Fix Solaris break for case-sensitive file name

git-svn-id: svn://10.0.0.236/branches/PSM_GLUE_JAVI@72695 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/extensions/psm-glue/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= public src res
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = public src res
+
+include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/public/MANIFEST

@@ -0,0 +1,4 @@
+nsIPSMComponent.idl
+nsIPSMUIHandler.idl
+nsISecureBrowserUI.idl
+nsISSLSocketProvider.idl

mozilla/extensions/psm-glue/public/Makefile.in

@@ -0,0 +1,45 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+# 
+
+MODULE = psmglue
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+XPIDLSRCS = \
+	nsIPSMComponent.idl \
+	nsIPSMUIHandler.idl \
+	nsISecureBrowserUI.idl \
+    nsIPSMSocketInfo.idl \
+	nsISSLSocketProvider.idl \
+	nsISecretDecoderRing.idl \
+	$(NULL)
+
+PREF_JS_EXPORTS	= $(srcdir)/psm-glue.js
+
+include $(topsrcdir)/config/rules.mk

mozilla/extensions/psm-glue/public/makefile.win

@@ -0,0 +1,53 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+XPIDL_INCLUDES=-I$(DEPTH)\..\mozilla\dist\idl
+
+XPIDLSRCS= \
+    .\nsIPSMComponent.idl \
+    .\nsIPSMUIHandler.idl \
+    .\nsISecureBrowserUI.idl \
+    .\nsISSLSocketProvider.idl \
+    .\nsIPSMSocketInfo.idl \
+    .\nsISecretDecoderRing.idl \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install::
+    $(MAKE_INSTALL) .\psm-glue.js $(DIST)\bin\defaults\pref

mozilla/extensions/psm-glue/public/nsIPSMComponent.idl

@@ -0,0 +1,58 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsISupports.idl"
+interface nsIPrincipal;
+
+%{C++
+#include "cmtcmn.h"
+%}
+
+[ptr] native nsCMTControlStar(CMT_CONTROL);
+
+[scriptable, uuid(9e482670-5412-11d3-bbc8-0000861d1237)]
+interface nsIPSMComponent : nsISupports 
+{
+
+  [noscript] nsCMTControlStar getControlConnection( );
+
+  /**
+   *  Display the Security Advisor.  PickledStatus and hostName can be null. 
+   *  If they are, the "Selected Info" dialog will be empty.
+   */
+
+  void displaySecurityAdvisor(in string pickledStatus, in string hostName);
+
+  /**
+   *  This will send PSM all preferences that we know about.
+   */
+  void passPrefs();
+};
+
+%{C++
+#define PSM_COMPONENT_PROGID "component://netscape/psm"
+#define PSM_COMPONENT_CLASSNAME "Mozilla PSM Component"
+%}
+

mozilla/extensions/psm-glue/public/nsIPSMSocketInfo.idl

@@ -0,0 +1,50 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISupports.idl"
+
+%{C++
+#include "cmtcmn.h"
+#include "nsPSMShimLayer.h"
+%}
+
+[ptr] native psmtControlStar(CMT_CONTROL);
+[ptr] native cmSocketStar(CMSocket);
+[ptr] native nsFileDescStar(PRFileDesc);
+
+[noscript, uuid(deeb8dfc-fb7a-11d3-ac84-00c04fa0d26b)]
+interface nsIPSMSocketInfo : nsISupports {
+    
+    readonly attribute string           hostName;
+    readonly attribute PRInt32          hostPort;
+    
+    readonly attribute string           proxyName;
+    readonly attribute PRInt32          proxyPort;
+
+    readonly attribute psmtControlStar  controlPtr;
+    readonly attribute cmSocketStar     socketPtr;
+    readonly attribute nsFileDescStar   fileDescPtr;
+    
+    void getPickledStatus(out charPtr pickledStatus);
+};
+

mozilla/extensions/psm-glue/public/nsIPSMUIHandler.idl

@@ -0,0 +1,36 @@
+/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Mozilla browser.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications, Inc.  Portions created by Netscape are
+ * Copyright (C) 1999, Mozilla.  All Rights Reserved.
+ * 
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(d92be9b0-601b-11d3-8c4a-000064657374)]
+interface nsIPSMUIHandler : nsISupports
+{
+    void DisplayURI(in long width, in long height, in PRBool modal, in string urlStr);
+    void PromptForFile(in wstring prompt, in string fileRegEx, in boolean shouldFileExist, out string outFile);
+};
+
+%{C++
+#define PSM_UI_HANLDER_PROGID "component://netscape/psm/ui"
+#define PSM_UI_HANLDER_CLASSNAME "Mozilla PSM UI Handler"
+%}

mozilla/extensions/psm-glue/public/nsISSLSocketProvider.idl

@@ -0,0 +1,35 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISocketProvider.idl"
+
+[noscript, uuid(856a93d0-5415-11d3-bbc8-0000861d1237)]
+interface nsISSLSocketProvider : nsISocketProvider {
+};
+
+%{C++
+#define NS_ISSLSOCKETPROVIDER_PROGID     NS_NETWORK_SOCKET_PROGID_PREFIX "ssl"
+#define NS_ISSLSOCKETPROVIDER_CLASSNAME  "Mozilla SSL Socket Provider Component"
+
+%}

mozilla/extensions/psm-glue/public/nsISecretDecoderRing.idl

@@ -0,0 +1,63 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *  thayes@netscape.com
+ *
+ */
+
+#include "nsISupports.idl"
+
+/* Buffer type - for storing 8-bit octet values */
+[ptr] native buffer(unsigned char);
+
+[scriptable, uuid(0EC80360-075C-11d4-9FD4-00C04F1B83D8)]
+interface nsISecretDecoderRing: nsISupports {
+
+  /* Encrypt a buffer - callable only from C++ */
+  [noscript] long encrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Decrypt a buffer - callable only from C++ */
+  [noscript] long decrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Encrypt nul-terminated string to BASE64 output */
+  string encryptString(in string text);
+
+  /* Decrypt BASE64 input to nul-terminated string output */
+  /* There is no check for embedded nul values in the decrypted output */
+  string decryptString(in string crypt);
+
+  /* Prompt the user to change the password on the SDR key */
+  void changePassword();
+
+  /* Logout of the security device that protects the SDR key */
+  void logout();
+};
+
+/*
+ * Configuration interface for the Secret Decoder Ring
+ *  - this interface allows setting the window that will be
+ *    used as parent for dialog windows (such as password prompts)
+ */
+[scriptable, uuid(01D8C0F0-0CCC-11d4-9FDD-000064657374)]
+interface nsISecretDecoderRingConfig: nsISupports {
+  void setWindow(in nsISupports w);
+};
+
+

mozilla/extensions/psm-glue/public/nsISecureBrowserUI.idl

@@ -0,0 +1,44 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISupports.idl"
+
+interface nsIDOMWindow;
+interface nsIDOMElement;
+
+[scriptable, uuid(081e31e0-a144-11d3-8c7c-00609792278c)]
+interface nsSecureBrowserUI : nsISupports
+{
+	void init(in nsIDOMWindow window, in nsIDOMElement button);
+    void displayPageInfoUI();
+};
+
+%{C++
+#define NS_SECURE_BROWSER_UI_PROGID "component://netscape/secure_browser_ui"
+#define NS_SECURE_BROWSER_UI_CLASSNAME "Mozilla Secure Browser UI Handler"
+
+#define NS_SECURE_BROWSER_UI_CID \
+{ 0x10fe7ea0, 0xa10a, 0x11d3, {0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+%}

mozilla/extensions/psm-glue/public/psm-glue.js

@@ -0,0 +1,11 @@
+pref("general.useragent.security",       "U");
+
+pref("security.enable_ssl2",             true);
+pref("security.enable_ssl3",             true);
+pref("security.default_personal_cert",   "Select Automatically");
+pref("security.ask_for_password",        0);
+pref("security.password_lifetime",       30);
+pref("security.warn_entering_secure",    true);
+pref("security.warn_leaving_secure",     true);
+pref("security.warn_viewing_mixed",      true);
+pref("security.warn_submit_insecure",    true);

mozilla/extensions/psm-glue/res/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= content locale
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/res/content/MANIFEST

@@ -0,0 +1,3 @@
+securityOverlay.xul
+securityUI.js
+PSMTaskMenu.xul

mozilla/extensions/psm-glue/res/content/Makefile.in

@@ -0,0 +1,38 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+COMMUNICATOR_CONTENT_DIR = $(DIST)/bin/chrome/packages/core/communicator/content/
+COMMUNICATOR_EXPORT_CONTENT = \
+  $(srcdir)/securityOverlay.xul \
+  $(srcdir)/securityUI.js       \
+  $(srcdir)/PSMTaskMenu.xul \
+  $(NULL)
+
+install::
+	$(INSTALL) $(COMMUNICATOR_EXPORT_CONTENT) $(COMMUNICATOR_CONTENT_DIR)

mozilla/extensions/psm-glue/res/content/PSMTaskMenu.xul

@@ -0,0 +1,22 @@
+<?xml version="1.0"?>
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/PSMTaskMenu.dtd" >
+
+<overlay id="psmTaskMenuID"
+         xmlns:html="http://www.w3.org/1999/xhtml"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript">
+    function displaySecurityAdvisor()
+    {
+      var psm = Components.classes["component://netscape/psm"].getService();
+      psm = psm.QueryInterface(Components.interfaces.nsIPSMComponent);
+      psm.displaySecurityAdvisor( null, null );
+    }
+  </script>
+
+  <menupopup id="personalManagers">
+    <menuitem id="PSMMentItem" position="1" value="&PSMCmd.label;" oncommand="displaySecurityAdvisor()"/>
+  </menupopup>
+
+</overlay>

mozilla/extensions/psm-glue/res/content/makefile.win

@@ -0,0 +1,35 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..
+include <$(DEPTH)/config/config.mak>
+include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) securityOverlay.xul     $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) securityUI.js           $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) PSMTaskMenu.xul	$(DIST)\bin\chrome\packages\core\communicator\content
+    
+clobber::
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityOverlay.xul
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityUI.js
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\PSMTaskMenu.xul
+

mozilla/extensions/psm-glue/res/content/securityOverlay.xul

@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="chrome://communicator/skin/securityOverlay.css" type="text/css"?> 
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/securityOverlay.dtd">
+
+<overlay id="NavSecurityOverlay"
+         xmlns:html="http://www.w3.org/TR/REC-html40"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript" src="chrome://communicator/content/securityUI.js" />
+
+  <statusbarpanel id="security-button" onclick="displayPageInfo()" tooltip="aToolTip" tooltiptext="&lockIcon.label;"/>    
+      
+</overlay>

mozilla/extensions/psm-glue/res/content/securityUI.js

@@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+window.addEventListener("load", SetSecurityButton, false);
+
+var securityUI;
+
+function SetSecurityButton()
+{
+    dump("in SetSecurityButton\n");
+
+    var ui = Components.classes["component://netscape/secure_browser_ui"].createInstance();
+    securityUI = ui.QueryInterface(Components.interfaces.nsSecureBrowserUI);
+
+    var button  = document.getElementById('security-button');
+	if (button && window.content)
+		securityUI.init(window.content, button);
+}
+
+function displayPageInfo()
+{
+   if (securityUI)
+     securityUI.displayPageInfoUI();
+}
+
+

mozilla/extensions/psm-glue/res/locale/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= en-US
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/res/locale/en-US/MANIFEST

@@ -0,0 +1,3 @@
+PSMTaskMenu.dtd
+securityOverlay.dtd
+security.properties

mozilla/extensions/psm-glue/res/locale/en-US/Makefile.in

@@ -0,0 +1,41 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#
+
+DEPTH		= ../../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+COMMUNICATOR_RESOURCE_CONTENT = \
+	$(srcdir)/PSMTaskMenu.dtd \
+	$(srcdir)/security.properties \
+	$(srcdir)/securityOverlay.dtd \
+	$(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+install:: 
+	$(INSTALL) $(COMMUNICATOR_RESOURCE_CONTENT) $(DIST)/bin/chrome/locales/en-US/communicator/locale
+
+
+

mozilla/extensions/psm-glue/res/locale/en-US/PSMTaskMenu.dtd

@@ -0,0 +1 @@
+<!ENTITY PSMCmd.label     "Security Manager">

mozilla/extensions/psm-glue/res/locale/en-US/makefile.win

@@ -0,0 +1,37 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..\..
+
+include <$(DEPTH)\config\rules.mak>
+
+COMMUNICATOR_DIST=$(DIST)\bin\chrome\locales\en-US\communicator\locale
+
+
+install::
+	$(MAKE_INSTALL) PSMTaskMenu.dtd $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) security.properties $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) securityOverlay.dtd $(COMMUNICATOR_DIST)
+
+clobber::
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\PSMTaskMenu.dtd
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\security.properties
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\securityOverlay.dtd

mozilla/extensions/psm-glue/res/locale/en-US/security.properties

@@ -0,0 +1,29 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+Title=Security Warning
+MixedContentMessage=You have requested a secure document that contains some insecure information.
+LeaveSiteMessage=You have requested an insecure document. The document and any information you send back could be observed by a third party while in transit.
+EnterSiteMessage=You have requested a secure document. The document and any information you send back are encrypted for privacy while in transit.
+PostToInsecure=Warning! Although this document is secure, the information you have submitted is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission.
+PostToInsecureFromInsecure=Any information you submit is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission. 
+DontShowAgain=Show Me This Alert Next Time.
+FindText=Please find the Personal Security Manager application

mozilla/extensions/psm-glue/res/locale/en-US/securityOverlay.dtd

@@ -0,0 +1,2 @@
+
+<!ENTITY  lockIcon.label  "Show security information for this window">

mozilla/extensions/psm-glue/res/locale/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..
+
+DIRS=en-US
+
+include <$(DEPTH)\config\rules.mak>
+

mozilla/extensions/psm-glue/res/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = content locale
+
+include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/src/Makefile.in

@@ -0,0 +1,66 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+# 
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+MODULE = psmglue
+
+IS_COMPONENT	= 1
+LIBRARY_NAME	= psmglue
+
+
+CPPSRCS	= \
+	nsPSMComponent.cpp \
+	nsPSMUICallbacks.cpp \
+	nsSSLSocketProvider.cpp \
+	nsPSMModule.cpp \
+	nsSSLIOLayer.cpp \
+	nsSecureBrowserUIImpl.cpp \
+	nsSDR.cpp \
+	nsFSDR.cpp \
+	nsCrypto.cpp \
+	nsKeygenHandler.cpp \
+	$(NULL)
+
+CSRCS = \
+	nsPSMMutex.c	\
+	nsPSMShimLayer.c	\
+	$(NULL)
+
+EXTRA_DSO_LDOPTS = \
+	$(MOZ_COMPONENT_LIBS) \
+	-lcmt \
+	-lprotocol \
+	$(MOZ_JS_LIBS) \
+	$(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+INCLUDES	+= \
+		-I$(srcdir) \
+		$(NULL)

mozilla/extensions/psm-glue/src/makefile.win

@@ -0,0 +1,72 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+LINCS = $(LINCS)     \
+    -I$(PUBLIC)      \
+    -I$(PUBLIC)/security \
+    $(NULL)
+
+LLIBS   = \
+    $(LIBNSPR) \
+    $(DIST)\lib\neckobase_s.lib \
+    $(DIST)\lib\xpcom.lib \
+    $(DIST)\lib\js3250.lib \
+    $(DIST)\lib\cmt.lib       \
+    $(DIST)\lib\protocol.lib  \
+    $(DIST)\lib\mozreg.lib       \
+    $(DIST)\lib\jsdom.lib \
+    $(NULL)
+
+OBJS = \
+    .\$(OBJDIR)\nsPSMMutex.obj \
+    .\$(OBJDIR)\nsPSMShimLayer.obj \
+    .\$(OBJDIR)\nsPSMComponent.obj \
+    .\$(OBJDIR)\nsPSMUICallbacks.obj \
+    .\$(OBJDIR)\nsPSMModule.obj \
+    .\$(OBJDIR)\nsSecureBrowserUIImpl.obj \
+    .\$(OBJDIR)\nsSSLIOLayer.obj \
+    .\$(OBJDIR)\nsSSLSocketProvider.obj \
+    .\$(OBJDIR)\nsSDR.obj \
+    .\$(OBJDIR)\nsFSDR.obj \
+    .\$(OBJDIR)\nsCrypto.obj \
+    .\$(OBJDIR)\nsKeygenHandler.obj \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin\components

mozilla/extensions/psm-glue/src/nsCrypto.h

@@ -0,0 +1,112 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ */
+#ifndef _nsCrypto_h_
+#define _nsCrypto_h_
+#include "nsIDOMCRMFObject.h"
+#include "nsIDOMCrypto.h"
+#include "nsIScriptObjectOwner.h"
+#include "nsIDOMPkcs11.h"
+
+#define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class"
+#define NS_CRYPTO_CID \
+  {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
+
+#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class"
+#define NS_PKCS11_CID \
+  {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
+
+class nsIPSMComponent;
+class nsIDOMScriptObjectFactory;
+
+
+class nsCRMFObject : public nsIDOMCRMFObject,
+                     public nsIScriptObjectOwner {
+public:
+  nsCRMFObject();
+  virtual ~nsCRMFObject();
+  NS_DECL_IDOMCRMFOBJECT
+  NS_DECL_ISUPPORTS
+
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+  nsresult init();
+
+  nsresult SetCRMFRequest(char *inRequest);
+private:
+
+  nsString mBase64Request;
+  void *mScriptObject;
+};
+
+
+class nsCrypto: public nsIDOMCrypto,
+                public nsIScriptObjectOwner {
+public:
+  nsCrypto();
+  virtual ~nsCrypto();
+  nsresult init();
+  
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_IDOMCRYPTO
+
+  static nsresult GetScriptObjectFactory(nsIDOMScriptObjectFactory **aResult);
+  static nsIDOMScriptObjectFactory *gScriptObjectFactory;
+  static nsIPrincipal* GetScriptPrincipal(JSContext *cx);
+  static const char *kPSMComponentProgID;
+
+ private:
+
+  nsIPSMComponent *mPSM;
+  nsString         mVersionString;
+  PRBool           mVersionStringSet;
+  void            *mScriptObject;
+};
+
+class nsPkcs11 : public nsIDOMPkcs11,
+                 public nsIScriptObjectOwner {
+public:
+  nsPkcs11();
+  virtual ~nsPkcs11();
+
+  nsresult init();
+  NS_DECL_ISUPPORTS
+  NS_DECL_IDOMPKCS11
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+private:
+  nsIPSMComponent *mPSM;
+  void            *mScriptObject;
+};
+
+nsresult
+getPSMComponent(nsIPSMComponent ** retPSM);
+
+#endif //_nsCrypto_h_
+
+
+
+

mozilla/extensions/psm-glue/src/nsFSDR.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Terry Hayes <thayes@netscape.com>
+ *   Steve Morse <morse@netscape.com>
+ */
+
+#ifndef _NSFSDR_H_
+#define _NSFSDR_H_
+
+#include "nsISecretDecoderRing.h"
+
+// ===============================================
+// nsFSecretDecoderRing - "fake" implementation of nsISecretDecoderRing
+// ===============================================
+
+#define NS_FSDR_CLASSNAME "Fake Secret Decoder Ring"
+#define NS_FSDR_CID \
+  { 0x1ee28720, 0x2b93, 0x11d4, { 0xa0, 0xa4, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+
+#define NS_FSDR_PROGID "netscape.security.fsdr"
+
+class nsFSecretDecoderRing : public nsISecretDecoderRing
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSISECRETDECODERRING
+
+  nsFSecretDecoderRing();
+  virtual ~nsFSecretDecoderRing();
+
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
+
+  nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
+  nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
+};
+
+#endif /* _NSFSDR_H_ */

mozilla/extensions/psm-glue/src/nsKeygenHandler.cpp

@@ -0,0 +1,255 @@
+//For some weird reason, nsProxiedService has to be the first file 
+//included.  Don't ask me, I'm just the messenger.
+#include "nsProxiedService.h"
+#include "nsKeygenHandler.h"
+#include "nsVoidArray.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIServiceManager.h"
+#include "nsIDOMHTMLSelectElement.h"
+#include "nsIContent.h"
+#include "nsIPSMComponent.h"
+#include "nsIPSMUIHandler.h"
+#include "nsPSMUICallbacks.h"
+#include "nsCrypto.h"
+#include "cmtcmn.h"
+#include "cmtjs.h"
+
+//These defines are taken from the PKCS#11 spec
+#define CKM_RSA_PKCS_KEY_PAIR_GEN     0x00000000
+#define CKM_DH_PKCS_KEY_PAIR_GEN      0x00000020
+#define CKM_DSA_KEY_PAIR_GEN          0x00000010
+
+static NS_DEFINE_IID(kFormProcessorIID,   NS_IFORMPROCESSOR_IID); 
+static NS_DEFINE_IID(kIDOMHTMLSelectElementIID, NS_IDOMHTMLSELECTELEMENT_IID);
+
+static const char *mozKeyGen = "-mozilla-keygen";
+
+NS_IMPL_ADDREF(nsKeygenFormProcessor); 
+NS_IMPL_RELEASE(nsKeygenFormProcessor); 
+NS_IMPL_QUERY_INTERFACE(nsKeygenFormProcessor, kFormProcessorIID); 
+
+nsKeygenFormProcessor::nsKeygenFormProcessor() 
+{ 
+   NS_INIT_REFCNT(); 
+   getPSMComponent(&mPSM);
+} 
+
+char *
+nsKeygenFormProcessor::ChooseToken(PCMT_CONTROL control, 
+				   CMKeyGenTagArg *psmarg,
+				   CMKeyGenTagReq *reason)
+{
+  CMUint32 resID;
+  CMTStatus crv;
+  CMTItem url;
+  char *keyString = nsnull;
+  nsresult rv = NS_OK;
+  NameList *tokenNames;
+  int i;
+
+  // In this case, PSM provided us with a list of potential tokens to choose
+  // from, but we're gonna make it use it's UI for now, so let's delte the
+  // memory associated with the structure it sent back.
+  tokenNames = (NameList*)psmarg->current;
+  for (i=0; i < tokenNames->numitems; i++) {
+    nsCRT::free(tokenNames->names[i]);
+  }
+  nsCRT::free((char*)tokenNames);
+  resID = psmarg->rid;
+  memset(&url, 0, sizeof(CMTItem));
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  crv = CMT_GetStringAttribute(control, resID, SSM_FID_CHOOSE_TOKEN_URL, &url);
+  if (crv != CMTSuccess) {
+    goto loser;
+  }
+  if (NS_SUCCEEDED(rv)) {
+    handler->DisplayURI(400, 300, PR_TRUE, (char*)url.data);
+  } else {
+    goto loser;
+  }
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keyString)
+    nsCRT::free(keyString);
+  return nsnull;
+}
+
+char *
+nsKeygenFormProcessor::SetUserPassword(PCMT_CONTROL control, 
+				       CMKeyGenTagArg *psmarg,
+				       CMKeyGenTagReq *reason)
+{
+  nsresult rv;
+  CMTStatus crv;
+  CMTItem url;
+  char *keystring=nsnull;
+
+  // We need to delete the memory the PSM client API allocated for us since
+  // we're just gonna tell it to use it's own UI.
+  nsCRT::free((char*)psmarg->current);
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  memset (&url, 0, sizeof(CMTItem));
+  crv = CMT_GetStringAttribute(control,psmarg->rid, SSM_FID_INIT_DB_URL, &url);
+  if (crv != CMTSuccess || NS_FAILED(rv)){
+    goto loser;
+  }
+
+  handler->DisplayURI(500, 450, PR_TRUE, (char*)url.data);
+  
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keystring)
+    nsCRT::free(keystring);
+  return nsnull;
+}
+
+nsresult
+nsKeygenFormProcessor::GetPublicKey(nsString& value, nsString& challenge, 
+				    nsString& keyType,
+				    nsString& outPublicKey, nsString& pqg)
+{
+    PCMT_CONTROL control;
+    nsresult rv;
+    CMKeyGenParams *params = nsnull;
+    CMKeyGenTagArg *psmarg = nsnull;
+    CMKeyGenTagReq reason;
+    char *emptyCString = "null";
+    char *keystring = nsnull;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    params = new CMKeyGenParams;
+    if (params == nsnull) {
+      goto loser;
+    }
+    params->typeString = (keyType.IsEmpty()) ? emptyCString : 
+                                               keyType.ToNewCString();
+    params->challenge  = (challenge.IsEmpty()) ? emptyCString : 
+                                                 challenge.ToNewCString();
+    params->choiceString = value.ToNewCString();
+    params->pqgString = (pqg.IsEmpty()) ? emptyCString : pqg.ToNewCString();
+    psmarg = new CMKeyGenTagArg;
+    if (psmarg == nsnull) {
+      goto loser;
+    }
+    // ARGH, while this is going on, we need to lock the control
+    // connection so that the event loop doesn't drop our response on
+    // the floor.
+    CMT_LockConnection(control);
+    psmarg->op = CM_KEYGEN_START;
+    psmarg->rid = 0;
+    psmarg->tokenName = NULL;
+    psmarg->current = params;
+    keystring = CMT_GenKeyOldStyle(control, psmarg, &reason);
+    while (!keystring) {
+      psmarg->op = reason;
+      switch (psmarg->op) {
+      case CM_KEYGEN_PICK_TOKEN:
+	keystring = ChooseToken(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_SET_PASSWORD:
+	keystring = SetUserPassword(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_ERR:
+      default:
+	goto loser;
+      }
+    }
+    CMT_UnlockConnection(control);
+    outPublicKey.AssignWithConversion(keystring);
+    nsCRT::free(keystring);
+    return NS_OK;
+ loser:
+    return NS_ERROR_FAILURE;
+}
+
+NS_METHOD 
+nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement *aElement, 
+				    const nsString& aName, 
+				    nsString& aValue) 
+{ 
+#ifdef DEBUG_javi
+  char *name = aName.ToNewCString(); 
+  char *value = aValue.ToNewCString(); 
+  printf("ProcessValue: name %s value %s\n",  name, value); 
+  delete [] name; 
+  delete [] value; 
+#endif 
+  nsresult rv = NS_OK;
+  nsCOMPtr<nsIDOMHTMLSelectElement>selectElement;
+  nsresult res = aElement->QueryInterface(kIDOMHTMLSelectElementIID, 
+					  getter_AddRefs(selectElement));
+  if (NS_SUCCEEDED(res)) {
+    nsAutoString keygenvalue;
+    nsAutoString challengeValue;
+    nsString publicKey;
+    nsString mozillaKeygen;
+    nsString mozType;
+
+    mozType.AssignWithConversion("_moz-type");
+    mozillaKeygen.AssignWithConversion(mozKeyGen);
+    res = selectElement->GetAttribute(mozType, keygenvalue);
+
+    if (NS_CONTENT_ATTR_HAS_VALUE == res && keygenvalue.Equals(mozillaKeygen)) {
+      nsString challenge;
+      nsString keyType;
+      nsString keyTypeValue;
+      nsString pqg, pqgValue;
+
+      challenge.AssignWithConversion("challenge");
+      pqg.AssignWithConversion("pqg");
+      res = selectElement->GetAttribute(pqg, pqgValue);
+      keyType.AssignWithConversion("keytype");
+      res = selectElement->GetAttribute(keyType, keyTypeValue);
+      if (NS_FAILED(res) || keyTypeValue.IsEmpty()) {
+	// If this field is not present, we default to rsa.
+	keyTypeValue.AssignWithConversion("rsa");
+      }
+      res = selectElement->GetAttribute(challenge, challengeValue);
+      rv = GetPublicKey(aValue, challenge, keyTypeValue, 
+			publicKey, pqgValue);
+      aValue = publicKey;
+    }
+  }
+
+  return rv; 
+} 
+
+NS_METHOD nsKeygenFormProcessor::ProvideContent(const nsString& aFormType, 
+						nsVoidArray& aContent, 
+						nsString& aAttribute) 
+{ 
+  nsString selectString;
+  nsresult rv;
+  PCMT_CONTROL control;
+  PRUint32 i;
+
+  selectString.AssignWithConversion("SELECT");
+  if (aFormType.EqualsIgnoreCase(selectString)) {
+    nsString *selectString;
+    char **result;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    result = CMT_GetKeyChoiceList(control, "rsa"/*Need to figure out if DSA*/,
+				  nsnull);
+    for (i=0; result[i] != nsnull; i++) {
+	selectString = new nsString;
+	selectString->AssignWithConversion(result[i]);
+	aContent.AppendElement(selectString);
+	delete []result[i];
+    }
+    delete []result;
+    aAttribute.AssignWithConversion(mozKeyGen);
+  }
+  return NS_OK;
+ loser:
+  return NS_ERROR_FAILURE; 
+} 
+
+
+

mozilla/extensions/psm-glue/src/nsKeygenHandler.h

@@ -0,0 +1,32 @@
+#ifndef _NSKEYGENHANDLER_H_
+#define _NSKEYGENHANDLER_H_
+// Form Processor 
+#include "nsIFormProcessor.h" 
+#include "ssmdefs.h"
+#include "cmtcmn.h"
+
+class nsIPSMComponent;
+
+class nsKeygenFormProcessor : public nsIFormProcessor { 
+public: 
+  nsKeygenFormProcessor(); 
+  NS_IMETHOD ProcessValue(nsIDOMHTMLElement *aElement, 
+                          const nsString& aName, 
+                          nsString& aValue); 
+
+  NS_IMETHOD ProvideContent(const nsString& aFormType, 
+                            nsVoidArray& aContent, 
+                            nsString& aAttribute); 
+  NS_DECL_ISUPPORTS 
+protected:
+  nsresult GetPublicKey(nsString& value, nsString& challenge, 
+			nsString& keyType, nsString& outPublicKey,
+			nsString& pqg);
+  char * ChooseToken(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  char * SetUserPassword(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  nsIPSMComponent *mPSM;
+}; 
+
+#endif //_NSKEYGENHANDLER_H_

