp \
|
||||
nsCaps.cpp \
|
||||
nsCCapsManager.cpp \
|
||||
nsCertificatePrincipal.cpp \
|
||||
nsCodebasePrincipal.cpp \
|
||||
nsCCapsManagerFactory.cpp \
|
||||
nsCCodeSourcePrincipal.cpp \
|
||||
nsZig.cpp \
|
||||
$(NULL)
|
||||
|
||||
REQUIRES = nspr xpcom security layer js jar pref img util rdf caps
|
||||
|
@ -52,10 +50,10 @@ ifndef MOZ_NATIVE_ZLIB
|
|||
REQUIRES += zlib
|
||||
endif
|
||||
|
||||
CSRCS = \
|
||||
nsZip.c \
|
||||
nsLoadZig.c \
|
||||
CSRCS = \
|
||||
jpermission.c \
|
||||
nsLoadZig.c \
|
||||
nsZip.c \
|
||||
$(NULL)
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
|
|
@ -21,15 +21,12 @@
|
|||
#include "prmem.h"
|
||||
#include "prmon.h"
|
||||
#include "prlog.h"
|
||||
|
||||
#include "admin.h"
|
||||
#include "nsPrivilegeManager.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif /* __cplusplus */
|
||||
|
||||
|
||||
/*
|
||||
* A D M I N U I A P I
|
||||
*
|
||||
|
@ -40,8 +37,8 @@ extern "C" {
|
|||
PR_PUBLIC_API(const char *)
|
||||
java_netscape_security_getPrincipals(const char *charSetName)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
const char *prins = nsPrivManager->getAllPrincipalsString();
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
const char *prins = nsPrivManager->GetAllPrincipalsString();
|
||||
PRBool test_admin_api = PR_FALSE;
|
||||
if (test_admin_api) {
|
||||
char *a1;
|
||||
|
@ -57,25 +54,24 @@ java_netscape_security_getPrincipals(const char *charSetName)
|
|||
PR_PUBLIC_API(PRBool)
|
||||
java_netscape_security_removePrincipal(const char *charSetName, char *prinName)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
return nsPrivManager->removePrincipal(prinName);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return nsPrivManager->RemovePrincipal(prinName);
|
||||
}
|
||||
|
||||
PR_PUBLIC_API(void)
|
||||
java_netscape_security_getPrivilegeDescs(const char *charSetName, char *prinName,
|
||||
char** forever, char** session,
|
||||
char **denied)
|
||||
char** forever, char** session, char **denied)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
nsPrivManager->getTargetsWithPrivileges(prinName, forever, session, denied);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
nsPrivManager->GetTargetsWithPrivileges(prinName, forever, session, denied);
|
||||
}
|
||||
|
||||
PR_PUBLIC_API(PRBool)
|
||||
java_netscape_security_removePrivilege(const char *charSetName, char *prinName,
|
||||
char *targetName)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
return nsPrivManager->removePrincipalsPrivilege(prinName, targetName);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return nsPrivManager->RemovePrincipalsPrivilege(prinName, targetName);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -49,29 +49,27 @@ DLL=.\$(OBJDIR)\$(DLLNAME).dll
|
|||
#//------------------------------------------------------------------------
|
||||
|
||||
C_OBJS= \
|
||||
.\$(OBJDIR)\nsZip.obj \
|
||||
.\$(OBJDIR)\nsLoadZig.obj \
|
||||
.\$(OBJDIR)\jpermission.obj \
|
||||
.\$(OBJDIR)\nsLoadZig.obj \
|
||||
.\$(OBJDIR)\nsZip.obj \
|
||||
$(NULL)
|
||||
|
||||
|
||||
CPP_OBJS= \
|
||||
CPP_OBJS= \
|
||||
.\$(OBJDIR)\admin.obj \
|
||||
.\$(OBJDIR)\nsCaps.obj \
|
||||
.\$(OBJDIR)\nsCCapsManager.obj \
|
||||
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
|
||||
.\$(OBJDIR)\nsCertificatePrincipal.obj \
|
||||
.\$(OBJDIR)\nsCodebasePrincipal.obj \
|
||||
.\$(OBJDIR)\nsUserDialogHelper.obj \
|
||||
.\$(OBJDIR)\nsZig.obj \
|
||||
.\$(OBJDIR)\nsPrincipal.obj \
|
||||
.\$(OBJDIR)\nsPrivilege.obj \
|
||||
.\$(OBJDIR)\nsPrivilegeManager.obj \
|
||||
.\$(OBJDIR)\nsPrivilegeTable.obj \
|
||||
.\$(OBJDIR)\nsSystemPrivilegeTable.obj \
|
||||
.\$(OBJDIR)\nsTarget.obj \
|
||||
.\$(OBJDIR)\nsUserTarget.obj \
|
||||
.\$(OBJDIR)\admin.obj \
|
||||
.\$(OBJDIR)\nsCaps.obj \
|
||||
.\$(OBJDIR)\nsCCapsManager.obj \
|
||||
.\$(OBJDIR)\nsCertificatePrincipal.obj \
|
||||
.\$(OBJDIR)\nsCodebasePrincipal.obj \
|
||||
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
|
||||
.\$(OBJDIR)\nsCCodeSourcePrincipal.obj \
|
||||
.\$(OBJDIR)\nsZig.obj \
|
||||
$(NULL)
|
||||
|
||||
|
||||
|
|
|
@ -18,16 +18,12 @@
|
|||
#include "nsIComponentManager.h"
|
||||
#include "nsCapsEnums.h"
|
||||
#include "nsCCapsManager.h"
|
||||
#include "nsICodebasePrincipal.h"
|
||||
#include "nsICertificatePrincipal.h"
|
||||
#include "nsCodebasePrincipal.h"
|
||||
#include "nsCertificatePrincipal.h"
|
||||
#include "nsCCodeSourcePrincipal.h"
|
||||
#include "nsCaps.h"
|
||||
#include "nsICapsSecurityCallbacks.h"
|
||||
#include "nsLoadZig.h"
|
||||
#include "secnav.h"
|
||||
|
||||
#ifdef MOZ_SECURITY
|
||||
#include "navhook.h"
|
||||
#include "jarutil.h"
|
||||
|
@ -39,11 +35,6 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
|
|||
|
||||
#define ALL_JAVA_PERMISSION "AllJavaPermission"
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports and AggregatedQueryInterface:
|
||||
|
||||
// Thes macro expands to the aggregated query interface scheme.
|
||||
|
||||
NS_IMPL_AGGREGATED(nsCCapsManager);
|
||||
|
||||
NS_METHOD
|
||||
|
@ -73,7 +64,7 @@ nsCCapsManager::CreateCodebasePrincipal(const char *codebaseURL,
|
|||
{
|
||||
nsresult result = NS_OK;
|
||||
nsCodebasePrincipal *pNSCCodebasePrincipal =
|
||||
new nsCodebasePrincipal(codebaseURL, &result);
|
||||
new nsCodebasePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact, codebaseURL);
|
||||
if (pNSCCodebasePrincipal == NULL)
|
||||
{
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
@ -91,7 +82,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
|
|||
{
|
||||
nsresult result = NS_OK;
|
||||
nsCertificatePrincipal *pNSCCertPrincipal =
|
||||
new nsCertificatePrincipal(certChain, certChainLengths, noOfCerts, &result);
|
||||
new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,
|
||||
certChain, certChainLengths, noOfCerts, &result);
|
||||
if (pNSCCertPrincipal == NULL)
|
||||
{
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
@ -100,7 +92,8 @@ nsCCapsManager::CreateCertPrincipal(const unsigned char **certChain,
|
|||
*prin = (nsIPrincipal *)pNSCCertPrincipal;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
//code source prins are deprecated, use codebase of certificate prins instead
|
||||
/*
|
||||
NS_METHOD
|
||||
nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
|
||||
PRUint32 *certChainLengths,
|
||||
|
@ -120,7 +113,7 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
|
|||
*prin = (nsIPrincipal *)pNSCCodeSourcePrincipal;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
*/
|
||||
|
||||
|
||||
/**
|
||||
|
@ -131,32 +124,17 @@ nsCCapsManager::CreateCodeSourcePrincipal(const unsigned char **certChain,
|
|||
* @param state - the return value is passed in this parameter.
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
|
||||
nsITarget* ignoreTarget,
|
||||
nsPermission *state)
|
||||
nsCCapsManager::GetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
|
||||
{
|
||||
*state = nsPermission_Unknown;
|
||||
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK)
|
||||
{
|
||||
return result;
|
||||
}
|
||||
|
||||
nsPrivilege* privilege =
|
||||
m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal,
|
||||
NULL);
|
||||
*state = ConvertPrivilegeToPermission(privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
*state = nsPermission_Unknown;
|
||||
nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL ) return NS_OK;
|
||||
if (privilegeManager != NULL) {
|
||||
nsPrivilege* privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
|
||||
* state = this->ConvertPrivilegeToPermission(privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -169,28 +147,15 @@ nsCCapsManager::GetPermission(nsIPrincipal* pNSIPrincipal,
|
|||
* and target parameters.
