diff --git a/mozilla/caps/src/nsScriptSecurityManager.cpp b/mozilla/caps/src/nsScriptSecurityManager.cpp index 2f69e156f1d..217e83a2de6 100644 --- a/mozilla/caps/src/nsScriptSecurityManager.cpp +++ b/mozilla/caps/src/nsScriptSecurityManager.cpp @@ -552,9 +552,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI, case PrefAccess: // Allow access if pref is set NS_ASSERTION(mPrefs,"nsScriptSecurityManager::mPrefs not initialized"); - mIsAccessingPrefs = PR_TRUE; - mPrefs->GetBoolPref("security.checkloaduri", &doCheck); - mIsAccessingPrefs = PR_FALSE; + mPrefs->GetSecBoolPref("security.checkloaduri", &doCheck); if (!doCheck) return NS_OK; // Otherwise fall through to Deny. @@ -862,14 +860,7 @@ nsScriptSecurityManager::IsCapabilityEnabled(const char *capability, *result = PR_TRUE; return NS_OK; } - // If this capability check is being called as a result of the security - // manager accessing a security preference, allow execution. - if (mIsAccessingPrefs && - (PL_strcmp(capability, "SecurityPreferencesAccess") == 0)) - { - *result = PR_TRUE; - return NS_OK; - } + do { nsCOMPtr principal; if (NS_FAILED(GetFramePrincipal(cx, fp, getter_AddRefs(principal)))) { @@ -1565,13 +1556,11 @@ nsScriptSecurityManager::GetSecurityLevel(nsIPrincipal *principal, PRInt32 secLevel; char *secLevelString; nsresult rv; - mIsAccessingPrefs = PR_TRUE; - rv = mPrefs->CopyCharPref(prefName, &secLevelString); + rv = mPrefs->CopySecCharPref(prefName, &secLevelString); if (NS_FAILED(rv)) { prefName += (isWrite ? ".write" : ".read"); - rv = mPrefs->CopyCharPref(prefName, &secLevelString); + rv = mPrefs->CopySecCharPref(prefName, &secLevelString); } - mIsAccessingPrefs = PR_FALSE; if (NS_SUCCEEDED(rv) && secLevelString) { if (PL_strcmp(secLevelString, "sameOrigin") == 0) secLevel = SCRIPT_SECURITY_SAME_DOMAIN_ACCESS; @@ -1610,11 +1599,9 @@ nsScriptSecurityManager::CheckXPCPermissions(JSContext *aJSContext, if (NS_SUCCEEDED(rv)) { PRBool allow = PR_FALSE; - mIsAccessingPrefs = PR_TRUE; //XXX May want to store the value of the pref in a local, // this will help performance when dealing with plugins. - rv = mPrefs->GetBoolPref("security.xpconnect.plugin.unrestricted", &allow); - mIsAccessingPrefs = PR_FALSE; + rv = mPrefs->GetSecBoolPref("security.xpconnect.plugin.unrestricted", &allow); if (NS_SUCCEEDED(rv) && allow) return NS_OK; } @@ -1747,19 +1734,19 @@ nsScriptSecurityManager::SavePrincipal(nsIPrincipal* aToSave) mIsAccessingPrefs = PR_TRUE; if (grantedList) - mPrefs->SetCharPref(grantedPrefName, grantedList); + mPrefs->SetSecCharPref(grantedPrefName, grantedList); else - mPrefs->ClearUserPref(grantedPrefName); + mPrefs->ClearSecUserPref(grantedPrefName); if (deniedList) - mPrefs->SetCharPref(deniedPrefName, deniedList); + mPrefs->SetSecCharPref(deniedPrefName, deniedList); else - mPrefs->ClearUserPref(deniedPrefName); + mPrefs->ClearSecUserPref(deniedPrefName); if (grantedList || deniedList) - mPrefs->SetCharPref(idPrefName, id); + mPrefs->SetSecCharPref(idPrefName, id); else - mPrefs->ClearUserPref(idPrefName); + mPrefs->ClearSecUserPref(idPrefName); mIsAccessingPrefs = PR_FALSE; return mPrefs->SavePrefFile(); @@ -1840,7 +1827,7 @@ nsScriptSecurityManager::EnumeratePolicyCallback(const char *prefName, return; } char *s; - if (NS_FAILED(mgr->mPrefs->CopyCharPref(prefName, &s))) + if (NS_FAILED(mgr->mPrefs->CopySecCharPref(prefName, &s))) return; char *q=s; char *r=s; @@ -1959,7 +1946,7 @@ nsScriptSecurityManager::EnumeratePrincipalsCallback(const char *prefName, return; char* id; - if (NS_FAILED(info->prefs->CopyCharPref(prefName, &id))) + if (NS_FAILED(info->prefs->CopySecCharPref(prefName, &id))) return; nsXPIDLCString