mozilla/extensions/psm-glue/src/nsPSMComponent.cpp

@@ -0,0 +1,935 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsPSMUICallbacks.h"
+#include "VerReg.h"
+
+#include "nspr.h"
+#include "nsPSMComponent.h"
+
+#include "nsCRT.h"
+
+#include "nsNetUtil.h"
+#include "nsIURI.h"
+#include "nsIChannel.h"
+#include "nsIInputStream.h"
+#include "nsIStreamListener.h"
+
+#include "nsIPref.h"
+#include "nsIProfile.h"
+#include "nsILocalFile.h"
+
+#include "nsDirectoryService.h"
+
+#include "rsrcids.h"
+
+#include "nsPSMMutex.h"
+#include "nsPSMShimLayer.h"
+#include "nsPSMUICallbacks.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIScriptSecurityManager.h"
+#include "nsICertificatePrincipal.h"
+
+#include "nsIProtocolProxyService.h"
+
+#define PSM_VERSION_REG_KEY "/Netscape/Personal Security Manager"
+
+#ifdef WIN32
+#define PSM_FILE_NAME "psm.exe"
+#elif XP_UNIX
+#define PSM_FILE_NAME "start-psm"
+#else
+#define PSM_FILE_NAME "psm"
+#endif
+
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kProfileCID, NS_PROFILE_CID);
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+static NS_DEFINE_CID(kProtocolProxyServiceCID, NS_PROTOCOLPROXYSERVICE_CID);
+
+nsPSMComponent* nsPSMComponent::mInstance = nsnull;
+
+nsPSMComponent::nsPSMComponent()
+{
+    NS_INIT_REFCNT();
+    mControl = nsnull;
+}
+
+nsPSMComponent::~nsPSMComponent()
+{
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = nsnull;
+    }
+}
+
+
+NS_IMETHODIMP      
+nsPSMComponent::CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    if (!aResult) {                                                
+        return NS_ERROR_INVALID_POINTER;                           
+    }                                                              
+    if (aOuter) {                                                  
+        *aResult = nsnull;                                         
+        return NS_ERROR_NO_AGGREGATION;                              
+    }                                                                
+    
+    if (mInstance == nsnull) 
+    {
+        mInstance = new nsPSMComponent();
+    }
+
+    if (mInstance == nsnull)
+        return NS_ERROR_OUT_OF_MEMORY;
+    
+    nsresult rv = mInstance->QueryInterface(aIID, aResult);                        
+    if (NS_FAILED(rv)) 
+    {                                             
+        *aResult = nsnull;                                           
+    }                                                                
+    return rv;                                                       
+}
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS3(nsPSMComponent, 
+                              nsIPSMComponent, 
+                              nsIContentHandler,
+                              nsISignatureVerifier);
+
+#define INIT_NUM_PREFS 100
+/* preference types */
+#define STRING_PREF 0
+#define BOOL_PREF 1
+#define INT_PREF 2
+
+
+/* resizable list struct that contains pref items */
+typedef struct CMSetPrefList {
+    int n; /* number of filled items */
+    int capacity; /* allocated memory */
+    CMTSetPrefElement* list; /* actual list */
+} CMSetPrefList;
+
+static void get_pack_bool_pref(nsIPref *prefManager, char* key, CMTSetPrefElement* list, int* n)
+{
+    PRBool boolpref;
+
+    list[*n].key = nsCRT::strdup(key);
+    list[*n].type = BOOL_PREF;
+
+    if ((prefManager->GetBoolPref(key, &boolpref) != 0) || boolpref) 
+    {
+        list[*n].value = nsCRT::strdup("true");
+    }
+    else 
+    {
+        list[*n].value = nsCRT::strdup("false");
+    }
+
+    (*n)++;    /* increment the counter after done packing */
+
+    return;
+}
+
+static void SaveAllPrefs(int number, CMTSetPrefElement* list)
+{
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+    
+    if (NS_FAILED(res)  || !prefManager)
+    {
+        return;
+    }
+
+
+    int i;
+    int intval;
+
+    for (i = 0; i < number; i++) 
+    {
+        if (list[i].key == nsnull) 
+        {
+            /* misconfigured item: next */
+            continue;
+        }
+
+        switch (list[i].type) 
+        {
+             case 0:    /* string type */
+                 prefManager->SetCharPref(list[i].key, list[i].value);
+                 break;
+             case 1:    /* boolean type */
+                 if (strcmp(list[i].value, "true") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)1);
+                 }
+                 else if (strcmp(list[i].value, "false") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)0);
+                 }
+                 break;
+             case 2:
+                 intval = atoi(list[i].value);
+                 prefManager->SetIntPref(list[i].key, intval);
+                 break;
+             default:
+                 break;
+         }
+    }
+
+    return;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::PassPrefs()
+{
+    // if we have not passed anything to psm yet, this function can just return.
+
+    if (!mControl)
+        return NS_OK;
+
+    int i;
+    nsresult rv = NS_ERROR_FAILURE;
+    char* strpref = NULL;
+    int intpref;
+    PRBool boolpref;
+    CMSetPrefList prefs = {0};
+    CMTSetPrefElement* list = NULL;
+
+    char* pickAuto = "Select Automatically";
+    char* alwaysAsk = "Ask Every Time";
+    
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+
+    if (NS_OK != res) 
+    {
+        return NS_ERROR_FAILURE;
+    }
+
+    /* allocate memory for list */
+    prefs.n = 0; /* counter */
+    prefs.capacity = INIT_NUM_PREFS;
+    prefs.list = (CMTSetPrefElement*) new char[(INIT_NUM_PREFS * sizeof(CMTSetPrefElement))];
+    
+    if (prefs.list == NULL) 
+    {
+         return rv;
+    }
+
+    /* shorthand */
+    list = prefs.list;
+
+    /* get preferences */
+    get_pack_bool_pref(prefManager, "security.enable_ssl2", (CMTSetPrefElement*)list, &(prefs.n));
+    get_pack_bool_pref(prefManager, "security.enable_ssl3", (CMTSetPrefElement*)list, &(prefs.n));
+
+    /* this pref is a boolean pref in nature but a string pref for 
+     * historical reason
+     */
+
+    list[prefs.n].key = nsCRT::strdup("security.default_personal_cert");
+    list[prefs.n].type = STRING_PREF;
+
+    if ((prefManager->CopyCharPref(list[prefs.n].key, &strpref) == 0) && (strcmp(strpref, pickAuto) == 0)) 
+    {
+         list[prefs.n].value = nsCRT::strdup(pickAuto);
+    }
+    else 
+    {
+         /* although one could choose a specific cert for client auth in
+          * Nova, that mode is deprecated with PSM and mapped to ASK
+          */
+         list[prefs.n].value = nsCRT::strdup(alwaysAsk);
+    }
+
+    prefs.n++;
+    if (strpref != NULL) 
+    {
+         nsCRT::free(strpref);
+    }
+
+    list[prefs.n].key = nsCRT::strdup("security.default_mail_cert");
+    list[prefs.n].type = STRING_PREF;
+    if (prefManager->CopyCharPref(list[prefs.n].key, &list[prefs.n].value) != 0) 
+    {
+         list[prefs.n].value = NULL;
+    }
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.ask_for_password");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 0;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.password_lifetime");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 30;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    /* OCSP preferences */
+    /* XXX since these are the new ones added by PSM, we will be more
+     *     error-tolerant in fetching them
+     */
+    if (prefManager->GetBoolPref("security.OCSP.enabled", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.enabled");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->GetBoolPref("security.OCSP.useDefaultResponder", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.useDefaultResponder");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.URL", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.URL");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.signingCA", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.signingCA");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    /* now application-specific preferences */
+    /* get navigator preferences */
+    get_pack_bool_pref(prefManager, "security.warn_entering_secure", (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_leaving_secure",  (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_viewing_mixed",   (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_submit_insecure", (CMTSetPrefElement*)list, &prefs.n);
+
+    // Add any other prefs here such as ldap or mail/news.
+     
+     CMT_SetSavePrefsCallback(mControl, (savePrefsCallback_fn)SaveAllPrefs);
+
+    if (CMT_PassAllPrefs(mControl, prefs.n, (CMTSetPrefElement*)prefs.list) !=  CMTSuccess) 
+    {
+         goto loser;
+    }
+
+    rv = NS_OK; /* success */
+loser:
+    /* clean out memory for prefs */
+    for (i = 0; i < prefs.n; i++) 
+    {
+         if (prefs.list[i].key != NULL) 
+        {
+             nsCRT::free(prefs.list[i].key);
+         }
+         
+        if (prefs.list[i].value != NULL) 
+        {
+             nsCRT::free(prefs.list[i].value);
+         }
+    }
+
+    if (prefs.list != NULL) 
+    {
+         delete(prefs.list);
+    }
+    return rv;
+}
+
+#ifdef XP_MAC
+extern "C" {
+    void RunMacPSM(void* arg);
+    PRThread* SSM_CreateAndRegisterThread(PRThreadType type, void (*start)(void *arg),
+                                          void *arg, PRThreadPriority priority,
+                                          PRThreadScope scope, PRThreadState state,
+                                          PRUint32 stackSize);
+    void SSM_KillAllThreads(void);
+}
+#endif
+            
+NS_IMETHODIMP
+nsPSMComponent::GetControlConnection( CMT_CONTROL * *_retval )
+{
+     nsresult rv;
+     *_retval = nsnull;
+    if (mControl) 
+    {
+        *_retval = mControl;
+        return NS_OK;
+    }
+    else      /* initialize mutex, sock table, etc. */
+    {
+            
+        if (nsPSMMutexInit() != PR_SUCCESS)
+            return NS_ERROR_FAILURE;
+
+#ifdef XP_MAC
+        /* FIXME:  Really need better error handling in PSM, which simply exits on error. */
+        /* use a cached monitor to rendezvous with the PSM thread. */
+        PRMonitor* monitor = PR_CEnterMonitor(this);
+        if (monitor != nsnull) {
+            /* create the Cartman thread, and let it run awhile to get things going. */
+            PRThread* cartmanThread = SSM_CreateAndRegisterThread(PR_USER_THREAD, RunMacPSM, 
+							                                      this, PR_PRIORITY_NORMAL,
+							                                      PR_LOCAL_THREAD, PR_UNJOINABLE_THREAD, 0);
+            if (cartmanThread != nsnull) {
+                /* need a good way to rendezvouz with the Cartman thread. */
+                PR_CWait(this, PR_INTERVAL_NO_TIMEOUT);
+            }
+            
+            PR_CExitMonitor(this);
+        }
+#endif
+
+        // Try to see if it is open already
+        mControl = CMT_ControlConnect(&nsPSMMutexTbl, &nsPSMShimTbl);
+        
+        // Find the one in the bin directory
+        if (mControl == nsnull)
+        {
+            nsCOMPtr<nsILocalFile> psmAppFile;
+            NS_WITH_SERVICE(nsIProperties, directoryService, NS_DIRECTORY_SERVICE_PROGID, &rv);
+            if (NS_FAILED(rv)) return rv;
+
+            directoryService->Get("system.OS_CurrentProcessDirectory", 
+                                   NS_GET_IID(nsIFile), 
+                                   getter_AddRefs(psmAppFile));
+
+        
+            psmAppFile->Append("psm");
+            psmAppFile->Append(PSM_FILE_NAME);
+        
+            PRBool isExecutable, exists;
+            psmAppFile->Exists(&exists);
+            psmAppFile->IsExecutable(&isExecutable);
+            if (exists && isExecutable)
+            {
+                nsXPIDLCString path;
+                psmAppFile->GetPath(getter_Copies(path));
+                // FIX THIS.  using a file path is totally wrong here.  
+                mControl = CMT_EstablishControlConnection((char*)(const char*)path, &nsPSMShimTbl, &nsPSMMutexTbl);
+            }
+        }
+
+        // Get the one in the version registry           
+        if (mControl == nsnull)
+        {
+            //Try to find it.
+            int err;
+            char filepath[MAXREGPATHLEN];
+
+            err = VR_GetPath(PSM_VERSION_REG_KEY, sizeof(filepath), filepath);
+            if ( err == REGERR_OK )
+            {
+                nsFileSpec psmSpec(filepath);
+                psmSpec += PSM_FILE_NAME;
+		
+                if (psmSpec.Exists())
+                {
+                    mControl = CMT_EstablishControlConnection((char *)psmSpec.GetNativePathCString(), &nsPSMShimTbl, &nsPSMMutexTbl);
+                }
+            }
+         }
+
+        
+        if (!mControl || InitPSMUICallbacks(mControl) != PR_SUCCESS)
+            goto failure;
+
+        nsFileSpec profileSpec;
+        PRUnichar*      profileName;
+        
+        NS_WITH_SERVICE(nsIProfile, profile, kProfileCID, &rv);
+        if (NS_FAILED(rv)) goto failure;
+        
+        rv = profile->GetCurrentProfileDir(&profileSpec);
+        if (NS_FAILED(rv)) goto failure;;
+        
+#ifdef XP_MAC
+        profileSpec += "Security";
+        // make sure the dir exists
+        profileSpec.CreateDirectory();
+#endif
+        
+        rv = profile->GetCurrentProfile(&profileName);
+        if (NS_FAILED(rv)) goto failure;
+          
+        CMTStatus psmStatus;
+        nsCAutoString profilenameC;
+        profilenameC.AssignWithConversion(profileName);
+
+        psmStatus = CMT_Hello( mControl, 
+                               PROTOCOL_VERSION, 
+                               profilenameC, 
+                               (char*)profileSpec.GetNativePathCString());        
+        
+        if (psmStatus == CMTFailure)
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+        
+        if (InitPSMEventLoop(mControl) != PR_SUCCESS)
+        {
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+            
+        if (NS_FAILED(PassPrefs()))
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+
+        PR_FREEIF(profileName);
+        
+        nsCOMPtr<nsIProtocolProxyService> proxySvc = do_GetService(kProtocolProxyServiceCID, &rv);
+        if (NS_FAILED(rv)) return rv;
+        proxySvc->AddNoProxyFor("127.0.0.1", mControl->port);
+        
+        *_retval = mControl;
+        return NS_OK;
+    }
+
+failure:
+#ifdef DEBUG
+    printf("*** Failure setting up Cartman! \n");
+#endif
+
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = NULL;
+    }
+
+    // TODO we need to unregister our UI callback BEFORE destroying our mutex.
+    // nsPSMMutexDestroy();
+
+    return NS_ERROR_FAILURE;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::DisplaySecurityAdvisor(const char *pickledStatus, const char *hostName)
+{
+    CMT_CONTROL *controlConnection;
+    GetControlConnection( &controlConnection );
+    if (DisplayPSMUIDialog(controlConnection, pickledStatus, hostName) == PR_SUCCESS)
+        return NS_OK;
+    return NS_ERROR_FAILURE;
+}
+
+class CertDownloader : public nsIStreamListener
+{
+    public:
+        CertDownloader() {NS_ASSERTION(0, "don't use this constructor."); }
+        CertDownloader(PRInt32 type);
+        virtual ~CertDownloader();
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSISTREAMOBSERVER
+        NS_DECL_NSISTREAMLISTENER
+    protected:
+        char* mByteData;
+        PRInt32 mBufferOffset;
+        PRInt32 mContentLength;
+        PRInt32 mType;
+};
+
+
+CertDownloader::CertDownloader(PRInt32 type)
+{
+    NS_INIT_REFCNT();
+    mByteData = nsnull;
+    mType = type;
+}
+
+CertDownloader::~CertDownloader()
+{
+    if (mByteData)
+        nsMemory::Free(mByteData);
+}
+
+NS_IMPL_ISUPPORTS(CertDownloader,NS_GET_IID(nsIStreamListener));
+
+
+NS_IMETHODIMP
+CertDownloader::OnStartRequest(nsIChannel* channel, nsISupports* context)
+{
+    channel->GetContentLength(&mContentLength);
+    if (mContentLength == -1)
+        return NS_ERROR_FAILURE;
+    
+    mBufferOffset = 0;
+    mByteData = (char*) nsMemory::Alloc(mContentLength);
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnDataAvailable(nsIChannel* channel, 
+                                nsISupports* context,
+                                nsIInputStream *aIStream, 
+                                PRUint32 aSourceOffset,
+                                PRUint32 aLength)
+{
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    PRUint32 amt;
+    nsresult err;
+
+    do 
+    {
+        err = aIStream->Read(mByteData+mBufferOffset, mContentLength-mBufferOffset, &amt);
+        if (amt == 0) break;
+        if (NS_FAILED(err))  return err;
+        
+        aLength -= amt;
+        mBufferOffset += amt;
+
+    } while (aLength > 0);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnStopRequest(nsIChannel* channel, 
+                              nsISupports* context,
+                              nsresult aStatus,
+                              const PRUnichar* aMsg)
+{
+
+    nsCOMPtr<nsIPSMComponent> psm = do_QueryInterface(context);
+
+    if (!psm) return NS_ERROR_FAILURE;
+
+    CMT_CONTROL *controlConnection;
+    psm->GetControlConnection( &controlConnection );
+    unsigned int certID;
+                    
+    certID = CMT_DecodeAndCreateTempCert(controlConnection, mByteData, mContentLength, mType);
+
+    if (certID)
+        CMT_DestroyResource(controlConnection, certID, SSM_RESTYPE_CERTIFICATE);
+
+  return NS_OK;
+}
+
+
+/* other mime types that we should handle sometime:
+
+application/x-pkcs7-crl
+application/x-pkcs7-mime
+application/pkcs7-signature
+application/pre-encrypted
+
+*/
+
+
+NS_IMETHODIMP 
+nsPSMComponent::HandleContent(const char * aContentType, 
+                              const char * aCommand, 
+                              const char * aWindowTarget, 
+                              nsISupports* aWindowContext, 
+                              nsIChannel * aChannel)
+{
+    // We were called via CI.  We better protect ourselves and addref.
+    NS_ADDREF_THIS();
+
+    nsresult rv = NS_OK;
+    if (!aChannel) return NS_ERROR_NULL_POINTER;
+    
+    CMUint32 type = -1;
+
+    if ( nsCRT::strcasecmp(aContentType, "application/x-x509-ca-cert") == 0)
+    {
+        type = 1;  //CA cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-server-cert") == 0)
+    {
+        type =  2; //Server cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-user-cert") == 0)
+    {
+        type =  3; //User cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-email-cert") == 0)
+    {
+        type =  4; //Someone else's email cert
+    }
+    
+    if (type != -1)
+    {
+        // I can't directly open the passed channel cause it fails :-(
+
+        nsCOMPtr<nsIURI> uri;
+        rv = aChannel->GetURI(getter_AddRefs(uri));
+        if (NS_FAILED(rv)) return rv;
+
+        nsCOMPtr<nsIChannel> channel;
+        rv = NS_OpenURI(getter_AddRefs(channel), uri);
+        if (NS_FAILED(rv)) return rv;
+
+        return channel->AsyncRead(new CertDownloader(type), NS_STATIC_CAST(nsIPSMComponent*,this));
+    }
+
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+//---------------------------------------------
+// Functions Implenenting NSISignatureVerifier
+//---------------------------------------------
+NS_IMETHODIMP
+nsPSMComponent::HashBegin(PRUint32 alg, PRUint32* id)
+{
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+
+  if(CMT_HashCreate(controlConnection, alg, (CMUint32*)id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  if(CMT_HASH_Begin(controlConnection, *id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+
+  return NS_OK;  
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashUpdate(PRUint32 id, const char* buf, PRUint32 buflen)
+{
+  CMT_CONTROL *controlConnection;
+
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  if (CMT_HASH_Update(controlConnection, id, 
+      (const unsigned char*)buf, buflen) != CMTSuccess)    
+    return NS_ERROR_FAILURE;
+    
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashEnd(PRUint32 id, unsigned char** hash, 
+                        PRUint32* hashLen, PRUint32 maxLen)
+{
+  if (!hash)
+    return NS_ERROR_ILLEGAL_VALUE;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+ 
+  if(CMT_HASH_End(controlConnection, id, *hash,
+                        (CMUint32*)hashLen, maxLen) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  CMT_HASH_Destroy(controlConnection, id);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::CreatePrincipalFromSignature(const char* aRSABuf, PRUint32 aRSABufLen,
+                                             nsIPrincipal** aPrincipal)
+{
+  PRInt32 errorCode;
+  return VerifySignature(aRSABuf, aRSABufLen, nsnull, 0, &errorCode, aPrincipal);
+}
+
+PR_STATIC_CALLBACK(void)
+UselessPK7DataSink(void* arg, const char* buf, CMUint32 len)
+{
+}
+
+NS_IMETHODIMP
+nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen, 
+                                const char* aPlaintext, PRUint32 aPlaintextLen,
+                                PRInt32* aErrorCode,
+                                nsIPrincipal** aPrincipal)
+{
+  if (!aPrincipal || !aErrorCode)
+    return NS_ERROR_NULL_POINTER;
+  *aErrorCode = 0;
+  *aPrincipal = nsnull;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  
+  //-- Decode the signature stream
+  CMUint32 decoderID;
+  CMInt32* blah = nsnull;
+  CMTStatus result = CMT_PKCS7DecoderStart(controlConnection, nsnull,
+                                           &decoderID, blah,
+                                           UselessPK7DataSink, nsnull);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  result = CMT_PKCS7DecoderUpdate(controlConnection, decoderID, aRSABuf, aRSABufLen);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMUint32 contentInfo;
+  result = CMT_PKCS7DecoderFinish(controlConnection, 
+                                            decoderID, &contentInfo);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  CMTItem hashItem;
+  hashItem.data = 0;
+  hashItem.len = 0;
+  //-- If a plaintext was provided, hash it.
+  if (aPlaintext)
+  {
+    CMUint32 hashId;
+    CMT_HashCreate(controlConnection, nsISignatureVerifier::SHA1, &hashId);
+    CMT_HASH_Begin(controlConnection, hashId);
+    CMTStatus result = CMT_HASH_Update(controlConnection, hashId, 
+                                       (const unsigned char*)aPlaintext, aPlaintextLen);
+    if (result != CMTSuccess) return NS_ERROR_FAILURE;
+    
+    unsigned char* hash = (unsigned char*)PR_MALLOC(nsISignatureVerifier::SHA1_LENGTH);
+    if (!hash) return NS_ERROR_OUT_OF_MEMORY;
+    CMUint32 hashLen;
+    result = CMT_HASH_End(controlConnection, hashId, hash,
+                          &hashLen, nsISignatureVerifier::SHA1_LENGTH);
+    if (result != CMTSuccess)
+    {
+      PR_FREEIF(hash);
+      return NS_ERROR_FAILURE;
+    }
+    NS_ASSERTION(hashLen == nsISignatureVerifier::SHA1_LENGTH,
+                 "PSMComponent: Hash too short.");
+    CMT_HASH_Destroy(controlConnection, hashId);
+    hashItem.data = hash;
+    hashItem.len = hashLen;
+  }
+
+  //-- Verify signature
+  // We need to call this function even if we're only creating a principal, not
+  // verifying, because PSM won't give us certificate information unless this
+  // function has been called.
+  result = CMT_PKCS7VerifyDetachedSignature(controlConnection, contentInfo,
+                                            6 /* =Object Signing Cert */,
+                                            3 /* =SHA1 algorithm (MD5=2)*/,
+                                            1,/* Save Certificate */
+                                            &hashItem, (CMInt32*)aErrorCode);
+
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  if (aPlaintext && *aErrorCode != 0) return NS_OK; // Verification failed.
+
+  CMUint32 certID;
+  result = CMT_GetRIDAttribute(controlConnection, contentInfo,
+                               SSM_FID_P7CINFO_SIGNER_CERT, &certID);
+  if ((result != CMTSuccess) || !certID) return NS_OK; // No signature present
+  
+  CMTItem fingerprint;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_FINGERPRINT, &fingerprint);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  //-- Get a principal
+  nsresult rv;
+  NS_WITH_SERVICE(nsIScriptSecurityManager, secMan,
+                  NS_SCRIPTSECURITYMANAGER_PROGID, &rv)
+    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+  rv = secMan->GetCertificatePrincipal((char*)fingerprint.data,
+                                       aPrincipal);
+  if (NS_FAILED(rv)) return rv;
+
+  //-- Get common name and store it in the principal.
+  //   Using common name + organizational unit as the user-visible certificate name
+  nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(*aPrincipal, &rv);
+  if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+
+  CMTItem common;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_COMMON_NAME, &common);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMTItem subject;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_SUBJECT_NAME, &subject);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  nsCAutoString commonName;
+  commonName = (char*)common.data;
+  static const char orgUnitTag[] = " OU=";
+  char* orgUnitPos = PL_strstr((char*)subject.data, orgUnitTag);
+  if (orgUnitPos)
+  {
+    orgUnitPos += sizeof(orgUnitTag)-1;
+    char* orgUnitEnd = PL_strchr(orgUnitPos, ',');
+    PRInt32 orgUnitLen;
+    if(orgUnitEnd)
+      orgUnitLen = orgUnitEnd - orgUnitPos;
+    else
+      orgUnitLen = PL_strlen(orgUnitPos);
+    commonName.Append(' ');
+    commonName.Append(orgUnitPos, orgUnitLen);
+  }
+  char* commonChar = commonName.ToNewCString();
+  if (!commonChar) return NS_ERROR_OUT_OF_MEMORY;
+  rv = certificate->SetCommonName(commonChar);
+  Recycle(commonChar);
+  return rv;
+}
+

mozilla/extensions/psm-glue/src/nsPSMComponent.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nscore.h"
+#include "nsIPSMComponent.h"
+#include "nsISignatureVerifier.h"
+#include "nsIStringBundle.h"
+
+#include "nsIContentHandler.h"
+
+#define SECURITY_STRING_BUNDLE_URL "chrome://communicator/locale/security.properties"
+
+#define NS_PSMCOMPONENT_CID {0xddcae170, 0x5412, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
+
+// Implementation of the PSM component interface.
+class nsPSMComponent : public nsIPSMComponent, 
+                       public nsIContentHandler, 
+                       public nsISignatureVerifier
+{
+public:
+  NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMCOMPONENT_CID );
+
+  nsPSMComponent();
+  virtual ~nsPSMComponent();
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIPSMCOMPONENT
+  NS_DECL_NSICONTENTHANDLER
+  NS_DECL_NSISIGNATUREVERIFIER
+
+  static NS_METHOD CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+
+private:
+  
+  PCMT_CONTROL mControl;
+  
+  nsCOMPtr<nsISupports> mSecureBrowserIU;
+  static nsPSMComponent* mInstance;
+}; 

mozilla/extensions/psm-glue/src/nsPSMModule.cpp

@@ -0,0 +1,178 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsIModule.h"
+#include "nsIGenericFactory.h"
+
+#include "nsPSMUICallbacks.h"
+#include "nsPSMComponent.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+
+#include "nsSSLSocketProvider.h"
+
+#include "nsSDR.h"
+#include "nsFSDR.h"
+#include "nsCrypto.h"
+#include "nsKeygenHandler.h"
+//For the NS_CRYPTO_PROGID define
+#include "nsDOMCID.h"
+
+#include "nsCURILoader.h"
+#include "nsISupportsUtils.h"
+
+// Define SDR object constructor
+static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
+static NS_DEFINE_IID(kFormProcessorCID,   NS_IFORMPROCESSOR_CID); 
+
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsCrypto, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsPkcs11, init)
+
+static nsModuleComponentInfo components[] =
+{
+    { 
+        PSM_COMPONENT_CLASSNAME,  
+        NS_PSMCOMPONENT_CID, 
+        PSM_COMPONENT_PROGID,   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-ca-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-ca-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-server-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-server-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+    { 
+        "PSM Content Handler - application/x-x509-user-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-user-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-email-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-email-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+
+    { 
+        PSM_UI_HANLDER_CLASSNAME, 
+        NS_PSMUIHANDLER_CID, 
+        PSM_UI_HANLDER_PROGID,  
+        nsPSMUIHandlerImpl::CreatePSMUIHandler
+    },
+
+    { 
+        NS_SECURE_BROWSER_UI_CLASSNAME, 
+        NS_SECURE_BROWSER_UI_CID, 
+        NS_SECURE_BROWSER_UI_PROGID, 
+        nsSecureBrowserUIImpl::Create 
+    },
+
+    { 
+        NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME, 
+        NS_SECURE_BROWSER_DOCOBSERVER_CID, 
+        NS_SECURE_BROWSER_DOCOBSERVER_PROGID, 
+        nsSecureBrowserUIImpl::Create
+    },
+
+    { 
+        NS_ISSLSOCKETPROVIDER_CLASSNAME,
+        NS_SSLSOCKETPROVIDER_CID,
+        NS_ISSLSOCKETPROVIDER_PROGID,
+        nsSSLSocketProvider::Create 
+    },
+
+    {
+        NS_SDR_CLASSNAME,
+        NS_SDR_CID,
+        NS_SDR_PROGID,
+        nsSecretDecoderRingConstructor
+    },
+
+    {
+        NS_FSDR_CLASSNAME,
+        NS_FSDR_CID,
+        NS_FSDR_PROGID,
+        nsFSecretDecoderRingConstructor
+    },
+    
+    {
+        NS_CRYPTO_CLASSNAME,
+        NS_CRYPTO_CID,
+        NS_CRYPTO_PROGID,
+        nsCryptoConstructor
+    },
+    {
+        NS_PKCS11_CLASSNAME,
+        NS_PKCS11_CID,
+        NS_PKCS11_PROGID,
+        nsPkcs11Constructor
+    }
+
+};
+
+#if 0
+NS_IMPL_NSGETMODULE("PSMComponent", components);
+#endif
+
+extern "C" NS_EXPORT nsresult NSGetModule(nsIComponentManager *servMgr,
+                                          nsIFile* location,
+                                          nsIModule** result)
+{
+  nsresult rv;
+  // Put in code to register KEYGEN form input handler.
+  rv= NS_NewGenericModule("PSMComponent",
+                          sizeof(components) / sizeof(components[0]),
+                          components, nsnull, result);
+  // Register a form processor. The form processor has the opportunity to 
+  // modify the value's passed during form submission. 
+  nsKeygenFormProcessor* testFormProcessor = new nsKeygenFormProcessor(); 
+  nsCOMPtr<nsISupports> formProcessor; 
+  rv = testFormProcessor->QueryInterface(kISupportsIID, 
+                                         getter_AddRefs(formProcessor)); 
+  if (NS_SUCCEEDED(rv) && formProcessor) { 
+    rv = nsServiceManager::RegisterService(kFormProcessorCID, formProcessor); 
+  } 
+  return rv;
+}
+
+
+
+
+

mozilla/extensions/psm-glue/src/nsPSMMutex.c

@@ -0,0 +1,72 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "prmon.h"
+#include "prtypes.h"
+
+#include "nsPSMMutex.h"
+
+static PRMonitor *_nsPSMMutexVar;
+
+PRStatus
+nsPSMMutexInit()
+{
+  if (!_nsPSMMutexVar)
+      _nsPSMMutexVar = PR_NewMonitor();
+
+  return _nsPSMMutexVar ? PR_SUCCESS : PR_FAILURE;
+}
+
+PRStatus
+nsPSMMutexDestroy()
+{
+    if (!_nsPSMMutexVar)
+        return PR_FAILURE;
+    
+    PR_Wait(_nsPSMMutexVar, PR_INTERVAL_NO_TIMEOUT);
+
+    PR_DestroyMonitor(_nsPSMMutexVar);
+    return PR_SUCCESS;
+}
+
+static void
+nsPSMMutexLock(CMTMutexPointer *p)
+{
+  PR_EnterMonitor(*(PRMonitor **)p);
+  return;
+}
+
+static void
+nsPSMMutexUnlock(CMTMutexPointer *p)
+{
+  PR_ExitMonitor(*(PRMonitor **)p);
+  return;
+}
+
+CMT_MUTEX nsPSMMutexTbl = 
+{
+  &_nsPSMMutexVar,
+  (CMTMutexFunction)nsPSMMutexLock,
+  (CMTMutexFunction)nsPSMMutexUnlock
+};

mozilla/extensions/psm-glue/src/nsPSMMutex.h

@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMMUTEX_H
+#define _NSPSMMUTEX_H
+
+#include "cmtcmn.h"
+
+PR_BEGIN_EXTERN_C
+
+PR_EXTERN(CMT_MUTEX) nsPSMMutexTbl;
+
+PR_EXTERN(PRStatus) nsPSMMutexInit(void);
+PR_EXTERN(PRStatus) nsPSMMutexDestroy(void);
+
+PR_END_EXTERN_C
+
+#endif