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal,
|
||||
nsITarget* ignoreTarget,
|
||||
nsPermission state)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK)
|
||||
{
|
||||
return result;
|
||||
}
|
||||
nsPrivilege* privilege = ConvertPermissionToPrivilege(state);
|
||||
m_pNSPrivilegeManager->SetPermission(pNSPrincipal, target, privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
nsCCapsManager::SetPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission state)
|
||||
{
|
||||
nsTarget * target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
|
||||
if(target == NULL ) return NS_OK;
|
||||
if (privilegeManager != NULL) {
|
||||
nsPrivilege* privilege = this->ConvertPermissionToPrivilege(state);
|
||||
privilegeManager->SetPermission(prin, target, privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -203,32 +168,19 @@ nsCCapsManager::SetPermission(nsIPrincipal* pNSIPrincipal,
|
|||
* target
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal,
|
||||
nsITarget* ignoreTarget,
|
||||
nsPermission *state)
|
||||
nsCCapsManager::AskPermission(nsIPrincipal * prin, nsTarget * ignoreTarget, nsPermission * state)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget(ALL_JAVA_PERMISSION);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*state = nsPermission_Unknown;
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK)
|
||||
{
|
||||
return result;
|
||||
}
|
||||
m_pNSPrivilegeManager->AskPermission(pNSPrincipal,target, NULL);
|
||||
nsPrivilege* privilege =
|
||||
m_pNSPrivilegeManager->getPrincipalPrivilege(target, pNSPrincipal,
|
||||
NULL);
|
||||
*state = ConvertPrivilegeToPermission(privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
nsTarget *target = nsTarget::FindTarget(ALL_JAVA_PERMISSION);
|
||||
if( target == NULL ) {
|
||||
*state = nsPermission_Unknown;
|
||||
return NS_OK;
|
||||
}
|
||||
if (privilegeManager != NULL) {
|
||||
privilegeManager->AskPermission(prin, target, NULL);
|
||||
nsPrivilege * privilege = privilegeManager->GetPrincipalPrivilege(target, prin, NULL);
|
||||
*state = ConvertPrivilegeToPermission(privilege);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -238,23 +190,22 @@ nsCCapsManager::AskPermission(nsIPrincipal* pNSIPrincipal,
|
|||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::Initialize(PRBool *result)
|
||||
nsCCapsManager::Initialize(PRBool * result)
|
||||
{
|
||||
*result = nsCapsInitialize();
|
||||
return NS_OK;
|
||||
*result = nsCapsInitialize();
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes the capabilities frame walking code.
|
||||
*
|
||||
* @param aInterface - interface for calling frame walking code.
|
||||
*/
|
||||
* Initializes the capabilities frame walking code.
|
||||
*
|
||||
* @param aInterface - interface for calling frame walking code.
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
|
||||
{
|
||||
//XXX write me
|
||||
|
||||
return NS_OK;
|
||||
//XXX write me
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -264,20 +215,10 @@ nsCCapsManager::InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface)
|
|||
* @param result - is true if principal was successfully registered with the system
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
|
||||
nsCCapsManager::RegisterPrincipal(nsIPrincipal * prin)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK)
|
||||
{
|
||||
return result;
|
||||
}
|
||||
m_pNSPrivilegeManager->registerPrincipal(pNSPrincipal);
|
||||
}
|
||||
return NS_OK;
|
||||
if (privilegeManager != NULL) privilegeManager->RegisterPrincipal(prin);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -294,17 +235,15 @@ nsCCapsManager::RegisterPrincipal(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
|
|||
NS_METHOD
|
||||
nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget((char*)targetName);
|
||||
nsTarget *target = nsTarget::FindTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
*ret_val = m_pNSPrivilegeManager->enablePrivilege(context, target, callerDepth);
|
||||
}
|
||||
if (privilegeManager != NULL)
|
||||
*ret_val = privilegeManager->EnablePrivilege(context, target, callerDepth);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -322,16 +261,16 @@ nsCCapsManager::EnablePrivilege(void* context, const char* targetName, PRInt32 c
|
|||
NS_METHOD
|
||||
nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget((char*)targetName);
|
||||
nsTarget *target = nsTarget::FindTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
if (privilegeManager != NULL)
|
||||
{
|
||||
*ret_val = m_pNSPrivilegeManager->isPrivilegeEnabled(context, target, callerDepth);
|
||||
*ret_val = privilegeManager->IsPrivilegeEnabled(context, target, callerDepth);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -350,18 +289,15 @@ nsCCapsManager::IsPrivilegeEnabled(void* context, const char* targetName, PRInt3
|
|||
NS_METHOD
|
||||
nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
*ret_val = m_pNSPrivilegeManager->revertPrivilege(context, target, callerDepth);
|
||||
}
|
||||
return NS_OK;
|
||||
nsTarget *target = nsTarget::FindTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL ) {
|
||||
* ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (privilegeManager != NULL)
|
||||
* ret_val = privilegeManager->RevertPrivilege(context, target, callerDepth);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -378,18 +314,15 @@ nsCCapsManager::RevertPrivilege(void* context, const char* targetName, PRInt32 c
|
|||
NS_METHOD
|
||||
nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *ret_val)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
*ret_val = m_pNSPrivilegeManager->disablePrivilege(context, target, callerDepth);
|
||||
}
|
||||
return NS_OK;
|
||||
nsTarget *target = nsTarget::FindTarget((char*)targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL ) {
|
||||
* ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
if (privilegeManager != NULL)
|
||||
* ret_val = privilegeManager->DisablePrivilege(context, target, callerDepth);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
|
@ -399,83 +332,68 @@ nsCCapsManager::DisablePrivilege(void* context, const char* targetName, PRInt32
|
|||
NS_METHOD
|
||||
nsCCapsManager::ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *ret_val)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = nsSetComparisonType_NoSubset;
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipalArray *newPrin1Array=NULL;
|
||||
nsPrincipalArray *newPrin2Array=NULL;
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
*ret_val = m_pNSPrivilegeManager->comparePrincipalArray(newPrin1Array, newPrin2Array);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = nsSetComparisonType_NoSubset;
|
||||
if (privilegeManager != NULL) {
|
||||
nsPrincipalArray * newPrin1Array=NULL;
|
||||
nsPrincipalArray * newPrin2Array=NULL;
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
|
||||
if (result != NS_OK) return result;
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
|
||||
if (result != NS_OK) return result;
|
||||
*ret_val = privilegeManager->ComparePrincipalArray(newPrin1Array, newPrin2Array);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_METHOD
|
||||
nsCCapsManager::IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *ret_val)
|
||||
nsCCapsManager::IntersectPrincipalArray(void * prin1Array, void * prin2Array, void * * ret_val)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = NULL;
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipalArray *newPrin1Array=NULL;
|
||||
nsPrincipalArray *newPrin2Array=NULL;
|
||||
nsPrincipalArray *intersectPrinArray=NULL;
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
intersectPrinArray = m_pNSPrivilegeManager->intersectPrincipalArray(newPrin1Array,
|
||||
newPrin2Array);
|
||||
CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = NULL;
|
||||
if (privilegeManager != NULL) {
|
||||
nsPrincipalArray *newPrin1Array=NULL;
|
||||
nsPrincipalArray *newPrin2Array=NULL;
|
||||
nsPrincipalArray *intersectPrinArray=NULL;
|
||||
result = this->GetNSPrincipalArray((nsPrincipalArray*) prin1Array, &newPrin1Array);
|
||||
if (result != NS_OK) return result;
|
||||
result = this->GetNSPrincipalArray((nsPrincipalArray*) prin2Array, &newPrin2Array);
|
||||
if (result != NS_OK) return result;
|
||||
intersectPrinArray = privilegeManager->IntersectPrincipalArray(newPrin1Array, newPrin2Array);
|
||||
this->CreateNSPrincipalArray(intersectPrinArray, (nsPrincipalArray**)ret_val);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_METHOD
|
||||
nsCCapsManager::CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *ret_val)
|
||||
