Fix Solaris break for case-sensitive file name

git-svn-id: svn://10.0.0.236/branches/PSM_GLUE_JAVI@72695 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/extensions/psm-glue/Makefile.in

@@ -17,14 +17,16 @@
 # Rights Reserved.
 #
 # Contributor(s): 
-#  Terry Hayes <thayes@netscape.com>
 # 
 
-DEPTH		= ../../..
+DEPTH		= ../..
 topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
-DIRS		= public resources src
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= public src res
 
 include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/makefile.win

@@ -19,11 +19,9 @@
 #
 # Contributor(s): 
 
-DEPTH=..
+DEPTH=..\..
 include <$(DEPTH)/config/config.mak>
 
-DIRS = nss \
-	manager \
-	$(NULL)
+DIRS = public src res
 
 include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/public/MANIFEST

@@ -0,0 +1,4 @@
+nsIPSMComponent.idl
+nsIPSMUIHandler.idl
+nsISecureBrowserUI.idl
+nsISSLSocketProvider.idl

mozilla/extensions/psm-glue/public/Makefile.in

@@ -0,0 +1,45 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+# 
+
+MODULE = psmglue
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+XPIDLSRCS = \
+	nsIPSMComponent.idl \
+	nsIPSMUIHandler.idl \
+	nsISecureBrowserUI.idl \
+    nsIPSMSocketInfo.idl \
+	nsISSLSocketProvider.idl \
+	nsISecretDecoderRing.idl \
+	$(NULL)
+
+PREF_JS_EXPORTS	= $(srcdir)/psm-glue.js
+
+include $(topsrcdir)/config/rules.mk

mozilla/extensions/psm-glue/public/makefile.win

@@ -0,0 +1,53 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+XPIDL_INCLUDES=-I$(DEPTH)\..\mozilla\dist\idl
+
+XPIDLSRCS= \
+    .\nsIPSMComponent.idl \
+    .\nsIPSMUIHandler.idl \
+    .\nsISecureBrowserUI.idl \
+    .\nsISSLSocketProvider.idl \
+    .\nsIPSMSocketInfo.idl \
+    .\nsISecretDecoderRing.idl \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install::
+    $(MAKE_INSTALL) .\psm-glue.js $(DIST)\bin\defaults\pref

mozilla/extensions/psm-glue/public/nsIPSMComponent.idl

@@ -0,0 +1,58 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsISupports.idl"
+interface nsIPrincipal;
+
+%{C++
+#include "cmtcmn.h"
+%}
+
+[ptr] native nsCMTControlStar(CMT_CONTROL);
+
+[scriptable, uuid(9e482670-5412-11d3-bbc8-0000861d1237)]
+interface nsIPSMComponent : nsISupports 
+{
+
+  [noscript] nsCMTControlStar getControlConnection( );
+
+  /**
+   *  Display the Security Advisor.  PickledStatus and hostName can be null. 
+   *  If they are, the "Selected Info" dialog will be empty.
+   */
+
+  void displaySecurityAdvisor(in string pickledStatus, in string hostName);
+
+  /**
+   *  This will send PSM all preferences that we know about.
+   */
+  void passPrefs();
+};
+
+%{C++
+#define PSM_COMPONENT_PROGID "component://netscape/psm"
+#define PSM_COMPONENT_CLASSNAME "Mozilla PSM Component"
+%}
+

mozilla/extensions/psm-glue/public/nsIPSMSocketInfo.idl

@@ -0,0 +1,50 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISupports.idl"
+
+%{C++
+#include "cmtcmn.h"
+#include "nsPSMShimLayer.h"
+%}
+
+[ptr] native psmtControlStar(CMT_CONTROL);
+[ptr] native cmSocketStar(CMSocket);
+[ptr] native nsFileDescStar(PRFileDesc);
+
+[noscript, uuid(deeb8dfc-fb7a-11d3-ac84-00c04fa0d26b)]
+interface nsIPSMSocketInfo : nsISupports {
+    
+    readonly attribute string           hostName;
+    readonly attribute PRInt32          hostPort;
+    
+    readonly attribute string           proxyName;
+    readonly attribute PRInt32          proxyPort;
+
+    readonly attribute psmtControlStar  controlPtr;
+    readonly attribute cmSocketStar     socketPtr;
+    readonly attribute nsFileDescStar   fileDescPtr;
+    
+    void getPickledStatus(out charPtr pickledStatus);
+};
+

mozilla/extensions/psm-glue/public/nsIPSMUIHandler.idl

@@ -0,0 +1,36 @@
+/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Mozilla browser.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications, Inc.  Portions created by Netscape are
+ * Copyright (C) 1999, Mozilla.  All Rights Reserved.
+ * 
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(d92be9b0-601b-11d3-8c4a-000064657374)]
+interface nsIPSMUIHandler : nsISupports
+{
+    void DisplayURI(in long width, in long height, in PRBool modal, in string urlStr);
+    void PromptForFile(in wstring prompt, in string fileRegEx, in boolean shouldFileExist, out string outFile);
+};
+
+%{C++
+#define PSM_UI_HANLDER_PROGID "component://netscape/psm/ui"
+#define PSM_UI_HANLDER_CLASSNAME "Mozilla PSM UI Handler"
+%}

mozilla/extensions/psm-glue/public/nsISSLSocketProvider.idl

@@ -18,20 +18,18 @@
  * Rights Reserved.
  *
  * Contributor(s):
- *  Javier Delgadillo <javi@netscape.com>
- */
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
 
-/*
- * These are helper functions to be included
- * pippki UI js files.
- */
+#include "nsISocketProvider.idl"
 
-function setText(id, value) {
-  var element = document.getElementById(id);
-  if (!element) return;
-     if (element.hasChildNodes())
-       element.removeChild(element.firstChild);
-  var textNode = document.createTextNode(value);
-  element.appendChild(textNode);
-}
+[noscript, uuid(856a93d0-5415-11d3-bbc8-0000861d1237)]
+interface nsISSLSocketProvider : nsISocketProvider {
+};
 
+%{C++
+#define NS_ISSLSOCKETPROVIDER_PROGID     NS_NETWORK_SOCKET_PROGID_PREFIX "ssl"
+#define NS_ISSLSOCKETPROVIDER_CLASSNAME  "Mozilla SSL Socket Provider Component"
+
+%}

mozilla/extensions/psm-glue/public/nsISecretDecoderRing.idl

@@ -0,0 +1,63 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *  thayes@netscape.com
+ *
+ */
+
+#include "nsISupports.idl"
+
+/* Buffer type - for storing 8-bit octet values */
+[ptr] native buffer(unsigned char);
+
+[scriptable, uuid(0EC80360-075C-11d4-9FD4-00C04F1B83D8)]
+interface nsISecretDecoderRing: nsISupports {
+
+  /* Encrypt a buffer - callable only from C++ */
+  [noscript] long encrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Decrypt a buffer - callable only from C++ */
+  [noscript] long decrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Encrypt nul-terminated string to BASE64 output */
+  string encryptString(in string text);
+
+  /* Decrypt BASE64 input to nul-terminated string output */
+  /* There is no check for embedded nul values in the decrypted output */
+  string decryptString(in string crypt);
+
+  /* Prompt the user to change the password on the SDR key */
+  void changePassword();
+
+  /* Logout of the security device that protects the SDR key */
+  void logout();
+};
+
+/*
+ * Configuration interface for the Secret Decoder Ring
+ *  - this interface allows setting the window that will be
+ *    used as parent for dialog windows (such as password prompts)
+ */
+[scriptable, uuid(01D8C0F0-0CCC-11d4-9FDD-000064657374)]
+interface nsISecretDecoderRingConfig: nsISupports {
+  void setWindow(in nsISupports w);
+};
+
+

mozilla/extensions/psm-glue/public/nsISecureBrowserUI.idl

@@ -18,41 +18,27 @@
  * Rights Reserved.
  *
  * Contributor(s):
- *   Terry Hayes <thayes@netscape.com>
- */
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
 
-#include "nsIModule.h"
-#include "nsIGenericFactory.h"
+#include "nsISupports.idl"
 
-#include "nsNSSDialogs.h"
-#include "nsPKIParamBlock.h"
-#include "nsASN1Outliner.h"
+interface nsIDOMWindow;
+interface nsIDOMElement;
 
-NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNSSDialogs, Init)
-NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsPKIParamBlock, Init)
-NS_GENERIC_FACTORY_CONSTRUCTOR(nsNSSASN1Outliner)
-
-static nsModuleComponentInfo components[] =
+[scriptable, uuid(081e31e0-a144-11d3-8c7c-00609792278c)]
+interface nsSecureBrowserUI : nsISupports
 {
-  {
-    "NSS Dialogs",
-    NS_NSSDIALOGS_CID,
-    NS_NSSDIALOGS_CONTRACTID,
-    nsNSSDialogsConstructor
-  },
-
-  {
-    "ASN1 Outliner",
-    NS_NSSASN1OUTINER_CID,
-    NS_ASN1OUTLINER_CONTRACTID,
-    nsNSSASN1OutlinerConstructor
-  },
-
-  { "PKI Parm Block", 
-    NS_PKIPARAMBLOCK_CID,
-    NS_PKIPARAMBLOCK_CONTRACTID,
-    nsPKIParamBlockConstructor
-  }
+	void init(in nsIDOMWindow window, in nsIDOMElement button);
+    void displayPageInfoUI();
 };
 
-NS_IMPL_NSGETMODULE(PKI, components)
+%{C++
+#define NS_SECURE_BROWSER_UI_PROGID "component://netscape/secure_browser_ui"
+#define NS_SECURE_BROWSER_UI_CLASSNAME "Mozilla Secure Browser UI Handler"
+
+#define NS_SECURE_BROWSER_UI_CID \
+{ 0x10fe7ea0, 0xa10a, 0x11d3, {0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+%}

mozilla/extensions/psm-glue/public/psm-glue.js

@@ -0,0 +1,11 @@
+pref("general.useragent.security",       "U");
+
+pref("security.enable_ssl2",             true);
+pref("security.enable_ssl3",             true);
+pref("security.default_personal_cert",   "Select Automatically");
+pref("security.ask_for_password",        0);
+pref("security.password_lifetime",       30);
+pref("security.warn_entering_secure",    true);
+pref("security.warn_leaving_secure",     true);
+pref("security.warn_viewing_mixed",      true);
+pref("security.warn_submit_insecure",    true);

mozilla/extensions/psm-glue/res/Makefile.in

@@ -17,7 +17,6 @@
 # Rights Reserved.
 #
 # Contributor(s): 
-#  Brian Ryner <bryner@netscape.com>
 # 
 
 DEPTH		= ../../..
@@ -25,6 +24,9 @@ topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
-DIRS		= resources src public
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= content locale
 
 include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/res/content/MANIFEST

@@ -0,0 +1,3 @@
+securityOverlay.xul
+securityUI.js
+PSMTaskMenu.xul

mozilla/extensions/psm-glue/res/content/Makefile.in

@@ -0,0 +1,38 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+COMMUNICATOR_CONTENT_DIR = $(DIST)/bin/chrome/packages/core/communicator/content/
+COMMUNICATOR_EXPORT_CONTENT = \
+  $(srcdir)/securityOverlay.xul \
+  $(srcdir)/securityUI.js       \
+  $(srcdir)/PSMTaskMenu.xul \
+  $(NULL)
+
+install::
+	$(INSTALL) $(COMMUNICATOR_EXPORT_CONTENT) $(COMMUNICATOR_CONTENT_DIR)

mozilla/extensions/psm-glue/res/content/PSMTaskMenu.xul

@@ -0,0 +1,22 @@
+<?xml version="1.0"?>
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/PSMTaskMenu.dtd" >
+
+<overlay id="psmTaskMenuID"
+         xmlns:html="http://www.w3.org/1999/xhtml"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript">
+    function displaySecurityAdvisor()
+    {
+      var psm = Components.classes["component://netscape/psm"].getService();
+      psm = psm.QueryInterface(Components.interfaces.nsIPSMComponent);
+      psm.displaySecurityAdvisor( null, null );
+    }
+  </script>
+
+  <menupopup id="personalManagers">
+    <menuitem id="PSMMentItem" position="1" value="&PSMCmd.label;" oncommand="displaySecurityAdvisor()"/>
+  </menupopup>
+
+</overlay>

mozilla/extensions/psm-glue/res/content/makefile.win

@@ -18,24 +18,18 @@
 # Rights Reserved.
 #
 # Contributor(s): 
-#	Javier Delgadillo
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
 
-DEPTH=..\..
+DEPTH=..\..\..\..
 include <$(DEPTH)/config/config.mak>
-
-DIRS = boot ssl pki
-
 include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) securityOverlay.xul     $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) securityUI.js           $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) PSMTaskMenu.xul	$(DIST)\bin\chrome\packages\core\communicator\content
+    
+clobber::
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityOverlay.xul
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityUI.js
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\PSMTaskMenu.xul
+

mozilla/extensions/psm-glue/res/content/securityOverlay.xul

@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="chrome://communicator/skin/securityOverlay.css" type="text/css"?> 
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/securityOverlay.dtd">
+
+<overlay id="NavSecurityOverlay"
+         xmlns:html="http://www.w3.org/TR/REC-html40"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript" src="chrome://communicator/content/securityUI.js" />
+
+  <statusbarpanel id="security-button" onclick="displayPageInfo()" tooltip="aToolTip" tooltiptext="&lockIcon.label;"/>    
+      
+</overlay>

mozilla/extensions/psm-glue/res/content/securityUI.js

@@ -18,21 +18,28 @@
  * Rights Reserved.
  *
  * Contributor(s):
- *  Brian Ryner <bryner@netscape.com>
 */
 
-#ifndef _NSNSSCALLBACKS_H_
-#define _NSNSSCALLBACKS_H_
+window.addEventListener("load", SetSecurityButton, false);
 
-#include "pk11func.h"
-#include "nspr.h"
+var securityUI;
 
-char* PK11PasswordPrompt(PK11SlotInfo *slot, PRBool retry, void* arg);
-void PR_CALLBACK HandshakeCallback(PRFileDesc *fd, void *client_data);
-SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd,
-                                              PRBool checksig, PRBool isServer);
-
-#endif // _NSNSSCALLBACKS_H_
+function SetSecurityButton()
+{
+    dump("in SetSecurityButton\n");
 
+    var ui = Components.classes["component://netscape/secure_browser_ui"].createInstance();
+    securityUI = ui.QueryInterface(Components.interfaces.nsSecureBrowserUI);
+
+    var button  = document.getElementById('security-button');
+	if (button && window.content)
+		securityUI.init(window.content, button);
+}
+
+function displayPageInfo()
+{
+   if (securityUI)
+     securityUI.displayPageInfoUI();
+}
 
 

mozilla/extensions/psm-glue/res/locale/Makefile.in

@@ -17,8 +17,7 @@
 # Rights Reserved.
 #
 # Contributor(s): 
-#  Brian Ryner <bryner@netscape.com>
-# 
+#
 
 DEPTH		= ../../../..
 topsrcdir	= @top_srcdir@
@@ -26,8 +25,8 @@ srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
+
+DIRS		= en-US
+
 include $(topsrcdir)/config/rules.mk
 
-libs::
-	$(REGCHROME) content pipnss pipnss.jar
-	$(REGCHROME) locale en-US/pipnss en-US.jar

mozilla/extensions/psm-glue/res/locale/en-US/MANIFEST

@@ -0,0 +1,3 @@
+PSMTaskMenu.dtd
+securityOverlay.dtd
+security.properties

mozilla/extensions/psm-glue/res/locale/en-US/Makefile.in

@@ -17,17 +17,25 @@
 # Rights Reserved.
 #
 # Contributor(s): 
-#  Terry Hayes <thayes@netscape.com>
-# 
+#
 
-DEPTH		= ../../../..
+DEPTH		= ../../../../..
 topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
+
+COMMUNICATOR_RESOURCE_CONTENT = \
+	$(srcdir)/PSMTaskMenu.dtd \
+	$(srcdir)/security.properties \
+	$(srcdir)/securityOverlay.dtd \
+	$(NULL)
+
 include $(topsrcdir)/config/rules.mk
 
-libs::
-	$(REGCHROME) content pippki pippki.jar
-	$(REGCHROME) locale en-US/pippki en-US.jar
+install:: 
+	$(INSTALL) $(COMMUNICATOR_RESOURCE_CONTENT) $(DIST)/bin/chrome/locales/en-US/communicator/locale
+
+
+

mozilla/extensions/psm-glue/res/locale/en-US/PSMTaskMenu.dtd

@@ -0,0 +1 @@
+<!ENTITY PSMCmd.label     "Security Manager">

mozilla/extensions/psm-glue/res/locale/en-US/makefile.win

@@ -0,0 +1,37 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..\..
+
+include <$(DEPTH)\config\rules.mak>
+
+COMMUNICATOR_DIST=$(DIST)\bin\chrome\locales\en-US\communicator\locale
+
+
+install::
+	$(MAKE_INSTALL) PSMTaskMenu.dtd $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) security.properties $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) securityOverlay.dtd $(COMMUNICATOR_DIST)
+
+clobber::
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\PSMTaskMenu.dtd
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\security.properties
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\securityOverlay.dtd

mozilla/extensions/psm-glue/res/locale/en-US/security.properties

@@ -0,0 +1,29 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+Title=Security Warning
+MixedContentMessage=You have requested a secure document that contains some insecure information.
+LeaveSiteMessage=You have requested an insecure document. The document and any information you send back could be observed by a third party while in transit.
+EnterSiteMessage=You have requested a secure document. The document and any information you send back are encrypted for privacy while in transit.
+PostToInsecure=Warning! Although this document is secure, the information you have submitted is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission.
+PostToInsecureFromInsecure=Any information you submit is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission. 
+DontShowAgain=Show Me This Alert Next Time.
+FindText=Please find the Personal Security Manager application

mozilla/extensions/psm-glue/res/locale/en-US/securityOverlay.dtd

@@ -0,0 +1,2 @@
+
+<!ENTITY  lockIcon.label  "Show security information for this window">

mozilla/extensions/psm-glue/res/locale/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..
+
+DIRS=en-US
+
+include <$(DEPTH)\config\rules.mak>
+

mozilla/extensions/psm-glue/res/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = content locale
+
+include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/src/Makefile.in

@@ -0,0 +1,66 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+# 
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+MODULE = psmglue
+
+IS_COMPONENT	= 1
+LIBRARY_NAME	= psmglue
+
+
+CPPSRCS	= \
+	nsPSMComponent.cpp \
+	nsPSMUICallbacks.cpp \
+	nsSSLSocketProvider.cpp \
+	nsPSMModule.cpp \
+	nsSSLIOLayer.cpp \
+	nsSecureBrowserUIImpl.cpp \
+	nsSDR.cpp \
+	nsFSDR.cpp \
+	nsCrypto.cpp \
+	nsKeygenHandler.cpp \
+	$(NULL)
+
+CSRCS = \
+	nsPSMMutex.c	\
+	nsPSMShimLayer.c	\
+	$(NULL)
+
+EXTRA_DSO_LDOPTS = \
+	$(MOZ_COMPONENT_LIBS) \
+	-lcmt \
+	-lprotocol \
+	$(MOZ_JS_LIBS) \
+	$(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+INCLUDES	+= \
+		-I$(srcdir) \
+		$(NULL)

mozilla/extensions/psm-glue/src/makefile.win

@@ -0,0 +1,72 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+LINCS = $(LINCS)     \
+    -I$(PUBLIC)      \
+    -I$(PUBLIC)/security \
+    $(NULL)
+
+LLIBS   = \
+    $(LIBNSPR) \
+    $(DIST)\lib\neckobase_s.lib \
+    $(DIST)\lib\xpcom.lib \
+    $(DIST)\lib\js3250.lib \
+    $(DIST)\lib\cmt.lib       \
+    $(DIST)\lib\protocol.lib  \
+    $(DIST)\lib\mozreg.lib       \
+    $(DIST)\lib\jsdom.lib \
+    $(NULL)
+
+OBJS = \
+    .\$(OBJDIR)\nsPSMMutex.obj \
+    .\$(OBJDIR)\nsPSMShimLayer.obj \
+    .\$(OBJDIR)\nsPSMComponent.obj \
+    .\$(OBJDIR)\nsPSMUICallbacks.obj \
+    .\$(OBJDIR)\nsPSMModule.obj \
+    .\$(OBJDIR)\nsSecureBrowserUIImpl.obj \
+    .\$(OBJDIR)\nsSSLIOLayer.obj \
+    .\$(OBJDIR)\nsSSLSocketProvider.obj \
+    .\$(OBJDIR)\nsSDR.obj \
+    .\$(OBJDIR)\nsFSDR.obj \
+    .\$(OBJDIR)\nsCrypto.obj \
+    .\$(OBJDIR)\nsKeygenHandler.obj \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin\components

mozilla/extensions/psm-glue/src/nsCrypto.h

@@ -1,9 +1,9 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
  *
- * The contents of this file are subject to the Mozilla Public
+ * The contents of this file are subject to the Netscape Public
  * License Version 1.1 (the "License"); you may not use this file
  * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
+ * the License at http://www.mozilla.org/NPL/
  *
  * Software distributed under the License is distributed on an "AS
  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
@@ -14,21 +14,17 @@
  *
  * The Initial Developer of the Original Code is Netscape
  * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
+ * Copyright (C) 1998 Netscape Communications Corporation. All
  * Rights Reserved.
  *
  * Contributor(s):
- *  Javier Delgadillo <javi@netscape.com>
  */
 #ifndef _nsCrypto_h_
 #define _nsCrypto_h_
-#include "nsCOMPtr.h"
 #include "nsIDOMCRMFObject.h"
 #include "nsIDOMCrypto.h"
+#include "nsIScriptObjectOwner.h"
 #include "nsIDOMPkcs11.h"
-#include "nsString.h"
-#include "jsapi.h"
-#include "nsIPrincipal.h"
 
 #define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class"
 #define NS_CRYPTO_CID \
@@ -38,56 +34,77 @@
 #define NS_PKCS11_CID \
   {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
 
-#define PSM_VERSION_STRING "2.2"
-
 class nsIPSMComponent;
 class nsIDOMScriptObjectFactory;
-class nsIEventQueue;
 
 
-class nsCRMFObject : public nsIDOMCRMFObject
-{
+class nsCRMFObject : public nsIDOMCRMFObject,
+                     public nsIScriptObjectOwner {
 public:
   nsCRMFObject();
   virtual ~nsCRMFObject();
-
-  NS_DECL_NSIDOMCRMFOBJECT
+  NS_DECL_IDOMCRMFOBJECT
   NS_DECL_ISUPPORTS
 
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
   nsresult init();
 
   nsresult SetCRMFRequest(char *inRequest);
 private:
 
   nsString mBase64Request;
+  void *mScriptObject;
 };
 
 
-class nsCrypto: public nsIDOMCrypto
-{
+class nsCrypto: public nsIDOMCrypto,
+                public nsIScriptObjectOwner {
 public:
   nsCrypto();
   virtual ~nsCrypto();
   nsresult init();
   
-  NS_DECL_ISUPPORTS
-  NS_DECL_NSIDOMCRYPTO
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
 
+  NS_DECL_ISUPPORTS
+  NS_DECL_IDOMCRYPTO
+
+  static nsresult GetScriptObjectFactory(nsIDOMScriptObjectFactory **aResult);
+  static nsIDOMScriptObjectFactory *gScriptObjectFactory;
   static nsIPrincipal* GetScriptPrincipal(JSContext *cx);
-  static nsIEventQueue* GetUIEventQueue();
+  static const char *kPSMComponentProgID;
+
+ private:
+
+  nsIPSMComponent *mPSM;
+  nsString         mVersionString;
+  PRBool           mVersionStringSet;
+  void            *mScriptObject;
 };
 
-class nsPkcs11 : public nsIDOMPkcs11
-{
+class nsPkcs11 : public nsIDOMPkcs11,
+                 public nsIScriptObjectOwner {
 public:
   nsPkcs11();
   virtual ~nsPkcs11();
 
+  nsresult init();
   NS_DECL_ISUPPORTS
-  NS_DECL_NSIDOMPKCS11
+  NS_DECL_IDOMPKCS11
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
 
+private:
+  nsIPSMComponent *mPSM;
+  void            *mScriptObject;
 };
 
+nsresult
+getPSMComponent(nsIPSMComponent ** retPSM);
+
 #endif //_nsCrypto_h_
 
 

mozilla/extensions/psm-glue/src/nsFSDR.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Terry Hayes <thayes@netscape.com>
+ *   Steve Morse <morse@netscape.com>
+ */
+
+#ifndef _NSFSDR_H_
+#define _NSFSDR_H_
+
+#include "nsISecretDecoderRing.h"
+
+// ===============================================
+// nsFSecretDecoderRing - "fake" implementation of nsISecretDecoderRing
+// ===============================================
+
+#define NS_FSDR_CLASSNAME "Fake Secret Decoder Ring"
+#define NS_FSDR_CID \
+  { 0x1ee28720, 0x2b93, 0x11d4, { 0xa0, 0xa4, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+
+#define NS_FSDR_PROGID "netscape.security.fsdr"
+
+class nsFSecretDecoderRing : public nsISecretDecoderRing
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSISECRETDECODERRING
+
+  nsFSecretDecoderRing();
+  virtual ~nsFSecretDecoderRing();
+
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
+
+  nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
+  nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
+};
+
+#endif /* _NSFSDR_H_ */