mozilla/extensions/psm-glue/src/nsPSMShimLayer.c

@@ -0,0 +1,293 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nspr.h"
+#include "nsPSMShimLayer.h"
+
+#ifdef XP_UNIX
+#include <sys/stat.h>
+#include <unistd.h>
+#include "private/pprio.h"  /* for PR_Socket */
+#endif
+
+#define PSM_TIMEOUT_IN_SEC 300
+
+#define NSPSMSHIMMAXFD 50
+
+
+static PRIntervalTime gTimeout  = PR_INTERVAL_NO_TIMEOUT;
+
+CMT_SocketFuncs nsPSMShimTbl =
+{
+    nsPSMShimGetSocket,
+    nsPSMShimConnect,
+    nsPSMShimVerifyUnixSocket,
+    nsPSMShimSend,
+    nsPSMShimSelect,
+    nsPSMShimReceive,
+    nsPSMShimShutdown,
+    nsPSMShimClose
+};
+
+
+CMTSocket
+nsPSMShimGetSocket(int unixSock)
+{
+    PRStatus   rv;
+    PRFileDesc *fd;
+    CMSocket   *sock;
+    PRSocketOptionData sockopt;
+
+    /*
+    if (PR_INTERVAL_NO_WAIT == gTimeout) 
+    {
+        gTimeout  = PR_SecondsToInterval(PSM_TIMEOUT_IN_SEC);
+    }
+    */
+
+    if (unixSock)
+    {
+#ifndef XP_UNIX        
+        return NULL;
+#else
+        fd = PR_Socket(PR_AF_LOCAL, PR_SOCK_STREAM, 0);
+        PR_ASSERT(fd);
+#endif
+    }
+    else
+    {
+        fd = PR_NewTCPSocket();
+        PR_ASSERT(fd);
+
+        /* disable Nagle algorithm delay for control sockets */
+        sockopt.option = PR_SockOpt_NoDelay;
+        sockopt.value.no_delay = PR_TRUE;   
+        rv = PR_SetSocketOption(fd, &sockopt);
+        PR_ASSERT(PR_SUCCESS == rv);
+    }
+
+    sock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+
+    if (sock == NULL)
+      return sock;
+    
+    sock->fd     = fd;
+    sock->isUnix = unixSock;
+
+    memset(&sock->netAddr, 0, sizeof(PRNetAddr));
+    
+    return (CMTSocket)sock;
+}
+
+CMTStatus
+nsPSMShimConnect(CMTSocket sock, short port, char *path)
+{
+    CMTStatus   rv = CMTSuccess;
+    PRStatus    err;
+    PRErrorCode errcode;
+    PRSocketOptionData   sockopt;
+    PRBool      nonBlocking;
+    CMSocket    *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    if (cmSock->isUnix)
+    {
+#ifndef XP_UNIX
+        return CMTFailure;
+#else
+        int pathLen;
+        if (!path)
+        {
+            return CMTFailure;
+        }
+
+        /* check buffer overrun */
+        pathLen = strlen(path)+1;
+        
+        pathLen = pathLen < sizeof(cmSock->netAddr.local.path)
+                ? pathLen : sizeof(cmSock->netAddr.local.path);
+  
+        memcpy(&cmSock->netAddr.local.path, path, pathLen);
+        cmSock->netAddr.local.family = PR_AF_LOCAL;
+#endif
+    }
+    else  /* cmSock->isUnix */
+    {
+        cmSock->netAddr.inet.family = PR_AF_INET;
+        cmSock->netAddr.inet.port   = PR_htons(port);
+        cmSock->netAddr.inet.ip     = PR_htonl(PR_INADDR_LOOPBACK);
+    }
+
+    /* Save non-blocking status */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    err = PR_GetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    nonBlocking = sockopt.value.non_blocking;
+
+    /* make connect blocking for now */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    sockopt.value.non_blocking = PR_FALSE;   
+    err = PR_SetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    err = PR_Connect( cmSock->fd, &cmSock->netAddr, PR_INTERVAL_MAX );
+    
+    if (err == PR_FAILURE)    
+    {
+        errcode = PR_GetError();
+        
+        if (PR_IS_CONNECTED_ERROR != errcode)
+            rv = CMTFailure;
+    }    
+    
+    /* restore nonblock status */
+    if (nonBlocking) {
+      sockopt.option = PR_SockOpt_Nonblocking;
+      sockopt.value.non_blocking = nonBlocking;  
+      err = PR_SetSocketOption(cmSock->fd, &sockopt);
+      PR_ASSERT(PR_SUCCESS == err);
+    }
+
+    return rv;
+}
+
+CMTStatus
+nsPSMShimVerifyUnixSocket(CMTSocket sock)
+{
+#ifndef XP_UNIX
+    return CMTFailure;
+#else
+
+    int  rv;
+    CMSocket  *cmSock;
+    struct stat statbuf;
+
+    cmSock = (CMSocket *)sock;
+        
+    if (!cmSock || !cmSock->isUnix) 
+        return CMTFailure;
+ 
+    rv = stat(cmSock->netAddr.local.path, &statbuf);
+    if (rv < 0 || statbuf.st_uid != geteuid() )
+    {
+        PR_Close(cmSock->fd);
+        cmSock->fd = NULL;
+        PR_Free(cmSock);
+        return CMTFailure;
+    }
+    return CMTSuccess;   
+#endif
+}
+
+size_t
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+
+    if (!sock) return CMTFailure;
+    
+   return PR_Send(cmSock->fd, buffer, length, 0, gTimeout);
+}
+
+size_t
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    return PR_Recv(cmSock->fd, buffer, bufSize, 0, gTimeout);
+}
+
+
+CMTSocket
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll)
+{
+    CMSocket       **sockArr = (CMSocket **)socks;
+    PRPollDesc       readPDs[NSPSMSHIMMAXFD];
+    PRIntervalTime   timeout;
+    PRInt32          cnt;
+    int              i;
+
+    if (!socks) return NULL;
+
+    memset(readPDs, 0, sizeof(readPDs));
+
+    PR_ASSERT(NSPSMSHIMMAXFD >= numsocks);
+
+    for (i=0; i<numsocks; i++)
+    {
+        readPDs[i].fd       = sockArr[i]->fd;
+        readPDs[i].in_flags = PR_POLL_READ;
+    }
+
+    timeout = poll ? PR_INTERVAL_NO_WAIT : PR_INTERVAL_NO_TIMEOUT;
+
+    cnt = PR_Poll(readPDs, numsocks, timeout);
+
+    /* Figure out which socket was selected */
+    if (cnt > 0)
+    {
+        for (i=0; i<numsocks; i++)
+        {
+            if (readPDs[i].out_flags & PR_POLL_READ)
+            {
+            return (CMTSocket)sockArr[i];
+            }
+        }
+    }
+    return NULL;
+}
+
+
+CMTStatus
+nsPSMShimShutdown(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv;
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Shutdown(cmSock->fd, PR_SHUTDOWN_SEND);
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}
+
+CMTStatus
+nsPSMShimClose(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv      = PR_SUCCESS;
+    PR_ASSERT(cmSock);
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Close(cmSock->fd);
+    cmSock->fd = NULL;
+
+    PR_Free(cmSock);
+
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}

mozilla/extensions/psm-glue/src/nsPSMShimLayer.h

@@ -0,0 +1,67 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMSHIMLAYER_H_
+#define _NSPSMSHIMLAYER_H_
+
+#include "cmtcmn.h"
+#include "prio.h"
+
+PR_BEGIN_EXTERN_C
+
+typedef struct CMSocket {
+    PRFileDesc *fd;
+    PRBool      isUnix;
+    PRNetAddr   netAddr;
+} CMSocket; 
+
+PR_EXTERN(CMT_SocketFuncs) nsPSMShimTbl;
+
+PR_EXTERN(CMTSocket)
+nsPSMShimGetSocket(int unixSock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimConnect(CMTSocket sock, short port, char *path);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimVerifyUnixSocket(CMTSocket sock);
+
+PR_EXTERN(size_t)
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length);
+
+PR_EXTERN(CMTSocket)
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll);
+
+PR_EXTERN(size_t)
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimShutdown(CMTSocket sock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimClose(CMTSocket sock);
+
+PR_END_EXTERN_C
+
+#endif /* _NSPSMSHIMLAYER_H_ */

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.cpp

@@ -0,0 +1,348 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsIEventQueueService.h"
+#include "nsPSMUICallbacks.h"
+#include "nsINetSupportDialogService.h"
+#include "nsIFilePicker.h"
+
+#include "nsAppShellCIDs.h"
+#include "prprf.h"
+#include "prmem.h"
+
+#include "nsSSLIOLayer.h" // for SSMSTRING_PADDED_LENGTH
+#include "ssmdefs.h"
+#include "rsrcids.h"
+
+// Interfaces Needed
+#include "nsIAppShellService.h"
+#include "nsIDocShell.h"
+#include "nsIDOMWindow.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIPrompt.h"
+#include "nsIScriptGlobalObject.h"
+#include "nsIURL.h"
+#include "nsIXULWindow.h"
+
+static NS_DEFINE_IID(kAppShellServiceCID, NS_APPSHELL_SERVICE_CID);
+static NS_DEFINE_CID(kNetSupportDialogCID, NS_NETSUPPORTDIALOG_CID);
+
+
+// Happy callbacks
+static char * PromptUserCallback(void *arg, char *prompt, int isPasswd);
+static char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist);
+static void   ApplicationFreeCallback(char *userInput);
+
+static void * CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, 
+								CMBool isModal, char* urlStr, void *data);
+
+extern "C" void CARTMAN_UIEventLoop(void *data);
+
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMUIHandlerImpl, nsIPSMUIHandler)
+
+NS_METHOD
+nsPSMUIHandlerImpl::DisplayURI(PRInt32 width, PRInt32 height, PRBool modal, const char *urlStr)
+{
+    nsresult rv;
+    nsCOMPtr<nsIDOMWindow> hiddenWindow;
+    JSContext *jsContext;
+
+    NS_WITH_SERVICE(nsIAppShellService, appShell, kAppShellServiceCID, &rv);
+	if (NS_SUCCEEDED(rv))
+	{
+		rv = appShell->GetHiddenWindowAndJSContext( getter_AddRefs( hiddenWindow ),
+                                                    &jsContext );
+
+	     if ( NS_SUCCEEDED( rv ) ) 
+         {
+            // Set up arguments for "window.open"
+            void *stackPtr;
+            char params[36];
+
+            if (modal)  // if you change this, remember to change the buffer size above.
+                strcpy(params, "menubar=no,height=%d,width=%d,modal");
+            else
+                strcpy(params, "menubar=no,height=%d,width=%d");
+
+            char buffer[256];
+            PR_snprintf(buffer,
+                        sizeof(buffer),
+                        params,
+                        height,
+                        width );
+
+            jsval	*argv = JS_PushArguments(jsContext, &stackPtr, "sss", urlStr, "_blank", buffer);
+            if (argv)
+            {
+	            // open the window
+	            nsIDOMWindow	*newWindow;
+	            hiddenWindow->Open(jsContext, argv, 3, &newWindow);
+                newWindow->ResizeTo(width, height);
+	            JS_PopArguments(jsContext, stackPtr);
+            }
+        }
+    }
+    return rv;
+}
+
+NS_IMETHODIMP
+nsPSMUIHandlerImpl::PromptForFile(const PRUnichar *prompt, const char *fileRegEx, PRBool shouldFileExist, char **outFile)
+{
+    NS_ENSURE_ARG_POINTER(outFile);
+    nsCOMPtr<nsIFilePicker> fp = do_CreateInstance("component://mozilla/filepicker");
+    
+    if (!fp)
+        return NS_ERROR_NULL_POINTER;
+
+
+    fp->Init(nsnull, prompt, nsIFilePicker::modeOpen);
+    fp->AppendFilter(NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode(), NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode());  
+    fp->AppendFilters(nsIFilePicker::filterAll);
+    PRInt16 mode;
+    nsresult rv = fp->Show(&mode);
+
+    if (NS_FAILED(rv) || (mode == nsIFilePicker::returnCancel))
+         return rv;
+
+    nsCOMPtr<nsILocalFile> file;
+    rv = fp->GetFile(getter_AddRefs(file));
+
+    if (file)
+      file->GetPath(outFile);
+
+    return rv;
+}
+
+NS_METHOD      
+nsPSMUIHandlerImpl::CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    nsresult rv = NS_OK; 
+    if ( aResult ) 
+    { 
+        /* Allocate new find component object. */
+        nsPSMUIHandlerImpl *component = new nsPSMUIHandlerImpl(); 
+        if ( component ) 
+        { 
+            /* Allocated OK, do query interface to get proper */
+            /* pointer and increment refcount.                */
+            rv = component->QueryInterface( aIID, aResult ); 
+            if ( NS_FAILED( rv ) ) 
+            { 
+                /* refcount still at zero, delete it here. */
+                delete component; 
+            } 
+        } 
+        else 
+        { 
+            rv = NS_ERROR_OUT_OF_MEMORY; 
+        } 
+    } 
+    else 
+    { 
+        rv = NS_ERROR_NULL_POINTER; 
+    } 
+    return rv; 
+} 
+
+
+
+extern "C" void CARTMAN_UIEventLoop(void *data)
+{
+   CMT_EventLoop((PCMT_CONTROL)data);
+}
+
+PRStatus InitPSMEventLoop(PCMT_CONTROL control)
+{
+    PR_CreateThread(PR_USER_THREAD,
+                    CARTMAN_UIEventLoop,
+                    control, 
+                    PR_PRIORITY_NORMAL, 
+                    PR_GLOBAL_THREAD, 
+                    PR_UNJOINABLE_THREAD,
+                    0);  
+
+    return PR_SUCCESS;
+}
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL control)
+{
+    if (!control)
+        return PR_FAILURE;  
+    
+    CMT_SetPromptCallback(control, (promptCallback_fn)PromptUserCallback, nsnull);
+    CMT_SetAppFreeCallback(control, (applicationFreeCallback_fn) ApplicationFreeCallback);
+    CMT_SetFilePathPromptCallback(control, (filePathPromptCallback_fn) FilePathPromptCallback, nsnull);
+
+    if (CMT_SetUIHandlerCallback(control, (uiHandlerCallback_fn) CartmanUIHandler, NULL) != CMTSuccess) 
+            return PR_FAILURE;
+
+    return PR_SUCCESS;
+}
+
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char *pickledStatus, const char *hostName)
+{
+    CMUint32 advRID = 0;
+    CMInt32 width = 0;
+    CMInt32 height = 0;
+    CMTItem urlItem = {0, NULL, 0};
+    CMTStatus rv = CMTSuccess;
+    CMTItem advisorContext = {0, NULL, 0};
+    void * pwin;
+
+    CMTSecurityAdvisorData data;
+    memset(&data, '\0', sizeof(CMTSecurityAdvisorData));
+    
+    if (hostName)
+    {
+        // if there is a hostName, than this request is about
+        // a webpage.  
+        data.hostname    = (char*) hostName;
+        data.infoContext = SSM_BROWSER;
+    
+        if (pickledStatus)
+        {
+            CMTItem pickledResource = {0, NULL, 0};
+            CMUint32 socketStatus = 0;
+    
+            pickledResource.len = *(int*)(pickledStatus);
+            pickledResource.data = (unsigned char*) PR_Malloc(SSMSTRING_PADDED_LENGTH(pickledResource.len));
+        
+            if (! pickledResource.data) return PR_FAILURE;
+
+            memcpy(pickledResource.data, pickledStatus+sizeof(int), pickledResource.len);
+        
+            /* Unpickle the SSL Socket Status */
+            if (CMT_UnpickleResource( control, 
+                                      SSM_RESTYPE_SSL_SOCKET_STATUS,
+                                      pickledResource, 
+                                      &socketStatus) == CMTSuccess)
+            {
+                data.infoContext = SSM_BROWSER;    
+                data.resID = socketStatus;
+            }
+
+            PR_FREEIF(pickledResource.data);
+        }
+    }
+
+    /* Create a Security Advisor context object. */
+    rv = CMT_SecurityAdvisor(control, &data, &advRID);
+
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Get the URL, width, height, etc. from the advisor context. */
+    rv = CMT_GetStringAttribute(control, 
+                                advRID, 
+                                SSM_FID_SECADVISOR_URL,
+                                &urlItem);
+
+    if ((rv != CMTSuccess) || (!urlItem.data))
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_WIDTH,
+                                 &width);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_HEIGHT,
+                                 &height);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Fire the URL up in a window of its own. */
+    pwin = CartmanUIHandler(advRID, nsnull, width, height, CM_FALSE, (char*)urlItem.data, NULL);
+    
+    //allocated by cmt, we can free with free:
+    free(urlItem.data);
+    
+    return PR_SUCCESS;
+}
+
+
+
+void* CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, CMBool isModal, char* urlStr, void *data)
+{
+    nsresult rv = NS_OK;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->DisplayURI(width, height, isModal, urlStr);
+
+    return nsnull;
+}
+
+    
+    
+char * PromptUserCallback(void *arg, char *prompt, int isPasswd)
+{
+
+    nsresult rv = NS_OK;
+    PRUnichar *password;
+    PRBool  value;
+
+    NS_WITH_PROXIED_SERVICE(nsIPrompt, dialog, kNetSupportDialogCID, NS_UI_THREAD_EVENTQ, &rv);
+    
+    if (NS_SUCCEEDED(rv)) {
+	    rv = dialog->PromptPassword(nsnull, NS_ConvertASCIItoUCS2(prompt).GetUnicode(),
+                                  NS_ConvertASCIItoUCS2(" ").GetUnicode(),      // hostname
+                                  PR_TRUE, &password, &value);
+
+        if (NS_SUCCEEDED(rv) && value) {
+            nsString a(password);
+            char* str = a.ToNewCString();
+            Recycle(password);
+            return str;
+        }
+    }
+
+    return nsnull;
+}
+
+void ApplicationFreeCallback(char *userInput)
+{
+    nsMemory::Free(userInput);
+}
+
+char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist)
+{
+    nsresult rv = NS_OK;
+    
+    char* filePath = nsnull;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->PromptForFile(NS_ConvertASCIItoUCS2(prompt).GetUnicode(), fileRegEx, (PRBool)shouldFileExist, &filePath);
+
+    return filePath;
+}

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.h

@@ -0,0 +1,56 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMUICALLBACKS_H
+#define _NSPSMUICALLBACKS_H
+
+#include "prtypes.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMUIHandler.h"
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL gControl);
+PRStatus InitPSMEventLoop(PCMT_CONTROL gControl);
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char* pickledStatus, const char *hostName);
+
+
+#define NS_PSMUIHANDLER_CID {0x15944e30, 0x601e, 0x11d3, {0x8c, 0x4a, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74}}
+
+class nsPSMUIHandlerImpl : public nsIPSMUIHandler 
+{
+    public:
+
+        NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMUIHANDLER_CID );
+    
+        /* ctor/dtor */
+        nsPSMUIHandlerImpl() { NS_INIT_REFCNT(); }
+        virtual ~nsPSMUIHandlerImpl() { }
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSIPSMUIHANDLER
+
+        static NS_METHOD CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+};
+
+#endif

mozilla/extensions/psm-glue/src/nsSDR.cpp

@@ -0,0 +1,320 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s): 
+ *  thayes@netscape.com
+ */
+
+#include "stdlib.h"
+#include "plstr.h"
+#include "nsMemory.h"
+#include "nsIServiceManager.h"
+
+#include "plbase64.h"
+
+#include "nsISecretDecoderRing.h"
+
+#include "cmtcmn.h"
+#include "nsIPSMComponent.h"
+
+#include "nsSDR.h"
+
+NS_IMPL_ISUPPORTS1(nsSecretDecoderRing, nsISecretDecoderRing)
+
+nsSecretDecoderRing::nsSecretDecoderRing()
+{
+  NS_INIT_ISUPPORTS();
+
+  mPSM = NULL;
+}
+
+nsSecretDecoderRing::~nsSecretDecoderRing()
+{
+  if (mPSM) mPSM->Release();
+}
+
+/* Init the new instance */
+nsresult nsSecretDecoderRing::
+init()
+{
+  nsresult rv;
+  nsISupports *psm;
+
+  rv = nsServiceManager::GetService(kPSMComponentProgID, NS_GET_IID(nsIPSMComponent),
+                                    &psm);
+  if (rv != NS_OK) goto loser;  /* Should promote error */
+
+  mPSM = (nsIPSMComponent *)psm;
+
+loser:
+  return rv;
+}
+
+/* [noscript] long encrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Encrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    CMT_CONTROL *control;
+    CMTStatus status;
+    CMUint32 cLen;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connect to use for the request */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+   
+    status = CMT_SDREncrypt(control, (void *)0, (const unsigned char *)0, 0, 
+               data, dataLen, result, &cLen);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* XXX */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = cLen;
+
+loser:
+    return rv;
+}
+
+/* [noscript] long decrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Decrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+    CMUint32 len;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_SDRDecrypt(control, (void *)0, data, dataLen, result, &len);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = len;
+
+loser:
+    return rv;
+}
+
+/* string encryptString (in string text); */
+NS_IMETHODIMP nsSecretDecoderRing::
+EncryptString(const char *text, char **_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *encrypted = 0;
+    PRInt32 eLen;
+
+    if (text == nsnull || _retval == nsnull) {
+        rv = NS_ERROR_INVALID_POINTER;
+        goto loser;
+    }
+
+    rv = Encrypt((unsigned char *)text, PL_strlen(text), &encrypted, &eLen);
+    if (rv != NS_OK) { goto loser; }
+
+    rv = encode(encrypted, eLen, _retval);
+
+loser:
+    if (encrypted) nsMemory::Free(encrypted);
+
+    return rv;
+}
+
+/* string decryptString (in string crypt); */
+NS_IMETHODIMP nsSecretDecoderRing::
+DecryptString(const char *crypt, char **_retval)
+{
+    nsresult rv = NS_OK;
+    char *r = 0;
+    unsigned char *decoded = 0;
+    PRInt32 decodedLen;
+    unsigned char *decrypted = 0;
+    PRInt32 decryptedLen;
+
+    if (crypt == nsnull || _retval == nsnull) {
+      rv = NS_ERROR_INVALID_POINTER;
+      goto loser;
+    }
+
+    rv = decode(crypt, &decoded, &decodedLen);
+    if (rv != NS_OK) goto loser;
+
+    rv = Decrypt(decoded, decodedLen, &decrypted, &decryptedLen);
+    if (rv != NS_OK) goto loser;
+
+    // Convert to NUL-terminated string
+    r = (char *)nsMemory::Alloc(decryptedLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, decrypted, decryptedLen);
+    r[decryptedLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+    if (decrypted) nsMemory::Free(decrypted);
+    if (decoded) nsMemory::Free(decoded);
+ 
+    return rv;
+}
+
+/* void changePassword(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+ChangePassword()
+{
+  nsresult rv = NS_OK;
+  CMTStatus status;
+  CMT_CONTROL *control;
+
+  rv = mPSM->GetControlConnection(&control);
+  if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+
+  status = CMT_SDRChangePassword(control, (void*)0);
+
+loser:
+  return rv;
+}
+
+/* void logout(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Logout()
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_LogoutAllTokens(control);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+loser:
+    return rv;
+}
+
+
+// Support routines
+
+nsresult nsSecretDecoderRing::
+encode(const unsigned char *data, PRInt32 dataLen, char **_retval)
+{
+    nsresult rv = NS_OK;
+
+    *_retval = PL_Base64Encode((const char *)data, dataLen, NULL);
+    if (!*_retval) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    char *r = 0;
+
+    // Allocate space for encoded string (with NUL)
+    r = (char *)nsMemory::Alloc(dataLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, dataLen);
+    r[dataLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+nsresult nsSecretDecoderRing::
+decode(const char *data, unsigned char **result, PRInt32 * _retval)
+{
+    nsresult rv = NS_OK;
+    PRUint32 len = PL_strlen(data);
+    int adjust = 0;
+
+    /* Compute length adjustment */
+    if (data[len-1] == '=') {
+      adjust++;
+      if (data[len-2] == '=') adjust++;
+    }
+
+    *result = (unsigned char *)PL_Base64Decode(data, len, NULL);
+    if (!*result) { rv = NS_ERROR_ILLEGAL_VALUE; goto loser; }
+
+    *_retval = (len*3)/4 - adjust;
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    PRInt32 rLen;
+
+    // Allocate space for decoded string (missing NUL)
+    rLen = PL_strlen(data);
+    r = (unsigned char *)nsMemory::Alloc(rLen);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, rLen);
+
+    *result = r;
+    r = 0;
+    *_retval = rLen;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+const char * nsSecretDecoderRing::kPSMComponentProgID = PSM_COMPONENT_PROGID;

mozilla/extensions/psm-glue/src/nsSDR.h

@@ -0,0 +1,58 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Terry Hayes <thayes@netscape.com>
+ */
+
+#ifndef _NSSDR_H_
+#define _NSSDR_H_
+
+#include "nsISecretDecoderRing.h"
+
+// ===============================================
+// nsSecretDecoderRing - implementation of nsISecretDecoderRing
+// ===============================================
+
+#define NS_SDR_CLASSNAME "Secret Decoder Ring"
+#define NS_SDR_CID \
+  { 0xd9a0341, 0xce7, 0x11d4, { 0x9f, 0xdd, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+#define NS_SDR_PROGID "netscape.security.sdr"
+
+class nsSecretDecoderRing : public nsISecretDecoderRing
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSISECRETDECODERRING
+
+  nsSecretDecoderRing();
+  virtual ~nsSecretDecoderRing();
+
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
+
+  nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
+  nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
+};
+
+#endif /* _NSSDR_H_ */