nsCCapsManager::CanExtendTrust(void * fromPrinArray, void * toPrinArray, PRBool * ret_val)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = nsSetComparisonType_NoSubset;
|
||||
if (m_pNSPrivilegeManager != NULL)
|
||||
{
|
||||
nsPrincipalArray *newPrin1Array=NULL;
|
||||
nsPrincipalArray *newPrin2Array=NULL;
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
result = GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
|
||||
if (result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
*ret_val = m_pNSPrivilegeManager->canExtendTrust(newPrin1Array, newPrin2Array);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
nsresult result = NS_OK;
|
||||
*ret_val = nsSetComparisonType_NoSubset;
|
||||
if (privilegeManager != NULL) {
|
||||
nsPrincipalArray *newPrin1Array=NULL;
|
||||
nsPrincipalArray *newPrin2Array=NULL;
|
||||
result = this->GetNSPrincipalArray((nsPrincipalArray*) fromPrinArray, &newPrin1Array);
|
||||
if (result != NS_OK) return result;
|
||||
result = this->GetNSPrincipalArray((nsPrincipalArray*) toPrinArray, &newPrin2Array);
|
||||
if (result != NS_OK) return result;
|
||||
*ret_val = privilegeManager->CanExtendTrust(newPrin1Array, newPrin2Array);
|
||||
nsCapsFreePrincipalArray(newPrin1Array);
|
||||
nsCapsFreePrincipalArray(newPrin2Array);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
|
||||
|
||||
/**************
|
||||
//Principals must be created by type, the nsPrincipal data member is deprecated
|
||||
NS_METHOD
|
||||
nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
|
||||
nsCCapsManager::NewPrincipal(PRInt16 *principalType, void* key, PRUint32 key_len, void *zig, nsIPrincipal** ret_val)
|
||||
{
|
||||
nsIPrincipal* pNSIPrincipal;
|
||||
nsPrincipal *pNSPrincipal = new nsPrincipal(type, key, key_len, zig);
|
||||
|
@ -487,9 +405,14 @@ nsCCapsManager::NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len,
|
|||
*ret_val = pNSIPrincipal;
|
||||
return NS_OK;
|
||||
}
|
||||
*********************/
|
||||
//XXX: todo: This method is covered by to nsIPrincipal object, should not be part of caps
|
||||
//XXX: nsPrincipal struct if deprecated, access as nsIPrincipal
|
||||
//do not use IsCodebaseExact, Tostring, or any other of the principal specific objects from here
|
||||
|
||||
/*
|
||||
NS_METHOD
|
||||
nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
|
||||
nsCCapsManager::IsCodebaseExact(nsIPrincipal * pNSIPrincipal, PRBool *ret_val)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
|
@ -499,25 +422,25 @@ nsCCapsManager::IsCodebaseExact(nsIPrincipal* pNSIPrincipal, PRBool *ret_val)
|
|||
return result;
|
||||
}
|
||||
*ret_val = pNSPrincipal->isCodebaseExact();
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
*/
|
||||
|
||||
/*
|
||||
NS_METHOD
|
||||
nsCCapsManager::ToString(nsIPrincipal* pNSIPrincipal, char* *ret_val)
|
||||
nsCCapsManager::ToString(nsIPrincipal* prin, char* *ret_val)
|
||||
{
|
||||
nsresult result = NS_OK;
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
nsIPrincipal *temp = NULL;
|
||||
*ret_val = NULL;
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK) {
|
||||
return result;
|
||||
}
|
||||
*ret_val = pNSPrincipal->toString();
|
||||
|
||||
result = GetNSPrincipal(prin, &temp);
|
||||
if( result != NS_OK) return result;
|
||||
*ret_val = temp->ToString();
|
||||
return NS_OK;
|
||||
}
|
||||
*/
|
||||
|
||||
/*
|
||||
NS_METHOD
|
||||
nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
|
||||
{
|
||||
|
@ -529,9 +452,9 @@ nsCCapsManager::GetVendor(nsIPrincipal* pNSIPrincipal, char* *ret_val)
|
|||
return result;
|
||||
}
|
||||
*ret_val = pNSPrincipal->getVendor();
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
*/
|
||||
|
||||
NS_METHOD
|
||||
nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
|
||||
|
@ -547,86 +470,51 @@ nsCCapsManager::NewPrincipalArray(PRUint32 count, void* *ret_val)
|
|||
NS_METHOD
|
||||
nsCCapsManager::CreateMixedPrincipalArray(void *aZig, char* name, const char* codebase, void** result)
|
||||
{
|
||||
*result = NULL;
|
||||
PRBool hasCodebase;
|
||||
int i;
|
||||
PRUint32 count;
|
||||
nsIPrincipal *principal;
|
||||
|
||||
hasCodebase = (PRBool)codebase;
|
||||
|
||||
/* First count the number of principals */
|
||||
count = codebase ? 1 : 0;
|
||||
|
||||
//Should possibly be #ifdef MOZ_SECURITY but I don't want to break the sec build
|
||||
/*
|
||||
*result = NULL;
|
||||
PRBool hasCodebase;
|
||||
int i;
|
||||
PRUint32 count;
|
||||
nsIPrincipal *principal;
|
||||
hasCodebase = (PRBool)codebase;
|
||||
count = codebase ? 1 : 0;
|
||||
#if 0
|
||||
SOBITEM *item;
|
||||
ZIG_Context * zig_aCx = NULL;
|
||||
ZIG *zig = (ZIG*)aZig;
|
||||
|
||||
if (zig && name) {
|
||||
/* Make sure file is signed */
|
||||
if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
|
||||
int zig_count=0;
|
||||
/* count the number of signers */
|
||||
while (SOB_find_next(zig_aCx, &item) >= 0) {
|
||||
zig_count++;
|
||||
}
|
||||
SOB_find_end(zig_aCx);
|
||||
count += zig_count;
|
||||
}
|
||||
else {
|
||||
zig = NULL;
|
||||
}
|
||||
}
|
||||
SOBITEM *item;
|
||||
ZIG_Context * zig_aCx = NULL;
|
||||
ZIG *zig = (ZIG*)aZig;
|
||||
if (zig && name) {
|
||||
if ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) != NULL) {
|
||||
int zig_count=0;
|
||||
while (SOB_find_next(zig_aCx, &item) >= 0) zig_count++;
|
||||
SOB_find_end(zig_aCx);
|
||||
count += zig_count;
|
||||
} else zig = NULL;
|
||||
}
|
||||
#endif
|
||||
if (count == 0) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NewPrincipalArray(count, result);
|
||||
|
||||
if (*result == NULL) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
if (count == 0) return NS_OK;
|
||||
NewPrincipalArray(count, result);
|
||||
if (*result == NULL) return NS_ERROR_FAILURE;
|
||||
#if 0
|
||||
if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
i = 0;
|
||||
while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
|
||||
FINGERZIG *fingPrint;
|
||||
|
||||
fingPrint = (FINGERZIG *) item->data;
|
||||
|
||||
/* create a new nsIPrincipal(CERT_KEY, fingPrint->key) */
|
||||
NewPrincipal(nsPrincipalType_CertKey,
|
||||
fingPrint->key,
|
||||
fingPrint->length,
|
||||
zig,
|
||||
&principal);
|
||||
RegisterPrincipal(principal, NULL);
|
||||
SetPrincipalArrayElement(*result, i++, principal);
|
||||
}
|
||||
|
||||
if (zig) {
|
||||
SOB_find_end(zig_aCx);
|
||||
}
|
||||
if (zig && ((zig_aCx = SOB_find(zig, name, ZIG_SIGN)) == NULL)) return NS_ERROR_FAILURE;
|
||||
i = 0;
|
||||
while (zig && SOB_find_next(zig_aCx, &item) >= 0) {
|
||||
FINGERZIG *fingPrint;
|
||||
fingPrint = (FINGERZIG *) item->data;
|
||||
this->NewPrincipal(nsPrincipal::PrincipalType_CertificateKey, fingPrint->key,
|
||||
fingPrint->length, zig, &principal);
|
||||
RegisterPrincipal(principal, NULL);
|
||||
SetPrincipalArrayElement(*result, i++, principal);
|
||||
}
|
||||
if (zig) SOB_find_end(zig_aCx);
|
||||
#endif
|
||||
|
||||
if (codebase) {
|
||||
// Add a codebase principal.
|
||||
NewPrincipal(nsPrincipalType_CodebaseExact,
|
||||
(void*)codebase,
|
||||
PL_strlen(codebase),
|
||||
NULL,
|
||||
&principal);
|
||||
RegisterPrincipal(principal, NULL);
|
||||
SetPrincipalArrayElement(*result, i++, principal);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
if (codebase) {
|
||||
this->NewPrincipal(nsIPrincipal::PrincipalType_CodebaseExact, (void*)codebase,
|
||||
PL_strlen(codebase), NULL, &principal);
|
||||
RegisterPrincipal(principal, NULL);
|
||||
SetPrincipalArrayElement(*result, i++, principal);
|
||||
}
|
||||
*/
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_METHOD
|
||||
|
@ -639,14 +527,19 @@ nsCCapsManager::FreePrincipalArray(void *prinArray)
|
|||
NS_METHOD
|
||||
nsCCapsManager::GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *ret_val)
|
||||
{
|
||||
//method is deprecated, Principals must be accessed and indexed as nsIPrincipals, not by data member
|
||||
/*
|
||||
nsIPrincipal* pNSIPrincipal;
|
||||
nsPrincipal *pNSPrincipal = (nsPrincipal *)nsCapsGetPrincipalArrayElement(prinArrayArg, index);
|
||||
if (pNSPrincipal->isCodebase()) {
|
||||
pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal);
|
||||
} else {
|
||||
(pNSPrincipal->isCodebase()) ?
|
||||
pNSIPrincipal = (nsIPrincipal*)new nsCodebasePrincipal(pNSPrincipal)
|
||||
:
|
||||
pNSIPrincipal = (nsIPrincipal*)new nsCertificatePrincipal(pNSPrincipal);
|
||||
}
|
||||
|
||||
*ret_val = pNSIPrincipal;
|
||||
*/
|
||||
*ret_val = NULL;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -665,49 +558,37 @@ nsCCapsManager::GetPrincipalArraySize(void *prinArrayArg, PRUint32 *ret_val)
|
|||
}
|
||||
|
||||
/* The following interfaces will replace all of the following old calls.
