Initialize reply message structure.

git-svn-id: svn://10.0.0.236/branches/sdr_1@70179 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/psm/lib/Makefile

@@ -0,0 +1,74 @@
+#! gmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+#
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+

mozilla/security/psm/lib/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= protocol client
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/security/psm/lib/client/MANIFEST

@@ -0,0 +1,3 @@
+cmtclist.h
+cmtcmn.h
+cmtjs.h

mozilla/security/psm/lib/client/Makefile

@@ -0,0 +1,74 @@
+#! gmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+#
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+include config.mk
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+

mozilla/security/psm/lib/client/Makefile.in

@@ -0,0 +1,70 @@
+#! gmake
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+LIBRARY_NAME	= cmt
+
+EXPORTS = \
+	cmtcmn.h \
+	cmtjs.h  \
+	cmtclist.h \
+	$(NULL)
+
+MODULE = security
+
+CSRCS = cmtinit.c  \
+	cmtssl.c   \
+	cmtutils.c \
+	cmtcert.c  \
+	cmthash.c  \
+	cmtpkcs7.c \
+	cmtres.c   \
+	cmtjs.c    \
+	cmtevent.c \
+        cmtpasswd.c \
+	cmtadvisor.c \
+	cmtrng.c \
+	cmtsdr.c \
+	$(NULL)
+
+EXTRA_DSO_LDOPTS	+= -L$(DIST)/bin -lprotocol
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/security/psm/lib/client/cmtadvisor.c

@@ -0,0 +1,99 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#ifdef XP_MAC
+#include "cmtmac.h"
+#endif
+
+CMTStatus CMT_SecurityAdvisor(PCMT_CONTROL control, CMTSecurityAdvisorData* data, CMUint32 *resID)
+{
+    CMTItem message = {0, NULL, 0};
+    SecurityAdvisorRequest request;
+    SingleNumMessage reply;
+
+    if (!control) {
+        return CMTFailure;
+    }
+
+    if (!data) {
+        return CMTFailure;
+    }
+
+    request.infoContext = data->infoContext;
+    request.resID = data->resID;
+    request.hostname = data->hostname;
+	request.senderAddr = data->senderAddr;
+	request.encryptedP7CInfo = data->encryptedP7CInfo;
+	request.signedP7CInfo = data->signedP7CInfo;
+	request.decodeError = data->decodeError;
+	request.verifyError = data->verifyError;
+	request.encryptthis = data->encryptthis;
+	request.signthis = data->signthis;
+	request.numRecipients = data->numRecipients;
+	request.recipients = data->recipients;
+    message.type = SSM_REQUEST_MESSAGE | SSM_SECURITY_ADVISOR;
+
+    if (CMT_EncodeMessage(SecurityAdvisorRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Send the message and get the response */
+	if (CMT_SendMessage(control, &message) != CMTSuccess) {
+        goto loser;
+	}
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_SECURITY_ADVISOR)) {
+        goto loser;
+    }
+
+    /* Decode the message */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *resID = reply.value;
+
+    return CMTSuccess;
+loser:
+
+    if (message.data) {
+        free(message.data);
+    }
+    return CMTFailure;
+}
+
+
+
+

mozilla/security/psm/lib/client/cmtclist.h

@@ -0,0 +1,111 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef cmtclist_h___
+#define cmtclist_h___
+
+typedef struct CMTCListStr CMTCList;
+/*
+** Circular linked list
+*/
+struct CMTCListStr {
+    CMTCList	*next;
+    CMTCList	*prev;
+};
+
+/*
+** Insert element "_e" into the list, before "_l".
+*/
+#define CMT_INSERT_BEFORE(_e,_l)	 \
+	(_e)->next = (_l);	 \
+	(_e)->prev = (_l)->prev; \
+	(_l)->prev->next = (_e); \
+	(_l)->prev = (_e);	 \
+
+/*
+** Insert element "_e" into the list, after "_l".
+*/
+#define CMT_INSERT_AFTER(_e,_l)	 \
+	(_e)->next = (_l)->next; \
+	(_e)->prev = (_l);	 \
+	(_l)->next->prev = (_e); \
+	(_l)->next = (_e);	 \
+
+/*
+** Append an element "_e" to the end of the list "_l"
+*/
+#define CMT_APPEND_LINK(_e,_l) CMT_INSERT_BEFORE(_e,_l)
+
+/*
+** Insert an element "_e" at the head of the list "_l"
+*/
+#define CMT_INSERT_LINK(_e,_l) CMT_INSERT_AFTER(_e,_l)
+
+/* Return the head/tail of the list */
+#define CMT_LIST_HEAD(_l) (_l)->next
+#define CMT_LIST_TAIL(_l) (_l)->prev
+
+/*
+** Remove the element "_e" from it's circular list.
+*/
+#define CMT_REMOVE_LINK(_e)	       \
+	(_e)->prev->next = (_e)->next; \
+	(_e)->next->prev = (_e)->prev; \
+
+/*
+** Remove the element "_e" from it's circular list. Also initializes the
+** linkage.
+*/
+#define CMT_REMOVE_AND_INIT_LINK(_e)    \
+	(_e)->prev->next = (_e)->next; \
+	(_e)->next->prev = (_e)->prev; \
+	(_e)->next = (_e);	       \
+	(_e)->prev = (_e);	       \
+
+/*
+** Return non-zero if the given circular list "_l" is empty, zero if the
+** circular list is not empty
+*/
+#define CMT_CLIST_IS_EMPTY(_l) \
+    ((_l)->next == (_l))
+
+/*
+** Initialize a circular list
+*/
+#define CMT_INIT_CLIST(_l)  \
+	(_l)->next = (_l); \
+	(_l)->prev = (_l); \
+
+#define CMT_INIT_STATIC_CLIST(_l) \
+    {(_l), (_l)}
+
+#endif /* cmtclist_h___ */

mozilla/security/psm/lib/client/cmtevent.c

@@ -0,0 +1,480 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include <string.h>
+#ifdef XP_UNIX
+#include <sys/time.h>
+#endif
+
+/* Typedefs */
+typedef void (*taskcompleted_handler_fn)(CMUint32 resourceID, CMUint32 numReqProcessed, CMUint32 resultCode, void* data);
+
+CMTStatus CMT_SetUIHandlerCallback(PCMT_CONTROL control, 
+                                   uiHandlerCallback_fn f, void *data)
+{
+    return CMT_RegisterEventHandler(control, SSM_UI_EVENT, 0,
+                                    (void_fun)f, data);
+}
+
+void CMT_SetFilePathPromptCallback(PCMT_CONTROL control,
+                                   filePathPromptCallback_fn f, void* arg)
+{
+    control->userFuncs.promptFilePath = f;
+    control->userFuncs.filePromptArg  = arg;
+}
+
+void CMT_SetPromptCallback(PCMT_CONTROL control, 
+                           promptCallback_fn f, void *arg)
+{
+    control->userFuncs.promptCallback = f;
+    control->userFuncs.promptArg      = arg;
+}
+
+void CMT_SetSavePrefsCallback(PCMT_CONTROL control, savePrefsCallback_fn f)
+{
+    control->userFuncs.savePrefs = f;
+}
+
+CMTStatus CMT_RegisterEventHandler(PCMT_CONTROL control, CMUint32 type, 
+                                   CMUint32 resourceID, void_fun handler, 
+                                   void* data)
+{
+    PCMT_EVENT ptr;
+
+    /* This is the first connection */
+    if (control->cmtEventHandlers == NULL) {
+        control->cmtEventHandlers = ptr = 
+            (PCMT_EVENT)calloc(sizeof(CMT_EVENT), 1);
+        if (!ptr) {
+            goto loser;
+        }
+    } else {
+        /* Look for another event handler of the same type.  Make sure the
+           event handler with a rsrcid of 0 is farther down the list so
+	   that it doesn't get chosen when there's an event handler for
+	   a specific rsrcid.
+	 */
+	for (ptr=control->cmtEventHandlers; ptr != NULL; ptr = ptr->next) {
+            if (ptr->type == type && resourceID != 0) {
+                /* So we've got an event handler that wants to over-ride
+                   an existing event handler.  We'll put it before the one
+                   that's already here.
+                 */
+                if (ptr->previous == NULL) {
+                    /* We're going to insert at the front of the list*/
+                    control->cmtEventHandlers = ptr->previous = 
+                        (PCMT_EVENT)calloc(sizeof(CMT_EVENT), 1);
+                    if (ptr->previous == NULL) {
+                        goto loser;
+		    }
+		    ptr->previous->next = ptr;
+		    ptr = control->cmtEventHandlers;
+		} else {
+		    /* We want to insert in the middle of the list */
+		    PCMT_EVENT tmpEvent;
+		    
+		    tmpEvent = (PCMT_EVENT)calloc(sizeof(CMT_EVENT), 1);
+		    if (tmpEvent == NULL) {
+		        goto loser;
+		    }
+		    tmpEvent->previous  = ptr->previous;
+		    ptr->previous->next = tmpEvent;
+		    tmpEvent->next      = ptr;
+		    ptr->previous       = tmpEvent;
+		    ptr = tmpEvent;
+		}
+		break;
+	    }
+	    if (ptr->next == NULL) break;
+	}
+	if (ptr == NULL) {
+	    goto loser;	
+	}
+	if (ptr->next == NULL) {
+	    /* We're adding the event handler at the end of the list. */
+	    ptr->next = (PCMT_EVENT)calloc(sizeof(CMT_EVENT), 1);
+	    if (!ptr->next) {
+	        goto loser;
+	    } 
+	    /* Fix up the pointers */
+	    ptr->next->previous = ptr;
+	    ptr = ptr->next;
+	}
+    }
+
+    /* Fill in the data */
+    ptr->type = type;
+    ptr->resourceID = resourceID;
+    ptr->handler = handler;
+    ptr->data = data;
+    
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_UnregisterEventHandler(PCMT_CONTROL control, CMUint32 type, 
+                                     CMUint32 resourceID) 
+{
+    PCMT_EVENT ptr, pptr = NULL;
+    
+    for (ptr = control->cmtEventHandlers; ptr != NULL;
+	 pptr = ptr, ptr = ptr->next) {
+        if ((ptr->type == type) && (ptr->resourceID == resourceID)) {
+	    if (pptr == NULL) {
+	        /* node is at head */
+	        control->cmtEventHandlers = ptr->next;
+            if (control->cmtEventHandlers != NULL) {
+                control->cmtEventHandlers->previous = NULL;
+            }
+            free(ptr);
+            return CMTSuccess;
+	    }
+	    /* node is elsewhere */
+	    pptr->next = ptr->next;
+        if (ptr->next != NULL) {
+            ptr->next->previous = pptr;
+        }
+	    free(ptr);
+	    return CMTSuccess;
+        }
+    }
+    return CMTFailure;
+}
+
+PCMT_EVENT CMT_GetEventHandler(PCMT_CONTROL control, CMUint32 type, 
+                               CMUint32 resourceID)
+{
+    PCMT_EVENT ptr;
+    
+    for (ptr = control->cmtEventHandlers; ptr != NULL; ptr = ptr->next) {
+        if ((ptr->type == type) && ((ptr->resourceID == resourceID) || 
+                                    !ptr->resourceID)) {
+            return ptr;
+        }
+    }
+    return NULL;
+}
+
+PCMT_EVENT CMT_GetFirstEventHandler(PCMT_CONTROL control, CMUint32 type, 
+                                    CMUint32 resourceID)
+{
+    PCMT_EVENT ptr;
+
+    for (ptr = control->cmtEventHandlers; ptr != NULL; ptr = ptr->next) {
+        if ((ptr->type == type) && ((ptr->resourceID == resourceID) || 
+                                    !ptr->resourceID)) {
+            return ptr;
+        }
+    }
+    return NULL;
+}
+
+PCMT_EVENT CMT_GetNextEventHandler(PCMT_CONTROL control, PCMT_EVENT e)
+{
+    PCMT_EVENT ptr;
+
+    for (ptr = control->cmtEventHandlers; ptr != NULL || ptr == e; 
+         ptr = ptr->next) {
+    }
+
+    for (; ptr != NULL; ptr = ptr->next) {
+        if ((ptr->type == e->type) && ((ptr->resourceID == e->resourceID) || 
+                                       !ptr->resourceID)) {
+            return ptr;
+        }
+    }
+    return NULL;
+}
+
+void CMT_ProcessEvent(PCMT_CONTROL cm_control)
+{
+    CMTSocket sock; 
+    CMTItem eventData={ 0, NULL, 0 };
+
+    /* Get the control socket */
+    sock = cm_control->sock;
+
+    /* Acquire a lock on the control connection */
+    CMT_LOCK(cm_control->mutex);
+    /* Do another select here to be sure 
+       that the socket is readable */
+    if (cm_control->sockFuncs.select(&sock, 1, 1) != sock) {
+        /* There's no event. */
+        goto done;
+    }
+
+    /* Read the event */
+    if (CMT_ReceiveMessage(cm_control, &eventData) == CMTFailure) {
+        goto done;
+    }
+    CMT_UNLOCK(cm_control->mutex);
+    /* Dispatch the event */
+    CMT_DispatchEvent(cm_control, &eventData);
+    return;
+done:
+    /* Release the lock on the control connection */
+    CMT_UNLOCK(cm_control->mutex);
+}
+
+void CMT_EventLoop(PCMT_CONTROL cm_control)
+{
+    CMTSocket sock;
+
+    /* Get the control socket */
+    sock = cm_control->sock;
+    CMT_ReferenceControlConnection(cm_control);
+    /* Select on the control socket to see if it's readable */
+    while(cm_control->sockFuncs.select(&sock, 1, 0)) {
+      CMT_ProcessEvent(cm_control);
+    }
+    CMT_CloseControlConnection(cm_control);
+    return;
+}
+
+void
+CMT_PromptUser(PCMT_CONTROL cm_control, CMTItem *eventData)
+{
+    char *promptReply  = NULL;
+    CMTItem   response={ 0, NULL, 0 };
+    PromptRequest request;
+    PromptReply reply;
+    void * clientContext;
+
+    /* Decode the message */
+    if (CMT_DecodeMessage(PromptRequestTemplate, &request, eventData) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Copy the client context to a pointer */
+    clientContext = CMT_CopyItemToPtr(request.clientContext);
+
+    if (cm_control->userFuncs.promptCallback == NULL) {
+        goto loser;
+    }
+    promptReply = 
+        cm_control->userFuncs.promptCallback(cm_control->userFuncs.promptArg, 
+                                             request.prompt, clientContext, 1);
+
+    response.type = SSM_EVENT_MESSAGE | SSM_PROMPT_EVENT;
+    if (!promptReply) {
+        /* the user canceled the prompt or other errors occurred */
+        reply.cancel = CM_TRUE;
+    }
+    else {
+        /* note that this includes an empty string (zero length) password */
+        reply.cancel = CM_FALSE;
+    }
+    reply.resID = request.resID;
+    reply.promptReply = promptReply;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(PromptReplyTemplate, &response, &reply) != CMTSuccess) {
+        goto loser;
+    }
+
+    CMT_TransmitMessage(cm_control, &response);
+ loser:
+    if (promptReply != NULL) {
+      cm_control->userFuncs.userFree(promptReply);
+    }
+    return;
+}
+
+void CMT_GetFilePath(PCMT_CONTROL cm_control, CMTItem * eventData)
+{
+    char *fileName=NULL;
+    CMTItem response = { 0, NULL, 0 };
+    FilePathRequest request;
+    FilePathReply reply;
+
+    /* Decode the request */
+    if (CMT_DecodeMessage(FilePathRequestTemplate, &request, eventData) != CMTSuccess) {
+        goto loser;
+    }
+
+    if (cm_control->userFuncs.promptFilePath == NULL) {
+        goto loser;
+    }
+    fileName = 
+     cm_control->userFuncs.promptFilePath(cm_control->userFuncs.filePromptArg,
+                                          request.prompt, request.fileRegEx, 
+                                          request.getExistingFile);
+
+    response.type = SSM_EVENT_MESSAGE | SSM_FILE_PATH_EVENT;
+    reply.resID = request.resID;
+    reply.filePath = fileName;
+
+    /* Encode the reply */
+    if (CMT_EncodeMessage(FilePathReplyTemplate, &response, &reply) != CMTSuccess) {
+        goto loser;
+    }
+
+    CMT_TransmitMessage(cm_control, &response);
+    cm_control->userFuncs.userFree(fileName); 
+loser:
+   return;
+}
+
+void CMT_SavePrefs(PCMT_CONTROL cm_control, CMTItem* eventData)
+{
+    SetPrefListMessage request;
+    int i;
+
+    /* decode the request */
+    if (CMT_DecodeMessage(SetPrefListMessageTemplate, &request, eventData) !=
+        CMTSuccess) {
+        return;
+    }
+
+    if (cm_control->userFuncs.savePrefs == NULL) {
+        /* callback was not registered: bail */
+        return;
+    }
+    cm_control->userFuncs.savePrefs(request.length, 
+                                    (CMTSetPrefElement*)request.list);
+
+    for (i = 0; i < request.length; i++) {
+        if (request.list[i].key != NULL) {
+            free(request.list[i].key);
+        }
+        if (request.list[i].value != NULL) {
+            free(request.list[i].value);
+        }
+    }
+    return;
+}
+
+void CMT_DispatchEvent(PCMT_CONTROL cm_control, CMTItem * eventData)
+{
+    CMUint32 eventType;
+    CMTItem msgCopy;
+
+    /* Init the msgCopy */
+    msgCopy.data = 0;    
+
+    /* Get the event type */
+    if ((eventData->type & SSM_CATEGORY_MASK) != SSM_EVENT_MESSAGE) {
+        /* Somehow there was a message on the socket that was not 
+         * an event message.  Dropping it on the floor.
+         */
+        goto loser;
+    }
+    eventType = (eventData->type & SSM_TYPE_MASK);
+
+    /* We must now dispatch the event based on it's type */
+    switch (eventType) {
+        case SSM_UI_EVENT:
+        {
+            PCMT_EVENT p;
+            UIEvent event;
+            void * clientContext = NULL;
+
+	    /* Copy the message to allow a second try with the old format */
+	    msgCopy.len = eventData->len;
+	    msgCopy.data = calloc(msgCopy.len, 1);
+	    if (msgCopy.data) {
+              memcpy(msgCopy.data, eventData->data, eventData->len);
+	    }
+
+            /* Get the event data first */
+            if (CMT_DecodeMessage(UIEventTemplate, &event, eventData) != CMTSuccess) {
+		/* Attempt to decode using the old format.  Modal is True */
+		if (!msgCopy.data || 
+		    CMT_DecodeMessage(OldUIEventTemplate, &event, &msgCopy) != CMTSuccess) {
+                  goto loser;
+                }
+
+                /* Set default modal value */
+                event.isModal = CM_TRUE;
+            }
+
+            /* Convert the client context to a pointer */
+            clientContext = CMT_CopyItemToPtr(event.clientContext);
+
+            /* Call any handlers for this event */
+            p = CMT_GetEventHandler(cm_control, eventType, event.resourceID);
+            if (!p) {
+                goto loser;
+            }
+            (*(uiHandlerCallback_fn)(p->handler))(event.resourceID, 
+                                                  clientContext, event.width,
+                                                  event.height, event.isModal, event.url, 
+                                                  p->data);
+            break;
+        }
+
+        case SSM_TASK_COMPLETED_EVENT:
+        {
+           PCMT_EVENT p;
+           TaskCompletedEvent event;
+
+            /* Get the event data */
+            if (CMT_DecodeMessage(TaskCompletedEventTemplate, &event, eventData) != CMTSuccess) {
+                goto loser;
+            }
+
+            /* Call handler for this event */
+            p = CMT_GetEventHandler(cm_control, eventType, event.resourceID);
+            if (!p) {
+                goto loser;
+            }
+            (*(taskcompleted_handler_fn)(p->handler))(event.resourceID, 
+                                                      event.numTasks, 
+                                                      event.result, p->data);
+            break;
+        }
+        case SSM_AUTH_EVENT: 
+             CMT_ServicePasswordRequest(cm_control, eventData);
+             break;
+        case SSM_FILE_PATH_EVENT:
+    	     CMT_GetFilePath(cm_control, eventData);
+             break;
+        case SSM_PROMPT_EVENT:
+	         CMT_PromptUser(cm_control, eventData);
+	         break;
+        case SSM_SAVE_PREF_EVENT:
+            CMT_SavePrefs(cm_control, eventData);
+            break;
+        default:
+            break;
+    }
+loser:
+    free(eventData->data);
+    free(msgCopy.data);
+    return;
+}
+