mozilla/extensions/psm-glue/src/nsSSLIOLayer.cpp

@@ -0,0 +1,550 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nspr.h"
+#include "nsString.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMComponent.h"
+#include "nsIPSMSocketInfo.h"
+#include "nsIServiceManager.h"
+#include "nsPSMShimLayer.h"
+#include "nsSSLIOLayer.h"
+
+static PRDescIdentity  nsSSLIOLayerIdentity;
+static PRIOMethods     nsSSLIOLayerMethods;
+static nsIPSMComponent* gPSMService = nsnull;
+
+
+
+class nsPSMSocketInfo : public nsIPSMSocketInfo
+{
+public:
+    nsPSMSocketInfo();
+    virtual ~nsPSMSocketInfo();
+
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSIPSMSOCKETINFO
+
+    // internal functions to psm-glue.
+    nsresult SetSocketPtr(CMSocket *socketPtr);
+    nsresult SetControlPtr(CMT_CONTROL *aControlPtr);
+    nsresult SetFileDescPtr(PRFileDesc *aControlPtr);
+    nsresult SetHostName(char *aHostName);
+    nsresult SetProxyName(char *aName);
+
+    nsresult SetHostPort(PRInt32 aPort);
+    nsresult SetProxyPort(PRInt32 aPort);
+    nsresult SetPickledStatus();
+
+protected:
+    CMT_CONTROL* mControl;
+    CMSocket*    mSocket;
+    PRFileDesc*  mFd;
+    
+    nsString     mHostName;
+    PRInt32      mHostPort;
+    
+    nsString     mProxyName;
+    PRInt32      mProxyPort;
+    
+    unsigned char* mPickledStatus;
+};
+
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerConnect(PRFileDesc *fd, const PRNetAddr *addr, PRIntervalTime timeout)
+{
+    nsresult                result;
+    PRStatus                rv = PR_SUCCESS;
+    CMTStatus               status = CMTFailure;
+    
+    /* Set the error in case of failure. */
+
+    PR_SetError(PR_UNKNOWN_ERROR, status);
+
+    if (!fd || !addr || !fd->secret || !gPSMService)
+        return PR_FAILURE;
+    
+    char ipBuffer[PR_NETDB_BUF_SIZE];
+    rv = PR_NetAddrToString(addr, (char*)&ipBuffer, PR_NETDB_BUF_SIZE);
+    if (rv != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    if (addr->raw.family == PR_AF_INET6 && PR_IsNetAddrType(addr, PR_IpAddrV4Mapped)) 
+    {
+      /* Chop off the leading "::ffff:" */
+      strcpy(ipBuffer, ipBuffer + 7);
+    }
+
+    
+    CMT_CONTROL *control;
+    result = gPSMService->GetControlConnection(&control);
+    if (result != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    CMSocket* cmsock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+    if (!cmsock)
+        return PR_FAILURE;
+    
+    memset(cmsock, 0, sizeof(CMSocket));
+    
+    cmsock->fd        = fd->lower;
+    cmsock->isUnix    = PR_FALSE;
+   
+    nsPSMSocketInfo *infoObject = (nsPSMSocketInfo *)fd->secret;
+    
+    infoObject->SetControlPtr(control);
+    infoObject->SetSocketPtr(cmsock);
+    
+    char* proxyName;
+    char* hostName;
+    infoObject->GetProxyName(&proxyName);
+    infoObject->GetHostName(&hostName);
+    
+    if (!proxyName)
+    {
+        // Direct connection
+        status = CMT_OpenSSLConnection(control,
+                                       cmsock,
+                                       SSM_REQUEST_SSL_DATA_SSL,
+                                       PR_ntohs(addr->inet.port),
+                                       ipBuffer,
+                                       (hostName ? hostName : ipBuffer),
+                                       CM_FALSE, 
+                                       nsnull);
+    
+    }
+    else
+    {
+        // not supported yet.
+
+        return PR_FAILURE;
+#if 0
+        PRInt32 destPort;
+        
+        infoObject->GetProxyPort(&destPort);
+
+        status = CMT_OpenSSLProxyConnection(control,
+                                            cmsock,
+                                            destPort, 
+                                            proxyName,  // wants IP
+                                            hostName);
+#endif
+    }
+
+    if (hostName)  Recycle(hostName);
+    if (proxyName) Recycle(proxyName);
+        
+    if (CMTSuccess == status)
+    {
+        // since our stuff can block, what we want to do is return PR_FAILURE,
+        // but set the nspr ERROR to BLOCK.  This will put us into a select
+        // q.
+        PR_SetError(PR_WOULD_BLOCK_ERROR, status);
+        return PR_FAILURE;
+    }
+
+    return PR_FAILURE;
+}
+
+  /* CMT_DestroyDataConnection(ctrl, sock); */
+  /*   need to strip our layer, pass result to DestroyDataConnection */
+  /*   which will clean up the CMT accounting of sock, then call our */
+  /*   shim layer to translate back to NSPR */
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerClose(PRFileDesc *fd)
+{
+  nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+  PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+   
+  if (infoObject && id == nsSSLIOLayerIdentity)
+  {
+    CMInt32 errorCode = PR_FAILURE;
+    CMT_CONTROL* control;
+    CMSocket*    socket;
+    
+    PR_Shutdown(fd, PR_SHUTDOWN_BOTH);
+
+    infoObject->GetControlPtr(&control);
+    infoObject->GetSocketPtr(&socket);
+    infoObject->SetPickledStatus();
+
+    CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+    CMT_DestroyDataConnection(control, socket);
+    NS_RELEASE(infoObject);  // if someone is interested in us, the better have an addref.
+    fd->identity = PR_INVALID_IO_LAYER;
+    
+    return (PRStatus)errorCode;
+  }
+
+  return PR_FAILURE;
+}
+ 
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerRead( PRFileDesc *fd, void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Recv(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+    
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+    
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+
+			if (errorCode == PR_IO_TIMEOUT_ERROR)
+			{
+				PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+				return PR_FAILURE;
+			}
+
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+
+    return result;
+}
+
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerWrite( PRFileDesc *fd, const void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Send(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+    return result;
+}
+
+
+
+nsPSMSocketInfo::nsPSMSocketInfo()
+{ 
+    NS_INIT_REFCNT(); 
+    mControl = nsnull; 
+    mSocket = nsnull;
+    mPickledStatus = nsnull;
+}
+
+nsPSMSocketInfo::~nsPSMSocketInfo()
+{
+    PR_FREEIF(mPickledStatus);    
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMSocketInfo, nsIPSMSocketInfo);
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetControlPtr(CMT_CONTROL * *aControlPtr)
+{
+    *aControlPtr = mControl;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetControlPtr(CMT_CONTROL *aControlPtr)
+{
+    mControl = aControlPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetSocketPtr(CMSocket * *socketPtr)
+{
+    *socketPtr = mSocket;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetSocketPtr(CMSocket *socketPtr)
+{
+    mSocket = socketPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetFileDescPtr(PRFileDesc * *aFilePtr)
+{
+    *aFilePtr = mFd;
+    return NS_OK;
+}
+
+
+nsresult
+nsPSMSocketInfo::SetFileDescPtr(PRFileDesc *aFilePtr)
+{
+    mFd = aFilePtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostName(char * *aHostName)
+{
+    if (mHostName.IsEmpty())
+        *aHostName = nsnull;
+    else
+        *aHostName = mHostName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetHostName(char *aHostName)
+{
+    mHostName.AssignWithConversion(aHostName);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostPort(PRInt32 *aPort)
+{
+    *aPort = mHostPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetHostPort(PRInt32 aPort)
+{
+    mHostPort = aPort;
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyName(char * *aName)
+{
+    if (mProxyName.IsEmpty())
+        *aName = nsnull;
+    else
+        *aName = mProxyName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetProxyName(char *aName)
+{
+    mProxyName.AssignWithConversion(aName);
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyPort(PRInt32 *aPort)
+{
+    *aPort = mProxyPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetProxyPort(PRInt32 aPort)
+{
+    mProxyPort = aPort;
+    return NS_OK;
+}
+
+
+
+nsresult
+nsPSMSocketInfo::SetPickledStatus()
+{
+    PR_FREEIF(mPickledStatus);
+
+    long level;
+    CMTItem pickledStatus = {0, nsnull, 0};
+    unsigned char* ret    = nsnull;
+
+    if (CMT_GetSSLSocketStatus(mControl, mSocket, &pickledStatus, &level) != PR_FAILURE)
+    {        
+        ret = (unsigned char*) PR_Malloc( (SSMSTRING_PADDED_LENGTH(pickledStatus.len) + sizeof(int)) );
+        if (ret) 
+        {
+            *(int*)ret = pickledStatus.len;
+            memcpy(ret+sizeof(int), pickledStatus.data, *(int*)ret);
+        }
+
+        PR_FREEIF(pickledStatus.data);
+        mPickledStatus = ret;
+    }
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetPickledStatus(char * *pickledStatusString)
+{
+    if (!mPickledStatus)
+        SetPickledStatus();
+
+    if (mPickledStatus)
+    {
+        PRInt32 len = *(int*)mPickledStatus;
+        char *out = (char *)nsMemory::Alloc(len);
+        memcpy(out, mPickledStatus, len);
+        *pickledStatusString = out;
+        return NS_OK;
+    }
+    *pickledStatusString = nsnull;
+    return NS_ERROR_FAILURE;
+}
+
+nsresult
+nsSSLIOLayerNewSocket( const char *host, 
+                       PRInt32 port, 
+                       const char *proxyHost, 
+                       PRInt32 proxyPort,
+                       PRFileDesc **fd, 
+                       nsISupports** info)
+{
+    static PRBool  firstTime = PR_TRUE;
+    if (firstTime)
+    {
+        nsSSLIOLayerIdentity        = PR_GetUniqueIdentity("Cartman layer");
+        nsSSLIOLayerMethods         = *PR_GetDefaultIOMethods();
+
+        nsSSLIOLayerMethods.connect = nsSSLIOLayerConnect;
+        nsSSLIOLayerMethods.close   = nsSSLIOLayerClose;
+        nsSSLIOLayerMethods.read    = nsSSLIOLayerRead;
+        nsSSLIOLayerMethods.write   = nsSSLIOLayerWrite;
+        
+        
+        nsresult result = nsServiceManager::GetService( PSM_COMPONENT_PROGID,
+                                                        NS_GET_IID(nsIPSMComponent), 
+                                                        (nsISupports**)&gPSMService);  
+        if (NS_FAILED(result))
+            return PR_FAILURE;
+    
+        firstTime                   = PR_FALSE;
+
+    }
+    
+
+    PRFileDesc *   sock;
+    PRFileDesc *   layer;
+    PRStatus       rv;
+
+    /* Get a normal NSPR socket */
+    sock = PR_NewTCPSocket();  
+    if (! sock) return NS_ERROR_OUT_OF_MEMORY;
+    
+    /* disable Nagle algorithm delay for control sockets */
+    PRSocketOptionData sockopt;
+    sockopt.option = PR_SockOpt_NoDelay;
+    sockopt.value.no_delay = PR_TRUE;   
+    rv = PR_SetSocketOption(sock, &sockopt);
+    PR_ASSERT(PR_SUCCESS == rv);
+
+
+    layer = PR_CreateIOLayerStub(nsSSLIOLayerIdentity, &nsSSLIOLayerMethods);
+    if (! layer)
+    {
+        PR_Close(sock);
+        return NS_ERROR_FAILURE;
+    }
+        
+    nsPSMSocketInfo *infoObject = new nsPSMSocketInfo();
+    if (!infoObject)
+    {
+        PR_Close(sock);
+        // clean up IOLayerStub.
+        return NS_ERROR_FAILURE;
+    }
+    
+    NS_ADDREF(infoObject);
+    
+    infoObject->SetHostName((char*)host);
+    infoObject->SetHostPort(port);
+    infoObject->SetProxyName((char*)proxyHost);
+    infoObject->SetProxyPort(proxyPort);
+
+    layer->secret = (PRFilePrivate*) infoObject;
+    rv = PR_PushIOLayer(sock, PR_GetLayersIdentity(sock), layer);
+    
+    if (rv == PR_SUCCESS)
+    {
+        *fd   = sock;
+        *info = infoObject;
+        NS_ADDREF(*info);
+        return NS_OK;
+    }
+    
+    PR_Close(sock);
+    return NS_ERROR_FAILURE;
+}

mozilla/extensions/psm-glue/src/nsSSLIOLayer.h

@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#ifndef _NSSSLIOLAYER_H
+#define _NSSSLIOLAYER_H
+
+#include "prtypes.h"
+#include "prio.h"
+#include "nsIPSMSocketInfo.h"
+
+// define taken from 4.x cartman glue code.  
+#define SSMSTRING_PADDED_LENGTH(x) ((((x)+3)/4)*4)
+
+nsresult nsSSLIOLayerNewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **fd, 
+                               nsISupports **securityInfo);
+#endif /* _NSSSLIOLAYER_H */

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.cpp

@@ -0,0 +1,94 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nsIComponentManager.h"
+#include "nsIServiceManager.h"
+#include "nsSSLSocketProvider.h"
+#include "nsSSLIOLayer.h"
+
+////////////////////////////////////////////////////////////////////////////////
+
+nsSSLSocketProvider::nsSSLSocketProvider()
+{
+  NS_INIT_REFCNT();
+}
+
+nsresult
+nsSSLSocketProvider::Init()
+{
+  nsresult rv = NS_OK;
+  return rv;
+}
+
+nsSSLSocketProvider::~nsSSLSocketProvider()
+{
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS2(nsSSLSocketProvider, nsISocketProvider, nsISSLSocketProvider);
+
+NS_METHOD
+nsSSLSocketProvider::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{                                                                               
+    nsresult rv;                                                                
+                                                                                
+    nsSSLSocketProvider * inst;                                                      
+                                                                                
+    if (NULL == aResult) {                                                      
+        rv = NS_ERROR_NULL_POINTER;                                             
+        return rv;                                                              
+    }                                                                           
+    *aResult = NULL;                                                            
+    if (NULL != aOuter) {                                                       
+        rv = NS_ERROR_NO_AGGREGATION;                                           
+        return rv;                                                              
+    }                                                                           
+                                                                                
+    NS_NEWXPCOM(inst, nsSSLSocketProvider);                                          
+    if (NULL == inst) {                                                         
+        rv = NS_ERROR_OUT_OF_MEMORY;                                            
+        return rv;                                                              
+    }                                                                           
+    NS_ADDREF(inst);                                                            
+    rv = inst->QueryInterface(aIID, aResult);                                   
+    NS_RELEASE(inst);                                                           
+                                                                                
+    return rv;                                                                  
+}                                                                               
+
+
+NS_IMETHODIMP
+nsSSLSocketProvider::NewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **_result, 
+                               nsISupports **securityInfo)
+{
+  nsresult rv = nsSSLIOLayerNewSocket(host,
+                                      port,
+                                      proxyHost,
+                                      proxyPort,
+                                      _result, 
+                                      securityInfo);
+  
+  return (NS_FAILED(rv)) ? NS_ERROR_SOCKET_CREATE_FAILED : NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.h

@@ -0,0 +1,54 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#ifndef _NSSSLSOCKETPROVIDER_H_
+#define _NSSSLSOCKETPROVIDER_H_
+
+#include "nsISSLSocketProvider.h"
+
+
+/* 274418d0-5437-11d3-bbc8-0000861d1237 */         
+#define NS_SSLSOCKETPROVIDER_CID   { 0x274418d0, 0x5437, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
+
+
+class nsSSLSocketProvider : public nsISSLSocketProvider
+{
+public:
+  NS_DECL_ISUPPORTS
+
+  NS_DECL_NSISOCKETPROVIDER
+
+  NS_DECL_NSISSLSOCKETPROVIDER
+
+  // nsSSLSocketProvider methods:
+  nsSSLSocketProvider();
+  virtual ~nsSSLSocketProvider();
+
+  static NS_METHOD
+  Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+  nsresult Init();
+
+protected:
+};
+
+#endif /* _NSSSLSOCKETPROVIDER_H_ */

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp

@@ -0,0 +1,654 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998-2000 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Stuart Parmenter <pavlov@netscape.com>
+*/
+
+#include "nspr.h"
+#include "prlog.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIPSMComponent.h"
+#include "nsPSMComponent.h"
+#include "nsCOMPtr.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIServiceManager.h"
+
+#include "nsIScriptGlobalObject.h"
+#include "nsIObserverService.h"
+#include "nsIDocumentLoader.h"
+#include "nsCURILoader.h"
+#include "nsIDocShell.h"
+#include "nsIDocumentViewer.h"
+#include "nsCURILoader.h"
+#include "nsIDocument.h"
+#include "nsIDOMHTMLDocument.h"
+#include "nsIDOMXULDocument.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIContent.h"
+#include "nsIWebProgress.h"
+#include "nsIChannel.h"
+#include "nsIPSMSocketInfo.h"
+
+#include "nsIURI.h"
+
+#include "prmem.h"
+
+#include "nsINetSupportDialogService.h"
+#include "nsIPrompt.h"
+#include "nsICommonDialogs.h"
+#include "nsIPref.h"
+
+#include "nsIFormSubmitObserver.h"
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kCommonDialogsCID,         NS_CommonDialog_CID );
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+
+#define ENTER_SITE_PREF      "security.warn_entering_secure"
+#define LEAVE_SITE_PREF      "security.warn_leaving_secure"
+#define MIXEDCONTENT_PREF    "security.warn_viewing_mixed"
+#define INSECURE_SUBMIT_PREF "security.warn_submit_insecure"
+
+#if defined(PR_LOGGING)
+//
+// Log module for nsSecureBroswerUI logging...
+//
+// To enable logging (see prlog.h for full details):
+//
+//    set NSPR_LOG_MODULES=nsSecureBroswerUI:5
+//    set NSPR_LOG_FILE=nspr.log
+//
+// this enables PR_LOG_DEBUG level information and places all output in
+// the file nspr.log
+//
+PRLogModuleInfo* gSecureDocLog = nsnull;
+#endif /* PR_LOGGING */
+
+ 
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{
+    nsresult rv;
+
+    nsSecureBrowserUIImpl * inst;
+
+    if (NULL == aResult) {
+        rv = NS_ERROR_NULL_POINTER;
+        return rv;
+    }
+    *aResult = NULL;
+    if (NULL != aOuter) {
+        rv = NS_ERROR_NO_AGGREGATION;
+        return rv;
+    }
+
+    NS_NEWXPCOM(inst, nsSecureBrowserUIImpl);
+    if (NULL == inst) {
+        rv = NS_ERROR_OUT_OF_MEMORY;
+        return rv;
+    }
+    NS_ADDREF(inst);
+    rv = inst->QueryInterface(aIID, aResult);
+    NS_RELEASE(inst);
+
+    return rv;
+}
+
+nsSecureBrowserUIImpl::nsSecureBrowserUIImpl()
+{
+    NS_INIT_REFCNT();
+    
+#if defined(PR_LOGGING)
+    if (nsnull == gSecureDocLog) {
+        gSecureDocLog = PR_NewLogModule("nsSecureBroswerUI");
+    }
+#endif /* PR_LOGGING */
+
+
+    mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+    mLastPSMStatus    = nsnull;
+    mCurrentURI       = nsnull;
+    mSecurityButton   = nsnull;
+}
+
+nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl()
+{
+    PR_FREEIF(mLastPSMStatus);
+}
+
+NS_IMPL_ISUPPORTS4(nsSecureBrowserUIImpl, 
+                   nsSecureBrowserUI, 
+                   nsIWebProgressListener, 
+                   nsIFormSubmitObserver,
+                   nsIObserver); 
+
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Init(nsIDOMWindow *window, nsIDOMElement *button)
+{
+    mSecurityButton = button;
+    mWindow         = window;
+
+    nsresult rv = nsServiceManager::GetService( kPrefCID, 
+                                                NS_GET_IID(nsIPref), 
+                                                getter_AddRefs(mPref));  
+    if (NS_FAILED(rv)) return rv;
+
+    NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
+    if (NS_FAILED(rv)) return rv;
+
+    nsILocale* locale = nsnull;
+    rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL, locale, getter_AddRefs(mStringBundle));
+    if (NS_FAILED(rv)) return rv;
+
+    // hook up to the form post notifications:
+    nsIObserverService *svc = 0;
+    rv = nsServiceManager::GetService(NS_OBSERVERSERVICE_PROGID, 
+                                      NS_GET_IID(nsIObserverService), 
+                                      (nsISupports**)&svc );
+    if (NS_SUCCEEDED(rv) && svc) {
+        nsString  topic; topic.AssignWithConversion(NS_FORMSUBMIT_SUBJECT);
+        rv = svc->AddObserver( this, topic.GetUnicode());
+        nsServiceManager::ReleaseService( NS_OBSERVERSERVICE_PROGID, svc );
+    }
+
+    // hook up to the webprogress notifications.
+    nsCOMPtr<nsIDocShell> docShell;
+
+    nsCOMPtr<nsIScriptGlobalObject> sgo = do_QueryInterface(window);
+    if (!sgo) return NS_ERROR_NULL_POINTER;
+
+    sgo->GetDocShell(getter_AddRefs(docShell));
+    if (!docShell) return NS_ERROR_NULL_POINTER;
+
+    nsCOMPtr<nsIWebProgress> wp = do_GetInterface(docShell);
+    if (!wp) return NS_ERROR_NULL_POINTER;
+
+    wp->AddProgressListener(NS_STATIC_CAST(nsIWebProgressListener*,this));
+
+    mInitByLocationChange = PR_TRUE;
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::DisplayPageInfoUI()
+{
+    nsresult res;
+    NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+    if (NS_FAILED(res)) 
+        return res;
+    
+    nsXPIDLCString host;
+    if (mCurrentURI)
+        mCurrentURI->GetHost(getter_Copies(host));
+    
+    return psm->DisplaySecurityAdvisor(mLastPSMStatus, host);
+}
+
+
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Observe(nsISupports*, const PRUnichar*, const PRUnichar*) 
+{
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+static nsresult IsChildOfDomWindow(nsIDOMWindow *parent, nsIDOMWindow *child, PRBool* value)
+{
+    *value = PR_FALSE;
+
+    if (parent == child)
+    {
+        *value = PR_TRUE;
+        return NS_OK;
+    }
+
+    nsCOMPtr<nsIDOMWindow> childsParent;
+    child->GetParent(getter_AddRefs(childsParent));
+        
+    if (childsParent && childsParent.get() != child)
+        IsChildOfDomWindow(parent, childsParent, value);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI* actionURL)
+{
+    // Return NS_OK unless we want to prevent this form from submitting.
+
+    if (!window || !actionURL || !formNode) {
+        return NS_OK;
+    }
+    
+    nsCOMPtr<nsIDocument> document; 
+    formNode->GetDocument(*getter_AddRefs(document)); 
+    if (!document) return NS_OK; 
+
+    nsCOMPtr<nsIScriptGlobalObject> globalObject; 
+    document->GetScriptGlobalObject(getter_AddRefs(globalObject)); 
+    nsCOMPtr<nsIDOMWindow> postingWindow = do_QueryInterface(globalObject); 
+    
+    PRBool isChild;
+    IsChildOfDomWindow(mWindow, postingWindow, &isChild);
+
+    if (!isChild)
+        return NS_OK;
+
+    PRBool okayToPost;
+    nsresult res = CheckPost(actionURL, &okayToPost);
+
+    if (NS_SUCCEEDED(res) && okayToPost)
+        return NS_OK;
+    
+    return NS_ERROR_FAILURE;
+}
+
+//  nsIWebProgressListener
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnProgressChange(nsIWebProgress* aWebProgress,
+                                        nsIRequest* aRequest, 
+                                        PRInt32 aCurSelfProgress, 
+                                        PRInt32 aMaxSelfProgress, 
+                                        PRInt32 aCurTotalProgress, 
+                                        PRInt32 aMaxTotalProgress)
+{
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
+                                     nsIRequest* aRequest, 
+                                     PRInt32 aProgressStateFlags,
+                                     nsresult aStatus)
+{
+    nsresult res = NS_OK;
+
+    if (aRequest == nsnull || !mSecurityButton || !mPref)
+        return NS_ERROR_NULL_POINTER;
+
+    // Get the channel from the request...
+    // If the request is not network based, then ignore it.    
+    nsCOMPtr<nsIChannel> channel;
+    channel = do_QueryInterface(aRequest, &res);
+    if (NS_FAILED(res))
+        return NS_OK;
+
+    nsCOMPtr<nsIURI> loadingURI;
+    channel->GetURI(getter_AddRefs(loadingURI));
+    
+#if defined(DEBUG)
+    nsXPIDLCString temp;
+    loadingURI->GetSpec(getter_Copies(temp));
+    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange: %x :%s\n", this, aProgressStateFlags,(const char*)temp));
+#endif
+
+    // A Document is starting to load...
+    if ((aProgressStateFlags & flag_start) && 
+        (aProgressStateFlags & flag_is_network))
+    {
+        // starting to load a webpage
+        PR_FREEIF(mLastPSMStatus); mLastPSMStatus = nsnull;
+
+        mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+
+        res = CheckProtocolContextSwitch( loadingURI, mCurrentURI);    
+        return res;
+    } 
+
+    // A document has finished loading    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_network) &&
+        mIsSecureDocument)
+    {
+        if (!mIsDocumentBroken) // and status is okay  FIX
+        {
+            // qi for the psm information about this channel load.
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info);
+            if (psmInfo)
+            {
+                // Everything looks okay.  Lets stash the picked status.
+                PR_FREEIF(mLastPSMStatus);
+                res = psmInfo->GetPickledStatus(&mLastPSMStatus);
+
+                if (NS_SUCCEEDED(res)) {
+                    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to lock\n", this));
+                    res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("high") );
+                    return res;
+                }
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to broken\n", this));
+        mIsDocumentBroken = PR_TRUE;
+        res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken"));
+        return res;
+    }
+    
+    ///    if (aProgressStateFlags == nsIWebProgress::flag_net_redirecting)
+    ///    {
+    ///        // need to implmentent.
+    ///    }
+
+    // don't need to do anything more if the page is broken or not secure...
+
+    if (!mIsSecureDocument || mIsDocumentBroken)
+        return NS_OK;
+
+    // A URL is starting to load...
+    if ((aProgressStateFlags & flag_start) &&
+        (aProgressStateFlags & flag_is_request))
+    {   // check to see if we are going to mix content.
+        return CheckMixedContext(loadingURI);
+    }
+
+    // A URL has finished loading...    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_request))
+    {
+        if (1)  // FIX status from the flag...
+        {
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &res);
+
+                    // qi for the psm information about this channel load.
+            if (psmInfo) {
+                return NS_OK;    
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange - Icon set to broken\n", this));
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+        mIsDocumentBroken = PR_TRUE;
+    }    
+
+    return res;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnLocationChange(nsIURI* aLocation)
+{
+    mCurrentURI = aLocation;
+    
+    if (mInitByLocationChange)
+    {
+        IsURLHTTPS(mCurrentURI, &mIsSecureDocument);
+        mInitByLocationChange = PR_FALSE;
+    }
+
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
+{
+	*value = PR_FALSE;
+
+	if (!aURL)
+		return NS_OK;
+
+    char* scheme;
+	aURL->GetScheme(&scheme);
+
+	if (scheme == nsnull)
+		return NS_ERROR_NULL_POINTER;
+
+    if ( PL_strncasecmp(scheme, "https",  5) == 0 )
+		*value = PR_TRUE;
+	
+	nsMemory::Free(scheme);
+	return NS_OK;
+}
+
+
+
+void nsSecureBrowserUIImpl::GetBundleString(const nsString& name, nsString &outString)
+{
+    if (mStringBundle && name.Length() > 0) {
+        PRUnichar *ptrv = nsnull;
+        if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name.GetUnicode(), &ptrv)))
+            outString = ptrv;
+        else
+            outString.SetLength(0);;
+
+        nsMemory::Free(ptrv);
+
+    } else {
+        outString.SetLength(0);;
+    }
+}
+
+nsresult 
+nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI)
+{
+    nsresult res;
+    PRBool isNewSchemeSecure, isOldSchemeSecure, boolpref;
+
+    res = IsURLHTTPS(oldURI, &isOldSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+    res = IsURLHTTPS(newURI, &isNewSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+
+    // Check to see if we are going from a secure page to and insecure page
+    if ( !isNewSchemeSecure && isOldSchemeSecure)
+    {
+        mSecurityButton->RemoveAttribute( NS_ConvertASCIItoUCS2("level") );
+    
+        if ((mPref->GetBoolPref(LEAVE_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("LeaveSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(LEAVE_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+    // check to see if we are going from an insecure page to a secure one.
+    else if (isNewSchemeSecure && !isOldSchemeSecure)
+    {
+        if ((mPref->GetBoolPref(ENTER_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("EnterSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue)
+            {
+                mPref->SetBoolPref(ENTER_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+
+    mIsSecureDocument = isNewSchemeSecure;
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(nextURI, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+
+    if (!secure  && mIsSecureDocument)
+    {
+        mIsDocumentBroken = PR_TRUE;
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+
+        if (!mPref) return NS_ERROR_NULL_POINTER;
+
+        PRBool boolpref;
+        if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+
+        if (boolpref && !mMixContentAlertShown) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("MixedContentMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+                if (NS_FAILED(rv)) 
+                    return rv;
+                psm->PassPrefs();
+            }
+
+            mMixContentAlertShown = PR_TRUE;
+        }
+    }
+
+  return NS_OK;
+}
+
+nsresult
+nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(actionURL, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+    
+    // if we are posting to a secure link from a secure page, all is okay.
+    if (secure  && mIsSecureDocument)
+        return NS_OK;
+
+
+    PRBool boolpref;    
+
+    // posting to a non https URL.
+    if ((mPref->GetBoolPref(INSECURE_SUBMIT_PREF, &boolpref) != 0))
+        boolpref = PR_TRUE;
+    
+    if (boolpref) {
+        NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+        if (NS_FAILED(rv)) 
+            return rv;
+
+        nsAutoString windowTitle, message, dontShowAgain;
+        
+        GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+        GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+        // posting to insecure webpage from a secure webpage.
+        if (!secure  && mIsSecureDocument && !mIsDocumentBroken) {
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecure"), message);
+        } else { // anything else, post generic warning
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecureFromInsecure"), message);
+        }
+
+        PRBool outCheckValue = PR_TRUE;
+        dialog->ConfirmCheck(mWindow, 
+                             windowTitle.GetUnicode(), 
+                             message.GetUnicode(), 
+                             dontShowAgain.GetUnicode(), 
+                             &outCheckValue, 
+                             okayToPost);
+
+        if (!outCheckValue) {
+            mPref->SetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
+            NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+            psm->PassPrefs();
+        }
+    } else {
+        *okayToPost = PR_TRUE;
+    }
+  
+    return NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.h

@@ -0,0 +1,108 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef nsSecureBrowserUIImpl_h_
+#define nsSecureBrowserUIImpl_h_
+
+#include "nsCOMPtr.h"
+#include "nsXPIDLString.h"
+#include "nsString.h"
+#include "nsIObserver.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIStringBundle.h"
+#include "nsISecureBrowserUI.h"
+#include "nsIDocShell.h"
+#include "nsIPref.h"
+#include "nsIWebProgressListener.h"
+#include "nsIFormSubmitObserver.h"
+#include "nsIURI.h"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME "Mozilla Secure Browser Doc Observer"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CID \
+{0x97c06c30, 0xa145, 0x11d3, \
+{0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_PROGID "component://netscape/secure_browser_docobserver"
+
+
+class nsSecureBrowserUIImpl : public nsSecureBrowserUI, 
+                              public nsIWebProgressListener, 
+                              public nsIFormSubmitObserver,
+                              public nsIObserver
+{
+public:
+
+	nsSecureBrowserUIImpl();
+	virtual ~nsSecureBrowserUIImpl();
+    
+    static NS_METHOD Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+	NS_DECL_ISUPPORTS    
+    NS_DECL_NSIWEBPROGRESSLISTENER
+    NS_DECL_NSSECUREBROWSERUI
+
+
+    // nsIObserver
+    NS_DECL_NSIOBSERVER
+    NS_IMETHOD Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI *actionURL);
+
+protected:
+
+	nsCOMPtr<nsIDOMWindow>              mWindow;
+    nsCOMPtr<nsIDOMElement>             mSecurityButton;
+	nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
+    nsCOMPtr<nsIPref>                   mPref;
+    nsCOMPtr<nsIStringBundle>           mStringBundle;
+    
+    nsCOMPtr<nsIURI>                    mCurrentURI;
+
+	PRBool					mIsSecureDocument;  // is https loaded
+	PRBool					mIsDocumentBroken;  // 
+	PRBool					mMixContentAlertShown;
+    
+    PRBool                  mInitByLocationChange;
+
+    char*                   mLastPSMStatus;
+    
+
+    void GetBundleString(const nsString& name, nsString &outString);
+    nsresult LoadStringBundle();
+    
+    nsresult CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI);
+    nsresult CheckMixedContext(nsIURI* nextURI);
+    nsresult CheckPost(nsIURI *actionURL, PRBool *okayToPost);
+    nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
+};
+
+
+#endif /* nsSecureBrowserUIImpl_h_ */
+
+
+
+
+
+

mozilla/webtools/bugzilla/docs/en/xml/Bugzilla-Guide.xml

@@ -1,135 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-
-]>
-
-
-<!-- Coding standards for this document 
-
-*  Other than the GFDL, please use the "section" tag instead of "sect1", 
-   "sect2", etc.
-*  Use Entities to include files for new chapters in Bugzilla-Guide.xml.
-*  Try to use Entities for frequently-used passages of text as well.
-*  Ensure all documents compile cleanly to HTML after modification.
-   The warning, "DTDDECL catalog types not supported" is normal.
-*  Try to index important terms wherever possible.
-*  Use "glossterm" whenever you introduce a new term.
-*  Follow coding standards at http://www.tldp.org, and
-   check out the KDE guidelines (they are nice, too)
-   http://i18n.kde.org/doc/markup.html
-*  All tags should be lowercase.
-*  Please use sensible spacing.  The comments at the very end of each
-   file define reasonable defaults for PSGML mode in EMACS.
-*  Double-indent tags, use double spacing whenever possible, and
-   try to avoid clutter and feel free to waste space in the code to make it 
-   more readable.
-
--->
-
-<book id="index">
-
-<!-- Header -->
-
-  <bookinfo>
-    <title>The Bugzilla Guide - &bz-ver; 
-    <!-- BZ-DEVEL -->Development <!-- /BZ-DEVEL -->
-    Release</title>
-
-    <authorgroup>
-      <corpauthor>The Bugzilla Team</corpauthor>
-    </authorgroup>
-
-    <pubdate>&bz-date;</pubdate>
-
-    <abstract>
-      <para>
-	      This is the documentation for Bugzilla, a 
-	      bug-tracking system from mozilla.org.
-	      Bugzilla is an enterprise-class piece of software
-	      that tracks millions of bugs and issues for hundreds of
-	      organizations around the world.
-      </para>
-
-      <para>
-        The most current version of this document can always be found on the
-        <ulink url="http://www.bugzilla.org/docs/">Bugzilla 
-        Documentation Page</ulink>.
-      </para>
-
-    </abstract>
-
-    <keywordset>
-      <keyword>Bugzilla</keyword>
-      <keyword>Guide</keyword>
-      <keyword>installation</keyword>
-      <keyword>FAQ</keyword>
-      <keyword>administration</keyword>
-      <keyword>integration</keyword>
-      <keyword>MySQL</keyword>
-      <keyword>Mozilla</keyword>
-      <keyword>webtools</keyword>
-    </keywordset>
-  </bookinfo>
-
-  <!-- About This Guide -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="about.xml" /> 
-  
-  <!-- Installing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="installation.xml" />
-
-  <!-- Administering Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="administration.xml" />
-
-  <!-- Securing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="security.xml" />
-  
-  <!-- Customizing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="customization.xml" />
-
-  <!-- Using Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="using.xml" />
-
-  <!-- Appendix: Troubleshooting -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="troubleshooting.xml" />
-
-  <!-- Appendix: Custom Patches -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="patches.xml" />
-
-  <!-- Appendix: Manually Installing Perl Modules -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules.xml" />
-  
-  <!-- Appendix: GNU Free Documentation License -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="gfdl.xml" />
- 
-  <!-- Glossary -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="glossary.xml" />
-
-  <!-- Index -->
-  <!--xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="index.xml" /-->
-
-</book>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/about.xml