|
||||
*
|
||||
* nsCapsGetPermission(struct nsPrivilege *privilege)
|
||||
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
|
||||
*
|
||||
*/
|
||||
NS_METHOD
|
||||
nsCCapsManager::IsAllowed(void *annotation, char* targetName, PRBool *ret_val)
|
||||
{
|
||||
nsTarget *target = nsTarget::findTarget(targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL )
|
||||
{
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((struct nsPrivilegeTable *)annotation,
|
||||
target);
|
||||
if (pNSPrivilege == NULL) {
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
|
||||
|
||||
*ret_val = (perm == nsPermissionState_Allowed);
|
||||
return NS_OK;
|
||||
nsTarget *target = nsTarget::FindTarget(targetName);
|
||||
nsresult result = NS_OK;
|
||||
if( target == NULL ) {
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
struct nsPrivilege * pNSPrivilege = nsCapsGetPrivilege((nsPrivilegeTable * )annotation, target);
|
||||
if (pNSPrivilege == NULL) {
|
||||
*ret_val = PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
nsPermissionState perm = nsCapsGetPermission(pNSPrivilege);
|
||||
*ret_val = (perm == nsPermissionState_Allowed);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCCapsManager:
|
||||
|
||||
nsCCapsManager::nsCCapsManager(nsISupports *aOuter):m_pNSPrivilegeManager(NULL)
|
||||
nsCCapsManager::nsCCapsManager(nsISupports *aOuter):privilegeManager(NULL)
|
||||
{
|
||||
NS_INIT_AGGREGATED(aOuter);
|
||||
PRBool result;
|
||||
if (Initialize(&result) == NS_OK)
|
||||
{
|
||||
m_pNSPrivilegeManager = new nsPrivilegeManager();
|
||||
}
|
||||
else
|
||||
{
|
||||
m_pNSPrivilegeManager = NULL;
|
||||
}
|
||||
NS_INIT_AGGREGATED(aOuter);
|
||||
PRBool result;
|
||||
privilegeManager = (Initialize(&result) == NS_OK) ? new nsPrivilegeManager(): NULL;
|
||||
}
|
||||
|
||||
nsCCapsManager::~nsCCapsManager()
|
||||
|
@ -718,6 +599,8 @@ void
|
|||
nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray,
|
||||
nsPrincipalArray* *pPrincipalArray)
|
||||
{
|
||||
//prin arrays will either be removed, or updated to use the nsIPrincipal Object
|
||||
/*
|
||||
nsIPrincipal* pNSIPrincipal;
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
|
||||
|
@ -736,39 +619,39 @@ nsCCapsManager::CreateNSPrincipalArray(nsPrincipalArray* prinArray,
|
|||
newPrinArray->Set(index, pNSIPrincipal);
|
||||
}
|
||||
*pPrincipalArray = newPrinArray;
|
||||
*/
|
||||
}
|
||||
|
||||
|
||||
NS_METHOD
|
||||
nsCCapsManager::GetNSPrincipalArray(nsPrincipalArray* prinArray,
|
||||
nsPrincipalArray* *pPrincipalArray)
|
||||
{
|
||||
/*
|
||||
nsIPrincipal* pNSIPrincipal;
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
nsIPrincipal *pNSPrincipal = NULL;
|
||||
nsresult result = NS_OK;
|
||||
|
||||
PRUint32 count = prinArray->GetSize();
|
||||
nsPrincipalArray *newPrinArray = new nsPrincipalArray();
|
||||
newPrinArray->SetSize(count, 1);
|
||||
*pPrincipalArray = NULL;
|
||||
|
||||
for (PRUint32 index = 0; index < count; index++) {
|
||||
pNSIPrincipal = (nsIPrincipal*)prinArray->Get(index);
|
||||
result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
// result = GetNSPrincipal(pNSIPrincipal, &pNSPrincipal);
|
||||
if( result != NS_OK)
|
||||
{
|
||||
nsCapsFreePrincipalArray(newPrinArray);
|
||||
return result;
|
||||
}
|
||||
newPrinArray->Set(index, pNSPrincipal);
|
||||
// newPrinArray->Set(index, pNSPrincipal);
|
||||
}
|
||||
*pPrincipalArray = newPrinArray;
|
||||
return result;
|
||||
*/
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/*
|
||||
NS_METHOD
|
||||
nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
||||
nsPrincipal **ppNSPrincipal)
|
||||
nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal, nsPrincipal **ppNSPrincipal)
|
||||
{
|
||||
nsISupports *pNSISupports = NULL;
|
||||
nsPrincipal *pNSPrincipal = NULL;
|
||||
|
@ -781,7 +664,7 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
|||
|
||||
NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
|
||||
NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
|
||||
NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
|
||||
// NS_DEFINE_IID(kICodeSourcePrincipalIID, NS_ICODESOURCEPRINCIPAL_IID);
|
||||
|
||||
if (pNSIPrincipal->QueryInterface(kICodeSourcePrincipalIID,
|
||||
(void**)&pNSISupports) == NS_OK)
|
||||
|
@ -792,19 +675,21 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
|||
PRBool bIsTrusted = PR_FALSE;
|
||||
if(pNSICertPrincipal != NULL )
|
||||
{
|
||||
pNSICertPrincipal->IsTrusted(NULL, &bIsTrusted);
|
||||
pNSICertPrincipal->IsSecure(&bIsTrusted);
|
||||
}
|
||||
if (bIsTrusted)
|
||||
{
|
||||
nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSICertPrincipal;
|
||||
pNSPrincipal = pNSCCertPrincipal->GetPeer();
|
||||
// peer object is deprecated, no longer use nsPrincipal object
|
||||
// pNSPrincipal = pNSCCertPrincipal->GetPeer();
|
||||
pNSCCertPrincipal->Release();
|
||||
}
|
||||
else
|
||||
if(pNSICodebasePrincipal != NULL )
|
||||
{
|
||||
nsCodebasePrincipal *pNSCCodebasePrincipal = (nsCodebasePrincipal *)pNSICodebasePrincipal;
|
||||
pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
|
||||
// peer object is deprecated, no longer use nsPrincipal object
|
||||
// pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
|
||||
pNSCCodebasePrincipal->Release();
|
||||
}
|
||||
else
|
||||
|
@ -817,7 +702,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
|||
(void**)&pNSISupports) == NS_OK)
|
||||
{
|
||||
nsCertificatePrincipal *pNSCCertPrincipal = (nsCertificatePrincipal *)pNSIPrincipal;
|
||||
pNSPrincipal = pNSCCertPrincipal->GetPeer();
|
||||
// peer object is deprecated, no longer use nsPrincipal object
|
||||
// pNSPrincipal = pNSCCertPrincipal->GetPeer();
|
||||
pNSCCertPrincipal->Release();
|
||||
}
|
||||
else
|
||||
|
@ -826,7 +712,8 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
|||
{
|
||||
nsCodebasePrincipal *pNSCCodebasePrincipal =
|
||||
(nsCodebasePrincipal *)pNSIPrincipal;
|
||||
pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
|
||||
// peer object is deprecated, no longer use nsPrincipal object
|
||||
// pNSPrincipal = pNSCCodebasePrincipal->GetPeer();
|
||||
pNSCCodebasePrincipal->Release();
|
||||
}
|
||||
else
|
||||
|
@ -834,12 +721,12 @@ nsCCapsManager::GetNSPrincipal(nsIPrincipal* pNSIPrincipal,
|
|||
return NS_ERROR_NO_INTERFACE;
|
||||
}
|
||||
*ppNSPrincipal = pNSPrincipal;
|
||||
return NS_OK;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
*/
|
||||
|
||||
nsPermission
|
||||
nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege *pNSPrivilege)
|
||||
nsCCapsManager::ConvertPrivilegeToPermission(nsPrivilege * pNSPrivilege)
|
||||
{
|
||||
if(pNSPrivilege->isAllowedForever())
|
||||
return nsPermission_AllowedForever;
|
||||
|
@ -887,13 +774,9 @@ nsCCapsManager::ConvertPermissionToPrivilege(nsPermission state)
|
|||
void
|
||||
nsCCapsManager::SetSystemPrivilegeManager()
|
||||
{
|
||||
nsPrivilegeManager *pNSPrivilegeManager =
|
||||
nsPrivilegeManager::getPrivilegeManager();
|
||||
if ( (m_pNSPrivilegeManager != NULL )
|
||||
&& (m_pNSPrivilegeManager != pNSPrivilegeManager)
|
||||
)
|
||||
{
|
||||
delete m_pNSPrivilegeManager;
|
||||
m_pNSPrivilegeManager = pNSPrivilegeManager;
|
||||
}
|
||||
nsPrivilegeManager *pNSPrivilegeManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
if ((privilegeManager != NULL ) && (privilegeManager != pNSPrivilegeManager)) {
|
||||
delete privilegeManager;
|
||||
privilegeManager = pNSPrivilegeManager;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -21,12 +21,11 @@
|
|||
#include "prmem.h"
|
||||
#include "prmon.h"
|
||||
#include "prlog.h"
|
||||
|
||||
#include "nsCaps.h"
|
||||
#include "nsPrivilegeManager.h"
|
||||
#include "nsCertificatePrincipal.h"
|
||||
#include "nsPrivilege.h"
|
||||
#include "nsPrivilegeTable.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsTarget.h"
|
||||
#include "nsCCapsManager.h"
|
||||
#include "nsCCapsManagerFactory.h"
|
||||
|
@ -56,29 +55,29 @@ static PRBool bNSCapsInitialized_g = PR_FALSE;
|
|||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsInitialize()
|
||||
{
|
||||
if(bNSCapsInitialized_g == PR_TRUE)
|
||||
{
|
||||
return PR_TRUE;
|
||||
}
|
||||
bNSCapsInitialized_g = PR_TRUE;
|
||||
if(bNSCapsInitialized_g == PR_TRUE) return PR_TRUE;
|
||||
bNSCapsInitialized_g = PR_TRUE;
|
||||
nsIPrincipal * sysPrin;
|
||||
/*
|
||||
#if defined(_WIN32)
|
||||
nsPrincipal *sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
|
||||
// sysPrin = CreateSystemPrincipal("java/classes/java40.jar", "java/lang/Object.class");
|
||||
#else
|
||||
nsPrincipal *sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
|
||||
// sysPrin = CreateSystemPrincipal("java40.jar", "java/lang/Object.class");
|
||||
#endif
|
||||
if (sysPrin == NULL) {
|
||||
sysPrin = new nsPrincipal(nsPrincipalType_Cert, "52:54:45:4e:4e:45:54:49",
|
||||
strlen("52:54:45:4e:4e:45:54:49"));
|
||||
*/
|
||||
if (sysPrin == NULL) {
|
||||
nsresult res;
|
||||
sysPrin = new nsCertificatePrincipal((PRInt16 *)nsIPrincipal::PrincipalType_Certificate,(const unsigned char **) "52:54:45:4e:4e:45:54:49",
|
||||
(unsigned int *)strlen("52:54:45:4e:4e:45:54:49"),1,& res);
|
||||
}
|
||||
