1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
---|
2 | /* ***** BEGIN LICENSE BLOCK ***** |
---|
3 | * Version: NPL 1.1/GPL 2.0/LGPL 2.1 |
---|
4 | * |
---|
5 | * The contents of this file are subject to the Netscape Public License |
---|
6 | * Version 1.1 (the "License"); you may not use this file except in |
---|
7 | * compliance with the License. You may obtain a copy of the License at |
---|
8 | * http://www.mozilla.org/NPL/ |
---|
9 | * |
---|
10 | * Software distributed under the License is distributed on an "AS IS" basis, |
---|
11 | * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
---|
12 | * for the specific language governing rights and limitations under the |
---|
13 | * License. |
---|
14 | * |
---|
15 | * The Original Code is mozilla.org code. |
---|
16 | * |
---|
17 | * The Initial Developer of the Original Code is |
---|
18 | * Netscape Communications Corporation. |
---|
19 | * Portions created by the Initial Developer are Copyright (C) 1998 |
---|
20 | * the Initial Developer. All Rights Reserved. |
---|
21 | * |
---|
22 | * Contributor(s): |
---|
23 | * |
---|
24 | * |
---|
25 | * Alternatively, the contents of this file may be used under the terms of |
---|
26 | * either the GNU General Public License Version 2 or later (the "GPL"), or |
---|
27 | * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
---|
28 | * in which case the provisions of the GPL or the LGPL are applicable instead |
---|
29 | * of those above. If you wish to allow use of your version of this file only |
---|
30 | * under the terms of either the GPL or the LGPL, and not to allow others to |
---|
31 | * use your version of this file under the terms of the NPL, indicate your |
---|
32 | * decision by deleting the provisions above and replace them with the notice |
---|
33 | * and other provisions required by the GPL or the LGPL. If you do not delete |
---|
34 | * the provisions above, a recipient may use your version of this file under |
---|
35 | * the terms of any one of the NPL, the GPL or the LGPL. |
---|
36 | * |
---|
37 | * ***** END LICENSE BLOCK ***** */ |
---|
38 | /*Factory for internal browser security resource managers*/ |
---|
39 | |
---|
40 | #include "nsCOMPtr.h" |
---|
41 | #include "nsIModule.h" |
---|
42 | #include "nsIGenericFactory.h" |
---|
43 | #include "nsIScriptSecurityManager.h" |
---|
44 | #include "nsScriptSecurityManager.h" |
---|
45 | #include "nsIPrincipal.h" |
---|
46 | #include "nsPrincipal.h" |
---|
47 | #include "nsSystemPrincipal.h" |
---|
48 | #include "nsIScriptNameSpaceManager.h" |
---|
49 | #include "nsIScriptExternalNameSet.h" |
---|
50 | #include "nsIScriptContext.h" |
---|
51 | #include "nsICategoryManager.h" |
---|
52 | #include "nsXPIDLString.h" |
---|
53 | #include "nsCOMPtr.h" |
---|
54 | #include "nsIServiceManager.h" |
---|
55 | |
---|
56 | /////////////////////// |
---|
57 | // nsSecurityNameSet // |
---|
58 | /////////////////////// |
---|
59 | |
---|
60 | #define NS_SECURITYNAMESET_CID \ |
---|
61 | { 0x7c02eadc, 0x76, 0x4d03, \ |
---|
62 | { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } } |
---|
63 | #define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1" |
---|
64 | |
---|
65 | class nsSecurityNameSet : public nsIScriptExternalNameSet |
---|
66 | { |
---|
67 | public: |
---|
68 | nsSecurityNameSet(); |
---|
69 | virtual ~nsSecurityNameSet(); |
---|
