1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=2 sw=2 et tw=80: */
3 /* ***** BEGIN LICENSE BLOCK *****
4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * The contents of this file are subject to the Mozilla Public License Version
7 * 1.1 (the "License"); you may not use this file except in compliance with
8 * the License. You may obtain a copy of the License at
9 * http://www.mozilla.org/MPL/
11 * Software distributed under the License is distributed on an "AS IS" basis,
12 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13 * for the specific language governing rights and limitations under the
16 * The Original Code is mozilla.org code.
18 * The Initial Developer of the Original Code is
19 * Netscape Communications Corporation.
20 * Portions created by the Initial Developer are Copyright (C) 2003
21 * the Initial Developer. All Rights Reserved.
24 * Christopher A. Aillon <christopher@aillon.com>
25 * Giorgio Maone <g.maone@informaction.com>
27 * Alternatively, the contents of this file may be used under the terms of
28 * either the GNU General Public License Version 2 or later (the "GPL"), or
29 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
30 * in which case the provisions of the GPL or the LGPL are applicable instead
31 * of those above. If you wish to allow use of your version of this file only
32 * under the terms of either the GPL or the LGPL, and not to allow others to
33 * use your version of this file under the terms of the MPL, indicate your
34 * decision by deleting the provisions above and replace them with the notice
35 * and other provisions required by the GPL or the LGPL. If you do not delete
36 * the provisions above, a recipient may use your version of this file under
37 * the terms of any one of the MPL, the GPL or the LGPL.
39 * ***** END LICENSE BLOCK ***** */
42 #include "nsScriptSecurityManager.h"
44 #include "nsReadableUtils.h"
48 #include "nsIFileURL.h"
49 #include "nsIProtocolHandler.h"
50 #include "nsNetUtil.h"
51 #include "nsJSPrincipals.h"
52 #include "nsVoidArray.h"
53 #include "nsHashtable.h"
54 #include "nsIObjectInputStream.h"
55 #include "nsIObjectOutputStream.h"
56 #include "nsIPrefBranch.h"
57 #include "nsIPrefService.h"
58 #include "nsIClassInfoImpl.h"
59 #include "nsDOMError.h"
61 #include "nsPrincipal.h"
63 static PRBool
URIIsImmutable(nsIURI
* aURI
)
65 nsCOMPtr
<nsIMutable
> mutableObj(do_QueryInterface(aURI
));
69 NS_SUCCEEDED(mutableObj
->GetMutable(&isMutable
)) &&
73 // Static member variables
74 PRInt32
nsPrincipal::sCapabilitiesOrdinal
= 0;
75 const char nsPrincipal::sInvalid
[] = "Invalid";
78 NS_IMPL_QUERY_INTERFACE2_CI(nsPrincipal
,
81 NS_IMPL_CI_INTERFACE_GETTER2(nsPrincipal
,
85 NS_IMETHODIMP_(nsrefcnt
)
88 NS_PRECONDITION(PRInt32(mJSPrincipals
.refcount
) >= 0, "illegal refcnt");
89 // XXXcaa does this need to be threadsafe? See bug 143559.
90 nsrefcnt count
= PR_AtomicIncrement((PRInt32
*)&mJSPrincipals
.refcount
);
91 NS_LOG_ADDREF(this, count
, "nsPrincipal", sizeof(*this));
95 NS_IMETHODIMP_(nsrefcnt
)
96 nsPrincipal::Release()
98 NS_PRECONDITION(0 != mJSPrincipals
.refcount
, "dup release");
99 nsrefcnt count
= PR_AtomicDecrement((PRInt32
*)&mJSPrincipals
.refcount
);
100 NS_LOG_RELEASE(this, count
, "nsPrincipal");
102 NS_DELETEXPCOM(this);
108 nsPrincipal::nsPrincipal()
109 : mCapabilities(nsnull
),
110 mSecurityPolicy(nsnull
),
112 mInitialized(PR_FALSE
),
113 mCodebaseImmutable(PR_FALSE
),
114 mDomainImmutable(PR_FALSE
)
119 nsPrincipal::Init(const nsACString
& aCertFingerprint
,
120 const nsACString
& aSubjectName
,
121 const nsACString
& aPrettyName
,
125 NS_ENSURE_STATE(!mInitialized
);
126 NS_ENSURE_ARG(!aCertFingerprint
.IsEmpty() || aCodebase
); // better have one of these.