mozilla/extensions/psm-glue/src/nsKeygenHandler.cpp

@@ -0,0 +1,255 @@
+//For some weird reason, nsProxiedService has to be the first file 
+//included.  Don't ask me, I'm just the messenger.
+#include "nsProxiedService.h"
+#include "nsKeygenHandler.h"
+#include "nsVoidArray.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIServiceManager.h"
+#include "nsIDOMHTMLSelectElement.h"
+#include "nsIContent.h"
+#include "nsIPSMComponent.h"
+#include "nsIPSMUIHandler.h"
+#include "nsPSMUICallbacks.h"
+#include "nsCrypto.h"
+#include "cmtcmn.h"
+#include "cmtjs.h"
+
+//These defines are taken from the PKCS#11 spec
+#define CKM_RSA_PKCS_KEY_PAIR_GEN     0x00000000
+#define CKM_DH_PKCS_KEY_PAIR_GEN      0x00000020
+#define CKM_DSA_KEY_PAIR_GEN          0x00000010
+
+static NS_DEFINE_IID(kFormProcessorIID,   NS_IFORMPROCESSOR_IID); 
+static NS_DEFINE_IID(kIDOMHTMLSelectElementIID, NS_IDOMHTMLSELECTELEMENT_IID);
+
+static const char *mozKeyGen = "-mozilla-keygen";
+
+NS_IMPL_ADDREF(nsKeygenFormProcessor); 
+NS_IMPL_RELEASE(nsKeygenFormProcessor); 
+NS_IMPL_QUERY_INTERFACE(nsKeygenFormProcessor, kFormProcessorIID); 
+
+nsKeygenFormProcessor::nsKeygenFormProcessor() 
+{ 
+   NS_INIT_REFCNT(); 
+   getPSMComponent(&mPSM);
+} 
+
+char *
+nsKeygenFormProcessor::ChooseToken(PCMT_CONTROL control, 
+				   CMKeyGenTagArg *psmarg,
+				   CMKeyGenTagReq *reason)
+{
+  CMUint32 resID;
+  CMTStatus crv;
+  CMTItem url;
+  char *keyString = nsnull;
+  nsresult rv = NS_OK;
+  NameList *tokenNames;
+  int i;
+
+  // In this case, PSM provided us with a list of potential tokens to choose
+  // from, but we're gonna make it use it's UI for now, so let's delte the
+  // memory associated with the structure it sent back.
+  tokenNames = (NameList*)psmarg->current;
+  for (i=0; i < tokenNames->numitems; i++) {
+    nsCRT::free(tokenNames->names[i]);
+  }
+  nsCRT::free((char*)tokenNames);
+  resID = psmarg->rid;
+  memset(&url, 0, sizeof(CMTItem));
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  crv = CMT_GetStringAttribute(control, resID, SSM_FID_CHOOSE_TOKEN_URL, &url);
+  if (crv != CMTSuccess) {
+    goto loser;
+  }
+  if (NS_SUCCEEDED(rv)) {
+    handler->DisplayURI(400, 300, PR_TRUE, (char*)url.data);
+  } else {
+    goto loser;
+  }
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keyString)
+    nsCRT::free(keyString);
+  return nsnull;
+}
+
+char *
+nsKeygenFormProcessor::SetUserPassword(PCMT_CONTROL control, 
+				       CMKeyGenTagArg *psmarg,
+				       CMKeyGenTagReq *reason)
+{
+  nsresult rv;
+  CMTStatus crv;
+  CMTItem url;
+  char *keystring=nsnull;
+
+  // We need to delete the memory the PSM client API allocated for us since
+  // we're just gonna tell it to use it's own UI.
+  nsCRT::free((char*)psmarg->current);
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  memset (&url, 0, sizeof(CMTItem));
+  crv = CMT_GetStringAttribute(control,psmarg->rid, SSM_FID_INIT_DB_URL, &url);
+  if (crv != CMTSuccess || NS_FAILED(rv)){
+    goto loser;
+  }
+
+  handler->DisplayURI(500, 450, PR_TRUE, (char*)url.data);
+  
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keystring)
+    nsCRT::free(keystring);
+  return nsnull;
+}
+
+nsresult
+nsKeygenFormProcessor::GetPublicKey(nsString& value, nsString& challenge, 
+				    nsString& keyType,
+				    nsString& outPublicKey, nsString& pqg)
+{
+    PCMT_CONTROL control;
+    nsresult rv;
+    CMKeyGenParams *params = nsnull;
+    CMKeyGenTagArg *psmarg = nsnull;
+    CMKeyGenTagReq reason;
+    char *emptyCString = "null";
+    char *keystring = nsnull;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    params = new CMKeyGenParams;
+    if (params == nsnull) {
+      goto loser;
+    }
+    params->typeString = (keyType.IsEmpty()) ? emptyCString : 
+                                               keyType.ToNewCString();
+    params->challenge  = (challenge.IsEmpty()) ? emptyCString : 
+                                                 challenge.ToNewCString();
+    params->choiceString = value.ToNewCString();
+    params->pqgString = (pqg.IsEmpty()) ? emptyCString : pqg.ToNewCString();
+    psmarg = new CMKeyGenTagArg;
+    if (psmarg == nsnull) {
+      goto loser;
+    }
+    // ARGH, while this is going on, we need to lock the control
+    // connection so that the event loop doesn't drop our response on
+    // the floor.
+    CMT_LockConnection(control);
+    psmarg->op = CM_KEYGEN_START;
+    psmarg->rid = 0;
+    psmarg->tokenName = NULL;
+    psmarg->current = params;
+    keystring = CMT_GenKeyOldStyle(control, psmarg, &reason);
+    while (!keystring) {
+      psmarg->op = reason;
+      switch (psmarg->op) {
+      case CM_KEYGEN_PICK_TOKEN:
+	keystring = ChooseToken(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_SET_PASSWORD:
+	keystring = SetUserPassword(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_ERR:
+      default:
+	goto loser;
+      }
+    }
+    CMT_UnlockConnection(control);
+    outPublicKey.AssignWithConversion(keystring);
+    nsCRT::free(keystring);
+    return NS_OK;
+ loser:
+    return NS_ERROR_FAILURE;
+}
+
+NS_METHOD 
+nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement *aElement, 
+				    const nsString& aName, 
+				    nsString& aValue) 
+{ 
+#ifdef DEBUG_javi
+  char *name = aName.ToNewCString(); 
+  char *value = aValue.ToNewCString(); 
+  printf("ProcessValue: name %s value %s\n",  name, value); 
+  delete [] name; 
+  delete [] value; 
+#endif 
+  nsresult rv = NS_OK;
+  nsCOMPtr<nsIDOMHTMLSelectElement>selectElement;
+  nsresult res = aElement->QueryInterface(kIDOMHTMLSelectElementIID, 
+					  getter_AddRefs(selectElement));
+  if (NS_SUCCEEDED(res)) {
+    nsAutoString keygenvalue;
+    nsAutoString challengeValue;
+    nsString publicKey;
+    nsString mozillaKeygen;
+    nsString mozType;
+
+    mozType.AssignWithConversion("_moz-type");
+    mozillaKeygen.AssignWithConversion(mozKeyGen);
+    res = selectElement->GetAttribute(mozType, keygenvalue);
+
+    if (NS_CONTENT_ATTR_HAS_VALUE == res && keygenvalue.Equals(mozillaKeygen)) {
+      nsString challenge;
+      nsString keyType;
+      nsString keyTypeValue;
+      nsString pqg, pqgValue;
+
+      challenge.AssignWithConversion("challenge");
+      pqg.AssignWithConversion("pqg");
+      res = selectElement->GetAttribute(pqg, pqgValue);
+      keyType.AssignWithConversion("keytype");
+      res = selectElement->GetAttribute(keyType, keyTypeValue);
+      if (NS_FAILED(res) || keyTypeValue.IsEmpty()) {
+	// If this field is not present, we default to rsa.
+	keyTypeValue.AssignWithConversion("rsa");
+      }
+      res = selectElement->GetAttribute(challenge, challengeValue);
+      rv = GetPublicKey(aValue, challenge, keyTypeValue, 
+			publicKey, pqgValue);
+      aValue = publicKey;
+    }
+  }
+
+  return rv; 
+} 
+
+NS_METHOD nsKeygenFormProcessor::ProvideContent(const nsString& aFormType, 
+						nsVoidArray& aContent, 
+						nsString& aAttribute) 
+{ 
+  nsString selectString;
+  nsresult rv;
+  PCMT_CONTROL control;
+  PRUint32 i;
+
+  selectString.AssignWithConversion("SELECT");
+  if (aFormType.EqualsIgnoreCase(selectString)) {
+    nsString *selectString;
+    char **result;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    result = CMT_GetKeyChoiceList(control, "rsa"/*Need to figure out if DSA*/,
+				  nsnull);
+    for (i=0; result[i] != nsnull; i++) {
+	selectString = new nsString;
+	selectString->AssignWithConversion(result[i]);
+	aContent.AppendElement(selectString);
+	delete []result[i];
+    }
+    delete []result;
+    aAttribute.AssignWithConversion(mozKeyGen);
+  }
+  return NS_OK;
+ loser:
+  return NS_ERROR_FAILURE; 
+} 
+
+
+

mozilla/extensions/psm-glue/src/nsKeygenHandler.h

@@ -0,0 +1,32 @@
+#ifndef _NSKEYGENHANDLER_H_
+#define _NSKEYGENHANDLER_H_
+// Form Processor 
+#include "nsIFormProcessor.h" 
+#include "ssmdefs.h"
+#include "cmtcmn.h"
+
+class nsIPSMComponent;
+
+class nsKeygenFormProcessor : public nsIFormProcessor { 
+public: 
+  nsKeygenFormProcessor(); 
+  NS_IMETHOD ProcessValue(nsIDOMHTMLElement *aElement, 
+                          const nsString& aName, 
+                          nsString& aValue); 
+
+  NS_IMETHOD ProvideContent(const nsString& aFormType, 
+                            nsVoidArray& aContent, 
+                            nsString& aAttribute); 
+  NS_DECL_ISUPPORTS 
+protected:
+  nsresult GetPublicKey(nsString& value, nsString& challenge, 
+			nsString& keyType, nsString& outPublicKey,
+			nsString& pqg);
+  char * ChooseToken(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  char * SetUserPassword(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  nsIPSMComponent *mPSM;
+}; 
+
+#endif //_NSKEYGENHANDLER_H_

mozilla/extensions/psm-glue/src/nsPSMComponent.cpp

@@ -0,0 +1,935 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsPSMUICallbacks.h"
+#include "VerReg.h"
+
+#include "nspr.h"
+#include "nsPSMComponent.h"
+
+#include "nsCRT.h"
+
+#include "nsNetUtil.h"
+#include "nsIURI.h"
+#include "nsIChannel.h"
+#include "nsIInputStream.h"
+#include "nsIStreamListener.h"
+
+#include "nsIPref.h"
+#include "nsIProfile.h"
+#include "nsILocalFile.h"
+
+#include "nsDirectoryService.h"
+
+#include "rsrcids.h"
+
+#include "nsPSMMutex.h"
+#include "nsPSMShimLayer.h"
+#include "nsPSMUICallbacks.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIScriptSecurityManager.h"
+#include "nsICertificatePrincipal.h"
+
+#include "nsIProtocolProxyService.h"
+
+#define PSM_VERSION_REG_KEY "/Netscape/Personal Security Manager"
+
+#ifdef WIN32
+#define PSM_FILE_NAME "psm.exe"
+#elif XP_UNIX
+#define PSM_FILE_NAME "start-psm"
+#else
+#define PSM_FILE_NAME "psm"
+#endif
+
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kProfileCID, NS_PROFILE_CID);
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+static NS_DEFINE_CID(kProtocolProxyServiceCID, NS_PROTOCOLPROXYSERVICE_CID);
+
+nsPSMComponent* nsPSMComponent::mInstance = nsnull;
+
+nsPSMComponent::nsPSMComponent()
+{
+    NS_INIT_REFCNT();
+    mControl = nsnull;
+}
+
+nsPSMComponent::~nsPSMComponent()
+{
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = nsnull;
+    }
+}
+
+
+NS_IMETHODIMP      
+nsPSMComponent::CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    if (!aResult) {                                                
+        return NS_ERROR_INVALID_POINTER;                           
+    }                                                              
+    if (aOuter) {                                                  
+        *aResult = nsnull;                                         
+        return NS_ERROR_NO_AGGREGATION;                              
+    }                                                                
+    
+    if (mInstance == nsnull) 
+    {
+        mInstance = new nsPSMComponent();
+    }
+
+    if (mInstance == nsnull)
+        return NS_ERROR_OUT_OF_MEMORY;
+    
+    nsresult rv = mInstance->QueryInterface(aIID, aResult);                        
+    if (NS_FAILED(rv)) 
+    {                                             
+        *aResult = nsnull;                                           
+    }                                                                
+    return rv;                                                       
+}
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS3(nsPSMComponent, 
+                              nsIPSMComponent, 
+                              nsIContentHandler,
+                              nsISignatureVerifier);
+
+#define INIT_NUM_PREFS 100
+/* preference types */
+#define STRING_PREF 0
+#define BOOL_PREF 1
+#define INT_PREF 2
+
+
+/* resizable list struct that contains pref items */
+typedef struct CMSetPrefList {
+    int n; /* number of filled items */
+    int capacity; /* allocated memory */
+    CMTSetPrefElement* list; /* actual list */
+} CMSetPrefList;
+
+static void get_pack_bool_pref(nsIPref *prefManager, char* key, CMTSetPrefElement* list, int* n)
+{
+    PRBool boolpref;
+
+    list[*n].key = nsCRT::strdup(key);
+    list[*n].type = BOOL_PREF;
+
+    if ((prefManager->GetBoolPref(key, &boolpref) != 0) || boolpref) 
+    {
+        list[*n].value = nsCRT::strdup("true");
+    }
+    else 
+    {
+        list[*n].value = nsCRT::strdup("false");
+    }
+
+    (*n)++;    /* increment the counter after done packing */
+
+    return;
+}
+
+static void SaveAllPrefs(int number, CMTSetPrefElement* list)
+{
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+    
+    if (NS_FAILED(res)  || !prefManager)
+    {
+        return;
+    }
+
+
+    int i;
+    int intval;
+
+    for (i = 0; i < number; i++) 
+    {
+        if (list[i].key == nsnull) 
+        {
+            /* misconfigured item: next */
+            continue;
+        }
+
+        switch (list[i].type) 
+        {
+             case 0:    /* string type */
+                 prefManager->SetCharPref(list[i].key, list[i].value);
+                 break;
+             case 1:    /* boolean type */
+                 if (strcmp(list[i].value, "true") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)1);
+                 }
+                 else if (strcmp(list[i].value, "false") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)0);
+                 }
+                 break;
+             case 2:
+                 intval = atoi(list[i].value);
+                 prefManager->SetIntPref(list[i].key, intval);
+                 break;
+             default:
+                 break;
+         }
+    }
+
+    return;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::PassPrefs()
+{
+    // if we have not passed anything to psm yet, this function can just return.
+
+    if (!mControl)
+        return NS_OK;
+
+    int i;
+    nsresult rv = NS_ERROR_FAILURE;
+    char* strpref = NULL;
+    int intpref;
+    PRBool boolpref;
+    CMSetPrefList prefs = {0};
+    CMTSetPrefElement* list = NULL;
+
+    char* pickAuto = "Select Automatically";
+    char* alwaysAsk = "Ask Every Time";
+    
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+
+    if (NS_OK != res) 
+    {
+        return NS_ERROR_FAILURE;
+    }
+
+    /* allocate memory for list */
+    prefs.n = 0; /* counter */
+    prefs.capacity = INIT_NUM_PREFS;
+    prefs.list = (CMTSetPrefElement*) new char[(INIT_NUM_PREFS * sizeof(CMTSetPrefElement))];
+    
+    if (prefs.list == NULL) 
+    {
+         return rv;
+    }
+
+    /* shorthand */
+    list = prefs.list;
+
+    /* get preferences */
+    get_pack_bool_pref(prefManager, "security.enable_ssl2", (CMTSetPrefElement*)list, &(prefs.n));
+    get_pack_bool_pref(prefManager, "security.enable_ssl3", (CMTSetPrefElement*)list, &(prefs.n));
+
+    /* this pref is a boolean pref in nature but a string pref for 
+     * historical reason
+     */
+
+    list[prefs.n].key = nsCRT::strdup("security.default_personal_cert");
+    list[prefs.n].type = STRING_PREF;
+
+    if ((prefManager->CopyCharPref(list[prefs.n].key, &strpref) == 0) && (strcmp(strpref, pickAuto) == 0)) 
+    {
+         list[prefs.n].value = nsCRT::strdup(pickAuto);
+    }
+    else 
+    {
+         /* although one could choose a specific cert for client auth in
+          * Nova, that mode is deprecated with PSM and mapped to ASK
+          */
+         list[prefs.n].value = nsCRT::strdup(alwaysAsk);
+    }
+
+    prefs.n++;
+    if (strpref != NULL) 
+    {
+         nsCRT::free(strpref);
+    }
+
+    list[prefs.n].key = nsCRT::strdup("security.default_mail_cert");
+    list[prefs.n].type = STRING_PREF;
+    if (prefManager->CopyCharPref(list[prefs.n].key, &list[prefs.n].value) != 0) 
+    {
+         list[prefs.n].value = NULL;
+    }
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.ask_for_password");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 0;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.password_lifetime");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 30;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    /* OCSP preferences */
+    /* XXX since these are the new ones added by PSM, we will be more
+     *     error-tolerant in fetching them
+     */
+    if (prefManager->GetBoolPref("security.OCSP.enabled", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.enabled");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->GetBoolPref("security.OCSP.useDefaultResponder", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.useDefaultResponder");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.URL", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.URL");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.signingCA", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.signingCA");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    /* now application-specific preferences */
+    /* get navigator preferences */
+    get_pack_bool_pref(prefManager, "security.warn_entering_secure", (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_leaving_secure",  (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_viewing_mixed",   (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_submit_insecure", (CMTSetPrefElement*)list, &prefs.n);
+
+    // Add any other prefs here such as ldap or mail/news.
+     
+     CMT_SetSavePrefsCallback(mControl, (savePrefsCallback_fn)SaveAllPrefs);
+
+    if (CMT_PassAllPrefs(mControl, prefs.n, (CMTSetPrefElement*)prefs.list) !=  CMTSuccess) 
+    {
+         goto loser;
+    }
+
+    rv = NS_OK; /* success */
+loser:
+    /* clean out memory for prefs */
+    for (i = 0; i < prefs.n; i++) 
+    {
+         if (prefs.list[i].key != NULL) 
+        {
+             nsCRT::free(prefs.list[i].key);
+         }
+         
+        if (prefs.list[i].value != NULL) 
+        {
+             nsCRT::free(prefs.list[i].value);
+         }
+    }
+
+    if (prefs.list != NULL) 
+    {
+         delete(prefs.list);
+    }
+    return rv;
+}
+
+#ifdef XP_MAC
+extern "C" {
+    void RunMacPSM(void* arg);
+    PRThread* SSM_CreateAndRegisterThread(PRThreadType type, void (*start)(void *arg),
+                                          void *arg, PRThreadPriority priority,
+                                          PRThreadScope scope, PRThreadState state,
+                                          PRUint32 stackSize);
+    void SSM_KillAllThreads(void);
+}
+#endif
+            
+NS_IMETHODIMP
+nsPSMComponent::GetControlConnection( CMT_CONTROL * *_retval )
+{
+     nsresult rv;
+     *_retval = nsnull;
+    if (mControl) 
+    {
+        *_retval = mControl;
+        return NS_OK;
+    }
+    else      /* initialize mutex, sock table, etc. */
+    {
+            
+        if (nsPSMMutexInit() != PR_SUCCESS)
+            return NS_ERROR_FAILURE;
+
+#ifdef XP_MAC
+        /* FIXME:  Really need better error handling in PSM, which simply exits on error. */
+        /* use a cached monitor to rendezvous with the PSM thread. */
+        PRMonitor* monitor = PR_CEnterMonitor(this);
+        if (monitor != nsnull) {
+            /* create the Cartman thread, and let it run awhile to get things going. */
+            PRThread* cartmanThread = SSM_CreateAndRegisterThread(PR_USER_THREAD, RunMacPSM, 
+							                                      this, PR_PRIORITY_NORMAL,
+							                                      PR_LOCAL_THREAD, PR_UNJOINABLE_THREAD, 0);
+            if (cartmanThread != nsnull) {
+                /* need a good way to rendezvouz with the Cartman thread. */
+                PR_CWait(this, PR_INTERVAL_NO_TIMEOUT);
+            }
+            
+            PR_CExitMonitor(this);
+        }
+#endif
+
+        // Try to see if it is open already
+        mControl = CMT_ControlConnect(&nsPSMMutexTbl, &nsPSMShimTbl);
+        
+        // Find the one in the bin directory
+        if (mControl == nsnull)
+        {
+            nsCOMPtr<nsILocalFile> psmAppFile;
+            NS_WITH_SERVICE(nsIProperties, directoryService, NS_DIRECTORY_SERVICE_PROGID, &rv);
+            if (NS_FAILED(rv)) return rv;
+
+            directoryService->Get("system.OS_CurrentProcessDirectory", 
+                                   NS_GET_IID(nsIFile), 
+                                   getter_AddRefs(psmAppFile));
+
+        
+            psmAppFile->Append("psm");
+            psmAppFile->Append(PSM_FILE_NAME);
+        
+            PRBool isExecutable, exists;
+            psmAppFile->Exists(&exists);
+            psmAppFile->IsExecutable(&isExecutable);
+            if (exists && isExecutable)
+            {
+                nsXPIDLCString path;
+                psmAppFile->GetPath(getter_Copies(path));
+                // FIX THIS.  using a file path is totally wrong here.  
+                mControl = CMT_EstablishControlConnection((char*)(const char*)path, &nsPSMShimTbl, &nsPSMMutexTbl);
+            }
+        }
+
+        // Get the one in the version registry           
+        if (mControl == nsnull)
+        {
+            //Try to find it.
+            int err;
+            char filepath[MAXREGPATHLEN];
+
+            err = VR_GetPath(PSM_VERSION_REG_KEY, sizeof(filepath), filepath);
+            if ( err == REGERR_OK )
+            {
+                nsFileSpec psmSpec(filepath);
+                psmSpec += PSM_FILE_NAME;
+		
+                if (psmSpec.Exists())
+                {
+                    mControl = CMT_EstablishControlConnection((char *)psmSpec.GetNativePathCString(), &nsPSMShimTbl, &nsPSMMutexTbl);
+                }
+            }
+         }
+
+        
+        if (!mControl || InitPSMUICallbacks(mControl) != PR_SUCCESS)
+            goto failure;
+
+        nsFileSpec profileSpec;
+        PRUnichar*      profileName;
+        
+        NS_WITH_SERVICE(nsIProfile, profile, kProfileCID, &rv);
+        if (NS_FAILED(rv)) goto failure;
+        
+        rv = profile->GetCurrentProfileDir(&profileSpec);
+        if (NS_FAILED(rv)) goto failure;;
+        
+#ifdef XP_MAC
+        profileSpec += "Security";
+        // make sure the dir exists
+        profileSpec.CreateDirectory();
+#endif
+        
+        rv = profile->GetCurrentProfile(&profileName);
+        if (NS_FAILED(rv)) goto failure;
+          
+        CMTStatus psmStatus;
+        nsCAutoString profilenameC;
+        profilenameC.AssignWithConversion(profileName);
+
+        psmStatus = CMT_Hello( mControl, 
+                               PROTOCOL_VERSION, 
+                               profilenameC, 
+                               (char*)profileSpec.GetNativePathCString());        
+        
+        if (psmStatus == CMTFailure)
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+        
+        if (InitPSMEventLoop(mControl) != PR_SUCCESS)
+        {
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+            
+        if (NS_FAILED(PassPrefs()))
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+
+        PR_FREEIF(profileName);
+        
+        nsCOMPtr<nsIProtocolProxyService> proxySvc = do_GetService(kProtocolProxyServiceCID, &rv);
+        if (NS_FAILED(rv)) return rv;
+        proxySvc->AddNoProxyFor("127.0.0.1", mControl->port);
+        
+        *_retval = mControl;
+        return NS_OK;
+    }
+
+failure:
+#ifdef DEBUG
+    printf("*** Failure setting up Cartman! \n");
+#endif
+
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = NULL;
+    }
+
+    // TODO we need to unregister our UI callback BEFORE destroying our mutex.
+    // nsPSMMutexDestroy();
+
+    return NS_ERROR_FAILURE;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::DisplaySecurityAdvisor(const char *pickledStatus, const char *hostName)
+{
+    CMT_CONTROL *controlConnection;
+    GetControlConnection( &controlConnection );
+    if (DisplayPSMUIDialog(controlConnection, pickledStatus, hostName) == PR_SUCCESS)
+        return NS_OK;
+    return NS_ERROR_FAILURE;
+}
+
+class CertDownloader : public nsIStreamListener
+{
+    public:
+        CertDownloader() {NS_ASSERTION(0, "don't use this constructor."); }
+        CertDownloader(PRInt32 type);
+        virtual ~CertDownloader();
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSISTREAMOBSERVER
+        NS_DECL_NSISTREAMLISTENER
+    protected:
+        char* mByteData;
+        PRInt32 mBufferOffset;
+        PRInt32 mContentLength;
+        PRInt32 mType;
+};
+
+
+CertDownloader::CertDownloader(PRInt32 type)
+{
+    NS_INIT_REFCNT();
+    mByteData = nsnull;
+    mType = type;
+}
+
+CertDownloader::~CertDownloader()
+{
+    if (mByteData)
+        nsMemory::Free(mByteData);
+}
+
+NS_IMPL_ISUPPORTS(CertDownloader,NS_GET_IID(nsIStreamListener));
+
+
+NS_IMETHODIMP
+CertDownloader::OnStartRequest(nsIChannel* channel, nsISupports* context)
+{
+    channel->GetContentLength(&mContentLength);
+    if (mContentLength == -1)
+        return NS_ERROR_FAILURE;
+    
+    mBufferOffset = 0;
+    mByteData = (char*) nsMemory::Alloc(mContentLength);
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnDataAvailable(nsIChannel* channel, 
+                                nsISupports* context,
+                                nsIInputStream *aIStream, 
+                                PRUint32 aSourceOffset,
+                                PRUint32 aLength)
+{
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    PRUint32 amt;
+    nsresult err;
+
+    do 
+    {
+        err = aIStream->Read(mByteData+mBufferOffset, mContentLength-mBufferOffset, &amt);
+        if (amt == 0) break;
+        if (NS_FAILED(err))  return err;
+        
+        aLength -= amt;
+        mBufferOffset += amt;
+
+    } while (aLength > 0);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnStopRequest(nsIChannel* channel, 
+                              nsISupports* context,
+                              nsresult aStatus,
+                              const PRUnichar* aMsg)
+{
+
+    nsCOMPtr<nsIPSMComponent> psm = do_QueryInterface(context);
+
+    if (!psm) return NS_ERROR_FAILURE;
+
+    CMT_CONTROL *controlConnection;
+    psm->GetControlConnection( &controlConnection );
+    unsigned int certID;
+                    
+    certID = CMT_DecodeAndCreateTempCert(controlConnection, mByteData, mContentLength, mType);
+
+    if (certID)
+        CMT_DestroyResource(controlConnection, certID, SSM_RESTYPE_CERTIFICATE);
+
+  return NS_OK;
+}
+
+
+/* other mime types that we should handle sometime:
+
+application/x-pkcs7-crl
+application/x-pkcs7-mime
+application/pkcs7-signature
+application/pre-encrypted
+
+*/
+
+
+NS_IMETHODIMP 
+nsPSMComponent::HandleContent(const char * aContentType, 
+                              const char * aCommand, 
+                              const char * aWindowTarget, 
+                              nsISupports* aWindowContext, 
+                              nsIChannel * aChannel)
+{
+    // We were called via CI.  We better protect ourselves and addref.
+    NS_ADDREF_THIS();
+
+    nsresult rv = NS_OK;
+    if (!aChannel) return NS_ERROR_NULL_POINTER;
+    
+    CMUint32 type = -1;
+
+    if ( nsCRT::strcasecmp(aContentType, "application/x-x509-ca-cert") == 0)
+    {
+        type = 1;  //CA cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-server-cert") == 0)
+    {
+        type =  2; //Server cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-user-cert") == 0)
+    {
+        type =  3; //User cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-email-cert") == 0)
+    {
+        type =  4; //Someone else's email cert
+    }
+    
+    if (type != -1)
+    {
+        // I can't directly open the passed channel cause it fails :-(
+
+        nsCOMPtr<nsIURI> uri;
+        rv = aChannel->GetURI(getter_AddRefs(uri));
+        if (NS_FAILED(rv)) return rv;
+
+        nsCOMPtr<nsIChannel> channel;
+        rv = NS_OpenURI(getter_AddRefs(channel), uri);
+        if (NS_FAILED(rv)) return rv;
+
+        return channel->AsyncRead(new CertDownloader(type), NS_STATIC_CAST(nsIPSMComponent*,this));
+    }
+
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+//---------------------------------------------
+// Functions Implenenting NSISignatureVerifier
+//---------------------------------------------
+NS_IMETHODIMP
+nsPSMComponent::HashBegin(PRUint32 alg, PRUint32* id)
+{
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+
+  if(CMT_HashCreate(controlConnection, alg, (CMUint32*)id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  if(CMT_HASH_Begin(controlConnection, *id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+
+  return NS_OK;  
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashUpdate(PRUint32 id, const char* buf, PRUint32 buflen)
+{
+  CMT_CONTROL *controlConnection;
+
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  if (CMT_HASH_Update(controlConnection, id, 
+      (const unsigned char*)buf, buflen) != CMTSuccess)    
+    return NS_ERROR_FAILURE;
+    
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashEnd(PRUint32 id, unsigned char** hash, 
+                        PRUint32* hashLen, PRUint32 maxLen)
+{
+  if (!hash)
+    return NS_ERROR_ILLEGAL_VALUE;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+ 
+  if(CMT_HASH_End(controlConnection, id, *hash,
+                        (CMUint32*)hashLen, maxLen) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  CMT_HASH_Destroy(controlConnection, id);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::CreatePrincipalFromSignature(const char* aRSABuf, PRUint32 aRSABufLen,
+                                             nsIPrincipal** aPrincipal)
+{
+  PRInt32 errorCode;
+  return VerifySignature(aRSABuf, aRSABufLen, nsnull, 0, &errorCode, aPrincipal);
+}
+
+PR_STATIC_CALLBACK(void)
+UselessPK7DataSink(void* arg, const char* buf, CMUint32 len)
+{
+}
+
+NS_IMETHODIMP
+nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen, 
+                                const char* aPlaintext, PRUint32 aPlaintextLen,
+                                PRInt32* aErrorCode,
+                                nsIPrincipal** aPrincipal)
+{
+  if (!aPrincipal || !aErrorCode)
+    return NS_ERROR_NULL_POINTER;
+  *aErrorCode = 0;
+  *aPrincipal = nsnull;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  
+  //-- Decode the signature stream
+  CMUint32 decoderID;
+  CMInt32* blah = nsnull;
+  CMTStatus result = CMT_PKCS7DecoderStart(controlConnection, nsnull,
+                                           &decoderID, blah,
+                                           UselessPK7DataSink, nsnull);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  result = CMT_PKCS7DecoderUpdate(controlConnection, decoderID, aRSABuf, aRSABufLen);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMUint32 contentInfo;
+  result = CMT_PKCS7DecoderFinish(controlConnection, 
+                                            decoderID, &contentInfo);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  CMTItem hashItem;
+  hashItem.data = 0;
+  hashItem.len = 0;
+  //-- If a plaintext was provided, hash it.
+  if (aPlaintext)
+  {
+    CMUint32 hashId;
+    CMT_HashCreate(controlConnection, nsISignatureVerifier::SHA1, &hashId);
+    CMT_HASH_Begin(controlConnection, hashId);
+    CMTStatus result = CMT_HASH_Update(controlConnection, hashId, 
+                                       (const unsigned char*)aPlaintext, aPlaintextLen);
+    if (result != CMTSuccess) return NS_ERROR_FAILURE;
+    
+    unsigned char* hash = (unsigned char*)PR_MALLOC(nsISignatureVerifier::SHA1_LENGTH);
+    if (!hash) return NS_ERROR_OUT_OF_MEMORY;
+    CMUint32 hashLen;
+    result = CMT_HASH_End(controlConnection, hashId, hash,
+                          &hashLen, nsISignatureVerifier::SHA1_LENGTH);
+    if (result != CMTSuccess)
+    {
+      PR_FREEIF(hash);
+      return NS_ERROR_FAILURE;
+    }
+    NS_ASSERTION(hashLen == nsISignatureVerifier::SHA1_LENGTH,
+                 "PSMComponent: Hash too short.");
+    CMT_HASH_Destroy(controlConnection, hashId);
+    hashItem.data = hash;
+    hashItem.len = hashLen;
+  }
+
+  //-- Verify signature
+  // We need to call this function even if we're only creating a principal, not
+  // verifying, because PSM won't give us certificate information unless this
+  // function has been called.
+  result = CMT_PKCS7VerifyDetachedSignature(controlConnection, contentInfo,
+                                            6 /* =Object Signing Cert */,
+                                            3 /* =SHA1 algorithm (MD5=2)*/,
+                                            1,/* Save Certificate */
+                                            &hashItem, (CMInt32*)aErrorCode);
+
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  if (aPlaintext && *aErrorCode != 0) return NS_OK; // Verification failed.
+
+  CMUint32 certID;
+  result = CMT_GetRIDAttribute(controlConnection, contentInfo,
+                               SSM_FID_P7CINFO_SIGNER_CERT, &certID);
+  if ((result != CMTSuccess) || !certID) return NS_OK; // No signature present
+  
+  CMTItem fingerprint;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_FINGERPRINT, &fingerprint);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  //-- Get a principal
+  nsresult rv;
+  NS_WITH_SERVICE(nsIScriptSecurityManager, secMan,
+                  NS_SCRIPTSECURITYMANAGER_PROGID, &rv)
+    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+  rv = secMan->GetCertificatePrincipal((char*)fingerprint.data,
+                                       aPrincipal);
+  if (NS_FAILED(rv)) return rv;
+
+  //-- Get common name and store it in the principal.
+  //   Using common name + organizational unit as the user-visible certificate name
+  nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(*aPrincipal, &rv);
+  if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+
+  CMTItem common;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_COMMON_NAME, &common);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMTItem subject;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_SUBJECT_NAME, &subject);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  nsCAutoString commonName;
+  commonName = (char*)common.data;
+  static const char orgUnitTag[] = " OU=";
+  char* orgUnitPos = PL_strstr((char*)subject.data, orgUnitTag);
+  if (orgUnitPos)
+  {
+    orgUnitPos += sizeof(orgUnitTag)-1;
+    char* orgUnitEnd = PL_strchr(orgUnitPos, ',');
+    PRInt32 orgUnitLen;
+    if(orgUnitEnd)
+      orgUnitLen = orgUnitEnd - orgUnitPos;
+    else
+      orgUnitLen = PL_strlen(orgUnitPos);
+    commonName.Append(' ');
+    commonName.Append(orgUnitPos, orgUnitLen);
+  }
+  char* commonChar = commonName.ToNewCString();
+  if (!commonChar) return NS_ERROR_OUT_OF_MEMORY;
+  rv = certificate->SetCommonName(commonChar);
+  Recycle(commonChar);
+  return rv;
+}
+