70 | |
---|
71 | NS_DECL_ISUPPORTS |
---|
72 | |
---|
73 | NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext); |
---|
74 | }; |
---|
75 | |
---|
76 | nsSecurityNameSet::nsSecurityNameSet() |
---|
77 | { |
---|
78 | } |
---|
79 | |
---|
80 | nsSecurityNameSet::~nsSecurityNameSet() |
---|
81 | { |
---|
82 | } |
---|
83 | |
---|
84 | NS_IMPL_ISUPPORTS1(nsSecurityNameSet, nsIScriptExternalNameSet) |
---|
85 | |
---|
86 | static char * |
---|
87 | getStringArgument(JSContext *cx, JSObject *obj, PRUint16 argNum, uintN argc, jsval *argv) |
---|
88 | { |
---|
89 | if (argc <= argNum || !JSVAL_IS_STRING(argv[argNum])) { |
---|
90 | JS_ReportError(cx, "String argument expected"); |
---|
91 | return nsnull; |
---|
92 | } |
---|
93 | |
---|
94 | /* |
---|
95 | * We don't want to use JS_ValueToString because we want to be able |
---|
96 | * to have an object to represent a target in subsequent versions. |
---|
97 | */ |
---|
98 | JSString *str = JSVAL_TO_STRING(argv[argNum]); |
---|
99 | if (!str) |
---|
100 | return nsnull; |
---|
101 | |
---|
102 | return JS_GetStringBytes(str); |
---|
103 | } |
---|
104 | |
---|
105 | PR_STATIC_CALLBACK(JSBool) |
---|
106 | netscape_security_isPrivilegeEnabled(JSContext *cx, JSObject *obj, uintN argc, |
---|
107 | jsval *argv, jsval *rval) |
---|
108 | { |
---|
109 | JSBool result = JS_FALSE; |
---|
110 | char *cap = getStringArgument(cx, obj, 0, argc, argv); |
---|
111 | if (cap) { |
---|
112 | nsresult rv; |
---|
113 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
114 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
115 | if (NS_SUCCEEDED(rv)) { |
---|
116 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
117 | |
---|
118 | rv = securityManager->IsCapabilityEnabled(cap, &result); |
---|
119 | if (NS_FAILED(rv)) |
---|
120 | result = JS_FALSE; |
---|
121 | } |
---|
122 | } |
---|
123 | *rval = BOOLEAN_TO_JSVAL(result); |
---|
124 | return JS_TRUE; |
---|
125 | } |
---|
126 | |
---|
127 | |
---|
128 | PR_STATIC_CALLBACK(JSBool) |
---|
129 | netscape_security_enablePrivilege(JSContext *cx, JSObject *obj, uintN argc, |
---|
130 | jsval *argv, jsval *rval) |
---|
131 | { |
---|
132 | char *cap = getStringArgument(cx, obj, 0, argc, argv); |
---|
133 | if (!cap) |
---|
134 | return JS_FALSE; |
---|
135 | |
---|
136 | nsresult rv; |
---|
137 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
138 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
139 | if (NS_FAILED(rv)) |
---|
140 | return JS_FALSE; |
---|
141 | |
---|
142 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
143 | |
---|
144 | rv = securityManager->EnableCapability(cap); |
---|
145 | if (NS_FAILED(rv)) |
---|
146 | return JS_FALSE; |
---|
147 | return JS_TRUE; |
---|
148 | } |
---|
149 | |
---|
150 | PR_STATIC_CALLBACK(JSBool) |
---|
151 | netscape_security_disablePrivilege(JSContext *cx, JSObject *obj, uintN argc, |
---|
152 | jsval *argv, jsval *rval) |
---|
153 | { |
---|
154 | char *cap = getStringArgument(cx, obj, 0, argc, argv); |
---|
155 | if (!cap) |
---|
156 | return JS_FALSE; |
---|
157 | |
---|
158 | nsresult rv; |
---|
159 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
160 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
161 | if (NS_FAILED(rv)) |
---|
162 | return JS_FALSE; |
---|
163 | |
---|
164 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
165 | |
---|