mozilla/security/psm/lib/client/cmthash.c

@@ -0,0 +1,216 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#else
+#ifdef XP_MAC
+#include "macsocket.h"
+#include "string.h"
+#else
+#include <windows.h>
+#include <winsock.h>
+#endif
+#endif
+#include <errno.h>
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include "rsrcids.h"
+
+CMTStatus CMT_HashCreate(PCMT_CONTROL control, CMUint32 algID, 
+                         CMUint32 * connID)
+{
+    CMTItem message;
+    SingleNumMessage request;
+    DataConnectionReply reply;
+
+    /* Check passed in parameters */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.value = algID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | SSM_HASH_STREAM;
+
+    /* Send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the response */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | SSM_HASH_STREAM)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        CMTSocket sock;
+
+        sock = control->sockFuncs.socket(0);
+        if(sock == NULL) {
+            goto loser;
+        }
+        
+        if (control->sockFuncs.connect(sock, reply.port, NULL) != CMTSuccess) {
+            goto loser;
+        }
+        /* Send the hello message */
+		control->sockFuncs.send(sock, control->nonce.data, control->nonce.len);
+
+        /* Save connection info */
+        if (CMT_AddDataConnection(control, sock, reply.connID)
+		    != CMTSuccess) {
+            goto loser;
+        }
+
+        /* Set the connection ID */
+        *connID = reply.connID;
+        return CMTSuccess;
+	} 
+loser:
+    *connID = 0;
+	return CMTFailure;
+}
+
+CMTStatus CMT_HASH_Destroy(PCMT_CONTROL control, CMUint32 connectionID)
+{
+    if (!control) {
+        goto loser;
+    }
+
+    /* Get the cotext implementation data */
+    if (CMT_CloseDataConnection(control, connectionID) == CMTFailure) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+
+loser:
+
+    return CMTFailure;
+}
+
+CMTStatus CMT_HASH_Begin(PCMT_CONTROL control, CMUint32 connectionID)
+{
+    return CMTSuccess;
+}
+
+CMTStatus CMT_HASH_Update(PCMT_CONTROL control, CMUint32 connectionID, const unsigned char * buf, CMUint32 len)
+{
+    CMTSocket sock;
+    CMUint32 sent;
+
+    /* Do some parameter checking */
+    if (!control || !buf) {
+        goto loser;
+    }
+
+    /* Get the data socket */
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Write the data to the socket */
+    sent = CMT_WriteThisMany(control, sock, (void*)buf, len);
+    if (sent != len) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+
+loser:
+
+    return CMTFailure;
+}
+
+CMTStatus CMT_HASH_End(PCMT_CONTROL control, CMUint32 connectionID, 
+                       unsigned char * result, CMUint32 * resultlen, 
+                       CMUint32 maxLen)
+{
+    CMTItem hash = { 0, NULL, 0 };
+
+    /* Do some parameter checking */
+    if (!control || !result || !resultlen) {
+        goto loser;
+    }
+
+    /* Close the connection */
+    if (CMT_CloseDataConnection(control, connectionID) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Get the context info */
+    if (CMT_GetStringAttribute(control, connectionID, SSM_FID_HASHCONN_RESULT,
+                               &hash) == CMTFailure) {
+        goto loser;
+    }
+    if (!hash.data) {
+        goto loser;
+    }
+
+    *resultlen = hash.len;
+    if (hash.len > maxLen) {
+        memcpy(result, hash.data, maxLen);
+    } else {
+        memcpy(result, hash.data, hash.len);
+    }   
+
+    if (hash.data) {
+        free(hash.data);
+    }
+
+    return CMTSuccess;
+
+loser:
+    if (hash.data) {
+        free(hash.data);
+    }
+
+    return CMTFailure;
+}

mozilla/security/psm/lib/client/cmtimpl.h

@@ -0,0 +1,56 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __CMTIMPL_H_
+#define __CMTIMPL_H_
+
+typedef unsigned long CMT_HANDLE;
+
+struct _CMTControl {
+  CMT_HANDLE channelID;
+  int socketID;
+  CMTStatus (* cmtEventCallback)(struct _CMTControl * control, 
+				 CMTItem * event,  void * arg);
+  void * cmtEventCallbackArg;
+  struct _CMTData * cmtDataConnection;
+} _CMTControl;
+
+
+
+struct _CMTData {
+  CMT_HANDLE channelID;
+  int socketID;
+  struct _CMTData * next;
+  struct _CMTData * previous;
+};
+
+#endif /*__CMTIMPL_H_*/

mozilla/security/psm/lib/client/cmtinit.c

@@ -0,0 +1,484 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <sys/stat.h>
+#include <netinet/tcp.h>
+#else
+#ifdef XP_MAC
+#include <Events.h> // for WaitNextEvent
+#else /* Windows */
+#include <windows.h>
+#include <winsock.h>
+#include <direct.h>
+#include <sys/stat.h>
+#endif
+#endif
+
+#include "messages.h"
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include <string.h>
+
+#ifdef XP_UNIX
+#define DIRECTORY_SEPARATOR '/'
+#elif defined WIN32
+#define DIRECTORY_SEPARATOR '\\'
+#elif defined XP_MAC
+#define DIRECTORY_SEPARATOR ':'
+#endif
+
+/* Local defines */
+#define CARTMAN_PORT	11111
+#define MAX_PATH_LEN    256
+
+/* write to the cmnav.log */
+#if 0
+#define LOG(x); do { FILE *f; f=fopen("cmnav.log","a+"); if (f) { \
+   fprintf(f, x); fclose(f); } } while(0);
+#define LOG_S(x); do { FILE *f; f=fopen("cmnav.log","a+"); if (f) { \
+   fprintf(f, "%s", x); fclose(f); } } while(0);
+#define ASSERT(x); if (!(x)) { LOG("ASSERT:"); LOG(#x); LOG("\n"); exit(-1); }
+#else
+#define LOG(x); ;
+#define LOG_S(x); ;
+#define ASSERT(x); ;
+#endif
+
+static char*
+getCurrWorkDir(char *buf, int maxLen)
+{
+#if defined WIN32
+    return _getcwd(buf, maxLen);
+#elif defined XP_UNIX
+    return getcwd(buf, maxLen);
+#else
+    return NULL;
+#endif
+}
+
+static void
+setWorkingDir(char *path)
+{
+#if defined WIN32
+    _chdir(path);
+#elif defined XP_UNIX
+    chdir(path);
+#else
+    return;
+#endif
+}
+
+static CMTStatus
+launch_psm(char *executable)
+{
+    char command[MAX_PATH_LEN];
+#ifdef WIN32
+    STARTUPINFO sui;
+    PROCESS_INFORMATION pi;
+    UNALIGNED long *posfhnd;
+    int i;
+    char *posfile;
+
+    sprintf(command,"%s > psmlog", executable);
+    ZeroMemory( &sui, sizeof(sui) );
+    sui.cb = sizeof(sui);
+    sui.cbReserved2 = (WORD)(sizeof( int ) + (3 * (sizeof( char ) + 
+                                                   sizeof( long ))));
+    sui.lpReserved2 = calloc( sui.cbReserved2, 1 );
+    *((UNALIGNED int *)(sui.lpReserved2)) = 3;
+    posfile = (char *)(sui.lpReserved2 + sizeof( int ));
+    posfhnd = (UNALIGNED long *)(sui.lpReserved2 + sizeof( int ) + 
+                                 (3 * sizeof( char )));
+    
+    for ( i = 0, posfile = (char *)(sui.lpReserved2 + sizeof( int )),
+              posfhnd = (UNALIGNED long *)(sui.lpReserved2 + sizeof( int ) + (3 * sizeof( char ))) ;
+          i < 3 ; i++, posfile++, posfhnd++ ) {
+        
+        *posfile = 0;
+        *posfhnd = (long)INVALID_HANDLE_VALUE;
+    }
+    /* Now, fire up PSM */
+    if (!CreateProcess(NULL, command, NULL, NULL, TRUE, DETACHED_PROCESS, 
+                       NULL, NULL, &sui, &pi)) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+#elif defined XP_UNIX
+    sprintf(command,"./%s &", executable);
+    if (system(command) == -1) {
+        goto loser;
+    }
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+#else
+    return CMTFailure;
+#endif
+}
+
+PCMT_CONTROL CMT_EstablishControlConnection(char            *inPath, 
+                                            CMT_SocketFuncs *sockFuncs,
+                                            CMT_MUTEX       *mutex)
+{
+    PCMT_CONTROL control;
+    char *executable;
+    char *newWorkingDir;
+    char oldWorkingDir[MAX_PATH_LEN];
+    int i;
+    char *path = NULL;
+    size_t stringLen;
+
+    /*	On the Mac, we do special magic in the Seamonkey PSM component, so
+    	if PSM isn't launched by the time we reach this point, we're not doing well. */
+#ifndef XP_MAC
+
+    struct stat stbuf;
+    
+    /*
+     * Create our own copy of path.
+     * I'd like to do a straight strdup here, but that caused problems
+     * for https.
+     */
+    stringLen = strlen(inPath);
+
+    path = (char*) malloc(stringLen+1);
+    memcpy(path, inPath, stringLen);
+    path[stringLen] = '\0';
+
+    control = CMT_ControlConnect(mutex, sockFuncs);
+    if (control != NULL) {
+        return control;
+    }
+    /*
+     * We have to try to launch it now, so it better be a valid 
+     * path.
+     */
+    if (stat(path, &stbuf) == -1) {
+        goto loser;
+    }
+    /*
+     * Now we have to parse the path and launch the psm server.
+     */
+    executable = strrchr(path, DIRECTORY_SEPARATOR);
+    if (executable != NULL) {
+        *executable = '\0';
+        executable ++;
+        newWorkingDir = path;
+    } else {
+        executable = path;
+        newWorkingDir = NULL;
+    }
+    if (getCurrWorkDir(oldWorkingDir, MAX_PATH_LEN) == NULL) {
+        goto loser;
+    }
+    setWorkingDir(newWorkingDir);
+    if (launch_psm(executable) != CMTSuccess) {
+        goto loser;
+    }
+    setWorkingDir(oldWorkingDir);
+#endif
+
+    /*
+     * Now try to connect to the psm server.  We will try to connect
+     * a maximum of 30 times and then give up.
+     */
+#ifdef WIN32
+    for (i=0; i<30; i++) {
+        Sleep(1000);
+        control = CMT_ControlConnect(mutex, sockFuncs);
+        if (control != NULL) {
+            break;
+        }
+    }
+#elif defined XP_UNIX
+    i = 0;
+    while (i<1000) {
+        i += sleep(10);
+	control = CMT_ControlConnect(mutex, sockFuncs);
+	if (control != NULL) {
+	  break;
+	}
+    }
+#elif defined(XP_MAC)
+	for (i=0; i<30; i++) 
+	{
+		EventRecord theEvent;
+		WaitNextEvent(0, &theEvent, 30, NULL);
+		control = CMT_ControlConnect(mutex, sockFuncs);
+		if (control != NULL) 
+			break;
+	}
+
+#else
+    /*
+     * Figure out how to sleep for a while first
+     */
+    for (i=0; i<30; i++) {
+      control = CMT_ControlConnect(mutex, sockFuncs);
+      if (control!= NULL) {
+	break;
+      }
+    }
+#endif
+    if (control == NULL) {
+        goto loser;
+    }
+    if (path) {
+        free (path);
+    }
+    return control;
+ loser:
+    if (control != NULL) {
+        CMT_CloseControlConnection(control);
+    }
+    if (path) {
+        free(path);
+    }
+    return NULL;
+}
+
+
+PCMT_CONTROL CMT_ControlConnect(CMT_MUTEX *mutex, CMT_SocketFuncs *sockFuncs)
+{
+    PCMT_CONTROL control = NULL; 
+    CMTSocket sock=NULL;
+#ifdef XP_UNIX
+    int unixSock = 1;
+    char path[20];
+#else
+    int unixSock = 0;
+    char *path=NULL;
+#endif
+
+    if (sockFuncs == NULL) {
+        return NULL;
+    }
+#ifdef XP_UNIX
+    sprintf(path, "/tmp/.nsmc-%d", (int)geteuid());
+#endif    
+
+    sock = sockFuncs->socket(unixSock);
+    if (sock == NULL) {
+        LOG("Could not create a socket to connect to Control Connection.\n");
+        goto loser;
+    }
+    /* Connect to the psm process */
+    if (sockFuncs->connect(sock, CARTMAN_PORT, path)) {
+	  LOG("Could not connect to Cartman\n");
+	  goto loser;
+    }
+
+#ifdef XP_UNIX
+    if (sockFuncs->verify(sock) != CMTSuccess) {
+        goto loser;
+    }
+#endif
+
+	LOG("Connected to Cartman\n");
+	
+	/* fill in the CMTControl struct */
+	control = (PCMT_CONTROL)calloc(sizeof(CMT_CONTROL), 1);
+	if (control == NULL ) {
+		goto loser;
+	}
+	control->sock = sock;
+    if (mutex != NULL) {
+        control->mutex = (CMT_MUTEX*)calloc(sizeof(CMT_MUTEX),1);
+        if (control->mutex == NULL) {
+            goto loser;
+        }
+        *control->mutex = *mutex;
+    }
+    memcpy(&control->sockFuncs, sockFuncs, sizeof(CMT_SocketFuncs));
+    control->refCount = 1;
+	goto done;
+    
+ loser:
+	if (control != NULL) {
+		free(control);
+    }
+    if (sock != NULL) {
+        sockFuncs->close(sock);
+    }
+	control = NULL;
+    
+ done:
+	return control;
+}
+
+CMTStatus CMT_CloseControlConnection(PCMT_CONTROL control)
+{
+	/* XXX Don't know what to do here yet */
+    if (control != NULL) {
+        CMInt32 refCount;
+        CMT_LOCK(control->mutex);
+        control->refCount--;
+        refCount = control->refCount;
+        CMT_UNLOCK(control->mutex);
+        if (refCount <= 0) {
+            if (control->mutex != NULL) {
+                free (control->mutex);
+            }
+            control->sockFuncs.close(control->sock);
+            free(control);
+        }
+    }
+    
+	return CMTSuccess;
+}
+
+CMTStatus CMT_Hello(PCMT_CONTROL control, CMUint32 version, char* profile, 
+                    char* profileDir)
+{
+	CMTItem message;
+    PCMT_EVENT eventHandler;
+    CMBool doesUI;
+    HelloRequest request;
+    HelloReply reply;
+
+	/* Check the passed parameters */
+	if (!control) {
+		return CMTFailure;
+	}
+	if (!profile) {
+		return CMTFailure;
+	}
+    if (!profileDir) {
+        return CMTFailure;
+    }
+    
+	/* Create the hello message */
+    eventHandler = CMT_GetEventHandler(control, SSM_UI_EVENT, 0);
+    doesUI = (eventHandler == NULL) ? CM_FALSE : CM_TRUE;
+
+    /* Setup the request struct */
+    request.version = version;
+    request.policy = 0; /* no more policy */
+    request.doesUI = doesUI;
+    request.profile = profile;
+    request.profileDir = profileDir;
+
+    message.type = SSM_REQUEST_MESSAGE | SSM_HELLO_MESSAGE;
+
+    if (CMT_EncodeMessage(HelloRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+	/* Send the message and get the response */
+	if (CMT_SendMessage(control, &message) != CMTSuccess) {
+        goto loser;
+	}
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_HELLO_MESSAGE)) {
+        goto loser;
+    }
+
+    /* Decode the message */
+    if (CMT_DecodeMessage(HelloReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+	/* Successful response */
+	if (reply.result == 0) {
+            /* Save the nonce value */
+            control->sessionID = reply.sessionID;
+            control->protocolVersion = reply.version;
+            control->port = reply.httpPort;
+            control->nonce = reply.nonce;
+            control->policy = reply.policy;
+            control->serverStringVersion = reply.stringVersion;
+
+            /* XXX Free the messages */
+            return CMTSuccess;
+	}
+loser:
+	/* XXX Free the messages */
+	return CMTFailure;
+}
+
+CMTStatus CMT_PassAllPrefs(PCMT_CONTROL control, int num,
+                           CMTSetPrefElement* list)
+{
+    SetPrefListMessage request;
+    SingleNumMessage reply;
+    CMTItem message;
+
+    if ((control == NULL) || (list == NULL)) {
+        return CMTFailure;
+    }
+
+    /* pack the request */
+    request.length = num;
+    request.list = (SetPrefElement*)list;
+
+    if (CMT_EncodeMessage(SetPrefListMessageTemplate, &message, &request) !=
+        CMTSuccess) {
+        goto loser;
+    }
+    message.type = SSM_REQUEST_MESSAGE | SSM_PREF_ACTION;
+
+    /* send the message */
+    if (CMT_SendMessage(control, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PREF_ACTION)) {
+        goto loser;
+    }
+
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* don't really need to check the return value */
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+char* CMT_GetServerStringVersion(PCMT_CONTROL control)
+{
+    if (control == NULL) {
+        return NULL;
+    }
+    return control->serverStringVersion;
+}

mozilla/security/psm/lib/client/cmtjs.c

@@ -0,0 +1,556 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmtutils.h"
+#include "cmtjs.h"
+#include "messages.h"
+
+CMTStatus
+CMT_GenerateKeyPair(PCMT_CONTROL control, CMUint32 keyGenContext, 
+		    CMUint32 mechType, CMTItem *param, CMUint32 keySize, 
+		    CMUint32 *keyPairId)
+{
+    CMTItem message;
+    CMTStatus rv;
+    KeyPairGenRequest request = {0, 0, 0, {0, NULL, 0}};
+    SingleNumMessage reply;
+
+    if (!control) {
+        return CMTFailure;
+    }
+
+    request.keyGenCtxtID = keyGenContext;
+    request.genMechanism = mechType;
+    if (param) {
+        request.params = *param;
+    }
+    request.keySize = keySize;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(KeyPairGenRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    message.type = SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | SSM_CREATE_KEY_PAIR;
+
+    /* Send the message and get the response */
+    rv = CMT_SendMessage(control, &message); 
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_CREATE_KEY_PAIR)) {
+        goto loser;
+    }
+
+    /* Decode the message */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+    *keyPairId = reply.value;
+    return CMTSuccess;
+    
+loser:
+    *keyPairId = 0;
+    return CMTFailure;
+}
+
+
+CMTStatus
+CMT_CreateNewCRMFRequest(PCMT_CONTROL control, CMUint32 keyPairID, 
+			 SSMKeyGenType keyGenType, CMUint32 *reqID)
+{
+    CMTItem message;
+    CMTStatus rv;
+    SingleNumMessage request;
+    SingleNumMessage reply;
+    
+    if (!control) {
+        return CMTFailure;
+    }
+
+    request.value = keyPairID;
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    message.type = SSM_REQUEST_MESSAGE | SSM_CRMF_ACTION | 
+                    SSM_CREATE_CRMF_REQ;
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+  
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CRMF_ACTION | SSM_CREATE_CRMF_REQ)) {
+        goto loser;
+    }
+
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *reqID = reply.value;
+
+    rv = CMT_SetNumericAttribute(control, *reqID, SSM_FID_CRMFREQ_KEY_TYPE,
+				 keyGenType);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_EncodeCRMFRequest(PCMT_CONTROL control, CMUint32 *crmfReqID, 
+		      CMUint32 numRequests, char ** der)
+{
+    CMTItem   message;
+    CMTStatus  rv;
+    EncodeCRMFReqRequest request;
+    SingleItemMessage reply;
+
+    if (!control) {
+        return CMTFailure;
+    }
+
+    request.numRequests = numRequests;
+    request.reqIDs = (long *) crmfReqID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(EncodeCRMFReqRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    message.type = SSM_REQUEST_MESSAGE | SSM_CRMF_ACTION | SSM_DER_ENCODE_REQ;
+
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CRMF_ACTION | SSM_DER_ENCODE_REQ)) {
+        goto loser;
+    }
+
+    /* XXX Should this be a string? Decode the message */
+    if (CMT_DecodeMessage(SingleItemMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *der = (char *) reply.item.data;
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_ProcessCMMFResponse(PCMT_CONTROL control, char *nickname,
+			char *certRepString, CMBool doBackup,
+			void *clientContext)
+{
+    CMTItem   message;
+    CMTStatus  rv;
+    CMMFCertResponseRequest request;
+
+    if(!control) {
+        return CMTFailure;
+    }
+
+    request.nickname = nickname;
+    request.base64Der = certRepString;
+    request.doBackup = doBackup;
+    request.clientContext = CMT_CopyPtrToItem(clientContext);
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(CMMFCertResponseRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    message.type =  SSM_REQUEST_MESSAGE | SSM_CRMF_ACTION | SSM_PROCESS_CMMF_RESP;
+
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CRMF_ACTION | SSM_PROCESS_CMMF_RESP)) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_CreateResource(PCMT_CONTROL control, SSMResourceType resType,
+		   CMTItem *params, CMUint32 *rsrcId, CMUint32 *errorCode)
+{
+    CMTItem message;
+    CMTStatus rv;
+    CreateResourceRequest request = {0, {0, NULL, 0}};
+    CreateResourceReply reply;
+
+    request.type = resType;
+    if (params) {
+        request.params = *params;
+    } 
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(CreateResourceRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_CREATE_RESOURCE;
+    
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_CREATE_RESOURCE)) {
+        goto loser;
+    }
+
+    /* Decode the message */
+    if (CMT_DecodeMessage(CreateResourceReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *rsrcId = reply.resID;
+    *errorCode = reply.result;
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_SignText(PCMT_CONTROL control, CMUint32 resID, char* stringToSign, char* hostName, char* caOption, CMInt32 numCAs, char** caNames)
+{
+    CMTItem message;
+    SignTextRequest request;
+
+    
+    /* So some basic parameter checking */
+    if (!control || !stringToSign) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = resID;
+    request.stringToSign = stringToSign;
+    request.hostName = hostName;
+    request.caOption = caOption;
+    request.numCAs = numCAs;
+    request.caNames = caNames;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(SignTextRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_FORMSIGN_ACTION | SSM_SIGN_TEXT;
+
+    /* Send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_FORMSIGN_ACTION | SSM_SIGN_TEXT)) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_ProcessChallengeResponse(PCMT_CONTROL control, char *challengeString,
+			     char **responseString)
+{
+    CMTItem   message;
+    CMTStatus  rv;
+    SingleStringMessage request;
+    SingleStringMessage reply;
+
+    /* Set the request */
+    request.string = challengeString;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleStringMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_CRMF_ACTION | SSM_CHALLENGE;
+
+    /* Send the message */
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+    
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CRMF_ACTION | SSM_CHALLENGE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(SingleStringMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *responseString = reply.string;
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_FinishGeneratingKeys(PCMT_CONTROL control, CMUint32 keyGenContext)
+{
+    CMTItem message;
+    CMTStatus rv;
+    SingleNumMessage request;
+
+    /* Set up the request */
+    request.value = keyGenContext;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | SSM_FINISH_KEY_GEN;
+
+    /* Send the message */
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the reply */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_FINISH_KEY_GEN)) {
+        goto loser;
+    }
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_GetLocalizedString(PCMT_CONTROL        control,
+                       SSMLocalizedString  whichString,
+                       char              **localizedString)
+{
+    CMTItem message;
+    CMTStatus rv;
+    SingleNumMessage request;
+    GetLocalizedTextReply reply;
+
+    /* Set up the request */
+    request.value = whichString;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_LOCALIZED_TEXT;
+
+    /* Send the message */
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_LOCALIZED_TEXT)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(GetLocalizedTextReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    if (reply.whichString != whichString) {
+        goto loser;
+    }
+    *localizedString = reply.localizedString;
+    return CMTSuccess;
+ loser:
+    *localizedString = NULL;
+    return rv; 
+}
+
+CMTStatus
+CMT_AddNewModule(PCMT_CONTROL  control,
+                 char         *moduleName,
+                 char         *libraryPath,
+                 unsigned long pubMechFlags,
+                 unsigned long pubCipherFlags)
+{
+    CMTItem message;
+    CMTStatus rv;
+    AddNewSecurityModuleRequest request;
+    SingleNumMessage reply;
+
+    /* Set up the request */
+    request.moduleName = moduleName;
+    request.libraryPath = libraryPath;
+    request.pubMechFlags = pubMechFlags;
+    request.pubCipherFlags = pubCipherFlags;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(AddNewSecurityModuleRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | SSM_ADD_NEW_MODULE;
+
+    /* Send the message */
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_ADD_NEW_MODULE)) {
+        goto loser;
+    }
+
+    /* Decode the response */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    return (CMTStatus) reply.value;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_DeleteModule(PCMT_CONTROL  control,
+                 char         *moduleName,
+                 int          *moduleType)
+{
+    CMTItem message;
+    CMTStatus rv;
+    SingleStringMessage request;
+    SingleNumMessage reply;
+
+    /* Set up the request */
+    request.string = moduleName;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleStringMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | SSM_DEL_MODULE;
+
+    /* Send the message */
+    rv = CMT_SendMessage(control, &message);
+    if (rv != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_DEL_MODULE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *moduleType = reply.value;
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_LogoutAllTokens(PCMT_CONTROL control)
+{
+  CMTItem message;
+  CMTStatus rv;
+
+  message.type = SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | SSM_LOGOUT_ALL;
+  message.data = NULL;
+  message.len  = 0;
+
+  rv = CMT_SendMessage(control, &message);
+  if (rv != CMTSuccess) {
+    return rv;
+  }
+  if (message.type !=  (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | 
+			SSM_LOGOUT_ALL)) {
+    return CMTFailure;
+  }
+  return CMTSuccess;
+}
+
+CMTStatus CMT_GetSSLCapabilities(PCMT_CONTROL control, CMInt32 *capabilites)
+{
+    SingleNumMessage reply;
+    CMTItem message;
+    CMTStatus rv;
+
+    message.type = (SSM_REQUEST_MESSAGE | SSM_PKCS11_ACTION | 
+                    SSM_ENABLED_CIPHERS);
+    message.data = NULL;
+    message.len  = 0;
+
+    rv = CMT_SendMessage(control, &message);
+
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION |
+			 SSM_ENABLED_CIPHERS)) {
+        goto loser;
+    }
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, 
+                          &message) != CMTSuccess) {
+        goto loser;
+    }
+    *capabilites = reply.value;
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}