mozilla/extensions/psm-glue/src/nsPSMComponent.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nscore.h"
+#include "nsIPSMComponent.h"
+#include "nsISignatureVerifier.h"
+#include "nsIStringBundle.h"
+
+#include "nsIContentHandler.h"
+
+#define SECURITY_STRING_BUNDLE_URL "chrome://communicator/locale/security.properties"
+
+#define NS_PSMCOMPONENT_CID {0xddcae170, 0x5412, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
+
+// Implementation of the PSM component interface.
+class nsPSMComponent : public nsIPSMComponent, 
+                       public nsIContentHandler, 
+                       public nsISignatureVerifier
+{
+public:
+  NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMCOMPONENT_CID );
+
+  nsPSMComponent();
+  virtual ~nsPSMComponent();
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIPSMCOMPONENT
+  NS_DECL_NSICONTENTHANDLER
+  NS_DECL_NSISIGNATUREVERIFIER
+
+  static NS_METHOD CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+
+private:
+  
+  PCMT_CONTROL mControl;
+  
+  nsCOMPtr<nsISupports> mSecureBrowserIU;
+  static nsPSMComponent* mInstance;
+}; 

mozilla/extensions/psm-glue/src/nsPSMModule.cpp

@@ -0,0 +1,178 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsIModule.h"
+#include "nsIGenericFactory.h"
+
+#include "nsPSMUICallbacks.h"
+#include "nsPSMComponent.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+
+#include "nsSSLSocketProvider.h"
+
+#include "nsSDR.h"
+#include "nsFSDR.h"
+#include "nsCrypto.h"
+#include "nsKeygenHandler.h"
+//For the NS_CRYPTO_PROGID define
+#include "nsDOMCID.h"
+
+#include "nsCURILoader.h"
+#include "nsISupportsUtils.h"
+
+// Define SDR object constructor
+static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
+static NS_DEFINE_IID(kFormProcessorCID,   NS_IFORMPROCESSOR_CID); 
+
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsCrypto, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsPkcs11, init)
+
+static nsModuleComponentInfo components[] =
+{
+    { 
+        PSM_COMPONENT_CLASSNAME,  
+        NS_PSMCOMPONENT_CID, 
+        PSM_COMPONENT_PROGID,   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-ca-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-ca-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-server-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-server-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+    { 
+        "PSM Content Handler - application/x-x509-user-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-user-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-email-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-email-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+
+    { 
+        PSM_UI_HANLDER_CLASSNAME, 
+        NS_PSMUIHANDLER_CID, 
+        PSM_UI_HANLDER_PROGID,  
+        nsPSMUIHandlerImpl::CreatePSMUIHandler
+    },
+
+    { 
+        NS_SECURE_BROWSER_UI_CLASSNAME, 
+        NS_SECURE_BROWSER_UI_CID, 
+        NS_SECURE_BROWSER_UI_PROGID, 
+        nsSecureBrowserUIImpl::Create 
+    },
+
+    { 
+        NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME, 
+        NS_SECURE_BROWSER_DOCOBSERVER_CID, 
+        NS_SECURE_BROWSER_DOCOBSERVER_PROGID, 
+        nsSecureBrowserUIImpl::Create
+    },
+
+    { 
+        NS_ISSLSOCKETPROVIDER_CLASSNAME,
+        NS_SSLSOCKETPROVIDER_CID,
+        NS_ISSLSOCKETPROVIDER_PROGID,
+        nsSSLSocketProvider::Create 
+    },
+
+    {
+        NS_SDR_CLASSNAME,
+        NS_SDR_CID,
+        NS_SDR_PROGID,
+        nsSecretDecoderRingConstructor
+    },
+
+    {
+        NS_FSDR_CLASSNAME,
+        NS_FSDR_CID,
+        NS_FSDR_PROGID,
+        nsFSecretDecoderRingConstructor
+    },
+    
+    {
+        NS_CRYPTO_CLASSNAME,
+        NS_CRYPTO_CID,
+        NS_CRYPTO_PROGID,
+        nsCryptoConstructor
+    },
+    {
+        NS_PKCS11_CLASSNAME,
+        NS_PKCS11_CID,
+        NS_PKCS11_PROGID,
+        nsPkcs11Constructor
+    }
+
+};
+
+#if 0
+NS_IMPL_NSGETMODULE("PSMComponent", components);
+#endif
+
+extern "C" NS_EXPORT nsresult NSGetModule(nsIComponentManager *servMgr,
+                                          nsIFile* location,
+                                          nsIModule** result)
+{
+  nsresult rv;
+  // Put in code to register KEYGEN form input handler.
+  rv= NS_NewGenericModule("PSMComponent",
+                          sizeof(components) / sizeof(components[0]),
+                          components, nsnull, result);
+  // Register a form processor. The form processor has the opportunity to 
+  // modify the value's passed during form submission. 
+  nsKeygenFormProcessor* testFormProcessor = new nsKeygenFormProcessor(); 
+  nsCOMPtr<nsISupports> formProcessor; 
+  rv = testFormProcessor->QueryInterface(kISupportsIID, 
+                                         getter_AddRefs(formProcessor)); 
+  if (NS_SUCCEEDED(rv) && formProcessor) { 
+    rv = nsServiceManager::RegisterService(kFormProcessorCID, formProcessor); 
+  } 
+  return rv;
+}
+
+
+
+
+

mozilla/extensions/psm-glue/src/nsPSMMutex.c

@@ -0,0 +1,72 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "prmon.h"
+#include "prtypes.h"
+
+#include "nsPSMMutex.h"
+
+static PRMonitor *_nsPSMMutexVar;
+
+PRStatus
+nsPSMMutexInit()
+{
+  if (!_nsPSMMutexVar)
+      _nsPSMMutexVar = PR_NewMonitor();
+
+  return _nsPSMMutexVar ? PR_SUCCESS : PR_FAILURE;
+}
+
+PRStatus
+nsPSMMutexDestroy()
+{
+    if (!_nsPSMMutexVar)
+        return PR_FAILURE;
+    
+    PR_Wait(_nsPSMMutexVar, PR_INTERVAL_NO_TIMEOUT);
+
+    PR_DestroyMonitor(_nsPSMMutexVar);
+    return PR_SUCCESS;
+}
+
+static void
+nsPSMMutexLock(CMTMutexPointer *p)
+{
+  PR_EnterMonitor(*(PRMonitor **)p);
+  return;
+}
+
+static void
+nsPSMMutexUnlock(CMTMutexPointer *p)
+{
+  PR_ExitMonitor(*(PRMonitor **)p);
+  return;
+}
+
+CMT_MUTEX nsPSMMutexTbl = 
+{
+  &_nsPSMMutexVar,
+  (CMTMutexFunction)nsPSMMutexLock,
+  (CMTMutexFunction)nsPSMMutexUnlock
+};

mozilla/extensions/psm-glue/src/nsPSMMutex.h

@@ -16,28 +16,24 @@
  * Communications Corporation.  Portions created by Netscape are
  * Copyright (C) 1998 Netscape Communications Corporation. All
  * Rights Reserved.
- */
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
 
-var keygenThread;
+#ifndef _NSPSMMUTEX_H
+#define _NSPSMMUTEX_H
 
-function onLoad()
-{
-  keygenThread = window.arguments[0].QueryInterface(Components.interfaces.nsIKeygenThread);
-  
-  if (!keygenThread) {
-    window.close();
-    return;
-  }
-  
-  setCursor("wait");
-  
-  keygenThread.startKeyGeneration(window);
-}
+#include "cmtcmn.h"
 
-function onClose()
-{
-  setCursor("default");
+PR_BEGIN_EXTERN_C
 
-  var alreadyClosed = new Object();
-  keygenThread.userCanceled(alreadyClosed);
-}
+PR_EXTERN(CMT_MUTEX) nsPSMMutexTbl;
+
+PR_EXTERN(PRStatus) nsPSMMutexInit(void);
+PR_EXTERN(PRStatus) nsPSMMutexDestroy(void);
+
+PR_END_EXTERN_C
+
+#endif

mozilla/extensions/psm-glue/src/nsPSMShimLayer.c

@@ -0,0 +1,293 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nspr.h"
+#include "nsPSMShimLayer.h"
+
+#ifdef XP_UNIX
+#include <sys/stat.h>
+#include <unistd.h>
+#include "private/pprio.h"  /* for PR_Socket */
+#endif
+
+#define PSM_TIMEOUT_IN_SEC 300
+
+#define NSPSMSHIMMAXFD 50
+
+
+static PRIntervalTime gTimeout  = PR_INTERVAL_NO_TIMEOUT;
+
+CMT_SocketFuncs nsPSMShimTbl =
+{
+    nsPSMShimGetSocket,
+    nsPSMShimConnect,
+    nsPSMShimVerifyUnixSocket,
+    nsPSMShimSend,
+    nsPSMShimSelect,
+    nsPSMShimReceive,
+    nsPSMShimShutdown,
+    nsPSMShimClose
+};
+
+
+CMTSocket
+nsPSMShimGetSocket(int unixSock)
+{
+    PRStatus   rv;
+    PRFileDesc *fd;
+    CMSocket   *sock;
+    PRSocketOptionData sockopt;
+
+    /*
+    if (PR_INTERVAL_NO_WAIT == gTimeout) 
+    {
+        gTimeout  = PR_SecondsToInterval(PSM_TIMEOUT_IN_SEC);
+    }
+    */
+
+    if (unixSock)
+    {
+#ifndef XP_UNIX        
+        return NULL;
+#else
+        fd = PR_Socket(PR_AF_LOCAL, PR_SOCK_STREAM, 0);
+        PR_ASSERT(fd);
+#endif
+    }
+    else
+    {
+        fd = PR_NewTCPSocket();
+        PR_ASSERT(fd);
+
+        /* disable Nagle algorithm delay for control sockets */
+        sockopt.option = PR_SockOpt_NoDelay;
+        sockopt.value.no_delay = PR_TRUE;   
+        rv = PR_SetSocketOption(fd, &sockopt);
+        PR_ASSERT(PR_SUCCESS == rv);
+    }
+
+    sock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+
+    if (sock == NULL)
+      return sock;
+    
+    sock->fd     = fd;
+    sock->isUnix = unixSock;
+
+    memset(&sock->netAddr, 0, sizeof(PRNetAddr));
+    
+    return (CMTSocket)sock;
+}
+
+CMTStatus
+nsPSMShimConnect(CMTSocket sock, short port, char *path)
+{
+    CMTStatus   rv = CMTSuccess;
+    PRStatus    err;
+    PRErrorCode errcode;
+    PRSocketOptionData   sockopt;
+    PRBool      nonBlocking;
+    CMSocket    *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    if (cmSock->isUnix)
+    {
+#ifndef XP_UNIX
+        return CMTFailure;
+#else
+        int pathLen;
+        if (!path)
+        {
+            return CMTFailure;
+        }
+
+        /* check buffer overrun */
+        pathLen = strlen(path)+1;
+        
+        pathLen = pathLen < sizeof(cmSock->netAddr.local.path)
+                ? pathLen : sizeof(cmSock->netAddr.local.path);
+  
+        memcpy(&cmSock->netAddr.local.path, path, pathLen);
+        cmSock->netAddr.local.family = PR_AF_LOCAL;
+#endif
+    }
+    else  /* cmSock->isUnix */
+    {
+        cmSock->netAddr.inet.family = PR_AF_INET;
+        cmSock->netAddr.inet.port   = PR_htons(port);
+        cmSock->netAddr.inet.ip     = PR_htonl(PR_INADDR_LOOPBACK);
+    }
+
+    /* Save non-blocking status */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    err = PR_GetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    nonBlocking = sockopt.value.non_blocking;
+
+    /* make connect blocking for now */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    sockopt.value.non_blocking = PR_FALSE;   
+    err = PR_SetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    err = PR_Connect( cmSock->fd, &cmSock->netAddr, PR_INTERVAL_MAX );
+    
+    if (err == PR_FAILURE)    
+    {
+        errcode = PR_GetError();
+        
+        if (PR_IS_CONNECTED_ERROR != errcode)
+            rv = CMTFailure;
+    }    
+    
+    /* restore nonblock status */
+    if (nonBlocking) {
+      sockopt.option = PR_SockOpt_Nonblocking;
+      sockopt.value.non_blocking = nonBlocking;  
+      err = PR_SetSocketOption(cmSock->fd, &sockopt);
+      PR_ASSERT(PR_SUCCESS == err);
+    }
+
+    return rv;
+}
+
+CMTStatus
+nsPSMShimVerifyUnixSocket(CMTSocket sock)
+{
+#ifndef XP_UNIX
+    return CMTFailure;
+#else
+
+    int  rv;
+    CMSocket  *cmSock;
+    struct stat statbuf;
+
+    cmSock = (CMSocket *)sock;
+        
+    if (!cmSock || !cmSock->isUnix) 
+        return CMTFailure;
+ 
+    rv = stat(cmSock->netAddr.local.path, &statbuf);
+    if (rv < 0 || statbuf.st_uid != geteuid() )
+    {
+        PR_Close(cmSock->fd);
+        cmSock->fd = NULL;
+        PR_Free(cmSock);
+        return CMTFailure;
+    }
+    return CMTSuccess;   
+#endif
+}
+
+size_t
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+
+    if (!sock) return CMTFailure;
+    
+   return PR_Send(cmSock->fd, buffer, length, 0, gTimeout);
+}
+
+size_t
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    return PR_Recv(cmSock->fd, buffer, bufSize, 0, gTimeout);
+}
+
+
+CMTSocket
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll)
+{
+    CMSocket       **sockArr = (CMSocket **)socks;
+    PRPollDesc       readPDs[NSPSMSHIMMAXFD];
+    PRIntervalTime   timeout;
+    PRInt32          cnt;
+    int              i;
+
+    if (!socks) return NULL;
+
+    memset(readPDs, 0, sizeof(readPDs));
+
+    PR_ASSERT(NSPSMSHIMMAXFD >= numsocks);
+
+    for (i=0; i<numsocks; i++)
+    {
+        readPDs[i].fd       = sockArr[i]->fd;
+        readPDs[i].in_flags = PR_POLL_READ;
+    }
+
+    timeout = poll ? PR_INTERVAL_NO_WAIT : PR_INTERVAL_NO_TIMEOUT;
+
+    cnt = PR_Poll(readPDs, numsocks, timeout);
+
+    /* Figure out which socket was selected */
+    if (cnt > 0)
+    {
+        for (i=0; i<numsocks; i++)
+        {
+            if (readPDs[i].out_flags & PR_POLL_READ)
+            {
+            return (CMTSocket)sockArr[i];
+            }
+        }
+    }
+    return NULL;
+}
+
+
+CMTStatus
+nsPSMShimShutdown(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv;
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Shutdown(cmSock->fd, PR_SHUTDOWN_SEND);
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}
+
+CMTStatus
+nsPSMShimClose(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv      = PR_SUCCESS;
+    PR_ASSERT(cmSock);
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Close(cmSock->fd);
+    cmSock->fd = NULL;
+
+    PR_Free(cmSock);
+
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}

mozilla/extensions/psm-glue/src/nsPSMShimLayer.h

@@ -0,0 +1,67 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMSHIMLAYER_H_
+#define _NSPSMSHIMLAYER_H_
+
+#include "cmtcmn.h"
+#include "prio.h"
+
+PR_BEGIN_EXTERN_C
+
+typedef struct CMSocket {
+    PRFileDesc *fd;
+    PRBool      isUnix;
+    PRNetAddr   netAddr;
+} CMSocket; 
+
+PR_EXTERN(CMT_SocketFuncs) nsPSMShimTbl;
+
+PR_EXTERN(CMTSocket)
+nsPSMShimGetSocket(int unixSock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimConnect(CMTSocket sock, short port, char *path);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimVerifyUnixSocket(CMTSocket sock);
+
+PR_EXTERN(size_t)
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length);
+
+PR_EXTERN(CMTSocket)
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll);
+
+PR_EXTERN(size_t)
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimShutdown(CMTSocket sock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimClose(CMTSocket sock);
+
+PR_END_EXTERN_C
+
+#endif /* _NSPSMSHIMLAYER_H_ */

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.cpp

@@ -0,0 +1,348 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsIEventQueueService.h"
+#include "nsPSMUICallbacks.h"
+#include "nsINetSupportDialogService.h"
+#include "nsIFilePicker.h"
+
+#include "nsAppShellCIDs.h"
+#include "prprf.h"
+#include "prmem.h"
+
+#include "nsSSLIOLayer.h" // for SSMSTRING_PADDED_LENGTH
+#include "ssmdefs.h"
+#include "rsrcids.h"
+
+// Interfaces Needed
+#include "nsIAppShellService.h"
+#include "nsIDocShell.h"
+#include "nsIDOMWindow.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIPrompt.h"
+#include "nsIScriptGlobalObject.h"
+#include "nsIURL.h"
+#include "nsIXULWindow.h"
+
+static NS_DEFINE_IID(kAppShellServiceCID, NS_APPSHELL_SERVICE_CID);
+static NS_DEFINE_CID(kNetSupportDialogCID, NS_NETSUPPORTDIALOG_CID);
+
+
+// Happy callbacks
+static char * PromptUserCallback(void *arg, char *prompt, int isPasswd);
+static char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist);
+static void   ApplicationFreeCallback(char *userInput);
+
+static void * CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, 
+								CMBool isModal, char* urlStr, void *data);
+
+extern "C" void CARTMAN_UIEventLoop(void *data);
+
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMUIHandlerImpl, nsIPSMUIHandler)
+
+NS_METHOD
+nsPSMUIHandlerImpl::DisplayURI(PRInt32 width, PRInt32 height, PRBool modal, const char *urlStr)
+{
+    nsresult rv;
+    nsCOMPtr<nsIDOMWindow> hiddenWindow;
+    JSContext *jsContext;
+
+    NS_WITH_SERVICE(nsIAppShellService, appShell, kAppShellServiceCID, &rv);
+	if (NS_SUCCEEDED(rv))
+	{
+		rv = appShell->GetHiddenWindowAndJSContext( getter_AddRefs( hiddenWindow ),
+                                                    &jsContext );
+
+	     if ( NS_SUCCEEDED( rv ) ) 
+         {
+            // Set up arguments for "window.open"
+            void *stackPtr;
+            char params[36];
+
+            if (modal)  // if you change this, remember to change the buffer size above.
+                strcpy(params, "menubar=no,height=%d,width=%d,modal");
+            else
+                strcpy(params, "menubar=no,height=%d,width=%d");
+
+            char buffer[256];
+            PR_snprintf(buffer,
+                        sizeof(buffer),
+                        params,
+                        height,
+                        width );
+
+            jsval	*argv = JS_PushArguments(jsContext, &stackPtr, "sss", urlStr, "_blank", buffer);
+            if (argv)
+            {
+	            // open the window
+	            nsIDOMWindow	*newWindow;
+	            hiddenWindow->Open(jsContext, argv, 3, &newWindow);
+                newWindow->ResizeTo(width, height);
+	            JS_PopArguments(jsContext, stackPtr);
+            }
+        }
+    }
+    return rv;
+}
+
+NS_IMETHODIMP
+nsPSMUIHandlerImpl::PromptForFile(const PRUnichar *prompt, const char *fileRegEx, PRBool shouldFileExist, char **outFile)
+{
+    NS_ENSURE_ARG_POINTER(outFile);
+    nsCOMPtr<nsIFilePicker> fp = do_CreateInstance("component://mozilla/filepicker");
+    
+    if (!fp)
+        return NS_ERROR_NULL_POINTER;
+
+
+    fp->Init(nsnull, prompt, nsIFilePicker::modeOpen);
+    fp->AppendFilter(NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode(), NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode());  
+    fp->AppendFilters(nsIFilePicker::filterAll);
+    PRInt16 mode;
+    nsresult rv = fp->Show(&mode);
+
+    if (NS_FAILED(rv) || (mode == nsIFilePicker::returnCancel))
+         return rv;
+
+    nsCOMPtr<nsILocalFile> file;
+    rv = fp->GetFile(getter_AddRefs(file));
+
+    if (file)
+      file->GetPath(outFile);
+
+    return rv;
+}
+
+NS_METHOD      
+nsPSMUIHandlerImpl::CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    nsresult rv = NS_OK; 
+    if ( aResult ) 
+    { 
+        /* Allocate new find component object. */
+        nsPSMUIHandlerImpl *component = new nsPSMUIHandlerImpl(); 
+        if ( component ) 
+        { 
+            /* Allocated OK, do query interface to get proper */
+            /* pointer and increment refcount.                */
+            rv = component->QueryInterface( aIID, aResult ); 
+            if ( NS_FAILED( rv ) ) 
+            { 
+                /* refcount still at zero, delete it here. */
+                delete component; 
+            } 
+        } 
+        else 
+        { 
+            rv = NS_ERROR_OUT_OF_MEMORY; 
+        } 
+    } 
+    else 
+    { 
+        rv = NS_ERROR_NULL_POINTER; 
+    } 
+    return rv; 
+} 
+
+
+
+extern "C" void CARTMAN_UIEventLoop(void *data)
+{
+   CMT_EventLoop((PCMT_CONTROL)data);
+}
+
+PRStatus InitPSMEventLoop(PCMT_CONTROL control)
+{
+    PR_CreateThread(PR_USER_THREAD,
+                    CARTMAN_UIEventLoop,
+                    control, 
+                    PR_PRIORITY_NORMAL, 
+                    PR_GLOBAL_THREAD, 
+                    PR_UNJOINABLE_THREAD,
+                    0);  
+
+    return PR_SUCCESS;
+}
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL control)
+{
+    if (!control)
+        return PR_FAILURE;  
+    
+    CMT_SetPromptCallback(control, (promptCallback_fn)PromptUserCallback, nsnull);
+    CMT_SetAppFreeCallback(control, (applicationFreeCallback_fn) ApplicationFreeCallback);
+    CMT_SetFilePathPromptCallback(control, (filePathPromptCallback_fn) FilePathPromptCallback, nsnull);
+
+    if (CMT_SetUIHandlerCallback(control, (uiHandlerCallback_fn) CartmanUIHandler, NULL) != CMTSuccess) 
+            return PR_FAILURE;
+
+    return PR_SUCCESS;
+}
+
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char *pickledStatus, const char *hostName)
+{
+    CMUint32 advRID = 0;
+    CMInt32 width = 0;
+    CMInt32 height = 0;
+    CMTItem urlItem = {0, NULL, 0};
+    CMTStatus rv = CMTSuccess;
+    CMTItem advisorContext = {0, NULL, 0};
+    void * pwin;
+
+    CMTSecurityAdvisorData data;
+    memset(&data, '\0', sizeof(CMTSecurityAdvisorData));
+    
+    if (hostName)
+    {
+        // if there is a hostName, than this request is about
+        // a webpage.  
+        data.hostname    = (char*) hostName;
+        data.infoContext = SSM_BROWSER;
+    
+        if (pickledStatus)
+        {
+            CMTItem pickledResource = {0, NULL, 0};
+            CMUint32 socketStatus = 0;
+    
+            pickledResource.len = *(int*)(pickledStatus);
+            pickledResource.data = (unsigned char*) PR_Malloc(SSMSTRING_PADDED_LENGTH(pickledResource.len));
+        
+            if (! pickledResource.data) return PR_FAILURE;
+
+            memcpy(pickledResource.data, pickledStatus+sizeof(int), pickledResource.len);
+        
+            /* Unpickle the SSL Socket Status */
+            if (CMT_UnpickleResource( control, 
+                                      SSM_RESTYPE_SSL_SOCKET_STATUS,
+                                      pickledResource, 
+                                      &socketStatus) == CMTSuccess)
+            {
+                data.infoContext = SSM_BROWSER;    
+                data.resID = socketStatus;
+            }
+
+            PR_FREEIF(pickledResource.data);
+        }
+    }
+
+    /* Create a Security Advisor context object. */
+    rv = CMT_SecurityAdvisor(control, &data, &advRID);
+
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Get the URL, width, height, etc. from the advisor context. */
+    rv = CMT_GetStringAttribute(control, 
+                                advRID, 
+                                SSM_FID_SECADVISOR_URL,
+                                &urlItem);
+
+    if ((rv != CMTSuccess) || (!urlItem.data))
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_WIDTH,
+                                 &width);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_HEIGHT,
+                                 &height);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Fire the URL up in a window of its own. */
+    pwin = CartmanUIHandler(advRID, nsnull, width, height, CM_FALSE, (char*)urlItem.data, NULL);
+    
+    //allocated by cmt, we can free with free:
+    free(urlItem.data);
+    
+    return PR_SUCCESS;
+}
+
+
+
+void* CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, CMBool isModal, char* urlStr, void *data)
+{
+    nsresult rv = NS_OK;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->DisplayURI(width, height, isModal, urlStr);
+
+    return nsnull;
+}
+
+    
+    
+char * PromptUserCallback(void *arg, char *prompt, int isPasswd)
+{
+
+    nsresult rv = NS_OK;
+    PRUnichar *password;
+    PRBool  value;
+
+    NS_WITH_PROXIED_SERVICE(nsIPrompt, dialog, kNetSupportDialogCID, NS_UI_THREAD_EVENTQ, &rv);
+    
+    if (NS_SUCCEEDED(rv)) {
+	    rv = dialog->PromptPassword(nsnull, NS_ConvertASCIItoUCS2(prompt).GetUnicode(),
+                                  NS_ConvertASCIItoUCS2(" ").GetUnicode(),      // hostname
+                                  PR_TRUE, &password, &value);
+
+        if (NS_SUCCEEDED(rv) && value) {
+            nsString a(password);
+            char* str = a.ToNewCString();
+            Recycle(password);
+            return str;
+        }
+    }
+
+    return nsnull;
+}
+
+void ApplicationFreeCallback(char *userInput)
+{
+    nsMemory::Free(userInput);
+}
+
+char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist)
+{
+    nsresult rv = NS_OK;
+    
+    char* filePath = nsnull;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->PromptForFile(NS_ConvertASCIItoUCS2(prompt).GetUnicode(), fileRegEx, (PRBool)shouldFileExist, &filePath);
+
+    return filePath;
+}