166 | rv = securityManager->DisableCapability(cap); |
---|
167 | if (NS_FAILED(rv)) |
---|
168 | return JS_FALSE; |
---|
169 | return JS_TRUE; |
---|
170 | } |
---|
171 | |
---|
172 | PR_STATIC_CALLBACK(JSBool) |
---|
173 | netscape_security_revertPrivilege(JSContext *cx, JSObject *obj, uintN argc, |
---|
174 | jsval *argv, jsval *rval) |
---|
175 | { |
---|
176 | char *cap = getStringArgument(cx, obj, 0, argc, argv); |
---|
177 | if (!cap) |
---|
178 | return JS_FALSE; |
---|
179 | |
---|
180 | nsresult rv; |
---|
181 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
182 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
183 | if (NS_FAILED(rv)) |
---|
184 | return JS_FALSE; |
---|
185 | |
---|
186 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
187 | |
---|
188 | rv = securityManager->RevertCapability(cap); |
---|
189 | if (NS_FAILED(rv)) |
---|
190 | return JS_FALSE; |
---|
191 | return JS_TRUE; |
---|
192 | } |
---|
193 | |
---|
194 | PR_STATIC_CALLBACK(JSBool) |
---|
195 | netscape_security_setCanEnablePrivilege(JSContext *cx, JSObject *obj, uintN argc, |
---|
196 | jsval *argv, jsval *rval) |
---|
197 | { |
---|
198 | if (argc < 2) return JS_FALSE; |
---|
199 | char *principalID = getStringArgument(cx, obj, 0, argc, argv); |
---|
200 | char *cap = getStringArgument(cx, obj, 1, argc, argv); |
---|
201 | if (!principalID || !cap) |
---|
202 | return JS_FALSE; |
---|
203 | |
---|
204 | nsresult rv; |
---|
205 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
206 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
207 | if (NS_FAILED(rv)) |
---|
208 | return JS_FALSE; |
---|
209 | |
---|
210 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
211 | |
---|
212 | rv = securityManager->SetCanEnableCapability(principalID, cap, |
---|
213 | nsIPrincipal::ENABLE_GRANTED); |
---|
214 | if (NS_FAILED(rv)) |
---|
215 | return JS_FALSE; |
---|
216 | return JS_TRUE; |
---|
217 | } |
---|
218 | |
---|
219 | PR_STATIC_CALLBACK(JSBool) |
---|
220 | netscape_security_invalidate(JSContext *cx, JSObject *obj, uintN argc, |
---|
221 | jsval *argv, jsval *rval) |
---|
222 | { |
---|
223 | char *principalID = getStringArgument(cx, obj, 0, argc, argv); |
---|
224 | if (!principalID) |
---|
225 | return JS_FALSE; |
---|
226 | |
---|
227 | nsresult rv; |
---|
228 | nsCOMPtr<nsIScriptSecurityManager> securityManager = |
---|
229 | do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); |
---|
230 | if (NS_FAILED(rv)) |
---|
231 | return JS_FALSE; |
---|
232 | |
---|
233 | // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context"); |
---|
234 | |
---|
235 | rv = securityManager->SetCanEnableCapability(principalID, |
---|
236 | nsPrincipal::sInvalid, |
---|
237 | nsIPrincipal::ENABLE_GRANTED); |
---|
238 | if (NS_FAILED(rv)) |
---|
239 | return JS_FALSE; |
---|
240 | return JS_TRUE; |
---|
241 | } |
---|
242 | |
---|
243 | static JSFunctionSpec PrivilegeManager_static_methods[] = { |
---|
244 | { "isPrivilegeEnabled", netscape_security_isPrivilegeEnabled, 1}, |
---|
245 | { "enablePrivilege", netscape_security_enablePrivilege, 1}, |
---|
246 | { "disablePrivilege", netscape_security_disablePrivilege, 1}, |
---|
247 | { "revertPrivilege", netscape_security_revertPrivilege, 1}, |
---|
248 | //-- System Cert Functions |
---|
249 | { "setCanEnablePrivilege", netscape_security_setCanEnablePrivilege, 2}, |
---|