grantedPrefName; @@ -1970,9 +1957,9 @@ nsScriptSecurityManager::EnumeratePrincipalsCallback(const char *prefName, return; char* grantedList = nsnull; - info->prefs->CopyCharPref(grantedPrefName, &grantedList); + info->prefs->CopySecCharPref(grantedPrefName, &grantedList); char* deniedList = nsnull; - info->prefs->CopyCharPref(deniedPrefName, &deniedList); + info->prefs->CopySecCharPref(deniedPrefName, &deniedList); static const char certificateName[] = "security.principal.certificate"; static const char codebaseName[] = "security.principal.codebase"; @@ -2017,14 +2004,14 @@ nsScriptSecurityManager::JSEnabledPrefChanged(const char *pref, void *data) { nsScriptSecurityManager *secMgr = (nsScriptSecurityManager *) data; - if (NS_FAILED(secMgr->mPrefs->GetBoolPref(jsEnabledPrefName, + if (NS_FAILED(secMgr->mPrefs->GetSecBoolPref(jsEnabledPrefName, &secMgr->mIsJavaScriptEnabled))) { // Default to enabled. secMgr->mIsJavaScriptEnabled = PR_TRUE; } - if (NS_FAILED(secMgr->mPrefs->GetBoolPref(jsMailEnabledPrefName, + if (NS_FAILED(secMgr->mPrefs->GetSecBoolPref(jsMailEnabledPrefName, &secMgr->mIsMailJavaScriptEnabled))) { // Default to enabled. @@ -2089,7 +2076,7 @@ nsScriptSecurityManager::InitFromPrefs() // set callbacks in case the value of the pref changes prefs->RegisterCallback(jsEnabledPrefName, JSEnabledPrefChanged, this); prefs->RegisterCallback(jsMailEnabledPrefName, JSEnabledPrefChanged, this); - prefs->EnumerateChildren("security.policy", + prefs->EnumerateChildren("security.policy", nsScriptSecurityManager::EnumeratePolicyCallback, (void *) this); @@ -2101,6 +2088,7 @@ nsScriptSecurityManager::InitFromPrefs() EnumeratePrincipalsInfo info; info.ht = mPrincipals; info.prefs = mPrefs; + prefs->EnumerateChildren("security.principal", nsScriptSecurityManager::EnumeratePrincipalsCallback, (void *) &info); diff --git a/mozilla/modules/libjar/nsIZipReader.idl b/mozilla/modules/libjar/nsIZipReader.idl index db45e2c0b71..a47e37f761d 100644 --- a/mozilla/modules/libjar/nsIZipReader.idl +++ b/mozilla/modules/libjar/nsIZipReader.idl @@ -52,6 +52,7 @@ interface nsIZipReader : nsISupports const short INVALID_UNKNOWN_CA = 3; const short INVALID_MANIFEST = 4; const short INVALID_ENTRY = 5; + const short NO_MANIFEST = 6; /** * Initializes a zip reader after construction. @@ -101,12 +102,6 @@ interface nsIZipReader : nsISupports */ void getCertificatePrincipal(in string aEntryName, out nsIPrincipal aPrincipal); - /** - * Verifies aData against a digital signature stored in the archive. Returns - * a principal if verification succeeds, null otherwise. - */ - nsIPrincipal verifyExternalData(in string aEntryName, in string aData, - in unsigned long aLength); }; //////////////////////////////////////////////////////////////////////////////// diff --git a/mozilla/modules/libjar/nsJAR.cpp b/mozilla/modules/libjar/nsJAR.cpp index ef7f57baff3..da21b9921b9 100644 --- a/mozilla/modules/libjar/nsJAR.cpp +++ b/mozilla/modules/libjar/nsJAR.cpp @@ -103,7 +103,7 @@ public: // True if the second step of verification (VerifyEntry) // has taken place: - PRBool step2Complete; + PRBool entryVerified; // Not signed, valid, or failure code PRInt16 status; @@ -120,7 +120,7 @@ public: // nsJARManifestItem constructors and destructor //------------------------------------------------- nsJARManifestItem::nsJARManifestItem(): mType(JAR_INTERNAL), - step2Complete(PR_FALSE), + entryVerified(PR_FALSE), status(nsIZipReader::NOT_SIGNED), calculatedSectionDigest(nsnull), storedEntryDigest(nsnull) @@ -285,11 +285,19 @@ nsJAR::FindEntries(const char *aPattern, nsISimpleEnumerator **result) } NS_IMETHODIMP -nsJAR::GetInputStream(const