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.h

@@ -0,0 +1,56 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMUICALLBACKS_H
+#define _NSPSMUICALLBACKS_H
+
+#include "prtypes.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMUIHandler.h"
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL gControl);
+PRStatus InitPSMEventLoop(PCMT_CONTROL gControl);
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char* pickledStatus, const char *hostName);
+
+
+#define NS_PSMUIHANDLER_CID {0x15944e30, 0x601e, 0x11d3, {0x8c, 0x4a, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74}}
+
+class nsPSMUIHandlerImpl : public nsIPSMUIHandler 
+{
+    public:
+
+        NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMUIHANDLER_CID );
+    
+        /* ctor/dtor */
+        nsPSMUIHandlerImpl() { NS_INIT_REFCNT(); }
+        virtual ~nsPSMUIHandlerImpl() { }
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSIPSMUIHANDLER
+
+        static NS_METHOD CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+};
+
+#endif

mozilla/extensions/psm-glue/src/nsSDR.cpp

@@ -0,0 +1,320 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s): 
+ *  thayes@netscape.com
+ */
+
+#include "stdlib.h"
+#include "plstr.h"
+#include "nsMemory.h"
+#include "nsIServiceManager.h"
+
+#include "plbase64.h"
+
+#include "nsISecretDecoderRing.h"
+
+#include "cmtcmn.h"
+#include "nsIPSMComponent.h"
+
+#include "nsSDR.h"
+
+NS_IMPL_ISUPPORTS1(nsSecretDecoderRing, nsISecretDecoderRing)
+
+nsSecretDecoderRing::nsSecretDecoderRing()
+{
+  NS_INIT_ISUPPORTS();
+
+  mPSM = NULL;
+}
+
+nsSecretDecoderRing::~nsSecretDecoderRing()
+{
+  if (mPSM) mPSM->Release();
+}
+
+/* Init the new instance */
+nsresult nsSecretDecoderRing::
+init()
+{
+  nsresult rv;
+  nsISupports *psm;
+
+  rv = nsServiceManager::GetService(kPSMComponentProgID, NS_GET_IID(nsIPSMComponent),
+                                    &psm);
+  if (rv != NS_OK) goto loser;  /* Should promote error */
+
+  mPSM = (nsIPSMComponent *)psm;
+
+loser:
+  return rv;
+}
+
+/* [noscript] long encrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Encrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    CMT_CONTROL *control;
+    CMTStatus status;
+    CMUint32 cLen;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connect to use for the request */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+   
+    status = CMT_SDREncrypt(control, (void *)0, (const unsigned char *)0, 0, 
+               data, dataLen, result, &cLen);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* XXX */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = cLen;
+
+loser:
+    return rv;
+}
+
+/* [noscript] long decrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Decrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+    CMUint32 len;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_SDRDecrypt(control, (void *)0, data, dataLen, result, &len);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = len;
+
+loser:
+    return rv;
+}
+
+/* string encryptString (in string text); */
+NS_IMETHODIMP nsSecretDecoderRing::
+EncryptString(const char *text, char **_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *encrypted = 0;
+    PRInt32 eLen;
+
+    if (text == nsnull || _retval == nsnull) {
+        rv = NS_ERROR_INVALID_POINTER;
+        goto loser;
+    }
+
+    rv = Encrypt((unsigned char *)text, PL_strlen(text), &encrypted, &eLen);
+    if (rv != NS_OK) { goto loser; }
+
+    rv = encode(encrypted, eLen, _retval);
+
+loser:
+    if (encrypted) nsMemory::Free(encrypted);
+
+    return rv;
+}
+
+/* string decryptString (in string crypt); */
+NS_IMETHODIMP nsSecretDecoderRing::
+DecryptString(const char *crypt, char **_retval)
+{
+    nsresult rv = NS_OK;
+    char *r = 0;
+    unsigned char *decoded = 0;
+    PRInt32 decodedLen;
+    unsigned char *decrypted = 0;
+    PRInt32 decryptedLen;
+
+    if (crypt == nsnull || _retval == nsnull) {
+      rv = NS_ERROR_INVALID_POINTER;
+      goto loser;
+    }
+
+    rv = decode(crypt, &decoded, &decodedLen);
+    if (rv != NS_OK) goto loser;
+
+    rv = Decrypt(decoded, decodedLen, &decrypted, &decryptedLen);
+    if (rv != NS_OK) goto loser;
+
+    // Convert to NUL-terminated string
+    r = (char *)nsMemory::Alloc(decryptedLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, decrypted, decryptedLen);
+    r[decryptedLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+    if (decrypted) nsMemory::Free(decrypted);
+    if (decoded) nsMemory::Free(decoded);
+ 
+    return rv;
+}
+
+/* void changePassword(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+ChangePassword()
+{
+  nsresult rv = NS_OK;
+  CMTStatus status;
+  CMT_CONTROL *control;
+
+  rv = mPSM->GetControlConnection(&control);
+  if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+
+  status = CMT_SDRChangePassword(control, (void*)0);
+
+loser:
+  return rv;
+}
+
+/* void logout(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Logout()
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_LogoutAllTokens(control);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+loser:
+    return rv;
+}
+
+
+// Support routines
+
+nsresult nsSecretDecoderRing::
+encode(const unsigned char *data, PRInt32 dataLen, char **_retval)
+{
+    nsresult rv = NS_OK;
+
+    *_retval = PL_Base64Encode((const char *)data, dataLen, NULL);
+    if (!*_retval) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    char *r = 0;
+
+    // Allocate space for encoded string (with NUL)
+    r = (char *)nsMemory::Alloc(dataLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, dataLen);
+    r[dataLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+nsresult nsSecretDecoderRing::
+decode(const char *data, unsigned char **result, PRInt32 * _retval)
+{
+    nsresult rv = NS_OK;
+    PRUint32 len = PL_strlen(data);
+    int adjust = 0;
+
+    /* Compute length adjustment */
+    if (data[len-1] == '=') {
+      adjust++;
+      if (data[len-2] == '=') adjust++;
+    }
+
+    *result = (unsigned char *)PL_Base64Decode(data, len, NULL);
+    if (!*result) { rv = NS_ERROR_ILLEGAL_VALUE; goto loser; }
+
+    *_retval = (len*3)/4 - adjust;
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    PRInt32 rLen;
+
+    // Allocate space for decoded string (missing NUL)
+    rLen = PL_strlen(data);
+    r = (unsigned char *)nsMemory::Alloc(rLen);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, rLen);
+
+    *result = r;
+    r = 0;
+    *_retval = rLen;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+const char * nsSecretDecoderRing::kPSMComponentProgID = PSM_COMPONENT_PROGID;

mozilla/extensions/psm-glue/src/nsSDR.h

@@ -14,7 +14,7 @@
  *
  * The Initial Developer of the Original Code is Netscape
  * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
+ * Copyright (C) 1998 Netscape Communications Corporation. All
  * Rights Reserved.
  *
  * Contributor(s):
@@ -26,51 +26,33 @@
 
 #include "nsISecretDecoderRing.h"
 
-class nsINSSDialogs;
-
-/**
- * NS_SDR_CONTRACTID - contract id for SDR services.
- *   Implements nsISecretDecoderRing.
- *   Should eventually implement an interface to set window
- *   context and other information. (nsISecretDecoderRingConfig)
- *
- * NOTE: This definition should move to base code.  It
- *   is conditionally defined here until it is moved.
- *   Delete this after defining in the new location.
- */
-#ifndef NS_SDR_CONTRACTID
-#define NS_SDR_CONTRACTID "@mozilla.org/security/sdr;1"
-#endif
-
 // ===============================================
 // nsSecretDecoderRing - implementation of nsISecretDecoderRing
 // ===============================================
 
-#define NS_SDR_CLASSNAME "PIPNSS Secret Decoder Ring"
+#define NS_SDR_CLASSNAME "Secret Decoder Ring"
 #define NS_SDR_CID \
-  { 0x0c4f1ddc, 0x1dd2, 0x11b2, { 0x9d, 0x95, 0xf2, 0xfd, 0xf1, 0x13, 0x04, 0x4b } }
+  { 0xd9a0341, 0xce7, 0x11d4, { 0x9f, 0xdd, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+#define NS_SDR_PROGID "netscape.security.sdr"
 
-class nsSecretDecoderRing
-: public nsISecretDecoderRing,
-  public nsISecretDecoderRingConfig
+class nsSecretDecoderRing : public nsISecretDecoderRing
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSISECRETDECODERRING
-  NS_DECL_NSISECRETDECODERRINGCONFIG
 
   nsSecretDecoderRing();
   virtual ~nsSecretDecoderRing();
 
-private:
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
 
-  /**
-   * encode - encodes binary into BASE64 string.
-   * decode - decode BASE64 string into binary.
-   */
   nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
   nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
-
 };
 
 #endif /* _NSSDR_H_ */

mozilla/extensions/psm-glue/src/nsSSLIOLayer.cpp

@@ -0,0 +1,550 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nspr.h"
+#include "nsString.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMComponent.h"
+#include "nsIPSMSocketInfo.h"
+#include "nsIServiceManager.h"
+#include "nsPSMShimLayer.h"
+#include "nsSSLIOLayer.h"
+
+static PRDescIdentity  nsSSLIOLayerIdentity;
+static PRIOMethods     nsSSLIOLayerMethods;
+static nsIPSMComponent* gPSMService = nsnull;
+
+
+
+class nsPSMSocketInfo : public nsIPSMSocketInfo
+{
+public:
+    nsPSMSocketInfo();
+    virtual ~nsPSMSocketInfo();
+
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSIPSMSOCKETINFO
+
+    // internal functions to psm-glue.
+    nsresult SetSocketPtr(CMSocket *socketPtr);
+    nsresult SetControlPtr(CMT_CONTROL *aControlPtr);
+    nsresult SetFileDescPtr(PRFileDesc *aControlPtr);
+    nsresult SetHostName(char *aHostName);
+    nsresult SetProxyName(char *aName);
+
+    nsresult SetHostPort(PRInt32 aPort);
+    nsresult SetProxyPort(PRInt32 aPort);
+    nsresult SetPickledStatus();
+
+protected:
+    CMT_CONTROL* mControl;
+    CMSocket*    mSocket;
+    PRFileDesc*  mFd;
+    
+    nsString     mHostName;
+    PRInt32      mHostPort;
+    
+    nsString     mProxyName;
+    PRInt32      mProxyPort;
+    
+    unsigned char* mPickledStatus;
+};
+
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerConnect(PRFileDesc *fd, const PRNetAddr *addr, PRIntervalTime timeout)
+{
+    nsresult                result;
+    PRStatus                rv = PR_SUCCESS;
+    CMTStatus               status = CMTFailure;
+    
+    /* Set the error in case of failure. */
+
+    PR_SetError(PR_UNKNOWN_ERROR, status);
+
+    if (!fd || !addr || !fd->secret || !gPSMService)
+        return PR_FAILURE;
+    
+    char ipBuffer[PR_NETDB_BUF_SIZE];
+    rv = PR_NetAddrToString(addr, (char*)&ipBuffer, PR_NETDB_BUF_SIZE);
+    if (rv != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    if (addr->raw.family == PR_AF_INET6 && PR_IsNetAddrType(addr, PR_IpAddrV4Mapped)) 
+    {
+      /* Chop off the leading "::ffff:" */
+      strcpy(ipBuffer, ipBuffer + 7);
+    }
+
+    
+    CMT_CONTROL *control;
+    result = gPSMService->GetControlConnection(&control);
+    if (result != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    CMSocket* cmsock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+    if (!cmsock)
+        return PR_FAILURE;
+    
+    memset(cmsock, 0, sizeof(CMSocket));
+    
+    cmsock->fd        = fd->lower;
+    cmsock->isUnix    = PR_FALSE;
+   
+    nsPSMSocketInfo *infoObject = (nsPSMSocketInfo *)fd->secret;
+    
+    infoObject->SetControlPtr(control);
+    infoObject->SetSocketPtr(cmsock);
+    
+    char* proxyName;
+    char* hostName;
+    infoObject->GetProxyName(&proxyName);
+    infoObject->GetHostName(&hostName);
+    
+    if (!proxyName)
+    {
+        // Direct connection
+        status = CMT_OpenSSLConnection(control,
+                                       cmsock,
+                                       SSM_REQUEST_SSL_DATA_SSL,
+                                       PR_ntohs(addr->inet.port),
+                                       ipBuffer,
+                                       (hostName ? hostName : ipBuffer),
+                                       CM_FALSE, 
+                                       nsnull);
+    
+    }
+    else
+    {
+        // not supported yet.
+
+        return PR_FAILURE;
+#if 0
+        PRInt32 destPort;
+        
+        infoObject->GetProxyPort(&destPort);
+
+        status = CMT_OpenSSLProxyConnection(control,
+                                            cmsock,
+                                            destPort, 
+                                            proxyName,  // wants IP
+                                            hostName);
+#endif
+    }
+
+    if (hostName)  Recycle(hostName);
+    if (proxyName) Recycle(proxyName);
+        
+    if (CMTSuccess == status)
+    {
+        // since our stuff can block, what we want to do is return PR_FAILURE,
+        // but set the nspr ERROR to BLOCK.  This will put us into a select
+        // q.
+        PR_SetError(PR_WOULD_BLOCK_ERROR, status);
+        return PR_FAILURE;
+    }
+
+    return PR_FAILURE;
+}
+
+  /* CMT_DestroyDataConnection(ctrl, sock); */
+  /*   need to strip our layer, pass result to DestroyDataConnection */
+  /*   which will clean up the CMT accounting of sock, then call our */
+  /*   shim layer to translate back to NSPR */
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerClose(PRFileDesc *fd)
+{
+  nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+  PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+   
+  if (infoObject && id == nsSSLIOLayerIdentity)
+  {
+    CMInt32 errorCode = PR_FAILURE;
+    CMT_CONTROL* control;
+    CMSocket*    socket;
+    
+    PR_Shutdown(fd, PR_SHUTDOWN_BOTH);
+
+    infoObject->GetControlPtr(&control);
+    infoObject->GetSocketPtr(&socket);
+    infoObject->SetPickledStatus();
+
+    CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+    CMT_DestroyDataConnection(control, socket);
+    NS_RELEASE(infoObject);  // if someone is interested in us, the better have an addref.
+    fd->identity = PR_INVALID_IO_LAYER;
+    
+    return (PRStatus)errorCode;
+  }
+
+  return PR_FAILURE;
+}
+ 
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerRead( PRFileDesc *fd, void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Recv(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+    
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+    
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+
+			if (errorCode == PR_IO_TIMEOUT_ERROR)
+			{
+				PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+				return PR_FAILURE;
+			}
+
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+
+    return result;
+}
+
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerWrite( PRFileDesc *fd, const void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Send(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+    return result;
+}
+
+
+
+nsPSMSocketInfo::nsPSMSocketInfo()
+{ 
+    NS_INIT_REFCNT(); 
+    mControl = nsnull; 
+    mSocket = nsnull;
+    mPickledStatus = nsnull;
+}
+
+nsPSMSocketInfo::~nsPSMSocketInfo()
+{
+    PR_FREEIF(mPickledStatus);    
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMSocketInfo, nsIPSMSocketInfo);
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetControlPtr(CMT_CONTROL * *aControlPtr)
+{
+    *aControlPtr = mControl;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetControlPtr(CMT_CONTROL *aControlPtr)
+{
+    mControl = aControlPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetSocketPtr(CMSocket * *socketPtr)
+{
+    *socketPtr = mSocket;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetSocketPtr(CMSocket *socketPtr)
+{
+    mSocket = socketPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetFileDescPtr(PRFileDesc * *aFilePtr)
+{
+    *aFilePtr = mFd;
+    return NS_OK;
+}
+
+
+nsresult
+nsPSMSocketInfo::SetFileDescPtr(PRFileDesc *aFilePtr)
+{
+    mFd = aFilePtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostName(char * *aHostName)
+{
+    if (mHostName.IsEmpty())
+        *aHostName = nsnull;
+    else
+        *aHostName = mHostName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetHostName(char *aHostName)
+{
+    mHostName.AssignWithConversion(aHostName);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostPort(PRInt32 *aPort)
+{
+    *aPort = mHostPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetHostPort(PRInt32 aPort)
+{
+    mHostPort = aPort;
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyName(char * *aName)
+{
+    if (mProxyName.IsEmpty())
+        *aName = nsnull;
+    else
+        *aName = mProxyName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetProxyName(char *aName)
+{
+    mProxyName.AssignWithConversion(aName);
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyPort(PRInt32 *aPort)
+{
+    *aPort = mProxyPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetProxyPort(PRInt32 aPort)
+{
+    mProxyPort = aPort;
+    return NS_OK;
+}
+
+
+
+nsresult
+nsPSMSocketInfo::SetPickledStatus()
+{
+    PR_FREEIF(mPickledStatus);
+
+    long level;
+    CMTItem pickledStatus = {0, nsnull, 0};
+    unsigned char* ret    = nsnull;
+
+    if (CMT_GetSSLSocketStatus(mControl, mSocket, &pickledStatus, &level) != PR_FAILURE)
+    {        
+        ret = (unsigned char*) PR_Malloc( (SSMSTRING_PADDED_LENGTH(pickledStatus.len) + sizeof(int)) );
+        if (ret) 
+        {
+            *(int*)ret = pickledStatus.len;
+            memcpy(ret+sizeof(int), pickledStatus.data, *(int*)ret);
+        }
+
+        PR_FREEIF(pickledStatus.data);
+        mPickledStatus = ret;
+    }
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetPickledStatus(char * *pickledStatusString)
+{
+    if (!mPickledStatus)
+        SetPickledStatus();
+
+    if (mPickledStatus)
+    {
+        PRInt32 len = *(int*)mPickledStatus;
+        char *out = (char *)nsMemory::Alloc(len);
+        memcpy(out, mPickledStatus, len);
+        *pickledStatusString = out;
+        return NS_OK;
+    }
+    *pickledStatusString = nsnull;
+    return NS_ERROR_FAILURE;
+}
+
+nsresult
+nsSSLIOLayerNewSocket( const char *host, 
+                       PRInt32 port, 
+                       const char *proxyHost, 
+                       PRInt32 proxyPort,
+                       PRFileDesc **fd, 
+                       nsISupports** info)
+{
+    static PRBool  firstTime = PR_TRUE;
+    if (firstTime)
+    {
+        nsSSLIOLayerIdentity        = PR_GetUniqueIdentity("Cartman layer");
+        nsSSLIOLayerMethods         = *PR_GetDefaultIOMethods();
+
+        nsSSLIOLayerMethods.connect = nsSSLIOLayerConnect;
+        nsSSLIOLayerMethods.close   = nsSSLIOLayerClose;
+        nsSSLIOLayerMethods.read    = nsSSLIOLayerRead;
+        nsSSLIOLayerMethods.write   = nsSSLIOLayerWrite;
+        
+        
+        nsresult result = nsServiceManager::GetService( PSM_COMPONENT_PROGID,
+                                                        NS_GET_IID(nsIPSMComponent), 
+                                                        (nsISupports**)&gPSMService);  
+        if (NS_FAILED(result))
+            return PR_FAILURE;
+    
+        firstTime                   = PR_FALSE;
+
+    }
+    
+
+    PRFileDesc *   sock;
+    PRFileDesc *   layer;
+    PRStatus       rv;
+
+    /* Get a normal NSPR socket */
+    sock = PR_NewTCPSocket();  
+    if (! sock) return NS_ERROR_OUT_OF_MEMORY;
+    
+    /* disable Nagle algorithm delay for control sockets */
+    PRSocketOptionData sockopt;
+    sockopt.option = PR_SockOpt_NoDelay;
+    sockopt.value.no_delay = PR_TRUE;   
+    rv = PR_SetSocketOption(sock, &sockopt);
+    PR_ASSERT(PR_SUCCESS == rv);
+
+
+    layer = PR_CreateIOLayerStub(nsSSLIOLayerIdentity, &nsSSLIOLayerMethods);
+    if (! layer)
+    {
+        PR_Close(sock);
+        return NS_ERROR_FAILURE;
+    }
+        
+    nsPSMSocketInfo *infoObject = new nsPSMSocketInfo();
+    if (!infoObject)
+    {
+        PR_Close(sock);
+        // clean up IOLayerStub.
+        return NS_ERROR_FAILURE;
+    }
+    
+    NS_ADDREF(infoObject);
+    
+    infoObject->SetHostName((char*)host);
+    infoObject->SetHostPort(port);
+    infoObject->SetProxyName((char*)proxyHost);
+    infoObject->SetProxyPort(proxyPort);
+
+    layer->secret = (PRFilePrivate*) infoObject;
+    rv = PR_PushIOLayer(sock, PR_GetLayersIdentity(sock), layer);
+    
+    if (rv == PR_SUCCESS)
+    {
+        *fd   = sock;
+        *info = infoObject;
+        NS_ADDREF(*info);
+        return NS_OK;
+    }
+    
+    PR_Close(sock);
+    return NS_ERROR_FAILURE;
+}

mozilla/extensions/psm-glue/src/nsSSLIOLayer.h

@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#ifndef _NSSSLIOLAYER_H
+#define _NSSSLIOLAYER_H
+
+#include "prtypes.h"
+#include "prio.h"
+#include "nsIPSMSocketInfo.h"
+
+// define taken from 4.x cartman glue code.  
+#define SSMSTRING_PADDED_LENGTH(x) ((((x)+3)/4)*4)
+
+nsresult nsSSLIOLayerNewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **fd, 
+                               nsISupports **securityInfo);
+#endif /* _NSSSLIOLAYER_H */

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.cpp

@@ -0,0 +1,94 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nsIComponentManager.h"
+#include "nsIServiceManager.h"
+#include "nsSSLSocketProvider.h"
+#include "nsSSLIOLayer.h"
+
+////////////////////////////////////////////////////////////////////////////////
+
+nsSSLSocketProvider::nsSSLSocketProvider()
+{
+  NS_INIT_REFCNT();
+}
+
+nsresult
+nsSSLSocketProvider::Init()
+{
+  nsresult rv = NS_OK;
+  return rv;
+}
+
+nsSSLSocketProvider::~nsSSLSocketProvider()
+{
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS2(nsSSLSocketProvider, nsISocketProvider, nsISSLSocketProvider);
+
+NS_METHOD
+nsSSLSocketProvider::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{                                                                               
+    nsresult rv;                                                                
+                                                                                
+    nsSSLSocketProvider * inst;                                                      
+                                                                                
+    if (NULL == aResult) {                                                      
+        rv = NS_ERROR_NULL_POINTER;                                             
+        return rv;                                                              
+    }                                                                           
+    *aResult = NULL;                                                            
+    if (NULL != aOuter) {                                                       
+        rv = NS_ERROR_NO_AGGREGATION;                                           
+        return rv;                                                              
+    }                                                                           
+                                                                                
+    NS_NEWXPCOM(inst, nsSSLSocketProvider);                                          
+    if (NULL == inst) {                                                         
+        rv = NS_ERROR_OUT_OF_MEMORY;                                            
+        return rv;                                                              
+    }                                                                           
+    NS_ADDREF(inst);                                                            
+    rv = inst->QueryInterface(aIID, aResult);                                   
+    NS_RELEASE(inst);                                                           
+                                                                                
+    return rv;                                                                  
+}                                                                               
+
+
+NS_IMETHODIMP
+nsSSLSocketProvider::NewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **_result, 
+                               nsISupports **securityInfo)
+{
+  nsresult rv = nsSSLIOLayerNewSocket(host,
+                                      port,
+                                      proxyHost,
+                                      proxyPort,
+                                      _result, 
+                                      securityInfo);
+  
+  return (NS_FAILED(rv)) ? NS_ERROR_SOCKET_CREATE_FAILED : NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.h

@@ -18,29 +18,37 @@
  * Rights Reserved.
  *
  * Contributor(s):
- *  Brian Ryner <bryner@netscape.com>
- */
+*/
 
 #ifndef _NSSSLSOCKETPROVIDER_H_
 #define _NSSSLSOCKETPROVIDER_H_
 
 #include "nsISSLSocketProvider.h"
 
-/* 217d014a-1dd2-11b2-999c-b0c4df79b324 */
-#define NS_SSLSOCKETPROVIDER_CID   \
-{ 0x217d014a, 0x1dd2, 0x11b2, {0x99, 0x9c, 0xb0, 0xc4, 0xdf, 0x79, 0xb3, 0x24}}
+
+/* 274418d0-5437-11d3-bbc8-0000861d1237 */         
+#define NS_SSLSOCKETPROVIDER_CID   { 0x274418d0, 0x5437, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
 
 
 class nsSSLSocketProvider : public nsISSLSocketProvider
 {
 public:
   NS_DECL_ISUPPORTS
+
   NS_DECL_NSISOCKETPROVIDER
+
   NS_DECL_NSISSLSOCKETPROVIDER
-  
+
   // nsSSLSocketProvider methods:
   nsSSLSocketProvider();
   virtual ~nsSSLSocketProvider();
+
+  static NS_METHOD
+  Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+  nsresult Init();
+
+protected:
 };
 