@@ -1,246 +0,0 @@
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                         "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- $Id: about.xml,v 1.26.4.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<chapter id="about">
-<title>About This Guide</title>
-
-  <section id="copyright">
-    <title>Copyright Information</title>
-
-    <para>This document is copyright (c) 2000-&current-year; by the various
-    Bugzilla contributors who wrote it.</para>
-    
-    <blockquote>
-      <para>
-	Permission is granted to copy, distribute and/or modify this
-	document under the terms of the GNU Free Documentation
-	License, Version 1.1 or any later version published by the
-	Free Software Foundation; with no Invariant Sections, no
-	Front-Cover Texts, and with no Back-Cover Texts. A copy of
-	the license is included in <xref linkend="gfdl"/>.
-      </para>
-    </blockquote>
-    <para>
-      If you have any questions regarding this document, its
-      copyright, or publishing this document in non-electronic form,
-      please contact the Bugzilla Team. 
-    </para>
-  </section>
-
-  <section id="disclaimer">
-    <title>Disclaimer</title>
-    <para>
-      No liability for the contents of this document can be accepted.
-      Follow the instructions herein at your own risk.
-      This document may contain errors
-      and inaccuracies that may damage your system, cause your partner 
-      to leave you, your boss to fire you, your cats to
-      pee on your furniture and clothing, and global thermonuclear
-      war. Proceed with caution.
-    </para>
-    <para>
-      Naming of particular products or brands should not be seen as
-      endorsements, with the exception of the term "GNU/Linux". We
-      wholeheartedly endorse the use of GNU/Linux; it is an extremely 
-      versatile, stable,
-      and robust operating system that offers an ideal operating
-      environment for Bugzilla.
-    </para>
-    <para>
-      Although the Bugzilla development team has taken great care to
-      ensure that all exploitable bugs have been fixed, security holes surely 
-      exist in any piece of code. Great care should be taken both in 
-      the installation and usage of this software. The Bugzilla development
-      team members assume no liability for your use of Bugzilla. You have 
-      the source code, and are responsible for auditing it yourself to ensure
-      your security needs are met.
-    </para>
-  </section>
-
-<!-- Section 2: New Versions -->
-
-  <section id="newversions">
-    <title>New Versions</title>
-    <para>
-      This is the &bz-ver; version of The Bugzilla Guide. It is so named 
-      to match the current version of Bugzilla. 
-      <!-- BZ-DEVEL --> This version of the guide, like its associated Bugzilla version, is a
-      development version.<!-- /BZ-DEVEL --> 
-    </para>
-    <para>
-      The latest version of this guide can always be found at <ulink
-      url="http://www.bugzilla.org"/>, or checked out via CVS by
-      following the <ulink url="http://www.mozilla.org/cvs.html">Mozilla 
-      CVS</ulink> instructions and check out the 
-      <filename>mozilla/webtools/bugzilla/docs/</filename>
-      subtree. However, you should read the version
-      which came with the Bugzilla release you are using.
-    </para>
-    <para>
-      The Bugzilla Guide, or a section of it, is also available in
-      the following languages:
-      <ulink url="http://www.traduc.org/docs/guides/lecture/bugzilla/">French</ulink>,
-      <ulink url="http://bugzilla-de.sourceforge.net/docs/html/">German</ulink>,
-      <ulink url="http://www.bugzilla.jp/docs/2.18/">Japanese</ulink>.
-      Note that these may be outdated or not up to date.
-    </para>
-    
-    <para>  
-      In addition, there are Bugzilla template localization projects in
-      the following languages. They may have translated documentation 
-      available: 
-      <ulink url="http://sourceforge.net/projects/bugzilla-ar/">Arabic</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-be/">Belarusian</ulink>,
-      <ulink url="http://openfmi.net/projects/mozilla-bg/">Bulgarian</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-br/">Brazilian Portuguese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-cn/">Chinese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-fr/">French</ulink>,
-      <ulink url="http://germzilla.ganderbay.net/">German</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-it/">Italian</ulink>,
-      <ulink url="http://www.bugzilla.jp/about/jp.html">Japanese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-kr/">Korean</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-ru/">Russian</ulink> and
-      <ulink url="http://sourceforge.net/projects/bugzilla-es/">Spanish</ulink>.
-    </para>
-    
-    <para>  
-      If you would like to volunteer to translate the Guide into additional
-      languages, please contact
-      <ulink url="mailto:justdave@bugzilla.org">Dave Miller</ulink>.
-    </para>
-  </section>
-
-  <section id="credits">
-    <title>Credits</title>
-    <para>
-      The people listed below have made enormous contributions to the
-      creation of this Guide, through their writing, dedicated hacking efforts,
-      numerous e-mail and IRC support sessions, and overall excellent
-      contribution to the Bugzilla community:
-    </para>
-
-    <!-- TODO: This is evil... there has to be a valid way to get this look -->
-    <variablelist>
-      <varlistentry>
-        <term>Matthew P. Barnson <email>mbarnson@sisna.com</email></term>
-        <listitem>
-          <para>for the Herculean task of pulling together the Bugzilla Guide
-          and shepherding it to 2.14.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Terry Weissman <email>terry@mozilla.org</email></term>
-        <listitem>
-          <para>for initially writing Bugzilla and creating the README upon
-          which the UNIX installation documentation is largely based.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Tara Hernandez <email>tara@tequilarists.org</email></term>
-        <listitem>
-          <para>for keeping Bugzilla development going strong after Terry left
-          mozilla.org and for running landfill.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Dave Lawrence <email>dkl@redhat.com</email></term>
-        <listitem>
-          <para>for providing insight into the key differences between Red
-          Hat's customized Bugzilla.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Dawn Endico <email>endico@mozilla.org</email></term>
-        <listitem>
-          <para>for being a hacker extraordinaire and putting up with Matthew's
-          incessant questions and arguments on irc.mozilla.org in #mozwebtools
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Jacob Steenhagen <email>jake@bugzilla.org</email></term>
-        <listitem>
-          <para>for taking over documentation during the 2.17 development
-          period.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-	<term>Dave Miller <email>justdave@bugzilla.org</email></term>
-	<listitem>
-          <para>for taking over as project lead when Tara stepped down and
-	  continually pushing for the documentation to be the best it can be.
-          </para>
-        </listitem>
-      </varlistentry>
-
-    </variablelist>
-
-
-    <para>
-      Thanks also go to the following people for significant contributions 
-      to this documentation:
-      <simplelist type="inline">
-        <member>Kevin Brannen</member>
-        <member>Vlad Dascalu</member>
-        <member>Ben FrantzDale</member>
-        <member>Eric Hanson</member>
-        <member>Zach Lipton</member>
-        <member>Gervase Markham</member>
-        <member>Andrew Pearson</member>
-        <member>Joe Robins</member>
-        <member>Spencer Smith</member>
-        <member>Ron Teitelbaum</member>
-        <member>Shane Travis</member>
-        <member>Martin Wulffeld</member>
-      </simplelist>.
-    </para>
-    
-    <para>
-      Also, thanks are due to the members of the 
-      <ulink url="news://news.mozilla.org/mozilla.support.bugzilla">
-      mozilla.support.bugzilla</ulink>
-      newsgroup (and its predecessor, netscape.public.mozilla.webtools).
-      Without your discussions, insight, suggestions, and patches,
-      this could never have happened.
-    </para>
-  </section>
-
-  <!-- conventions used here (didn't want to give it a chapter of its own) -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="conventions.xml" /> 
-</chapter> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-

mozilla/webtools/bugzilla/docs/en/xml/conventions.xml

@@ -1,168 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<section id="conventions">
-  <title>Document Conventions</title>
-
-  <indexterm zone="conventions">
-    <primary>conventions</primary>
-  </indexterm>
-
-  <para>This document uses the following conventions:</para>
-
-  <informaltable frame="none">
-    <tgroup cols="2">
-      <thead>
-        <row>
-          <entry>Descriptions</entry>
-
-          <entry>Appearance</entry>
-        </row>
-      </thead>
-
-      <tbody>
-        <row>
-          <entry>Caution</entry>
-
-          <entry>
-            <caution>
-              <para>Don't run with scissors!</para>
-            </caution>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Hint or Tip</entry>
-
-          <entry>
-            <tip>
-              <para>For best results... </para>
-            </tip>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Note</entry>
-
-          <entry>
-            <note>
-              <para>Dear John...</para>
-            </note>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Warning</entry>
-
-          <entry>
-            <warning>
-              <para>Read this or the cat gets it.</para>
-            </warning>
-          </entry>
-        </row>
-
-        <row>
-          <entry>File or directory name</entry>
-
-          <entry>
-            <filename>filename</filename>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Command to be typed</entry>
-
-          <entry>
-            <command>command</command>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Application name</entry>
-
-          <entry>
-            <application>application</application>
-          </entry>
-        </row>
-
-        <row>
-          <entry>
-          Normal user's prompt under bash shell</entry>
-
-          <entry>bash$</entry>
-        </row>
-
-        <row>
-          <entry>
-          Root user's prompt under bash shell</entry>
-
-          <entry>bash#</entry>
-        </row>
-
-        <row>
-          <entry>
-          Normal user's prompt under tcsh shell</entry>
-
-          <entry>tcsh$</entry>
-        </row>
-
-        <row>
-          <entry>Environment variables</entry>
-
-          <entry>
-            <envar>VARIABLE</envar>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Term found in the glossary</entry>
-
-          <entry>
-            <glossterm linkend="gloss-bugzilla">Bugzilla</glossterm>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Code example</entry>
-
-          <entry>
-            <programlisting><sgmltag class="starttag">para</sgmltag>
-Beginning and end of paragraph
-<sgmltag class="endtag">para</sgmltag></programlisting>
-          </entry>
-        </row>
-      </tbody>
-    </tgroup>
-  </informaltable>
-
-  <para>  
-	  This documentation is maintained in DocBook 4.1.2 XML format.
-    Changes are best submitted as plain text or XML diffs, attached
-    to a bug filed in the &bzg-bugs; component.
-  </para>
-  
-</section>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/customization.xml

@@ -1,821 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<chapter id="customization">
-  <title>Customizing Bugzilla</title>
-
-  <section id="cust-skins">
-    <title>Custom Skins</title>
-    
-    <para>
-      Bugzilla allows you to have multiple skins. These are custom CSS and possibly
-      also custom images for Bugzilla. To create a new custom skin, you have two
-      choices:
-      <itemizedlist>
-        <listitem>
-          <para>
-            Make a single CSS file, and put it in the 
-            <filename>skins/contrib</filename> directory.
-          </para>
-        </listitem>
-        <listitem>
-          <para>
-            Make a directory that contains all the same CSS file
-            names as <filename>skins/standard/</filename>, and put
-            your directory in <filename>skins/contrib/</filename>.
-          </para>
-        </listitem>
-      </itemizedlist>
-    </para>
-      
-    <para>
-      After you put the file or the directory there, make sure to run checksetup.pl
-      so that it can reset the file permissions correctly.
-    </para>
-    <para>
-      After you have installed the new skin, it will show up as an option in the
-      user's General Preferences. If you would like to force a particular skin on all
-      users, just select it in the Default Preferences and then uncheck "Enabled" on
-      the preference.
-    </para>
-  </section>
-  
-  <section id="cust-templates">
-    <title>Template Customization</title>
-    
-    <para>
-      Administrators can configure the look and feel of Bugzilla without
-      having to edit Perl files or face the nightmare of massive merge
-      conflicts when they upgrade to a newer version in the future.
-    </para>
-    
-    <para>
-      Templatization also makes localized versions of Bugzilla possible, 
-      for the first time. It's possible to have Bugzilla's UI language 
-      determined by the user's browser. More information is available in
-      <xref linkend="template-http-accept"/>.
-    </para>
-    
-    <section id="template-directory">
-      <title>Template Directory Structure</title>
-      <para>
-        The template directory structure starts with top level directory 
-        named <filename>template</filename>, which contains a directory
-        for each installed localization. The next level defines the
-        language used in the templates. Bugzilla comes with English
-        templates, so the directory name is <filename>en</filename>,
-        and we will discuss <filename>template/en</filename> throughout
-        the documentation. Below <filename>template/en</filename> is the
-        <filename>default</filename> directory, which contains all the
-        standard templates shipped with Bugzilla.
-      </para>
-
-      <warning>
-        <para>
-          A directory <filename>data/templates</filename> also exists;
-          this is where Template Toolkit puts the compiled versions of
-          the templates from either the default or custom directories.
-          <emphasis>Do not</emphasis> directly edit the files in this
-          directory, or all your changes will be lost the next time
-          Template Toolkit recompiles the templates.
-        </para>
-      </warning>
-    </section>
-
-    <section id="template-method">
-      <title>Choosing a Customization Method</title>
-      <para>
-        If you want to edit Bugzilla's templates, the first decision
-        you must make is how you want to go about doing so. There are two
-        choices, and which you use depends mainly on the scope of your 
-        modifications, and the method you plan to use to upgrade Bugzilla.
-      </para> 
-
-      <para>
-        The first method of making customizations is to directly edit the
-        templates found in <filename>template/en/default</filename>.
-        This is probably the best way to go about it if you are going to
-        be upgrading Bugzilla through CVS, because if you then execute
-        a <command>cvs update</command>, any changes you have made will
-        be merged automagically with the updated versions.
-      </para>
-
-      <note>
-        <para>
-          If you use this method, and CVS conflicts occur during an
-          update, the conflicted templates (and possibly other parts
-          of your installation) will not work until they are resolved.
-        </para>
-      </note>
-
-      <para>
-        The second method is to copy the templates to be modified
-        into a mirrored directory structure under 
-        <filename>template/en/custom</filename>. Templates in this
-        directory structure automatically override any identically-named
-        and identically-located templates in the 
-        <filename>default</filename> directory. 
-      </para>
-
-      <note>
-        <para>
-          The <filename>custom</filename> directory does not exist
-          at first and must be created if you want to use it.
-        </para>
-      </note>
-
-      <para>
-        The second method of customization should be used if you 
-        use the overwriting method of upgrade, because otherwise 
-        your changes will be lost.  This method may also be better if
-        you are using the CVS method of upgrading and are going to make major
-        changes, because it is guaranteed that the contents of this directory
-        will not be touched during an upgrade, and you can then decide whether
-        to continue using your own templates, or make the effort to merge your
-        changes into the new versions by hand.
-      </para>
-
-      <para>
-        Using this method, your installation may break if incompatible
-        changes are made to the template interface.  Such changes should
-        be documented in the release notes, provided you are using a
-        stable release of Bugzilla.  If you use using unstable code, you will
-        need to deal with this one yourself, although if possible the changes
-        will be mentioned before they occur in the deprecations section of the
-        previous stable release's release notes.
-      </para>
-
-      <note>
-        <para>
-          Regardless of which method you choose, it is recommended that
-          you run <command>./checksetup.pl</command> after creating or
-          editing any templates in the <filename>template/en/default</filename>
-          directory, and after editing any templates in the 
-          <filename>custom</filename> directory.
-        </para>
-      </note>
-
-      <warning>
-        <para>
-          It is <emphasis>required</emphasis> that you run 
-          <command>./checksetup.pl</command> after creating a new
-          template in the <filename>custom</filename> directory. Failure
-          to do so will raise an incomprehensible error message.
-        </para>
-      </warning>
-    </section>
-    
-    <section id="template-edit">
-      <title>How To Edit Templates</title>
-      
-      <note>
-        <para>
-          If you are making template changes that you intend on submitting back
-          for inclusion in standard Bugzilla, you should read the relevant
-          sections of the 
-          <ulink url="http://www.bugzilla.org/docs/developer.html">Developers'
-          Guide</ulink>.
-        </para>
-      </note>
-      
-      <para>
-        The syntax of the Template Toolkit language is beyond the scope of
-        this guide. It's reasonably easy to pick up by looking at the current 
-        templates; or, you can read the manual, available on the
-        <ulink url="http://www.template-toolkit.org">Template Toolkit home
-        page</ulink>.
-      </para>
-      
-      <para>
-        One thing you should take particular care about is the need
-        to properly HTML filter data that has been passed into the template.
-        This means that if the data can possibly contain special HTML characters
-        such as &lt;, and the data was not intended to be HTML, they need to be
-        converted to entity form, i.e. &amp;lt;.  You use the 'html' filter in the
-        Template Toolkit to do this.  If you forget, you may open up
-        your installation to cross-site scripting attacks.
-      </para>
-
-      <para>
-        Also note that Bugzilla adds a few filters of its own, that are not
-        in standard Template Toolkit.  In particular, the 'url_quote' filter
-        can convert characters that are illegal or have special meaning in URLs,
-        such as &amp;, to the encoded form, i.e. %26.  This actually encodes most
-        characters (but not the common ones such as letters and numbers and so
-        on), including the HTML-special characters, so there's never a need to
-        HTML filter afterwards.
-      </para>
- 
-      <para>
-        Editing templates is a good way of doing a <quote>poor man's custom
-        fields</quote>.
-        For example, if you don't use the Status Whiteboard, but want to have
-        a free-form text entry box for <quote>Build Identifier</quote>,
-        then you can just
-        edit the templates to change the field labels. It's still be called
-        status_whiteboard internally, but your users don't need to know that.
-      </para>
-      
-    </section>
-            
-    
-    <section id="template-formats">
-      <title>Template Formats and Types</title>
-      
-      <para>
-        Some CGI's have the ability to use more than one template. For example,
-        <filename>buglist.cgi</filename> can output itself as RDF, or as two 
-        formats of HTML (complex and simple). The mechanism that provides this 
-        feature is extensible.
-      </para>
-
-      <para>
-        Bugzilla can support different types of output, which again can have 
-        multiple formats. In order to request a certain type, you can append 
-        the &amp;ctype=&lt;contenttype&gt; (such as rdf or html) to the 
-        <filename>&lt;cginame&gt;.cgi</filename> URL. If you would like to 
-        retrieve a certain format, you can use the &amp;format=&lt;format&gt; 
-        (such as simple or complex) in the URL.
-      </para>
-      
-      <para>
-        To see if a CGI supports multiple output formats and types, grep the
-        CGI for <quote>get_format</quote>. If it's not present, adding
-        multiple format/type support isn't too hard - see how it's done in
-        other CGIs, e.g. config.cgi.
-      </para>
-      
-      <para>
-        To make a new format template for a CGI which supports this, 
-        open a current template for
-        that CGI and take note of the INTERFACE comment (if present.) This 
-        comment defines what variables are passed into this template. If 
-        there isn't one, I'm afraid you'll have to read the template and
-        the code to find out what information you get. 
-      </para>     
-  
-      <para>
-        Write your template in whatever markup or text style is appropriate.
-      </para>
-      
-      <para>
-        You now need to decide what content type you want your template
-        served as. The content types are defined in the
-        <filename>Bugzilla/Constants.pm</filename> file in the 
-        <filename>contenttypes</filename>
-        constant. If your content type is not there, add it. Remember
-        the three- or four-letter tag assigned to your content type. 
-        This tag will be part of the template filename.
-      </para>
-
-      <note>
-        <para>
-          After adding or changing a content type, it's suitable to edit
-          <filename>Bugzilla/Constants.pm</filename> in order to reflect
-          the changes. Also, the file should be kept up to date after an
-          upgrade if content types have been customized in the past. 
-        </para>
-      </note>
-      
-      <para>
-        Save the template as <filename>&lt;stubname&gt;-&lt;formatname&gt;.&lt;contenttypetag&gt;.tmpl</filename>. 
-        Try out the template by calling the CGI as 
-        <filename>&lt;cginame&gt;.cgi?format=&lt;formatname&gt;&amp;ctype=&lt;type&gt;</filename> .
-      </para>       
-    </section>
-    
-    
-    <section id="template-specific">
-      <title>Particular Templates</title>
-      
-      <para>
-        There are a few templates you may be particularly interested in
-        customizing for your installation.
-      </para>
-      
-      <para>
-        <command>index.html.tmpl</command>:
-        This is the Bugzilla front page.
-      </para>      
-
-      <para>
-        <command>global/header.html.tmpl</command>:
-        This defines the header that goes on all Bugzilla pages.
-        The header includes the banner, which is what appears to users
-        and is probably what you want to edit instead.  However the
-        header also includes the HTML HEAD section, so you could for
-        example add a stylesheet or META tag by editing the header.
-      </para>
-
-      <para>
-        <command>global/banner.html.tmpl</command>:
-        This contains the <quote>banner</quote>, the part of the header
-        that appears
-        at the top of all Bugzilla pages.  The default banner is reasonably
-        barren, so you'll probably want to customize this to give your
-        installation a distinctive look and feel.  It is recommended you
-        preserve the Bugzilla version number in some form so the version 
-        you are running can be determined, and users know what docs to read.
-      </para>
-
-      <para>
-        <command>global/footer.html.tmpl</command>:
-        This defines the footer that goes on all Bugzilla pages.  Editing
-        this is another way to quickly get a distinctive look and feel for
-        your Bugzilla installation.
-      </para>
-
-      <para>
-        <command>global/variables.none.tmpl</command>:
-        This defines a list of terms that may be changed in order to
-        <quote>brand</quote> the Bugzilla instance In this way, terms
-        like <quote>bugs</quote> can be replaced with <quote>issues</quote>
-        across the whole Bugzilla installation. The name
-        <quote>Bugzilla</quote> and other words can be customized as well.
-      </para>
-
-      <para>
-        <command>list/table.html.tmpl</command>:
-        This template controls the appearance of the bug lists created
-        by Bugzilla. Editing this template allows per-column control of 
-        the width and title of a column, the maximum display length of
-        each entry, and the wrap behaviour of long entries.
-        For long bug lists, Bugzilla inserts a 'break' every 100 bugs by
-        default; this behaviour is also controlled by this template, and
-        that value can be modified here.
-       </para>
-
-      <para>
-        <command>bug/create/user-message.html.tmpl</command>:
-        This is a message that appears near the top of the bug reporting page.
-        By modifying this, you can tell your users how they should report
-        bugs.
-      </para>
-
-      <para>
-        <command>bug/process/midair.html.tmpl</command>:
-        This is the page used if two people submit simultaneous changes to the
-        same bug.  The second person to submit their changes will get this page
-        to tell them what the first person did, and ask if they wish to
-        overwrite those changes or go back and revisit the bug.  The default
-        title and header on this page read "Mid-air collision detected!"  If
-        you work in the aviation industry, or other environment where this
-        might be found offensive (yes, we have true stories of this happening)
-        you'll want to change this to something more appropriate for your
-        environment.
-      </para>
-
-      <para>
-        <command>bug/create/create.html.tmpl</command> and
-        <command>bug/create/comment.txt.tmpl</command>:
-        You may not wish to go to the effort of creating custom fields in
-        Bugzilla, yet you want to make sure that each bug report contains
-        a number of pieces of important information for which there is not
-        a special field. The bug entry system has been designed in an
-        extensible fashion to enable you to add arbitrary HTML widgets,
-        such as drop-down lists or textboxes, to the bug entry page
-        and have their values appear formatted in the initial comment.
-        A hidden field that indicates the format should be added inside
-        the form in order to make the template functional. Its value should
-        be the suffix of the template filename. For example, if the file
-        is called <filename>create-cust.html.tmpl</filename>, then
-        <programlisting>&lt;input type="hidden" name="format" value="cust"&gt;</programlisting>
-        should be used inside the form.
-      </para>
-
-      <para>  
-        An example of this is the mozilla.org 
-        <ulink url="http://landfill.bugzilla.org/bugzilla-tip/enter_bug.cgi?product=WorldControl&amp;format=guided">guided 
-        bug submission form</ulink>. The code for this comes with the Bugzilla
-        distribution as an example for you to copy. It can be found in the
-        files 
-        <filename>create-guided.html.tmpl</filename> and
-        <filename>comment-guided.html.tmpl</filename>.
-      </para>  
-
-      <para>
-        So to use this feature, create a custom template for 
-        <filename>enter_bug.cgi</filename>. The default template, on which you
-        could base it, is 
-        <filename>custom/bug/create/create.html.tmpl</filename>.
-        Call it <filename>create-&lt;formatname&gt;.html.tmpl</filename>, and
-        in it, add widgets for each piece of information you'd like
-        collected - such as a build number, or set of steps to reproduce.
-      </para>
-
-      <para>
-        Then, create a template like 
-        <filename>custom/bug/create/comment.txt.tmpl</filename>, and call it 
-        <filename>comment-&lt;formatname&gt;.txt.tmpl</filename>. This 
-        template should reference the form fields you have created using
-        the syntax <filename>[% form.&lt;fieldname&gt; %]</filename>. When a 
-        bug report is
-        submitted, the initial comment attached to the bug report will be
-        formatted according to the layout of this template.
-      </para> 
-
-      <para>
-        For example, if your custom enter_bug template had a field
-        <programlisting>&lt;input type="text" name="buildid" size="30"&gt;</programlisting>
-        and then your comment.txt.tmpl had
-        <programlisting>BuildID: [% form.buildid %]</programlisting>
-        then something like
-        <programlisting>BuildID: 20020303</programlisting>
-        would appear in the initial comment.
-      </para>            
-    </section>          
-
-
-    <section id="template-http-accept">
-      <title>Configuring Bugzilla to Detect the User's Language</title>
-
-      <para>Bugzilla honours the user's Accept: HTTP header. You can install
-      templates in other languages, and Bugzilla will pick the most appropriate
-      according to a priority order defined by you. Many
-      language templates can be obtained from <ulink 
-      url="http://www.bugzilla.org/download.html#localizations"/>. Instructions
-      for submitting new languages are also available from that location.
-      </para>
-    </section>
-      
-  </section>
-
-  <section id="cust-hooks">
-    <title>The Bugzilla Extension Mechanism</title>
-    
-    <warning>
-      <para>
-        Note that the below paths are inconsistent and confusing. They will
-        likely be changed in Bugzilla 4.0.
-      </para>
-    </warning>
-       
-    <para>
-      Extensions are a way for extensions to Bugzilla to insert code
-      into the standard Bugzilla templates and source files
-      without modifying these files themselves.  The extension mechanism 
-      defines a consistent API for extending the standard templates and source files 
-      in a way that cleanly separates standard code from extension code.  
-      Hooks reduce merge conflicts and make it easier to write extensions that work 
-      across multiple versions of Bugzilla, making upgrading a Bugzilla installation 
-      with installed extensions easier. Furthermore, they make it easy to install 
-      and remove extensions as each extension is nothing more than a 
-      simple directory structure. 
-    </para>
-    
-    <para>
-      There are two main types of hooks: code hooks and template hooks. Code 
-      hooks allow extensions to invoke code at specific points in various 
-      source files, while template hooks allow extensions to add elements to 
-      the Bugzilla user interface. 
-    </para>
-
-    <para>
-      A hook is just a named place in a standard source or template file
-      where extension source code or template files for that hook get processed. 
-      Each extension has a corresponding directory in the Bugzilla directory 
-      tree (<filename>BUGZILLA_ROOT/extensions/extension_name</filename>).  Hooking 
-      an extension source file or template to a hook is as simple as putting 
-      the extension file into extension's template or code directory. 
-      When Bugzilla processes the source file or template and reaches the hook, 
-      it will process all extension files in the hook's directory. 
-      The hooks themselves can be added into any source file or standard template 
-      upon request by extension authors.
-    </para>
-    
-    <para>
-      To use hooks to extend Bugzilla, first make sure there is
-      a hook at the appropriate place within the source file or template you 
-      want to extend. The exact appearance of a hook depends on if the hook 
-      is a code hook or a template hook. 
-    </para>
-    
-    <para>
-      Code hooks appear in Bugzilla source files as a single method call 
-      in the format <literal role="code">Bugzilla::Hook->process("<varname>name</varname>");</literal>.
-      For instance, <filename>enter_bug.cgi</filename> may invoke the hook 
-      "<varname>enter_bug-entrydefaultvars</varname>". Thus, a source file at 
-      <filename>BUGZILLA_ROOT/extensions/EXTENSION_NAME/code/enter_bug-entrydefaultvars.pl</filename>
-      will be automatically invoked when the code hook is reached. 
-    </para>
-   
-    <para>  
-      Template hooks appear in the standard Bugzilla templates as a 
-      single directive in the format
-      <literal role="code">[% Hook.process("<varname>name</varname>") %]</literal>,
-      where <varname>name</varname> is the unique name of the hook.
-    </para>
-
-    <para>
-      If you aren't sure what you want to extend or just want to browse the 
-      available hooks, either use your favorite multi-file search
-      tool (e.g. <command>grep</command>) to search the standard templates
-      for occurrences of <methodname>Hook.process</methodname> or the source 
-      files for occurrences of <methodname>Bugzilla::Hook::process</methodname>.
-    </para>
-
-    <para>
-      If there is no hook at the appropriate place within the Bugzilla 
-      source file or template you want to extend,
-      <ulink url="http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla&amp;component=User%20Interface">file
-      a bug requesting one</ulink>, specifying:
-    </para>
-
-    <simplelist>
-      <member>the source or template file for which you are 
-          requesting a hook;</member>
-      <member>
-        where in the file you would like the hook to be placed
-        (line number/position for latest version of the file in CVS
-        or description of location);
-      </member>
-      <member>the purpose of the hook;</member>
-      <member>a link to information about your extension, if any.</member>
-    </simplelist>
-
-    <para>
-      The Bugzilla reviewers will promptly review each hook request,
-      name the hook, add it to the template or source file, and check 
-      the new version of the template into CVS.
-    </para>
-
-    <para>
-      You may optionally attach a patch to the bug which implements the hook
-      and check it in yourself after receiving approval from a Bugzilla
-      reviewer.  The developers may suggest changes to the location of the
-      hook based on their analysis of your needs or so the hook can satisfy
-      the needs of multiple extensions, but the process of getting hooks
-      approved and checked in is not as stringent as the process for general
-      changes to Bugzilla, and any extension, whether released or still in
-      development, can have hooks added to meet their needs.
-    </para>
-
-    <para>
-      After making sure the hook you need exists (or getting it added if not),
-      add your extension to the directory within the Bugzilla
-      extensions tree corresponding to the hook. 
-    </para>
-    
-    <para>
-      That's it!  Now, when the source file or template containing the hook
-      is processed, your extension file will be processed at the point 
-      where the hook appears.
-    </para>
-
-    <para>
-      For example, let's say you have an extension named Projman that adds
-      project management capabilities to Bugzilla.  Projman has an
-      administration interface <filename>edit-projects.cgi</filename>, 
-      and you want to add a link to it into the navigation bar at the bottom
-      of every Bugzilla page for those users who are authorized
-      to administer projects.
-    </para>
-
-    <para>
-      The navigation bar is generated by the template file
-      <filename>useful-links.html.tmpl</filename>, which is located in
-      the <filename>global/</filename> subdirectory on the standard Bugzilla 
-      template path
-      <filename>BUGZILLA_ROOT/template/en/default/</filename>.
-      Looking in <filename>useful-links.html.tmpl</filename>, you find
-      the following hook at the end of the list of standard Bugzilla
-      administration links:
-    </para>
-
-    <programlisting><![CDATA[...
-    [% ', <a href="editkeywords.cgi">keywords</a>' 
-                                              IF user.groups.editkeywords %]
-    [% Hook.process("edit") %]
-...]]></programlisting>
-
-    <para>
-      The corresponding extension file for this hook is
-      <filename>BUGZILLA_ROOT/extensions/projman/template/en/global/useful-links-edit.html.tmpl</filename>.
-      You then create that template file and add the following constant:
-    </para>
-
-    <programlisting><![CDATA[...[% ', <a href="edit-projects.cgi">projects</a>' IF user.groups.projman_admins %]]]></programlisting>
-
-    <para>
-      Voila!  The link now appears after the other administration links in the
-      navigation bar for users in the <literal>projman_admins</literal> group.
-    </para>
-    
-    <para>
-      Now, let us say your extension adds a custom "project_manager" field 
-      to enter_bug.cgi. You want to modify the CGI script to set the default 
-      project manager to be productname@company.com. Looking at 
-      <filename>enter_bug.cgi</filename>, you see the enter_bug-entrydefaultvars 
-      hook near the bottom of the file before the default form values are set. 
-      The corresponding extension source file for this hook is located at 
-      <filename>BUGZILLA_ROOT/extensions/projman/code/enter_bug-entrydefaultvars.pl</filename>.
-      You then create that file and add the following:
-    </para>
-    
-    <programlisting>$default{'project_manager'} = $product.'@company.com';</programlisting>
-    
-    <para>
-      This code will be invoked whenever enter_bug.cgi is executed. 
-      Assuming that the rest of the customization was completed (e.g. the 
-      custom field was added to the enter_bug template and the required hooks 
-      were used in process_bug.cgi), the new field will now have this 
-      default value. 
-    </para>
-      
-    <para>
-      Notes:
-    </para>
-
-    <itemizedlist>
-      <listitem>
-        <para>
-          If your extension includes entirely new templates in addition to
-          extensions of standard templates, it should store those new
-          templates in its
-          <filename>BUGZILLA_ROOT/extensions/template/en/</filename> 
-          directory. Extension template directories, like the 
-          <filename>default/</filename> and <filename>custom/</filename>
-          directories, are part of the template search path, so putting templates
-          there enables them to be found by the template processor.
-        </para>
-
-        <para>
-          The template processor looks for templates first in the
-          <filename>custom/</filename> directory (i.e. templates added by the 
-          specific installation), then in the <filename>extensions/</filename>
-          directory (i.e. templates added by extensions), and finally in the 
-          <filename>default/</filename> directory (i.e. the standard Bugzilla 
-          templates). Thus, installation-specific templates override both 
-          default and extension templates.
-        </para>
-      </listitem>
-
-      <listitem>
-        <para>
-          If you are looking to customize Bugzilla, you can also take advantage 
-          of template hooks. To do so, create a directory in
-          <filename>BUGZILLA_ROOT/template/en/custom/hook/</filename>
-          that corresponds to the hook you wish to use, then place your 
-          customization templates into those directories. For example, 
-          if you wanted to use the hook "end" in 
-          <filename>global/useful-links.html.tmpl</filename>, you would 
-          create the directory <filename>BUGZILLA_ROOT/template/en/custom/hook/
-          global/useful-links.html.tmpl/end/</filename> and add your customization 
-          template to this directory. 
-        </para>
-
-        <para>
-          Obviously this method of customizing Bugzilla only lets you add code
-          to the standard source files and templates; you cannot change the 
-          existing code. Nevertheless, for those customizations that only add 
-          code, this method can reduce conflicts when merging changes, 
-          making upgrading your customized Bugzilla installation easier.
-        </para>
-      </listitem>
-    </itemizedlist>    
-  </section>
-
-  <section id="cust-change-permissions">
-    <title>Customizing Who Can Change What</title>
-    
-    <warning>
-      <para>
-        This feature should be considered experimental; the Bugzilla code you
-        will be changing is not stable, and could change or move between 
-        versions. Be aware that if you make modifications as outlined here, 
-        you may have
-        to re-make them or port them if Bugzilla changes internally between
-        versions, and you upgrade.
-      </para>
-    </warning>
-      
-    <para>
-      Companies often have rules about which employees, or classes of employees,
-      are allowed to change certain things in the bug system. For example, 
-      only the bug's designated QA Contact may be allowed to VERIFY the bug.
-      Bugzilla has been
-      designed to make it easy for you to write your own custom rules to define
-      who is allowed to make what sorts of value transition.
-    </para>
-
-    <para>
-     By default, assignees, QA owners and users
-     with <emphasis>editbugs</emphasis> privileges can edit all fields of bugs, 
-     except group restrictions (unless they are members of the groups they 
-     are trying to change). Bug reporters also have the ability to edit some 
-     fields, but in a more restrictive manner. Other users, without 
-     <emphasis>editbugs</emphasis> privileges, can not edit 
-     bugs, except to comment and add themselves to the CC list.
-    </para> 
-    
-    <para>
-      For maximum flexibility, customizing this means editing Bugzilla's Perl 
-      code. This gives the administrator complete control over exactly who is
-      allowed to do what. The relevant method is called
-      <filename>check_can_change_field()</filename>,
-      and is found in <filename>Bug.pm</filename> in your
-      Bugzilla/ directory. If you open that file and search for
-      <quote>sub check_can_change_field</quote>, you'll find it.
-    </para>
-    
-    <para>
-      This function has been carefully commented to allow you to see exactly
-      how it works, and give you an idea of how to make changes to it.
-      Certain marked sections should not be changed - these are
-      the <quote>plumbing</quote> which makes the rest of the function work.
-      In between those sections, you'll find snippets of code like:
-      <programlisting>    # Allow the assignee to change anything.
-    if ($ownerid eq $whoid) {
-        return 1;
-    }</programlisting>
-      It's fairly obvious what this piece of code does.
-    </para>      
-      
-    <para>
-      So, how does one go about changing this function? Well, simple changes
-      can be made just by removing pieces - for example, if you wanted to 
-      prevent any user adding a comment to a bug, just remove the lines marked
-      <quote>Allow anyone to change comments.</quote> If you don't want the
-      Reporter to have any special rights on bugs they have filed, just
-      remove the entire section that deals with the Reporter.
-    </para>
-    
-    <para>
-      More complex customizations are not much harder. Basically, you add
-      a check in the right place in the function, i.e. after all the variables
-      you are using have been set up. So, don't look at $ownerid before 
-      $ownerid has been obtained from the database. You can either add a
-      positive check, which returns 1 (allow) if certain conditions are true,
-      or a negative check, which returns 0 (deny.) E.g.:
-      <programlisting>    if ($field eq "qacontact") {
-        if (Bugzilla->user->groups("quality_assurance")) {
-            return 1;
-        } 
-        else {
-            return 0;
-        }
-    }</programlisting>
-      This says that only users in the group "quality_assurance" can change
-      the QA Contact field of a bug.
-    </para>
-
-    <para>
-      Getting more weird:
-      <programlisting><![CDATA[    if (($field eq "priority") &&
-        (Bugzilla->user->email =~ /.*\@example\.com$/))
-    {
-        if ($oldvalue eq "P1") {
-            return 1;
-        } 
-        else {
-            return 0;
-        }
-    }]]></programlisting>
-      This says that if the user is trying to change the priority field,
-      and their email address is @example.com, they can only do so if the
-      old value of the field was "P1". Not very useful, but illustrative.
-    </para>
-
-    <warning>
-      <para>
-        If you are modifying <filename>process_bug.cgi</filename> in any
-        way, do not change the code that is bounded by DO_NOT_CHANGE blocks.
-        Doing so could compromise security, or cause your installation to
-        stop working entirely.
-      </para>
-    </warning>
-    
-    <para>
-      For a list of possible field names, look at the bugs table in the 
-      database. If you need help writing custom rules for your organization,
-      ask in the newsgroup.
-    </para>    
-  </section>   
-
-  <!-- Integrating Bugzilla with Third-Party Tools -->
-<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="integration.xml" />
-</chapter>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/gfdl.xml