char *aFilename, nsIInputStream **result) +nsJAR::GetInputStream(const char* aFilename, nsIInputStream** result) { - if (!result) - return NS_OK; - return CreateInputStream(aFilename, PR_TRUE, result); + NS_ENSURE_ARG_POINTER(result); + nsresult rv; + nsJARInputStream* jis = nsnull; + rv = nsJARInputStream::Create(nsnull, NS_GET_IID(nsIInputStream), (void**)&jis); + if (!jis) return NS_ERROR_FAILURE; + + rv = jis->Init(this, aFilename); + if (NS_FAILED(rv)) return NS_ERROR_FAILURE; + + *result = (nsIInputStream*)jis; + return NS_OK; } NS_IMETHODIMP @@ -300,6 +308,18 @@ nsJAR::GetCertificatePrincipal(const char* aFilename, nsIPrincipal** aPrincipal) return NS_ERROR_NULL_POINTER; *aPrincipal = nsnull; + //-- Get the signature verifier service + nsresult rv; + NS_WITH_SERVICE(nsISignatureVerifier, verifier, SIGNATURE_VERIFIER_PROGID, &rv); + if (NS_FAILED(rv)) // No signature verifier available + return NS_OK; + + //-- Parse the manifest + rv = ParseManifest(verifier); + if (NS_FAILED(rv)) return rv; + if (mGlobalStatus == nsIZipReader::NO_MANIFEST) + return NS_OK; + PRInt16 requestedStatus; if (aFilename) { @@ -308,26 +328,20 @@ nsJAR::GetCertificatePrincipal(const char* aFilename, nsIPrincipal** aPrincipal) nsJARManifestItem* manItem = (nsJARManifestItem*)mManifestData.Get(&key); if (!manItem) return NS_OK; - if (!manItem->step2Complete) + //-- Verify the item against the manifest + if (!manItem->entryVerified) { - NS_ASSERTION(manItem->step2Complete, - "nsJAR: Attempt to get principal before verification."); - return NS_ERROR_FAILURE; + nsXPIDLCString entryData; + PRUint32 entryDataLen; + rv = LoadEntry(aFilename, getter_Copies(entryData), &entryDataLen); + if (NS_FAILED(rv)) return rv; + rv = VerifyEntry(verifier, manItem, entryData, entryDataLen); + if (NS_FAILED(rv)) return rv; } requestedStatus = manItem->status; } else // User wants identity of signer w/o verifying any entries - { - if (!mParsedManifest) - { - nsresult rv; - NS_WITH_SERVICE(nsISignatureVerifier, verifier, SIGNATURE_VERIFIER_PROGID, &rv); - if (NS_FAILED(rv)) // No signature verifier available - return NS_ERROR_FAILURE; - ParseManifest(verifier); - } requestedStatus = mGlobalStatus; - } if (requestedStatus != nsIZipReader::VALID) ReportError(aFilename, requestedStatus); @@ -339,40 +353,16 @@ nsJAR::GetCertificatePrincipal(const char* aFilename, nsIPrincipal** aPrincipal) return NS_OK; } -NS_IMETHODIMP -nsJAR::VerifyExternalData(const char* aFilename, const char* aData, PRUint32 aLen, - nsIPrincipal** result) -{ - if (NS_FAILED(VerifyEntry(aFilename, aData, aLen))) - return NS_ERROR_FAILURE; - return GetCertificatePrincipal(aFilename, result); -} - //---------------------------------------------- // nsJAR private implementation //---------------------------------------------- -nsresult nsJAR::CreateInputStream(const char* aFilename, PRBool verify, - nsIInputStream** result) -{ - nsresult rv; - nsJARInputStream* jis = nsnull; - rv = nsJARInputStream::Create(nsnull, NS_GET_IID(nsIInputStream), (void**)&jis); - if (!jis) return NS_ERROR_FAILURE; - - rv = jis->Init(this, aFilename, verify); - if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - - *result = (nsIInputStream*)jis; - return NS_OK; -} - nsresult nsJAR::LoadEntry(const char* aFilename, char** aBuf, PRUint32* aBufLen) { - //-- Get a stream for reading the manifest file + //-- Get a stream for reading the file nsresult rv; nsCOMPtr manifestStream; - rv = CreateInputStream(aFilename, PR_FALSE, getter_AddRefs(manifestStream)); + rv = GetInputStream(aFilename, getter_AddRefs(manifestStream)); if (NS_FAILED(rv)) return NS_ERROR_FILE_TARGET_DOES_NOT_EXIST; //-- Read