250 | { "invalidate", netscape_security_invalidate, 1}, |
---|
251 | {0} |
---|
252 | }; |
---|
253 | |
---|
254 | /* |
---|
255 | * "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege, |
---|
256 | * et. al. so that code that worked with 4.0 can still work. |
---|
257 | */ |
---|
258 | NS_IMETHODIMP |
---|
259 | nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext) |
---|
260 | { |
---|
261 | JSContext *cx = (JSContext *) aScriptContext->GetNativeContext(); |
---|
262 | JSObject *global = JS_GetGlobalObject(cx); |
---|
263 | |
---|
264 | /* |
---|
265 | * Find Object.prototype's class by walking up the global object's |
---|
266 | * prototype chain. |
---|
267 | */ |
---|
268 | JSObject *obj = global; |
---|
269 | JSObject *proto; |
---|
270 | while ((proto = JS_GetPrototype(cx, obj)) != nsnull) |
---|
271 | obj = proto; |
---|
272 | JSClass *objectClass = JS_GetClass(cx, obj); |
---|
273 | |
---|
274 | jsval v; |
---|
275 | if (!JS_GetProperty(cx, global, "netscape", &v)) |
---|
276 | return NS_ERROR_FAILURE; |
---|
277 | JSObject *securityObj; |
---|
278 | if (JSVAL_IS_OBJECT(v)) { |
---|
279 | /* |
---|
280 | * "netscape" property of window object exists; must be LiveConnect |
---|
281 | * package. Get the "security" property. |
---|
282 | */ |
---|
283 | obj = JSVAL_TO_OBJECT(v); |
---|
284 | if (!JS_GetProperty(cx, obj, "security", &v) || !JSVAL_IS_OBJECT(v)) |
---|
285 | return NS_ERROR_FAILURE; |
---|
286 | securityObj = JSVAL_TO_OBJECT(v); |
---|
287 | } else { |
---|
288 | /* define netscape.security object */ |
---|
289 | obj = JS_DefineObject(cx, global, "netscape", objectClass, nsnull, 0); |
---|
290 | if (obj == nsnull) |
---|
291 | return NS_ERROR_FAILURE; |
---|
292 | securityObj = JS_DefineObject(cx, obj, "security", objectClass, |
---|
293 | nsnull, 0); |
---|
294 | if (securityObj == nsnull) |
---|
295 | return NS_ERROR_FAILURE; |
---|
296 | } |
---|
297 | |
---|
298 | /* Define PrivilegeManager object with the necessary "static" methods. */ |
---|
299 | obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass, |
---|
300 | nsnull, 0); |
---|
301 | if (obj == nsnull) |
---|
302 | return NS_ERROR_FAILURE; |
---|
303 | |
---|
304 | return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods) |
---|
305 | ? NS_OK |
---|
306 | : NS_ERROR_FAILURE; |
---|
307 | } |
---|
308 | |
---|
309 | |
---|
310 | |
---|
311 | NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal) |
---|
312 | NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet) |
---|
313 | NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal, |
---|
314 | nsScriptSecurityManager::SystemPrincipalSingletonConstructor) |
---|
315 | |
---|
316 | |
---|
317 | NS_DECL_CLASSINFO(nsPrincipal) |
---|
318 | NS_DECL_CLASSINFO(nsSystemPrincipal) |
---|
319 | |
---|
320 | |
---|
321 | static NS_IMETHODIMP |
---|
322 | Construct_nsIScriptSecurityManager(nsISupports *aOuter, REFNSIID aIID, |
---|
323 | void **aResult) |
---|
324 | { |
---|
325 | if (!aResult) |
---|
326 | return NS_ERROR_NULL_POINTER; |
---|
327 | *aResult = nsnull; |
---|
328 | if (aOuter) |
---|
329 | return NS_ERROR_NO_AGGREGATION; |
---|
330 | nsScriptSecurityManager *obj = nsScriptSecurityManager::GetScriptSecurityManager(); |
---|
331 | if (!obj) |
---|
332 | return NS_ERROR_OUT_OF_MEMORY; |
---|
333 | if (NS_FAILED(obj->QueryInterface(aIID, aResult))) |
---|
334 | return NS_ERROR_FAILURE; |