@@ -1,449 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="gfdl">
-  <title>GNU Free Documentation License</title>
-
-<!-- - GNU Project - Free Software Foundation (FSF) -->
-<!-- LINK REV="made" HREF="mailto:webmasters@gnu.org" -->
-<!-- section>
-    <title>GNU Free Documentation License</title -->
-  <para>Version 1.1, March 2000</para>
-
-  <blockquote>
-    <para>Copyright (C) 2000 Free Software Foundation, Inc. 59 Temple Place,
-    Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and
-    distribute verbatim copies of this license document, but changing it is
-    not allowed.</para>
-  </blockquote>
-
-  <section label="0" id="gfdl-0">
-    <title>Preamble</title>
-
-    <para>The purpose of this License is to make a manual, textbook, or other
-    written document "free" in the sense of freedom: to assure everyone the
-    effective freedom to copy and redistribute it, with or without modifying
-    it, either commercially or noncommercially. Secondarily, this License
-    preserves for the author and publisher a way to get credit for their
-    work, while not being considered responsible for modifications made by
-    others.</para>
-
-    <para>This License is a kind of "copyleft", which means that derivative
-    works of the document must themselves be free in the same sense. It
-    complements the GNU General Public License, which is a copyleft license
-    designed for free software.</para>
-
-    <para>We have designed this License in order to use it for manuals for
-    free software, because free software needs free documentation: a free
-    program should come with manuals providing the same freedoms that the
-    software does. But this License is not limited to software manuals; it
-    can be used for any textual work, regardless of subject matter or whether
-    it is published as a printed book. We recommend this License principally
-    for works whose purpose is instruction or reference.</para>
-  </section>
-
-  <section label="1" id="gfdl-1">
-    <title>Applicability and Definition</title>
-
-    <para>This License applies to any manual or other work that contains a
-    notice placed by the copyright holder saying it can be distributed under
-    the terms of this License. The "Document", below, refers to any such
-    manual or work. Any member of the public is a licensee, and is addressed
-    as "you".</para>
-
-    <para>A "Modified Version" of the Document means any work containing the
-    Document or a portion of it, either copied verbatim, or with
-    modifications and/or translated into another language.</para>
-
-    <para>A "Secondary Section" is a named appendix or a front-matter section
-    of the Document that deals exclusively with the relationship of the
-    publishers or authors of the Document to the Document's overall subject
-    (or to related matters) and contains nothing that could fall directly
-    within that overall subject. (For example, if the Document is in part a
-    textbook of mathematics, a Secondary Section may not explain any
-    mathematics.) The relationship could be a matter of historical connection
-    with the subject or with related matters, or of legal, commercial,
-    philosophical, ethical or political position regarding them.</para>
-
-    <para>The "Invariant Sections" are certain Secondary Sections whose
-    titles are designated, as being those of Invariant Sections, in the
-    notice that says that the Document is released under this License.</para>
-
-    <para>The "Cover Texts" are certain short passages of text that are
-    listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says
-    that the Document is released under this License.</para>
-
-    <para>A "Transparent" copy of the Document means a machine-readable copy,
-    represented in a format whose specification is available to the general
-    public, whose contents can be viewed and edited directly and
-    straightforwardly with generic text editors or (for images composed of
-    pixels) generic paint programs or (for drawings) some widely available
-    drawing editor, and that is suitable for input to text formatters or for
-    automatic translation to a variety of formats suitable for input to text
-    formatters. A copy made in an otherwise Transparent file format whose
-    markup has been designed to thwart or discourage subsequent modification
-    by readers is not Transparent. A copy that is not "Transparent" is called
-    "Opaque".</para>
-
-    <para>Examples of suitable formats for Transparent copies include plain
-    ASCII without markup, Texinfo input format, LaTeX input format, SGML or
-    XML using a publicly available DTD, and standard-conforming simple HTML
-    designed for human modification. Opaque formats include PostScript, PDF,
-    proprietary formats that can be read and edited only by proprietary word
-    processors, SGML or XML for which the DTD and/or processing tools are not
-    generally available, and the machine-generated HTML produced by some word
-    processors for output purposes only.</para>
-
-    <para>The "Title Page" means, for a printed book, the title page itself,
-    plus such following pages as are needed to hold, legibly, the material
-    this License requires to appear in the title page. For works in formats
-    which do not have any title page as such, "Title Page" means the text
-    near the most prominent appearance of the work's title, preceding the
-    beginning of the body of the text.</para>
-  </section>
-
-  <section label="2" id="gfdl-2">
-    <title>Verbatim Copying</title>
-
-    <para>You may copy and distribute the Document in any medium, either
-    commercially or noncommercially, provided that this License, the
-    copyright notices, and the license notice saying this License applies to
-    the Document are reproduced in all copies, and that you add no other
-    conditions whatsoever to those of this License. You may not use technical
-    measures to obstruct or control the reading or further copying of the
-    copies you make or distribute. However, you may accept compensation in
-    exchange for copies. If you distribute a large enough number of copies
-    you must also follow the conditions in section 3.</para>
-
-    <para>You may also lend copies, under the same conditions stated above,
-    and you may publicly display copies.</para>
-  </section>
-
-  <section label="3" id="gfdl-3">
-    <title>Copying in Quantity</title>
-
-    <para>If you publish printed copies of the Document numbering more than
-    100, and the Document's license notice requires Cover Texts, you must
-    enclose the copies in covers that carry, clearly and legibly, all these
-    Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts
-    on the back cover. Both covers must also clearly and legibly identify you
-    as the publisher of these copies. The front cover must present the full
-    title with all words of the title equally prominent and visible. You may
-    add other material on the covers in addition. Copying with changes
-    limited to the covers, as long as they preserve the title of the Document
-    and satisfy these conditions, can be treated as verbatim copying in other
-    respects.</para>
-
-    <para>If the required texts for either cover are too voluminous to fit
-    legibly, you should put the first ones listed (as many as fit reasonably)
-    on the actual cover, and continue the rest onto adjacent pages.</para>
-
-    <para>If you publish or distribute Opaque copies of the Document
-    numbering more than 100, you must either include a machine-readable
-    Transparent copy along with each Opaque copy, or state in or with each
-    Opaque copy a publicly-accessible computer-network location containing a
-    complete Transparent copy of the Document, free of added material, which
-    the general network-using public has access to download anonymously at no
-    charge using public-standard network protocols. If you use the latter
-    option, you must take reasonably prudent steps, when you begin
-    distribution of Opaque copies in quantity, to ensure that this
-    Transparent copy will remain thus accessible at the stated location until
-    at least one year after the last time you distribute an Opaque copy
-    (directly or through your agents or retailers) of that edition to the
-    public.</para>
-
-    <para>It is requested, but not required, that you contact the authors of
-    the Document well before redistributing any large number of copies, to
-    give them a chance to provide you with an updated version of the
-    Document.</para>
-  </section>
-
-  <section label="4" id="gfdl-4">
-    <title>Modifications</title>
-
-    <para>You may copy and distribute a Modified Version of the Document
-    under the conditions of sections 2 and 3 above, provided that you release
-    the Modified Version under precisely this License, with the Modified
-    Version filling the role of the Document, thus licensing distribution and
-    modification of the Modified Version to whoever possesses a copy of it.
-    In addition, you must do these things in the Modified Version:</para>
-
-    <orderedlist numeration="upperalpha">
-      <listitem>
-        <para>Use in the Title Page (and on the covers, if any) a title
-        distinct from that of the Document, and from those of previous
-        versions (which should, if there were any, be listed in the History
-        section of the Document). You may use the same title as a previous
-        version if the original publisher of that version gives
-        permission.</para>
-      </listitem>
-
-      <listitem>
-        <para>List on the Title Page, as authors, one or more persons or
-        entities responsible for authorship of the modifications in the
-        Modified Version, together with at least five of the principal
-        authors of the Document (all of its principal authors, if it has less
-        than five).</para>
-      </listitem>
-
-      <listitem>
-        <para>State on the Title page the name of the publisher of the
-        Modified Version, as the publisher.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve all the copyright notices of the Document.</para>
-      </listitem>
-
-      <listitem>
-        <para>Add an appropriate copyright notice for your modifications
-        adjacent to the other copyright notices.</para>
-      </listitem>
-
-      <listitem>
-        <para>Include, immediately after the copyright notices, a license
-        notice giving the public permission to use the Modified Version under
-        the terms of this License, in the form shown in the Addendum
-        below.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve in that license notice the full lists of Invariant
-        Sections and required Cover Texts given in the Document's license
-        notice.</para>
-      </listitem>
-
-      <listitem>
-        <para>Include an unaltered copy of this License.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve the section entitled "History", and its title, and add
-        to it an item stating at least the title, year, new authors, and
-        publisher of the Modified Version as given on the Title Page. If
-        there is no section entitled "History" in the Document, create one
-        stating the title, year, authors, and publisher of the Document as
-        given on its Title Page, then add an item describing the Modified
-        Version as stated in the previous sentence.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve the network location, if any, given in the Document
-        for public access to a Transparent copy of the Document, and likewise
-        the network locations given in the Document for previous versions it
-        was based on. These may be placed in the "History" section. You may
-        omit a network location for a work that was published at least four
-        years before the Document itself, or if the original publisher of the
-        version it refers to gives permission.</para>
-      </listitem>
-
-      <listitem>
-        <para>In any section entitled "Acknowledgements" or "Dedications",
-        preserve the section's title, and preserve in the section all the
-        substance and tone of each of the contributor acknowledgements and/or
-        dedications given therein.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve all the Invariant Sections of the Document, unaltered
-        in their text and in their titles. Section numbers or the equivalent
-        are not considered part of the section titles.</para>
-      </listitem>
-
-      <listitem>
-        <para>Delete any section entitled "Endorsements". Such a section may
-        not be included in the Modified Version.</para>
-      </listitem>
-
-      <listitem>
-        <para>Do not retitle any existing section as "Endorsements" or to
-        conflict in title with any Invariant Section.</para>
-      </listitem>
-    </orderedlist>
-
-    <para>If the Modified Version includes new front-matter sections or
-    appendices that qualify as Secondary Sections and contain no material
-    copied from the Document, you may at your option designate some or all of
-    these sections as invariant. To do this, add their titles to the list of
-    Invariant Sections in the Modified Version's license notice. These titles
-    must be distinct from any other section titles.</para>
-
-    <para>You may add a section entitled "Endorsements", provided it contains
-    nothing but endorsements of your Modified Version by various parties--for
-    example, statements of peer review or that the text has been approved by
-    an organization as the authoritative definition of a standard.</para>
-
-    <para>You may add a passage of up to five words as a Front-Cover Text,
-    and a passage of up to 25 words as a Back-Cover Text, to the end of the
-    list of Cover Texts in the Modified Version. Only one passage of
-    Front-Cover Text and one of Back-Cover Text may be added by (or through
-    arrangements made by) any one entity. If the Document already includes a
-    cover text for the same cover, previously added by you or by arrangement
-    made by the same entity you are acting on behalf of, you may not add
-    another; but you may replace the old one, on explicit permission from the
-    previous publisher that added the old one.</para>
-
-    <para>The author(s) and publisher(s) of the Document do not by this
-    License give permission to use their names for publicity for or to assert
-    or imply endorsement of any Modified Version.</para>
-  </section>
-
-  <section label="5" id="gfdl-5">
-    <title>Combining Documents</title>
-
-    <para>You may combine the Document with other documents released under
-    this License, under the terms defined in section 4 above for modified
-    versions, provided that you include in the combination all of the
-    Invariant Sections of all of the original documents, unmodified, and list
-    them all as Invariant Sections of your combined work in its license
-    notice.</para>
-
-    <para>The combined work need only contain one copy of this License, and
-    multiple identical Invariant Sections may be replaced with a single copy.
-    If there are multiple Invariant Sections with the same name but different
-    contents, make the title of each such section unique by adding at the end
-    of it, in parentheses, the name of the original author or publisher of
-    that section if known, or else a unique number. Make the same adjustment
-    to the section titles in the list of Invariant Sections in the license
-    notice of the combined work.</para>
-
-    <para>In the combination, you must combine any sections entitled
-    "History" in the various original documents, forming one section entitled
-    "History"; likewise combine any sections entitled "Acknowledgements", and
-    any sections entitled "Dedications". You must delete all sections
-    entitled "Endorsements."</para>
-  </section>
-
-  <section label="6" id="gfdl-6">
-    <title>Collections of Documents</title>
-
-    <para>You may make a collection consisting of the Document and other
-    documents released under this License, and replace the individual copies
-    of this License in the various documents with a single copy that is
-    included in the collection, provided that you follow the rules of this
-    License for verbatim copying of each of the documents in all other
-    respects.</para>
-
-    <para>You may extract a single document from such a collection, and
-    distribute it individually under this License, provided you insert a copy
-    of this License into the extracted document, and follow this License in
-    all other respects regarding verbatim copying of that document.</para>
-  </section>
-
-  <section label="7" id="gfdl-7">
-    <title>Aggregation with Independent Works</title>
-
-    <para>A compilation of the Document or its derivatives with other
-    separate and independent documents or works, in or on a volume of a
-    storage or distribution medium, does not as a whole count as a Modified
-    Version of the Document, provided no compilation copyright is claimed for
-    the compilation. Such a compilation is called an "aggregate", and this
-    License does not apply to the other self-contained works thus compiled
-    with the Document, on account of their being thus compiled, if they are
-    not themselves derivative works of the Document.</para>
-
-    <para>If the Cover Text requirement of section 3 is applicable to these
-    copies of the Document, then if the Document is less than one quarter of
-    the entire aggregate, the Document's Cover Texts may be placed on covers
-    that surround only the Document within the aggregate. Otherwise they must
-    appear on covers around the whole aggregate.</para>
-  </section>
-
-  <section label="8" id="gfdl-8">
-    <title>Translation</title>
-
-    <para>Translation is considered a kind of modification, so you may
-    distribute translations of the Document under the terms of section 4.
-    Replacing Invariant Sections with translations requires special
-    permission from their copyright holders, but you may include translations
-    of some or all Invariant Sections in addition to the original versions of
-    these Invariant Sections. You may include a translation of this License
-    provided that you also include the original English version of this
-    License. In case of a disagreement between the translation and the
-    original English version of this License, the original English version
-    will prevail.</para>
-  </section>
-
-  <section label="9" id="gfdl-9">
-    <title>Termination</title>
-
-    <para>You may not copy, modify, sublicense, or distribute the Document
-    except as expressly provided for under this License. Any other attempt to
-    copy, modify, sublicense or distribute the Document is void, and will
-    automatically terminate your rights under this License. However, parties
-    who have received copies, or rights, from you under this License will not
-    have their licenses terminated so long as such parties remain in full
-    compliance.</para>
-  </section>
-
-  <section label="10" id="gfdl-10">
-    <title>Future Revisions of this License</title>
-
-    <para>The Free Software Foundation may publish new, revised versions of
-    the GNU Free Documentation License from time to time. Such new versions
-    will be similar in spirit to the present version, but may differ in
-    detail to address new problems or concerns. See 
-    <ulink url="http://www.gnu.org/copyleft/"/>.</para>
-
-    <para>Each version of the License is given a distinguishing version
-    number. If the Document specifies that a particular numbered version of
-    this License "or any later version" applies to it, you have the option of
-    following the terms and conditions either of that specified version or of
-    any later version that has been published (not as a draft) by the Free
-    Software Foundation. If the Document does not specify a version number of
-    this License, you may choose any version ever published (not as a draft)
-    by the Free Software Foundation.</para>
-  </section>
-
-  <section label="" id="gfdl-howto">
-    <title>How to use this License for your documents</title>
-
-    <para>To use this License in a document you have written, include a copy
-    of the License in the document and put the following copyright and
-    license notices just after the title page:</para>
-
-    <blockquote>
-      <para>Copyright (c) YEAR YOUR NAME. Permission is granted to copy,
-      distribute and/or modify this document under the terms of the GNU Free
-      Documentation License, Version 1.1 or any later version published by
-      the Free Software Foundation; with the Invariant Sections being LIST
-      THEIR TITLES, with the Front-Cover Texts being LIST, and with the
-      Back-Cover Texts being LIST. A copy of the license is included in the
-      section entitled "GNU Free Documentation License".</para>
-    </blockquote>
-
-    <para>If you have no Invariant Sections, write "with no Invariant
-    Sections" instead of saying which ones are invariant. If you have no
-    Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover
-    Texts being LIST"; likewise for Back-Cover Texts.</para>
-
-    <para>If your document contains nontrivial examples of program code, we
-    recommend releasing these examples in parallel under your choice of free
-    software license, such as the GNU General Public License, to permit their
-    use in free software.</para>
-  </section>
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/glossary.xml