mozilla/security/psm/lib/client/cmtjs.h

@@ -0,0 +1,555 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef _CMTJS_H_
+#define _CMTJS_H_
+#include "cmtcmn.h"
+#include "ssmdefs.h"
+#include "rsrcids.h"
+/*
+ * Define some constants.
+ */
+
+/*
+ * These defines are used in conjuction with the function
+ * CMT_AddNewModule.
+ */
+#define PUBLIC_MECH_RSA_FLAG         0x00000001ul
+#define PUBLIC_MECH_DSA_FLAG         0x00000002ul
+#define PUBLIC_MECH_RC2_FLAG         0x00000004ul
+#define PUBLIC_MECH_RC4_FLAG         0x00000008ul
+#define PUBLIC_MECH_DES_FLAG         0x00000010ul
+#define PUBLIC_MECH_DH_FLAG          0x00000020ul
+#define PUBLIC_MECH_FORTEZZA_FLAG    0x00000040ul
+#define PUBLIC_MECH_RC5_FLAG         0x00000080ul
+#define PUBLIC_MECH_SHA1_FLAG        0x00000100ul
+#define PUBLIC_MECH_MD5_FLAG         0x00000200ul
+#define PUBLIC_MECH_MD2_FLAG         0x00000400ul
+ 
+#define PUBLIC_MECH_RANDOM_FLAG      0x08000000ul
+#define PUBLIC_MECH_FRIENDLY_FLAG    0x10000000ul
+#define PUBLIC_OWN_PW_DEFAULTS       0X20000000ul
+#define PUBLIC_DISABLE_FLAG          0x40000000ul
+
+
+/*
+ * This is the lone supported constant for the Cipher flag
+ * for CMT_AddNewModule
+ */
+#define PUBLIC_CIPHER_FORTEZZA_FLAG  0x00000001ul
+
+CMT_BEGIN_EXTERN_C
+
+/*
+ * FUNCTION: CMT_GenerateKeyPair
+ * -----------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    keyGenContext
+ *        The Resource ID of a key gen context to use for creating the
+ *        key pair.
+ *    mechType
+ *        A PKCS11 mechanism used to generate the key pair. Valid values are:
+ *          CKM_RSA_PKCS_KEY_PAIR_GEN    0x00000000
+ *          CKM_DSA_KEY_PAIR_GEN         0x00000010
+ *        The definition of these values can be found at 
+ *        http://www.rsa.com/rsalabs/pubs/pkcs11.html
+ *        The psm module currently supports v2.01 of PKCS11
+ *    params
+ *        This parameter will be used to pass parameters to the Key Pair
+ *        generation process.  Currently this feature is not supported, so 
+ *        pass in NULL for this parameter.
+ *    keySize
+ *        The size (in bits) of the key to generate.
+ *    keyPairId
+ *        A pointer to pre-allocated memory where the function can place
+ *        the value of the resource ID of the key pair that gets created.
+ *
+ * NOTES:
+ * This function will send a message to the psm server requesting that 
+ * a public/private key pair be generated. The key gen context will queue
+ * the request. You can send as many key gen requests as you want with a
+ * given key gen context. After sending all the key gen requests, the user
+ * must call CMT_FinishGeneratingKeys so that the key gen context actually
+ * generates the keys.
+ *
+ * RETURN:
+ * A return value of CMTSuccess indicates the request for key generation
+ * was queued successfully and the corresponding resource ID can be found
+ * at *keyPairId.  Any other return value indicates an error and the value
+ * at *keyPairId should be ignored.
+ */
+CMTStatus
+CMT_GenerateKeyPair(PCMT_CONTROL control, CMUint32 keyGenContext, 
+		    CMUint32 mechType, CMTItem *params, CMUint32 keySize, 
+		    CMUint32 *keyPairId);
+
+/*
+ * FUNCTION: CMT_FinishGeneratingKeys
+ * ----------------------------------
+ * INPUTS
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    keyGenContext
+ *        The resource ID of the key gen context which should finish 
+ *        generating its key pairs.
+ * NOTES
+ * This function will send a message to the psm server notifying the key 
+ * gen context with the resource ID of keyGenContext to finish generating
+ * all of the key gen requests it has queued up. After each key gen has 
+ * finished, the psm server will send a SSM_TASK_COMPLETED_EVENT. So in order
+ * to detect when all of the key gens are done, the user should register 
+ * an event handler.  See comments for CMT_RegisterEventHandler for information
+ * on how to successfully register event handler callbacks. You must register
+ * the event handler with keyGenContext as the target resource ID for this
+ * to work correctly.
+ *
+ * RETURN:
+ * A return value of CMTSuccess indicates the key gen context has started to
+ * generate the key pairs in its queue. Any other return value indicates an
+ * error and the key pairs will not be generated.
+ */
+CMTStatus
+CMT_FinishGeneratingKeys(PCMT_CONTROL control, CMUint32 keyGenContext);
+
+/*
+ * FUNCTION: CMT_CreateNewCRMFRequest
+ * ----------------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    keyPairID
+ *        The resource ID of the key pair that should be associated with
+ *        the CRMF request created. At the time this function is called,
+ *        key pair should have already been created. 
+ *    keyGenType
+ *        An enumeration that explains how the key pair will be used.
+ *        Look at the definition of SSMKeyGenType in ssmdefs.h for valid
+ *        values and their affects on the request.
+ *    reqID
+ *        A pointer to a pre-allocatd chunk of memory where the library 
+ *        can place the resource ID of the new CRMF request.
+ * NOTES:
+ * This function sends a message to the psm server requesting that a new 
+ * CRMF resource object be created. Each CRMF request must be associated with 
+ * a public/private key pair, that is why the keyPairID parameter exists.
+ * The keyGenType parameter is used to initialize the request, eg set the
+ * correct keyUsage extension.
+ * 
+ * Before encoding a CRMF request, the user will want to set the appropriate
+ * attributes to build up the request. The supported attributes are:
+ *
+ * Attribute Enumeration          Attribute Type       What value means
+ * ---------------------          --------------       ----------------
+ * SSM_FID_CRMFREQ_REGTOKEN       String               The value to encode as 
+ *                                                     the registration token
+ *                                                     value for the request.
+ *
+ * SSM_FID_CRMFREQ_AUTHENTICATOR String                The value to encode as
+ *                                                     authenticator control
+ *                                                     in the request.
+ * 
+ * SSM_FID_DN                    String                The RFC1485 formatted
+ *                                                     DN to include in the
+ *                                                     CRMF request.
+ *
+ * For information on how to properly set the attribute of a resource, refer
+ * to the comments for the functions CMT_SetNumericAttribute and 
+ * CMT_SetStringAttribute.
+ *
+ * RETURN:
+ * A return value of CMTSuccess indicates a new CRMF resource was created by
+ * the psm server and has the resource ID placed at *reqID. Any other return
+ * value indicates an error and the value at *reqID should be ignored.
+ */
+CMTStatus
+CMT_CreateNewCRMFRequest(PCMT_CONTROL control, CMUint32 keyPairID, 
+			 SSMKeyGenType keyGenType, CMUint32 *reqID);
+
+/*
+ * FUNCTION: CMT_EncodeCRMFRequest
+ * ------------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    crmfReqID
+ *        An array of resource ID's for CRMF objects to be encoded.
+ *    numRequests
+ *        The length of the array crmfReqID that is passed in.
+ *    der
+ *        A pointer to a pre-allocated pointer for a char* where the library
+ *        can place the final DER-encoding of the requests.
+ * NOTES
+ * This function will send a message to the psm server requesting that 
+ * a number of CRMF requests be encoded into their appropriate DER 
+ * representation. The DER that is sent back will be of the type 
+ * CertReqMessages as define in the internet draft for CRMF. To look at the
+ * draft, visit the following URL: 
+ * http://search.ietf.org/internet-drafts/internet-draft-ietf-pkix-crmf-01.txt
+ *
+ * RETURN:
+ * A return value of CMTSuccess indicates psm successfully encoded the requests
+ * and placed the base64 DER encoded request at *der. Any other return value
+ * indicates an error and the value at *der should be ignored.
+ */
+CMTStatus
+CMT_EncodeCRMFRequest(PCMT_CONTROL control, CMUint32 *crmfReqID, 
+		      CMUint32 numRequests, char ** der);
+
+/*
+ * FUNCTION: CMT_ProcessCMMFResponse
+ * ---------------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    nickname
+ *        The nickname that should be associated with the certificate 
+ *        contained in the CMMF Response.
+ *    certRepString
+ *        This is the base 64 encoded CertRepContent that issues a certificate.
+ *        The psm server will decode the base 64 data and then parse the
+ *        CertRepContent.
+ *    doBackup
+ *        A boolean value indicating whether or not psm should initiate the
+ *        process of backing up the newly issued certificate into a PKCS-12
+ *        file.
+ *    clientContext
+ *         Client supplied data pointer that is returned to the client during
+ *         a UI event.
+ * NOTES:
+ * This function takes a CertRepContent as defined in the CMMF internet draft
+ * (http://search.ietf.org/internet-drafts/draft-ietf-pkix-cmmf-02.txt) and
+ * imports the certificate into the user's database. The certificate will have
+ * the string value of nickanme as it's nickname when added to the database
+ * unless another certificate with that same Distinguished Name (DN) already
+ * exists in the database, in which case the nickname of the certificate that
+ * already exists will be used. If the value passed in for doBackup is 
+ * non-zero, then the psm server will initiate the process of backing up the
+ * certificate(s) that were just imported.
+ *
+ * RETURN:
+ * A return value of CMTSuccess indicates the certificate(s) were successfully
+ * added to the database. Any other return value means the certificate(s) could
+ * not be successfully added to the database.
+ */
+CMTStatus
+CMT_ProcessCMMFResponse(PCMT_CONTROL control, char *nickname, 
+			char *certRepString, CMBool doBackup,
+			void *clientContext);
+
+/*
+ * FUNCTION: CMT_CreateResource
+ * ----------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    resType
+ *        The enumeration representing the resource type to create.
+ *    params
+ *        A resource dependent binary string that will be sent to the psm 
+ *        server. Each resource will expect a binary string it defines.
+ *    rsrcId
+ *        A pointer to a pre-allocated chunk of memory where the library
+ *        can place the resource ID of the newly created resource.
+ *    errorCode
+ *        A pointer to a pre-allocated chunk of memory where the library
+ *        can place the errorCode returned by the psm server after creating
+ *        the resource.
+ * NOTES:
+ * This function sends a message to the psm server requesting that a new 
+ * resource be created.  The params parameter depends on the type of resource
+ * being created.  Below is a table detailing the format of the params for 
+ * a given resource type. Only the resource types listed below can be created
+ * by calling this function.
+ *
+ * Resource Type constant                  Value for params
+ * ------------------------------          ----------------
+ * SSM_RESTYPE_KEYGEN_CONTEXT              NULL
+ * SSM_RESTYPE_SECADVISOR_CONTEXT          NULL
+ * SSM_RESTYPE_SIGNTEXT                    NULL
+ *
+ * RETURN
+ * A return value of CMTSuccess means the psm server received the request and
+ * processed the create resource create. If the value at *errorCode is zero,
+ * then the value at *rsrcId is the resource ID of the newly created resource.
+ * Otherwise, creating the new resource failed and *errorCode contains the
+ * error code returned by the psm server. ???What are the return values and
+ * what do they mean. Any other return value indicates there was an error 
+ * in the communication with the psm server and the values at *rsrcId and 
+ * *errorCode should be ignored.
+ */
+CMTStatus
+CMT_CreateResource(PCMT_CONTROL control, SSMResourceType resType,
+		   CMTItem *params, CMUint32 *rsrcId, CMUint32 *errorCode);
+
+/*
+ * FUNCTION: CMT_SignText
+ * ----------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    resID
+ *        The resource ID of an SSMSignTextResource.
+ *    stringToSign
+ *        The string that the psm server should sign.
+ *    hostName
+ *        The host name of the site that is requesting a string to be
+ *        signed.  This is used for displaying the UI that tells the user
+ *        a web site has requested the use sign some text.
+ *    caOption
+ *        If the value is "auto" then psm will select the certificate
+ *        to use for signing automatically.
+ *        If the value is "ask" then psm will display a list of 
+ *        certificates for signing.
+ *    numCAs
+ *        The number of CA names included in the array caNames passed in as
+ *        the last parameter to this function.
+ *    caNames
+ *        An array of CA Names to use for filtering the user certs to use
+ *        for signing the text.
+ * NOTES
+ * This function will sign the text passed via the parameter stringToSign.
+ * The function will also cause the psm server to send some UI notifying the
+ * user that a site has requested the user sign some text.  The hostName 
+ * parameter is used in the UI to inform the user which site is requesting
+ * the signed text.  The caOption is used to determine if the psm server 
+ * should automatically select which personal cert to use in signing the
+ * text.  The caNames array is ussed to narrow down the field of personal
+ * certs to use when signing the text. In other words, only personal certs 
+ * trusted by the CA's passed in will be used.
+ *
+ * RETURN
+ * If the function returns CMTSuccess, that indicates the psm server 
+ * successfully signed the text.  The signed text can be retrieved by 
+ * calling CMT_GetStringResource and passing in SSM_FID_SIGNTEXT_RESULT
+ * as the field ID. Any other return value indicates an error meaning the
+ * string was not signed successfully.
+ */
+CMTStatus
+CMT_SignText(PCMT_CONTROL control, CMUint32 resID, char* stringToSign,
+             char* hostName, char *caOption, CMInt32 numCAs, char** caNames);
+
+/*
+ * FUNCTION: CMT_ProcessChallengeResponse
+ * --------------------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    challengeString
+ *        The base64 encoded Challenge string received as the 
+ *        Proof-Of-Possession Challenge in response to CRMF request that
+ *        specified Challenge-Reponse as the method for Proof-Of-Possession.
+ *    responseString
+ *        A pointer to pre-allocated char* where the library can place a
+ *        copy of the bas64 encoded response to the challenge presented.
+ * NOTES
+ * This function takes the a challenge--that is encrypted with the public key
+ * of a certificate we created--and decrypts it with the private key we 
+ * generated.  The format of the challenge is as follows:
+ *
+ * Challenge ::= SEQUENCE { 
+ *      owf                 AlgorithmIdentifier  OPTIONAL, 
+ *      -- MUST be present in the first Challenge; MAY be omitted in any 
+ *      -- subsequent Challenge in POPODecKeyChallContent (if omitted, 
+ *      -- then the owf used in the immediately preceding Challenge is 
+ *      -- to be used). 
+ *      witness             OCTET STRING, 
+ *      -- the result of applying the one-way function (owf) to a 
+ *      -- randomly-generated INTEGER, A.  [Note that a different 
+ *      -- INTEGER MUST be used for each Challenge.] 
+ *      sender              GeneralName, 
+ *      -- the name of the sender. 
+ *      key                 OCTET STRING, 
+ *      -- the public key used to encrypt the challenge.  This will allow 
+ *      -- the client to find the appropriate key to do the decryption. 
+ *      challenge           OCTET STRING 
+ *      -- the encryption (under the public key for which the cert. 
+ *      -- request is being made) of Rand, where Rand is specified as 
+ *      --   Rand ::= SEQUENCE { 
+ *      --      int      INTEGER, 
+ *      --       - the randomly-generated INTEGER A (above) 
+ *      --      senderHash  OCTET STRING 
+ *      --       - the result of applying the one-way function (owf) to 
+ *      --       - the sender's general name 
+ *      --   } 
+ *      -- the size of "int" must be small enough such that "Rand" can be 
+ *      -- contained within a single PKCS #1 encryption block. 
+ *  } 
+ * This challenge is based on the Challenge initially defined in the CMMF
+ * internet draft, but differs in that this structure includes the sender
+ * as part of the challenge along with the public key and includes a has
+ * of the sender in the encrypted Rand structure.  The reason for including
+ * the key is to facilitate looking up the key that should be used to 
+ * decipher the challenge.  Including the hash of the sender in the encrypted
+ * Rand structure makes the challenge smaller and allows it to fit in 
+ * one RSA block. 
+ *
+ * The response is of the type POPODecKeyRespContent as defined in the CMMF
+ * internet draft.
+ *
+ * RETURN
+ * A return value of CMTSuccess indicates psm successfully parsed and processed
+ * the challenge and created a response.  The base64 encoded response to the
+ * challenge is placed at *responseString.  Any other return value indicates
+ * an error and the value at *responseString should be ignored.
+ */
+CMTStatus
+CMT_ProcessChallengeResponse(PCMT_CONTROL control, char *challengeString,
+			     char **responseString);
+
+/*
+ * FUNCTION: CMT_GetLocalizedString
+ * --------------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    whichString
+ *        The enumerated value corresponding to the localized string to 
+ *        retrieve from the psm server
+ *    localizedString
+ *        A pointer to a pre-allocated char* where the library can place 
+ *        copy of the localized string retrieved from the psm server.
+ * NOTES
+ * This function retrieves a localized string from the psm server.  These 
+ * strings are useful for strings that aren't localized in the client 
+ * making use of the psm server, but need to be displayed by the user. Look
+ * in protocol.h for the enumerations of the localized strings that can 
+ * be fetched from psm via this method.
+ *
+ * RETURN
+ * A return value of CMTSuccess indicates the localized string was retrieved
+ * successfully and the localized value is located at *localizedString.  Any
+ * other return value indicates an error and the value at *localizedString
+ * should be ignored.
+ */
+CMTStatus 
+CMT_GetLocalizedString(PCMT_CONTROL        control, 
+                       SSMLocalizedString  whichString,
+                       char              **localizedString); 
+
+/*
+ * FUNCTION: CMT_DeleteModule
+ * --------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    moduleName
+ *        The name of the PKCS11 module to delete.
+ *    moduleType
+ *        A pointer to a pre-allocated integer where the library can place
+ *        a value that tells what the type of module was deleted.
+ * NOTES
+ * This function will send a message to the psm server requesting the server 
+ * delete a PKCS-11 module stored in psm's security module database. moduleName
+ * is the value passed in as moduleName when the module was added to the 
+ * security module database of psm.
+ * The values that may be returned by psm for moduleType are:
+ *
+ *    0      The module was an external module developped by a third party
+ *           that was added to the psm security module.
+ *
+ *    1      The module deleted was the internal PKCS-11 module that comes
+ *           built in with the psm server.
+ *
+ *    2      The module that was deleted was the FIPS  internal module.
+ *
+ * RETURN
+ * A return value of CMTSuccess indicates the security module was successfully
+ * delete from the psm security module database and the value at *moduleType
+ * will tell what type of module was deleted.
+ * Any other return value indicates an error and the value at *moduleType 
+ * should be ignored.
+ */
+CMTStatus
+CMT_DeleteModule(PCMT_CONTROL  control,
+                 char         *moduleName,
+                 int          *moduleType);
+
+
+/*
+ * FUNCTION: CMT_AddNewModule
+ * --------------------------
+ * INPUTS:
+ *    control
+ *        The Control Connection that has already established a connection
+ *        with the psm server.
+ *    moduleName
+ *        The name to be associated with the module once it is added to 
+ *        the psm security module database.
+ *    libraryPath
+ *        The path to the library to be  loaded.  The library should be 
+ *        loadable at run-time.
+ *    pubMechFlags
+ *        A bit vector indicating all cryptographic mechanisms that should
+ *        be turned on by default.  This module will become the default 
+ *        handler for the mechanisms that are set by this bit vector.
+ *    pubCipherFlags
+ *        A bit vector indicating all SSL or S/MIME cipher functions
+ *        supported by the module. Most modules will pas in 0x0 for this
+ *        parameter.
+ * NOTES:
+ * This function sends a message to the psm server and requests the .so
+ * file on UNIX or .dll file on Windows be loaded as a PKCS11 module and 
+ * be stored in the psm security module database.  The module will be stored
+ * with the name moduleName that is passed in and will always expect the 
+ * library to live at the path passed in via the parameter libraryPath.
+ * The pubMechFlags tell the psm server how this module should be used.
+ * Valid values are the #define constants defined at the beginning of
+ * this file.
+ * 
+ * RETURN
+ * A return value of CMTSuccess indicates the module was successfully loaded
+ * and placed in the security module database of psm.  Any other return value
+ * indicates an error and means the module was not loaded successfully and
+ * not stored in the psm server's security module database.
+ */
+CMTStatus
+CMT_AddNewModule(PCMT_CONTROL  control,
+                 char         *moduleName,
+                 char         *libraryPath,
+                 unsigned long pubMechFlags,
+                 unsigned long pubCipherFlags);
+
+CMT_END_EXTERN_C
+
+#endif /*_CMTJS_H_*/