the manifest file into memory @@ -437,8 +427,6 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) //-- Verification Step 1 if (mParsedManifest) return NS_OK; - mParsedManifest = PR_TRUE; - //-- (1)Manifest (MF) file nsresult rv; nsCOMPtr files; @@ -449,11 +437,21 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) //-- Load the file into memory nsCOMPtr file; rv = files->GetNext(getter_AddRefs(file)); - if (NS_FAILED(rv) || !file) return rv; + if (NS_FAILED(rv)) return rv; + if (!file) + { + mGlobalStatus = nsIZipReader::NO_MANIFEST; + mParsedManifest = PR_TRUE; + return NS_OK; + } PRBool more; rv = files->HasMoreElements(&more); - if (NS_FAILED(rv)) return rv; - if (more) return NS_ERROR_FILE_CORRUPTED; // More than one MF file + if (NS_FAILED(rv)) return rv; + if (more) + { + mParsedManifest = PR_TRUE; + return NS_ERROR_FILE_CORRUPTED; // More than one MF file + } nsXPIDLCString manifestFilename; rv = file->GetName(getter_Copies(manifestFilename)); if (!manifestFilename || NS_FAILED(rv)) return rv; @@ -464,7 +462,6 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) //-- Parse it rv = ParseOneFile(verifier, manifestBuffer, JAR_MF); if (NS_FAILED(rv)) return rv; - DumpMetadata("PM Pass 1 End"); //-- (2)Signature (SF) file // If there are multiple signatures, we select one. @@ -473,7 +470,13 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) if (NS_FAILED(rv)) return rv; //-- Get an SF file rv = files->GetNext(getter_AddRefs(file)); - if (NS_FAILED(rv) || !file) return rv; + if (NS_FAILED(rv)) return rv; + if (!file) + { + mGlobalStatus = nsIZipReader::NO_MANIFEST; + mParsedManifest = PR_TRUE; + return NS_OK; + } rv = file->GetName(getter_Copies(manifestFilename)); if (NS_FAILED(rv)) return rv; @@ -497,7 +500,12 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) nsCAutoString tempFilename(sigFilename); tempFilename.Append("RSA", 3); rv = LoadEntry(tempFilename, getter_Copies(sigBuffer), &sigLen); } - if (NS_FAILED(rv)) return rv; + if (NS_FAILED(rv)) + { + mGlobalStatus = nsIZipReader::NO_MANIFEST; + mParsedManifest = PR_TRUE; + return NS_OK; + } //-- Verify that the signature file is a valid signature of the SF file PRInt32 verifyError; @@ -516,7 +524,7 @@ nsJAR::ParseManifest(nsISignatureVerifier* verifier) // if ParseOneFile fails, then it has no effect, and we can safely // continue to the next SF file, or return. ParseOneFile(verifier, manifestBuffer, JAR_SF); - DumpMetadata("PM Pass 2 End"); + mParsedManifest = PR_TRUE; return NS_OK; } @@ -701,46 +709,28 @@ nsJAR::ParseOneFile(nsISignatureVerifier* verifier, } //ParseOneFile() nsresult -nsJAR::VerifyEntry(const char* aEntryName, const char* aEntryData, +nsJAR::VerifyEntry(nsISignatureVerifier* verifier, + nsJARManifestItem* aManItem, const char* aEntryData, PRUint32 aLen) { - nsresult rv; - NS_WITH_SERVICE(nsISignatureVerifier, verifier, SIGNATURE_VERIFIER_PROGID, &rv); - if (NS_FAILED(rv)) return NS_OK; // No verifier available; just continue. - - //-- Verification Step 2 - // Check that verification is supported and step 1 has been done - if (!mParsedManifest) - ParseManifest(verifier); - NS_ASSERTION(mParsedManifest, - "Verification step 2 called before step 1 complete"); - if (!mParsedManifest) return NS_ERROR_FAILURE; - - //-- Get the manifest item - nsStringKey key(aEntryName); - nsJARManifestItem* manItem = (nsJARManifestItem*)mManifestData.Get(&key); - if (!manItem) - return NS_OK; - if (manItem->status == nsIZipReader::VALID) + if (aManItem->status == nsIZipReader::VALID) { - if(!manItem->storedEntryDigest) + if(!aManItem->storedEntryDigest) // No entry digests in manifest file. Entry is