@@ -1,555 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<glossary id="glossary">
-  <glossdiv>
-    <title>0-9, high ascii</title>
-
-    <glossentry id="gloss-htaccess">
-      <glossterm>.htaccess</glossterm>
-
-      <glossdef>
-        <para>Apache web server, and other NCSA-compliant web servers,
-        observe the convention of using files in directories called 
-        <filename>.htaccess</filename>
-
-        to restrict access to certain files. In Bugzilla, they are used
-        to keep secret files which would otherwise
-        compromise your installation - e.g. the 
-        <filename>localconfig</filename>
-        file contains the password to your database.
-        curious.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-a">
-    <title>A</title>
-
-    <glossentry id="gloss-apache">
-      <glossterm>Apache</glossterm>
-
-      <glossdef>
-        <para>In this context, Apache is the web server most commonly used
-        for serving up Bugzilla 
-        pages. Contrary to popular belief, the apache web server has nothing
-        to do with the ancient and noble Native American tribe, but instead
-        derived its name from the fact that it was 
-        <quote>a patchy</quote>
-        version of the original 
-        <acronym>NCSA</acronym>
-        world-wide-web server.</para>
-
-        <variablelist>
-          <title>Useful Directives when configuring Bugzilla</title>
-
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#addhandler">AddHandler</ulink></computeroutput></term>
-            <listitem>
-              <para>Tell Apache that it's OK to run CGI scripts.</para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#allowoverride">AllowOverride</ulink></computeroutput></term>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#options">Options</ulink></computeroutput></term>
-            <listitem>
-              <para>These directives are used to tell Apache many things about
-              the directory they apply to. For Bugzilla's purposes, we need
-              them to allow script execution and <filename>.htaccess</filename>
-              overrides.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/mod_dir.html#directoryindex">DirectoryIndex</ulink></computeroutput></term>
-            <listitem>
-              <para>Used to tell Apache what files are indexes. If you can
-              not add <filename>index.cgi</filename> to the list of valid files,
-              you'll need to set <computeroutput>$index_html</computeroutput> to
-              1 in <filename>localconfig</filename> so
-              <command>./checksetup.pl</command> will create an
-              <filename>index.html</filename> that redirects to
-              <filename>index.cgi</filename>.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#scriptinterpretersource">ScriptInterpreterSource</ulink></computeroutput></term>
-            <listitem>
-              <para>Used when running Apache on windows so the shebang line
-              doesn't have to be changed in every Bugzilla script.
-              </para>
-            </listitem>
-          </varlistentry>
-        </variablelist>
-
-        <para>For more information about how to configure Apache for Bugzilla,
-        see <xref linkend="http-apache"/>.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-b">
-    <title>B</title>
-
-    <glossentry>
-      <glossterm>Bug</glossterm>
-
-      <glossdef>
-        <para>A 
-        <quote>bug</quote>
-
-        in Bugzilla refers to an issue entered into the database which has an
-        associated number, assignments, comments, etc. Some also refer to a 
-        <quote>tickets</quote>
-        or 
-        <quote>issues</quote>; 
-        in the context of Bugzilla, they are synonymous.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>Bug Number</glossterm>
-
-      <glossdef>
-        <para>Each Bugzilla bug is assigned a number that uniquely identifies
-        that bug. The bug associated with a bug number can be pulled up via a
-        query, or easily from the very front page by typing the number in the
-        "Find" box.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-bugzilla">
-      <glossterm>Bugzilla</glossterm>
-
-      <glossdef>
-        <para>Bugzilla is the world-leading free software bug tracking system.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-c">
-    <title>C</title>
-
-    <glossentry id="gloss-cgi">
-      <glossterm>Common Gateway Interface</glossterm>
-      <acronym>CGI</acronym>
-      <glossdef>
-        <para><acronym>CGI</acronym> is an acronym for Common Gateway Interface. This is
-        a standard for interfacing an external application with a web server. Bugzilla
-        is an example of a <acronym>CGI</acronym> application.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-component">
-      <glossterm>Component</glossterm>
-
-      <glossdef>
-        <para>A Component is a subsection of a Product. It should be a narrow
-        category, tailored to your organization. All Products must contain at
-        least one Component (and, as a matter of fact, creating a Product
-        with no Components will create an error in Bugzilla).</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-cpan">
-      <glossterm>Comprehensive Perl Archive Network</glossterm>
-      <acronym>CPAN</acronym>
-
-      <!-- TODO: Rewrite def for CPAN -->
-      <glossdef>
-        <para>
-        <acronym>CPAN</acronym>
-
-        stands for the 
-        <quote>Comprehensive Perl Archive Network</quote>. 
-        CPAN maintains a large number of extremely useful 
-        <glossterm>Perl</glossterm>
-        modules - encapsulated chunks of code for performing a
-        particular task.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-contrib">
-      <glossterm><filename class="directory">contrib</filename></glossterm>
-
-      <glossdef>
-        <para>The <filename class="directory">contrib</filename> directory is
-        a location to put scripts that have been contributed to Bugzilla but
-        are not a part of the official distribution. These scripts are written
-        by third parties and may be in languages other than perl. For those
-        that are in perl, there may be additional modules or other requirements
-        than those of the official distribution.
-        <note>
-          <para>Scripts in the <filename class="directory">contrib</filename>
-          directory are not officially supported by the Bugzilla team and may
-          break in between versions.
-          </para>
-        </note>
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-d">
-    <title>D</title>
-
-    <glossentry id="gloss-daemon">
-      <glossterm>daemon</glossterm>
-
-      <glossdef>
-        <para>A daemon is a computer program which runs in the background. In
-        general, most daemons are started at boot time via System V init
-        scripts, or through RC scripts on BSD-based systems. 
-        <glossterm>mysqld</glossterm>, 
-        the MySQL server, and 
-        <glossterm>apache</glossterm>, 
-        a web server, are generally run as daemons.</para>
-      </glossdef>
-    </glossentry>
-    
-    <glossentry id="gloss-dos">
-      <glossterm>DOS Attack</glossterm>
-      
-      <glossdef>
-        <para>A DOS, or Denial of Service attack, is when a user attempts to
-        deny access to a web server by repeatedly accessing a page or sending
-        malformed requests to a webserver. A D-DOS, or
-        Distributed Denial of Service attack, is when these requests come
-        from multiple sources at the same time. Unfortunately, these are much
-        more difficult to defend against.
-        </para>
-      </glossdef>
-    </glossentry>
-    
-  </glossdiv>
-
-  <glossdiv id="gloss-g">
-    <title>G</title>
-
-    <glossentry id="gloss-groups">
-      <glossterm>Groups</glossterm>
-
-      <glossdef>
-        <para>The word 
-        <quote>Groups</quote>
-
-        has a very special meaning to Bugzilla. Bugzilla's main security
-        mechanism comes by placing users in groups, and assigning those
-        groups certain privileges to view bugs in particular
-        <glossterm>Products</glossterm>
-        in the 
-        <glossterm>Bugzilla</glossterm>
-        database.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-j">
-    <title>J</title>
-
-    <glossentry id="gloss-javascript">
-      <glossterm>JavaScript</glossterm>
-      <glossdef>
-        <para>JavaScript is cool, we should talk about it.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-m">
-    <title>M</title>
-
-    <glossentry id="gloss-mta">
-      <glossterm>Message Transport Agent</glossterm>
-      <acronym>MTA</acronym>
-
-      <glossdef>
-        <para>A Message Transport Agent is used to control the flow of email on a system.
-        The <ulink url="http://search.cpan.org/dist/Email-Send/lib/Email/Send.pm">Email::Send</ulink>
-        Perl module, which Bugzilla uses to send email, can be configured to
-        use many different underlying implementations for actually sending the
-        mail using the <option>mail_delivery_method</option> parameter.
-        Implementations other than <literal>sendmail</literal> require that the
-        <option>sendmailnow</option> param be set to <literal>on</literal>.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-mysql">
-      <glossterm>MySQL</glossterm>
-
-      <glossdef>
-        <para>MySQL is currently the required
-        <glossterm linkend="gloss-rdbms">RDBMS</glossterm> for Bugzilla. MySQL
-        can be downloaded from <ulink url="http://www.mysql.com"/>. While you
-        should familiarize yourself with all of the documentation, some high
-        points are:
-        </para>
-        <variablelist>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Backup.html">Backup</ulink></term>
-            <listitem>
-              <para>Methods for backing up your Bugzilla database.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Option_files.html">Option Files</ulink></term>
-            <listitem>
-              <para>Information about how to configure MySQL using
-              <filename>my.cnf</filename>.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Privilege_system.html">Privilege System</ulink></term>
-            <listitem>
-              <para>Much more detailed information about the suggestions in
-              <xref linkend="security-mysql"/>.
-              </para>
-            </listitem>
-          </varlistentry>
-        </variablelist>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-p">
-    <title>P</title>
-
-    <glossentry id="gloss-ppm">
-      <glossterm>Perl Package Manager</glossterm>
-      <acronym>PPM</acronym>
-
-      <glossdef>
-        <para><ulink url="http://aspn.activestate.com/ASPN/Downloads/ActivePerl/PPM/"/>
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm id="gloss-product">Product</glossterm>
-
-      <glossdef>
-        <para>A Product is a broad category of types of bugs, normally
-        representing a single piece of software or entity. In general,
-        there are several Components to a Product. A Product may define a
-        group (used for security) for all bugs entered into
-        its Components.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>Perl</glossterm>
-
-      <glossdef>
-        <para>First written by Larry Wall, Perl is a remarkable program
-        language. It has the benefits of the flexibility of an interpreted
-        scripting language (such as shell script), combined with the speed
-        and power of a compiled language, such as C. 
-        <glossterm>Bugzilla</glossterm>
-
-        is maintained in Perl.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-q">
-    <title>Q</title>
-
-    <glossentry>
-      <glossterm>QA</glossterm>
-
-      <glossdef>
-        <para>
-        <quote>QA</quote>, 
-        <quote>Q/A</quote>, and 
-        <quote>Q.A.</quote>
-        are short for 
-        <quote>Quality Assurance</quote>. 
-        In most large software development organizations, there is a team
-        devoted to ensuring the product meets minimum standards before
-        shipping. This team will also generally want to track the progress of
-        bugs over their life cycle, thus the need for the 
-        <quote>QA Contact</quote>
-
-        field in a bug.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-r">
-    <title>R</title>
-
-    <glossentry id="gloss-rdbms">
-      <glossterm>Relational DataBase Management System</glossterm>
-      <acronym>RDBMS</acronym>
-
-      <glossdef>
-        <para>A relational database management system is a database system
-        that stores information in tables that are related to each other.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-regexp">
-      <glossterm>Regular Expression</glossterm>
-      <acronym>regexp</acronym>
-
-      <glossdef>
-          <para>A regular expression is an expression used for pattern matching.
-              <ulink url="http://perldoc.com/perl5.6/pod/perlre.html#Regular-Expressions">Documentation</ulink>
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-s">
-    <title>S</title>
-
-    <glossentry id="gloss-service">
-      <glossterm>Service</glossterm>
-      
-      <glossdef>
-        <para>In Windows NT environment, a boot-time background application
-        is referred to as a service. These are generally managed through the
-        control panel while logged in as an account with
-        <quote>Administrator</quote> level capabilities. For more
-        information, consult your Windows manual or the MSKB.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>
-        <acronym>SGML</acronym>
-      </glossterm>
-
-      <glossdef>
-        <para>
-        <acronym>SGML</acronym>
-
-        stands for 
-        <quote>Standard Generalized Markup Language</quote>. 
-        Created in the 1980's to provide an extensible means to maintain
-        documentation based upon content instead of presentation, 
-        <acronym>SGML</acronym>
-
-        has withstood the test of time as a robust, powerful language. 
-        <glossterm>
-          <acronym>XML</acronym>
-        </glossterm>
-
-        is the 
-        <quote>baby brother</quote>
-
-        of SGML; any valid 
-        <acronym>XML</acronym>
-
-        document it, by definition, a valid 
-        <acronym>SGML</acronym>
-
-        document. The document you are reading is written and maintained in 
-        <acronym>SGML</acronym>, 
-        and is also valid 
-        <acronym>XML</acronym>
-
-        if you modify the Document Type Definition.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-t">
-    <title>T</title>
-
-    <glossentry id="gloss-target-milestone" xreflabel="Target Milestone">
-      <glossterm>Target Milestone</glossterm>
-
-      <glossdef>
-        <para>Target Milestones are Product goals. They are configurable on a
-        per-Product basis. Most software development houses have a concept of
-        
-        <quote>milestones</quote>
-
-        where the people funding a project expect certain functionality on
-        certain dates. Bugzilla facilitates meeting these milestones by
-        giving you the ability to declare by which milestone a bug will be
-        fixed, or an enhancement will be implemented.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-tcl">
-      <glossterm>Tool Command Language</glossterm>
-      <acronym>TCL</acronym>
-      <glossdef>
-        <para>TCL is an open source scripting language available for Windows,
-        Macintosh, and Unix based systems. Bugzilla 1.0 was written in TCL but
-        never released. The first release of Bugzilla was 2.0, which was when
-        it was ported to perl.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-z">
-    <title>Z</title>
-
-    <glossentry id="gloss-zarro">
-      <glossterm>Zarro Boogs Found</glossterm>
-
-      <glossdef>
-        <para>This is just a goofy way of saying that there were no bugs
-        found matching your query. When asked to explain this message,
-        Terry had the following to say:
-        </para>
-
-        <blockquote>
-          <attribution>Terry Weissman</attribution>
-          <para>I've been asked to explain this ... way back when, when
-          Netscape released version 4.0 of its browser, we had a release
-          party.  Naturally, there had been a big push to try and fix every
-          known bug before the release. Naturally, that hadn't actually
-          happened.  (This is not unique to Netscape or to 4.0; the same thing
-          has happened with every software project I've ever seen.)  Anyway,
-          at the release party, T-shirts were handed out that said something
-          like "Netscape 4.0: Zarro Boogs". Just like the software, the
-          T-shirt had no known bugs.  Uh-huh.
-          </para>
-
-          <para>So, when you query for a list of bugs, and it gets no results,
-          you can think of this as a friendly reminder.  Of *course* there are
-          bugs matching your query, they just aren't in the bugsystem yet...
-          </para>
-        </blockquote>
-
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-</glossary>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->

mozilla/webtools/bugzilla/docs/en/xml/index.xml

@@ -1,21 +0,0 @@
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/integration.xml

@@ -1,124 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- Keep these tools listings in alphabetical order please. -MPB -->
-<section id="integration">
-  <title>Integrating Bugzilla with Third-Party Tools</title>
-
-  <section id="bonsai"
-  xreflabel="Bonsai, the Mozilla automated CVS management system">
-    <title>Bonsai</title>
-
-    <para>Bonsai is a web-based tool for managing 
-    <xref linkend="cvs" />
-
-    . Using Bonsai, administrators can control open/closed status of trees,
-    query a fast relational database back-end for change, branch, and comment
-    information, and view changes made since the last time the tree was
-    closed. Bonsai
-    also integrates with  
-    <xref linkend="tinderbox" />.
-    </para>
-  </section>
-
-  <section id="cvs" xreflabel="CVS, the Concurrent Versioning System">
-    <title>CVS</title>
-
-    <para>CVS integration is best accomplished, at this point, using the
-    Bugzilla Email Gateway.</para>
-
-    <para>Follow the instructions in this Guide for enabling Bugzilla e-mail
-    integration. Ensure that your check-in script sends an email to your
-    Bugzilla e-mail gateway with the subject of 
-    <quote>[Bug XXXX]</quote>, 
-    and you can have CVS check-in comments append to your Bugzilla bug. If
-    you  want to have the bug be closed automatically, you'll have to modify
-    the <filename>contrib/bugzilla_email_append.pl</filename> script.
-    </para>
-
-    <para>There is also a CVSZilla project, based upon somewhat dated 
-    Bugzilla code, to integrate CVS and Bugzilla through CVS' ability to 
-    email. Check it out at: <ulink url="http://www.cvszilla.org/"/>.
-    </para>
-
-    <para>Another system capable of CVS integration with Bugzilla is
-    Scmbug. This system provides generic integration of Source code
-    Configuration Management with Bugtracking. Check it out at: <ulink
-    url="http://freshmeat.net/projects/scmbug/"/>.
-    </para>
-
-  </section>
-
-  <section id="scm"
-  xreflabel="Perforce SCM (Fast Software Configuration Management System, a powerful commercial alternative to CVS">
-
-    <title>Perforce SCM</title>
-
-    <para>You can find the project page for Bugzilla and Teamtrack Perforce
-    integration (p4dti) at: 
-    <ulink url="http://www.ravenbrook.com/project/p4dti/"/>
-
-    . 
-    <quote>p4dti</quote>
-
-    is now an officially supported product from Perforce, and you can find
-    the "Perforce Public Depot" p4dti page at 
-    <ulink url="http://public.perforce.com/public/perforce/p4dti/index.html"/>
-
-    .</para>
-
-    <para>Integration of Perforce with Bugzilla, once patches are applied, is
-    seamless. Perforce replication information will appear below the comments
-    of each bug. Be certain you have a matching set of patches for the
-    Bugzilla version you are installing. p4dti is designed to support
-    multiple defect trackers, and maintains its own documentation for it.
-    Please consult the pages linked above for further information.</para>
-  </section>
-
-  <section id="svn"
-  xreflabel="Subversion, a compelling replacement for CVS">
-     <title>Subversion</title>
-     <para>Subversion is a free/open-source version control system,
-     designed to overcome various limitations of CVS. Integration of
-     Subversion with Bugzilla is possible using Scmbug, a system
-     providing generic integration of Source Code Configuration
-     Management with Bugtracking. Scmbug is available at <ulink
-     url="http://freshmeat.net/projects/scmbug/"/>.</para>
-  </section>
-
-  <section id="tinderbox"
-  xreflabel="Tinderbox, the Mozilla automated build management system">
-    <title>Tinderbox/Tinderbox2</title>
-
-    <para>Tinderbox is a continuous-build system which can integrate with
-    Bugzilla - see
-    <ulink url="http://www.mozilla.org/projects/tinderbox"/> for details
-    of Tinderbox, and 
-    <ulink url="http://tinderbox.mozilla.org/showbuilds.cgi"/> to see it
-    in action.</para>
-  </section>
-</section>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/introduction.xml

@@ -1,121 +0,0 @@
-<chapter id="introduction">
-  <title>Introduction</title>
-
-  <section id="what-is-bugzilla">
-    <title>What is Bugzilla?</title>
-
-    <para>
-    Bugzilla is a bug- or issue-tracking system. Bug-tracking
-    systems allow individual or groups of developers effectively to keep track
-    of outstanding problems with their products. 
-    </para>
-    
-    <para><emphasis>Do we need more here?</emphasis></para>
-    
-  </section>
-
-  <section id="why-tracking">
-    <title>Why use a bug-tracking system?</title>
-    
-    <para>Those who do not use a bug-tracking system tend to rely on
-    shared lists, email, spreadsheets and/or Post-It notes to monitor the 
-    status of defects. This procedure
-    is usually error-prone and tends to cause those bugs judged least 
-    significant by developers to be dropped or ignored.</para>
-
-    <para>Integrated defect-tracking systems make sure that nothing gets
-    swept under the carpet; they provide a method of creating, storing,
-    arranging and processing defect reports and enhancement requests.</para>
-    
-  </section>
-    
-  <section id="why-bugzilla">
-    <title>Why use Bugzilla?</title>
-
-    <para>Bugzilla is the leading open-source/free software bug tracking 
-    system. It boasts many advanced features, including: 
-    <itemizedlist>
-      <listitem>
-        <para>Powerful searching</para>
-      </listitem>
-
-      <listitem>
-        <para>User-configurable email notifications of bug changes</para>
-      </listitem>
-
-      <listitem>
-        <para>Full change history</para>
-      </listitem>
-
-      <listitem>
-        <para>Inter-bug dependency tracking and graphing</para>
-      </listitem>
-
-      <listitem>
-        <para>Excellent attachment management</para>
-      </listitem>
-
-      <listitem>
-        <para>Integrated, product-based, granular security schema</para>
-      </listitem>
-
-      <listitem>
-        <para>Fully security-audited, and runs under Perl's taint mode</para>
-      </listitem>
-
-      <listitem>
-        <para>A robust, stable RDBMS back-end</para>
-      </listitem>
-
-      <listitem>
-        <para>Completely customizable and/or localizable web user
-        interface</para>
-      </listitem>
-
-      <listitem>
-        <para>Additional XML, email and console interfaces</para>
-      </listitem>
-
-      <listitem>
-        <para>Extensive configurability</para>
-      </listitem>
-
-      <listitem>
-        <para>Smooth upgrade pathway between versions</para>
-      </listitem>
-    </itemizedlist>
-    </para>
-    
-    <para>Bugzilla is very adaptable to various situations. Known uses
-    currently include IT support queues, Systems Administration deployment
-    management, chip design and development problem tracking (both
-    pre-and-post fabrication), and software and hardware bug tracking for
-    luminaries such as Redhat, NASA, Linux-Mandrake, and VA Systems.
-    Combined with systems such as 
-    <ulink url="http://www.cvshome.org">CVS</ulink>, 
-    <ulink url="http://www.mozilla.org/bonsai.html">Bonsai</ulink>, or 
-    <ulink url="http://www.perforce.com">Perforce SCM</ulink>, Bugzilla
-    provides a powerful, easy-to-use configuration management solution.</para>
-  </section>
-</chapter>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->

mozilla/webtools/bugzilla/docs/en/xml/modules.xml

@@ -1,197 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="install-perlmodules-manual">
-  <title>Manual Installation of Perl Modules</title>
-  
-  <section id="modules-manual-instructions">
-    <title>Instructions</title>
-    <para>
-      If you need to install Perl modules manually, here's how it's done.
-      Download the module using the link given in the next section, and then
-      apply this magic incantation, as root:
-    </para>
-
-    <para>  
-      <screen><prompt>bash#</prompt> tar -xzvf &lt;module&gt;.tar.gz
-<prompt>bash#</prompt> cd &lt;module&gt;
-<prompt>bash#</prompt> perl Makefile.PL
-<prompt>bash#</prompt> make
-<prompt>bash#</prompt> make test
-<prompt>bash#</prompt> make install</screen>
-    </para>
-    <note>
-      <para>
-        In order to compile source code under Windows you will need to obtain
-        a 'make' utility.  The <command>nmake</command> utility provided with
-        Microsoft Visual C++ may be used.  As an alternative, there is a
-        utility called <command>dmake</command> available from CPAN which is
-        written entirely in Perl.
-      </para>
-      <para>
-        As described in <xref linkend="modules-manual-download" />, however, most
-        packages already exist and are available from ActiveState or theory58S.
-        We highly recommend that you install them using the ppm GUI available with
-        ActiveState and to add the theory58S repository to your list of repositories.
-      </para>
-    </note>
-  </section>
-    
-  <section id="modules-manual-download">
-    <title>Download Locations</title>
-    
-    <note>
-      <para>
-        Running Bugzilla on Windows requires the use of ActiveState
-        Perl 5.8.1 or higher. Many modules already exist in the core
-        distribution of ActiveState Perl. Additional modules can be downloaded
-        from <ulink url="http://theoryx5.uwinnipeg.ca/ppms/" /> if you use
-        Perl 5.8.x or from <ulink url="http://cpan.uwinnipeg.ca/PPMPackages/10xx/" />
-        if you use Perl 5.10.x.
-      </para>
-    </note>
-
-    <para>
-      CGI:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/CGI.pm/"/>
-        Documentation: <ulink url="http://perldoc.perl.org/CGI.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Data-Dumper:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Data-Dumper/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/Data-Dumper/Dumper.pm"/>
-      </literallayout>
-    </para>
-    
-    <para>
-      Date::Format (part of TimeDate):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/TimeDate/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/TimeDate/lib/Date/Format.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBI:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBI/"/>
-        Documentation: <ulink url="http://dbi.perl.org/docs/"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBD::mysql:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-mysql/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/DBD-mysql/lib/DBD/mysql.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBD::Pg:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-Pg/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/DBD-Pg/Pg.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      File::Spec:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/File-Spec/"/>
-        Documentation: <ulink url="http://perldoc.perl.org/File/Spec.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Template-Toolkit:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-Toolkit/"/>
-        Documentation: <ulink url="http://www.template-toolkit.org/docs.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      GD:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GD/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GD/GD.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Template::Plugin::GD:
-      <literallayout>
-       CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-GD/" />
-       Documentation: <ulink url="http://www.template-toolkit.org/docs/aqua/Modules/index.html" />
-      </literallayout>
-    </para>
-
-    <para>
-      MIME::Parser (part of MIME-tools):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/MIME-tools/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/MIME-tools/lib/MIME/Parser.pm"/>
-      </literallayout>
-    </para>
-
-  </section>
-
-  <section id="modules-manual-optional">
-    <title>Optional Modules</title>
-
-    <para>
-      Chart::Base:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Chart/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/Chart/Chart.pod"/>
-      </literallayout>
-    </para>
-
-     <para>
-      GD::Graph:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDGraph/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GDGraph/Graph.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      GD::Text::Align (part of GD::Text::Util):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDTextUtil/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GDTextUtil/Text/Align.pm"/>
-      </literallayout>
-    </para>
-
-   <para>
-      XML::Twig:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/XML-Twig/"/>
-        Documentation: <ulink url="http://standards.ieee.org/resources/spasystem/twig/twig_stable.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      PatchReader:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/author/JKEISER/PatchReader/"/>
-        Documentation: <ulink url="http://www.johnkeiser.com/mozilla/Patch_Viewer.html"/>
-      </literallayout>
-    </para>
-
-   <para>
-      Image::Magick:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/PerlMagick/"/>
-        Documentation: <ulink url="http://www.imagemagick.org/script/resources.php"/>
-      </literallayout>
-    </para>
-   </section>
-</appendix>

mozilla/webtools/bugzilla/docs/en/xml/patches.xml

@@ -1,135 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="patches" xreflabel="Useful Patches and Utilities for Bugzilla">
-  <title>Contrib</title>
-
-  <para>
-    There are a number of unofficial Bugzilla add-ons in the 
-    <filename class="directory">$BUGZILLA_ROOT/contrib/</filename>
-    directory. This section documents them.
-  </para>
-
-  <section id="cmdline">
-    <title>Command-line Search Interface</title>
-
-    <para>
-      There are a suite of Unix utilities for searching Bugzilla from the 
-      command line. They live in the 
-      <filename class="directory">contrib/cmdline</filename> directory.
-      There are three files - <filename>query.conf</filename>,
-      <filename>buglist</filename> and <filename>bugs</filename>.
-    </para>
-
-    <warning>
-      <para>
-        These files pre-date the templatization work done as part of the
-        2.16 release, and have not been updated.
-      </para>
-    </warning>
-    
-    <para>
-      <filename>query.conf</filename> contains the mapping from
-      options to field names and comparison types. Quoted option names
-      are <quote>grepped</quote> for, so it should be easy to edit this
-      file. Comments (#) have no effect; you must make sure these lines
-      do not contain any quoted <quote>option</quote>.
-    </para>
-
-    <para>
-      <filename>buglist</filename> is a shell script that submits a
-      Bugzilla query and writes the resulting HTML page to stdout.
-      It supports both short options, (such as <quote>-Afoo</quote>
-      or <quote>-Rbar</quote>) and long options (such
-      as <quote>--assignedto=foo</quote> or <quote>--reporter=bar</quote>).
-      If the first character of an option is not <quote>-</quote>, it is
-      treated as if it were prefixed with <quote>--default=</quote>.
-    </para>
-
-    <para>
-      The column list is taken from the COLUMNLIST environment variable.
-      This is equivalent to the <quote>Change Columns</quote> option
-      that is available when you list bugs in buglist.cgi. If you have
-      already used Bugzilla, grep for COLUMNLIST in your cookies file
-      to see your current COLUMNLIST setting.
-    </para>
-
-    <para>
-      <filename>bugs</filename> is a simple shell script which calls
-      <filename>buglist</filename> and extracts the
-      bug numbers from the output. Adding the prefix
-      <quote>http://bugzilla.mozilla.org/buglist.cgi?bug_id=</quote>
-      turns the bug list into a working link if any bugs are found.
-      Counting bugs is easy. Pipe the results through 
-      <command>sed -e 's/,/ /g' | wc | awk '{printf $2 "\n"}'</command>
-    </para>
-
-    <para>
-      Akkana Peck says she has good results piping 
-      <filename>buglist</filename> output through 
-      <command>w3m -T text/html -dump</command>
-    </para>
-
-  </section>
-
-  <section id="cmdline-bugmail">
-    <title>Command-line 'Send Unsent Bug-mail' tool</title>
-
-    <para>
-      Within the <filename class="directory">contrib</filename> directory
-      exists a utility with the descriptive (if compact) name
-      of <filename>sendunsentbugmail.pl</filename>. The purpose of this
-      script is, simply, to send out any bug-related mail that should
-      have been sent by now, but for one reason or another has not.
-    </para>
-
-    <para>
-      To accomplish this task, <filename>sendunsentbugmail.pl</filename> uses
-      the same mechanism as the <filename>sanitycheck.cgi</filename> script;
-      it scans through the entire database looking for bugs with changes that
-      were made more than 30 minutes ago, but where there is no record of
-      anyone related to that bug having been sent mail. Having compiled a list,
-      it then uses the standard rules to determine who gets mail, and sends it
-      out.
-    </para>
-
-    <para>
-      As the script runs, it indicates the bug for which it is currently
-      sending mail; when it has finished, it gives a numerical count of how
-      many mails were sent and how many people were excluded. (Individual
-      user names are not recorded or displayed.) If the script produces
-      no output, that means no unsent mail was detected.
-    </para>
-
-    <para>
-      <emphasis>Usage</emphasis>: move the sendunsentbugmail.pl script
-      up into the main directory, ensure it has execute permission, and run it
-      from the command line (or from a cron job) with no parameters.
-    </para>
-  </section>
-
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/requiredsoftware.xml

@@ -1,77 +0,0 @@
-<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> -->
-<appendix id="downloadlinks">
-  <title>Software Download Links</title>
-
-  <para>All of these sites are current as of April, 2001. Hopefully they'll
-  stay current for a while.</para>
-
-  <para>Apache Web Server: 
-  <ulink url="http://www.apache.org/"/>
-
-  Optional web server for Bugzilla, but recommended because of broad user
-  base and support.</para>
-
-  <para>Bugzilla: 
-  <ulink url="http://www.bugzilla.org/"/>
-  </para>
-
-  <para>MySQL: 
-  <ulink url="http://www.mysql.com/"/>
-  </para>
-
-  <para>Perl: 
-  <ulink url="http://www.perl.org/"/>
-  </para>
-
-  <para>CPAN: 
-  <ulink url="http://www.cpan.org/"/>
-  </para>
-
-  <para>DBI Perl module: 
-  <ulink url="http://www.cpan.org/modules/by-module/DBI/"/>
-  </para>
-
-  <para>MySQL related Perl modules: 
-  <ulink url="http://www.cpan.org/modules/by-module/Mysql/"/>
-  </para>
-
-  <para>TimeDate Perl module collection: 
-  <ulink url="http://www.cpan.org/modules/by-module/Date/"/>
-  </para>
-
-  <para>GD Perl module: 
-  <ulink url="http://www.cpan.org/modules/by-module/GD/"/>
-
-  Alternately, you should be able to find the latest version of GD at 
-  <ulink url="http://www.boutell.com/gd/"/>
-  </para>
-
-  <para>Chart::Base module: 
-  <ulink url="http://www.cpan.org/modules/by-module/Chart/"/>
-  </para>
-
-  <para>(But remember, Bundle::Bugzilla will install all the modules for you.)
-  </para>
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/security.xml

@@ -1,364 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- $Id: security.xml,v 1.19.2.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<chapter id="security">
-<title>Bugzilla Security</title>
-
-  <para>While some of the items in this chapter are related to the operating
-  system Bugzilla is running on or some of the support software required to
-  run Bugzilla, it is all related to protecting your data. This is not
-  intended to be a comprehensive guide to securing Linux, Apache, MySQL, or
-  any other piece of software mentioned. There is no substitute for active
-  administration and monitoring of a machine. The key to good security is
-  actually right in the middle of the word: <emphasis>U R It</emphasis>.
-  </para>
-  
-  <para>While programmers in general always strive to write secure code,
-  accidents can and do happen. The best approach to security is to always
-  assume that the program you are working with isn't 100% secure and restrict
-  its access to other parts of your machine as much as possible.
-  </para>
- 
-  <section id="security-os">
-  <title>Operating System</title>
-  
-    <section id="security-os-ports">
-    <title>TCP/IP Ports</title>
-    
-      <!-- TODO: Get exact number of ports -->
-      <para>The TCP/IP standard defines more than 65,000 ports for sending
-      and receiving traffic. Of those, Bugzilla needs exactly one to operate
-      (different configurations and options may require up to 3). You should
-      audit your server and make sure that you aren't listening on any ports
-      you don't need to be. It's also highly recommended that the server
-      Bugzilla resides on, along with any other machines you administer, be
-      placed behind some kind of firewall.
-      </para>
-    
-    </section>
-    
-    <section id="security-os-accounts">
-    <title>System User Accounts</title>
-    
-      <para>Many <glossterm linkend="gloss-daemon">daemons</glossterm>, such
-      as Apache's <filename>httpd</filename> or MySQL's
-      <filename>mysqld</filename>, run as either <quote>root</quote> or
-      <quote>nobody</quote>. This is even worse on Windows machines where the
-      majority of <glossterm linkend="gloss-service">services</glossterm>
-      run as <quote>SYSTEM</quote>. While running as <quote>root</quote> or
-      <quote>SYSTEM</quote> introduces obvious security concerns, the
-      problems introduced by running everything as <quote>nobody</quote> may
-      not be so obvious. Basically, if you run every daemon as
-      <quote>nobody</quote> and one of them gets compromised it can
-      compromise every other daemon running as <quote>nobody</quote> on your
-      machine. For this reason, it is recommended that you create a user
-      account for each daemon.
-      </para>
-    
-      <note>
-        <para>You will need to set the <option>webservergroup</option> option
-        in <filename>localconfig</filename> to the group your web server runs
-        as. This will allow <filename>./checksetup.pl</filename> to set file
-        permissions on Unix systems so that nothing is world-writable.
-        </para>
-      </note>
-    
-    </section>
-    
-    <section id="security-os-chroot">
-    <title>The <filename>chroot</filename> Jail</title>
-    
-      <para>
-        If your system supports it, you may wish to consider running
-        Bugzilla inside of a <filename>chroot</filename> jail. This option
-        provides unprecedented security by restricting anything running
-        inside the jail from accessing any information outside of it. If you
-        wish to use this option, please consult the documentation that came
-        with your system.
-      </para>
-      
-    </section>
-  
-  </section>
-  
-  
-  
-  <section id="security-mysql">
-  <title>MySQL</title>
-  
-    <section id="security-mysql-account">
-    <title>The MySQL System Account</title>
-    
-      <para>As mentioned in <xref linkend="security-os-accounts"/>, the MySQL
-      daemon should run as a non-privileged, unique user. Be sure to consult
-      the MySQL documentation or the documentation that came with your system
-      for instructions.
-      </para>
-    </section>
-    
-    <section id="security-mysql-root">
-    <title>The MySQL <quote>root</quote> and <quote>anonymous</quote> Users</title>
-    
-      <para>By default, MySQL comes with a <quote>root</quote> user with a
-      blank password and an <quote>anonymous</quote> user, also with a blank
-      password. In order to protect your data, the <quote>root</quote> user
-      should be given a password and the anonymous user should be disabled.
-      </para>
-      
-      <example id="security-mysql-account-root">
-      <title>Assigning the MySQL <quote>root</quote> User a Password</title>
-      
-        <screen>
-<prompt>bash$</prompt> mysql mysql
-<prompt>mysql&gt;</prompt> UPDATE user SET password = password('<replaceable>new_password</replaceable>') WHERE user = 'root';
-<prompt>mysql&gt;</prompt> FLUSH PRIVILEGES;
-        </screen>
-      </example>
-      
-      <example id="security-mysql-account-anonymous">
-      <title>Disabling the MySQL <quote>anonymous</quote> User</title>
-        <screen>
-<prompt>bash$</prompt> mysql -u root -p mysql           <co id="security-mysql-account-anonymous-mysql"/>
-<prompt>Enter Password:</prompt> <replaceable>new_password</replaceable>
-<prompt>mysql&gt;</prompt> DELETE FROM user WHERE user = '';
-<prompt>mysql&gt;</prompt> FLUSH PRIVILEGES;
-        </screen>
-        <calloutlist>
-          <callout arearefs="security-mysql-account-anonymous-mysql">
-            <para>This command assumes that you have already completed
-            <xref linkend="security-mysql-account-root"/>.
-            </para>
-          </callout>
-        </calloutlist>
-      </example>
-          
-    </section>
-    
-    <section id="security-mysql-network">
-    <title>Network Access</title>
-    
-      <para>If MySQL and your web server both run on the same machine and you
-      have no other reason to access MySQL remotely, then you should disable
-      the network access. This, along with the suggestion in
-      <xref linkend="security-os-ports"/>, will help protect your system from
-      any remote vulnerabilities in MySQL.
-      </para>
-      
-      <example id="security-mysql-network-ex">
-      <title>Disabling Networking in MySQL</title>
-      
-        <para>Simply enter the following in <filename>/etc/my.cnf</filename>:
-        <screen>
-[mysqld]
-# Prevent network access to MySQL.
-skip-networking
-        </screen>
-        </para>
-      </example>
-      
-    </section>
-
-
-<!-- For possible addition in the future: How to better control the bugs user
-    <section id="security-mysql-bugs">
-    <title>The bugs User</title>
-    
-    </section>
--->
-  
-  </section>
-  
-  
-  
-  <section id="security-webserver">
-  <title>Web server</title>
-
-    <section id="security-webserver-access">
-    <title>Disabling Remote Access to Bugzilla Configuration Files</title>
-    
-      <para>
-        There are many files that are placed in the Bugzilla directory
-        area that should not be accessible from the web server. Because of the way
-        Bugzilla is currently layed out, the list of what should and should not
-        be accessible is rather complicated. A quick way is to run
-        <filename>testserver.pl</filename> to check if your web server serves
-        Bugzilla files as expected. If not, you may want to follow the few
-        steps below.
-      </para>
-      
-      <tip>
-        <para>Bugzilla ships with the ability to create
-        <glossterm linkend="gloss-htaccess"><filename>.htaccess</filename></glossterm>
-        files that enforce these rules. Instructions for enabling these
-        directives in Apache can be found in <xref linkend="http-apache"/>
-        </para>
-      </tip>
-        
-      <itemizedlist spacing="compact">
-        <listitem>
-          <para>In the main Bugzilla directory, you should:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block:
-              <simplelist type="inline">
-                <member><filename>*.pl</filename></member>
-                <member><filename>*localconfig*</filename></member>
-              </simplelist>
-              </para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">data</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">data/webdot</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>If you use a remote webdot server:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-                <listitem>
-                  <para>But allow
-                  <simplelist type="inline">
-                    <member><filename>*.dot</filename></member>
-                  </simplelist>
-                  only for the remote webdot server</para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-            <listitem>
-              <para>Otherwise, if you use a local GraphViz:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-                <listitem>
-                  <para>But allow:
-                  <simplelist type="inline">
-                    <member><filename>*.png</filename></member>
-                    <member><filename>*.gif</filename></member>
-                    <member><filename>*.jpg</filename></member>
-                    <member><filename>*.map</filename></member>
-                  </simplelist>
-                  </para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-            <listitem>
-              <para>And if you don't use any dot:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">Bugzilla</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">template</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-      </itemizedlist>
-
-      <para>Be sure to test that data that should not be accessed remotely is
-      properly blocked. Of particular interest is the localconfig file which
-      contains your database password. Also, be aware that many editors
-      create temporary and backup files in the working directory and that
-      those should also not be accessible. For more information, see
-      <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=186383">bug 186383</ulink>
-      or
-      <ulink url="http://online.securityfocus.com/bid/6501">Bugtraq ID 6501</ulink>.
-      To test, simply run <filename>testserver.pl</filename>, as said above.
-      </para>
-      
-      <tip>
-        <para>Be sure to check <xref linkend="http"/> for instructions
-        specific to the web server you use.
-        </para>
-      </tip>
-    
-    </section>
-
-      
-  </section>
-  
-  
-  <section id="security-bugzilla">
-  <title>Bugzilla</title>
-
-    <section id="security-bugzilla-charset">
-    <title>Prevent users injecting malicious Javascript</title>
-
-      <para>If you installed Bugzilla version 2.22 or later from scratch,
-      then the <emphasis>utf8</emphasis> parameter is switched on by default.
-      This makes Bugzilla explicitly set the character encoding, following
-      <ulink
-      url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">a
-      CERT advisory</ulink> recommending exactly this.
-      The following therefore does not apply to you; just keep
-      <emphasis>utf8</emphasis> turned on.
-      </para>
-
-      <para>If you've upgraded from an older version, then it may be possible
-      for a Bugzilla user to take advantage of character set encoding
-      ambiguities to inject HTML into Bugzilla comments.
-      This could include malicious scripts. 
-      This is because due to internationalization concerns, we are unable to
-      turn the <emphasis>utf8</emphasis> parameter on by default for upgraded
-      installations.
-      Turning it on manually will prevent this problem.
-      </para>
-    </section>    
-    
-  </section>
-
-</chapter> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-