mozilla/security/psm/lib/client/cmtmac.c

@@ -0,0 +1,75 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+
+#include "cmtmac.h"
+#include "macsocket.h"
+#include "stdlib.h"
+
+#ifndef XP_MAC
+#error Link with the builtin strdup() on your platform.
+#endif
+
+
+static void 
+my_strcpy(char *dest, const char *source)
+{
+	char *i = dest;
+	const char *j = source;
+	while(*j)
+		*i++ = *j++;
+	*i = '\0';
+}
+
+static int
+my_strlen(const char *str)
+{
+	const char *c = str;
+	int i = 0;
+	
+	while(*c++ != '\0')
+		i++;
+	return i;
+}
+
+char * strdup(const char *oldstr)
+{
+	/* used to keep the mac client library from referring to strdup elsewhere */
+	char *newstr;
+	
+	newstr = (char *) malloc(my_strlen(oldstr)+1);
+	if (newstr)
+		my_strcpy(newstr, oldstr);
+	return newstr;
+}
+

mozilla/security/psm/lib/client/cmtmac.h

@@ -0,0 +1,40 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+
+#ifndef __CMTMAC_H__
+#define __CMTMAC_H__
+
+char * strdup(const char *str);
+
+#endif

mozilla/security/psm/lib/client/cmtpasswd.c

@@ -0,0 +1,119 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/************************************************************************
+ * Code to handle password requests from the the PSM module.
+ * 
+ ************************************************************************
+ */
+
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+
+void CMT_SetAppFreeCallback(PCMT_CONTROL control, 
+			    applicationFreeCallback_fn f)
+{
+  control->userFuncs.userFree = f;
+}
+    
+void CMT_ServicePasswordRequest(PCMT_CONTROL cm_control, CMTItem * requestData)
+{ 
+  CMTItem response = {0, NULL, 0};
+  PasswordRequest request;
+  PasswordReply reply;
+  void * clientContext;
+
+  /********************************************
+   *  What we trying to do here: 
+   *  1) Throw up a dialog box and request a password.
+   *  2) Create a message and send it to the PSM module.
+   ********************************************
+   */
+  
+  /* Decode the request */
+  if (CMT_DecodeMessage(PasswordRequestTemplate, &request, requestData) != CMTSuccess) {
+      goto loser;
+  }
+
+  /* Copy the client context to a pointer */
+  clientContext = CMT_CopyItemToPtr(request.clientContext);
+
+  if (cm_control->userFuncs.promptCallback == NULL) {
+      goto loser;
+  }
+  reply.passwd = 
+    cm_control->userFuncs.promptCallback(cm_control->userFuncs.promptArg, 
+					 request.prompt, clientContext, 1);
+  reply.tokenID = request.tokenKey;
+  if (!reply.passwd) {
+      /* the user cancelled the prompt or other errors occurred */
+      reply.result = -1;
+  }
+  else {
+      /* note that this includes an empty string (zero length password) */
+      reply.result = 0;
+  }
+
+  /* Encode the reply */
+  if (CMT_EncodeMessage(PasswordReplyTemplate, &response, &reply) != CMTSuccess) {
+      goto loser;
+  }
+
+  /* Set the message response type */
+  response.type = SSM_EVENT_MESSAGE | SSM_AUTH_EVENT;
+  CMT_TransmitMessage(cm_control, &response);
+  goto done;
+loser:
+  /* something has gone wrong */
+
+done:
+  /*clean up anyway */
+  /* We can't just free up memory allocated by the host
+     application because the versions of free may not match up.
+     When you run the plug-in with an optimized older browser,
+     you'll see tons of Asserts (why they still have asserts in an
+     optimized build is a different question, but without them 
+     I wouldn't have figured out this problem) about a pointer not
+     being a valid heap pointer and eventually crash.  This was 
+     the offending free line.
+     So we need to call a function within the browser that 
+     calls the free linked in with it.  js_free is
+     such a function.  But this is extremely ugly.
+   */
+  if (reply.passwd) 
+    cm_control->userFuncs.userFree(reply.passwd);
+  if (request.prompt) 
+    free(request.prompt);
+  return;
+}
+

mozilla/security/psm/lib/client/cmtpkcs7.c

@@ -0,0 +1,636 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <sys/time.h>
+#else
+#ifdef XP_MAC
+#include "macsocket.h"
+#else /* Windows */
+#include <windows.h>
+#include <winsock.h>
+#endif
+#endif
+#include <errno.h>
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include "rsrcids.h"
+
+typedef struct _CMTP7Private {
+    CMTPrivate priv;
+    CMTP7ContentCallback cb;
+    void *cb_arg;
+} CMTP7Private;
+
+CMTStatus CMT_PKCS7DecoderStart(PCMT_CONTROL control, void* clientContext, CMUint32 * connectionID, CMInt32 * result,
+                                CMTP7ContentCallback cb, void *cb_arg)
+{
+    CMTItem message;
+    CMTStatus rv;
+    CMTP7Private *priv=NULL;
+    SingleItemMessage request;
+    DataConnectionReply reply;
+
+    /* Check passed in parameters */
+    if (!control) {
+        goto loser;
+    }
+
+    request.item = CMT_CopyPtrToItem(clientContext);
+
+    /* Encode message */
+    if (CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | SSM_PKCS7DECODE_STREAM;
+
+    /* Send the message. */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | SSM_PKCS7DECODE_STREAM)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        CMTSocket sock;
+
+        priv = (CMTP7Private *)malloc(sizeof(CMTP7Private));
+        if (priv == NULL)
+            goto loser;
+        priv->priv.dest = (CMTReclaimFunc) free;
+        priv->cb = cb;
+        priv->cb_arg = cb_arg;
+        sock = control->sockFuncs.socket(0);
+        if (sock == NULL) {
+            goto loser;
+        }
+ 
+       if (control->sockFuncs.connect(sock, (short)reply.port, 
+                                      NULL) != CMTSuccess) {
+            goto loser;
+        }
+ 
+        if (control->sockFuncs.send(sock, control->nonce.data, 
+                                    control->nonce.len) != control->nonce.len){
+            goto loser;
+        }
+
+        /* Save connection info */
+        if (CMT_AddDataConnection(control, sock, reply.connID)
+            != CMTSuccess) {
+            goto loser;
+        }
+        *connectionID = reply.connID;
+
+        rv = CMT_SetPrivate(control, reply.connID, &priv->priv);
+        if (rv != CMTSuccess)
+            goto loser;
+
+        return CMTSuccess;
+    } 
+
+loser:
+    if (priv) {
+        free(priv);
+    }
+
+	*result = reply.result;
+    return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7DecoderUpdate(PCMT_CONTROL control, CMUint32 connectionID, const char * buf, CMUint32 len)
+{
+    CMUint32 sent;
+    CMTP7Private *priv;
+    unsigned long nbytes;
+    char read_buf[128];
+    CMTSocket sock, ctrlsock, selSock, sockArr[2];
+
+    /* Do some parameter checking */
+    if (!control || !buf) {
+        goto loser;
+    }
+
+    /* Get the data socket */
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    priv = (CMTP7Private *)CMT_GetPrivate(control, connectionID);
+    if (priv == NULL)
+        goto loser;
+
+    /* Write the data to the socket */
+    sent = CMT_WriteThisMany(control, sock, (void*)buf, len);
+    if (sent != len) {
+        goto loser;
+    }
+
+	ctrlsock = control->sock;
+	sockArr[0] = ctrlsock;
+	sockArr[1] = sock;
+    while ((selSock = control->sockFuncs.select(sockArr,2,1))) 
+    {
+		if (selSock == ctrlsock) {
+			CMT_ProcessEvent(control);
+		} else {
+	        nbytes = control->sockFuncs.recv(sock, read_buf, sizeof(read_buf));
+		    if (nbytes == -1) {
+			    goto loser;
+			}
+			if (nbytes == 0) {
+	            break;
+		    }
+			priv->cb(priv->cb_arg, read_buf, nbytes);
+		}
+    }
+
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+                                                                                
+CMTStatus CMT_PKCS7DecoderFinish(PCMT_CONTROL control, CMUint32 connectionID, 
+                                 CMUint32 * resourceID)
+{
+    CMTP7Private *priv;
+    long nbytes;
+    char buf[128];
+    CMTSocket sock, ctrlsock, selSock, sockArr[2];
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    priv = (CMTP7Private *)CMT_GetPrivate(control, connectionID);
+    if (priv == NULL)
+        goto loser;
+
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    ctrlsock = control->sock;
+    /* drain socket before we close it */
+    control->sockFuncs.shutdown(sock);
+    sockArr[0] = sock;
+    sockArr[1] = ctrlsock;
+    /* Let's see if doing a poll first gets rid of a weird bug where we
+     * lock up the client.
+     */
+#ifndef XP_MAC
+    if (control->sockFuncs.select(sockArr,2,1) != NULL)
+#endif
+	{
+        while (1) {
+            selSock = control->sockFuncs.select(sockArr,2,0);
+            if (selSock == ctrlsock) {
+                CMT_ProcessEvent(control);
+            } else if (selSock == sock) {
+                nbytes = control->sockFuncs.recv(sock, buf, sizeof(buf));
+                if (nbytes < 0) {
+                    goto loser;
+                } else if (nbytes == 0) {
+                    break;
+                }
+                priv->cb(priv->cb_arg, buf, nbytes);
+            }
+        }
+    }
+    
+    if (CMT_CloseDataConnection(control, connectionID) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Get the PKCS7 content info */
+    if (CMT_GetRIDAttribute(control, connectionID, SSM_FID_P7CONN_CONTENT_INFO,
+                            resourceID) == CMTFailure) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+
+loser:
+    if (control) {
+        CMT_CloseDataConnection(control, connectionID);
+    }
+    
+    return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7DestroyContentInfo(PCMT_CONTROL control, CMUint32 resourceID)
+{
+    if (!control) {
+        goto loser;
+    }
+
+    /* Delete the resource */
+    if (CMT_DestroyResource(control, resourceID, SSM_FID_P7CONN_CONTENT_INFO) == CMTFailure) {
+        goto loser;
+    }
+    return CMTSuccess;
+
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7VerifyDetachedSignature(PCMT_CONTROL control, CMUint32 resourceID, CMUint32 certUsage, CMUint32 hashAlgID, CMUint32 keepCerts, CMTItem* digest, CMInt32 * result)
+{
+    CMTItem message;
+    VerifyDetachedSigRequest request;
+    SingleNumMessage reply;
+
+    /* Do some parameter checking */
+    if (!control || !digest || !result) {
+        goto loser;
+    }
+
+    /* Set the request */
+    request.pkcs7ContentID = resourceID;
+    request.certUsage = certUsage;
+    request.hashAlgID = hashAlgID;
+    request.keepCert = (CMBool) keepCerts;
+    request.hash = *digest;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(VerifyDetachedSigRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_OBJECT_SIGNING | SSM_VERIFY_DETACHED_SIG;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_OBJECT_SIGNING |SSM_VERIFY_DETACHED_SIG)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *result = reply.value;
+    return CMTSuccess;
+loser:
+	*result = reply.value;
+	return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7VerifySignature(PCMT_CONTROL control, CMUint32 pubKeyAlgID,
+                                   CMTItem *pubKeyParams, CMTItem *signerPubKey,
+                                   CMTItem *computedHash, CMTItem *signature,
+                                   CMInt32 *result)
+{
+	return CMTFailure;
+}
+
+CMTStatus CMT_CreateSigned(PCMT_CONTROL control, CMUint32 scertRID,
+                           CMUint32 ecertRID, CMUint32 dig_alg,
+                           CMTItem *digest, CMUint32 *ciRID, CMInt32 *errCode)
+{
+    CMTItem message;
+    CreateSignedRequest request;
+    CreateContentInfoReply reply;
+
+    /* Do some parameter checking */
+    if (!control || !scertRID || !ecertRID || !digest || !ciRID) {
+        goto loser;
+    }
+
+    /* Set the request */
+    request.scertRID = scertRID;
+    request.ecertRID = ecertRID;
+    request.dig_alg = dig_alg;
+    request.digest = *digest;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(CreateSignedRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_OBJECT_SIGNING | SSM_CREATE_SIGNED;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_OBJECT_SIGNING | SSM_CREATE_SIGNED)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(CreateContentInfoReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *ciRID = reply.ciRID;
+    if (reply.result == 0) {
+		return CMTSuccess;
+	} 
+
+loser:
+    if (CMT_DecodeMessage(CreateContentInfoReplyTemplate, &reply, &message) == CMTSuccess) {
+        *errCode = reply.errorCode;
+    } else {
+        *errCode = 0;
+    }
+	return CMTFailure;
+}
+
+CMTStatus CMT_CreateEncrypted(PCMT_CONTROL control, CMUint32 scertRID,
+                              CMUint32 *rcertRIDs, CMUint32 *ciRID)
+{
+    CMTItem message;
+    CMInt32 nrcerts;
+    CreateEncryptedRequest request;
+    CreateContentInfoReply reply;
+
+    /* Do some parameter checking */
+    if (!control || !scertRID || !rcertRIDs || !ciRID) {
+        goto loser;
+    }
+
+    /* Calculate the number of certs */
+    for (nrcerts =0; rcertRIDs[nrcerts] != 0; nrcerts++) {
+        /* Nothing */
+        ;
+    }
+
+    /* Set up the request */
+    request.scertRID = scertRID;
+    request.nrcerts = nrcerts;
+    request.rcertRIDs = (long *) rcertRIDs;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(CreateEncryptedRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_OBJECT_SIGNING | SSM_CREATE_ENCRYPTED;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message response type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_OBJECT_SIGNING | SSM_CREATE_ENCRYPTED)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(CreateContentInfoReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *ciRID = reply.ciRID;
+    if (reply.result == 0) {
+		return CMTSuccess;
+	} 
+loser:
+	return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7EncoderStart(PCMT_CONTROL control, CMUint32 ciRID,
+                                CMUint32 *connectionID, CMTP7ContentCallback cb,
+                                void *cb_arg)
+{
+    CMTItem message;
+    CMTStatus rv;
+    CMTP7Private *priv;
+    PKCS7DataConnectionRequest request;
+    DataConnectionReply reply;
+
+    /* Check passed in parameters */
+    if (!control || !ciRID) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = ciRID;
+    request.clientContext.len = 0;
+    request.clientContext.data = NULL;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(PKCS7DataConnectionRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | SSM_PKCS7ENCODE_STREAM;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | SSM_PKCS7ENCODE_STREAM)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        CMTSocket sock;
+
+        priv = (CMTP7Private *)malloc(sizeof(CMTP7Private));
+        if (priv == NULL)
+            goto loser;
+        priv->priv.dest = (CMTReclaimFunc) free;
+        priv->cb = cb;
+        priv->cb_arg = cb_arg;
+
+        sock = control->sockFuncs.socket(0);
+        if (sock == NULL) {
+            goto loser;
+        }
+        if (control->sockFuncs.connect(sock, (short)reply.port, 
+                                       NULL) != CMTSuccess) {
+            goto loser;
+        }
+        if (control->sockFuncs.send(sock, control->nonce.data, 
+                                   control->nonce.len) != control->nonce.len) {
+            goto loser;
+        }
+        /* Save connection info */
+        if (CMT_AddDataConnection(control, sock, reply.connID)
+            != CMTSuccess) {
+            goto loser;
+        }
+        *connectionID = reply.connID;
+
+        rv = CMT_SetPrivate(control, reply.connID, &priv->priv);
+        if (rv != CMTSuccess)
+            goto loser;
+        return CMTSuccess;
+    } 
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7EncoderUpdate(PCMT_CONTROL control, CMUint32 connectionID,
+                                 const char *buf, CMUint32 len)
+{
+    CMUint32 sent;
+    CMTP7Private *priv;
+    unsigned long nbytes;
+    char read_buf[128];
+    CMTSocket sock, ctrlsock, sockArr[2], selSock;
+
+    /* Do some parameter checking */
+    if (!control || !connectionID || !buf) {
+        goto loser;
+    }
+
+    /* Get the data socket */
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    priv = (CMTP7Private *)CMT_GetPrivate(control, connectionID);
+    if (priv == NULL)
+        goto loser;
+
+    /* Write the data to the socket */
+    sent = CMT_WriteThisMany(control, sock, (void*)buf, len);
+    if (sent != len) {
+        goto loser;
+    }
+	ctrlsock = control->sock;
+	sockArr[0] = ctrlsock;
+	sockArr[1] = sock;
+    while ((selSock = control->sockFuncs.select(sockArr, 2, 1)) != NULL) 
+    {
+		if (selSock == ctrlsock) {
+			CMT_ProcessEvent(control);
+		} else {
+	        nbytes = control->sockFuncs.recv(sock, read_buf, sizeof(read_buf));
+		    if (nbytes == -1) {
+			    goto loser;
+			} else if (nbytes == 0) {
+	            break;
+		    } else {
+			    priv->cb(priv->cb_arg, read_buf, nbytes);
+			}
+		}
+    }
+    return CMTSuccess;
+
+loser:
+
+    return CMTFailure;
+}
+
+CMTStatus CMT_PKCS7EncoderFinish(PCMT_CONTROL control, CMUint32 connectionID)
+{
+    CMTP7Private *priv;
+    unsigned long nbytes;
+    char buf[128];
+    CMTSocket sock, ctrlsock, sockArr[2], selSock;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    priv = (CMTP7Private *)CMT_GetPrivate(control, connectionID);
+    if (priv == NULL)
+        goto loser;
+
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    ctrlsock = control->sock;
+    sockArr[0] = ctrlsock;
+    sockArr[1] = sock;
+    control->sockFuncs.shutdown(sock);
+    while (1) {
+        selSock = control->sockFuncs.select(sockArr, 2, 0);
+        if (selSock == ctrlsock) {
+            CMT_ProcessEvent(control);
+        } else if (selSock == sock) {
+            nbytes = control->sockFuncs.recv(sock, buf, sizeof(buf));
+            if (nbytes < 0) {
+                goto loser;
+            } else if (nbytes == 0) {
+                break;
+            } else {
+                priv->cb(priv->cb_arg, buf, nbytes);
+            }
+        }
+    }
+    if (CMT_CloseDataConnection(control, connectionID) == CMTFailure) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+
+loser:
+    if (control) {
+        CMT_CloseDataConnection(control, connectionID);
+    }
+    
+    return CMTFailure;
+}