unsigned. - manItem->status = nsIZipReader::NOT_SIGNED; + aManItem->status = nsIZipReader::NOT_SIGNED; else { //-- Calculate and compare digests char* calculatedEntryDigest; - rv = CalculateDigest(verifier, aEntryData, aLen, &calculatedEntryDigest); + nsresult rv = CalculateDigest(verifier, aEntryData, aLen, &calculatedEntryDigest); if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - if (PL_strcmp(manItem->storedEntryDigest, calculatedEntryDigest) != 0) - manItem->status = nsIZipReader::INVALID_ENTRY; + if (PL_strcmp(aManItem->storedEntryDigest, calculatedEntryDigest) != 0) + aManItem->status = nsIZipReader::INVALID_ENTRY; JAR_NULLFREE(calculatedEntryDigest) - JAR_NULLFREE(manItem->storedEntryDigest) + JAR_NULLFREE(aManItem->storedEntryDigest) } } - if (NS_SUCCEEDED(rv)) - manItem->step2Complete = PR_TRUE; - DumpMetadata("VerifyEntry end"); - return rv; + aManItem->entryVerified = PR_TRUE; + return NS_OK; } void nsJAR::ReportError(const char* aFilename, PRInt16 errorCode) @@ -864,30 +854,8 @@ PrintManItem(nsHashKey* aKey, void* aData, void* closure) { nsStringKey* key2 = (nsStringKey*)aKey; char* name = key2->GetString().ToNewCString(); - if (PL_strcmp(name, "") != 0) - { - printf("------------\nName:%s.\n",name); - if (manItem->mPrincipal) - { - char* toStr; - char* caps; - manItem->mPrincipal->ToString(&toStr); - manItem->mPrincipal->CapabilitiesToString(&caps); - printf("Principal: %s.\n Caps: %s.\n", toStr, caps); - } - else - printf("No Principal.\n"); - printf("step2Complete:%i.\n",manItem->step2Complete); - printf("valid:%i.\n",manItem->valid); - /* - for (PRInt32 x=0; xcalculatedSectionDigests[x]); - for (PRInt32 y=0; ystoredEntryDigests[y]); - */ - } + if (!(PL_strcmp(name, "") == 0)) + printf("%s s=%i\n",name, manItem->status); } return PR_TRUE; } @@ -897,8 +865,17 @@ void nsJAR::DumpMetadata(const char* aMessage) { #if 0 printf("### nsJAR::DumpMetadata at %s ###\n", aMessage); + if (mPrincipal) + { + char* toStr; + mPrincipal->ToString(&toStr); + printf("Principal: %s.\n", toStr); + PR_FREEIF(toStr); + } + else + printf("No Principal. \n"); mManifestData.Enumerate(PrintManItem); - printf("######## nsJAR::DumpMetadata End ############\n"); + printf("\n"); #endif } @@ -1120,8 +1097,8 @@ NS_IMPL_THREADSAFE_ISUPPORTS1(nsZipReaderCache, nsIZipReaderCache) nsZipReaderCache::nsZipReaderCache() : mLock(nsnull), mZips((nsHashtableCloneElementFunc)nsZipCacheEntry::Clone, nsnull, nsZipCacheEntry::Delete, nsnull), - mFreeCount(0), - mFreeList(nsnull) + mFreeList(nsnull), + mFreeCount(0) { NS_INIT_REFCNT(); } diff --git a/mozilla/modules/libjar/nsJAR.h b/mozilla/modules/libjar/nsJAR.h index 93240e04779..b38f3f1c6a0 100644 --- a/mozilla/modules/libjar/nsJAR.h +++ b/mozilla/modules/libjar/nsJAR.h @@ -55,6 +55,7 @@ #include "nsISignatureVerifier.h" class nsIInputStream; +class nsJARManifestItem; /*------------------------------------------------------------------------- * Class nsJAR declaration. @@ -92,14 +93,13 @@ class nsJAR : public nsIZipReader //-- Private functions nsresult ParseManifest(nsISignatureVerifier* verifier); void ReportError(const char* aFilename, PRInt16 errorCode); - nsresult CreateInputStream(const char* aFilename, PRBool verify, - nsIInputStream** result); nsresult LoadEntry(const char* aFilename, char** aBuf, PRUint32* aBufLen = nsnull); PRInt32 ReadLine(const char** src); nsresult ParseOneFile(nsISignatureVerifier* verifier, const char* filebuf, PRInt16 aFileType); - nsresult VerifyEntry(const char* aEntryName, const char* aEntryData, + nsresult VerifyEntry(nsISignatureVerifier* verifier, + nsJARManifestItem* aEntry, const char* aEntryData, PRUint32 aLen); nsresult