128 mInitialized
= PR_TRUE
;
130 mCodebase
= NS_TryToMakeImmutable(aCodebase
);
131 mCodebaseImmutable
= URIIsImmutable(mCodebase
);
134 if (!aCertFingerprint
.IsEmpty()) {
135 rv
= SetCertificate(aCertFingerprint
, aSubjectName
, aPrettyName
, aCert
);
136 if (NS_SUCCEEDED(rv
)) {
137 rv
= mJSPrincipals
.Init(this, mCert
->fingerprint
);
142 rv
= mCodebase
->GetSpec(spec
);
143 if (NS_SUCCEEDED(rv
)) {
144 rv
= mJSPrincipals
.Init(this, spec
);
148 NS_ASSERTION(NS_SUCCEEDED(rv
), "nsPrincipal::Init() failed");
153 nsPrincipal::~nsPrincipal(void)
155 SetSecurityPolicy(nsnull
);
156 delete mCapabilities
;
160 nsPrincipal::GetJSPrincipals(JSContext
*cx
, JSPrincipals
**jsprin
)
162 NS_PRECONDITION(mJSPrincipals
.nsIPrincipalPtr
, "mJSPrincipals is uninitialized!");
164 JSPRINCIPALS_HOLD(cx
, &mJSPrincipals
);
165 *jsprin
= &mJSPrincipals
;
170 nsPrincipal::GetOrigin(char **aOrigin
)
174 nsCOMPtr
<nsIURI
> origin
;
176 origin
= NS_GetInnermostURI(mCodebase
);
180 NS_ASSERTION(mCert
, "No Domain or Codebase for a non-cert principal");
181 return NS_ERROR_FAILURE
;
184 nsCAutoString hostPort
;
186 // chrome: URLs don't have a meaningful origin, so make
187 // sure we just get the full spec for them.
188 // XXX this should be removed in favor of the solution in
191 nsresult rv
= origin
->SchemeIs("chrome", &isChrome
);
192 if (NS_SUCCEEDED(rv
) && !isChrome
) {
193 rv
= origin
->GetHostPort(hostPort
);
196 if (NS_SUCCEEDED(rv
) && !isChrome
) {
197 nsCAutoString scheme
;
198 rv
= origin
->GetScheme(scheme
);
199 NS_ENSURE_SUCCESS(rv
, rv
);
200 *aOrigin
= ToNewCString(scheme
+ NS_LITERAL_CSTRING("://") + hostPort
);
203 // Some URIs (e.g., nsSimpleURI) don't support host. Just
204 // get the full spec.
206 rv
= origin
->GetSpec(spec
);
207 NS_ENSURE_SUCCESS(rv
, rv
);
208 *aOrigin
= ToNewCString(spec
);
211 return *aOrigin
? NS_OK
: NS_ERROR_OUT_OF_MEMORY
;
215 nsPrincipal::GetSecurityPolicy(void** aSecurityPolicy
)
217 if (mSecurityPolicy
&& mSecurityPolicy
->IsInvalid())
218 SetSecurityPolicy(nsnull
);
220 *aSecurityPolicy
= (void *) mSecurityPolicy
;
225 nsPrincipal::SetSecurityPolicy(void* aSecurityPolicy
)
227 DomainPolicy
*newPolicy
= reinterpret_cast<DomainPolicy
*>(aSecurityPolicy
);
232 mSecurityPolicy
->Drop();
234 mSecurityPolicy
= newPolicy
;
239 nsPrincipal::Equals(nsIPrincipal
*aOther
, PRBool
*aResult
)
244 NS_WARNING("Need a principal to compare this to!");
248 if (this != aOther
) {
250 aOther
->GetHasCertificate(&otherHasCert
);
251 if (otherHasCert
!= (mCert
!= nsnull
)) {
252 // One has a cert while the other doesn't. Not equal.