 #endif /* _NSSSLSOCKETPROVIDER_H_ */

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp

@@ -0,0 +1,654 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998-2000 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Stuart Parmenter <pavlov@netscape.com>
+*/
+
+#include "nspr.h"
+#include "prlog.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIPSMComponent.h"
+#include "nsPSMComponent.h"
+#include "nsCOMPtr.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIServiceManager.h"
+
+#include "nsIScriptGlobalObject.h"
+#include "nsIObserverService.h"
+#include "nsIDocumentLoader.h"
+#include "nsCURILoader.h"
+#include "nsIDocShell.h"
+#include "nsIDocumentViewer.h"
+#include "nsCURILoader.h"
+#include "nsIDocument.h"
+#include "nsIDOMHTMLDocument.h"
+#include "nsIDOMXULDocument.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIContent.h"
+#include "nsIWebProgress.h"
+#include "nsIChannel.h"
+#include "nsIPSMSocketInfo.h"
+
+#include "nsIURI.h"
+
+#include "prmem.h"
+
+#include "nsINetSupportDialogService.h"
+#include "nsIPrompt.h"
+#include "nsICommonDialogs.h"
+#include "nsIPref.h"
+
+#include "nsIFormSubmitObserver.h"
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kCommonDialogsCID,         NS_CommonDialog_CID );
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+
+#define ENTER_SITE_PREF      "security.warn_entering_secure"
+#define LEAVE_SITE_PREF      "security.warn_leaving_secure"
+#define MIXEDCONTENT_PREF    "security.warn_viewing_mixed"
+#define INSECURE_SUBMIT_PREF "security.warn_submit_insecure"
+
+#if defined(PR_LOGGING)
+//
+// Log module for nsSecureBroswerUI logging...
+//
+// To enable logging (see prlog.h for full details):
+//
+//    set NSPR_LOG_MODULES=nsSecureBroswerUI:5
+//    set NSPR_LOG_FILE=nspr.log
+//
+// this enables PR_LOG_DEBUG level information and places all output in
+// the file nspr.log
+//
+PRLogModuleInfo* gSecureDocLog = nsnull;
+#endif /* PR_LOGGING */
+
+ 
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{
+    nsresult rv;
+
+    nsSecureBrowserUIImpl * inst;
+
+    if (NULL == aResult) {
+        rv = NS_ERROR_NULL_POINTER;
+        return rv;
+    }
+    *aResult = NULL;
+    if (NULL != aOuter) {
+        rv = NS_ERROR_NO_AGGREGATION;
+        return rv;
+    }
+
+    NS_NEWXPCOM(inst, nsSecureBrowserUIImpl);
+    if (NULL == inst) {
+        rv = NS_ERROR_OUT_OF_MEMORY;
+        return rv;
+    }
+    NS_ADDREF(inst);
+    rv = inst->QueryInterface(aIID, aResult);
+    NS_RELEASE(inst);
+
+    return rv;
+}
+
+nsSecureBrowserUIImpl::nsSecureBrowserUIImpl()
+{
+    NS_INIT_REFCNT();
+    
+#if defined(PR_LOGGING)
+    if (nsnull == gSecureDocLog) {
+        gSecureDocLog = PR_NewLogModule("nsSecureBroswerUI");
+    }
+#endif /* PR_LOGGING */
+
+
+    mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+    mLastPSMStatus    = nsnull;
+    mCurrentURI       = nsnull;
+    mSecurityButton   = nsnull;
+}
+
+nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl()
+{
+    PR_FREEIF(mLastPSMStatus);
+}
+
+NS_IMPL_ISUPPORTS4(nsSecureBrowserUIImpl, 
+                   nsSecureBrowserUI, 
+                   nsIWebProgressListener, 
+                   nsIFormSubmitObserver,
+                   nsIObserver); 
+
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Init(nsIDOMWindow *window, nsIDOMElement *button)
+{
+    mSecurityButton = button;
+    mWindow         = window;
+
+    nsresult rv = nsServiceManager::GetService( kPrefCID, 
+                                                NS_GET_IID(nsIPref), 
+                                                getter_AddRefs(mPref));  
+    if (NS_FAILED(rv)) return rv;
+
+    NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
+    if (NS_FAILED(rv)) return rv;
+
+    nsILocale* locale = nsnull;
+    rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL, locale, getter_AddRefs(mStringBundle));
+    if (NS_FAILED(rv)) return rv;
+
+    // hook up to the form post notifications:
+    nsIObserverService *svc = 0;
+    rv = nsServiceManager::GetService(NS_OBSERVERSERVICE_PROGID, 
+                                      NS_GET_IID(nsIObserverService), 
+                                      (nsISupports**)&svc );
+    if (NS_SUCCEEDED(rv) && svc) {
+        nsString  topic; topic.AssignWithConversion(NS_FORMSUBMIT_SUBJECT);
+        rv = svc->AddObserver( this, topic.GetUnicode());
+        nsServiceManager::ReleaseService( NS_OBSERVERSERVICE_PROGID, svc );
+    }
+
+    // hook up to the webprogress notifications.
+    nsCOMPtr<nsIDocShell> docShell;
+
+    nsCOMPtr<nsIScriptGlobalObject> sgo = do_QueryInterface(window);
+    if (!sgo) return NS_ERROR_NULL_POINTER;
+
+    sgo->GetDocShell(getter_AddRefs(docShell));
+    if (!docShell) return NS_ERROR_NULL_POINTER;
+
+    nsCOMPtr<nsIWebProgress> wp = do_GetInterface(docShell);
+    if (!wp) return NS_ERROR_NULL_POINTER;
+
+    wp->AddProgressListener(NS_STATIC_CAST(nsIWebProgressListener*,this));
+
+    mInitByLocationChange = PR_TRUE;
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::DisplayPageInfoUI()
+{
+    nsresult res;
+    NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+    if (NS_FAILED(res)) 
+        return res;
+    
+    nsXPIDLCString host;
+    if (mCurrentURI)
+        mCurrentURI->GetHost(getter_Copies(host));
+    
+    return psm->DisplaySecurityAdvisor(mLastPSMStatus, host);
+}
+
+
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Observe(nsISupports*, const PRUnichar*, const PRUnichar*) 
+{
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+static nsresult IsChildOfDomWindow(nsIDOMWindow *parent, nsIDOMWindow *child, PRBool* value)
+{
+    *value = PR_FALSE;
+
+    if (parent == child)
+    {
+        *value = PR_TRUE;
+        return NS_OK;
+    }
+
+    nsCOMPtr<nsIDOMWindow> childsParent;
+    child->GetParent(getter_AddRefs(childsParent));
+        
+    if (childsParent && childsParent.get() != child)
+        IsChildOfDomWindow(parent, childsParent, value);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI* actionURL)
+{
+    // Return NS_OK unless we want to prevent this form from submitting.
+
+    if (!window || !actionURL || !formNode) {
+        return NS_OK;
+    }
+    
+    nsCOMPtr<nsIDocument> document; 
+    formNode->GetDocument(*getter_AddRefs(document)); 
+    if (!document) return NS_OK; 
+
+    nsCOMPtr<nsIScriptGlobalObject> globalObject; 
+    document->GetScriptGlobalObject(getter_AddRefs(globalObject)); 
+    nsCOMPtr<nsIDOMWindow> postingWindow = do_QueryInterface(globalObject); 
+    
+    PRBool isChild;
+    IsChildOfDomWindow(mWindow, postingWindow, &isChild);
+
+    if (!isChild)
+        return NS_OK;
+
+    PRBool okayToPost;
+    nsresult res = CheckPost(actionURL, &okayToPost);
+
+    if (NS_SUCCEEDED(res) && okayToPost)
+        return NS_OK;
+    
+    return NS_ERROR_FAILURE;
+}
+
+//  nsIWebProgressListener
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnProgressChange(nsIWebProgress* aWebProgress,
+                                        nsIRequest* aRequest, 
+                                        PRInt32 aCurSelfProgress, 
+                                        PRInt32 aMaxSelfProgress, 
+                                        PRInt32 aCurTotalProgress, 
+                                        PRInt32 aMaxTotalProgress)
+{
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
+                                     nsIRequest* aRequest, 
+                                     PRInt32 aProgressStateFlags,
+                                     nsresult aStatus)
+{
+    nsresult res = NS_OK;
+
+    if (aRequest == nsnull || !mSecurityButton || !mPref)
+        return NS_ERROR_NULL_POINTER;
+
+    // Get the channel from the request...
+    // If the request is not network based, then ignore it.    
+    nsCOMPtr<nsIChannel> channel;
+    channel = do_QueryInterface(aRequest, &res);
+    if (NS_FAILED(res))
+        return NS_OK;
+
+    nsCOMPtr<nsIURI> loadingURI;
+    channel->GetURI(getter_AddRefs(loadingURI));
+    
+#if defined(DEBUG)
+    nsXPIDLCString temp;
+    loadingURI->GetSpec(getter_Copies(temp));
+    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange: %x :%s\n", this, aProgressStateFlags,(const char*)temp));
+#endif
+
+    // A Document is starting to load...
+    if ((aProgressStateFlags & flag_start) && 
+        (aProgressStateFlags & flag_is_network))
+    {
+        // starting to load a webpage
+        PR_FREEIF(mLastPSMStatus); mLastPSMStatus = nsnull;
+
+        mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+
+        res = CheckProtocolContextSwitch( loadingURI, mCurrentURI);    
+        return res;
+    } 
+
+    // A document has finished loading    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_network) &&
+        mIsSecureDocument)
+    {
+        if (!mIsDocumentBroken) // and status is okay  FIX
+        {
+            // qi for the psm information about this channel load.
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info);
+            if (psmInfo)
+            {
+                // Everything looks okay.  Lets stash the picked status.
+                PR_FREEIF(mLastPSMStatus);
+                res = psmInfo->GetPickledStatus(&mLastPSMStatus);
+
+                if (NS_SUCCEEDED(res)) {
+                    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to lock\n", this));
+                    res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("high") );
+                    return res;
+                }
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to broken\n", this));
+        mIsDocumentBroken = PR_TRUE;
+        res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken"));
+        return res;
+    }
+    
+    ///    if (aProgressStateFlags == nsIWebProgress::flag_net_redirecting)
+    ///    {
+    ///        // need to implmentent.
+    ///    }
+
+    // don't need to do anything more if the page is broken or not secure...
+
+    if (!mIsSecureDocument || mIsDocumentBroken)
+        return NS_OK;
+
+    // A URL is starting to load...
+    if ((aProgressStateFlags & flag_start) &&
+        (aProgressStateFlags & flag_is_request))
+    {   // check to see if we are going to mix content.
+        return CheckMixedContext(loadingURI);
+    }
+
+    // A URL has finished loading...    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_request))
+    {
+        if (1)  // FIX status from the flag...
+        {
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &res);
+
+                    // qi for the psm information about this channel load.
+            if (psmInfo) {
+                return NS_OK;    
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange - Icon set to broken\n", this));
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+        mIsDocumentBroken = PR_TRUE;
+    }    
+
+    return res;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnLocationChange(nsIURI* aLocation)
+{
+    mCurrentURI = aLocation;
+    
+    if (mInitByLocationChange)
+    {
+        IsURLHTTPS(mCurrentURI, &mIsSecureDocument);
+        mInitByLocationChange = PR_FALSE;
+    }
+
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
+{
+	*value = PR_FALSE;
+
+	if (!aURL)
+		return NS_OK;
+
+    char* scheme;
+	aURL->GetScheme(&scheme);
+
+	if (scheme == nsnull)
+		return NS_ERROR_NULL_POINTER;
+
+    if ( PL_strncasecmp(scheme, "https",  5) == 0 )
+		*value = PR_TRUE;
+	
+	nsMemory::Free(scheme);
+	return NS_OK;
+}
+
+
+
+void nsSecureBrowserUIImpl::GetBundleString(const nsString& name, nsString &outString)
+{
+    if (mStringBundle && name.Length() > 0) {
+        PRUnichar *ptrv = nsnull;
+        if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name.GetUnicode(), &ptrv)))
+            outString = ptrv;
+        else
+            outString.SetLength(0);;
+
+        nsMemory::Free(ptrv);
+
+    } else {
+        outString.SetLength(0);;
+    }
+}
+
+nsresult 
+nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI)
+{
+    nsresult res;
+    PRBool isNewSchemeSecure, isOldSchemeSecure, boolpref;
+
+    res = IsURLHTTPS(oldURI, &isOldSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+    res = IsURLHTTPS(newURI, &isNewSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+
+    // Check to see if we are going from a secure page to and insecure page
+    if ( !isNewSchemeSecure && isOldSchemeSecure)
+    {
+        mSecurityButton->RemoveAttribute( NS_ConvertASCIItoUCS2("level") );
+    
+        if ((mPref->GetBoolPref(LEAVE_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("LeaveSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(LEAVE_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+    // check to see if we are going from an insecure page to a secure one.
+    else if (isNewSchemeSecure && !isOldSchemeSecure)
+    {
+        if ((mPref->GetBoolPref(ENTER_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("EnterSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue)
+            {
+                mPref->SetBoolPref(ENTER_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+
+    mIsSecureDocument = isNewSchemeSecure;
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(nextURI, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+
+    if (!secure  && mIsSecureDocument)
+    {
+        mIsDocumentBroken = PR_TRUE;
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+
+        if (!mPref) return NS_ERROR_NULL_POINTER;
+
+        PRBool boolpref;
+        if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+
+        if (boolpref && !mMixContentAlertShown) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("MixedContentMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+                if (NS_FAILED(rv)) 
+                    return rv;
+                psm->PassPrefs();
+            }
+
+            mMixContentAlertShown = PR_TRUE;
+        }
+    }
+
+  return NS_OK;
+}
+
+nsresult
+nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(actionURL, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+    
+    // if we are posting to a secure link from a secure page, all is okay.
+    if (secure  && mIsSecureDocument)
+        return NS_OK;
+
+
+    PRBool boolpref;    
+
+    // posting to a non https URL.
+    if ((mPref->GetBoolPref(INSECURE_SUBMIT_PREF, &boolpref) != 0))
+        boolpref = PR_TRUE;
+    
+    if (boolpref) {
+        NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+        if (NS_FAILED(rv)) 
+            return rv;
+
+        nsAutoString windowTitle, message, dontShowAgain;
+        
+        GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+        GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+        // posting to insecure webpage from a secure webpage.
+        if (!secure  && mIsSecureDocument && !mIsDocumentBroken) {
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecure"), message);
+        } else { // anything else, post generic warning
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecureFromInsecure"), message);
+        }
+
+        PRBool outCheckValue = PR_TRUE;
+        dialog->ConfirmCheck(mWindow, 
+                             windowTitle.GetUnicode(), 
+                             message.GetUnicode(), 
+                             dontShowAgain.GetUnicode(), 
+                             &outCheckValue, 
+                             okayToPost);
+
+        if (!outCheckValue) {
+            mPref->SetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
+            NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+            psm->PassPrefs();
+        }
+    } else {
+        *okayToPost = PR_TRUE;
+    }
+  
+    return NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.h

@@ -0,0 +1,108 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef nsSecureBrowserUIImpl_h_
+#define nsSecureBrowserUIImpl_h_
+
+#include "nsCOMPtr.h"
+#include "nsXPIDLString.h"
+#include "nsString.h"
+#include "nsIObserver.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIStringBundle.h"
+#include "nsISecureBrowserUI.h"
+#include "nsIDocShell.h"
+#include "nsIPref.h"
+#include "nsIWebProgressListener.h"
+#include "nsIFormSubmitObserver.h"
+#include "nsIURI.h"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME "Mozilla Secure Browser Doc Observer"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CID \
+{0x97c06c30, 0xa145, 0x11d3, \
+{0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_PROGID "component://netscape/secure_browser_docobserver"
+
+
+class nsSecureBrowserUIImpl : public nsSecureBrowserUI, 
+                              public nsIWebProgressListener, 
+                              public nsIFormSubmitObserver,
+                              public nsIObserver
+{
+public:
+
+	nsSecureBrowserUIImpl();
+	virtual ~nsSecureBrowserUIImpl();
+    
+    static NS_METHOD Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+	NS_DECL_ISUPPORTS    
+    NS_DECL_NSIWEBPROGRESSLISTENER
+    NS_DECL_NSSECUREBROWSERUI
+
+
+    // nsIObserver
+    NS_DECL_NSIOBSERVER
+    NS_IMETHOD Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI *actionURL);
+
+protected:
+
+	nsCOMPtr<nsIDOMWindow>              mWindow;
+    nsCOMPtr<nsIDOMElement>             mSecurityButton;
+	nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
+    nsCOMPtr<nsIPref>                   mPref;
+    nsCOMPtr<nsIStringBundle>           mStringBundle;
+    
+    nsCOMPtr<nsIURI>                    mCurrentURI;
+
+	PRBool					mIsSecureDocument;  // is https loaded
+	PRBool					mIsDocumentBroken;  // 
+	PRBool					mMixContentAlertShown;
+    
+    PRBool                  mInitByLocationChange;
+
+    char*                   mLastPSMStatus;
+    
+
+    void GetBundleString(const nsString& name, nsString &outString);
+    nsresult LoadStringBundle();
+    
+    nsresult CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI);
+    nsresult CheckMixedContext(nsIURI* nextURI);
+    nsresult CheckPost(nsIURI *actionURL, PRBool *okayToPost);
+    nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
+};
+
+
+#endif /* nsSecureBrowserUIImpl_h_ */
+
+
+
+
+
+

mozilla/security/manager/Makefile.in

@@ -1,109 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#  Brian Ryner <bryner@netscape.com>
-# 
-
-DEPTH		= ../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH)))
-LOADABLE_ROOT_MODULE = nssckbi$(DLL_SUFFIX)
-NSS3_LIB = nss3$(DLL_SUFFIX)
-SMIME3_LIB = smime3$(DLL_SUFFIX)
-SSL3_LIB =  ssl3$(DLL_SUFFIX)
-SOFTOKEN3_LIB = softokn3$(DLL_SUFFIX)
-else
-LOADABLE_ROOT_MODULE = libnssckbi$(DLL_SUFFIX)
-NSS3_LIB = libnss3$(DLL_SUFFIX)
-SMIME3_LIB = libsmime3$(DLL_SUFFIX)
-SSL3_LIB =  libssl3$(DLL_SUFFIX)
-SOFTOKEN3_LIB = libsoftokn3$(DLL_SUFFIX)
-endif
-FREEBL_PURE32_MODULE = libfreebl_pure32_3$(DLL_SUFFIX)
-FREEBL_HYBRID_MODULE = libfreebl_hybrid_3$(DLL_SUFFIX)
-
-# NSS makefiles are not safe for parallel execution.
-DEFAULT_GMAKE_FLAGS = MAKE="$(MAKE) -j1" -j1
-DEFAULT_GMAKE_FLAGS += MOZILLA_INCLUDES="-I$(MOZ_BUILD_ROOT)/dist/include/nspr -I$(MOZ_BUILD_ROOT)/dist/include/dbm"
-DEFAULT_GMAKE_FLAGS += SOURCE_MD_DIR=$(MOZ_BUILD_ROOT)/dist
-DEFAULT_GMAKE_FLAGS += DIST=$(MOZ_BUILD_ROOT)/dist
-DEFAULT_GMAKE_FLAGS += MOZILLA_CLIENT=1
-DEFAULT_GMAKE_FLAGS += NO_MDUPDATE=1
-ABS_topsrcdir   := $(shell cd $(topsrcdir); pwd)
-ifneq ($(ABS_topsrcdir),$(MOZ_BUILD_ROOT))
-DEFAULT_GMAKE_FLAGS += BUILD_TREE=$(MOZ_BUILD_ROOT)
-endif
-ifndef MOZ_DEBUG
-DEFAULT_GMAKE_FLAGS += BUILD_OPT=1
-endif
-ifdef GNU_CC
-DEFAULT_GMAKE_FLAGS += NS_USE_GCC=1 NS_USE_NATIVE=
-else
-DEFAULT_GMAKE_FLAGS += NS_USE_GCC= NS_USE_NATIVE=1
-endif
-ifdef USE_N32
-# It is not really necessary to specify USE_PTHREADS=1.  USE_PTHREADS
-# merely adds _PTH to coreconf's OBJDIR name.
-DEFAULT_GMAKE_FLAGS += USE_N32=1 USE_PTHREADS=1
-endif
-ifdef HAVE_64BIT_OS
-DEFAULT_GMAKE_FLAGS += USE_64=1
-endif
-
-SUBMAKEFILES = boot/Makefile ssl/Makefile pki/Makefile
-
-include $(topsrcdir)/config/rules.mk
-
-depend dependclean export::
-	$(MAKE) -C boot $@
-	$(MAKE) -C ssl $@
-	$(MAKE) -C pki $@
-
-libs::
-	$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS)
-	cd $(DIST)/lib; cp -f libmozdbm_s.$(LIB_SUFFIX) libdbm.$(LIB_SUFFIX)
-	$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS)
-	$(INSTALL) -m 755 $(DIST)/lib/$(LOADABLE_ROOT_MODULE) $(DIST)/bin
-	$(INSTALL) -m 755 $(DIST)/lib/$(SOFTOKEN3_LIB) $(DIST)/bin
-	$(INSTALL) -m 755 $(DIST)/lib/$(NSS3_LIB) $(DIST)/bin
-	$(INSTALL) -m 755 $(DIST)/lib/$(SSL3_LIB) $(DIST)/bin
-	$(INSTALL) -m 755 $(DIST)/lib/$(SMIME3_LIB) $(DIST)/bin
-ifneq (,$(filter SunOS HP-UX,$(OS_ARCH)))
-ifneq ($(OS_TEST),i86pc)
-ifndef HAVE_64BIT_OS
-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_PURE32_MODULE) $(DIST)/bin
-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(DIST)/bin
-endif
-endif
-endif
-	$(MAKE) -C boot $@
-	$(MAKE) -C ssl $@
-	$(MAKE) -C pki $@
-
-clean clobber clobber_all realclean distclean::
-	$(MAKE) -C boot $@
-	$(MAKE) -C ssl $@
-	$(MAKE) -C pki $@
-	$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS) clean
-	$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS) clean

mozilla/security/manager/boot/Makefile.in

@@ -1,45 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#   Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH		= ../../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-DIRS		= public src
-
-include $(topsrcdir)/config/rules.mk

mozilla/security/manager/boot/makefile.win

@@ -1,44 +0,0 @@
-#!nmake
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#   Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH=..\..\..
-include <$(DEPTH)/config/config.mak>
-
-DIRS = public src
-
-include <$(DEPTH)\config\rules.mak>

mozilla/security/manager/boot/public/Makefile.in

@@ -1,53 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#   Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-MODULE = pipboot
-
-DEPTH           = ../../../..
-topsrcdir       = @top_srcdir@
-srcdir          = @srcdir@
-VPATH           = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-XPIDLSRCS = \
-    nsISSLStatusProvider.idl \
-    nsISecurityWarningDialogs.idl \
-    nsIBufEntropyCollector.idl \
-    $(NULL)
-
-include $(topsrcdir)/config/rules.mk

mozilla/security/manager/boot/public/makefile.win

@@ -1,55 +0,0 @@
-#!nmake
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#   Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-MODULE = pipboot
-
-DEPTH=..\..\..\..
-IGNORE_MANIFEST=1
-
-include <$(DEPTH)/config/config.mak>
-
-XPIDL_INCLUDES=-I$(DEPTH)\dist\idl
-
-XPIDLSRCS= \
-    .\nsISSLStatusProvider.idl \
-    .\nsISecurityWarningDialogs.idl \
-    .\nsIBufEntropyCollector.idl \
-    $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>

mozilla/security/manager/boot/public/nsIBufEntropyCollector.idl

@@ -1,57 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   L. David Baron <dbaron@fas.harvard.edu> (original author)
- *   Kai Engert <kaie@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "nsISupports.idl"
-#include "nsIEntropyCollector.idl"
-
-[uuid(485b87a8-5dd7-4b8d-8ea8-dee53201f899)]
-interface nsIBufEntropyCollector : nsIEntropyCollector
-{
-  /**
-   * Forward the entropy collected so far to |collector| and then
-   * continue forwarding new entropy as it arrives.
-   */
-  void forwardTo(in nsIEntropyCollector collector);
-
-  /**
-   * No longer forward to a (possibly) previously remembered collector.
-   * Do buffering again.
-   */
-  void dontForward();
-};

mozilla/security/manager/boot/public/nsISSLStatusProvider.idl

@@ -1,44 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Terry Hayes <thayes@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "nsISupports.idl"
-
-[scriptable, uuid(8de811f0-1dd2-11b2-8bf1-e9aa324984b2)]
-interface nsISSLStatusProvider : nsISupports {
-  readonly attribute nsISupports SSLStatus;
-};

mozilla/security/manager/boot/public/nsISecurityWarningDialogs.idl

@@ -1,69 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Terry Hayes <thayes@netscape.com>
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "nsISupports.idl"
-
-interface nsIInterfaceRequestor;
-
-/**
- * nsISecurityWarningDialogs - functions that
- *   display warnings for transitions between secure
- *   and insecure pages, posts to insecure servers etc.
- */
-[scriptable, uuid(1c399d06-1dd2-11b2-bc58-c87cbcacdb78)]
-interface nsISecurityWarningDialogs : nsISupports
-{
-  /**
-   * alertEnteringSecure
-   */
-  void alertEnteringSecure(in nsIInterfaceRequestor ctx);
-
-  /**
-   * alertEnteringWeak
-   */
-  void alertEnteringWeak(in nsIInterfaceRequestor ctx);
-
-  /**
-   * alertLeavingSecure
-   */
-  void alertLeavingSecure(in nsIInterfaceRequestor ctx);
-
-  /**
-   * alertMixedMode
-   */
-  void alertMixedMode(in nsIInterfaceRequestor ctx);
-
-  /**
-   * confirmPostToInsecure
-   */
-  boolean confirmPostToInsecure(in nsIInterfaceRequestor ctx);
-
-  /**
-   * confirmPostToInsecureFromSecure
-   */
-  boolean confirmPostToInsecureFromSecure(in nsIInterfaceRequestor ctx);
-};
-

mozilla/security/manager/boot/src/Makefile.in

@@ -1,99 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#     Javier Delgadillo <javi@netscape.com>
-#     Terry Hayes <thayes@netscape.com>
-#     Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH		= ../../../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE		= pipboot
-LIBRARY_NAME	= pipboot
-IS_COMPONENT	= 1
-MODULE_NAME	= BOOT
-EXPORT_LIBRARY	= 1
-META_COMPONENT	= crypto
-
-EXPORTS =  \
-	$(NULL)
-
-CPPSRCS = \
-	nsEntropyCollector.cpp \
-	nsSecureBrowserUIImpl.cpp \
-	nsBOOTModule.cpp \
-	$(NULL)
-
-REQUIRES	= nspr \
-		  xpcom \
-		  string \
-		  necko \
-		  uriloader \
-		  pref \
-		  caps \
-		  dom \
-		  intl \
-		  locale \
-		  profile \
-		  windowwatcher \
-		  js \
-		  docshell \
-		  widget \
-		  layout \
-		  content \
-		  pippki \
-		  xpconnect \
-		  jar \
-		  unicharutil \
-                  pipnss \
-		  $(NULL)
-
-include $(topsrcdir)/config/rules.mk
-
-INCLUDES	+= \
-		-I$(DIST)/public/security \
-		$(NULL)
-
-EXTRA_DSO_LDOPTS += \
-		$(MOZ_COMPONENT_LIBS) \
-		$(MOZ_JS_LIBS) \
-		$(NULL)
-
-EXTRA_LIBS	+= \
-        $(NULL)

mozilla/security/manager/boot/src/makefile.win

@@ -1,86 +0,0 @@
-#!nmake
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 2001
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#     Terry Hayes <thayes@netscape.com>
-#     Kai Engert <kaie@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-MODULE = pipboot
-
-DEPTH=..\..\..\..
-IGNORE_MANIFEST=1
-
-LIBRARY_NAME   = pipboot
-PDBFILE        = $(LIBRARY_NAME).pdb
-MAPFILE        = $(LIBRARY_NAME).map
-MODULE_NAME = BOOT
-META_COMPONENT = crypto
-
-REQUIRES = \
-	xpcom \
-	string \
-	dom \
-	pref \
-	intl \
-	locale \
-	windowwatcher \
-	necko \
-	pipnss \
-	layout \
-	layout_xul \
-        uriloader \
-        docshell \
-        widget \
-        content \
-	$(NULL)
-
-include <$(DEPTH)/config/config.mak>
-
-LLIBS   = \
-    $(DIST)/lib/js3250.lib \
-    $(LIBNSPR) \
-    $(DIST)\lib\xpcom.lib \
-    $(NULL)
-
-EXPORTS = \
-    $(NULL)
-
-OBJS = \
-    .\$(OBJDIR)\nsEntropyCollector.obj \
-    .\$(OBJDIR)\nsSecureBrowserUIImpl.obj \
-    .\$(OBJDIR)\nsBOOTModule.obj \
-    $(NULL)
-
-include <$(DEPTH)\config\rules.mak>

mozilla/security/manager/boot/src/nsBOOTModule.cpp

@@ -1,53 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Terry Hayes <thayes@netscape.com>
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "nsIModule.h"
-#include "nsIGenericFactory.h"
-
-#include "nsEntropyCollector.h"
-#include "nsSecureBrowserUIImpl.h"
-
-NS_GENERIC_FACTORY_CONSTRUCTOR(nsEntropyCollector)
-NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecureBrowserUIImpl)
-
-static nsModuleComponentInfo components[] =
-{
-  {
-    "Entropy Collector",
-    NS_ENTROPYCOLLECTOR_CID,
-    NS_ENTROPYCOLLECTOR_CONTRACTID,
-    nsEntropyCollectorConstructor
-  },
-
-  {
-    NS_SECURE_BROWSER_UI_CLASSNAME,
-    NS_SECURE_BROWSER_UI_CID,
-    NS_SECURE_BROWSER_UI_CONTRACTID,
-    nsSecureBrowserUIImplConstructor
-  }
-};
-
-NS_IMPL_NSGETMODULE(BOOT, components)

mozilla/security/manager/boot/src/nsEntropyCollector.cpp

@@ -1,131 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   L. David Baron <dbaron@fas.harvard.edu> (original author)
- *   Kai Engert <kaie@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "prlog.h"
-#include "nsEntropyCollector.h"
-#include "nsMemory.h"
-
-nsEntropyCollector::nsEntropyCollector()
-:mBytesCollected(0), mWritePointer(mEntropyCache)
-{
-  NS_INIT_ISUPPORTS();
-}
-
-nsEntropyCollector::~nsEntropyCollector()
-{
-}
-
-NS_IMPL_THREADSAFE_ISUPPORTS2(nsEntropyCollector,
-                              nsIEntropyCollector,
-                              nsIBufEntropyCollector)
-
-NS_IMETHODIMP
-nsEntropyCollector::RandomUpdate(void *new_entropy, PRInt32 bufLen)
-{
-  if (bufLen > 0) {
-    if (mForwardTarget) {
-      return mForwardTarget->RandomUpdate(new_entropy, bufLen);
-    }
-    else {
-      const unsigned char *InputPointer = (const unsigned char *)new_entropy;
-      const unsigned char *PastEndPointer = mEntropyCache + entropy_buffer_size;
-
-      // if the input is large, we only take as much as we can store
-      PRInt32 bytes_wanted = PR_MIN(bufLen, entropy_buffer_size);
-
-      // remember the number of bytes we will have after storing new_entropy
-      mBytesCollected = PR_MIN(entropy_buffer_size, mBytesCollected + bytes_wanted);
-
-      // as the above statements limit bytes_wanted to the entropy_buffer_size,
-      // this loop will iterate at most twice.
-      while (bytes_wanted > 0) {
-
-        // how many bytes to end of cyclic buffer?
-        const PRInt32 space_to_end = PastEndPointer - mWritePointer;
-
-        // how many bytes can we copy, not reaching the end of the buffer?
-        const PRInt32 this_time = PR_MIN(space_to_end, bytes_wanted);
-
-        // copy at most to the end of the cyclic buffer
-        for (PRInt32 i = 0; i < this_time; ++i) {
-
-          // accept the fact that we use our buffer's random uninitialized content
-          unsigned int old = *mWritePointer;
-
-          // combine new and old value already stored in buffer
-          // this logic comes from PSM 1
-          *mWritePointer++ = ((old << 1) | (old >> 7)) ^ *InputPointer++;
-        }
-
-        PR_ASSERT(mWritePointer <= PastEndPointer);
-        PR_ASSERT(mWritePointer >= mEntropyCache);
-
-        // have we arrived at the end of the buffer?
-        if (PastEndPointer == mWritePointer) {
-          // reset write pointer back to begining of our buffer
-          mWritePointer = mEntropyCache;
-        }
-
-        // subtract the number of bytes we have already copied
-        bytes_wanted -= this_time;
-      }
-    }
-  }
-
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsEntropyCollector::ForwardTo(nsIEntropyCollector *aCollector)
-{
-  NS_PRECONDITION(!mForwardTarget, "|ForwardTo| should only be called once.");
-
-  mForwardTarget = aCollector;
-  mForwardTarget->RandomUpdate(mEntropyCache, mBytesCollected);
-  mBytesCollected = 0;
-
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsEntropyCollector::DontForward()
-{
-  mForwardTarget = nsnull;
-  return NS_OK;
-}