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
if (nsPrivManager == NULL) {
|
||||
nsPrivilegeManagerInitialize();
|
||||
nsPrivilegeInitialize();
|
||||
nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
}
|
||||
PR_ASSERT(nsPrivManager != NULL);
|
||||
nsPrivManager->registerSystemPrincipal(sysPrin);
|
||||
nsPrivManager->RegisterSystemPrincipal(sysPrin);
|
||||
// New a class factory object and the constructor will register itself
|
||||
// as the factory object in the repository. All other modules should
|
||||
// FindFactory and use createInstance to create a instance of nsCCapsManager
|
||||
|
@ -96,169 +95,155 @@ nsCapsInitialize()
|
|||
|
||||
/* wrappers for nsPrivilegeManager object */
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsRegisterPrincipal(struct nsPrincipal *principal)
|
||||
nsCapsRegisterPrincipal(class nsIPrincipal *principal)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
nsPrivManager->registerPrincipal(principal);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
if(nsPrivManager == NULL) return PR_FALSE;
|
||||
nsPrivManager->RegisterPrincipal(principal);
|
||||
return PR_TRUE;
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsEnablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
|
||||
nsCapsEnablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
return nsPrivManager->enablePrivilege(context, target, callerDepth);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->EnablePrivilege(context, target, callerDepth);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsIsPrivilegeEnabled(void* context, struct nsTarget *target, PRInt32 callerDepth)
|
||||
nsCapsIsPrivilegeEnabled(void* context, class nsTarget *target, PRInt32 callerDepth)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
return nsPrivManager->isPrivilegeEnabled(context, target, callerDepth);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->IsPrivilegeEnabled(context, target, callerDepth);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsRevertPrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
|
||||
nsCapsRevertPrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
return nsPrivManager->revertPrivilege(context, target, callerDepth);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL ) ? PR_FALSE : nsPrivManager->RevertPrivilege(context, target, callerDepth);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsDisablePrivilege(void* context, struct nsTarget *target, PRInt32 callerDepth)
|
||||
nsCapsDisablePrivilege(void* context, class nsTarget *target, PRInt32 callerDepth)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
return nsPrivManager->disablePrivilege(context, target, callerDepth);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? PR_FALSE : nsPrivManager->DisablePrivilege(context, target, callerDepth);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(void*)
|
||||
nsCapsGetClassPrincipalsFromStack(void* context, PRInt32 callerDepth)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return NULL;
|
||||
return (void *)nsPrivManager->getClassPrincipalsFromStack(context, callerDepth);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? NULL
|
||||
: (void *)nsPrivManager->GetClassPrincipalsFromStack(context, callerDepth);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(nsSetComparisonType)
|
||||
nsCapsComparePrincipalArray(void* prin1Array, void* prin2Array)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return nsSetComparisonType_NoSubset;
|
||||
return nsPrivManager->comparePrincipalArray((nsPrincipalArray*)prin1Array,
|
||||
(nsPrincipalArray*)prin2Array);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? nsSetComparisonType_NoSubset
|
||||
: nsPrivManager->ComparePrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(void*)
|
||||
nsCapsIntersectPrincipalArray(void* prin1Array, void* prin2Array)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return NULL;
|
||||
return nsPrivManager->intersectPrincipalArray((nsPrincipalArray*)prin1Array,
|
||||
(nsPrincipalArray*)prin2Array);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? NULL
|
||||
: nsPrivManager->IntersectPrincipalArray((nsPrincipalArray*)prin1Array, (nsPrincipalArray*)prin2Array);
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsCanExtendTrust(void* from, void* to)
|
||||
{
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::getPrivilegeManager();
|
||||
if( nsPrivManager == NULL )
|
||||
return PR_FALSE;
|
||||
return nsPrivManager->canExtendTrust((nsPrincipalArray*)from,
|
||||
(nsPrincipalArray*)to);
|
||||
nsPrivilegeManager *nsPrivManager = nsPrivilegeManager::GetPrivilegeManager();
|
||||
return (nsPrivManager == NULL) ? PR_FALSE
|
||||
: nsPrivManager->CanExtendTrust((nsPrincipalArray *)from, (nsPrincipalArray *)to);
|
||||
}
|
||||
|
||||
/* wrappers for nsPrincipal object */
|
||||
PR_IMPLEMENT(struct nsPrincipal *)
|
||||
nsCapsNewPrincipal(nsPrincipalType type, void * key,
|
||||
PRUint32 key_len, void *zig)
|
||||
/*
|
||||
PR_IMPLEMENT(class nsIPrincipal *)
|
||||
nsCapsNewPrincipal(PRInt16 prinType, void * key, PRUint32 key_len, void *zig)
|
||||
{
|
||||
return new nsPrincipal(type, key, key_len, zig);
|
||||
// XXX ARIEL FIX:
|
||||
// this is absolutely wrong, must be fixed ASAP
|
||||
// return new nsIPrincipal(prinType, key, key_len, zig);
|
||||
return NULL;
|
||||
}
|
||||
*/
|
||||
|
||||
PR_IMPLEMENT(const char *)
|
||||
nsCapsPrincipalToString(struct nsPrincipal *principal)
|
||||
nsCapsPrincipalToString(class nsIPrincipal *principal)
|
||||
{
|
||||
return principal->toString();
|
||||
char * prinStr;
|
||||
principal->ToString(& prinStr);
|
||||
return prinStr;
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(PRBool)
|
||||
nsCapsIsCodebaseExact(struct nsPrincipal *principal)
|
||||
nsCapsIsCodebaseExact(class nsIPrincipal *principal)
|
||||
{
|
||||
return principal->isCodebaseExact();
|
||||
PRInt16 prinType;
|
||||
principal->GetType(& prinType);
|
||||
return (prinType == (PRInt16) nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
|
||||
}
|
||||
|
||||
PR_IMPLEMENT(const char *)
|
||||
nsCapsPrincipalGetVendor(struct nsPrincipal *principal)
|
||||
nsCapsPrincipalGetVendor(class nsIPrincipal *principal)
|
||||
{
|
||||
return principal->getVendor();
|
||||
//deprecated returning NULL
|
||||
//return principal->getVendor();
|
||||
return NULL;
|
||||
}
|
||||
|
||||
PR_EXTERN(void *)
|
||||
nsCapsNewPrincipalArray(PRUint32 count)
|
||||
{
|
||||
nsPrincipalArray *prinArray = new nsPrincipalArray();
|
||||
prinArray->SetSize(count, 1);
|
||||
return prinArray;
|
||||
nsPrincipalArray *prinArray = new nsPrincipalArray();
|
||||
prinArray->SetSize(count, 1);
|
||||
return prinArray;
|
||||
}
|
||||
|
||||
PR_EXTERN(void)
|
||||
nsCapsFreePrincipalArray(void *prinArrayArg)
|
||||
{
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray) {
|
||||
prinArray->RemoveAll();
|
||||
delete prinArray;
|
||||
}
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray) {
|
||||
prinArray->RemoveAll();
|
||||
delete prinArray;
|
||||
}
|
||||
}
|
||||
|
||||
PR_EXTERN(void *)
|
||||
nsCapsGetPrincipalArrayElement(void *prinArrayArg, PRUint32 index)
|
||||
{
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
return prinArray->Get(index);
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
return (prinArray == NULL) ? NULL : prinArray->Get(index);
|
||||
}
|
||||
|
||||
PR_EXTERN(void)
|
||||
nsCapsSetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, void *element)
|
||||
{
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray == NULL) {
|
||||
return;
|
||||
}
|
||||
prinArray->Set(index, element);
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray == NULL) return;
|
||||
prinArray->Set(index, element);
|
||||
}
|
||||
|
||||
PR_EXTERN(PRUint32)
|
||||
nsCapsGetPrincipalArraySize(void *prinArrayArg)
|
||||
{
|
||||
nsPrincipalArray *prinArray = (nsPrincipalArray *)prinArrayArg;
|
||||
if (prinArray == NULL) {
|
||||
return 0;
|
||||
}
|
||||
return prinArray->GetSize();
|
||||
return (prinArray == NULL) ? 0 : prinArray->GetSize();
|
||||
}
|
||||
|
||||
/* wrappers for nsTarget object */
|
||||
PR_IMPLEMENT(struct nsTarget *)
|
||||
PR_IMPLEMENT(class nsTarget *)
|
||||
nsCapsFindTarget(char *name)
|
||||
{
|
||||
return nsTarget::findTarget(name);
|
||||
return nsTarget::FindTarget(name);
|
||||
}
|
||||
|
||||
/* wrappers for nsPrivilege object */
|
||||
|
@ -270,9 +255,9 @@ nsCapsGetPermission(struct nsPrivilege *privilege)
|
|||
|
||||
/* wrappers for nsPrivilegeTable object */
|
||||
PR_IMPLEMENT(struct nsPrivilege *)
|
||||
nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
|
||||
nsCapsGetPrivilege(nsPrivilegeTable * annotation, class nsTarget *target)
|
||||
{
|
||||
return annotation->get(target);
|
||||
return annotation->Get(target);
|
||||
}
|
||||
|
||||
|
||||
|
@ -284,7 +269,6 @@ setNewNSJSJavaFrameWrapperCallback(struct NSJSJavaFrameWrapper * (*fp)(void *))
|
|||
nsCapsNewNSJSJavaFrameWrapperCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void (*nsCapsFreeNSJSJavaFrameWrapperCallback)(struct NSJSJavaFrameWrapper *);
|
||||
PR_IMPLEMENT(void)
|
||||
setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