RestoreModTime(nsZipItem *aItem, nsIFile *aExtractedFile); diff --git a/mozilla/modules/libjar/nsJARChannel.cpp b/mozilla/modules/libjar/nsJARChannel.cpp index 271405d0047..71a471c6b07 100644 --- a/mozilla/modules/libjar/nsJARChannel.cpp +++ b/mozilla/modules/libjar/nsJARChannel.cpp @@ -820,33 +820,6 @@ nsJARChannel::SetLoadGroup(nsILoadGroup* aLoadGroup) NS_IMETHODIMP nsJARChannel::GetOwner(nsISupports* *aOwner) { - if (!mOwner) - { - nsCOMPtr certificate; - nsresult rv = mJAR->GetCertificatePrincipal(mJAREntry, - getter_AddRefs(certificate)); - if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - if (certificate) - { // Get the codebase principal - NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, - kScriptSecurityManagerCID, &rv); - if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - nsCOMPtr codebase; - rv = secMan->GetCodebasePrincipal(mJARBaseURI, - getter_AddRefs(codebase)); - if (NS_FAILED(rv)) return rv; - - // Join the certificate and the codebase - nsCOMPtr agg; - agg = do_QueryInterface(certificate, &rv); - NS_ASSERTION(NS_SUCCEEDED(rv), - "Certificate principal is not an aggregate"); - rv = agg->SetCodebase(codebase); - if (NS_FAILED(rv)) return rv; - mOwner = do_QueryInterface(agg, &rv); - if (NS_FAILED(rv)) return rv; - } - } *aOwner = mOwner; NS_IF_ADDREF(*aOwner); return NS_OK; @@ -968,6 +941,31 @@ nsJARChannel::Open(char* *contentType, PRInt32 *contentLength) rv = GetContentType(contentType); if (NS_FAILED(rv)) return rv; } + + //-- Verify signature, if one is present, and set owner accordingly + nsCOMPtr certificate; + rv = mJAR->GetCertificatePrincipal(mJAREntry, + getter_AddRefs(certificate)); + if (NS_FAILED(rv)) return NS_ERROR_FAILURE; + if (certificate) + { // Get the codebase principal + NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, + kScriptSecurityManagerCID, &rv); + if (NS_FAILED(rv)) return NS_ERROR_FAILURE; + nsCOMPtr codebase; + rv = secMan->GetCodebasePrincipal(mJARBaseURI, + getter_AddRefs(codebase)); + if (NS_FAILED(rv)) return rv; + + // Join the certificate and the codebase + nsCOMPtr agg; + agg = do_QueryInterface(certificate, &rv); + rv = agg->SetCodebase(codebase); + if (NS_FAILED(rv)) return rv; + mOwner = do_QueryInterface(agg, &rv); + if (NS_FAILED(rv)) return rv; + } + return rv; } @@ -980,7 +978,6 @@ nsJARChannel::Close(nsresult status) nsCOMPtr jarCache; rv = mJARProtocolHandler->GetJARCache(getter_AddRefs(jarCache)); if (NS_FAILED(rv)) return rv; - rv = jarCache->ReleaseZip(mJAR); if (NS_FAILED(rv)) return rv; @@ -997,7 +994,8 @@ nsJARChannel::GetInputStream(nsIInputStream* *aInputStream) PR_LOG(gJarProtocolLog, PR_LOG_DEBUG, ("nsJarProtocol: GetInputStream jar entry %s", (const char*)jarURLStr)); #endif - return mJAR->GetInputStream(mJAREntry, aInputStream); + NS_ENSURE_TRUE(mJAR, NS_ERROR_NULL_POINTER); + return mJAR->GetInputStream(mJAREntry, aInputStream); } NS_IMETHODIMP diff --git a/mozilla/modules/libjar/nsJARInputStream.cpp b/mozilla/modules/libjar/nsJARInputStream.cpp index ab2ebac18b5..824f213e221 100644 --- a/mozilla/modules/libjar/nsJARInputStream.cpp +++ b/mozilla/modules/libjar/nsJARInputStream.cpp @@ -70,7 +70,7 @@ nsJARInputStream::Close() } nsresult -nsJARInputStream::Init(nsJAR* aJAR, const char* aFilename, PRBool verify) +nsJARInputStream::Init(nsJAR* aJAR, const char* aFilename) { if (!aFilename) return NS_ERROR_NULL_POINTER; @@ -82,11 +82,6 @@ nsJARInputStream::Init(nsJAR* aJAR, const char* aFilename, PRBool verify) result = Zip()->ReadInit(mEntryName, &mReadInfo); if (result != ZIP_OK) return NS_ERROR_FAILURE; - - // Pass the file (already in memory) on to the signature verifier - if (verify) - return