mozilla/security/psm/lib/client/cmtres.c

@@ -0,0 +1,479 @@
+/* -*- mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#else
+#ifdef XP_MAC
+#include "macsocket.h"
+#else
+#include <windows.h>
+#include <winsock.h>
+#endif
+#endif
+#include <errno.h>
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include <string.h>
+
+CMTStatus CMT_GetNumericAttribute(PCMT_CONTROL control, CMUint32 resourceID, CMUint32 fieldID, CMInt32 *value)
+{
+    CMTItem message;
+    GetAttribRequest request;
+    GetAttribReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = resourceID;
+    request.fieldID = fieldID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(GetAttribRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_NUMERIC_ATTRIBUTE;
+
+    /* Send the mesage and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_NUMERIC_ATTRIBUTE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(GetAttribReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    *value = reply.value.u.numeric;
+
+    /* Success */
+    if (reply.result == 0) {
+        return CMTSuccess;
+    } 
+
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_SetNumericAttribute(PCMT_CONTROL control, CMUint32 resourceID,
+				  CMUint32 fieldID, CMInt32 value)
+{
+    CMTItem message;
+    SetAttribRequest request;
+
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set the request */
+    request.resID = resourceID;
+    request.fieldID = fieldID;
+    request.value.type = SSM_NUMERIC_ATTRIBUTE;
+    request.value.u.numeric = value;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(SetAttribRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | 
+                   SSM_SET_ATTRIBUTE | SSM_NUMERIC_ATTRIBUTE;
+
+    if (CMT_SendMessage(control, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | 
+                              SSM_SET_ATTRIBUTE    | SSM_NUMERIC_ATTRIBUTE)) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_PadStringValue(CMTItem *dest, CMTItem src)
+{
+    dest->data = NewArray(unsigned char, src.len+1);
+    if (dest->data == NULL) {
+        return CMTFailure;
+    }
+    memcpy(dest->data, src.data, src.len);
+    dest->data[src.len] = '\0';
+    dest->len = src.len;
+    free(src.data);
+    return CMTSuccess;
+}
+
+CMTStatus CMT_GetStringAttribute(PCMT_CONTROL control, CMUint32 resourceID, CMUint32 fieldID, CMTItem *value)
+{
+    CMTItem message;
+    GetAttribRequest request;
+    GetAttribReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = resourceID;
+    request.fieldID = fieldID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(GetAttribRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_STRING_ATTRIBUTE;
+    
+    /* Send the mesage and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_STRING_ATTRIBUTE)) {
+        goto loser;
+    }
+
+    /* Decode the response */
+    if (CMT_DecodeMessage(GetAttribReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        return CMT_PadStringValue(value, reply.value.u.string);
+    } 
+loser:
+    return CMTFailure;
+}
+
+CMTStatus
+CMT_SetStringAttribute(PCMT_CONTROL control, CMUint32 resourceID,
+		       CMUint32 fieldID, CMTItem *value)
+{
+    CMTItem message;
+    SetAttribRequest request;
+    
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = resourceID;
+    request.fieldID = fieldID;
+    request.value.type = SSM_STRING_ATTRIBUTE;
+    request.value.u.string = *value;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SetAttribRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | 
+                   SSM_SET_ATTRIBUTE | SSM_STRING_ATTRIBUTE;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Validate the message request type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | 
+                         SSM_SET_ATTRIBUTE    | SSM_STRING_ATTRIBUTE)) {
+        goto loser;
+    }
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_DuplicateResource(PCMT_CONTROL control, CMUint32 resourceID,
+				CMUint32 *newResID)
+{
+    CMTItem message;
+    SingleNumMessage request;
+    DupResourceReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.value = resourceID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_DUPLICATE_RESOURCE;
+
+    /* Send the mesage */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_DUPLICATE_RESOURCE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(DupResourceReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        *newResID = reply.resID;
+        return CMTSuccess;
+    } 
+
+loser:
+    *newResID = 0;
+    return CMTFailure;
+}
+
+CMTStatus CMT_DestroyResource(PCMT_CONTROL control, CMUint32 resourceID, CMUint32 resourceType)
+{
+    CMTItem message;
+    DestroyResourceRequest request;
+    SingleNumMessage reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resID = resourceID;
+    request.resType = resourceType;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(DestroyResourceRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_DESTROY_RESOURCE;
+
+    /* Send the message */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_DESTROY_RESOURCE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.value == 0) {
+        return CMTSuccess;
+    }
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_PickleResource(PCMT_CONTROL control, CMUint32 resourceID, CMTItem * pickledResource)
+{
+    CMTItem message;
+    SingleNumMessage request;
+    PickleResourceReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.value = resourceID;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_CONSERVE_RESOURCE | SSM_PICKLE_RESOURCE;
+
+    /* Send the mesage and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_CONSERVE_RESOURCE | SSM_PICKLE_RESOURCE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(PickleResourceReplyTemplate, &reply,&message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        *pickledResource = reply.blob;
+        return CMTSuccess;
+    } 
+
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_UnpickleResource(PCMT_CONTROL control, CMUint32 resourceType, CMTItem pickledResource, CMUint32 * resourceID)
+{
+    CMTItem message;
+    UnpickleResourceRequest request;
+    UnpickleResourceReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set up the request */
+    request.resourceType = resourceType;
+    request.resourceData = pickledResource;
+
+    /* Encode the request */
+    if (CMT_EncodeMessage(UnpickleResourceRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_CONSERVE_RESOURCE | SSM_UNPICKLE_RESOURCE;
+    
+    /* Send the mesage and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_CONSERVE_RESOURCE | SSM_UNPICKLE_RESOURCE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(UnpickleResourceReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        *resourceID = reply.resID;
+        return CMTSuccess;
+    } 
+
+loser:
+    *resourceID = 0;
+    return CMTFailure;
+}
+
+CMTStatus CMT_GetRIDAttribute(PCMT_CONTROL control, CMUint32 resourceID, CMUint32 fieldID, CMUint32 *value)
+{
+    CMTItem message;
+    GetAttribRequest request;
+    GetAttribReply reply;
+
+    /* Do some parameter checking */
+    if (!control) {
+        goto loser;
+    }
+
+    /* Set the request */
+    request.resID = resourceID;
+    request.fieldID = fieldID;
+
+    /* Encode the message */
+    if (CMT_EncodeMessage(GetAttribRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_RID_ATTRIBUTE;
+
+    /* Send the mesage and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message response type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION | SSM_GET_ATTRIBUTE | SSM_RID_ATTRIBUTE)) {
+        goto loser;
+    }
+
+    /* Decode the reply */
+    if (CMT_DecodeMessage(GetAttribReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Success */
+    if (reply.result == 0) {
+        *value = reply.value.u.rid;
+        return CMTSuccess;
+    } 
+loser:
+    return CMTFailure;
+}
+ 

mozilla/security/psm/lib/client/cmtrng.c

@@ -0,0 +1,270 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*
+  cmtrng.c -- Support for PSM random number generator and the seeding
+              thereof with data from the client.
+
+  Created by mwelch 1999 Oct 21
+ */
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include "rsrcids.h"
+#include <string.h>
+
+CMTStatus
+CMT_EnsureInitializedRNGBuf(PCMT_CONTROL control)
+{
+    if (control->rng.outBuf == NULL)
+    {
+        control->rng.outBuf = (char *) calloc(RNG_OUT_BUFFER_LEN, sizeof(char));
+        if (control->rng.outBuf == NULL)
+            goto loser;
+
+        control->rng.validOutBytes = 0;
+        control->rng.out_cur = control->rng.outBuf;
+        control->rng.out_end = control->rng.out_cur + RNG_OUT_BUFFER_LEN;
+        
+        control->rng.inBuf = (char *) calloc(RNG_IN_BUFFER_LEN, sizeof(char));
+        if (control->rng.outBuf == NULL)
+            goto loser;
+    }
+
+    return CMTSuccess;
+
+ loser:
+    if (control->rng.outBuf != NULL)
+    {
+        free(control->rng.outBuf);
+        control->rng.outBuf = NULL;
+    }
+    if (control->rng.inBuf != NULL)
+    {
+        free(control->rng.inBuf);
+        control->rng.inBuf = NULL;
+    }
+
+    return CMTFailure;
+}
+
+
+size_t 
+CMT_RequestPSMRandomData(PCMT_CONTROL control, 
+                         void *buf, CMUint32 maxbytes)
+{
+    SingleNumMessage req;
+    SingleItemMessage reply;
+    CMTItem message;
+    size_t rv = 0;
+    
+    /* Parameter checking */
+    if (!control || !buf || (maxbytes == 0))
+        goto loser;
+
+    /* Initialization. */
+    memset(&reply, 0, sizeof(SingleItemMessage));
+
+    /* Ask PSM for the data. */
+    req.value = maxbytes;
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &req) != CMTSuccess)
+        goto loser;
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_MISC_ACTION | SSM_MISC_GET_RNG_DATA;
+    
+    /* Send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure)
+        goto loser;
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_MISC_ACTION | SSM_MISC_GET_RNG_DATA))
+        goto loser;
+
+    /* Decode message */
+    if (CMT_DecodeMessage(SingleItemMessageTemplate, &reply, &message) != CMTSuccess)
+        goto loser;
+
+    /* Success - fill the return buf with what we got */
+    if (reply.item.len > maxbytes)
+        reply.item.len = maxbytes;
+
+    memcpy(buf, reply.item.data, reply.item.len);
+    rv = reply.item.len;
+
+ loser:
+    if (reply.item.data)
+        free(reply.item.data);
+    if (message.data)
+        free(message.data);
+
+    return rv;
+}
+
+size_t 
+CMT_GenerateRandomBytes(PCMT_CONTROL control, 
+                        void *buf, CMUint32 maxbytes)
+{
+    CMUint32 remaining = maxbytes;
+    CMT_RNGState *rng = &(control->rng);
+    char *walk = (char *) buf;
+
+    /* Is there already enough in the incoming cache? */
+    while(remaining > rng->validInBytes)
+    {
+        /* Get what we have on hand. */
+        memcpy(walk, rng->in_cur, rng->validInBytes);
+        walk += rng->validInBytes;
+        remaining -= rng->validInBytes;
+
+        /* Request a buffer from PSM. */
+        rng->validInBytes = CMT_RequestPSMRandomData(control, 
+                                                     rng->inBuf, 
+                                                     RNG_IN_BUFFER_LEN);
+        if (rng->validInBytes == 0)
+            return (maxbytes - remaining); /* call failed */
+        rng->in_cur = rng->inBuf;
+    }
+    if (remaining > 0)
+    {
+        memcpy(walk, rng->in_cur, remaining);
+        rng->in_cur += remaining;
+        rng->validInBytes -= remaining;
+    }
+    return maxbytes;
+}
+
+void
+cmt_rng_xor(void *dstBuf, void *srcBuf, int len)
+{
+    unsigned char *s = (unsigned char*) srcBuf;
+    unsigned char *d = (unsigned char*) dstBuf;
+    unsigned char tmp;
+    int i;
+
+    for(i=0; i<len; i++, s++, d++)
+    {
+        tmp = *d;
+        /* I wish C had circular shift operators. So do others on the team. */
+        tmp = ((tmp << 1) | (tmp >> 7));
+        *d = tmp ^ *s;
+    }
+}
+
+CMTStatus 
+CMT_RandomUpdate(PCMT_CONTROL control, void *data, size_t numbytes)
+{
+    size_t dataLeft = numbytes, cacheLeft;
+    char *walk = (char *) data;
+
+    if (CMT_EnsureInitializedRNGBuf(control) != CMTSuccess)
+        goto loser;
+
+    /* If we have more than what the buffer can handle, wrap around. */
+    cacheLeft = (control->rng.out_end - control->rng.out_cur);
+    while (dataLeft >= cacheLeft)
+    {
+        cmt_rng_xor(control->rng.out_cur, walk, cacheLeft);
+        walk += cacheLeft;
+        dataLeft -= cacheLeft;
+
+        control->rng.out_cur = control->rng.outBuf;
+
+        /* Max out used space */
+        control->rng.validOutBytes = cacheLeft = RNG_OUT_BUFFER_LEN;
+    }
+
+    /* 
+       We now have less seed data available than we do space in the buf.
+       Write what we have and update validOutBytes if we're not looping already.
+     */
+    cmt_rng_xor(control->rng.out_cur, walk, dataLeft);
+    control->rng.out_cur += dataLeft;
+    if (control->rng.validOutBytes < RNG_OUT_BUFFER_LEN)
+        control->rng.validOutBytes += dataLeft;
+
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+size_t
+CMT_GetNoise(PCMT_CONTROL control, void *buf, CMUint32 maxbytes)
+{
+    /* ### mwelch - GetNoise and GenerateRandomBytes can be the 
+       same function now, because presumably the RNG is being 
+       seeded with environmental noise on the PSM end before we 
+       make any of these requests */
+    return CMT_GenerateRandomBytes(control, buf, maxbytes);
+}
+
+CMTStatus 
+CMT_FlushPendingRandomData(PCMT_CONTROL control)
+{
+    CMTItem message;
+
+    memset(&message, 0, sizeof(CMTItem));
+
+    if (CMT_EnsureInitializedRNGBuf(control) != CMTSuccess)
+        return CMTFailure; /* couldn't initialize RNG buffer */
+
+    if (control->rng.validOutBytes == 0)
+        return CMTSuccess; /* no random data available == we're flushed */
+
+    /* We have random data available. Send this to PSM.
+       We're sending an event, so no reply is needed. */
+    message.type = SSM_EVENT_MESSAGE 
+        | SSM_MISC_ACTION 
+        | SSM_MISC_PUT_RNG_DATA;
+    message.len = control->rng.validOutBytes;
+    message.data = (unsigned char *) calloc(message.len, sizeof(char));
+    if (!message.data)
+        goto loser;
+    memcpy(message.data, control->rng.outBuf, message.len);
+
+    if (CMT_TransmitMessage(control, &message) == CMTFailure)
+        goto loser;
+
+    /* Clear the RNG ring buffer, we've used that data */
+    control->rng.out_cur = control->rng.outBuf;
+    control->rng.validOutBytes = 0;
+    /* zero the buffer, because we XOR in new data */
+    memset(control->rng.outBuf, 0, RNG_OUT_BUFFER_LEN);
+
+    goto done;
+ loser:
+    if (message.data)
+        free(message.data);
+    return CMTFailure;
+ done:
+    return CMTSuccess;
+}

mozilla/security/psm/lib/client/cmtsdr.c

@@ -0,0 +1,237 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*
+  cmtsdr.c -- Support for the Secret Decoder Ring, which provides
+      encryption and decryption using stored keys.
+
+  Created by thayes 18 April 2000
+ */
+#include "stddef.h"
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include "protocolshr.h"
+#include "rsrcids.h"
+#include <string.h>
+
+#undef PROCESS_LOCALLY
+
+/* Encryption result - contains the key id and the resulting data */
+/* An empty key id indicates that NO encryption was performed */
+typedef struct EncryptionResult
+{
+  CMTItem keyid;
+  CMTItem data;
+} EncryptionResult;
+
+/* Constants for testing */
+static const char *kPrefix = "Encrypted:";
+
+static CMTItem
+CMT_CopyDataToItem(const unsigned char *data, CMUint32 len)
+{
+  CMTItem item;
+
+  item.data = (unsigned char*) calloc(len, 1);
+  item.len = len;
+  memcpy(item.data, data, len);
+
+  return item;
+}
+
+
+static CMTStatus
+tmp_SendMessage(PCMT_CONTROL control, CMTItem *message)
+{
+#ifndef PROCESS_LOCALLY
+  return CMT_SendMessage(control, message);
+#else
+  if (message->type == SSM_SDR_ENCRYPT_REQUEST) 
+    return CMT_DoEncryptionRequest(message);
+  else if (message->type == SSM_SDR_DECRYPT_REQUEST)
+    return CMT_DoDecryptionRequest(message);
+
+  return CMTFailure;
+#endif
+}
+/* End test code */
+
+CMTStatus
+CMT_SDREncrypt(PCMT_CONTROL control, void *ctx,
+               const unsigned char *key, CMUint32 keyLen,
+               const unsigned char *data, CMUint32 dataLen,
+               unsigned char **result, CMUint32 *resultLen)
+{
+  CMTStatus rv = CMTSuccess;
+  CMTItem message;
+  EncryptRequestMessage request;
+  SingleItemMessage reply;
+
+  /* Fill in the request */
+  request.keyid = CMT_CopyDataToItem(key, keyLen);
+  request.data = CMT_CopyDataToItem(data, dataLen);
+  request.ctx = CMT_CopyPtrToItem(ctx);
+
+  reply.item.data = 0;
+  reply.item.len = 0;
+  message.data = 0;
+  message.len = 0;
+
+  /* Encode */
+  rv = CMT_EncodeMessage(EncryptRequestTemplate, &message, &request);
+  if (rv != CMTSuccess) {
+    goto loser;
+  }
+
+  message.type = SSM_SDR_ENCRYPT_REQUEST;
+
+  /* Send */
+  /* if (CMT_SendMessage(control, &message) != CMTSuccess) goto loser; */
+  rv = tmp_SendMessage(control, &message);
+  if (rv != CMTSuccess) goto loser;
+
+  if (message.type != SSM_SDR_ENCRYPT_REPLY) { rv = CMTFailure; goto loser; }
+
+  rv = CMT_DecodeMessage(SingleItemMessageTemplate, &reply, &message);
+  if (rv != CMTSuccess)
+    goto loser;
+
+  *result = reply.item.data;
+  *resultLen = reply.item.len;
+
+  reply.item.data = 0;
+
+loser:
+  if (message.data) free(message.data);
+  if (request.keyid.data) free(request.keyid.data);
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
+  if (reply.item.data) free(reply.item.data);
+
+  return rv; /* need return value */
+}
+
+CMTStatus
+CMT_SDRDecrypt(PCMT_CONTROL control, void *ctx,
+               const unsigned char *data, CMUint32 dataLen,
+               unsigned char **result, CMUint32 *resultLen)
+{
+  CMTStatus rv;
+  CMTItem message;
+  DecryptRequestMessage request;
+  SingleItemMessage reply;
+
+  /* Fill in the request */
+  request.data = CMT_CopyDataToItem(data, dataLen);
+  request.ctx = CMT_CopyPtrToItem(ctx);
+
+  reply.item.data = 0;
+  reply.item.len = 0;
+  message.data = 0;
+  message.len = 0;
+
+  /* Encode */
+  rv = CMT_EncodeMessage(DecryptRequestTemplate, &message, &request);
+  if (rv != CMTSuccess) {
+    goto loser;
+  }
+
+  message.type = SSM_SDR_DECRYPT_REQUEST;
+
+  /* Send */
+  /* if (CMT_SendMessage(control, &message) != CMTSuccess) goto loser; */
+  rv = tmp_SendMessage(control, &message);
+  if (rv != CMTSuccess) goto loser;
+
+  if (message.type != SSM_SDR_DECRYPT_REPLY) { rv = CMTFailure; goto loser; }
+
+  rv = CMT_DecodeMessage(SingleItemMessageTemplate, &reply, &message);
+  if (rv != CMTSuccess)
+    goto loser;
+
+  *result = reply.item.data;
+  *resultLen = reply.item.len;
+
+  reply.item.data = 0;
+
+loser:
+  if (message.data) free(message.data);
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
+  if (reply.item.data) free(reply.item.data);
+
+  return rv; /* need return value */
+}
+
+CMTStatus
+CMT_SDRChangePassword(PCMT_CONTROL control, void *ctx)
+{
+  CMTStatus rv = CMTSuccess;
+  CMTItem message;
+  SingleItemMessage request;
+  SingleNumMessage reply;
+
+  /* Fill in the request */
+  request.item = CMT_CopyPtrToItem(ctx);
+
+  message.data = 0;
+  message.len = 0;
+
+  /* Encode */
+  rv = CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request);
+  if (rv != CMTSuccess) {
+    goto loser;
+  }
+
+  message.type = (SSM_REQUEST_MESSAGE|SSM_MISC_ACTION|SSM_MISC_UI|SSM_UI_CHANGE_PASSWORD);
+
+  /* Send */
+  rv = CMT_SendMessage(control, &message);
+  if (rv != CMTSuccess) goto loser;
+
+  if (message.type != 
+     (SSM_REPLY_OK_MESSAGE|SSM_MISC_ACTION|SSM_MISC_UI|SSM_UI_CHANGE_PASSWORD)) { 
+    rv = CMTFailure;
+    goto loser; 
+  }
+
+  rv = CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message);
+  if (rv != CMTSuccess)
+    goto loser;
+
+loser:
+  if (request.item.data) free(request.item.data);
+  if (message.data) free(message.data);
+
+  return rv; /* need return value */
+}