|
||||
|
@ -292,7 +276,6 @@ setFreeNSJSJavaFrameWrapperCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
|
|||
nsCapsFreeNSJSJavaFrameWrapperCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void (*nsCapsGetStartFrameCallback)(struct NSJSJavaFrameWrapper *);
|
||||
PR_IMPLEMENT(void)
|
||||
setGetStartFrameCallback(void (*fp)(struct NSJSJavaFrameWrapper *))
|
||||
|
@ -307,7 +290,6 @@ setIsEndOfFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
|
|||
nsCapsIsEndOfFrameCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
PRBool (*nsCapsIsValidFrameCallback)(struct NSJSJavaFrameWrapper *);
|
||||
PR_IMPLEMENT(void)
|
||||
setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
|
||||
|
@ -315,7 +297,6 @@ setIsValidFrameCallback(PRBool (*fp)(struct NSJSJavaFrameWrapper *))
|
|||
nsCapsIsValidFrameCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void * (*nsCapsGetNextFrameCallback)(struct NSJSJavaFrameWrapper *, int *);
|
||||
PR_IMPLEMENT(void)
|
||||
setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
|
||||
|
@ -323,28 +304,25 @@ setGetNextFrameCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, int *))
|
|||
nsCapsGetNextFrameCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void * (*nsCapsGetPrincipalArrayCallback)(struct NSJSJavaFrameWrapper *);
|
||||
PR_IMPLEMENT(void)
|
||||
setOJIGetPrincipalArrayCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
|
||||
{
|
||||
nsCapsGetPrincipalArrayCallback = fp;
|
||||
nsCapsGetPrincipalArrayCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void * (*nsCapsGetAnnotationCallback)(struct NSJSJavaFrameWrapper *);
|
||||
PR_IMPLEMENT(void)
|
||||
setOJIGetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *))
|
||||
{
|
||||
nsCapsGetAnnotationCallback = fp;
|
||||
nsCapsGetAnnotationCallback = fp;
|
||||
}
|
||||
|
||||
|
||||
void * (*nsCapsSetAnnotationCallback)(struct NSJSJavaFrameWrapper *, void *);
|
||||
PR_IMPLEMENT(void)
|
||||
setOJISetAnnotationCallback(void * (*fp)(struct NSJSJavaFrameWrapper *, void *))
|
||||
{
|
||||
nsCapsSetAnnotationCallback = fp;
|
||||
nsCapsSetAnnotationCallback = fp;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -359,7 +337,6 @@ nsCapsEnableRegistrationModeFlag(void)
|
|||
registrationModeFlag = PR_TRUE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* This function disables the registration mode flag.
|
||||
* Disabling this flag allows all valid urls types to
|
||||
|
|
|
@ -17,143 +17,92 @@
|
|||
*/
|
||||
|
||||
#include "nsCertificatePrincipal.h"
|
||||
#include "nsPrincipal.h"
|
||||
|
||||
static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports:
|
||||
|
||||
// These macros produce simple version of QueryInterface and AddRef.
|
||||
// See the nsISupports.h header file for DETAILS.
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsCertificatePrincipal,kICertificatePrincipalIID);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsIPrincipal:
|
||||
NS_IMPL_ISUPPORTS(nsCertificatePrincipal, kICertificatePrincipalIID);
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
|
||||
nsCertificatePrincipal::GetPublicKey(char ** publicKey, PRUint32 * publicKeyLength)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*pbIsTrusted = PR_FALSE;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal();
|
||||
return NS_OK;
|
||||
publicKey = & this->itsKey;
|
||||
publicKeyLength = & this->itsKeyLength;
|
||||
return (itsKey == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsICertificatePrincipal:
|
||||
/**
|
||||
* Returns the public key of the certificate.
|
||||
*
|
||||
* @param publicKey - the Public Key data will be returned in this field.
|
||||
* @param publicKeySize - the length of public key data is returned in this
|
||||
* parameter.
|
||||
*/
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetPublicKey(char **publicKey, PRUint32 *publicKeySize)
|
||||
nsCertificatePrincipal::GetCompanyName(char * * companyName)
|
||||
{
|
||||
// XXX raman: fix it.
|
||||
PR_ASSERT(PR_FALSE);
|
||||
return NS_OK;
|
||||
companyName = & this->itsCompanyName;
|
||||
return (itsCompanyName == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the company name of the ceritificate (OU etc parameters of certificate)
|
||||
*
|
||||
* @param result - the certificate details about the signer.
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetCompanyName(char **ppCompanyName)
|
||||
nsCertificatePrincipal::GetCertificateAuthority(char * * certificateAuthority)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppCompanyName = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppCompanyName = m_pNSPrincipal->getCompanyName();
|
||||
return NS_OK;
|
||||
certificateAuthority = & this->itsCertificateAuthority;
|
||||
return (itsCertificateAuthority == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the certificate issuer's data (OU etc parameters of certificate)
|
||||
*
|
||||
* @param result - the details about the issuer
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetCertificateAuthority(char **ppCertAuthority)
|
||||
nsCertificatePrincipal::GetSerialNumber(char * * serialNumber)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppCertAuthority = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppCertAuthority = m_pNSPrincipal->getSecAuth();
|
||||
return NS_OK;
|
||||
serialNumber = & this->itsSerialNumber;
|
||||
return (itsSerialNumber == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the serial number of certificate
|
||||
*
|
||||
* @param result - Returns the serial number of certificate
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetSerialNumber(char **ppSerialNumber)
|
||||
nsCertificatePrincipal::GetExpirationDate(char * * expirationDate)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppSerialNumber = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppSerialNumber = m_pNSPrincipal->getSerialNo();
|
||||
return NS_OK;
|
||||
expirationDate = & this->itsExpirationDate;
|
||||
return (itsExpirationDate == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the expiration date of certificate
|
||||
*
|
||||
* @param result - Returns the expiration date of certificate
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetExpirationDate(char **ppExpDate)
|
||||
nsCertificatePrincipal::GetFingerPrint(char * * fingerPrint)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppExpDate = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppExpDate = m_pNSPrincipal->getExpDate();
|
||||
return NS_OK;
|
||||
fingerPrint = & this->itsFingerPrint;
|
||||
return (itsFingerPrint == NULL) ? NS_ERROR_ILLEGAL_VALUE : NS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the finger print of certificate
|
||||
*
|
||||
* @param result - Returns the finger print of certificate
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::GetFingerPrint(char **ppFingerPrint)
|
||||
nsCertificatePrincipal::GetType(PRInt16 * type)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppFingerPrint = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppFingerPrint = m_pNSPrincipal->getFingerPrint();
|
||||
return NS_OK;
|
||||
type = & this->itsType;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCertificatePrincipal:
|
||||
|
||||
nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain,
|
||||
PRUint32 *certChainLengths,
|
||||
PRUint32 noOfCerts,
|
||||
nsresult *result)
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::IsSecure(PRBool * result)
|
||||
{
|
||||
*result = (this->itsType == (PRInt16)nsIPrincipal::PrincipalType_Unknown) ? PR_FALSE : PR_TRUE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::ToString(char **result)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::HashCode(PRUint32 * code)
|
||||
{
|
||||
code=0;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCertificatePrincipal::Equals(nsIPrincipal * other, PRBool * result)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCertificatePrincipal::nsCertificatePrincipal(PRInt16 * type, const unsigned char **certChain,
|
||||
PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result)
|
||||
{
|
||||
this->itsType = * type;
|
||||
/*
|
||||
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain,
|
||||
certChainLengths, noOfCerts);
|
||||
if(m_pNSPrincipal == NULL)
|
||||
|
@ -162,21 +111,9 @@ nsCertificatePrincipal::nsCertificatePrincipal(const unsigned char **certChain,
|
|||
return;
|
||||
}
|
||||
*result = NS_OK;
|
||||
}
|
||||
|
||||
nsCertificatePrincipal::nsCertificatePrincipal(nsPrincipal *pNSPrincipal)
|
||||
{
|
||||
m_pNSPrincipal = pNSPrincipal;
|
||||
*/
|
||||
}
|
||||
|
||||
nsCertificatePrincipal::~nsCertificatePrincipal(void)
|
||||
{
|
||||
delete m_pNSPrincipal;
|
||||
}
|
||||
|
||||
nsPrincipal*
|
||||
nsCertificatePrincipal::GetPeer(void)
|
||||
{
|
||||
return m_pNSPrincipal;
|
||||
}
|
||||
|
||||
}
|
|
@ -17,81 +17,78 @@
|
|||
*/
|
||||
|
||||
#include "nsCodebasePrincipal.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "xp.h"
|
||||
|
||||
static NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsISupports:
|
||||
|
||||
// These macros produce simple version of QueryInterface and AddRef.