258 aOther
->GetFingerprint(str
);
259 *aResult
= str
.Equals(mCert
->fingerprint
);
261 // If either subject name is empty, just let the result stand (so that
262 // nsScriptSecurityManager::SetCanEnableCapability works), but if they're
263 // both non-empty, only claim equality if they're equal.
264 if (*aResult
&& !mCert
->subjectName
.IsEmpty()) {
265 // Check the other principal's subject name
266 aOther
->GetSubjectName(str
);
267 *aResult
= str
.Equals(mCert
->subjectName
) || str
.IsEmpty();
274 // If either principal has no URI, it's the saved principal from
275 // preferences; in that case, test true. Do NOT test true if the two
276 // principals have URIs with different codebases.
277 nsCOMPtr
<nsIURI
> otherURI
;
278 nsresult rv
= aOther
->GetURI(getter_AddRefs(otherURI
));
284 if (!otherURI
|| !mCodebase
) {
288 // Fall through to the codebase comparison.
291 // Codebases are equal if they have the same origin.
293 NS_SUCCEEDED(nsScriptSecurityManager::CheckSameOriginPrincipal(this,
304 nsPrincipal::Subsumes(nsIPrincipal
*aOther
, PRBool
*aResult
)
306 return Equals(aOther
, aResult
);
310 URIIsLocalFile(nsIURI
*aURI
)
313 nsCOMPtr
<nsINetUtil
> util
= do_GetIOService();
315 return util
&& NS_SUCCEEDED(util
->ProtocolHasFlags(aURI
,
316 nsIProtocolHandler::URI_IS_LOCAL_FILE
,
322 nsPrincipal::CheckMayLoad(nsIURI
* aURI
, PRBool aReport
)
324 if (!nsScriptSecurityManager::SecurityCompareURIs(mCodebase
, aURI
)) {
325 if (nsScriptSecurityManager::GetStrictFileOriginPolicy() &&
326 URIIsLocalFile(aURI
)) {
327 nsCOMPtr
<nsIFileURL
> fileURL(do_QueryInterface(aURI
));
329 if (!URIIsLocalFile(mCodebase
)) {
330 // If the codebase is not also a file: uri then forget it
331 // (don't want resource: principals in a file: doc)
333 // note: we're not de-nesting jar: uris here, we want to
334 // keep archive content bottled up in its own little island
337 nsScriptSecurityManager::ReportError(
338 nsnull
, NS_LITERAL_STRING("CheckSameOriginError"), mCodebase
, aURI
);
341 return NS_ERROR_DOM_BAD_URI
;
345 // pull out the internal files
347 nsCOMPtr
<nsIFileURL
> codebaseFileURL(do_QueryInterface(mCodebase
));
348 nsCOMPtr
<nsIFile
> targetFile
;
349 nsCOMPtr
<nsIFile
> codebaseFile
;
352 // Make sure targetFile is not a directory (bug 209234)
353 // and that it exists w/out unescaping (bug 395343)
355 if (!codebaseFileURL
|| !fileURL
||
356 NS_FAILED(fileURL
->GetFile(getter_AddRefs(targetFile
))) ||
357 NS_FAILED(codebaseFileURL
->GetFile(getter_AddRefs(codebaseFile
))) ||
358 !targetFile
|| !codebaseFile
||
359 NS_FAILED(targetFile
->Normalize()) ||
360 NS_FAILED(codebaseFile
->Normalize()) ||
361 NS_FAILED(targetFile
->IsDirectory(&targetIsDir
)) ||
364 nsScriptSecurityManager::ReportError(
365 nsnull
, NS_LITERAL_STRING("CheckSameOriginError"), mCodebase
, aURI
);
368 return NS_ERROR_DOM_BAD_URI
;
372 // If the file to be loaded is in a subdirectory of the codebase
373 // (or same-dir if codebase is not a directory) then it will
374 // inherit its codebase principal and be scriptable by that codebase.