mozilla/security/manager/boot/src/nsEntropyCollector.h

@@ -1,70 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   L. David Baron <dbaron@fas.harvard.edu> (original author)
- *   Kai Engert <kaie@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifndef nsEntropyCollector_h___
-#define nsEntropyCollector_h___
-
-#include "nsIEntropyCollector.h"
-#include "nsIBufEntropyCollector.h"
-#include "nsCOMPtr.h"
-
-#define NS_ENTROPYCOLLECTOR_CID \
- { /* 34587f4a-be18-43c0-9112-b782b08c0add */       \
-  0x34587f4a, 0xbe18, 0x43c0,                       \
- {0x91, 0x12, 0xb7, 0x82, 0xb0, 0x8c, 0x0a, 0xdd} }
-
-class nsEntropyCollector : public nsIBufEntropyCollector
-{
-  public:
-    nsEntropyCollector();
-    virtual ~nsEntropyCollector();
-
-    NS_DECL_ISUPPORTS
-    NS_DECL_NSIENTROPYCOLLECTOR
-    NS_DECL_NSIBUFENTROPYCOLLECTOR
-
-    enum { entropy_buffer_size = 1024 };
-
-  protected:
-    unsigned char mEntropyCache[entropy_buffer_size];
-    PRInt32 mBytesCollected;
-    unsigned char *mWritePointer;
-    nsCOMPtr<nsIEntropyCollector> mForwardTarget;
-};
-
-#endif /* !defined nsEntropyCollector_h__ */

mozilla/security/manager/boot/src/nsSecureBrowserUIImpl.cpp

@@ -1,834 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998-2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Hubbie Shaw
- *   Doug Turner <dougt@netscape.com>
- *   Stuart Parmenter <pavlov@netscape.com>
- *   Brian Ryner <bryner@netscape.com>
- *   Terry Hayes <thayes@netscape.com>
- *   Kai Engert <kaie@netscape.com>
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifdef MOZ_LOGGING
-#define FORCE_PR_LOG
-#endif
-
-#include "nspr.h"
-#include "prlog.h"
-#include "prmem.h"
-
-#include "nsISecureBrowserUI.h"
-#include "nsSecureBrowserUIImpl.h"
-#include "nsCOMPtr.h"
-#include "nsIInterfaceRequestor.h"
-#include "nsIInterfaceRequestorUtils.h"
-#include "nsIServiceManager.h"
-#include "nsIScriptGlobalObject.h"
-#include "nsIObserverService.h"
-#include "nsIDocumentLoader.h"
-#include "nsCURILoader.h"
-#include "nsIDocShell.h"
-#include "nsIDocumentViewer.h"
-#include "nsIDocument.h"
-#include "nsIDOMElement.h"
-#include "nsIDOMWindowInternal.h"
-#include "nsIContent.h"
-#include "nsIWebProgress.h"
-#include "nsIChannel.h"
-#include "nsIHttpChannel.h"
-#include "nsIFileChannel.h"
-#include "nsITransportSecurityInfo.h"
-#include "nsIURI.h"
-#include "nsISecurityEventSink.h"
-#include "nsIPrompt.h"
-#include "nsIFormSubmitObserver.h"
-#include "nsISecurityWarningDialogs.h"
-#include "nsIProxyObjectManager.h"
-#include "nsINSSDialogs.h"
-
-#define SECURITY_STRING_BUNDLE_URL "chrome://communicator/locale/security.properties"
-
-static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
-static const char *kNSSDialogsContractId = NS_NSSDIALOGS_CONTRACTID;
-
-#define IS_SECURE(state) ((state & 0xFFFF) == STATE_IS_SECURE)
-
-#if defined(PR_LOGGING)
-//
-// Log module for nsSecureBroswerUI logging...
-//
-// To enable logging (see prlog.h for full details):
-//
-//    set NSPR_LOG_MODULES=nsSecureBroswerUI:5
-//    set NSPR_LOG_FILE=nspr.log
-//
-// this enables PR_LOG_DEBUG level information and places all output in
-// the file nspr.log
-//
-PRLogModuleInfo* gSecureDocLog = nsnull;
-#endif /* PR_LOGGING */
-
-
-nsSecureBrowserUIImpl::nsSecureBrowserUIImpl()
-  : mMixContentAlertShown(PR_FALSE),
-    mSecurityState(STATE_IS_INSECURE)
-{
-  NS_INIT_ISUPPORTS();
-  
-#if defined(PR_LOGGING)
-  if (!gSecureDocLog)
-    gSecureDocLog = PR_NewLogModule("nsSecureBrowserUI");
-#endif /* PR_LOGGING */
-}
-
-nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl()
-{
-  nsresult rv;
-  // remove self from form post notifications:
-  nsCOMPtr<nsIObserverService> svc(do_GetService("@mozilla.org/observer-service;1", &rv));
-  if (NS_SUCCEEDED(rv)) {
-    svc->RemoveObserver(this, NS_FORMSUBMIT_SUBJECT);
-  }
-}
-
-NS_IMPL_ISUPPORTS6(nsSecureBrowserUIImpl,
-                   nsISecureBrowserUI,
-                   nsIWebProgressListener,
-                   nsIFormSubmitObserver,
-                   nsIObserver,
-                   nsISupportsWeakReference,
-                   nsISSLStatusProvider);
-
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::Init(nsIDOMWindow *window,
-                            nsIDOMElement *button)
-{
-  nsresult rv = NS_OK;
-  mSecurityButton = button;  /* may be null */
-  mWindow = window;
-
-  nsCOMPtr<nsIStringBundleService> service(do_GetService(kCStringBundleServiceCID, &rv));
-  if (NS_FAILED(rv)) return rv;
-  
-  rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL,
-                             getter_AddRefs(mStringBundle));
-  if (NS_FAILED(rv)) return rv;
-  
-  // hook up to the form post notifications:
-  nsCOMPtr<nsIObserverService> svc(do_GetService("@mozilla.org/observer-service;1", &rv));
-  if (NS_SUCCEEDED(rv)) {
-    rv = svc->AddObserver(this, NS_FORMSUBMIT_SUBJECT, PR_TRUE);
-  }
-  
-  /* GetWebProgress(mWindow) */
-  // hook up to the webprogress notifications.
-  nsCOMPtr<nsIScriptGlobalObject> sgo(do_QueryInterface(mWindow));
-  if (!sgo) return NS_ERROR_FAILURE;
-  
-  nsCOMPtr<nsIDocShell> docShell;
-  sgo->GetDocShell(getter_AddRefs(docShell));
-  if (!docShell) return NS_ERROR_FAILURE;
-  
-  nsCOMPtr<nsIWebProgress> wp(do_GetInterface(docShell));
-  if (!wp) return NS_ERROR_FAILURE;
-  /* end GetWebProgress */
-  
-  wp->AddProgressListener(NS_STATIC_CAST(nsIWebProgressListener*,this));
-
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::DisplayPageInfoUI()
-{
-#if 0
-  nsresult res = NS_OK;
-  nsCOMPtr<nsISecurityManagerComponent> psm(do_GetService(PSM_COMPONENT_CONTRACTID,
-                                                          &res));
-  if (NS_FAILED(res))
-    return res;
-  
-  nsXPIDLCString host;
-  if (mCurrentURI)
-    mCurrentURI->GetHost(getter_Copies(host));
-  
-  //    return psm->DisplayPSMAdvisor(mLastPSMStatus, host);
-#endif
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::Observe(nsISupports*, const char*,
-                               const PRUnichar*)
-{
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-
-static nsresult IsChildOfDomWindow(nsIDOMWindow *parent, nsIDOMWindow *child,
-                                   PRBool* value)
-{
-  *value = PR_FALSE;
-  
-  if (parent == child) {
-    *value = PR_TRUE;
-    return NS_OK;
-  }
-  
-  nsCOMPtr<nsIDOMWindow> childsParent;
-  child->GetParent(getter_AddRefs(childsParent));
-  
-  if (childsParent && childsParent.get() != child)
-    IsChildOfDomWindow(parent, childsParent, value);
-  
-  return NS_OK;
-}
-
-static PRInt32 GetSecurityStateFromChannel(nsIChannel* aChannel)
-{
-  nsresult res;
-  PRInt32 securityState;
-
-  // qi for the psm information about this channel load.
-  nsCOMPtr<nsISupports> info;
-  aChannel->GetSecurityInfo(getter_AddRefs(info));
-  nsCOMPtr<nsITransportSecurityInfo> psmInfo(do_QueryInterface(info));
-  if (!psmInfo) {
-    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI: GetSecurityState:%p - no nsITransportSecurityInfo for %p\n",
-                                         aChannel, (nsISupports *)info));
-    return nsIWebProgressListener::STATE_IS_INSECURE;
-  }
-  PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI: GetSecurityState:%p - info is %p\n", aChannel,
-                                       (nsISupports *)info));
-  
-  res = psmInfo->GetSecurityState(&securityState);
-  if (!NS_SUCCEEDED(res)) {
-    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI: GetSecurityState:%p - GetSecurityState failed: %d\n",
-                                         aChannel, res));
-    securityState = nsIWebProgressListener::STATE_IS_BROKEN;
-  }
-  
-  PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI: GetSecurityState:%p - Returning %d\n", aChannel,
-                                       securityState));
-  return securityState;
-}
-
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::Notify(nsIContent* formNode,
-                              nsIDOMWindowInternal* window, nsIURI* actionURL,
-                              PRBool* cancelSubmit)
-{
-  // Return NS_OK unless we want to prevent this form from submitting.
-  *cancelSubmit = PR_FALSE;
-  if (!window || !actionURL || !formNode)
-    return NS_OK;
-  
-  nsCOMPtr<nsIDocument> document;
-  formNode->GetDocument(*getter_AddRefs(document));
-  if (!document) return NS_OK;
-
-  nsCOMPtr<nsIURI> formURL;
-  document->GetBaseURL(*getter_AddRefs(formURL));
-  
-  nsCOMPtr<nsIScriptGlobalObject> globalObject;
-  document->GetScriptGlobalObject(getter_AddRefs(globalObject));
-  nsCOMPtr<nsIDOMWindow> postingWindow(do_QueryInterface(globalObject));
-  
-  PRBool isChild;
-  IsChildOfDomWindow(mWindow, postingWindow, &isChild);
-  
-  // This notify call is not for our window, ignore it.
-  if (!isChild)
-    return NS_OK;
-  
-  PRBool okayToPost;
-  nsresult res = CheckPost(formURL, actionURL, &okayToPost);
-  
-  if (NS_SUCCEEDED(res) && !okayToPost)
-    *cancelSubmit = PR_TRUE;
-  
-  return res;
-}
-
-//  nsIWebProgressListener
-NS_IMETHODIMP 
-nsSecureBrowserUIImpl::OnProgressChange(nsIWebProgress* aWebProgress,
-                                        nsIRequest* aRequest,
-                                        PRInt32 aCurSelfProgress,
-                                        PRInt32 aMaxSelfProgress,
-                                        PRInt32 aCurTotalProgress,
-                                        PRInt32 aMaxTotalProgress)
-{
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
-                                     nsIRequest* aRequest,
-                                     PRInt32 aProgressStateFlags,
-                                     nsresult aStatus)
-{
-  nsresult res = NS_OK;
-
-  if (!aRequest)
-    return NS_ERROR_NULL_POINTER;
-  
-  // Get the channel from the request...
-  // If the request is not network based, then ignore it.
-  nsCOMPtr<nsIChannel> channel(do_QueryInterface(aRequest, &res));
-  if (NS_FAILED(res))
-    return NS_OK;
-
-  // We are only interested in HTTP and file requests.
-  nsCOMPtr<nsIHttpChannel> httpRequest(do_QueryInterface(aRequest));
-  nsCOMPtr<nsIFileChannel> fileRequest(do_QueryInterface(aRequest));
-  if (!httpRequest && !fileRequest) {
-    return NS_OK;
-  }
-  
-  nsCOMPtr<nsIInterfaceRequestor> requestor;
-  nsCOMPtr<nsISecurityEventSink> eventSink;
-  channel->GetNotificationCallbacks(getter_AddRefs(requestor));
-  if (requestor)
-    eventSink = do_GetInterface(requestor);
-  
-#if defined(DEBUG)
-  nsCOMPtr<nsIURI> loadingURI;
-  res = channel->GetURI(getter_AddRefs(loadingURI));
-  NS_ASSERTION(NS_SUCCEEDED(res), "GetURI failed");
-  if (loadingURI) {
-    nsXPIDLCString temp;
-    loadingURI->GetSpec(getter_Copies(temp));
-    PR_LOG(gSecureDocLog, PR_LOG_DEBUG,
-           ("SecureUI:%p: OnStateChange: %x :%s\n", this,
-            aProgressStateFlags,(const char*)temp));
-  }
-#endif
-
-  // First event when loading doc
-  if (aProgressStateFlags & STATE_START) {
-    if (aProgressStateFlags & STATE_IS_NETWORK) {
-      // Reset state variables used per doc loading
-      mMixContentAlertShown = PR_FALSE;
-      mFirstRequest = PR_TRUE;
-      mSSLStatus = nsnull;
-    }
-  }
-  
-  // A Document is starting to load...
-  if ((aProgressStateFlags & (STATE_STOP)) &&
-      (aProgressStateFlags & STATE_IS_REQUEST)) {
-
-    // work-around for bug 48515.
-    nsCOMPtr<nsIURI> aURI;
-    channel->GetURI(getter_AddRefs(aURI));
-
-    // Sometimes URI is null, so ignore.
-    if (aURI == nsnull) {
-      return NS_OK;
-    }
-
-    // If this is the first request, then do a protocol check
-    if (mFirstRequest) {
-      mFirstRequest = PR_FALSE;
-      return CheckProtocolContextSwitch(eventSink, aRequest, channel);
-    }
-    // Check that the request does not have mixed content.
-    return CheckMixedContext(eventSink, aRequest, channel);
-  }
-
-  // A document has finished loading
-  if ((aProgressStateFlags & STATE_STOP) &&
-    (aProgressStateFlags & STATE_IS_NETWORK)) {
-
-    // Get SSL Status information if possible
-    nsCOMPtr<nsISupports> info;
-    channel->GetSecurityInfo(getter_AddRefs(info));
-    nsCOMPtr<nsISSLStatusProvider> sp = do_QueryInterface(info);
-    if (sp) {
-      // Ignore result
-      sp->GetSSLStatus(getter_AddRefs(mSSLStatus));
-    }
-
-    if (eventSink)
-      eventSink->OnSecurityChange(aRequest, mSecurityState);
-          
-    if (!mSecurityButton)
-      return res;
-          
-    /* TNH - need event for changing the tooltip */
-
-    // Do we really need to look at res here? What happens if there's an error?
-    // We should still set the certificate authority display.
-
-    nsXPIDLString tooltip;
-    if (info) {
-      nsCOMPtr<nsITransportSecurityInfo> secInfo(do_QueryInterface(info));
-      if (secInfo &&
-          NS_SUCCEEDED(secInfo->GetShortSecurityDescription(getter_Copies(tooltip))) &&
-          tooltip) {
-
-        res = mSecurityButton->SetAttribute(NS_LITERAL_STRING("tooltiptext"),
-                                                nsString(tooltip));
-              
-      }
-    }
-  }
-
-  return res;
-}
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::OnLocationChange(nsIWebProgress* aWebProgress,
-                                        nsIRequest* aRequest,
-                                        nsIURI* aLocation)
-{
-  mCurrentURI = aLocation;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::OnStatusChange(nsIWebProgress* aWebProgress,
-                                      nsIRequest* aRequest,
-                                      nsresult aStatus,
-                                      const PRUnichar* aMessage)
-{
-  return NS_OK;
-}
-
-nsresult
-nsSecureBrowserUIImpl::OnSecurityChange(nsIWebProgress *aWebProgress,
-                                        nsIRequest *aRequest,
-                                        PRInt32 state)
-{
-  nsresult res = NS_OK;
-
-#if defined(DEBUG_dougt)
-  nsCOMPtr<nsIChannel> channel(do_QueryInterface(aRequest));
-  if (!channel)
-    return NS_ERROR_FAILURE;
-  
-  nsCOMPtr<nsIURI> aURI;
-  channel->GetURI(getter_AddRefs(aURI));
-  
-  nsXPIDLCString temp;
-  aURI->GetSpec(getter_Copies(temp));
-  printf("OnSecurityChange: (%x) %s\n", state, (const char*)temp);
-#endif
-  /* Deprecated support for mSecurityButton */
-  if (mSecurityButton) {
-    NS_NAMED_LITERAL_STRING(level, "level");
-
-    if (state == (STATE_IS_SECURE|STATE_SECURE_HIGH)) {
-      res = mSecurityButton->SetAttribute(level, NS_LITERAL_STRING("high"));
-    } else if (state == (STATE_IS_SECURE|STATE_SECURE_LOW)) {
-      res = mSecurityButton->SetAttribute(level, NS_LITERAL_STRING("low"));
-    } else if (state == STATE_IS_BROKEN) {
-      res = mSecurityButton->SetAttribute(level, NS_LITERAL_STRING("broken"));
-    } else {
-      res = mSecurityButton->RemoveAttribute(level);
-    }
-  }
-
-  return res;
-}
-
-// nsISSLStatusProvider methods
-NS_IMETHODIMP
-nsSecureBrowserUIImpl::GetSSLStatus(nsISupports** _result)
-{
-  NS_ASSERTION(_result, "non-NULL destination required");
-
-  *_result = mSSLStatus;
-  NS_IF_ADDREF(*_result);
-
-  return NS_OK;
-}
-
-nsresult
-nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
-{
-	*value = PR_FALSE;
-
-	if (!aURL)
-		return NS_OK;
-  
-  char* scheme;
-	aURL->GetScheme(&scheme);
-
-  // If no scheme, it's not an https url - not necessarily an error.
-  // See bugs 54845 and 54966  
-	if (!scheme)
-		return NS_OK;
-  
-  if (!PL_strncasecmp(scheme, "https",  5))
-		*value = PR_TRUE;
-	
-	nsMemory::Free(scheme);
-	return NS_OK;
-}
-
-void
-nsSecureBrowserUIImpl::GetBundleString(const PRUnichar* name,
-                                       nsString &outString)
-{
-  if (mStringBundle && name) {
-    PRUnichar *ptrv = nsnull;
-    if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name,
-                                                      &ptrv)))
-      outString = ptrv;
-    else
-      outString.SetLength(0);
-    
-    nsMemory::Free(ptrv);
-    
-  } else {
-    outString.SetLength(0);
-  }
-}
-
-nsresult 
-nsSecureBrowserUIImpl::CheckProtocolContextSwitch(nsISecurityEventSink* eventSink,
-                                                  nsIRequest* aRequest,
-                                                  nsIChannel* aChannel)
-{
-  PRInt32 newSecurityState, oldSecurityState = mSecurityState;
-  
-  newSecurityState = GetSecurityStateFromChannel(aChannel);
-  mSecurityState = newSecurityState;
-
-  // Check to see if we are going from a secure page to an insecure page
-  if (newSecurityState == STATE_IS_INSECURE &&
-      (IS_SECURE(oldSecurityState) ||
-       oldSecurityState == STATE_IS_BROKEN)) {
-
-    SetBrokenLockIcon(eventSink, aRequest, PR_TRUE);
-
-    AlertLeavingSecure();
-
-  }
-  // check to see if we are going from an insecure page to a secure one.
-  else if ((newSecurityState == (STATE_IS_SECURE|STATE_SECURE_HIGH) ||
-            newSecurityState == STATE_IS_BROKEN) &&
-           oldSecurityState == STATE_IS_INSECURE) {
-    AlertEnteringSecure();
-  }
-  // check to see if we are going from a strong or insecure page to a
-  // weak one.
-  else if ((IS_SECURE(newSecurityState) &&
-            newSecurityState != (STATE_IS_SECURE|STATE_SECURE_HIGH)) &&
-           (oldSecurityState == STATE_IS_INSECURE ||
-            oldSecurityState == (STATE_IS_SECURE|STATE_SECURE_HIGH))) {
-
-    AlertEnteringWeak();
-  }
-  
-  mSecurityState = newSecurityState;
-  return NS_OK;
-}
-
-nsresult
-nsSecureBrowserUIImpl::CheckMixedContext(nsISecurityEventSink *eventSink,
-                                         nsIRequest* aRequest, nsIChannel* aChannel)
-{
-  PRInt32 newSecurityState;
-
-  newSecurityState = GetSecurityStateFromChannel(aChannel);
-
-  // Deal with http redirect to https //
-  if (mSecurityState == STATE_IS_INSECURE && newSecurityState != STATE_IS_INSECURE) {
-      return CheckProtocolContextSwitch(eventSink, aRequest, aChannel);
-  }
-
-  if ((newSecurityState == STATE_IS_INSECURE ||
-       newSecurityState == STATE_IS_BROKEN) &&
-      IS_SECURE(mSecurityState)) {
-    
-    // work-around for bug 48515
-    nsCOMPtr<nsIURI> aURI;
-    aChannel->GetURI(getter_AddRefs(aURI));
-
-    nsXPIDLCString temp;
-    aURI->GetSpec(getter_Copies(temp));
-
-    if (!nsCRT::strncmp((const char*) temp, "file:", 5) ||
-        !nsCRT::strcmp((const char*) temp, "about:layout-dummy-request")) {
-      return NS_OK;
-    }
-
-    mSecurityState = STATE_IS_BROKEN;
-    SetBrokenLockIcon(eventSink, aRequest);
-
-    // Show alert to user (first time only)
-    // NOTE: doesn't mSecurityState provide the correct
-    // one-time checking?? Why have mMixContentAlertShown
-    // as well?
-    if (!mMixContentAlertShown) {
-      AlertMixedMode();
-      mMixContentAlertShown = PR_TRUE;
-    }
-  }
-  
-  return NS_OK;
-}
-
-nsresult
-nsSecureBrowserUIImpl::CheckPost(nsIURI *formURL, nsIURI *actionURL, PRBool *okayToPost)
-{
-  PRBool formSecure,actionSecure;
-  *okayToPost = PR_TRUE;
-
-  nsresult rv = IsURLHTTPS(formURL, &formSecure);
-  if (NS_FAILED(rv))
-    return rv;
-
-  rv = IsURLHTTPS(actionURL, &actionSecure);
-  if (NS_FAILED(rv))
-    return rv;
-  
-  // if we are posting to a secure link from a secure page, all is okay.
-  if (actionSecure && formSecure) {
-    return NS_OK;
-  }
-    
-  // posting to insecure webpage from a secure webpage.
-  if (!actionSecure && formSecure) {
-    *okayToPost = ConfirmPostToInsecureFromSecure();
-  } else {
-    *okayToPost = ConfirmPostToInsecure();
-  }
-  
-  return NS_OK;
-}
-
-nsresult
-nsSecureBrowserUIImpl::SetBrokenLockIcon(nsISecurityEventSink *eventSink,
-                                         nsIRequest* aRequest,
-                                         PRBool removeValue)
-{
-  nsresult rv = NS_OK;
-  if (removeValue) {
-    if (eventSink)
-      (void) eventSink->OnSecurityChange(aRequest, STATE_IS_INSECURE);
-  } else {
-    if (eventSink)
-      (void) eventSink->OnSecurityChange(aRequest, (STATE_IS_BROKEN));
-  }
-  
-  nsAutoString tooltiptext;
-  GetBundleString(NS_LITERAL_STRING("SecurityButtonTooltipText").get(),
-                  tooltiptext);
-
-  /* TNH - need tooltip notification here */
-  if (mSecurityButton)
-    rv = mSecurityButton->SetAttribute(NS_LITERAL_STRING("tooltiptext"),
-                                       tooltiptext);
-  return rv;
-}
-
-//
-// Implementation of an nsIInterfaceRequestor for use
-// as context for NSS calls
-//
-class nsUIContext : public nsIInterfaceRequestor
-{
-public:
-  NS_DECL_ISUPPORTS
-  NS_DECL_NSIINTERFACEREQUESTOR
-
-  nsUIContext(nsIDOMWindow *window);
-  virtual ~nsUIContext();
-
-private:
-  nsCOMPtr<nsIDOMWindow> mWindow;
-};
-
-NS_IMPL_ISUPPORTS1(nsUIContext, nsIInterfaceRequestor)
-
-nsUIContext::nsUIContext(nsIDOMWindow *aWindow)
-: mWindow(aWindow)
-{
-  NS_INIT_ISUPPORTS();
-}
-
-nsUIContext::~nsUIContext()
-{
-}
-
-/* void getInterface (in nsIIDRef uuid, [iid_is (uuid), retval] out nsQIResult result); */
-NS_IMETHODIMP nsUIContext::GetInterface(const nsIID & uuid, void * *result)
-{
-  nsresult rv;
-
-  if (uuid.Equals(NS_GET_IID(nsIPrompt))) {
-    nsCOMPtr<nsIDOMWindowInternal> internal = do_QueryInterface(mWindow, &rv);
-    if (NS_FAILED(rv)) return rv;
-
-    nsIPrompt *prompt;
-
-    rv = internal->GetPrompter(&prompt);
-    *result = prompt;
-  } else {
-    rv = NS_ERROR_NO_INTERFACE;
-  }
-
-  return rv;
-}
-
-nsresult nsSecureBrowserUIImpl::
-GetNSSDialogs(nsISecurityWarningDialogs **result)
-{
-  nsresult rv;
-  nsCOMPtr<nsISecurityWarningDialogs> my_result(do_GetService(kNSSDialogsContractId, &rv));
-
-  if (NS_FAILED(rv)) 
-    return rv;
-
-  nsCOMPtr<nsIProxyObjectManager> proxyman(do_GetService(NS_XPCOMPROXY_CONTRACTID));
-  if (!proxyman)
-    return NS_ERROR_FAILURE;
-
-  nsCOMPtr<nsISupports> proxiedResult;
-  proxyman->GetProxyForObject(NS_UI_THREAD_EVENTQ,
-                              NS_GET_IID(nsISecurityWarningDialogs),
-                              my_result, PROXY_SYNC,
-                              getter_AddRefs(proxiedResult));
-
-  if (!proxiedResult) {
-    return NS_ERROR_FAILURE;
-  }
-
-  return CallQueryInterface(proxiedResult, result);
-}
-
-void nsSecureBrowserUIImpl::
-AlertEnteringSecure()
-{
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return;
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  dialogs->AlertEnteringSecure(ctx);
-
-  return;
-}
-
-void nsSecureBrowserUIImpl::
-AlertEnteringWeak()
-{
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return;
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  dialogs->AlertEnteringWeak(ctx);
-
-  return;
-}
-
-void nsSecureBrowserUIImpl::
-AlertLeavingSecure()
-{
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return;
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  dialogs->AlertLeavingSecure(ctx);
-
-  return;
-}
-
-void nsSecureBrowserUIImpl::
-AlertMixedMode()
-{
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return;
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  dialogs->AlertMixedMode(ctx);
-
-  return;
-}
-
-/**
- * ConfirmPostToInsecure - returns PR_TRUE if
- *   the user approves the submit (or doesn't care).
- *   returns PR_FALSE on errors.
- */
-PRBool nsSecureBrowserUIImpl::
-ConfirmPostToInsecure()
-{
-  nsresult rv;
-
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return PR_FALSE;  // Should this allow PR_TRUE for unimplemented?
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  PRBool result;
-
-  rv = dialogs->ConfirmPostToInsecure(ctx, &result);
-  if (NS_FAILED(rv)) return PR_FALSE;
-
-  return result;
-}
-
-/**
- * ConfirmPostToInsecureFromSecure - returns PR_TRUE if
- *   the user approves the submit (or doesn't care).
- *   returns PR_FALSE on errors.
- */
-PRBool nsSecureBrowserUIImpl::
-ConfirmPostToInsecureFromSecure()
-{
-  nsresult rv;
-
-  nsCOMPtr<nsISecurityWarningDialogs> dialogs;
-
-  GetNSSDialogs(getter_AddRefs(dialogs));
-  if (!dialogs) return PR_FALSE;  // Should this allow PR_TRUE for unimplemented?
-
-  nsCOMPtr<nsIInterfaceRequestor> ctx = new nsUIContext(mWindow);
-
-  PRBool result;
-
-  rv = dialogs->ConfirmPostToInsecureFromSecure(ctx, &result);
-  if (NS_FAILED(rv)) return PR_FALSE;
-
-  return result;
-}