aJAR->VerifyEntry(mEntryName, mReadInfo->mFileBuffer, - mReadInfo->mItem->realsize); return NS_OK; } diff --git a/mozilla/modules/libjar/nsJARInputStream.h b/mozilla/modules/libjar/nsJARInputStream.h index ec93d6706e7..036c57f3090 100644 --- a/mozilla/modules/libjar/nsJARInputStream.h +++ b/mozilla/modules/libjar/nsJARInputStream.h @@ -56,7 +56,7 @@ class nsJARInputStream : public nsIInputStream Create(nsISupports* aOuter, const nsIID& aIID, void* *aResult); nsresult - Init(nsJAR* jar, const char* aFilename, PRBool verify); + Init(nsJAR* jar, const char* aFilename); protected: nsZipArchive* Zip() { return &mJAR->mZip; } diff --git a/mozilla/modules/libjar/nsJARURI.cpp b/mozilla/modules/libjar/nsJARURI.cpp index 34ef86d3bec..b8a19e16519 100644 --- a/mozilla/modules/libjar/nsJARURI.cpp +++ b/mozilla/modules/libjar/nsJARURI.cpp @@ -132,6 +132,8 @@ nsJARURI::SetSpec(const char * aSpec) nsCAutoString entry(aSpec); entry.Cut(0, pos + 2); // 2 == strlen(NS_JAR_DELIMITER) + while (entry.CharAt(0) == '/') + entry.Cut(0,1); // Strip any additional leading slashes from entry path rv = serv->ResolveRelativePath(entry, nsnull, &mJAREntry); return rv; diff --git a/mozilla/modules/libpref/public/nsIPref.idl b/mozilla/modules/libpref/public/nsIPref.idl index b974c87333f..4a49d0bb394 100644 --- a/mozilla/modules/libpref/public/nsIPref.idl +++ b/mozilla/modules/libpref/public/nsIPref.idl @@ -123,7 +123,16 @@ interface nsIPref : nsISupports { nsIFileSpec GetFilePref(in string pref); void SetFilePref(in string pref, in nsIFileSpec value, in boolean setDefault); - + + /* Security Prefs Access + These are here to support nsScriptSecurityManager and are insecure if used elsewhere. + Please do not call these functions from elsewhere. + */ + [noscript] boolean GetSecBoolPref(in string pref); + [noscript] string CopySecCharPref(in string pref); + [noscript] void SetSecCharPref(in string pref, in string value); + [noscript] void ClearSecUserPref(in string pref_name); + /* pref attributes */ boolean PrefIsLocked(in string pref); diff --git a/mozilla/modules/libpref/src/nsPref.cpp b/mozilla/modules/libpref/src/nsPref.cpp index 422313f7640..17c268e3350 100644 --- a/mozilla/modules/libpref/src/nsPref.cpp +++ b/mozilla/modules/libpref/src/nsPref.cpp @@ -1042,6 +1042,33 @@ NS_IMETHODIMP nsPref::SetFilePref(const char *pref_name, return _convertRes(rv); } +/* + * Pref access without security check - these are here to support nsScriptSecurityManager. + * Please don't call them from elsewhere. + */ +NS_IMETHODIMP nsPref::GetSecBoolPref(const char *pref, PRBool * return_val) +{ + return _convertRes(PREF_GetBoolPref(pref, return_val, PR_FALSE)); +} + +NS_IMETHODIMP nsPref::CopySecCharPref(const char *pref, char ** return_buf) +{ +#if defined(DEBUG_tao_) + checkPref("CopyCharPref", pref); +#endif + return _convertRes(PREF_CopyCharPref(pref, return_buf, PR_FALSE)); +} + +NS_IMETHODIMP nsPref::SetSecCharPref(const char *pref,const char* value) +{ + return _convertRes(PREF_SetCharPref(pref, value)); +} + +NS_IMETHODIMP nsPref::ClearSecUserPref(const char *pref_name) +{ + return _convertRes(PREF_ClearUserPref(pref_name)); +} + /* * Pref info */ diff --git a/mozilla/netwerk/base/src/nsIOService.cpp b/mozilla/netwerk/base/src/nsIOService.cpp index eb84d5af6cf..bd39dda8990 100644 --- a/mozilla/netwerk/base/src/nsIOService.cpp +++ b/mozilla/netwerk/base/src/nsIOService.cpp @@ -330,9 +330,13 @@ nsIOService::ResolveRelativePath(const char *relativePath, const char* basePath, { nsCAutoString name; nsCAutoString path(basePath); - - PRUnichar last = path.Last(); - PRBool needsDelim = !