376 PRBool codebaseIsDir
;
377 PRBool contained
= PR_FALSE
;
378 nsresult rv
= codebaseFile
->IsDirectory(&codebaseIsDir
);
379 if (NS_SUCCEEDED(rv
) && codebaseIsDir
) {
380 rv
= codebaseFile
->Contains(targetFile
, PR_TRUE
, &contained
);
383 nsCOMPtr
<nsIFile
> codebaseParent
;
384 rv
= codebaseFile
->GetParent(getter_AddRefs(codebaseParent
));
385 if (NS_SUCCEEDED(rv
) && codebaseParent
) {
386 rv
= codebaseParent
->Contains(targetFile
, PR_TRUE
, &contained
);
390 if (NS_SUCCEEDED(rv
) && contained
) {
396 nsScriptSecurityManager::ReportError(
397 nsnull
, NS_LITERAL_STRING("CheckSameOriginError"), mCodebase
, aURI
);
400 return NS_ERROR_DOM_BAD_URI
;
407 nsPrincipal::CanEnableCapability(const char *capability
, PRInt16
*result
)
409 // If this principal is marked invalid, can't enable any capabilities
411 nsCStringKey
invalidKey(sInvalid
);
412 if (mCapabilities
->Exists(&invalidKey
)) {
413 *result
= nsIPrincipal::ENABLE_DENIED
;
419 if (!mCert
&& !mTrusted
) {
420 NS_ASSERTION(mInitialized
, "Trying to enable a capability on an "
421 "uninitialized principal");
423 // If we are a non-trusted codebase principal, capabilities can not
424 // be enabled if the user has not set the pref allowing scripts to
425 // request enhanced capabilities; however, the file: and resource:
426 // schemes are special and may be able to get extra capabilities
427 // even with the pref disabled.
429 static const char pref
[] = "signed.applets.codebase_principal_support";
430 nsCOMPtr
<nsIPrefBranch
> prefBranch
=
431 do_GetService(NS_PREFSERVICE_CONTRACTID
);
434 nsresult rv
= prefBranch
->GetBoolPref(pref
, &mightEnable
);
435 if (NS_FAILED(rv
) || !mightEnable
) {
436 rv
= mCodebase
->SchemeIs("file", &mightEnable
);
437 if (NS_FAILED(rv
) || !mightEnable
) {
438 rv
= mCodebase
->SchemeIs("resource", &mightEnable
);
439 if (NS_FAILED(rv
) || !mightEnable
) {
440 *result
= nsIPrincipal::ENABLE_DENIED
;
449 const char *start
= capability
;
450 *result
= nsIPrincipal::ENABLE_GRANTED
;
452 const char *space
= PL_strchr(start
, ' ');
453 PRInt32 len
= space
? space
- start
: strlen(start
);
454 nsCAutoString
capString(start
, len
);
455 nsCStringKey
key(capString
);
457 mCapabilities
? (PRInt16
)NS_PTR_TO_INT32(mCapabilities
->Get(&key
)) : 0;
458 if (value
== 0 || value
== nsIPrincipal::ENABLE_UNKNOWN
) {
459 // We don't know whether we can enable this capability,
460 // so we should ask the user.
461 value
= nsIPrincipal::ENABLE_WITH_USER_PERMISSION
;
464 if (value
< *result
) {
479 nsPrincipal::SetCanEnableCapability(const char *capability
,
482 // If this principal is marked invalid, can't enable any capabilities
483 if (!mCapabilities
) {
484 mCapabilities
= new nsHashtable(7); // XXXbz gets bumped up to 16 anyway
485 NS_ENSURE_TRUE(mCapabilities
, NS_ERROR_OUT_OF_MEMORY
);
488 nsCStringKey
invalidKey(sInvalid
);
489 if (mCapabilities
->Exists(&invalidKey
)) {
493 if (PL_strcmp(capability
, sInvalid
) == 0) {
494 mCapabilities
->Reset();
497 const char *start
= capability
;
499 const char *space
= PL_strchr(start
, ' ');
500 int len
= space
? space
- start
: strlen(start
);
501 nsCAutoString
capString(start
, len
);
502 nsCStringKey
key(capString
);
503 mCapabilities
->Put(&key
, NS_INT32_TO_PTR(canEnable
));
515 nsPrincipal::IsCapabilityEnabled(const char *capability
, void *annotation
,
519 nsHashtable
*ht
= (nsHashtable
*) annotation
;
523 const char *start
= capability
;
525 const char *space
= PL_strchr(start
, ' ');
526 int len
= space
? space
- start
: strlen(start
);
527 nsCAutoString
capString(start
, len
);
528 nsCStringKey
key(capString
);
529 *result
= (ht
->Get(&key
) == (void *) AnnotationEnabled
);
531 // If any single capability is not enabled, then return false.