mozilla/security/manager/boot/src/nsSecureBrowserUIImpl.h

@@ -1,117 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998-2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Hubbie Shaw
- *   Doug Turner <dougt@netscape.com>
- *   Brian Ryner <bryner@netscape.com>
- *   Kai Engert <kaie@netscape.com>
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef nsSecureBrowserUIImpl_h_
-#define nsSecureBrowserUIImpl_h_
-
-#include "nsCOMPtr.h"
-#include "nsXPIDLString.h"
-#include "nsString.h"
-#include "nsIObserver.h"
-#include "nsIDOMElement.h"
-#include "nsIDOMWindow.h"
-#include "nsIStringBundle.h"
-#include "nsISecureBrowserUI.h"
-#include "nsIDocShell.h"
-#include "nsIWebProgressListener.h"
-#include "nsIFormSubmitObserver.h"
-#include "nsIURI.h"
-#include "nsISecurityEventSink.h"
-#include "nsWeakReference.h"
-#include "nsISSLStatusProvider.h"
-
-class nsITransportSecurityInfo;
-class nsISecurityWarningDialogs;
-
-#define NS_SECURE_BROWSER_UI_CID \
-{ 0xcc75499a, 0x1dd1, 0x11b2, {0x8a, 0x82, 0xca, 0x41, 0x0a, 0xc9, 0x07, 0xb8}}
-
-
-class nsSecureBrowserUIImpl : public nsISecureBrowserUI,
-                              public nsIWebProgressListener,
-                              public nsIFormSubmitObserver,
-                              public nsIObserver,
-                              public nsSupportsWeakReference,
-                              public nsISSLStatusProvider
-{
-public:
-  
-  nsSecureBrowserUIImpl();
-  virtual ~nsSecureBrowserUIImpl();
-  
-  NS_DECL_ISUPPORTS
-  NS_DECL_NSIWEBPROGRESSLISTENER
-  NS_DECL_NSISECUREBROWSERUI
-  
-  // nsIObserver
-  NS_DECL_NSIOBSERVER
-  NS_DECL_NSISSLSTATUSPROVIDER
-
-  NS_IMETHOD Notify(nsIContent* formNode, nsIDOMWindowInternal* window,
-                    nsIURI *actionURL, PRBool* cancelSubmit);
-  
-protected:
-  
-  nsCOMPtr<nsIDOMWindow> mWindow;
-  nsCOMPtr<nsIDOMElement> mSecurityButton;
-  nsCOMPtr<nsIStringBundle> mStringBundle;
-  nsCOMPtr<nsIURI> mCurrentURI;
-  
-  PRBool mMixContentAlertShown;
-  PRInt32 mSecurityState;
-  PRBool mFirstRequest;
-
-  nsCOMPtr<nsISupports> mSSLStatus;
-
-  void GetBundleString(const PRUnichar* name, nsString &outString);
-  
-  nsresult CheckProtocolContextSwitch(nsISecurityEventSink* sink,
-                                      nsIRequest* request, nsIChannel* aChannel);
-  nsresult CheckMixedContext(nsISecurityEventSink* sink, nsIRequest* request,
-                             nsIChannel* aChannel);
-  nsresult CheckPost(nsIURI *formURI, nsIURI *actionURL, PRBool *okayToPost);
-  nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
-  nsresult SetBrokenLockIcon(nsISecurityEventSink* sink, nsIRequest* request,
-                             PRBool removeValue = PR_FALSE);
-
-  // Alerts for security transitions
-  void AlertEnteringSecure();
-  void AlertEnteringWeak();
-  void AlertLeavingSecure();
-  void AlertMixedMode();
-  PRBool ConfirmPostToInsecure();
-  PRBool ConfirmPostToInsecureFromSecure();
-
-  // Support functions
-  nsresult GetNSSDialogs(nsISecurityWarningDialogs **);
-
-};
-
-
-#endif /* nsSecureBrowserUIImpl_h_ */

mozilla/security/manager/pki/makefile.win

@@ -1,41 +0,0 @@
-#!nmake
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#	Terry Hayes <thayes@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH=..\..\..
-include <$(DEPTH)/config/config.mak>
-
-DIRS = public src resources
-
-include <$(DEPTH)\config\rules.mak>

mozilla/security/manager/pki/public/Makefile.in

@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#  Javier Delgadillo <javi@netscape.com>
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-MODULE = pippki
-
-DEPTH           = ../../../..
-topsrcdir       = @top_srcdir@
-srcdir          = @srcdir@
-VPATH           = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-XPIDLSRCS = \
-    nsIPKIParamBlock.idl \
-    nsIASN1Outliner.idl \
-    $(NULL)
-
-include $(topsrcdir)/config/rules.mk

mozilla/security/manager/pki/public/makefile.win

@@ -1,51 +0,0 @@
-#!nmake
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#	Javier Delgadillo
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MODULE = pippki
-
-DEPTH=..\..\..\..
-IGNORE_MANIFEST=1
-
-include <$(DEPTH)/config/config.mak>
-
-XPIDL_INCLUDES=-I$(DEPTH)\dist\idl
-
-XPIDLSRCS= \
-    .\nsIPKIParamBlock.idl \
-    .\nsIASN1Outliner.idl \
-    $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>

mozilla/security/manager/pki/public/nsIASN1Outliner.idl

@@ -1,54 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *   Ian McGreer <mcgreer@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nsISupports.idl"
-#include "nsIOutlinerView.idl"
-#include "nsIX509Cert.idl"
-
-[scriptable, uuid(c727b2f2-1dd1-11b2-95df-f63c15b4cd35)]
-interface nsIASN1Outliner : nsIOutlinerView {
-
-  void loadASN1Structure(in nsIASN1Object asn1Object);
-
-  wstring getDisplayData(in unsigned long index);
-
-};
-
-%{C++
-
-#define NS_ASN1OUTLINER_CONTRACTID "@mozilla.org/security/nsASN1Outliner;1"
-
-%}
-

mozilla/security/manager/pki/public/nsIASN1Tree.idl

@@ -1,54 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *   Ian McGreer <mcgreer@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nsISupports.idl"
-#include "nsIOutlinerView.idl"
-#include "nsIX509Cert.idl"
-
-[scriptable, uuid(c727b2f2-1dd1-11b2-95df-f63c15b4cd35)]
-interface nsIASN1Outliner : nsIOutlinerView {
-
-  void loadASN1Structure(in nsIASN1Object asn1Object);
-
-  wstring getDisplayData(in unsigned long index);
-
-};
-
-%{C++
-
-#define NS_ASN1OUTLINER_CONTRACTID "@mozilla.org/security/nsASN1Outliner;1"
-
-%}
-

mozilla/security/manager/pki/public/nsIPKIParamBlock.idl

@@ -1,43 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *   Javier Delgadillo <javi@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nsISupports.idl"
-
-[scriptable, uuid(b6fe3d78-1dd1-11b2-9058-ced9016984c8)]
-interface nsIPKIParamBlock : nsISupports {
-
-  void setISupportAtIndex(in PRInt32 index, in nsISupports object);
-  nsISupports getISupportAtIndex(in PRInt32 index);
-};

mozilla/security/manager/pki/resources/content/CAOverlay.xul

@@ -1,66 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<overlay id="CAOverlay" 
-         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
-         xmlns:cert="http://netscape.com/rdf-cert#" 
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-
-  <vbox id="CACerts">
-    <description>&certmgr.cas;</description>
-    <separator class="thin"/>
-    <outliner id="ca-outliner" multiple="true" enableColumnDrag="true"
-              onselect="ca_enableButtons()" flex="1">
-      <outlinercol id="certcol" label="&certmgr.certname;" primary="true" 
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="tokencol" label="&certmgr.tokenname;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-<!--      <outlinercol id="certdbkeycol" collapsed="true" flex="1"/> -->
-      <outlinerbody flex="1" ondblclick="viewCerts();"/>
-    </outliner>
-    <hbox>
-      <button id="ca_viewButton"
-              label="&certmgr.view.label;"
-              disabled="true" oncommand="viewCerts();"/>
-      <button id="ca_editButton"
-              label="&certmgr.edit.label;"
-              disabled="true" oncommand="editCerts();"/>
-<!-- future - import a DER cert?
-      <button id="ca_addButton"
-              label="&certmgr.add.label;"
-              oncommand="addCerts();"/>
--->
-      <button id="ca_deleteButton"
-              label="&certmgr.delete.label;"
-              disabled="true" oncommand="deleteCerts();"/>
-    </hbox>
-  </vbox>
-</overlay>

mozilla/security/manager/pki/resources/content/MineOverlay.xul

@@ -1,87 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<overlay id="MineOverlay" 
-         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
-         xmlns:cert="http://netscape.com/rdf-cert#" 
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-
-  <vbox id="myCerts">
-    <description>&certmgr.mine;</description>
-    <separator class="thin"/>
-    <outliner id="user-outliner" multiple="true" enableColumnDrag="true"
-              onselect="mine_enableButtons()" flex="1">
-      <outlinercol id="certcol" label="&certmgr.certname;" primary="true" 
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="tokencol" label="&certmgr.tokenname;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="verifiedcol" 
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="purposecol" label="&certmgr.purpose;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="serialnumcol" label="&certmgr.serial;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="issuedcol" label="&certmgr.issued;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   hidden="true" persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="expiredcol" label="&certmgr.expires;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-<!--      <outlinercol id="certdbkeycol" collapsed="true" flex="1"/> -->
-      <outlinerbody flex="1" ondblclick="viewCerts();"/>
-    </outliner>
-    <hbox>
-       <button id="mine_viewButton" class="normal" 
-               label="&certmgr.view.label;"
-               disabled="true" oncommand="viewCerts();"/>
-       <button id="mine_backupButton" class="normal" 
-               label="&certmgr.backup.label;"
-               disabled="true" oncommand="backupCerts();"/>
-       <button id="mine_backupAllButton" class="normal" 
-               label="&certmgr.backupall.label;"
-               oncommand="backupAllCerts();"/>
-       <button id="mine_restoreButton" class="normal" 
-               label="&certmgr.restore.label;"
-               oncommand="restoreCerts();"/>
-       <button id="mine_deleteButton" class="normal" 
-               label="&certmgr.delete.label;"
-               disabled="true" oncommand="deleteCerts();"/>
-    </hbox>
-  </vbox>
-</overlay>

mozilla/security/manager/pki/resources/content/OthersOverlay.xul

@@ -1,83 +0,0 @@
-<?xml version="1.0"?>
-<!-- ***** BEGIN LICENSE BLOCK *****
-   - Version: MPL 1.1/GPL 2.0/LGPL 2.1
-   -
-   - The contents of this file are subject to the Mozilla Public License Version
-   - 1.1 (the "License"); you may not use this file except in compliance with
-   - the License. You may obtain a copy of the License at
-   - http://www.mozilla.org/MPL/
-   -
-   - Software distributed under the License is distributed on an "AS IS" basis,
-   - WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-   - for the specific language governing rights and limitations under the
-   - License.
-   -
-   - The Original Code is Mozilla Communicator
-   -
-   - The Initial Developer of the Original Code is
-   - Netscape Communications Corp..
-   - Portions created by the Initial Developer are Copyright (C) 2001
-   - the Initial Developer. All Rights Reserved.
-   -
-   - Contributor(s): Kai Engert <kaie@netscape.com>
-   -
-   - Alternatively, the contents of this file may be used under the terms of
-   - either the GNU General Public License Version 2 or later (the "GPL"), or
-   - the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-   - in which case the provisions of the GPL or the LGPL are applicable instead
-   - of those above. If you wish to allow use of your version of this file only
-   - under the terms of either the GPL or the LGPL, and not to allow others to
-   - use your version of this file under the terms of the MPL, indicate your
-   - decision by deleting the provisions above and replace them with the notice
-   - and other provisions required by the LGPL or the GPL. If you do not delete
-   - the provisions above, a recipient may use your version of this file under
-   - the terms of any one of the MPL, the GPL or the LGPL.
-   -
-   - ***** END LICENSE BLOCK ***** -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<overlay id="WebSitesOverlay" 
-         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
-         xmlns:cert="http://netscape.com/rdf-cert#" 
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-
-  <vbox id="othersCerts">
-    <description>&certmgr.others;</description>
-    <separator class="thin"/>
-    <outliner id="email-outliner" multiple="true"
-              onselect="email_enableButtons()" flex="1">
-      <outlinercol id="certcol" label="&certmgr.certname;" primary="true" 
-                   class="outlinercol-header outlinercell-inset-header" 
-                   flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="emailcol" label="&certmgr.email;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="tokencol" label="&certmgr.tokenname;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   flex="1"/>
-<!--      <outlinercol id="certdbkeycol" collapsed="true" flex="1"/> -->
-      <outlinerbody flex="1" ondblclick="viewCerts();"/>
-    </outliner>
-    <hbox>
-      <button id="email_viewButton"
-              label="&certmgr.view.label;"
-              disabled="true" oncommand="viewCerts();"/>
-      <button id="email_editButton"
-              label="&certmgr.edit.label;"
-              disabled="true" oncommand="editCerts();"/>
-<!-- future - import a DER cert?
-      <button id="email_addButton"
-              label="&certmgr.add.label;"
-              oncommand="addCerts();"/>
--->
-      <button id="email_deleteButton"
-              label="&certmgr.delete.label;"
-              disabled="true" oncommand="deleteCerts();"/>
-    </hbox>
-  </vbox>
-</overlay>

mozilla/security/manager/pki/resources/content/PageInfoOverlay.xul

@@ -1,210 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Terry Hayes <thayes@netscape.com>
-  -->
-
-<!-- This file extends "chrome://navigator/content/pageInfo.xul" -->
-
-<!DOCTYPE overlay SYSTEM "chrome://pippki/locale/PageInfoOverlay.dtd">
-
-<overlay id="pipPageInfoOverlayID"
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-  <script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-  <script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
-  <script type="application/x-javascript">
-  <![CDATA[
-    var security = {
-      // Display the server certificate (static)
-      viewCert : function () {
-        var cert = security._cert;
-        if (cert) cert.view();
-      },
-
-      _getSecurityInfo : function() {
-        const nsIX509Cert = Components.interfaces.nsIX509Cert;
-        const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
-        const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
-        const nsISSLStatusProvider = Components.interfaces.nsISSLStatusProvider;
-        const nsISSLStatus = Components.interfaces.nsISSLStatus;
-
-        // Get the window for this information
-        var w;
-        if ("arguments" in window && window.arguments.length > 1 && window.arguments[0])
-          w = window.arguments[0];
-        else
-          w = window.opener.frames[0];
-
-        var hName = null;
-        try
-        {
-           hName = w.location.host;
-        } catch(exception){}
-
-        var ui = security._getSecurityUI();
-        var sp = ui.QueryInterface(nsISSLStatusProvider);
-        var status = sp.SSLStatus;
-        if (status) {
-          status = status.QueryInterface(nsISSLStatus);
-        }
-        if (status) {
-          var cert = status.serverCert;
-          var issuerName;
-
-          issuerName = this.mapIssuerOrganization(cert.issuerOrganization);
-          if (!issuerName) issuerName = cert.issuerName;
-        
-          return {
-            hostName : hName,
-            cAName : issuerName,
-            encryptionAlgorithm : status.cipherName,
-            encryptionStrength : status.secretKeyLength,
-            cert : cert
-          };
-        } else {
-          return {
-            hostName : hName,
-            cAName : "",
-            encryptionAlgorithm : "",
-            encryptionStrength : 0,
-            cert : null
-          };
-        } 
-      },
-
-      // Find the secureBrowserUI object (if present)
-      _getSecurityUI : function() {
-        return window.opener.gBrowser.boxObject.getPropertyAsSupports("secureBrowserUI");
-      },
-
-      // Interface for mapping a certificate issuer organization to
-      // the value to be displayed.
-      // Bug 82017 - this implementation should be moved to pipnss C++ code
-      mapIssuerOrganization: function(name) {
-        if (!name) return null;
-
-        if (name == "RSA Data Security, Inc.") return "Verisign, Inc.";
-
-        // No mapping required
-        return name;
-      },
-
-      _cert : null
-    };
-
-    function securityOnLoad() {
-      var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-
-      var info = security._getSecurityInfo();
-      var idHdr;
-      var message1;
-      var message2;
-
-      /* Set the identification messages */
-      if (info.cert)
-      {
-        idHdr = bundle.GetStringFromName("pageInfo_WebSiteVerified");
-        document.getElementById("security-identity").setAttribute("value", idHdr);
-
-        message1 = bundle.formatStringFromName("pageInfo_Identity_Verified", 
-                                [ info.hostName, info.cAName ],
-                                2);
-        setText("security-identity-text", message1);
-
-        var viewText = bundle.GetStringFromName("pageInfo_ViewCertificate");
-        setText("security-view-text", viewText);
-        security._cert = info.cert;
-      } else {
-        idHdr = bundle.GetStringFromName("pageInfo_SiteNotVerified");
-        document.getElementById("security-identity").setAttribute("value", idHdr);
-
-        document.getElementById("security-view-cert").setAttribute("disabled", "true");
-        document.getElementById("security-view-cert").setAttribute("hidden", "true");
-      }
-
-      var hdr;
-      var msg1;
-      var msg2;
-      
-      /* Set the encryption messages */
-      if (info.encryptionStrength >= 90) {
-        hdr = bundle.formatStringFromName("pageInfo_StrongEncryption",
-                             [ info.encryptionAlgorithm, info.encryptionStrength+"" ], 2);
-        document.getElementById("security-privacy").setAttribute("value", hdr);
-
-        msg1 = bundle.GetStringFromName("pageInfo_Privacy_Strong1");
-        setText("security-privacy-msg1", msg1);
-
-        msg2 = bundle.GetStringFromName("pageInfo_Privacy_Strong2");
-        setText("security-privacy-msg2", msg2);
-
-        security._cert = info.cert;
-      } else if (info.encryptionStrength > 0) {
-        hdr = bundle.formatStringFromName("pageInfo_WeakEncryption",
-                             [ info.encryptionAlgorithm, info.encryptionStrength+"" ], 2);
-        document.getElementById("security-privacy").setAttribute("value", hdr);
-
-        msg1 = bundle.formatStringFromName("pageInfo_Privacy_Weak1",
-                                               [ info.hostName ], 1);
-        setText("security-privacy-msg1", msg1);
-
-        msg2 = bundle.GetStringFromName("pageInfo_Privacy_Weak2");
-        setText("security-privacy-msg2", msg2);
-      } else {
-        hdr = bundle.GetStringFromName("pageInfo_NoEncryption");
-        document.getElementById("security-privacy").setAttribute("value", hdr);
-
-        if(info.hostName != null)
-          msg1 = bundle.formatStringFromName("pageInfo_Privacy_None1", [ info.hostName ], 1);
-        else
-          msg1 = bundle.GetStringFromName("pageInfo_Privacy_None3");
-
-        setText("security-privacy-msg1", msg1);
-
-        msg2 = bundle.GetStringFromName("pageInfo_Privacy_None2");
-        setText("security-privacy-msg2", msg2);
-      }
-    }
-
-    /* Register for pageInfo onload calls */
-    onLoadRegistry.push(securityOnLoad);
-  ]]>
-  </script>
-  <tabs id="tabs">
-    <tab id="securityTab" label="&pageInfo.securityTab;"/>
-  </tabs>
-  <tabpanels id="tabpanels">
-    <vbox id="securityPanel" flex="1">
-      <label id="security-identity" class="header"/>
-      <description id="security-identity-text" flex="1"/>
-      <hbox>
-        <button id="security-view-cert" label="&pageInfo.view.label;" 
-                oncommand="security.viewCert();"/>
-        <description id="security-view-text" flex="1"/>
-      </hbox>
-      <separator class="groove"/>
-      <label id="security-privacy" class="header"/>
-      <vbox flex="1">
-        <description id="security-privacy-msg1"/>
-        <description id="security-privacy-msg2"/>
-      </vbox>
-    </vbox>
-  </tabpanels>
-</overlay>

mozilla/security/manager/pki/resources/content/PrefOverlay.xul

@@ -1,57 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Terry Hayes <thayes@netscape.com>
-  -->
-
-<!-- This file overlays "chrome://communicator/content/pref/preftree.xul" -->
-
-<!DOCTYPE overlay SYSTEM "chrome://pippki/locale/PrefOverlay.dtd">
-
-<overlay id="pipPrefOverlayID"
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-
-  <treechildren id="securityChildren">
-    <treeitem id="masterpassItem">
-      <treerow>
-        <treecell class="treecell-indent" url="chrome://pippki/content/pref-masterpass.xul"
-                  label="&masterpass.label;"/>
-      </treerow>
-    </treeitem>
-    <treeitem id="sslItem">
-      <treerow>
-        <treecell class="treecell-indent" url="chrome://pippki/content/pref-ssl.xul"
-                  label="&ssl.label;"/>
-      </treerow>
-    </treeitem>
-    <treeitem id="certItem">
-      <treerow>
-        <treecell class="treecell-indent" url="chrome://pippki/content/pref-certs.xul"
-                  label="&certs.label;"/>
-      </treerow>
-    </treeitem>
-    <treeitem id="validationItem">
-      <treerow>
-        <treecell class="treecell-indent" url="chrome://pippki/content/pref-validation.xul"
-                 label="&validation.label;"/>
-      </treerow>
-    </treeitem>
-  </treechildren>
-</overlay>

mozilla/security/manager/pki/resources/content/WebSitesOverlay.xul

@@ -1,66 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<overlay id="WebSitesOverlay" 
-         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
-         xmlns:cert="http://netscape.com/rdf-cert#" 
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-
-  <vbox id="webCerts">
-    <description>&certmgr.websites;</description>
-    <separator class="thin"/>
-    <outliner id="server-outliner" multiple="true" enableColumnDrag="true"
-              onselect="websites_enableButtons()" flex="1">
-      <outlinercol id="certcol" label="&certmgr.certname;" primary="true" 
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-      <splitter class="tree-splitter"/>
-      <outlinercol id="tokencol" label="&certmgr.tokenname;"
-                   class="outlinercol-header outlinercell-inset-header" 
-                   persist="hidden width ordinal" flex="1"/>
-<!--      <outlinercol id="certdbkeycol" collapsed="true" flex="1"/> -->
-      <outlinerbody flex="1" ondblclick="viewCerts();"/>
-    </outliner>
-    <hbox>
-      <button id="websites_viewButton"
-              label="&certmgr.view.label;"
-              disabled="true" oncommand="viewCerts();"/>
-      <button id="websites_editButton"
-              label="&certmgr.edit.label;"
-              disabled="true" oncommand="editCerts();"/>
-<!-- future - import a DER cert?
-      <button id="websites_addButton"
-              label="&certmgr.add.label;"
-              oncommand="addCerts();"/>
--->
-      <button id="websites_deleteButton"
-              label="&certmgr.delete.label;"
-              disabled="true" oncommand="deleteCerts();"/>
-    </hbox>
-  </vbox>
-</overlay>

mozilla/security/manager/pki/resources/content/cacertexists.js

@@ -1,26 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *  Rangan Sen <rangansen@netscape.com>
- */
-
-function doOK()
-{
-  window.close();
-}

mozilla/security/manager/pki/resources/content/cacertexists.xul

@@ -1,52 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Rangan Sen <rangansen@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/pippki.dtd">
-
-<window id="cacertexists" 
-  title="&caCertExists.title;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-  onload="setWindowName();">
-
-  <script type="application/x-javascript" src="chrome://pippki/content/cacertexists.js"/>
-  <script type="application/x-javascript" src="chrome://help/content/help.js"/>
-
-
-  <vbox flex="1">
-    <description>&caCertExists.message;</description>
-    
-    <separator/>
-
-    <hbox align="center">
-      <button id="ok-button" label="&ok.label;"
-              oncommand="doOK();"/> 
-    </hbox>
-    
-    <separator/>
-
-  </vbox>
-
-</window>
-

mozilla/security/manager/pki/resources/content/certDump.xul

@@ -1,51 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-   -   Javier Delgadillo <javi@netscape.com>
-  -->
-
-<!DOCTYPE overlay SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<overlay id="certDumpOverlay" 
-         xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
-         xmlns:cert="http://netscape.com/rdf-cert#" 
-         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-<vbox class="box-padded" id="certPrettyPrint" flex="1">
-  <label class="header" value="&certmgr.hierarchy.label;"/>
-  <tree id="treesetDump" rows="4"
-        onselect="updateCertDump();">
-    <treecolgroup>
-      <treecol flex="1"/>
-    </treecolgroup>
-    <treechildren id="chainDump"/>
-  </tree>
-  <outliner class="inset" id="prettyDumpOutliner" style="height:150px">
-    <outlinercol flex ="1" id="certDataCol" label="&certmgr.details.label;"
-                 ignoreincolumnpicker="true" class="header outlinercol-header" primary="true"/>
-    <splitter/>
-    <outlinerbody flex="1" onselect="displaySelected();"/>
-  </outliner>
-  <label class="header" value="&certmgr.fields.label;"/>
-  <textbox class="inset" id="certDumpVal"  multiline="true" rows="8"
-           readonly="true" style="font-family: -moz-fixed;"/>
-</vbox>
-</overlay>