(last == '/' || last == '\\' || last == '\0'); + + PRBool needsDelim = PR_FALSE; + if (path.Length() > 0) + { + PRUnichar last = path.Last(); + needsDelim = !(last == '/' || last == '\\' || last == '\0'); + } PRBool end = PR_FALSE; char c; diff --git a/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp b/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp index 271405d0047..71a471c6b07 100644 --- a/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp +++ b/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp @@ -820,33 +820,6 @@ nsJARChannel::SetLoadGroup(nsILoadGroup* aLoadGroup) NS_IMETHODIMP nsJARChannel::GetOwner(nsISupports* *aOwner) { - if (!mOwner) - { - nsCOMPtr certificate; - nsresult rv = mJAR->GetCertificatePrincipal(mJAREntry, - getter_AddRefs(certificate)); - if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - if (certificate) - { // Get the codebase principal - NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, - kScriptSecurityManagerCID, &rv); - if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - nsCOMPtr codebase; - rv = secMan->GetCodebasePrincipal(mJARBaseURI, - getter_AddRefs(codebase)); - if (NS_FAILED(rv)) return rv; - - // Join the certificate and the codebase - nsCOMPtr agg; - agg = do_QueryInterface(certificate, &rv); - NS_ASSERTION(NS_SUCCEEDED(rv), - "Certificate principal is not an aggregate"); - rv = agg->SetCodebase(codebase); - if (NS_FAILED(rv)) return rv; - mOwner = do_QueryInterface(agg, &rv); - if (NS_FAILED(rv)) return rv; - } - } *aOwner = mOwner; NS_IF_ADDREF(*aOwner); return NS_OK; @@ -968,6 +941,31 @@ nsJARChannel::Open(char* *contentType, PRInt32 *contentLength) rv = GetContentType(contentType); if (NS_FAILED(rv)) return rv; } + + //-- Verify signature, if one is present, and set owner accordingly + nsCOMPtr certificate; + rv = mJAR->GetCertificatePrincipal(mJAREntry, + getter_AddRefs(certificate)); + if (NS_FAILED(rv)) return NS_ERROR_FAILURE; + if (certificate) + { // Get the codebase principal + NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, + kScriptSecurityManagerCID, &rv); + if (NS_FAILED(rv)) return NS_ERROR_FAILURE; + nsCOMPtr codebase; + rv = secMan->GetCodebasePrincipal(mJARBaseURI, + getter_AddRefs(codebase)); + if (NS_FAILED(rv)) return rv; + + // Join the certificate and the codebase + nsCOMPtr agg; + agg = do_QueryInterface(certificate, &rv); + rv = agg->SetCodebase(codebase); + if (NS_FAILED(rv)) return rv; + mOwner = do_QueryInterface(agg, &rv); + if (NS_FAILED(rv)) return rv; + } + return rv; } @@ -980,7 +978,6 @@ nsJARChannel::Close(nsresult status) nsCOMPtr jarCache; rv = mJARProtocolHandler->GetJARCache(getter_AddRefs(jarCache)); if (NS_FAILED(rv)) return rv; - rv = jarCache->ReleaseZip(mJAR); if (NS_FAILED(rv)) return rv; @@ -997,7 +994,8 @@ nsJARChannel::GetInputStream(nsIInputStream* *aInputStream) PR_LOG(gJarProtocolLog, PR_LOG_DEBUG, ("nsJarProtocol: GetInputStream jar entry %s", (const char*)jarURLStr)); #endif - return mJAR->GetInputStream(mJAREntry, aInputStream); + NS_ENSURE_TRUE(mJAR, NS_ERROR_NULL_POINTER); + return mJAR->GetInputStream(mJAREntry, aInputStream); } NS_IMETHODIMP diff --git a/mozilla/netwerk/protocol/jar/src/nsJARURI.cpp b/mozilla/netwerk/protocol/jar/src/nsJARURI.cpp index 34ef86d3bec..b8a19e16519 100644 --- a/mozilla/netwerk/protocol/jar/src/nsJARURI.cpp +++ b/mozilla/netwerk/protocol/jar/src/nsJARURI.cpp @@ -132,6 +132,8 @@ nsJARURI::SetSpec(const char * aSpec) nsCAutoString entry(aSpec); entry.Cut(0, pos + 2); // 2 == strlen(NS_JAR_DELIMITER) + while (entry.CharAt(0) == '/') + entry.Cut(0,1); // Strip any additional leading slashes from entry path rv = serv->ResolveRelativePath(entry, nsnull, &mJAREntry); return rv;