546 nsPrincipal::EnableCapability(const char *capability
, void **annotation
)
548 return SetCapability(capability
, annotation
, AnnotationEnabled
);
552 nsPrincipal::DisableCapability(const char *capability
, void **annotation
)
554 return SetCapability(capability
, annotation
, AnnotationDisabled
);
558 nsPrincipal::RevertCapability(const char *capability
, void **annotation
)
561 nsHashtable
*ht
= (nsHashtable
*) *annotation
;
562 const char *start
= capability
;
564 const char *space
= PL_strchr(start
, ' ');
565 int len
= space
? space
- start
: strlen(start
);
566 nsCAutoString
capString(start
, len
);
567 nsCStringKey
key(capString
);
580 nsPrincipal::SetCapability(const char *capability
, void **annotation
,
581 AnnotationValue value
)
583 if (*annotation
== nsnull
) {
584 nsHashtable
* ht
= new nsHashtable(5);
587 return NS_ERROR_OUT_OF_MEMORY
;
590 // This object owns its annotations. Save them so we can release
591 // them when we destroy this object.
592 if (!mAnnotations
.AppendElement(ht
)) {
594 return NS_ERROR_OUT_OF_MEMORY
;
600 const char *start
= capability
;
602 const char *space
= PL_strchr(start
, ' ');
603 int len
= space
? space
- start
: strlen(start
);
604 nsCAutoString
capString(start
, len
);
605 nsCStringKey
key(capString
);
606 nsHashtable
*ht
= static_cast<nsHashtable
*>(*annotation
);
607 ht
->Put(&key
, (void *) value
);
619 nsPrincipal::GetHasCertificate(PRBool
* aResult
)
621 *aResult
= (mCert
!= nsnull
);
627 nsPrincipal::GetURI(nsIURI
** aURI
)
629 if (mCodebaseImmutable
) {
630 NS_ADDREF(*aURI
= mCodebase
);
639 return NS_EnsureSafeToReturn(mCodebase
, aURI
);
643 nsPrincipal::SetURI(nsIURI
* aURI
)
645 mCodebase
= NS_TryToMakeImmutable(aURI
);
646 mCodebaseImmutable
= URIIsImmutable(mCodebase
);
651 nsPrincipal::SetCertificate(const nsACString
& aFingerprint
,
652 const nsACString
& aSubjectName
,
653 const nsACString
& aPrettyName
,
656 NS_ENSURE_STATE(!mCert
);
658 if (aFingerprint
.IsEmpty()) {
659 return NS_ERROR_INVALID_ARG
;
662 mCert
= new Certificate(aFingerprint
, aSubjectName
, aPrettyName
, aCert
);
664 return NS_ERROR_OUT_OF_MEMORY
;
671 nsPrincipal::GetFingerprint(nsACString
& aFingerprint
)
673 NS_ENSURE_STATE(mCert
);
675 aFingerprint
= mCert
->fingerprint
;
681 nsPrincipal::GetPrettyName(nsACString
& aName
)
683 NS_ENSURE_STATE(mCert
);
685 aName
= mCert
->prettyName
;
691 nsPrincipal::GetSubjectName(nsACString
& aName
)
693 NS_ENSURE_STATE(mCert
);
695 aName
= mCert
->subjectName
;
701 nsPrincipal::GetCertificate(nsISupports
** aCertificate
)
704 NS_IF_ADDREF(*aCertificate
= mCert
->cert
);
707 *aCertificate
= nsnull
;
713 nsPrincipal::GetHashValue(PRUint32
* aValue
)
715 NS_PRECONDITION(mCert
|| mCodebase
, "Need a cert or codebase");
717 // If there is a certificate, it takes precendence over the codebase.