mozilla/webtools/bugzilla/docs/en/xml/troubleshooting.xml

@@ -1,311 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-     <!ENTITY % myents SYSTEM "bugzilla.ent">
-     %myents;
- ]>
-<!-- $Id: troubleshooting.xml,v 1.13.4.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<appendix id="troubleshooting">
-<title>Troubleshooting</title>
-
-  <para>This section gives solutions to common Bugzilla installation
-  problems. If none of the section headings seems to match your
-  problem, read the general advice.
-  </para>
-    
-  <section id="general-advice">
-  <title>General Advice</title>
-    <para>If you can't get <filename>checksetup.pl</filename> to run to 
-    completion, it normally explains what's wrong and how to fix it.
-    If you can't work it out, or if it's being uncommunicative, post 
-    the errors in the 
-    <ulink url="news://news.mozilla.org/mozilla.support.bugzilla">mozilla.support.bugzilla</ulink>
-    newsgroup.
-    </para>
-
-    <para>If you have made it all the way through
-    <xref linkend="installation"/> (Installation) and
-    <xref linkend="configuration"/> (Configuration) but accessing the Bugzilla
-    URL doesn't work, the first thing to do is to check your web server error
-    log. For Apache, this is often located at
-    <filename>/etc/logs/httpd/error_log</filename>. The error messages
-    you see may be self-explanatory enough to enable you to diagnose and
-    fix the problem. If not, see below for some commonly-encountered 
-    errors. If that doesn't help, post the errors to the newsgroup.
-    </para>
-
-    <para>
-      Bugzilla can also log all user-based errors (and many code-based errors)
-      that occur, without polluting the web server's error log.  To enable
-      Bugzilla error logging, create a file that Bugzilla can write to, named
-      <filename>errorlog</filename>, in the Bugzilla <filename>data</filename>
-      directory.  Errors will be logged as they occur, and will include the type
-      of the error, the IP address and username (if available) of the user who
-      triggered the error, and the values of all environment variables; if a
-      form was being submitted, the data in the form will also be included.
-      To disable error logging, delete or rename the
-      <filename>errorlog</filename> file.
-    </para>
-  </section>
-        
-  <section id="trbl-testserver">
-  <title>The Apache web server is not serving Bugzilla pages</title>
-    <para>After you have run <command>checksetup.pl</command> twice,
-    run <command>testserver.pl http://yoursite.yourdomain/yoururl</command>
-    to confirm that your web server is configured properly for
-    Bugzilla.
-    </para>
-    <programlisting>
-<prompt>bash$</prompt> ./testserver.pl http://landfill.bugzilla.org/bugzilla-tip
-TEST-OK Webserver is running under group id in $webservergroup.
-TEST-OK Got ant picture.
-TEST-OK Webserver is executing CGIs.
-TEST-OK Webserver is preventing fetch of http://landfill.bugzilla.org/bugzilla-tip/localconfig.
-</programlisting>
-  </section>
-
-  <section id="trbl-perlmodule">
-  <title>I installed a Perl module, but 
-      <filename>checksetup.pl</filename> claims it's not installed!</title>
-      
-    <para>This could be caused by one of two things:</para>
-    <orderedlist>
-      <listitem>
-        <para>You have two versions of Perl on your machine. You are installing
-        modules into one, and Bugzilla is using the other. Rerun the CPAN
-        commands (or manual compile) using the full path to Perl from the 
-        top of <filename>checksetup.pl</filename>. This will make sure you 
-        are installing the modules in the right place.
-        </para>
-      </listitem>
-      <listitem>
-        <para>The permissions on your library directories are set incorrectly.
-        They must, at the very least, be readable by the web server user or
-        group. It is recommended that they be world readable.
-        </para>
-      </listitem>
-    </orderedlist>
-  </section>
-
-  <section id="trbl-dbdSponge">
-  <title>DBD::Sponge::db prepare failed</title>
-      
-    <para>The following error message may appear due to a bug in DBD::mysql
-    (over which the Bugzilla team have no control):
-    </para>
-      
-<programlisting><![CDATA[ DBD::Sponge::db prepare failed: Cannot determine NUM_OF_FIELDS at D:/Perl/site/lib/DBD/mysql.pm line 248.
-  SV = NULL(0x0) at 0x20fc444
-  REFCNT = 1
-  FLAGS = (PADBUSY,PADMY)
-]]></programlisting>
-
-    <para>To fix this, go to 
-    <filename>&lt;path-to-perl&gt;/lib/DBD/sponge.pm</filename> 
-    in your Perl installation and replace
-    </para>
-        
-<programlisting><![CDATA[ my $numFields;
- if ($attribs->{'NUM_OF_FIELDS'}) {
-     $numFields = $attribs->{'NUM_OF_FIELDS'};
- } elsif ($attribs->{'NAME'}) {
-     $numFields = @{$attribs->{NAME}};
-]]></programlisting>
-
-    <para>with</para>
-
-<programlisting><![CDATA[ my $numFields;
- if ($attribs->{'NUM_OF_FIELDS'}) {
-     $numFields = $attribs->{'NUM_OF_FIELDS'};
- } elsif ($attribs->{'NAMES'}) {
-     $numFields = @{$attribs->{NAMES}};
-]]></programlisting>
-
-     <para>(note the S added to NAME.)</para>
-  </section>
-    
-  <section id="paranoid-security">
-  <title>cannot chdir(/var/spool/mqueue)</title>
-
-    <para>If you are installing Bugzilla on SuSE Linux, or some other
-    distributions with <quote>paranoid</quote> security options, it is
-    possible that the checksetup.pl script may fail with the error: 
-<programlisting><![CDATA[cannot chdir(/var/spool/mqueue): Permission denied
-]]></programlisting>
-    </para>
-      
-    <para>This is because your <filename>/var/spool/mqueue</filename>
-    directory has a mode of <computeroutput>drwx------</computeroutput>.
-    Type <command>chmod 755 <filename>/var/spool/mqueue</filename></command>
-    as root to fix this problem. This will allow any process running on your
-    machine the ability to <emphasis>read</emphasis> the
-    <filename>/var/spool/mqueue</filename> directory.
-    </para>
-  </section>    
-
-  <section id="trbl-relogin-everyone">
-  <title>Everybody is constantly being forced to relogin</title>
-  
-  <para>The most-likely cause is that the <quote>cookiepath</quote> parameter
-  is not set correctly in the Bugzilla configuration.  You can change this (if
-  you're a Bugzilla administrator) from the editparams.cgi page via the web interface.
-  </para>
-
-  <para>The value of the cookiepath parameter should be the actual directory
-  containing your Bugzilla installation, <emphasis>as seen by the end-user's
-  web browser</emphasis>. Leading and trailing slashes are mandatory. You can
-  also set the cookiepath to any directory which is a parent of the Bugzilla
-  directory (such as '/', the root directory). But you can't put something
-  that isn't at least a partial match or it won't work. What you're actually
-  doing is restricting the end-user's browser to sending the cookies back only
-  to that directory.
-  </para>
-
-  <para>How do you know if you want your specific Bugzilla directory or the
-  whole site?
-  </para>
-
-  <para>If you have only one Bugzilla running on the server, and you don't
-  mind having other applications on the same server with it being able to see
-  the cookies (you might be doing this on purpose if you have other things on
-  your site that share authentication with Bugzilla), then you'll want to have
-  the cookiepath set to "/", or to a sufficiently-high enough directory that
-  all of the involved apps can see the cookies.
-  </para>
-
-  <example id="trbl-relogin-everyone-share">
-  <title>Examples of urlbase/cookiepath pairs for sharing login cookies</title>
-
-    <blockquote>
-      <literallayout>
-        urlbase is <ulink url="http://bugzilla.mozilla.org/"/>
-        cookiepath is /
-
-        urlbase is <ulink url="http://tools.mysite.tld/bugzilla/"/>
-                but you have http://tools.mysite.tld/someotherapp/ which shares
-                authentication with your Bugzilla
-        cookiepath is /
-      </literallayout>
-    </blockquote>
-  </example>
-          
-   <para>On the other hand, if you have more than one Bugzilla running on the
-   server (some people do - we do on landfill) then you need to have the
-   cookiepath restricted enough so that the different Bugzillas don't
-   confuse their cookies with one another.
-   </para>
-
-
-   <example id="trbl-relogin-everyone-restrict">
-   <title>Examples of urlbase/cookiepath pairs to restrict the login cookie</title>
-      <blockquote>
-        <literallayout>
-        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-tip/"/>
-        cookiepath is /bugzilla-tip/
-
-        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-2.16-branch/"/>
-        cookiepath is /bugzilla-2.16-branch/
-        </literallayout>
-      </blockquote>
-    </example>
-
-    <para>If you had cookiepath set to <quote>/</quote> at any point in the
-    past and need to set it to something more restrictive
-    (i.e. <quote>/bugzilla/</quote>), you can safely do this without
-    requiring users to delete their Bugzilla-related cookies in their
-    browser (this is true starting with Bugzilla 2.18 and Bugzilla 2.16.5).
-    </para>
-  </section>
-
-  <section id="trbl-relogin-some">
-  <title>Some users are constantly being forced to relogin</title>
-
-    <para>First, make sure cookies are enabled in the user's browser.
-    </para>
-
-    <para>If that doesn't fix the problem, it may be that the user's ISP
-     implements a rotating proxy server. This causes the user's effective IP
-     address (the address which the Bugzilla server perceives him coming from)
-     to change periodically. Since Bugzilla cookies are tied to a specific IP
-     address, each time the effective address changes, the user will have to
-     log in again.
-     </para>
-
-     <para>If you are using 2.18 (or later), there is a
-     parameter called <quote>loginnetmask</quote>, which you can use to set
-     the number of bits of the user's IP address to require to be matched when
-     authenticating the cookies. If you set this to something less than 32,
-     then the user will be given a checkbox for <quote>Restrict this login to
-     my IP address</quote> on the login screen, which defaults to checked. If
-     they leave the box checked, Bugzilla will behave the same as it did
-     before, requiring an exact match on their IP address to remain logged in.
-     If they uncheck the box, then only the left side of their IP address (up
-     to the number of bits you specified in the parameter) has to match to
-     remain logged in.
-     </para>
-
-   </section>
-
-  <section id="trbl-index">
-  <title><filename>index.cgi</filename> doesn't show up unless specified in the URL</title>
-    <para>
-      You probably need to set up your web server in such a way that it
-      will serve the index.cgi page as an index page.
-    </para>
-    <para>
-      If you are using Apache, you can do this by adding 
-      <filename>index.cgi</filename> to the end of the 
-      <computeroutput>DirectoryIndex</computeroutput> line
-      as mentioned in <xref linkend="http-apache"/>.
-    </para>
-
-  </section>
-
-  <section id="trbl-passwd-encryption">
-    <title>
-      checksetup.pl reports "Client does not support authentication protocol
-      requested by server..."
-    </title>
-
-    <para>
-      This error is occurring because you are using the new password
-      encryption that comes with MySQL 4.1, while your
-      <filename>DBD::mysql</filename> module was compiled against an
-      older version of MySQL. If you recompile <filename>DBD::mysql</filename>
-      against the current MySQL libraries (or just obtain a newer version
-      of this module) then the error may go away.
-    </para>
-
-    <para>
-      If that does not fix the problem, or if you cannot recompile the
-      existing module (e.g. you're running Windows) and/or don't want to
-      replace it (e.g. you want to keep using a packaged version), then a
-      workaround is available from the MySQL docs:
-      <ulink url="http://dev.mysql.com/doc/mysql/en/Old_client.html"/>
-    </para>
-
-  </section>
-
-</appendix> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-
-

mozilla/webtools/bugzilla/docs/makedocs.pl

@@ -1,217 +0,0 @@
-#!/usr/bin/perl -w
-# -*- Mode: perl; indent-tabs-mode: nil -*-
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Bugzilla Bug Tracking System.
-#
-# The Initial Developer of the Original Code is Netscape Communications
-# Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): Matthew Tuck <matty@chariot.net.au>
-#                 Jacob Steenhagen <jake@bugzilla.org>
-#                 Colin Ogilvie <colin.ogilvie@gmail.com>
-#                 Max Kanat-Alexander <mkanat@bugzilla.org>
-
-# This script compiles all the documentation.
-
-use strict;
-use Cwd;
-
-# We need to be in this directory to use our libraries.
-BEGIN {
-    require File::Basename;
-    import File::Basename qw(dirname);
-    chdir dirname($0);
-}
-
-use lib qw(.. ../lib lib);
-
-# We only compile our POD if Pod::Simple is installed. We do the checks
-# this way so that if there's a compile error in Pod::Simple::HTML::Bugzilla,
-# makedocs doesn't just silently fail, but instead actually tells us there's
-# a compile error.
-my $pod_simple;
-if (eval { require Pod::Simple }) {
-    require Pod::Simple::HTMLBatch::Bugzilla;
-    require Pod::Simple::HTML::Bugzilla;
-    $pod_simple = 1;
-};
-
-use Bugzilla::Install::Requirements 
-    qw(REQUIRED_MODULES OPTIONAL_MODULES);
-use Bugzilla::Constants qw(DB_MODULE BUGZILLA_VERSION);
-
-###############################################################################
-# Generate minimum version list
-###############################################################################
-
-my $modules = REQUIRED_MODULES;
-my $opt_modules = OPTIONAL_MODULES;
-
-open(ENTITIES, '>', 'bugzilla.ent') or die('Could not open bugzilla.ent: ' . $!);
-print ENTITIES <<END_ENTITIES;
-<?xml version="1.0" encoding="UTF-8" ?>
-
-<!ENTITY bz-ver "3.3">
-<!ENTITY bz-nextver "4.0">
-<!ENTITY bz-date "2008-05-20">
-<!ENTITY current-year "2008">
-
-<!ENTITY landfillbase "http://landfill.bugzilla.org/bugzilla-tip/">
-<!ENTITY bz "http://www.bugzilla.org/">
-<!ENTITY bzg-bugs "<ulink url='https://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla&amp;component=Documentation'>Bugzilla Documentation</ulink>">
-<!ENTITY mysql "http://www.mysql.com/">
-
-<!ENTITY min-perl-ver "5.8.1">
-
-
-<!-- Module Versions -->
-END_ENTITIES
-foreach my $module (@$modules, @$opt_modules)
-{
-    my $name = $module->{'module'};
-    $name =~ s/::/-/g;
-    $name = lc($name);
-    #This needs to be a string comparison, due to the modules having
-    #version numbers like 0.9.4
-    my $version = $module->{'version'} eq 0 ? 'any' : $module->{'version'};
-    print ENTITIES '<!ENTITY min-' . $name . '-ver "'.$version.'">' . "\n";
-}
-
-# CGI is a special case, because for Perl versions below 5.10, it has an
-# optional version *and* a required version.
-# We check @opt_modules first, then @modules, and pick the first we get.
-# We'll get the optional one then, if it is given, otherwise the required one.
-my ($cgi_opt) = grep($_->{module} eq 'CGI', @$opt_modules, @$modules);
-print ENTITIES '<!ENTITY min-mp-cgi-ver "' . $cgi_opt->{version} . '">' . "\n";
-
-print ENTITIES "\n <!-- Database Versions --> \n";
-
-my $db_modules = DB_MODULE;
-foreach my $db (keys %$db_modules) {
-    my $dbd  = $db_modules->{$db}->{dbd};
-    my $name = $dbd->{module};
-    $name =~ s/::/-/g;
-    $name = lc($name);
-    my $version    = $dbd->{version} || 'any';
-    my $db_version = $db_modules->{$db}->{'db_version'};
-    print ENTITIES '<!ENTITY min-' . $name . '-ver "'.$version.'">' . "\n";
-    print ENTITIES '<!ENTITY min-' . lc($db) . '-ver "'.$db_version.'">' . "\n";
-}
-close(ENTITIES);
-
-###############################################################################
-# Subs
-###############################################################################
-
-sub MakeDocs {
-
-    my ($name, $cmdline) = @_;
-
-    print "Creating $name documentation ...\n" if defined $name;
-    print "$cmdline\n\n";
-    system $cmdline;
-    print "\n";
-
-}
-
-sub make_pod {
-
-    print "Creating API documentation...\n";
-
-    my $converter = Pod::Simple::HTMLBatch::Bugzilla->new;
-    # Don't output progress information.
-    $converter->verbose(0);
-    $converter->html_render_class('Pod::Simple::HTML::Bugzilla');
-
-    my $doctype      = Pod::Simple::HTML::Bugzilla->DOCTYPE;
-    my $content_type = Pod::Simple::HTML::Bugzilla->META_CT;
-    my $bz_version   = BUGZILLA_VERSION;
-
-    my $contents_start = <<END_HTML;
-$doctype
-<html>
-  <head>
-    $content_type
-    <title>Bugzilla $bz_version API Documentation</title>
-  </head>
-  <body class="contentspage">
-    <h1>Bugzilla $bz_version API Documentation</h1>
-END_HTML
-
-    $converter->contents_page_start($contents_start);
-    $converter->contents_page_end("</body></html>");
-    $converter->add_css('./../../../style.css');
-    $converter->javascript_flurry(0);
-    $converter->css_flurry(0);
-    $converter->batch_convert(['../../'], 'html/api/');
-
-    print "\n";
-}
-
-###############################################################################
-# Make the docs ...
-###############################################################################
-
-my @langs;
-# search for sub directories which have a 'xml' sub-directory
-opendir(LANGS, './');
-foreach my $dir (readdir(LANGS)) {
-    next if (($dir eq '.') || ($dir eq '..') || (! -d $dir));
-    if (-d "$dir/xml") {
-        push(@langs, $dir);
-    }
-}
-closedir(LANGS);
-
-my $docparent = getcwd();
-foreach my $lang (@langs) {
-    chdir "$docparent/$lang";
-    MakeDocs(undef, 'cp ../bugzilla.ent ./xml/');
-
-    if (!-d 'txt') {
-        unlink 'txt';
-        mkdir 'txt', 0755;
-    }
-    if (!-d 'pdf') {
-        unlink 'pdf';
-        mkdir 'pdf', 0755;
-    }
-    if (!-d 'html') {
-        unlink 'html';
-        mkdir 'html', 0755;
-    }
-    if (!-d 'html/api') {
-        unlink 'html/api';
-        mkdir 'html/api', 0755;
-    }
-
-	MakeDocs(undef, 'cp ../style.css html/api/');
-
-    make_pod() if $pod_simple;
-
-    MakeDocs('separate HTML', 'xmlto -m ../xsl/chunks.xsl -o html html ' .
-             'xml/Bugzilla-Guide.xml');
-    MakeDocs('big HTML', 'xmlto -m ../xsl/nochunks.xsl -o html html-nochunks ' .
-             'xml/Bugzilla-Guide.xml');
-    MakeDocs('big text', "lynx -dump -justify=off -nolist html/Bugzilla-Guide.html " .
-        "> txt/Bugzilla-Guide.txt");
-
-    if (! grep($_ eq "--with-pdf", @ARGV)) {
-        next;
-    }
-	
-    MakeDocs('PDF', 'xmlto -m ../xsl/pdf.xsl -o pdf pdf xml/Bugzilla-Guide.xml');
-}
-

mozilla/webtools/bugzilla/docs/style.css

@@ -1,112 +0,0 @@
-/* The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Bugzilla Bug Tracking System.
- *
- * The Initial Developer of the Original Code is Everything Solved.
- * Portions created by Everything Solved are Copyright (C) 2006 
- * Everything Solved. All Rights Reserved.
- *
- * Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
- */
-
-body {
-  background: white;
-  color: #111;
-  padding: 0 1em;
-  margin: 0;
-  font-family: Verdana, Arial, sans-serif;
-  font-size: small;
-}
-
-td, th {
-  font-family: Verdana, Arial, sans-serif;
-  font-size: small;
-}
-
-a:link, a:active { color: #36415c; }
-a:visited { color: #666; }
-a:hover   { color: #888; }
-
-h1 {
-  font-size: 150%;
-  font-weight: bold;
-  border-bottom: 2px solid #ccc;
-}
-h2 {
-  font-size: 125%;
-  font-weight: bold;
-  border-bottom: 1px solid #ccc;
-  margin-bottom: 8px;
-}
-h3 {
-  font-size: 115%;
-  font-weight: bold;
-  margin-bottom: 0;
-  padding-bottom: 0;
-}
-
-/* This makes Description/Params/Returns look nice. */
-dd   { margin-top: .2em; }
-dd p { margin-top: 0; }
-dl   { margin-bottom: 1em; }
-
-/* This makes the names of functions slightly larger, in Gecko. */
-body > dl > dt code { font-size: 1.35em; }
-
-#pod h1 a, #pod h2 a, #pod h3 a {
-  color: #36415c;
-  text-decoration: none;
-}
-
-pre, code, tt, kbd, samp {
-  /* Unfortunately, the default monospace fonts on most browsers
-     look odd with relative sizing. */
-  font-size: 12px;
-}
-
-.code {
-  background: #eed;
-  border: 1px solid #ccc;
-}
-
-pre.code {
-  margin-left: 10px;
-  width: 90%;
-  padding: 10px;
-}
-
-/* Special styles for the Contents page */
-
-.contentspage dt {
-  font-size: large;
-  font-weight: bold;
-}
-
-.pod_desc_table {
-  border-collapse: collapse;
-  table-layout: auto;
-  border: 1px solid #ccc;
-}
-
-.pod_desc_table th {
-  text-align: left;
-}
-
-.pod_desc_table td, .pod_desc_table th {
-  padding: .25em;
-  border-top: 1px solid #ccc;
-}
-
-.pod_desc_table .odd th, .pod_desc_table .odd td {
-  background-color: #eee;
-}
-
-.pod_desc_table 

mozilla/webtools/bugzilla/docs/xsl/bugzilla-docs.xsl

@@ -1,102 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-
-<!-- Nicer Filenames -->
-<xsl:param name="use.id.as.filename" select="1"/>
-
-<!-- Label sections if they aren't automatically labeled -->
-<xsl:param name="section.autolabel" select="1"/>
-
-<!-- Table of Contents Depth -->
-<xsl:param name="toc.section.depth">1</xsl:param>
-
-<!-- Set chunk parameters -->
-<xsl:param name="chunk.section.depth" select="1"/>
-<xsl:param name="chunk.first.sections" select="1"/>
-<xsl:param name="chunker.output.encoding" select="UTF-8"/>
-
-<!-- Show titles of next/previous page -->
-<xsl:param name="navig.showtitles">1</xsl:param>
-
-<!-- Tidy up the HTML a bit... -->
-<xsl:param name="html.cleanup" select="1"/>
-<xsl:param name="make.valid.html" select="1"/>
-<xsl:param name="html.stylesheet">api/style.css</xsl:param>
-<!-- make links nicer... -->
-<xsl:param name="refentry.generate.title" select="1"/>
-<xsl:param name="refentry.generate.name" select="0"/>
-
-<!-- Use Graphics, specify their Path and Extension -->
-<xsl:param name="admon.graphics" select="1"/>
-<xsl:param name="admon.graphics.path">../images/</xsl:param>
-<xsl:param name="admon.graphics.extension">.gif</xsl:param>
-
-<xsl:param name="qanda.inherit.numeration" select="0" />
-
-<!--
-****
-CODE BELOW HERE IS EXTRACTED AND EDITED FROM THE DOCBOOK XSL SOURCES
-****
--->
-
-<xsl:template match="simplelist[@type='inline']/member">
-    <xsl:apply-templates/>
-</xsl:template>
-
-<!--
-To generate valid HTML, we need to redefine this section... Code extracted from
-http://cvs.sourceforge.net/viewcvs.py/docbook/xsl/html/qandaset.xsl?rev=1.19&view=log
-
-and modified below. Basic change: Remove the colspan attribute of the tr tags - no
-other changes have been made to the document.
--->
-
-<xsl:template match="qandadiv">
-  <xsl:variable name="preamble" select="*[name(.) != 'title'
-                                          and name(.) != 'titleabbrev'
-                                          and name(.) != 'qandadiv'
-                                          and name(.) != 'qandaentry']"/>
-
-  <xsl:if test="blockinfo/title|title">
-    <tr class="qandadiv">
-      <td align="left" valign="top" colspan="2">
-        <xsl:call-template name="anchor">
-          <xsl:with-param name="conditional" select="0"/>
-        </xsl:call-template>
-        <xsl:apply-templates select="(blockinfo/title|title)[1]"/>
-      </td>
-    </tr>
-  </xsl:if>
-
-  <xsl:variable name="toc">
-    <xsl:call-template name="dbhtml-attribute">
-      <xsl:with-param name="pis"
-                      select="processing-instruction('dbhtml')"/>
-      <xsl:with-param name="attribute" select="'toc'"/>
-    </xsl:call-template>
-  </xsl:variable>
-
-  <xsl:variable name="toc.params">
-    <xsl:call-template name="find.path.params">
-      <xsl:with-param name="table" select="normalize-space($generate.toc)"/>
-    </xsl:call-template>
-  </xsl:variable>
-
-  <xsl:if test="(contains($toc.params, 'toc') and $toc != '0') or $toc = '1'">
-    <tr class="toc">
-      <td align="left" valign="top" colspan="2">
-        <xsl:call-template name="process.qanda.toc"/>
-      </td>
-    </tr>
-  </xsl:if>
-  <xsl:if test="$preamble">
-    <tr class="toc"	>
-      <td align="left" valign="top" colspan="2">
-        <xsl:apply-templates select="$preamble"/>
-      </td>
-    </tr>
-  </xsl:if>
-  <xsl:apply-templates select="qandadiv|qandaentry"/>
-</xsl:template>
-</xsl:stylesheet>
-

mozilla/webtools/bugzilla/docs/xsl/chunks.xsl

@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-	<!-- Include default bugzilla XSL -->
-	<xsl:include href="bugzilla-docs.xsl"/>
-	<!-- Set Chunk Specific XSL Params -->
-	<xsl:param name="chunker.output.doctype-public">-//W3C//DTD HTML 4.01 Transitional//EN</xsl:param>
-	<xsl:param name="chunker.output.doctype-system">http://www.w3.org/TR/html4/loose.dtd</xsl:param>
-	<xsl:param name="chunk.section.depth" select="1"/>
-	<xsl:param name="chunk.first.sections" select="1"/>
-	<!-- Don't output filename list - mimic old behaviour-->
-	<xsl:param name="chunk.quietly" select="0" />
-</xsl:stylesheet>		

mozilla/webtools/bugzilla/docs/xsl/nochunks.xsl

@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-	<!-- Include default bugzilla XSL -->
-	<xsl:include href="bugzilla-docs.xsl"/>
-	<!-- No other params necessary -->
-</xsl:stylesheet>		

mozilla/webtools/bugzilla/docs/xsl/pdf.xsl

@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:fo="http://www.w3.org/1999/XSL/Format" version="1.0">
-    <!-- Enable passivetex extensions -->
-	<xsl:param name="passivetex.extensions" select="1"/>
-    <xsl:param name="tablecolumns.extensions" select="1"/>
-    
-	<!-- Show <ulink>s as footnotes -->
-    <xsl:param name="ulink.footnotes" select="1" />
-	<xsl:param name="ulink.show" select="1" />
-	
-	<!-- Don't use Graphics -->
-	<xsl:param name="admon.graphics" select="0"/>
-	<xsl:param name="callout.graphics" select="'0'"/>
-	
-	<xsl:template match="simplelist[@type='inline']/member">
-        <xsl:apply-templates/>
-    </xsl:template>
-
-</xsl:stylesheet>