|
||||
// See the nsISupports.h header file for DETAILS.
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsCodebasePrincipal, kICodebasePrincipalIID);
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsIPrincipal:
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::GetURL(char **cburl)
|
||||
{
|
||||
cburl = (char **)&codeBaseURL;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
|
||||
nsCodebasePrincipal::IsCodebaseExact(PRBool * result)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*pbIsTrusted = PR_FALSE;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*pbIsTrusted = m_pNSPrincipal->isSecurePrincipal();
|
||||
return NS_OK;
|
||||
* result = (this->itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseExact) ? PR_TRUE : PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Returns the codebase URL of the principal.
|
||||
*
|
||||
* @param result - the resulting codebase URL
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::GetURL(char **ppCodeBaseURL)
|
||||
nsCodebasePrincipal::IsCodebaseRegex(PRBool * result)
|
||||
{
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*ppCodeBaseURL = NULL;
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
*ppCodeBaseURL = m_pNSPrincipal->getKey();
|
||||
return NS_OK;
|
||||
* result = (itsType == (PRInt16 *)nsIPrincipal::PrincipalType_CodebaseRegex) ? PR_TRUE : PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////
|
||||
// from nsCCodebasePrincipal:
|
||||
|
||||
nsCodebasePrincipal::nsCodebasePrincipal(const char *codebaseURL,
|
||||
nsresult *result)
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::GetType(PRInt16 * type)
|
||||
{
|
||||
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact,
|
||||
(void *)codebaseURL,
|
||||
XP_STRLEN(codebaseURL));
|
||||
if(m_pNSPrincipal == NULL)
|
||||
{
|
||||
*result = NS_ERROR_OUT_OF_MEMORY;
|
||||
return;
|
||||
}
|
||||
*result = NS_OK;
|
||||
type = itsType;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCodebasePrincipal::nsCodebasePrincipal(nsPrincipal *pNSPrincipal)
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::IsSecure(PRBool * result)
|
||||
{
|
||||
/*
|
||||
if ((0 == memcmp("https:", itsKey, strlen("https:"))) ||
|
||||
(0 == memcmp("file:", itsKey, strlen("file:"))))
|
||||
return PR_TRUE;
|
||||
*/
|
||||
return PR_FALSE;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::ToString(char **result)
|
||||
{
|
||||
m_pNSPrincipal = pNSPrincipal;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::HashCode(PRUint32 * code)
|
||||
{
|
||||
code=0;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsCodebasePrincipal::Equals(nsIPrincipal * other, PRBool * result)
|
||||
{
|
||||
PRInt16 * oType;
|
||||
other->GetType(oType);
|
||||
*result = (itsType == oType) ? PR_TRUE : PR_FALSE;
|
||||
return NS_OK;
|
||||
}
|
||||
nsCodebasePrincipal::nsCodebasePrincipal(PRInt16 * type, const char * codeBaseURL)
|
||||
{
|
||||
this->itsType=type;
|
||||
this->codeBaseURL=codeBaseURL;
|
||||
}
|
||||
|
||||
nsCodebasePrincipal::~nsCodebasePrincipal(void)
|
||||
{
|
||||
delete m_pNSPrincipal;
|
||||
}
|
||||
|
||||
nsPrincipal*
|
||||
nsCodebasePrincipal::GetPeer(void)
|
||||
{
|
||||
return m_pNSPrincipal;
|
||||
}
|
||||
}
|
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -25,84 +25,77 @@
|
|||
|
||||
nsPrivilegeTable::nsPrivilegeTable(void)
|
||||
{
|
||||
itsTable = NULL;
|
||||
this->itsTable = NULL;
|
||||
}
|
||||
|
||||
nsPrivilegeTable::~nsPrivilegeTable(void)
|
||||
{
|
||||
/* XXX: We need to incr and decr objects that we put into this hashtable.
|
||||
* There is a big memory leak.
|
||||
*
|
||||
* We need to delete all the entries in the privilege Table
|
||||
*/
|
||||
if (itsTable)
|
||||
delete itsTable;
|
||||
itsTable = NULL;
|
||||
/* XXX: We need to incr and decr objects that we put into this hashtable.
|
||||
* There is a big memory leak.
|
||||
*
|
||||
* We need to delete all the entries in the privilege Table
|
||||
*/
|
||||
if (this->itsTable) delete this->itsTable;
|
||||
this->itsTable = NULL;
|
||||
}
|
||||
|
||||
PRInt32 nsPrivilegeTable::size(void)
|
||||
PRInt32
|
||||
nsPrivilegeTable::Size(void)
|
||||
{
|
||||
if (itsTable != NULL)
|
||||
return itsTable->Count();
|
||||
else return 0;
|
||||
return (itsTable != NULL) ? itsTable->Count() : 0;
|
||||
}
|
||||
|
||||
PRBool nsPrivilegeTable::isEmpty(void)
|
||||
PRBool
|
||||
nsPrivilegeTable::IsEmpty(void)
|
||||
{
|
||||
if (itsTable == NULL) return PR_TRUE;
|
||||
else return ((itsTable->Count() > 0) ? PR_FALSE : PR_TRUE);
|
||||
return ((itsTable == NULL) && (itsTable->Count() == 0)) ? PR_TRUE : PR_FALSE;
|
||||
}
|
||||
|
||||
nsPrivilege * nsPrivilegeTable::get(nsTarget *target)
|
||||
nsPrivilege *
|
||||
nsPrivilegeTable::Get(nsTarget *target)
|
||||
{
|
||||
if (itsTable == NULL) {
|
||||
return nsPrivilege::findPrivilege(nsPermissionState_Blank,
|
||||
nsDurationState_Session);
|
||||
}
|
||||
|
||||
TargetKey targKey(target);
|
||||
|
||||
nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
|
||||
if (priv == NULL) {
|
||||
return nsPrivilege::findPrivilege(nsPermissionState_Blank,
|
||||
nsDurationState_Session);
|
||||
}
|
||||
return priv;
|
||||
if (itsTable == NULL)
|
||||
return nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session);
|
||||
TargetKey targKey(target);
|
||||
nsPrivilege *priv = (nsPrivilege *) itsTable->Get(&targKey);
|
||||
return (priv == NULL)
|
||||
? nsPrivilege::findPrivilege(nsPermissionState_Blank, nsDurationState_Session) : priv;
|
||||
}
|
||||
|
||||
nsPrivilege * nsPrivilegeTable::put(nsTarget *target, nsPrivilege *priv)
|
||||
nsPrivilege *
|
||||
nsPrivilegeTable::Put(nsTarget * target, nsPrivilege * priv)
|
||||
{
|
||||
nsCaps_lock();
|
||||
if (itsTable == NULL) itsTable = new nsHashtable();
|
||||
|
||||
if (itsTable == NULL) this->itsTable = new nsHashtable();
|
||||
TargetKey targKey(target);
|
||||
nsPrivilege *priv2 = (nsPrivilege *)itsTable->Put(&targKey, (void *)priv);
|
||||
nsCaps_unlock();
|
||||
return priv2;
|
||||
}
|
||||
|
||||
nsPrivilege * nsPrivilegeTable::remove(nsTarget *target)
|
||||
nsPrivilege *
|
||||
nsPrivilegeTable::Remove(nsTarget *target)
|
||||
{
|
||||
if (itsTable == NULL) return NULL;
|
||||
TargetKey targKey(target);
|
||||
nsCaps_lock();
|
||||
nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
|
||||
nsCaps_unlock();
|
||||
return priv;
|
||||
if (itsTable == NULL) return NULL;
|
||||
TargetKey targKey(target);
|
||||
nsCaps_lock();
|
||||
nsPrivilege *priv = (nsPrivilege *)itsTable->Remove(&targKey);
|
||||
nsCaps_unlock();
|
||||
return priv;
|
||||
}
|
||||
|
||||