719 *aValue
= nsCRT::HashCode(mCert
->fingerprint
.get());
723 mCodebase
->GetSpec(str
);
724 *aValue
= nsCRT::HashCode(str
.get());
731 nsPrincipal::GetDomain(nsIURI
** aDomain
)
738 if (mDomainImmutable
) {
739 NS_ADDREF(*aDomain
= mDomain
);
743 return NS_EnsureSafeToReturn(mDomain
, aDomain
);
747 nsPrincipal::SetDomain(nsIURI
* aDomain
)
749 mDomain
= NS_TryToMakeImmutable(aDomain
);
750 mDomainImmutable
= URIIsImmutable(mDomain
);
752 // Domain has changed, forget cached security policy
753 SetSecurityPolicy(nsnull
);
759 nsPrincipal::InitFromPersistent(const char* aPrefName
,
760 const nsCString
& aToken
,
761 const nsCString
& aSubjectName
,
762 const nsACString
& aPrettyName
,
763 const char* aGrantedList
,
764 const char* aDeniedList
,
769 NS_PRECONDITION(!mCapabilities
|| mCapabilities
->Count() == 0,
770 "mCapabilities was already initialized?");
771 NS_PRECONDITION(mAnnotations
.Length() == 0,
772 "mAnnotations was already initialized?");
773 NS_PRECONDITION(!mInitialized
, "We were already initialized?");
775 mInitialized
= PR_TRUE
;
779 rv
= SetCertificate(aToken
, aSubjectName
, aPrettyName
, aCert
);
786 rv
= NS_NewURI(getter_AddRefs(mCodebase
), aToken
, nsnull
);
788 NS_ERROR("Malformed URI in capability.principal preference.");
792 NS_TryToSetImmutable(mCodebase
);
793 mCodebaseImmutable
= URIIsImmutable(mCodebase
);
798 rv
= mJSPrincipals
.Init(this, aToken
);
799 NS_ENSURE_SUCCESS(rv
, rv
);
801 //-- Save the preference name
802 mPrefName
= aPrefName
;
804 const char* ordinalBegin
= PL_strpbrk(aPrefName
, "1234567890");
806 PRIntn n
= atoi(ordinalBegin
);
807 if (sCapabilitiesOrdinal
<= n
) {
808 sCapabilitiesOrdinal
= n
+ 1;
812 //-- Store the capabilities
815 rv
= SetCanEnableCapability(aGrantedList
, nsIPrincipal::ENABLE_GRANTED
);
818 if (NS_SUCCEEDED(rv
) && aDeniedList
) {
819 rv
= SetCanEnableCapability(aDeniedList
, nsIPrincipal::ENABLE_DENIED
);
826 nsPrincipal::EnsureCertData(const nsACString
& aSubjectName
,
827 const nsACString
& aPrettyName
,
830 NS_ENSURE_STATE(mCert
);
832 if (!mCert
->subjectName
.IsEmpty() &&
833 !mCert
->subjectName
.Equals(aSubjectName
)) {
834 return NS_ERROR_INVALID_ARG
;
837 mCert
->subjectName
= aSubjectName
;
838 mCert
->prettyName
= aPrettyName
;
843 struct CapabilityList
849 PR_STATIC_CALLBACK(PRBool
)
850 AppendCapability(nsHashKey
*aKey
, void *aData
, void *capListPtr
)
852 CapabilityList
* capList
= (CapabilityList
*)capListPtr
;
853 PRInt16 value
= (PRInt16
)NS_PTR_TO_INT32(aData
);
854 nsCStringKey
* key
= (nsCStringKey
*)aKey
;
855 if (value
== nsIPrincipal::ENABLE_GRANTED
) {
856 capList
->granted
->Append(key
->GetString(), key
->GetStringLength());
857 capList
->granted
->Append(' ');
859 else if (value
== nsIPrincipal::ENABLE_DENIED
) {
860 capList
->denied
->Append(key
->GetString(), key
->GetStringLength());
861 capList
->denied