---|
335 | return NS_OK; |
---|
336 | } |
---|
337 | |
---|
338 | static NS_METHOD |
---|
339 | RegisterSecurityNameSet(nsIComponentManager *aCompMgr, |
---|
340 | nsIFile *aPath, |
---|
341 | const char *registryLocation, |
---|
342 | const char *componentType, |
---|
343 | const nsModuleComponentInfo *info) |
---|
344 | { |
---|
345 | nsresult rv = NS_OK; |
---|
346 | |
---|
347 | nsCOMPtr<nsICategoryManager> catman = |
---|
348 | do_GetService(NS_CATEGORYMANAGER_CONTRACTID, &rv); |
---|
349 | |
---|
350 | if (NS_FAILED(rv)) |
---|
351 | return rv; |
---|
352 | |
---|
353 | nsXPIDLCString previous; |
---|
354 | rv = catman->AddCategoryEntry(JAVASCRIPT_GLOBAL_STATIC_NAMESET_CATEGORY, |
---|
355 | "PrivilegeManager", |
---|
356 | NS_SECURITYNAMESET_CONTRACTID, |
---|
357 | PR_TRUE, PR_TRUE, getter_Copies(previous)); |
---|
358 | NS_ENSURE_SUCCESS(rv, rv); |
---|
359 | |
---|
360 | rv = catman->AddCategoryEntry("app-startup", "Script Security Manager", |
---|
361 | "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID, |
---|
362 | PR_TRUE, PR_TRUE, |
---|
363 | getter_Copies(previous)); |
---|
364 | NS_ENSURE_SUCCESS(rv, rv); |
---|
365 | |
---|
366 | return rv; |
---|
367 | } |
---|
368 | |
---|
369 | |
---|
370 | static const nsModuleComponentInfo capsComponentInfo[] = |
---|
371 | { |
---|
372 | { NS_SCRIPTSECURITYMANAGER_CLASSNAME, |
---|
373 | NS_SCRIPTSECURITYMANAGER_CID, |
---|
374 | NS_SCRIPTSECURITYMANAGER_CONTRACTID, |
---|
375 | Construct_nsIScriptSecurityManager, |
---|
376 | RegisterSecurityNameSet, |
---|
377 | nsnull, |
---|
378 | nsnull, |
---|
379 | nsnull, |
---|
380 | nsnull, |
---|
381 | nsnull, |
---|
382 | nsIClassInfo::MAIN_THREAD_ONLY |
---|
383 | }, |
---|
384 | |
---|
385 | { NS_PRINCIPAL_CLASSNAME, |
---|
386 | NS_PRINCIPAL_CID, |
---|
387 | NS_PRINCIPAL_CONTRACTID, |
---|
388 | nsPrincipalConstructor, |
---|
389 | nsnull, |
---|
390 | nsnull, |
---|
391 | nsnull, |
---|
392 | NS_CI_INTERFACE_GETTER_NAME(nsPrincipal), |
---|
393 | nsnull, |
---|
394 | &NS_CLASSINFO_NAME(nsPrincipal), |
---|
395 | nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO |
---|
396 | }, |
---|
397 | |
---|
398 | { NS_SYSTEMPRINCIPAL_CLASSNAME, |
---|
399 | NS_SYSTEMPRINCIPAL_CID, |
---|
400 | NS_SYSTEMPRINCIPAL_CONTRACTID, |
---|
401 | nsSystemPrincipalConstructor, |
---|
402 | nsnull, |
---|
403 | nsnull, |
---|
404 | nsnull, |
---|
405 | NS_CI_INTERFACE_GETTER_NAME(nsSystemPrincipal), |
---|
406 | nsnull, |
---|
407 | &NS_CLASSINFO_NAME(nsSystemPrincipal), |
---|
408 | nsIClassInfo::SINGLETON | nsIClassInfo::MAIN_THREAD_ONLY | |
---|
409 | nsIClassInfo::EAGER_CLASSINFO |
---|
410 | }, |
---|
411 | |
---|
412 | { "Security Script Name Set", |
---|
413 | NS_SECURITYNAMESET_CID, |
---|
414 | NS_SECURITYNAMESET_CONTRACTID, |
---|
415 | nsSecurityNameSetConstructor, |
---|
416 | nsnull, |
---|
417 | nsnull, |
---|
418 | nsnull, |
---|
419 | nsnull, |
---|
420 | nsnull, |
---|
421 | nsnull, |
---|
422 | nsIClassInfo::MAIN_THREAD_ONLY |
---|
423 | } |
---|
424 | }; |
---|
425 | |
---|
426 | |
---|
427 | void PR_CALLBACK |
---|
428 | CapsModuleDtor(nsIModule* thisModules) |
---|
429 | { |
---|
430 | nsScriptSecurityManager::Shutdown(); |
---|
431 | } |
---|
432 | |
---|
433 | NS_IMPL_NSGETMODULE_WITH_DTOR(nsSecurityManagerModule, capsComponentInfo, |
---|
434 | CapsModuleDtor) |
---|
435 | |
---|