nsPrivilegeTable * nsPrivilegeTable::clone(void)
|
||||
nsPrivilegeTable *
|
||||
nsPrivilegeTable::Clone(void)
|
||||
{
|
||||
nsCaps_lock();
|
||||
nsPrivilegeTable *newbie = new nsPrivilegeTable();
|
||||
if (itsTable != NULL) {
|
||||
newbie->itsTable = itsTable->Clone();
|
||||
}
|
||||
if (itsTable != NULL) newbie->itsTable = itsTable->Clone();
|
||||
nsCaps_unlock();
|
||||
return newbie;
|
||||
}
|
||||
|
||||
void nsPrivilegeTable::clear(void)
|
||||
void
|
||||
nsPrivilegeTable::Clear(void)
|
||||
{
|
||||
/* XXX: free the entries also */
|
||||
nsCaps_lock();
|
||||
|
@ -111,8 +104,7 @@ void nsPrivilegeTable::clear(void)
|
|||
nsCaps_unlock();
|
||||
}
|
||||
|
||||
void nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
|
||||
if (itsTable != NULL) {
|
||||
itsTable->Enumerate(aEnumFunc);
|
||||
}
|
||||
}
|
||||
void
|
||||
nsPrivilegeTable::Enumerate(nsHashtableEnumFunc aEnumFunc) {
|
||||
if (itsTable != NULL) itsTable->Enumerate(aEnumFunc);
|
||||
}
|
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -51,32 +51,35 @@ nsUserTarget::~nsUserTarget(void)
|
|||
}
|
||||
|
||||
#define OPTION "<option>"
|
||||
nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
|
||||
nsPrivilege *
|
||||
nsUserTarget::EnablePrivilege(nsIPrincipal *prin, void *data)
|
||||
{
|
||||
char *riskStr = getRisk();
|
||||
char *desc = getDescription();
|
||||
char *prinStr = prin->toString();
|
||||
char *targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
|
||||
XP_STRCPY(targetStr, OPTION);
|
||||
XP_STRCAT(targetStr, desc);
|
||||
PRBool isCert = (prin->isCodebase()) ? PR_FALSE : PR_TRUE;
|
||||
void *cert = prin->getCertificate();
|
||||
nsPermState permState = nsPermState_AllowedSession;
|
||||
|
||||
char * riskStr = this->GetRisk();
|
||||
char * desc = this->GetDescription();
|
||||
char * prinStr;
|
||||
prin->ToString(& prinStr);
|
||||
char * targetStr = new char[strlen(OPTION) + strlen(desc) + 1];
|
||||
XP_STRCPY(targetStr, OPTION);
|
||||
XP_STRCAT(targetStr, desc);
|
||||
PRInt16 prinType;
|
||||
prin->GetType(& prinType);
|
||||
// void *cert;
|
||||
// if(prinType == (PRInt16) nsIPrincipal::PrincipalType_Certificate)
|
||||
// cert = ((nsICertificatePrincipal *) prin)->GetCertificate();
|
||||
nsPermState permState = nsPermState_AllowedSession;
|
||||
/*
|
||||
* Check Registration Mode flag and the url code base
|
||||
* to set permission state
|
||||
*/
|
||||
if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
|
||||
if (prin->isFileCodeBase()) {
|
||||
permState = nsPermState_AllowedSession;
|
||||
}
|
||||
} else if (displayUI) {
|
||||
/* set displayUI to TRUE, to enable UI */
|
||||
nsCaps_lock();
|
||||
permState = displayPermissionDialog(prinStr, targetStr, riskStr, isCert, cert);
|
||||
nsCaps_unlock();
|
||||
}
|
||||
// if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) {
|
||||
// if (prinType == (PRInt16) nsIPrincipal::PrincipalType_Codebase) permState = nsPermState_AllowedSession;
|
||||
// } else if (displayUI) {
|
||||
/* set displayUI to TRUE, to enable UI */
|
||||
// nsCaps_lock();
|
||||
// permState = displayPermissionDialog(prinStr, targetStr, riskStr,
|
||||
// isCert, cert);
|
||||
// nsCaps_unlock();
|
||||
// }
|
||||
|
||||
nsPermissionState permVal;
|
||||
nsDurationState durationVal;
|
||||
|
@ -96,6 +99,4 @@ nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data)
|
|||
}
|
||||
delete []targetStr;
|
||||
return nsPrivilege::findPrivilege(permVal, durationVal);
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -1330,28 +1330,25 @@ nsJSSecurityManager::PrintPrincipalsToConsole(JSContext *aCx, JSPrincipals *aPri
|
|||
{
|
||||
void *principalsArray;
|
||||
nsIPrincipal *principal;
|
||||
char *vendor;
|
||||
//cd .. char *vendor;
|
||||
PRUint32 i, count;
|
||||
static char emptyStr[] = "<empty>\n";
|
||||
|
||||
principalsArray = aPrincipals->getPrincipalArray(aCx, aPrincipals);
|
||||
|
||||
if (principalsArray == nsnull) {
|
||||
PrintToConsole(emptyStr);
|
||||
return;
|
||||
}
|
||||
|
||||
PrintToConsole("[\n");
|
||||
mCapsManager->GetPrincipalArraySize(principalsArray, &count);
|
||||
for (i = 0; i < count; i++) {
|
||||
mCapsManager->GetPrincipalArrayElement(principalsArray, i, &principal);
|
||||
mCapsManager->GetVendor(principal, &vendor);
|
||||
if (vendor == nsnull) {
|
||||
JS_ReportOutOfMemory(aCx);
|
||||
return;
|
||||
}
|
||||
PrintToConsole(vendor);
|
||||
PrintToConsole(",\n");
|
||||
// mCapsManager->GetVendor(principal, &vendor);
|
||||
// if (vendor == nsnull) {
|
||||
// JS_ReportOutOfMemory(aCx);
|
||||
// return;
|
||||
// }
|
||||
// PrintToConsole(vendor);
|
||||
// PrintToConsole(",\n");
|
||||
}
|
||||
PrintToConsole("]\n");
|
||||
}
|
||||
|
@ -1373,24 +1370,19 @@ nsJSSecurityManager::InvalidateCertPrincipals(JSContext *aCx, JSPrincipals *aPri
|
|||
char*
|
||||
nsJSSecurityManager::FindOriginURL(JSContext *aCx, JSObject *aGlobal)
|
||||
{
|
||||
nsISupports *tmp1, *tmp2;
|
||||
nsISupports * tmp1, * tmp2;
|
||||
nsIScriptGlobalObjectData* globalData = nsnull;
|
||||
nsAutoString urlString;
|
||||
|
||||
tmp1 = (nsISupports*)JS_GetPrivate(aCx, aGlobal);
|
||||
tmp1 = (nsISupports *)JS_GetPrivate(aCx, aGlobal);
|
||||
if (nsnull != tmp1 &&
|
||||
NS_OK == tmp1->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
|
||||
globalData->GetOrigin(&urlString);
|
||||
}
|
||||
|
||||
if (urlString.Length() == 0) {
|
||||
/* Must be a new, empty window? Use running origin. */
|
||||
tmp2 = (nsISupports*)JS_GetPrivate(aCx, JS_GetGlobalObject(aCx));
|
||||
|
||||
/* Compare running and current to avoid infinite recursion. */
|
||||
if (tmp1 == tmp2) {
|
||||
urlString = gUnknownOriginStr;
|
||||
}
|
||||
if (tmp1 == tmp2) urlString = gUnknownOriginStr;
|
||||
else if (nsnull != tmp2 &&
|
||||
NS_OK == tmp2->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData)) {
|
||||
globalData->GetOrigin(&urlString);
|
||||
|
|
|
@ -256,6 +256,9 @@ map_java_object_to_js_object_impl(JNIEnv *env, void *pluginInstancePtr, char* *e
|
|||
|
||||
|
||||
#if 0
|
||||
// This needs to be modified at least temporarily. Caps is undergoing some rearchitecture
|
||||
// nsPrincipal doesn't exist anymore, we're trying to move towards using nsIPrincipal and a PrincipalTools.h
|
||||
// which includes the definitions for arrays.
|
||||
// TODO: Need raman's help. This needs to convert between C++ [] array data type to a nsVector object.
|
||||
void*
|
||||
ConvertNSIPrincipalArrayToObject(JNIEnv *pJNIEnv, JSContext *pJSContext, void **ppNSIPrincipalArrayIN, int numPrincipals, void *pNSISecurityContext)
|
||||
|
|
Загрузка…
Ссылка в новой задаче