mozilla/security/psm/lib/client/cmtssl.c

@@ -0,0 +1,467 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#else
+#ifdef XP_MAC
+#else /* windows */
+#include <windows.h>
+#include <winsock.h>
+#endif
+#endif
+#include <errno.h>
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "messages.h"
+#include "rsrcids.h"
+
+
+
+CMTStatus CMT_OpenSSLConnection(PCMT_CONTROL control, CMTSocket sock,
+                                SSMSSLConnectionRequestType flags, 
+                                CMUint32 port, char * hostIP, 
+                                char * hostName, CMBool forceHandshake, void* clientContext)
+{
+	CMTItem message;
+    SSLDataConnectionRequest request;
+    DataConnectionReply reply;
+    CMUint32 sent;
+	
+	/* Do some parameter checking */
+	if (!control || !hostIP || !hostName) {
+		goto loser;
+	}
+
+    request.flags = flags;
+    request.port = port;
+    request.hostIP = hostIP;
+    request.hostName = hostName;
+    request.forceHandshake = forceHandshake;
+    request.clientContext = CMT_CopyPtrToItem(clientContext);
+
+    /* Encode message */
+    if (CMT_EncodeMessage(SSLDataConnectionRequestTemplate, &message, &request) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* Set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | SSM_SSL_CONNECTION;
+    
+	/* Send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | SSM_SSL_CONNECTION)) {
+        goto loser;
+    }
+
+    /* Decode message */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) != CMTSuccess) {
+        goto loser;
+    }
+
+	/* Success */
+	if (reply.result == 0) {
+	  if (control->sockFuncs.connect(sock, reply.port, NULL) != CMTSuccess) {
+            goto loser;
+	  }
+	  sent = CMT_WriteThisMany(control, sock, control->nonce.data, 
+                               control->nonce.len);
+	  if (sent != control->nonce.len) {
+            goto loser;
+	  }
+	  
+	  /* Save connection info */
+	  if (CMT_AddDataConnection(control, sock, reply.connID)
+	      != CMTSuccess) {
+	    goto loser;
+	  }
+
+	  return CMTSuccess;
+	} 
+	
+loser:
+	return CMTFailure;
+}
+
+CMTStatus CMT_GetSSLDataErrorCode(PCMT_CONTROL control, CMTSocket sock,
+                                  CMInt32* errorCode)
+{
+    CMUint32 connID;
+
+    if (!control || !errorCode) {
+        goto loser;
+    }
+
+    /* get the data connection */
+    if (CMT_GetDataConnectionID(control, sock, &connID) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* get the PR error */
+    if (CMT_GetNumericAttribute(control, connID, SSM_FID_SSLDATA_ERROR_VALUE,
+                                errorCode) != CMTSuccess) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_ReleaseSSLSocketStatus(PCMT_CONTROL control, CMTSocket sock)
+{
+    CMUint32 connectionID;
+
+    if (!control || !sock) {
+        goto loser;
+    }
+    if (CMT_GetDataConnectionID(control, sock, &connectionID) != CMTSuccess) {
+        goto loser;
+    }
+    if (CMT_SetNumericAttribute(control, connectionID, 
+                                SSM_FID_SSLDATA_DISCARD_SOCKET_STATUS,
+                                0) != CMTSuccess) {
+        goto loser;
+    }
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_GetSSLSocketStatus(PCMT_CONTROL control, CMTSocket sock, 
+                                 CMTItem* pickledStatus, CMInt32* level)
+{
+    CMUint32 connectionID;
+    SingleNumMessage request;
+    CMTItem message;
+    PickleSecurityStatusReply reply;
+
+    if (!control || !pickledStatus || !level) {
+        goto loser;
+    }
+
+	/* get the data connection */
+    if (CMT_GetDataConnectionID(control, sock, &connectionID) != CMTSuccess) {
+		goto loser;
+	}
+
+    /* set up the request */
+    request.value = connectionID;
+
+    /* encode the request */
+    if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | 
+        SSM_CONSERVE_RESOURCE | SSM_PICKLE_SECURITY_STATUS;
+
+    /* send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION |
+                         SSM_CONSERVE_RESOURCE | SSM_PICKLE_SECURITY_STATUS)) {
+        goto loser;
+    }
+
+    /* decode the reply */
+    if (CMT_DecodeMessage(PickleSecurityStatusReplyTemplate, &reply, &message)
+        != CMTSuccess) {
+        goto loser;
+    }
+
+    /* success */
+    if (reply.result == 0) {
+        *pickledStatus = reply.blob;
+        *level = reply.securityLevel;
+        return CMTSuccess;
+    }
+
+loser:
+    return CMTFailure;
+}
+
+
+CMTStatus CMT_OpenTLSConnection(PCMT_CONTROL control, CMTSocket sock,
+                                CMUint32 port, char* hostIP, char* hostName)
+{
+    TLSDataConnectionRequest request;
+    CMTItem message;
+    DataConnectionReply reply;
+    CMUint32 sent;
+
+    /* do some parameter checking */
+    if (!control || !hostIP || !hostName) {
+        goto loser;
+    }
+
+    request.port = port;
+    request.hostIP = hostIP;
+    request.hostName = hostName;
+
+    /* encode the message */
+    if (CMT_EncodeMessage(TLSDataConnectionRequestTemplate, &message, &request)
+        != CMTSuccess) {
+        goto loser;
+    }
+
+    /* set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | 
+        SSM_TLS_CONNECTION;
+
+    /* send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | 
+                         SSM_TLS_CONNECTION)) {
+        goto loser;
+    }
+
+    /* decode the message */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* success */
+    if (reply.result == 0) {
+        if (control->sockFuncs.connect(sock, reply.port, NULL) != CMTSuccess) {
+            goto loser;
+        }
+        sent = CMT_WriteThisMany(control, sock, control->nonce.data, 
+                                 control->nonce.len);
+        if (sent != control->nonce.len) {
+            goto loser;
+        }
+
+        /* save connection info */
+        if (CMT_AddDataConnection(control, sock, reply.connID) != CMTSuccess) {
+            goto loser;
+        }
+
+        return CMTSuccess;
+    }
+loser:
+    return CMTFailure;
+}
+
+
+CMTStatus CMT_TLSStepUp(PCMT_CONTROL control, CMTSocket sock, 
+                        void* clientContext)
+{
+    TLSStepUpRequest request;
+    SingleNumMessage reply;
+    CMTItem message;
+    CMUint32 connectionID;
+
+    /* check arguments */
+    if (!control || !sock) {
+        goto loser;
+    }
+
+    /* get the data connection ID */
+    if (CMT_GetDataConnectionID(control, sock, &connectionID) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* set up the request */
+    request.connID = connectionID;
+    request.clientContext = CMT_CopyPtrToItem(clientContext);
+
+    /* encode the request */
+    if (CMT_EncodeMessage(TLSStepUpRequestTemplate, &message, &request) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | SSM_TLS_STEPUP;
+
+    /* send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION |
+                         SSM_TLS_STEPUP)) {
+        goto loser;
+    }
+
+    /* decode the reply */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    return (CMTStatus) reply.value;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_OpenSSLProxyConnection(PCMT_CONTROL control, CMTSocket sock,
+                                     CMUint32 port, char* hostIP, 
+                                     char* hostName)
+{
+    TLSDataConnectionRequest request;
+    CMTItem message;
+    DataConnectionReply reply;
+    CMUint32 sent;
+
+    /* do some parameter checking */
+    if (!control || !hostIP || !hostName) {
+        goto loser;
+    }
+
+    request.port = port;
+    request.hostIP = hostIP;
+    request.hostName = hostName;
+
+    /* encode the message */
+    if (CMT_EncodeMessage(TLSDataConnectionRequestTemplate, &message, &request)
+        != CMTSuccess) {
+        goto loser;
+    }
+
+    /* set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_DATA_CONNECTION | 
+        SSM_PROXY_CONNECTION;
+
+    /* send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_DATA_CONNECTION | 
+                         SSM_PROXY_CONNECTION)) {
+        goto loser;
+    }
+
+    /* decode the message */
+    if (CMT_DecodeMessage(DataConnectionReplyTemplate, &reply, &message) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* success */
+    if (reply.result == 0) {
+        if (control->sockFuncs.connect(sock, reply.port, NULL) != CMTSuccess) {
+            goto loser;
+        }
+        sent = CMT_WriteThisMany(control, sock, control->nonce.data, 
+                                 control->nonce.len);
+        if (sent != control->nonce.len) {
+            goto loser;
+        }
+
+        /* save connection info */
+        if (CMT_AddDataConnection(control, sock, reply.connID) != CMTSuccess) {
+            goto loser;
+        }
+
+        return CMTSuccess;
+    }
+loser:
+    return CMTFailure;
+}
+
+
+CMTStatus CMT_ProxyStepUp(PCMT_CONTROL control, CMTSocket sock, 
+                        void* clientContext, char* remoteUrl)
+{
+    ProxyStepUpRequest request;
+    SingleNumMessage reply;
+    CMTItem message;
+    CMUint32 connectionID;
+
+    /* check arguments */
+    if (!control || !sock || !remoteUrl) {
+        goto loser;
+    }
+
+    /* get the data connection ID */
+    if (CMT_GetDataConnectionID(control, sock, &connectionID) != CMTSuccess) {
+        goto loser;
+    }
+
+    /* set up the request */
+    request.connID = connectionID;
+    request.clientContext = CMT_CopyPtrToItem(clientContext);
+    request.url = remoteUrl;
+
+    /* encode the request */
+    if (CMT_EncodeMessage(ProxyStepUpRequestTemplate, &message, &request) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    /* set the message request type */
+    message.type = SSM_REQUEST_MESSAGE | SSM_RESOURCE_ACTION | 
+        SSM_PROXY_STEPUP;
+
+    /* send the message and get the response */
+    if (CMT_SendMessage(control, &message) == CMTFailure) {
+        goto loser;
+    }
+
+    /* validate the message reply type */
+    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION |
+                         SSM_PROXY_STEPUP)) {
+        goto loser;
+    }
+
+    /* decode the reply */
+    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) !=
+        CMTSuccess) {
+        goto loser;
+    }
+
+    return (CMTStatus) reply.value;
+loser:
+    return CMTFailure;
+}

mozilla/security/psm/lib/client/cmtutils.c

@@ -0,0 +1,636 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifdef XP_UNIX
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#else
+#ifdef XP_MAC
+#include "macsocket.h"
+#else /* Windows */
+#include <windows.h>
+#include <winsock.h>
+#endif
+#endif
+#include "cmtcmn.h"
+#include "cmtutils.h"
+#include "newproto.h"
+#include <string.h>
+
+/* Local defines */
+#if 0
+#define PSM_WAIT_BEFORE_SLEEP           (CM_TicksPerSecond() * 60)
+#define PSM_SPINTIME                    PSM_WAIT_BEFORE_SLEEP
+#define PSM_KEEP_CONNECTION_ALIVE       (PSM_WAIT_BEFORE_SLEEP * 900)
+#endif
+
+/* If you want to dump the messages sent between the plug-in and the PSM 
+ * server, then remove the comment for the appropriate define.
+ */
+#if 0
+#define PRINT_SEND_MESSAGES
+#define PRINT_RECEIVE_MESSAGES
+#endif
+
+#ifdef PRINT_SEND_MESSAGES
+#ifndef DEBUG_MESSAGES
+#define DEBUG_MESSAGES
+#endif /*DEBUG_MESSAGES*/
+#endif /*PRINT_SEND_MESSAGES*/
+
+#ifdef PRINT_RECEIVE_MESSAGES
+#ifndef DEBUG_MESSAGES
+#define DEBUG_MESSAGES
+#endif /*DEBUG_MESSAGES*/
+#endif /*PRINT_RECEIVE_MESSAGES*/
+
+#ifdef DEBUG_MESSAGES
+#define LOG(x) do { FILE *f; f=fopen("cmnav.log","a+"); if (f) { \
+   fprintf(f, x); fclose(f); } } while(0);
+#define LOG_S(x) do { FILE *f; f=fopen("cmnav.log","a+"); if (f) { \
+   fprintf(f, "%s", x); fclose(f); } } while(0);
+#define ASSERT(x) if (!(x)) { LOG("ASSERT:"); LOG(#x); LOG("\n"); exit(-1); }
+#else
+#define LOG(x)
+#define LOG_S(x)
+#define ASSERT(x)
+#endif
+
+CMUint32
+cmt_Strlen(char *str)
+{
+    CMUint32 len = strlen(str);
+    return sizeof(CMInt32) + (((len + 3)/4)*4);
+}
+
+CMUint32
+cmt_Bloblen(CMTItem *blob)
+{
+    return sizeof(CMInt32) + (((blob->len +3)/4)*4);
+}
+
+char *
+cmt_PackString(char *buf, char *str)
+{
+    CMUint32 len = strlen(str);
+    CMUint32 networkLen = htonl(len);
+    CMUint32 padlen = ((len + 3)/4)*4;
+
+    memcpy(buf, &networkLen, sizeof(CMUint32));
+    memcpy(buf + sizeof(CMUint32), str, len);
+    memset(buf + sizeof(CMUint32) + len, 0, padlen - len);
+
+    return buf+sizeof(CMUint32)+padlen;
+}
+
+char *
+cmt_PackBlob(char *buf, CMTItem *blob)
+{
+    CMUint32 len = blob->len;
+    CMUint32 networkLen = htonl(len);
+    CMUint32 padlen = (((blob->len + 3)/4)*4);
+
+    *((CMUint32*)buf) = networkLen;
+    memcpy(buf + sizeof(CMUint32), blob->data, len);
+    memset(buf + sizeof(CMUint32) + len, 0, padlen - len);
+
+    return buf + sizeof(CMUint32) + padlen;
+}
+
+char *
+cmt_UnpackString(char *buf, char **str)
+{
+    char *p = NULL;
+    CMUint32 len, padlen;
+
+    /* Get the string length */
+    len = ntohl(*(CMUint32*)buf);
+
+    /* Get the padded length */
+    padlen = ((len + 3)/4)*4;
+
+    /* Allocate the string and copy the data */
+    p = (char *) malloc(len + 1);
+    if (!p) {
+        goto loser;
+    }
+    /* Copy the data and NULL terminate */
+    memcpy(p, buf+sizeof(CMUint32), len);
+    p[len] = 0;
+
+    *str = p;
+    return buf+sizeof(CMUint32)+padlen;
+loser:
+    *str = NULL;
+    if (p) {
+        free(p);
+    }
+    return buf+sizeof(CMUint32)+padlen;
+}
+
+char *
+cmt_UnpackBlob(char *buf, CMTItem **blob)
+{
+    CMTItem *p = NULL;
+    CMUint32 len, padlen;
+
+    /* Get the blob length */
+    len = ntohl(*(CMUint32*)buf);
+    
+    /* Get the padded length */
+    padlen = ((len + 3)/4)*4;
+
+    /* Allocate the CMTItem for the blob */
+    p = (CMTItem*)malloc(sizeof(CMTItem));
+    if (!p) {
+        goto loser;
+    }
+    p->len = len;
+    p->data = (unsigned char *) malloc(len);
+    if (!p->data) {
+        goto loser;
+    }
+
+    /* Copy that data across */
+    memcpy(p->data, buf+sizeof(CMUint32), len);
+    *blob = p;
+
+    return buf+sizeof(CMUint32)+padlen;
+
+loser:
+    *blob = NULL;
+    CMT_FreeMessage(p);
+
+    return buf+sizeof(CMUint32)+padlen;
+}
+
+#ifdef DEBUG_MESSAGES
+void prettyPrintMessage(CMTItem *msg)
+{
+  int numLines = ((msg->len+7)/8);
+  char curBuffer[9], *cursor, string[2], hexVal[8];
+  char hexArray[25];
+  int i, j, numToCopy;
+
+  /*Try printing out 8 bytes at a time. */
+  LOG("\n**********************************************************\n");
+  LOG("About to pretty Print Message\n\n");
+  curBuffer[9] = '\0';
+  hexArray[24] = '\0';
+  hexVal[2] = '\0';
+  string[1] = '\0';
+  LOG("Header Info\n");
+  LOG("Message Type: ");
+  sprintf(hexArray, "%lx\n", msg->type);
+  LOG(hexArray);
+  LOG("Message Length: ");
+  sprintf (hexArray, "%ld\n\n", msg->len);
+  LOG(hexArray);
+  LOG("Body of Message\n");
+  for (i=0, cursor=msg->data; i<numLines; i++, cursor+=8) {
+    /* First copy over the buffer to our local array */
+    numToCopy = ((msg->len - (unsigned int)((unsigned long)cursor-(unsigned long)msg->data)) < 8) ?
+                msg->len - (unsigned int)((unsigned long)cursor-(unsigned long)msg->data) : 8;
+    memcpy(curBuffer, cursor, 8);
+    for (j=0;j<numToCopy;j++) {
+      string[0] = curBuffer[j];
+      if (isprint(curBuffer[j])) {
+	string[0] = curBuffer[j];
+      } else {
+	string[0] = ' ';
+      }
+      LOG(string);
+    }
+    string[0] = ' ';
+    for (;j<8;j++) {
+      LOG(string);
+    }
+    LOG("\t");
+    for (j=0; j<numToCopy; j++) {
+      sprintf (hexVal,"%.2x", 0x0ff & (unsigned short)curBuffer[j]);
+      LOG(hexVal);
+      LOG(" ");
+    }
+    LOG("\n");
+  }
+  LOG("Done Pretty Printing Message\n");
+  LOG("**********************************************************\n\n");
+}
+#endif
+
+CMTStatus CMT_SendMessage(PCMT_CONTROL control, CMTItem* message)
+{
+	CMTStatus status;
+    CMUint32 msgCategory;
+    CMBool done = CM_FALSE;
+#ifdef PRINT_SEND_MESSAGES
+    LOG("About to print message sent to PSM\n");
+    prettyPrintMessage(message);
+#endif
+
+    /* Acquire lock on the control connection */
+    CMT_LOCK(control->mutex);
+
+    /* Try to send pending random data */
+    if (message->type != (SSM_REQUEST_MESSAGE | SSM_HELLO_MESSAGE))
+    {
+        /* If we've already said hello, then flush random data
+           just before sending the request. */
+        status = CMT_FlushPendingRandomData(control);
+        if (status != CMTSuccess)
+            goto loser;
+    }
+    
+	status = CMT_TransmitMessage(control, message);
+	if (status != CMTSuccess) {
+		goto loser;
+	}
+
+    /* We have to deal with other types of data on the socket and */
+    /* handle them accordingly */
+    while (!done) {
+    	status = CMT_ReceiveMessage(control, message);
+        if (status != CMTSuccess) {
+            goto loser;
+        }
+        msgCategory = (message->type & SSM_CATEGORY_MASK);
+        switch (msgCategory) {
+            case SSM_REPLY_OK_MESSAGE:
+                done = CM_TRUE;
+                break;
+            case SSM_REPLY_ERR_MESSAGE:
+                done = CM_TRUE;
+                break;
+            case SSM_EVENT_MESSAGE:
+                CMT_DispatchEvent(control, message);
+                break;
+            /* XXX FIX THIS!!! For the moment I'm ignoring all other types */
+            default:
+                break;
+        }
+    }
+
+    /* Release the control connection lock */
+    CMT_UNLOCK(control->mutex);
+	return CMTSuccess;
+loser:
+    /* Release the control connection lock */
+    CMT_UNLOCK(control->mutex);
+	return CMTFailure;
+}
+
+CMTStatus CMT_TransmitMessage(PCMT_CONTROL control, CMTItem * message)
+{
+    CMTMessageHeader header;
+	CMUint32 sent, rv;
+
+    /* Set up the message header */
+    header.type = htonl(message->type);
+    header.len = htonl(message->len);
+
+	/* Send the message header */
+	sent = CMT_WriteThisMany(control, control->sock, 
+                             (void *)&header, sizeof(CMTMessageHeader));
+	if (sent != sizeof(CMTMessageHeader)) {
+		goto loser;
+	}
+
+	/* Send the message body */
+	sent = CMT_WriteThisMany(control, control->sock, (void *)message->data, 
+                             message->len);
+	if (sent != message->len) {
+		goto loser;
+	}
+
+    /* Free the buffer */
+    free(message->data);
+    message->data = NULL;
+	return CMTSuccess;
+
+loser:
+	return CMTFailure;
+}
+
+CMTStatus CMT_ReceiveMessage(PCMT_CONTROL control, CMTItem * response)
+{
+    CMTMessageHeader header;
+    CMUint32 numread, rv;
+
+    /* Get the message header */
+    numread = CMT_ReadThisMany(control, control->sock, 
+                            (void *)&header, sizeof(CMTMessageHeader));
+    if (numread != sizeof(CMTMessageHeader)) {
+        goto loser;
+    }
+
+    response->type = ntohl(header.type);
+    response->len = ntohl(header.len);
+    response->data = (unsigned char *) malloc(response->len);
+    if (response->data == NULL) {
+        goto loser;
+    }
+
+    numread = CMT_ReadThisMany(control, control->sock, 
+                            (void *)(response->data), response->len); 
+    if (numread != response->len) {
+        goto loser;
+    }
+
+#ifdef PRINT_RECEIVE_MESSAGES
+    LOG("About to print message received from PSM.\n");
+    prettyPrintMessage(response);
+#endif /*PRINT_RECEIVE_MESSAGES*/
+    return CMTSuccess;
+loser:
+    if (response->data) {
+        free(response->data);
+    }
+    return CMTFailure;
+}
+
+CMUint32 CMT_ReadThisMany(PCMT_CONTROL control, CMTSocket sock, 
+                          void * buffer, CMUint32 thisMany)
+{
+	CMUint32 total = 0;
+  
+	while (total < thisMany) {
+		int got;
+		got = control->sockFuncs.recv(sock, (void*)((char*)buffer + total),
+                                      thisMany-total);
+		if (got < 0 ) {
+			break;
+		} 
+		total += got;
+	} 
+	return total;
+}
+ 
+CMUint32 CMT_WriteThisMany(PCMT_CONTROL control, CMTSocket sock, 
+                           void * buffer, CMUint32 thisMany)
+{
+	CMUint32 total = 0;
+  
+	while (total < thisMany) {
+		CMInt32 got;
+		got = control->sockFuncs.send(sock, (void*)((char*)buffer+total), 
+                                      thisMany-total);
+		if (got < 0) {
+			break;
+		}
+		total += got;
+	}
+	return total;
+}
+
+CMTItem* CMT_ConstructMessage(CMUint32 type, CMUint32 length)
+{
+    CMTItem * p;
+
+    p = (CMTItem*)malloc(sizeof(CMTItem));
+    if (!p) {
+	goto loser;
+    }
+
+    p->type = type;
+    p->len = length;
+    p->data = (unsigned char *) malloc(length);
+    if (!p->data) {
+	goto loser;
+    }
+    return p;
+
+loser:
+    CMT_FreeMessage(p);
+    return NULL;
+}
+
+void CMT_FreeMessage(CMTItem * p)
+{
+    if (p != NULL) {
+	if (p->data != NULL) {
+	    free(p->data);
+	}
+	free(p);
+    }
+}
+
+CMTStatus CMT_AddDataConnection(PCMT_CONTROL control, CMTSocket sock, 
+                                CMUint32 connectionID)
+{
+	PCMT_DATA ptr;
+
+	/* This is the first connection */
+	if (control->cmtDataConnections == NULL) {
+		control->cmtDataConnections = ptr = 
+            (PCMT_DATA)calloc(sizeof(CMT_DATA), 1);
+		if (!ptr) {
+			goto loser;
+		}
+	} else {
+	    /* Position at the last entry */
+	    for (ptr = control->cmtDataConnections; (ptr != NULL && ptr->next 
+                                                 != NULL); ptr = ptr->next);
+		ptr->next = (PCMT_DATA)calloc(sizeof(CMT_DATA), 1);
+		if (!ptr->next) {
+			goto loser;
+		} 
+		/* Fix up the pointers */
+		ptr->next->previous = ptr;
+		ptr = ptr->next;
+	}
+
+	/* Fill in the data */
+	ptr->sock = sock;
+	ptr->connectionID = connectionID;
+
+	return CMTSuccess;
+loser:
+	return CMTFailure;
+}
+
+int
+CMT_DestroyDataConnection(PCMT_CONTROL control, CMTSocket sock)
+{
+    PCMT_DATA ptr, pptr = NULL;
+    int rv=CMTSuccess;
+
+    control->sockFuncs.close(sock);
+    for (ptr = control->cmtDataConnections; ptr != NULL;
+	 pptr = ptr, ptr = ptr->next) {
+	if (ptr->sock == sock) {
+	    if (pptr == NULL) {
+		/* node is at head */
+		control->cmtDataConnections = ptr->next;
+		if (ptr->priv != NULL)
+		    ptr->priv->dest(ptr->priv);
+		free(ptr);
+		return rv;
+	    }
+	    /* node is elsewhere */
+	    pptr->next = ptr->next;
+	    if (ptr->priv != NULL)
+	        ptr->priv->dest(ptr->priv);
+	    free(ptr);
+	    return rv;
+	}
+    }
+    return rv;
+}
+
+CMTStatus CMT_CloseDataConnection(PCMT_CONTROL control, CMUint32 connectionID)
+{
+    /* PCMT_DATA ptr, pptr = NULL; */
+    CMTSocket sock;
+    /* int rv;*/
+
+    /* Get the socket for this connection */
+    if (CMT_GetDataSocket(control, connectionID, &sock) == CMTFailure) {
+        goto loser;
+    }
+
+    /* Free data connection associated with this socket */
+    if (CMT_DestroyDataConnection(control, sock) == CMTFailure) {
+        goto loser;
+    }
+
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+CMTStatus CMT_GetDataConnectionID(PCMT_CONTROL control, CMTSocket sock, CMUint32 * connectionID)
+{
+	PCMT_DATA ptr;
+
+	for (ptr = control->cmtDataConnections; ptr != NULL; ptr = ptr->next) {
+		if (ptr->sock == sock) {
+			*connectionID = ptr->connectionID;
+			return CMTSuccess;
+		}
+	}
+
+	return CMTFailure;
+}
+
+CMTStatus CMT_GetDataSocket(PCMT_CONTROL control, CMUint32 connectionID, CMTSocket * sock)
+{
+	PCMT_DATA ptr;
+
+	for (ptr = control->cmtDataConnections; ptr != NULL; ptr = ptr->next) {
+		if (ptr->connectionID == connectionID) {
+			*sock = ptr->sock;
+			return CMTSuccess;
+		}
+	}
+
+	return CMTFailure;
+}
+
+
+CMTStatus CMT_SetPrivate(PCMT_CONTROL control, CMUint32 connectionID,
+			 CMTPrivate *cmtpriv)
+{
+  PCMT_DATA ptr;
+
+  for (ptr = control->cmtDataConnections; ptr != NULL; ptr = ptr->next) {
+    if (ptr->connectionID == connectionID) {
+      ptr->priv = cmtpriv;
+      return CMTSuccess;
+    }
+  }
+  return CMTFailure;
+}
+
+CMTPrivate *CMT_GetPrivate(PCMT_CONTROL control, CMUint32 connectionID)
+{
+  PCMT_DATA ptr;
+
+  for (ptr = control->cmtDataConnections; ptr != NULL; ptr = ptr->next) {
+    if (ptr->connectionID == connectionID) {
+      return ptr->priv;
+    }
+  }
+  return NULL;
+}
+
+void CMT_FreeItem(CMTItem *p)
+{
+  CMT_FreeMessage(p);
+}
+
+CMTItem CMT_CopyPtrToItem(void* p)
+{
+    CMTItem value = {0, NULL, 0};
+
+    if (!p) {
+        return value;
+    }
+
+    value.len = sizeof(p);
+    value.data = (unsigned char *) malloc(value.len);
+    memcpy(value.data, &p, value.len);
+
+    return value;
+}
+
+void * CMT_CopyItemToPtr(CMTItem value)
+{
+    void * p = NULL;
+
+    if (value.len == sizeof(void*)) {
+        memcpy(&p, value.data, value.len);
+    }
+
+    return p;
+}
+
+CMTStatus CMT_ReferenceControlConnection(PCMT_CONTROL control)
+{
+    CMT_LOCK(control->mutex);
+    control->refCount++;
+    CMT_UNLOCK(control->mutex);
+    return CMTSuccess;
+}
+
+void
+CMT_LockConnection(PCMT_CONTROL control)
+{
+    CMT_LOCK(control->mutex);
+}
+
+void
+CMT_UnlockConnection(PCMT_CONTROL control)
+{
+    CMT_UNLOCK(control->mutex);
+}