->Append(' ');
868 nsPrincipal::GetPreferences(char** aPrefName
, char** aID
,
870 char** aGrantedList
, char** aDeniedList
,
873 if (mPrefName
.IsEmpty()) {
875 mPrefName
.Assign("capability.principal.certificate.p");
878 mPrefName
.Assign("capability.principal.codebase.p");
881 mPrefName
.AppendInt(sCapabilitiesOrdinal
++);
882 mPrefName
.Append(".id");
887 *aSubjectName
= nsnull
;
888 *aGrantedList
= nsnull
;
889 *aDeniedList
= nsnull
;
890 *aIsTrusted
= mTrusted
;
892 char *prefName
= nsnull
;
894 char *subjectName
= nsnull
;
895 char *granted
= nsnull
;
896 char *denied
= nsnull
;
899 prefName
= ToNewCString(mPrefName
);
901 return NS_ERROR_OUT_OF_MEMORY
;
907 id
= ToNewCString(mCert
->fingerprint
);
909 rv
= NS_ERROR_OUT_OF_MEMORY
;
917 nsMemory::Free(prefName
);
922 subjectName
= ToNewCString(mCert
->subjectName
);
924 subjectName
= ToNewCString(EmptyCString());
928 nsMemory::Free(prefName
);
930 return NS_ERROR_OUT_OF_MEMORY
;
934 nsCAutoString grantedListStr
, deniedListStr
;
936 CapabilityList capList
= CapabilityList();
937 capList
.granted
= &grantedListStr
;
938 capList
.denied
= &deniedListStr
;
939 mCapabilities
->Enumerate(AppendCapability
, (void*)&capList
);
942 if (!grantedListStr
.IsEmpty()) {
943 grantedListStr
.Truncate(grantedListStr
.Length() - 1);
944 granted
= ToNewCString(grantedListStr
);
946 nsMemory::Free(prefName
);
948 nsMemory::Free(subjectName
);
949 return NS_ERROR_OUT_OF_MEMORY
;
953 if (!deniedListStr
.IsEmpty()) {
954 deniedListStr
.Truncate(deniedListStr
.Length() - 1);
955 denied
= ToNewCString(deniedListStr
);
957 nsMemory::Free(prefName
);
959 nsMemory::Free(subjectName
);
961 nsMemory::Free(granted
);
963 return NS_ERROR_OUT_OF_MEMORY
;
967 *aPrefName
= prefName
;
969 *aSubjectName
= subjectName
;
970 *aGrantedList
= granted
;
971 *aDeniedList
= denied
;
976 PR_STATIC_CALLBACK(nsresult
)
977 ReadAnnotationEntry(nsIObjectInputStream
* aStream
, nsHashKey
** aKey
,
981 nsCStringKey
* key
= new nsCStringKey(aStream
, &rv
);
987 rv
= aStream
->Read32(&value
);
994 *aData
= (void*) value
;
998 PR_STATIC_CALLBACK(void)
999 FreeAnnotationEntry(nsIObjectInputStream
* aStream
, nsHashKey
* aKey
,
1006 nsPrincipal::Read(nsIObjectInputStream
* aStream
)
1008 PRBool hasCapabilities
;
1009 nsresult rv
= aStream
->ReadBoolean(&hasCapabilities
);
1010 if (NS_SUCCEEDED(rv
) && hasCapabilities
) {
1011 mCapabilities
= new nsHashtable(aStream
, ReadAnnotationEntry
,
1012 FreeAnnotationEntry
, &rv
);
1013 NS_ENSURE_TRUE(mCapabilities
, NS_ERROR_OUT_OF_MEMORY
);
1016 if (NS_FAILED(rv
)) {
1020 rv
= NS_ReadOptionalCString(aStream
, mPrefName
);
1021 if (NS_FAILED(rv
)) {
1025 const char* ordinalBegin
= PL_strpbrk(mPrefName
.get(), "1234567890");
1027 PRIntn n
= atoi(ordinalBegin
);
1028 if (sCapabilitiesOrdinal
<= n
) {
1029 sCapabilitiesOrdinal
= n
+ 1;
1034 rv
= aStream