mozilla/security/manager/pki/resources/content/certManager.js

@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *  Bob Lord <lord@netscape.com>
- *  Ian McGreer <mcgreer@netscape.com>
- */
-
-const nsIFilePicker = Components.interfaces.nsIFilePicker;
-const nsFilePicker = "@mozilla.org/filepicker;1";
-const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
-const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
-const nsIX509Cert = Components.interfaces.nsIX509Cert;
-const nsICertOutliner = Components.interfaces.nsICertOutliner;
-const nsCertOutliner = "@mozilla.org/security/nsCertOutliner;1";
-const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
-const nsDialogParamBlock = "@mozilla.org/embedcomp/dialogparam;1";
-const nsIPKIParamBlock    = Components.interfaces.nsIPKIParamBlock;
-const nsPKIParamBlock    = "@mozilla.org/security/pkiparamblock;1";
-
-
-var helpURL = "chrome://help/content/help.xul";
-var key;
-
-var selected_certs = [];
-var certdb;
-
-var caOutlinerView;
-var serverOutlinerView;
-var emailOutlinerView;
-var userOutlinerView;
-
-function LoadCerts()
-{
-  certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
-
-  caOutlinerView = Components.classes[nsCertOutliner]
-                    .createInstance(nsICertOutliner);
-  caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
-  document.getElementById('ca-outliner')
-   .outlinerBoxObject.view = caOutlinerView;
-
-  serverOutlinerView = Components.classes[nsCertOutliner]
-                        .createInstance(nsICertOutliner);
-  serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
-  document.getElementById('server-outliner')
-   .outlinerBoxObject.view = serverOutlinerView;
-
-  emailOutlinerView = Components.classes[nsCertOutliner]
-                       .createInstance(nsICertOutliner);
-  emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
-  document.getElementById('email-outliner')
-   .outlinerBoxObject.view = emailOutlinerView; 
-
-  userOutlinerView = Components.classes[nsCertOutliner]
-                      .createInstance(nsICertOutliner);
-  userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
-  document.getElementById('user-outliner')
-   .outlinerBoxObject.view = userOutlinerView;
-
-  var rowCnt = userOutlinerView.rowCount;
-  var enableBackupAllButton=document.getElementById('mine_backupAllButton');
-  if(rowCnt < 1) {
-    enableBackupAllButton.setAttribute("disabled",true);
-  } else  {
-    enableBackupAllButton.setAttribute("enabled",true);
-  }
-
-
-  var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-  var verifiedColText;
-  if (certdb.ocspOn) {
-    verifiedColText = bundle.GetStringFromName("certmgr.verifiedNoOCSP");
-  } else {
-    verifiedColText = bundle.GetStringFromName("certmgr.verified");
-  }
-  var verifiedCol = document.getElementById('verifiedcol');
-  verifiedCol.setAttribute('label', verifiedColText);
-}
-
-function ReloadCerts()
-{
-  caOutlinerView.loadCerts(nsIX509Cert.CA_CERT);
-  serverOutlinerView.loadCerts(nsIX509Cert.SERVER_CERT);
-  emailOutlinerView.loadCerts(nsIX509Cert.EMAIL_CERT);
-  userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
-}
-
-function getSelectedTab()
-{
-  var selTab = document.getElementById('certMgrTabbox').selectedItem;
-  var selTabID = selTab.getAttribute('id');
-  if (selTabID == 'mine_tab') {
-    key = "?my_certs";
-  } else if (selTabID == "others_tab") {
-    key = "?others_certs";
-  } else if (selTabID == "websites_tab") {
-    key = "?web_certs";
-  } else if (selTabID == "ca_tab") {
-    key = "?ca_certs";
-  }  
-  var context = helpURL + key;
-  return context;
-}
-
-
-function doHelpButton() {
-   var uri = getSelectedTab();
-   openHelp(uri);
-}
-
-
-function getSelectedCerts()
-{
-  var ca_tab = document.getElementById("ca_tab");
-  var mine_tab = document.getElementById("mine_tab");
-  var others_tab = document.getElementById("others_tab");
-  var websites_tab = document.getElementById("websites_tab");
-  var items = null;
-  if (ca_tab.selected) {
-    items = caOutlinerView.selection;
-  } else if (mine_tab.selected) {
-    items = userOutlinerView.selection;
-  } else if (others_tab.selected) {
-    items = emailOutlinerView.selection;
-  } else if (websites_tab.selected) {
-    items = serverOutlinerView.selection;
-  }
-  selected_certs = [];
-  var cert = null;
-  var nr = 0;
-  if (items != null) nr = items.getRangeCount();
-  if (nr > 0) {
-    for (var i=0; i<nr; i++) {
-      var o1 = {};
-      var o2 = {};
-      items.getRangeAt(i, o1, o2);
-      var min = o1.value;
-      var max = o2.value;
-      for (var j=min; j<=max; j++) {
-        if (ca_tab.selected) {
-          cert = caOutlinerView.getCert(j);
-        } else if (mine_tab.selected) {
-          cert = userOutlinerView.getCert(j);
-        } else if (others_tab.selected) {
-          cert = emailOutlinerView.getCert(j);
-        } else if (websites_tab.selected) {
-          cert = serverOutlinerView.getCert(j);
-        }
-        if (cert)
-          selected_certs[selected_certs.length] = cert;
-      }
-    }
-  }
-}
-
-function ca_enableButtons()
-{
-  var items = caOutlinerView.selection;
-  var nr = items.getRangeCount();
-  var toggle="false";
-  if (nr == 0) {
-    toggle="true";
-  }
-  var edit_toggle=toggle;
-/*
-  var edit_toggle="true";
-  if (nr > 0) {
-    for (var i=0; i<nr; i++) {
-      var o1 = {};
-      var o2 = {};
-      items.getRangeAt(i, o1, o2);
-      var min = o1.value;
-      var max = o2.value;
-      var stop = false;
-      for (var j=min; j<=max; j++) {
-        var tokenName = items.outliner.view.getCellText(j, "tokencol");
-	if (tokenName == "Builtin Object Token") { stop = true; } break;
-      }
-      if (stop) break;
-    }
-    if (i == nr) {
-      edit_toggle="false";
-    }
-  }
-*/
-  var enableViewButton=document.getElementById('ca_viewButton');
-  enableViewButton.setAttribute("disabled",toggle);
-  var enableEditButton=document.getElementById('ca_editButton');
-  enableEditButton.setAttribute("disabled",edit_toggle);
-  var enableDeleteButton=document.getElementById('ca_deleteButton');
-  enableDeleteButton.setAttribute("disabled",toggle);
-}
-
-function mine_enableButtons()
-{
-  var items = userOutlinerView.selection;
-  var toggle="false";
-  if (items.getRangeCount() == 0) {
-    toggle="true";
-  }
-  var enableViewButton=document.getElementById('mine_viewButton');
-  enableViewButton.setAttribute("disabled",toggle);
-  var enableBackupButton=document.getElementById('mine_backupButton');
-  enableBackupButton.setAttribute("disabled",toggle);
-  var enableDeleteButton=document.getElementById('mine_deleteButton');
-  enableDeleteButton.setAttribute("disabled",toggle);
-}
-
-function websites_enableButtons()
-{
-  var items = serverOutlinerView.selection;
-  var toggle="false";
-  if (items.getRangeCount() == 0) {
-    toggle="true";
-  }
-  var enableViewButton=document.getElementById('websites_viewButton');
-  enableViewButton.setAttribute("disabled",toggle);
-  var enableEditButton=document.getElementById('websites_editButton');
-  enableEditButton.setAttribute("disabled",toggle);
-  var enableDeleteButton=document.getElementById('websites_deleteButton');
-  enableDeleteButton.setAttribute("disabled",toggle);
-}
-
-function email_enableButtons()
-{
-  var items = emailOutlinerView.selection;
-  var toggle="false";
-  if (items.getRangeCount() == 0) {
-    toggle="true";
-  }
-  var enableViewButton=document.getElementById('email_viewButton');
-  enableViewButton.setAttribute("disabled",toggle);
-  var enableEditButton=document.getElementById('email_editButton');
-  enableEditButton.setAttribute("disabled",toggle);
-  var enableDeleteButton=document.getElementById('email_deleteButton');
-  enableDeleteButton.setAttribute("disabled",toggle);
-}
-
-function backupCerts()
-{
-  getSelectedCerts();
-  var numcerts = selected_certs.length;
-  var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-  var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.GetStringFromName("chooseP12BackupFileDialog"),
-          nsIFilePicker.modeSave);
-  fp.appendFilter("PKCS12 Files", "*.p12");
-  fp.appendFilters(nsIFilePicker.filterAll);
-  var rv = fp.show();
-  if (rv == nsIFilePicker.returnOK || rv == nsIFilePicker.returnReplace) {
-    certdb.exportPKCS12File(null, fp.file, 
-                            selected_certs.length, selected_certs);
-  }
-}
-
-function backupAllCerts()
-{
-  // Select all rows, then call doBackup()
-  var items = userOutlinerView.selection.selectAll();
-  backupCerts();
-}
-
-function editCerts()
-{
-  getSelectedCerts();
-  var numcerts = selected_certs.length;
-  for (var t=0; t<numcerts; t++) {
-    var cert = selected_certs[t];
-    var certkey = cert.dbKey;
-    var ca_tab = document.getElementById("ca_tab");
-    if (ca_tab.selected) {
-      window.openDialog('chrome://pippki/content/editcacert.xul', certkey,
-                  'chrome,width=100,resizable=1,modal');
-    } else {
-      window.openDialog('chrome://pippki/content/editsslcert.xul', certkey,
-                  'chrome,width=100,resizable=1,modal');
-    }
-  }
-}
-
-function restoreCerts()
-{
-  var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-  var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.GetStringFromName("chooseP12RestoreFileDialog"),
-          nsIFilePicker.modeOpen);
-  fp.appendFilter("PKCS12 Files", "*.p12;*.pfx");
-  fp.appendFilters(nsIFilePicker.filterAll);
-  if (fp.show() == nsIFilePicker.returnOK) {
-    var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
-    certdb.importPKCS12File(null, fp.file);
-  }
-  userOutlinerView.loadCerts(nsIX509Cert.USER_CERT);
-}
-
-function deleteCerts()
-{
-  getSelectedCerts();
-  
-  var params = Components.classes[nsDialogParamBlock].createInstance(nsIDialogParamBlock);
-  
-  var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-  var selTab = document.getElementById('certMgrTabbox').selectedItem;
-  var selTabID = selTab.getAttribute('id');
-  if (selTabID == 'mine_tab') 
-  {
-    params.SetString(1,bundle.GetStringFromName("deleteUserCertFlag"));
-  } 
-  else if (selTabID == "websites_tab") 
-  {
-    params.SetString(1,bundle.GetStringFromName("deleteSslCertFlag"));
-  } 
-  else if (selTabID == "ca_tab") 
-  {
-    params.SetString(1,bundle.GetStringFromName("deleteCaCertFlag"));
-  }
-  else if (selTabID == "others_tab") 
-  {
-    params.SetString(1,bundle.GetStringFromName("deleteEmailCertFlag"));
-  }
-  else
-  {
-    return;
-  }
-
-  var numcerts = selected_certs.length;
-  params.SetInt(2,numcerts);
-  for (var t=0; t<numcerts; t++) 
-  {
-    var cert = selected_certs[t];
-    params.SetString(t+3, cert.dbKey);  
-  }
-   
-  window.openDialog('chrome://pippki/content/deletecert.xul', "",
-                'chrome,resizable=1,modal',params);
- 
-  ReloadCerts();
-}
-
-function viewCerts()
-{
-  getSelectedCerts();
-  var numcerts = selected_certs.length;
-  for (var t=0; t<numcerts; t++) {
-    selected_certs[t].view();
-  }
-}
-
-/* XXX future - import a DER cert from a file? */
-function addCerts()
-{
-  alert("Add cert chosen");
-}

mozilla/security/manager/pki/resources/content/certManager.xul

@@ -1,68 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-<?xul-overlay href="chrome://global/content/dialogOverlay.xul"?>
-
-<?xul-overlay href="chrome://pippki/content/MineOverlay.xul"?>
-<?xul-overlay href="chrome://pippki/content/OthersOverlay.xul"?>
-<?xul-overlay href="chrome://pippki/content/WebSitesOverlay.xul"?>
-<?xul-overlay href="chrome://pippki/content/CAOverlay.xul"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<window id="certmanager" 
-	xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" 
-        title="&certmgr.title;"
-        onload="LoadCerts();">
-
-  <script type="application/x-javascript" src="chrome://help/content/help.js"/>
-  <script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-  <script type="application/x-javascript" src="chrome://pippki/content/certManager.js"/>
-
-  <vbox flex="1">
-    <tabbox flex="1">
-      <tabs id="certMgrTabbox">
-        <tab id="mine_tab" label="&certmgr.tab.mine;"/>
-        <tab id="others_tab" label="&certmgr.tab.others;"/>
-        <tab id="websites_tab" label="&certmgr.tab.websites;"/>
-        <tab id="ca_tab" label="&certmgr.tab.ca;" selected="true"/>
-      </tabs>
-      <tabpanels flex="1">
-        <vbox id="myCerts" flex="1"/>
-        <vbox id="othersCerts" flex="1"/>
-        <vbox id="webCerts" flex="1"/>
-        <vbox id="CACerts" flex="1"/>
-      </tabpanels>
-    </tabbox>
-
-    <hbox>
-      <button id="HelpButton"
-              label="&certmgr.help.label;" 
-              accesskey="&certmgr.helpButtonAccessKey;"
-              oncommand="doHelpButton();"/>
-    </hbox>
-  </vbox>
-
-</window>

mozilla/security/manager/pki/resources/content/certViewer.xul

@@ -1,80 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Ian McGreer <mcgreer@netscape.com>
-   -   Javier Delgadillo <javi@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/certManager.dtd">
-
-<?xul-overlay href="chrome://pippki/content/viewCertDetails.xul"?>
-<?xul-overlay href="chrome://pippki/content/certDump.xul"?>
-
-
-<window id="certDetails" 
-  title="&certmgr.certdetail.title;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-  onload="setWindowName();">
-
-<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/viewCertDetails.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
-<script type="application/x-javascript" src="chrome://help/content/help.js"/>
-
-<keyset id="keys">
-  <key id="esc-key"    keycode="VK_ESCAPE" oncommand="window.close()"/>
-</keyset>
-
-  <grid flex="1">
-    <column flex="1"/>
-    <rows>
-      <row flex="1">
-        <tabbox flex="1">
-          <tabs>
-            <tab id="general_tab" label="&certmgr.detail.general_tab.title;"/>
-            <tab id="prettyprint_tab" label="&certmgr.detail.prettyprint_tab.title;"/>
-          </tabs>
-          <tabpanels flex="1">
-            <vbox id="general_info" flex="1"/>
-            <vbox id="certPrettyPrint" flex="1"/>
-          </tabpanels>
-        </tabbox>
-      </row>
-      <row>
-        <separator class="thin"/>
-      </row>
-      <row>
-        <hbox align="right" flex="1">
-          <button id="HelpButton"
-                  label="&certmgr.help.label;" 
-                  accesskey="&certmgr.helpButtonAccessKey;"
-                  oncommand="openHelp('chrome://help/content/help.xul?cert_details');"/>
-          <button id="closeButton"
-                  label="&certmgr.close.label;" 
-                  accesskey="&certmgr.closeWindowAccessKey;"
-                  oncommand="window.close();"/>
-        </hbox>
-      </row>
-    </rows>
-  </grid>
-</window>

mozilla/security/manager/pki/resources/content/certpicker.js

@@ -1,96 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Mozilla Communicator.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corp..
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s): Kai Engert <kaie@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
-
-var dialogParams;
-var itemCount = 0;
-
-function onLoad()
-{
-  dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
-
-  var pickerTitle = dialogParams.GetString(1);
-  var mainwin = document.getElementById("certPicker");
-  mainwin.setAttribute("title", pickerTitle);
-
-  var pickerInfo = dialogParams.GetString(2);
-  setText("pickerInfo", pickerInfo);
-
-  var selectElement = document.getElementById("nicknames");
-  itemCount = dialogParams.GetInt(1);
-
-  for (var i=0; i < itemCount; i++) {
-      var menuItemNode = document.createElement("menuitem");
-      var nick = dialogParams.GetString(i+3);
-      menuItemNode.setAttribute("value", i);
-      menuItemNode.setAttribute("label", nick); // this is displayed
-      selectElement.firstChild.appendChild(menuItemNode);
-      if (i == 0) {
-          selectElement.selectedItem = menuItemNode;
-      }
-  }
-
-  dialogParams.SetInt(1,0); // set cancel return value
-  setDetails();
-}
-
-function setDetails()
-{
-  var index = parseInt(document.getElementById("nicknames").value);
-  details = dialogParams.GetString(index+itemCount+3);
-  document.getElementById("details").value = details;
-}
-
-function onCertSelected()
-{
-  setDetails();
-}
-
-function doOK()
-{
-  dialogParams.SetInt(1,1);
-  var index = parseInt(document.getElementById("nicknames").value);
-  dialogParams.SetInt(2, index);
-  window.close();
-}
-
-function doCancel()
-{
-  dialogParams.SetInt(1,0);
-  window.close();
-}

mozilla/security/manager/pki/resources/content/certpicker.xul

@@ -1,81 +0,0 @@
-<?xml version="1.0"?>
-<!-- ***** BEGIN LICENSE BLOCK *****
-   - Version: MPL 1.1/GPL 2.0/LGPL 2.1
-   -
-   - The contents of this file are subject to the Mozilla Public License Version
-   - 1.1 (the "License"); you may not use this file except in compliance with
-   - the License. You may obtain a copy of the License at
-   - http://www.mozilla.org/MPL/
-   -
-   - Software distributed under the License is distributed on an "AS IS" basis,
-   - WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-   - for the specific language governing rights and limitations under the
-   - License.
-   -
-   - The Original Code is Mozilla Communicator
-   -
-   - The Initial Developer of the Original Code is
-   - Netscape Communications Corp..
-   - Portions created by the Initial Developer are Copyright (C) 2001
-   - the Initial Developer. All Rights Reserved.
-   -
-   - Contributor(s): Kai Engert <kaie@netscape.com>
-   -
-   - Alternatively, the contents of this file may be used under the terms of
-   - either the GNU General Public License Version 2 or later (the "GPL"), or
-   - the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-   - in which case the provisions of the GPL or the LGPL are applicable instead
-   - of those above. If you wish to allow use of your version of this file only
-   - under the terms of either the GPL or the LGPL, and not to allow others to
-   - use your version of this file under the terms of the MPL, indicate your
-   - decision by deleting the provisions above and replace them with the notice
-   - and other provisions required by the LGPL or the GPL. If you do not delete
-   - the provisions above, a recipient may use your version of this file under
-   - the terms of any one of the MPL, the GPL or the LGPL.
-   -
-   - ***** END LICENSE BLOCK ***** -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window [
-<!ENTITY % pippkiDTD SYSTEM "chrome://pippki/locale/pippki.dtd" >
-%pippkiDTD;
-]>
-
-
-<window id="certPicker" title="&certPicker.defaultTitle;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"      
-  onload="onLoad();">
-
-<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/certpicker.js"/>
-
-<keyset id="keys">
-  <key id="enter-key"  keycode="VK_ENTER"  oncommand="doOK();"/>
-  <key id="return-key" keycode="VK_RETURN" oncommand="doOK();"/>
-  <key id="esc-key"    keycode="VK_ESCAPE" oncommand="doCancel();"/>
-</keyset>
-
-<vbox style="margin: 5px;">
-    <groupbox>
-    <description id="pickerInfo" style="font-weight: bold;">&certPicker.defaultInfo;</description>
-    <broadcaster id="certSelected" oncommand="onCertSelected();"/>
-    <!-- The items in this menulist must never be sorted,
-         but remain in the order filled by the application
-    -->
-    <menulist id="nicknames" observes="certSelected">
-        <menupopup/>
-    </menulist>
-    <label value="&certPicker.detailsLabel;"/>
-    <textbox readonly="true" id="details" multiline="true"
-      style="height: 11em; width=80em;"/>
-    </groupbox>
-  <separator class="thin"/>
-  <hbox>
-  <button id="ok-button" label="&ok.label;"
-          oncommand="doOK();"/> 
-  <button id="cancel-button" label="&cancel.label;"
-          oncommand="doCancel();"/> 
-  </hbox>
-</vbox>
-</window>

mozilla/security/manager/pki/resources/content/changepassword.xul

@@ -1,117 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Bob Lord <lord@netscape.com>
-   -   Terry Hayes <thayes@netscape.com>
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window SYSTEM "chrome://pippki/locale/pippki.dtd">
-
-<window id="set_password" title="&setPassword.title;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"      
-  onload="onLoad();">
-
-<script type="application/x-javascript" src="chrome://pippki/content/password.js"/>
-<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-<script type="application/x-javascript" src="chrome://help/content/help.js"/>
-
-
-<vbox style="margin: 5px;" flex="1">
-
-<hbox align="center">
-  <label value="&setPassword.tokenName.label;: "/>
-  <label id="tokenName" />
-  <menulist id="tokenMenu" oncommand="onMenuChange()">
-     <menupopup/>
-  </menulist>
-</hbox>
-
-
-<!--
-    <menulist id="signerList" disabled="true">
-      <menupopup>
-        <menuitem id="token-menu" label="Built-in private key database"/>
-        <menuitem label="Bob Lord's iButton"/>
-      </menupopup>
-    </menulist>
--->
-<separator/>
-
-<groupbox>
-<grid>
- <columns>
-   <column/>
-   <column/> 
- </columns>
- <rows>
-   <row>
-     <label value="&setPassword.oldPassword.label;"/> 
-     <textbox id="oldpw" type="password"/>
-     <!-- This textbox is inserted as a workaround to the fact that making the 'type' 
-          & 'disabled' property of the 'oldpw' textbox toggle between ['password' & 
-          'false'] and ['text' & 'true'] - as would be necessary if the menu has more 
-          than one tokens, some initialized and some not - does not work properly. So, 
-          either the textbox 'oldpw' or the textbox 'message' would be displayed, 
-          depending on the state of the token selected 
-     -->
-     <textbox id="message" disabled="true" />
-   </row>
-   <row>
-     <label value="&setPassword.newPassword.label;"/> 
-     <textbox id="pw1" type="password" 
-       onkeypress="setPasswordStrength(); checkPasswords();"/> 
-   </row>
-   <row>
-     <label value="&setPassword.reenterPassword.label;"/> 
-     <textbox id="pw2" type="password" onkeypress="checkPasswords();"/>  
-   </row>
- </rows>
-</grid>
-</groupbox>
-
-<groupbox>
- <caption label="&setPassword.meter.label;"/>
- <progressmeter id="pwmeter" mode="determined" 
-                  value="0"/>
-</groupbox>
-
-<separator/>
-
-<keyset id="keys">
-  <key id="enter-key"  keycode="VK_ENTER"  oncommand="if (!document.getElementById('ok-button').disabled) setPassword();"/>
-  <key id="return-key" keycode="VK_RETURN" oncommand="if (!document.getElementById('ok-button').disabled) setPassword();"/>
-  <key id="esc-key"    keycode="VK_ESCAPE" oncommand="window.close();"/>
-</keyset>
-
-<hbox>
-<button id="ok-button" label="&ok.label;"
-        oncommand="setPassword();" disabled="true" default="true"/>
-<button id="cancel-button" label="&cancel.label;"
-        oncommand="window.close();"/> 
-<button id="help-button" label="&help.label;"
-        oncommand="openHelp('chrome://help/content/help.xul?change_pwd');"/> 
-</hbox>
-
-
-</vbox>
-
-</window>

mozilla/security/manager/pki/resources/content/choosetoken.js

@@ -1,58 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * David Drinan.
- */
-
-
-const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
-
-var dialogParams;
-
-function onLoad()
-{
-    dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
-    var selectElement = document.getElementById("tokens");
-    for (var i=1; i <= dialogParams.GetInt(1); i++) {
-        var menuItemNode = document.createElement("menuitem");
-        var token = dialogParams.GetString(i);
-        menuItemNode.setAttribute("value", token);
-        menuItemNode.setAttribute("label", token);
-        selectElement.firstChild.appendChild(menuItemNode);
-        if (i == 1) {
-            selectElement.selectedItem = menuItemNode;
-        }
-    }
-}
-
-function doOK()
-{
-  var tokenList = document.getElementById("tokens");
-  var token = tokenList.value;
-  dialogParams.SetInt(1,1);
-  dialogParams.SetString(1, token);
-  window.close();
-}
-
-function doCancel()
-{
-  dialogParams.SetInt(1,0);
-  window.close();
-}

mozilla/security/manager/pki/resources/content/choosetoken.xul

@@ -1,66 +0,0 @@
-<?xml version="1.0"?>
-<!--
-  - The contents of this file are subject to the Mozilla Public
-  - License Version 1.1 (the "License"); you may not use this file
-  - except in compliance with the License. You may obtain a copy of
-  - the License at http://www.mozilla.org/MPL/
-  -
-  - Software distributed under the License is distributed on an "AS
-  - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-  - implied. See the License for the specific language governing
-  - rights and limitations under the License.
-  -
-  - The Original Code is mozilla.org code.
-  -
-  - The Initial Developer of the Original Code is Netscape
-  - Communications Corporation.  Portions created by Netscape are
-  - Copyright (C) 2001 Netscape Communications Corporation. All
-  - Rights Reserved.
-  -
-  - Contributor(s):
-  - David Drinan (ddrinan@netscape.com)
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window [
-<!ENTITY % pippkiDTD SYSTEM "chrome://pippki/locale/pippki.dtd" >
-%pippkiDTD;
-]>
-
-
-<window id="ssl_warning" title="&chooseToken.title;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"      
-  height="360"
-  width="400"
-  onload="onLoad();">
-
-<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/choosetoken.js"/>
-<script type="application/x-javascript" src="chrome://help/content/help.js"/>
-
-<keyset id="keys">
-  <key id="enter-key"  keycode="VK_ENTER"  oncommand="if (!document.getElementById('ok-button').disabled) doOK();"/>
-  <key id="return-key" keycode="VK_RETURN" oncommand="if (!document.getElementById('ok-button').disabled) doOK();"/>
-  <key id="esc-key"    keycode="VK_ESCAPE" oncommand="doCancel();"/>
-</keyset>
-
-<vbox style="margin: 5px;" flex="1">
-    <groupbox>
-    <description>&chooseToken.message1;</description>
-    <menulist id="tokens">
-        <menupopup/>
-    </menulist>
-    </groupbox>
-  <separator />
-  <hbox>
-  <button id="ok-button" label="&ok.label;"
-          oncommand="doOK();"/> 
-  <button id="cancel-button" label="&cancel.label;"
-          oncommand="doCancel();"/> 
-  <button id="help-button" label="&help.label;"
-          oncommand="openHelp('chrome://help/content/help.xul?which_token');"/> 
-  </hbox>
-</vbox>
-</window>

mozilla/security/manager/pki/resources/content/clientauthask.js

@@ -1,92 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *  Javier Delgadillo <javi@netscape.com>
- */
-
-
-const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
-
-var dialogParams;
-var itemCount = 0;
-
-function onLoad()
-{
-    var cn;
-    var org;
-    var issuer;
-
-    dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
-    cn = dialogParams.GetString(1);
-    org = dialogParams.GetString(2);
-    issuer = dialogParams.GetString(3);
-
-    var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
-    var message1 = bundle.formatStringFromName("clientAuthMessage1", 
-                                             [org],
-                                             1);
-    var message2 = bundle.formatStringFromName("clientAuthMessage2",
-                                             [issuer],
-                                             1);
-    setText("hostname", cn);
-    setText("organization", message1);
-    setText("issuer", message2);
-
-    var selectElement = document.getElementById("nicknames");
-    itemCount = dialogParams.GetInt(1);
-    for (var i=0; i < itemCount; i++) {
-        var menuItemNode = document.createElement("menuitem");
-        var nick = dialogParams.GetString(i+4);
-        menuItemNode.setAttribute("value", i);
-        menuItemNode.setAttribute("label", nick); // this is displayed
-        selectElement.firstChild.appendChild(menuItemNode);
-        if (i == 0) {
-            selectElement.selectedItem = menuItemNode;
-        }
-    }
-
-    setDetails();
-}
-
-function setDetails()
-{
-  var index = parseInt(document.getElementById("nicknames").value);
-  details = dialogParams.GetString(index+itemCount+4);
-  document.getElementById("details").value = details;
-}
-
-function onCertSelected()
-{
-  setDetails();
-}
-
-function doOK()
-{
-  dialogParams.SetInt(1,1);
-  var index = parseInt(document.getElementById("nicknames").value);
-  dialogParams.SetInt(2, index);
-  window.close();
-}
-
-function doCancel()
-{
-  dialogParams.SetInt(1,0);
-  window.close();
-}

mozilla/security/manager/pki/resources/content/clientauthask.xul

@@ -1,71 +0,0 @@
-<?xml version="1.0"?>
-<!--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   -
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   -
-   -
-   - Contributor(s):
-   - David Drinan (ddrinan@netscape.com)
-  -->
-
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
-
-<!DOCTYPE window [
-<!ENTITY % pippkiDTD SYSTEM "chrome://pippki/locale/pippki.dtd" >
-%pippkiDTD;
-]>
-
-
-<window id="ssl_warning" title="&clientAuthAsk.title;"
-  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"      
-  onload="onLoad();">
-
-<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
-<script type="application/x-javascript" src="chrome://pippki/content/clientauthask.js"/>
-<script type="application/x-javascript" src="chrome://help/content/help.js" />
-
-<keyset id="keys">
-  <key id="enter-key"  keycode="VK_ENTER"  oncommand="doOK();"/>
-  <key id="return-key" keycode="VK_RETURN" oncommand="doOK();"/>
-  <key id="esc-key"    keycode="VK_ESCAPE" oncommand="window.close();"/>
-</keyset>
-
-<vbox style="margin: 5px;">
-    <groupbox>
-    <description style="font-weight: bold;">&clientAuthAsk.message1;</description>
-    <description id="hostname"/>
-    <description id="organization"/>
-    <description id="issuer"/>
-    </groupbox>
-    <groupbox>
-    <description style="font-weight: bold;">&clientAuthAsk.message2;</description>
-    <broadcaster id="certSelected" oncommand="onCertSelected();"/>
-    <!-- The items in this menulist must never be sorted,
-         but remain in the order filled by the application
-    -->
-    <menulist id="nicknames" observes="certSelected">
-        <menupopup/>
-    </menulist>
-    <description>&clientAuthAsk.message3;</description>
-    <textbox readonly="true" id="details" multiline="true"
-      style="height: 11em; width=80em;"/>
-    </groupbox>
-  <separator/>
-  <hbox>
-  <button id="ok-button" label="&ok.label;"
-          oncommand="doOK();"/> 
-  <button id="cancel-button" label="&cancel.label;"
-          oncommand="doCancel();"/> 
-  <button id="help-button" label="&help.label;"
-     style="width: 10ex" oncommand="openHelp('chrome://help/content/help.xul?which_cert');" /> 
-  </hbox>
-</vbox>
-</window>

mozilla/security/manager/pki/resources/content/contents.rdf

@@ -1,55 +0,0 @@
-<?xml version="1.0"?>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is mozilla.org code.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corp.  Portions created by Netscape are
-   - Copyright (C) 2001 Netscape Communications Corp.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   -   Terry Hayes <thayes@netscape.com>
-  -->
-
-<RDF:RDF xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-         xmlns:chrome="http://www.mozilla.org/rdf/chrome#">
-
-  <!-- list all the packages being supplied by this jar -->
-  <RDF:Seq about="urn:mozilla:package:root">
-    <RDF:li resource="urn:mozilla:package:pippki"/>
-  </RDF:Seq>
-
-  <!-- package information -->
-  <RDF:Description about="urn:mozilla:package:pippki"
-        chrome:displayName="pippki"
-        chrome:author="PSM Team"
-        chrome:name="pippki"
- 	chrome:localeVersion="0.9.6">
-  </RDF:Description>
-
-  <!-- Declare overlay points used in this package -->
-  <RDF:Seq about="urn:mozilla:overlays">
-    <RDF:li resource="chrome://communicator/content/pref/preftree.xul"/>
-    <RDF:li resource="chrome://navigator/content/pageInfo.xul"/>
-  </RDF:Seq>
-
-  <!-- Define the local overlay file(s) for each overlay point -->
-  <RDF:Seq about="chrome://communicator/content/pref/preftree.xul">
-    <RDF:li>chrome://pippki/content/PrefOverlay.xul</RDF:li>
-  </RDF:Seq>
-  <RDF:Seq about="chrome://navigator/content/pageInfo.xul">
-    <RDF:li>chrome://pippki/content/PageInfoOverlay.xul</RDF:li>
-  </RDF:Seq>
-
-</RDF:RDF>  
-