mozilla/security/psm/lib/client/cmtutils.h

@@ -0,0 +1,75 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __CMTUTILS_H__
+#define __CMTUTILS_H__
+
+#include "cmtcmn.h"
+
+#define New(type) (type*)malloc(sizeof(type))
+#define NewArray(type, size) (type*)malloc(sizeof(type)*(size))
+
+PCMT_EVENT CMT_GetEventHandler(PCMT_CONTROL control, CMUint32 type,
+                               CMUint32 resourceID);
+
+CMUint32 cmt_Strlen(char *str);
+char *cmt_PackString(char *buf, char *str);
+char *cmt_UnpackString(char *buf, char **str);
+
+CMUint32 cmt_Bloblen(CMTItem* len);
+char *cmt_PackBlob(char *buf, CMTItem * blob);
+char *cmt_UnpackBlob(char *buf, CMTItem **blob);
+
+CMTStatus CMT_SendMessage(PCMT_CONTROL control, CMTItem* message);
+CMTStatus CMT_TransmitMessage(PCMT_CONTROL control, CMTItem * message);
+CMTStatus CMT_ReceiveMessage(PCMT_CONTROL control, CMTItem * response);
+CMUint32 CMT_ReadThisMany(PCMT_CONTROL control, CMTSocket sock, 
+			  void * buffer, CMUint32 thisMany);
+CMUint32 CMT_WriteThisMany(PCMT_CONTROL control, CMTSocket sock, 
+			   void * buffer, CMUint32 thisMany);
+CMTItem* CMT_ConstructMessage(CMUint32 type, CMUint32 length);
+void CMT_FreeMessage(CMTItem * p);
+CMTStatus CMT_AddDataConnection(PCMT_CONTROL control, CMTSocket sock, CMUint32 connectionID);
+CMTStatus CMT_GetDataConnectionID(PCMT_CONTROL control, CMTSocket sock, CMUint32 * connectionID);
+CMTStatus CMT_GetDataSocket(PCMT_CONTROL control, CMUint32 connectionID, CMTSocket * sock);
+CMTStatus CMT_CloseDataConnection(PCMT_CONTROL control, CMUint32 connectionID);
+CMTStatus CMT_SetPrivate(PCMT_CONTROL control, CMUint32 connectionID,
+			 CMTPrivate *cmtpriv);
+CMTPrivate *CMT_GetPrivate(PCMT_CONTROL control, CMUint32 connectionID);
+void CMT_ServicePasswordRequest(PCMT_CONTROL cm_control, CMTItem * requestData);
+void CMT_ProcessEvent(PCMT_CONTROL cm_control);
+void CMT_DispatchEvent(PCMT_CONTROL cm_control, CMTItem * eventData);
+CMTItem CMT_CopyPtrToItem(void* p);
+void * CMT_CopyItemToPtr(CMTItem value);
+
+#endif /* __CMTUTILS_H__ */
+

mozilla/security/psm/lib/client/config.mk

@@ -0,0 +1,44 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+#
+#  Override TARGETS variable so that only static libraries
+#  are specifed as dependencies within rules.mk.
+#
+
+TARGETS        = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PURE_LIBRARY   =
+PROGRAM        =
+

mozilla/security/psm/lib/client/makefile.win

@@ -0,0 +1,125 @@
+#// 
+#// The contents of this file are subject to the Mozilla Public
+#// License Version 1.1 (the "License"); you may not use this file
+#// except in compliance with the License. You may obtain a copy of
+#// the License at http://www.mozilla.org/MPL/
+#// 
+#// Software distributed under the License is distributed on an "AS
+#// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+#// implied. See the License for the specific language governing
+#// rights and limitations under the License.
+#// 
+#// The Original Code is the Netscape security libraries.
+#// 
+#// The Initial Developer of the Original Code is Netscape
+#// Communications Corporation.  Portions created by Netscape are 
+#// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+#// Rights Reserved.
+#// 
+#// Contributor(s):
+#// 
+#// Alternatively, the contents of this file may be used under the
+#// terms of the GNU General Public License Version 2 or later (the
+#// "GPL"), in which case the provisions of the GPL are applicable 
+#// instead of those above.  If you wish to allow use of your 
+#// version of this file only under the terms of the GPL and not to
+#// allow others to use your version of this file under the MPL,
+#// indicate your decision by deleting the provisions above and
+#// replace them with the notice and other provisions required by
+#// the GPL.  If you do not delete the provisions above, a recipient
+#// may use your version of this file under either the MPL or the
+#// GPL.
+#// 
+IGNORE_MANIFEST=1
+#//------------------------------------------------------------------------
+#//
+#// Makefile to build the ssl library
+#//
+#//------------------------------------------------------------------------
+
+!if "$(MOZ_BITS)" == "16"
+!ifndef MOZ_DEBUG
+OPTIMIZER=-Os -UDEBUG -DNDEBUG
+!endif
+!endif
+
+#//------------------------------------------------------------------------
+#//
+#// Specify the depth of the current directory relative to the
+#// root of NS
+#//
+#//------------------------------------------------------------------------
+DEPTH= ..\..\..\..
+
+!ifndef MAKE_OBJ_TYPE
+MAKE_OBJ_TYPE=EXE
+!endif
+
+#//------------------------------------------------------------------------
+#//
+#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
+#//
+#//------------------------------------------------------------------------
+LIBNAME=cmt
+PDBFILE=$(LIBNAME).pdb
+
+LINCS = -I$(PUBLIC)\security \
+	-I$(PUBLIC)\nspr \
+        -I$(DEPTH)\include \
+	-I..\include
+
+!ifndef OS_CONFIG
+OS_CONFIG = WIN$(MOZ_BITS)
+!endif
+
+LCFLAGS = -DEXPORT_VERSION -DLIB_BUILD
+
+#//------------------------------------------------------------------------
+#// 
+#// Define the files necessary to build the target (ie. OBJS)
+#//
+#//------------------------------------------------------------------------
+OBJS=                         \
+    .\$(OBJDIR)\cmtinit.obj  \
+    .\$(OBJDIR)\cmtssl.obj   \
+    .\$(OBJDIR)\cmtutils.obj  \
+    .\$(OBJDIR)\cmtpkcs7.obj \
+    .\$(OBJDIR)\cmthash.obj \
+    .\$(OBJDIR)\cmtcert.obj \
+    .\$(OBJDIR)\cmtres.obj \
+    .\$(OBJDIR)\cmtjs.obj \
+    .\$(OBJDIR)\cmtevent.obj \
+    .\$(OBJDIR)\cmtpasswd.obj \
+    .\$(OBJDIR)\cmtadvisor.obj \
+    .\$(OBJDIR)\cmtrng.obj \
+	.\$(OBJDIR)\cmtsdr.obj \
+    $(NULL)
+
+#//------------------------------------------------------------------------
+#//
+#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
+#// (these must be defined before the common makefiles are included)
+#//
+#//------------------------------------------------------------------------
+LIBRARY=.\$(OBJDIR)\$(LIBNAME).lib
+
+#//------------------------------------------------------------------------
+#//
+#// install headers
+#//
+#//------------------------------------------------------------------------
+INSTALL_DIR=$(PUBLIC)\security
+INSTALL_FILE_LIST=cmtcmn.h cmtjs.h cmtclist.h
+
+#//------------------------------------------------------------------------
+#//
+#// Include the common makefile rules
+#//
+#//------------------------------------------------------------------------
+include <$(DEPTH)/config/rules.mak>
+
+install:: $(LIBRARY)
+    $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
+
+export:: INSTALL_FILES
+

mozilla/security/psm/lib/client/manifest.mn

@@ -0,0 +1,64 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+CORE_DEPTH = ../../..
+DEPTH = ../../..
+
+EXPORTS = \
+	cmtcmn.h \
+	cmtjs.h  \
+	cmtclist.h \
+	$(NULL)
+
+MODULE = security
+
+CSRCS = cmtinit.c  \
+	cmtssl.c   \
+	cmtutils.c \
+	cmtcert.c  \
+	cmthash.c  \
+	cmtpkcs7.c \
+	cmtres.c   \
+	cmtjs.c    \
+	cmtevent.c \
+        cmtpasswd.c \
+	cmtadvisor.c \
+	cmtrng.c \
+	cmtsdr.c \
+	$(NULL)
+
+REQUIRES = nspr security
+
+LIBRARY_NAME = cmt
+
+INCLUDES += -I$(CORE_DEPTH)/include

mozilla/security/psm/lib/client/sample/Makefile

@@ -0,0 +1,128 @@
+#! gmake
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+
+ifneq ($(OS_ARCH), WINNT)
+ifeq ($(OS_ARCH), Linux)
+# On linux, we link with libstdc++
+CPLUSPLUSRUNTIME = -L /usr/lib -lstdc++ -lm
+else
+# libC, presumably, is what we must link with elsewhere
+CPLUSPLUSRUNTIME = -lC -lm
+endif
+endif
+
+ifeq ($(OS_ARCH), SunOS)
+ifeq ($(OS_RELEASE), 5.5.1)
+OS_LIBS += -ldl -lsocket -lnsl -lthread -lposix4
+endif
+ifeq ($(OS_RELEASE), 5.6)
+OS_LIBS += -ldl -lsocket -lnsl -lthread -lposix4
+endif
+endif
+
+ifeq ($(OS_ARCH), Linux)
+ifdef USE_PTHREADS
+# Replace OS_LIBS, because the order of libpthread, libdl, and libc are
+# very important. Otherwise you get horrible crashes.
+OS_LIBS = -lpthread -ldl -lc
+endif
+endif
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+
+ifeq ($(OS_ARCH), WINNT)
+LDFLAGS += /NODEFAULTLIB:library
+endif
+
+EXTRA_LIBS = \
+	$(DIST)/lib/$(LIB_PREFIX)cmt.$(LIB_SUFFIX) \
+	$(DIST)/lib/$(LIB_PREFIX)protocol.$(LIB_SUFFIX) \
+	$(NULL)
+
+ifeq ($(OS_ARCH), WINNT)
+EXTRA_LIBS += 	wsock32.lib \
+		winmm.lib \
+		$(NULL)
+endif
+
+link:
+	if test -f $(PROGRAM); then	\
+		echo "rm $(PROGRAM)";	\
+		rm $(PROGRAM);		\
+	fi;				\
+	gmake				\
+
+build_sample:
+ifneq ($(OS_ARCH),WINNT)
+	cd $(CORE_DEPTH)/coreconf; gmake
+endif
+	cd $(CORE_DEPTH)/security; gmake import; gmake export
+	cd ../../protocol; gmake
+	cd ..; gmake
+	gmake
+

mozilla/security/psm/lib/client/sample/appsock.c

@@ -0,0 +1,250 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmtcmn.h"
+#include "appsock.h"
+
+#ifdef XP_UNIX
+#include <netinet/tcp.h>
+#include <errno.h>
+#endif
+
+CMT_SocketFuncs socketFuncs = {
+    APP_GetSocket,
+    APP_Connect,
+    APP_VerifyUnixSocket,
+    APP_Send,
+    APP_Select,
+    APP_Receive,
+    APP_Shutdown,
+    APP_Close
+};
+
+CMTSocket APP_GetSocket(int unixSock)
+{
+    APPSocket *sock;
+    int on = 1;
+
+#ifndef XP_UNIX
+    if (unixSock) {
+        return NULL;
+    }
+#endif
+
+    sock = malloc(sizeof(APPSocket));
+    if (sock == NULL) {
+        return NULL;
+    }
+    if (unixSock) {
+        sock->sock = socket(AF_UNIX, SOCK_STREAM, 0);
+    } else {
+        sock->sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    }
+    if (sock->sock < 0) {
+        free(sock);
+        return NULL;
+    }
+    if (!unixSock && 
+        setsockopt(sock->sock, IPPROTO_TCP, TCP_NODELAY, (const char*)&on,
+                   sizeof(on))) {
+        free(sock);
+        return NULL;
+    }
+
+    sock->isUnix = unixSock;
+#ifdef XP_UNIX
+    memset (&sock->servAddr, 0, sizeof(struct sockaddr_un));
+#endif
+    return (CMTSocket)sock;
+}
+
+CMTStatus APP_Connect(CMTSocket sock, short port, char *path)
+{
+    APPSocket *cmSock = (APPSocket*)sock;
+    struct sockaddr_in iServAddr;
+    const struct sockaddr *servAddr;
+    size_t addrLen;
+    int error;
+
+    if (cmSock->isUnix){
+#ifndef XP_UNIX
+        return CMTFailure;
+#else
+        cmSock->servAddr.sun_family = AF_UNIX;
+	memcpy(&cmSock->servAddr.sun_path, path, strlen(path)+1);
+        servAddr = (const struct sockaddr*)&cmSock->servAddr;
+        addrLen = sizeof(cmSock->servAddr);
+#endif
+    } else {
+        iServAddr.sin_family = AF_INET;
+        iServAddr.sin_port = htons(port);
+        iServAddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+        servAddr = (const struct sockaddr*)&iServAddr;
+        addrLen = sizeof(struct sockaddr_in);
+    }
+    while (connect(cmSock->sock, servAddr, addrLen) != 0) {
+#ifdef WIN32
+        error = WSAGetLastError();
+        if (error == WSAEISCONN) {
+            break;
+        }
+        if ((error != WSAEINPROGRESS) && (error != WSAEWOULDBLOCK) && 
+            (error!= WSAEINVAL)) {
+            goto loser;
+        }
+#else
+        error = errno;
+        if (error == EISCONN) {
+            break;
+        }
+        if (error != EINPROGRESS) {
+            goto loser;
+        }
+#endif
+    }
+    return CMTSuccess;
+ loser:
+    return CMTFailure;
+}
+
+CMTStatus APP_VerifyUnixSocket(CMTSocket sock)
+{
+#ifndef XP_UNIX
+    return CMTFailure;
+#else
+    APPSocket *cmSock = (APPSocket*)sock;
+    int rv;
+    struct stat statbuf;
+
+    if (!cmSock->isUnix) {
+        return CMTFailure;
+    }
+    rv = stat(cmSock->servAddr.sun_path, &statbuf);
+    if (rv < 0) {
+        goto loser;
+    }
+    if (statbuf.st_uid != geteuid()) {
+        goto loser;
+    }
+    return CMTSuccess;
+ loser:
+    close(cmSock->sock);
+    free(cmSock);
+    return CMTFailure;
+#endif
+}
+
+size_t APP_Send(CMTSocket sock, void *buffer, size_t length)
+{
+    APPSocket *cmSock = (APPSocket*) sock;
+
+    return send(cmSock->sock, buffer, length, 0);
+}
+
+CMTSocket APP_Select(CMTSocket *socks, int numsocks, int poll)
+{
+    APPSocket **sockArr = (APPSocket**)socks;
+    SOCKET nsocks = 0;
+    int i, rv;
+    struct timeval timeout;
+    fd_set readfds;
+
+#ifdef WIN32
+win_startover:
+#endif
+    FD_ZERO(&readfds);
+    for (i=0; i<numsocks; i++) {
+        FD_SET(sockArr[i]->sock, &readfds);
+        if (sockArr[i]->sock > nsocks) {
+            nsocks = sockArr[i]->sock;
+        }
+    }
+    if (poll) {
+        timeout.tv_sec = 0;
+        timeout.tv_usec = 0;
+    }
+    rv = select(nsocks+1, &readfds, NULL, NULL, (poll) ? &timeout : NULL);
+
+#ifdef WIN32
+    /* XXX Win95/98 Bug (Q177346)
+     *     select() with no timeout might return even if there is no data
+     *     pending or no error has occurred.  To get around this problem,
+     *     we loop if these erroneous conditions happen.
+     */
+    if (poll == 0 && rv == 0) {
+        goto win_startover;
+    }
+#endif
+
+    /* Figure out which socket was selected */
+    if (rv == -1 || rv == 0) {
+        goto loser;
+    }
+    for (i=0; i<numsocks; i++) {
+        if (FD_ISSET(sockArr[i]->sock, &readfds)) {
+            return (CMTSocket)sockArr[i];
+        }
+    }
+ loser:
+    return NULL;
+}
+
+size_t APP_Receive(CMTSocket sock, void *buffer, size_t bufSize)
+{
+    APPSocket *cmSock = (APPSocket*)sock;
+
+    return recv(cmSock->sock, buffer, bufSize, 0);
+}
+
+CMTStatus APP_Shutdown(CMTSocket sock)
+{
+    APPSocket *cmSock = (APPSocket*)sock;
+    int rv;
+
+    rv = shutdown(cmSock->sock, 1);
+    return (rv == 0) ? CMTSuccess : CMTFailure;
+}
+
+CMTStatus APP_Close(CMTSocket sock)
+{
+    APPSocket *cmSock = (APPSocket*)sock;
+    int rv;
+
+#ifdef XP_UNIX
+    rv = close(cmSock->sock);
+#else
+    rv = closesocket(cmSock->sock);
+#endif
+    free(cmSock);
+    return (rv == 0) ? CMTSuccess : CMTFailure;
+}