->ReadBoolean(&haveCert
);
1035 if (NS_FAILED(rv
)) {
1039 nsCString fingerprint
;
1040 nsCString subjectName
;
1041 nsCString prettyName
;
1042 nsCOMPtr
<nsISupports
> cert
;
1044 rv
= NS_ReadOptionalCString(aStream
, fingerprint
);
1045 if (NS_FAILED(rv
)) {
1049 rv
= NS_ReadOptionalCString(aStream
, subjectName
);
1050 if (NS_FAILED(rv
)) {
1054 rv
= NS_ReadOptionalCString(aStream
, prettyName
);
1055 if (NS_FAILED(rv
)) {
1059 rv
= aStream
->ReadObject(PR_TRUE
, getter_AddRefs(cert
));
1060 if (NS_FAILED(rv
)) {
1065 nsCOMPtr
<nsIURI
> codebase
;
1066 rv
= NS_ReadOptionalObject(aStream
, PR_TRUE
, getter_AddRefs(codebase
));
1067 if (NS_FAILED(rv
)) {
1071 rv
= Init(fingerprint
, subjectName
, prettyName
, cert
, codebase
);
1072 NS_ENSURE_SUCCESS(rv
, rv
);
1074 nsCOMPtr
<nsIURI
> domain
;
1075 rv
= NS_ReadOptionalObject(aStream
, PR_TRUE
, getter_AddRefs(domain
));
1076 if (NS_FAILED(rv
)) {
1082 rv
= aStream
->Read8(&mTrusted
);
1083 if (NS_FAILED(rv
)) {
1090 PR_STATIC_CALLBACK(nsresult
)
1091 WriteScalarValue(nsIObjectOutputStream
* aStream
, void* aData
)
1093 PRUint32 value
= NS_PTR_TO_INT32(aData
);
1095 return aStream
->Write32(value
);
1099 nsPrincipal::Write(nsIObjectOutputStream
* aStream
)
1101 NS_ENSURE_STATE(mCert
|| mCodebase
);
1103 // mAnnotations is transient data associated to specific JS stack frames. We
1104 // don't want to serialize that.
1106 PRBool hasCapabilities
= (mCapabilities
&& mCapabilities
->Count() > 0);
1107 nsresult rv
= aStream
->WriteBoolean(hasCapabilities
);
1108 if (NS_SUCCEEDED(rv
) && hasCapabilities
) {
1109 rv
= mCapabilities
->Write(aStream
, WriteScalarValue
);
1112 if (NS_FAILED(rv
)) {
1116 rv
= NS_WriteOptionalStringZ(aStream
, mPrefName
.get());
1117 if (NS_FAILED(rv
)) {
1121 rv
= aStream
->WriteBoolean(mCert
!= nsnull
);
1122 if (NS_FAILED(rv
)) {
1127 NS_ENSURE_STATE(mCert
->cert
);
1129 rv
= NS_WriteOptionalStringZ(aStream
, mCert
->fingerprint
.get());
1130 if (NS_FAILED(rv
)) {
1134 rv
= NS_WriteOptionalStringZ(aStream
, mCert
->subjectName
.get());
1135 if (NS_FAILED(rv
)) {
1139 rv
= NS_WriteOptionalStringZ(aStream
, mCert
->prettyName
.get());
1140 if (NS_FAILED(rv
)) {
1144 rv
= aStream
->WriteCompoundObject(mCert
->cert
, NS_GET_IID(nsISupports
),
1146 if (NS_FAILED(rv
)) {
1151 // mSecurityPolicy is an optimization; it'll get looked up again as needed.
1152 // Don't bother saving and restoring it, esp. since it might change if
1153 // preferences change.
1155 rv
= NS_WriteOptionalCompoundObject(aStream
, mCodebase
, NS_GET_IID(nsIURI
),
1157 if (NS_FAILED(rv
)) {
1161 rv
= NS_WriteOptionalCompoundObject(aStream
, mDomain
, NS_GET_IID(nsIURI
),
1163 if (NS_FAILED(rv
)) {
1167 rv
= aStream
->Write8(mTrusted
);
1168 if (NS_FAILED(rv
)) {
1172 // mCodebaseImmutable and mDomainImmutable will be recomputed based
1173 // on the deserialized URIs in Read().