mozilla/security/psm/lib/client/sample/appsock.h

@@ -0,0 +1,69 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef _APPSOCK_H_
+#define _APPSOCK_H_
+#include "cmtcmn.h"
+
+#ifdef XP_UNIX
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <sys/un.h>
+#include <sys/stat.h>
+
+typedef int SOCKET;
+#endif
+
+typedef struct APPSocketStr {
+    SOCKET sock;
+    int    isUnix;
+#ifdef XP_UNIX
+    struct sockaddr_un servAddr;
+#endif 
+} APPSocket; 
+
+extern CMT_SocketFuncs socketFuncs;
+
+CMTStatus APP_Close(CMTSocket sock);
+CMTStatus APP_Shutdown(CMTSocket sock);
+size_t APP_Receive(CMTSocket sock, void *buffer, size_t bufSize);
+CMTSocket APP_Select(CMTSocket *socks, int numsocks, int poll);
+size_t APP_Send(CMTSocket sock, void *buffer, size_t length);
+CMTStatus APP_VerifyUnixSocket(CMTSocket sock);
+CMTStatus APP_Connect(CMTSocket sock, short port, char *path);
+CMTSocket APP_GetSocket(int unixSock);
+
+
+#endif /* _APPSOCK_H_ */

mozilla/security/psm/lib/client/sample/config.mk

@@ -0,0 +1,44 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+#
+#  Override TARGETS variable so that only static libraries
+#  are specifed as dependencies within rules.mk.
+#
+
+TARGETS        = $(PROGRAM)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PURE_LIBRARY   =
+LIBRARY        =
+

mozilla/security/psm/lib/client/sample/manifest.mn

@@ -0,0 +1,52 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+CORE_DEPTH = ../../../../..
+
+# MODULE public and private header  directories are implicitly REQUIRED.
+MODULE	= cmtsample
+
+EXPORTS = \
+	$(NULL)
+
+CSRCS = \
+	sample.c \
+	appsock.c \
+	$(NULL)
+INCLUDES += -I../../protocol -I..
+
+# The MODULE is always implicitly required.
+# Listing it here in REQUIRES makes it appear twice in the cc command line.
+REQUIRES = security
+
+PROGRAM  = cmtsample
+

mozilla/security/psm/lib/client/sample/sample.c

@@ -0,0 +1,346 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmtcmn.h"
+#include "cmtjs.h"
+#include "appsock.h"
+#include <stdarg.h>
+#include <string.h>
+
+#ifdef XP_UNIX
+#include <netdb.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#endif
+
+#ifdef WIN32
+#include <direct.h>
+#endif
+
+/*
+ * This is a simple program that tries to detect if the psm server is loaded.
+ * If the server is not loaded, it will start it.  The program will then 
+ * connect to the server and fetch an HTML page from an SSL server.
+ *
+ * NOTE: This sample program does not implement a mutex for the libraries.
+ * If implementing a threaded application, then pass in a mutex structure
+ * so that connections to the psm server happen in a thread safe manner.
+ */
+
+#define NUM_CONNECT_TRIES 10
+#define READ_BUFFER_SIZE  1024
+void
+usage(void)
+{
+    printf("Usage:\n"
+           "\tcmtsample <secure site>\n\n"
+           "This program will then echo the retrieved HTML to the screen\n");
+}
+
+void
+errorMessage(int err,char *msg, ...)
+{
+    va_list args;
+    
+    va_start(args, msg);
+    fprintf (stderr, "cmtSample%s: ", (err) ? " error" : "");
+    vfprintf (stderr, msg, args);
+    fprintf (stderr, "\n");
+    va_end(args);
+    if (err) {
+        exit (err);
+    }
+}
+
+#ifdef XP_UNIX
+#define FILE_PATH_SEPARATOR '/'
+#elif defined (WIN32)
+#define FILE_PATH_SEPARATOR '\\'
+#else
+#error Tell me what the file path separator is.
+#endif
+
+PCMT_CONTROL
+connect_to_psm(void)
+{
+    PCMT_CONTROL control=NULL;
+    char path[256], *tmp;
+
+#ifdef XP_UNIX
+    if (getcwd(path,256) == NULL) {
+      return NULL;
+    }
+#elif defined(WIN32)
+    if (_getcwd(path,256) == NULL) {
+      return NULL;
+    }
+#else
+#error Teach me how to get the current working directory.
+#endif
+    tmp = &path[strlen(path)];
+    sprintf(tmp,"%c%s", FILE_PATH_SEPARATOR, "psm");
+    return CMT_EstablishControlConnection(path, &socketFuncs, NULL);
+}
+
+#define HTTPS_STRING "https://"
+
+char*
+extract_host_from_url(char *url)
+{
+    char *start, *end, *retString=NULL;
+
+    while(isspace(*url)) {
+        url++;
+    }
+    url = strdup(url);
+    start = strstr(url, HTTPS_STRING);
+    if (start == NULL) {
+        return NULL;
+    }
+    start += strlen(HTTPS_STRING);
+    /*
+     * Figure out the end of the host name.
+     */
+    end = strchr(start, ':');
+    if (end != NULL) {
+        *end = '\0';
+    } else {
+        end = strchr(start, '/');
+        if (end != NULL) {
+            *end = '\0';
+        } else {
+            end = strchr(start, ' ');
+            if (end != NULL) {
+                *end = '\0';
+            }
+        }
+    }
+    retString = strdup(start);
+    return retString;
+}
+
+CMUint32
+get_port_from_url(char *url)
+{
+    char *colon, *port;
+
+    url = strdup(url);
+    colon = strrchr(url, ':');
+    if (colon == NULL ||
+        !isdigit(colon[1])) {
+        /* Return the default SSL port. */
+        free(url);
+        return 443;
+    }
+    colon++;
+    port = colon;
+    while(isdigit(*colon))
+        colon++;
+    colon[1] = '\0';
+    free(url);
+    return (CMUint32)atol(port);
+}
+
+char*
+extract_get_target(char *url)
+{
+    char *slash;
+
+    slash = strstr(url, "//");
+    slash += 2;
+    slash = strchr(slash, '/');
+    if (slash != NULL)
+        return strdup (slash);
+    else 
+        return strdup ("/");
+}
+
+/*
+ * We'll use this function for prompting for a password.
+ */
+char*
+passwordCallback(void *arg, char *prompt, void *cotext, int isPaswd)
+{
+    char input[256];
+    
+    printf(prompt);
+    fgets(input, 256, stdin);
+
+    return strdup(input);
+}
+
+void
+freeCallback(char *userInput)
+{
+  free (userInput);
+}
+
+#define NUM_PREFS 2
+
+int 
+main(int argc, char **argv)
+{
+  PCMT_CONTROL control;
+    CMTSocket sock, selSock;
+    char *hostname;
+    struct hostent *host;
+    char *ipAddress;
+    char buffer[READ_BUFFER_SIZE];
+    size_t bytesRead;
+    struct sockaddr_in destAddr;
+    char *getString;
+    char requestString[256];
+    char *profile;
+    CMTSetPrefElement prefs[NUM_PREFS];
+    char profileDir[256];
+
+#ifdef WIN32
+    WORD WSAVersion = 0x0101;
+    WSADATA WSAData;
+
+    WSAStartup (WSAVersion, &WSAData);
+#endif
+
+    if (argc < 2) {
+        usage();
+        return 1;
+    }
+    errorMessage (0,"cmtsample v1.0");
+    errorMessage (0,"Will try connecting to site %s", argv[1]);
+    if (strstr(argv[1], "https://") == NULL) {
+        errorMessage(2,"%s is not a secure site", argv[1]);
+    }
+    control = connect_to_psm();
+    if (control == NULL) {
+        errorMessage(3, "Could not connect to the psm server");
+    }
+    /* 
+     * Now we have to send the hello message.
+     */
+
+#ifdef WIN32
+    profile = strdup("default");
+    sprintf(profileDir,"%s", "c:\\default");
+#elif defined (XP_UNIX)
+    profile = getenv("LOGNAME");
+    sprintf(profileDir, "%s/.netscape", getenv("HOME"));
+#else
+#error Teach me how to fill in the user profile.
+#endif
+    if (CMT_Hello(control, PROTOCOL_VERSION,
+		  profile, profileDir) != CMTSuccess)
+    {
+        errorMessage(10, "Failed to send the Hello Message.");
+    }
+    CMT_SetPromptCallback(control, passwordCallback, NULL);
+    CMT_SetAppFreeCallback(control, freeCallback);
+    /*
+     * Now pass along some preferences to psm.  We'll pass hard coded
+     * ones here, but apps should figure out a way to manage their user's
+     * preferences.
+     */
+    prefs[0].key   = "security.enable_ssl2";
+    prefs[0].value = "true";
+    prefs[0].type  = CMT_PREF_BOOL;
+    prefs[1].key   = "security.enable_ssl3";
+    prefs[1].value = "true";
+    prefs[1].type  = CMT_PREF_BOOL;
+    CMT_PassAllPrefs(control, NUM_PREFS, prefs);
+    hostname = extract_host_from_url(argv[1]);
+    host = gethostbyname(hostname);
+    if (host == NULL) {
+        errorMessage(11, "gethostbyname for %s failed", hostname);
+    }
+    if (host->h_length != 4) {
+        errorMessage(4, "Site %s uses IV v6 socket.  Not supported by psm.");
+    }
+    
+    /* Create the socket we will use to get the decrypted data back from
+     * the psm server.
+     */
+    sock = APP_GetSocket(0);
+    if (sock == NULL) {
+        errorMessage(5, "Could not create new socket for communication with "
+                        "the psm server.");
+    }
+    memcpy(&(destAddr.sin_addr.s_addr), host->h_addr, host->h_length);
+    ipAddress = inet_ntoa(destAddr.sin_addr);
+    errorMessage(0, "Mapped %s to the following IP address: %s", argv[1],
+                 ipAddress);
+
+    if (CMT_OpenSSLConnection(control, sock, SSM_REQUEST_SSL_DATA_SSL,
+                              get_port_from_url(argv[1]), ipAddress, 
+                              hostname, CM_FALSE, NULL) != CMTSuccess) {
+        errorMessage(6, "Could not open SSL connection to %s.", argv[1]);
+    }
+
+    getString = extract_get_target(argv[1]);
+    sprintf(requestString, 
+            "GET %s HTTP/1.0\r\n"
+            "\r\n", getString, hostname);
+    APP_Send(sock, requestString, strlen(requestString));
+    /*
+     * Now all we have to do is sit here and fetch the data from the
+     * socket.
+     */
+    errorMessage (0, "About to print out the fetched page.");
+    while ((selSock=APP_Select(&sock, 1, 0)) != NULL) {
+        if (selSock == sock) {
+            bytesRead = APP_Receive(sock, buffer, READ_BUFFER_SIZE-1);
+            if (bytesRead == -1 || bytesRead == 0) {
+                break;
+            }
+            buffer[bytesRead] = '\0';
+            fprintf(stderr, buffer);
+        }
+    }
+    fprintf(stderr,"\n");
+    if (bytesRead == -1) {
+        errorMessage(7, "Error receiving decrypted data from psm.");
+    }
+    errorMessage(0, "Successfully read the entire page.");
+    if (CMT_DestroyDataConnection(control, sock) != CMTSuccess) {
+        errorMessage(8, "Error destroygin the SSL data connection "
+                     "with the psm server.");
+    }
+    if (CMT_CloseControlConnection(control) != CMTSuccess) {
+        errorMessage(9, "Error closing the control connection.");
+    }
+    return 0;
+}
+
+
+
+

mozilla/security/psm/lib/client/test.c

@@ -0,0 +1,99 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "cmt.h"
+
+CMTStatus myCallback(CMTControl * control, CMTItem * event, void * arg);
+
+int main(int argc, char ** argv)
+{
+  CMTItem * msg, * event = NULL;
+  CMTStatus status;
+  int socket, datasocket;
+  int sent;
+  CMTControl * connect;
+  char * buffer = "some weird text that I feel like passing to server";
+  
+  connect = CMT_ControlConnect(myCallback, event);
+  
+  msg = CMT_ConstructMessage(10);
+
+  msg->type = (int)CMTClientMessage;
+  sprintf((char *)msg->data, "first msg!");
+
+  status = CMT_SendMessage(connect, msg, event);
+  if (status != SECSuccess)
+    perror("CMT_SendMessage");
+  
+  CMT_FreeEvent(event);
+  event = NULL;
+
+  sprintf((char *)msg->data, "second msg");
+  status = CMT_SendMessage(connect, msg, event);
+  if (status != SECSuccess)
+    perror("CMT_SendMessage");
+
+  datasocket = CMT_DataConnect(connect, NULL);
+  if (datasocket < 0) 
+    perror("CMT_DataConnect");
+  
+  sent = write(datasocket, (void *)buffer, strlen(buffer));
+  sent = write(datasocket, (void *)buffer, strlen(buffer));
+
+  close(datasocket);
+  
+  msg->type = (int)CMTClientMessage;
+  sprintf((char *)msg->data, "third msg!");
+  status = CMT_SendMessage(connect, msg, event);
+  if (status != SECSuccess)
+    perror("CMT_SendMessage"); 
+  
+  status = CMT_CloseControlConnection(connect);
+  if (status != SECSuccess)
+    perror("CMT_CloseControl");
+  
+  CMT_FreeMessage(msg);
+  CMT_FreeEvent(event);
+}
+
+CMTStatus myCallback(CMTControl * control, CMTItem * event, void * arg)
+{
+  if (event) 
+    printf("Event received is : type %d, data %s\n", event->type, event->data);
+  else printf("No event!\n");
+  if (arg) 
+    printf("Arg is %s\n", (char *)arg);
+  else printf("No arg!\n");
+
+
+  return SECSuccess;
+}

mozilla/security/psm/lib/macbuild/PSMPrefix.h

@@ -0,0 +1,3 @@
+
+
+#include "MacPrefix.h"

mozilla/security/psm/lib/macbuild/PSMPrefix_debug.h

@@ -0,0 +1,2 @@
+
+#include "MacPrefix_debug.h"

mozilla/security/psm/lib/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = client protocol
+
+include <$(DEPTH)\config\rules.mak>

mozilla/security/psm/lib/manifest.mn

@@ -0,0 +1,43 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+#
+
+CORE_DEPTH = ../..
+DEPTH      = ../..
+
+DIRS = protocol client
+
+#
+# these dirs are not built at the moment
+#
+#NOBUILD_DIRS = jar

mozilla/security/psm/lib/protocol/MANIFEST

@@ -0,0 +1,3 @@
+obscure.h
+rsrcids.h
+ssmdefs.h

mozilla/security/psm/lib/protocol/Makefile

@@ -0,0 +1,74 @@
+#! gmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+#
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+include config.mk
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+

mozilla/security/psm/lib/protocol/Makefile.in

@@ -0,0 +1,64 @@
+#! gmake
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+#
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+LIBRARY_NAME = protocol
+MODULE = security
+
+EXPORTS = \
+	protocol.h \
+	protocolf.h \
+	protocolport.h \
+	protocolnspr20.h \
+	protocolshr.h \
+	ssmdefs.h \
+	rsrcids.h \
+	messages.h \
+	newproto.h \
+	$(NULL)
+
+
+CSRCS  = newproto.c \
+	 templates.c \
+	 protocolshr.c \
+	 $(NULL)
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/security/psm/lib/protocol/config.mk

@@ -0,0 +1,44 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+#
+#  Override TARGETS variable so that only static libraries
+#  are specifed as dependencies within rules.mk.
+#
+
+TARGETS        = $(LIBRARY)
+SHARED_LIBRARY =
+IMPORT_LIBRARY =
+PURE_LIBRARY   =
+PROGRAM        =
+

mozilla/security/psm/lib/protocol/makefile.win

@@ -0,0 +1,124 @@
+#// 
+#// The contents of this file are subject to the Mozilla Public
+#// License Version 1.1 (the "License"); you may not use this file
+#// except in compliance with the License. You may obtain a copy of
+#// the License at http://www.mozilla.org/MPL/
+#// 
+#// Software distributed under the License is distributed on an "AS
+#// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+#// implied. See the License for the specific language governing
+#// rights and limitations under the License.
+#// 
+#// The Original Code is the Netscape security libraries.
+#// 
+#// The Initial Developer of the Original Code is Netscape
+#// Communications Corporation.  Portions created by Netscape are 
+#// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+#// Rights Reserved.
+#// 
+#// Contributor(s):
+#// 
+#// Alternatively, the contents of this file may be used under the
+#// terms of the GNU General Public License Version 2 or later (the
+#// "GPL"), in which case the provisions of the GPL are applicable 
+#// instead of those above.  If you wish to allow use of your 
+#// version of this file only under the terms of the GPL and not to
+#// allow others to use your version of this file under the MPL,
+#// indicate your decision by deleting the provisions above and
+#// replace them with the notice and other provisions required by
+#// the GPL.  If you do not delete the provisions above, a recipient
+#// may use your version of this file under either the MPL or the
+#// GPL.
+#// 
+IGNORE_MANIFEST=1
+#//------------------------------------------------------------------------
+#//
+#// Makefile to build the ssl library
+#//
+#//------------------------------------------------------------------------
+
+!if "$(MOZ_BITS)" == "16"
+!ifndef MOZ_DEBUG
+OPTIMIZER=-Os -UDEBUG -DNDEBUG
+!endif
+!endif
+
+#//------------------------------------------------------------------------
+#//
+#// Specify the depth of the current directory relative to the
+#// root of NS
+#//
+#//------------------------------------------------------------------------
+DEPTH= ..\..\..\..
+
+!ifndef MAKE_OBJ_TYPE
+MAKE_OBJ_TYPE=EXE
+!endif
+
+#//------------------------------------------------------------------------
+#//
+#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
+#//
+#//------------------------------------------------------------------------
+LIBNAME=protocol
+PDBFILE=$(LIBNAME).pdb
+
+LINCS = -I$(PUBLIC)\security \
+	-I$(PUBLIC)\nspr \
+        -I$(DEPTH)\include \
+	-I..\include
+
+!ifndef OS_CONFIG
+OS_CONFIG = WIN$(MOZ_BITS)
+!endif
+
+LCFLAGS = -DEXPORT_VERSION -DLIB_BUILD
+
+#//------------------------------------------------------------------------
+#// 
+#// Define the files necessary to build the target (ie. OBJS)
+#//
+#//------------------------------------------------------------------------
+OBJS=                         \
+    .\$(OBJDIR)\newproto.obj  \
+    .\$(OBJDIR)\templates.obj \
+    .\$(OBJDIR)\protocolshr.obj \
+    $(NULL)
+
+#//------------------------------------------------------------------------
+#//
+#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
+#// (these must be defined before the common makefiles are included)
+#//
+#//------------------------------------------------------------------------
+LIBRARY=.\$(OBJDIR)\$(LIBNAME).lib
+
+#//------------------------------------------------------------------------
+#//
+#// install headers
+#//
+#//------------------------------------------------------------------------
+INSTALL_DIR=$(PUBLIC)\security
+INSTALL_FILE_LIST= protocol.h \
+   protocolf.h \
+   protocolport.h \
+   protocolnspr20.h \
+   protocolshr.h \
+   ssmdefs.h \
+   rsrcids.h \
+   messages.h \
+   newproto.h \
+   $(NULL)
+
+#//------------------------------------------------------------------------
+#//
+#// Include the common makefile rules
+#//
+#//------------------------------------------------------------------------
+include <$(DEPTH)/config/rules.mak>
+
+install:: $(LIBRARY)
+    $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
+
+export:: INSTALL_FILES
+

mozilla/security/psm/lib/protocol/manifest.mn

@@ -0,0 +1,65 @@
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is the Netscape security libraries.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are 
+# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+# Rights Reserved.
+# 
+# Contributor(s):
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+CORE_DEPTH = ../../..
+
+EXPORTS = \
+	protocol.h \
+	protocolf.h \
+	protocolport.h \
+	protocolnspr20.h \
+	protocolshr.h \
+	ssmdefs.h \
+	rsrcids.h \
+	messages.h \
+	newproto.h \
+	$(NULL)
+
+MODULE = security
+CSRCS  = newproto.c \
+	 protocolshr.c \
+	 templates.c \
+	 $(NULL)
+
+ifeq ($(subst /,_,$(shell uname -s)),OS2)
+	CSRCS += os2_rand.c
+endif
+
+#	mac_rand.c
+#	unix_rand.c
+#	win_rand.c
+#	prelib.c
+
+REQUIRES = security dbm nspr
+
+LIBRARY_NAME = protocol

mozilla/security/psm/lib/protocol/messages.h

@@ -0,0 +1,620 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __MESSAGES_H__
+#define __MESSAGES_H__
+
+#include "newproto.h"
+
+typedef struct SingleNumMessage {
+  CMInt32 value;
+} SingleNumMessage;
+
+extern CMTMessageTemplate SingleNumMessageTemplate[];
+
+typedef struct SingleStringMessage {
+  char *string;
+} SingleStringMessage;
+
+extern CMTMessageTemplate SingleStringMessageTemplate[];
+
+typedef struct SingleItemMessage {
+  CMTItem item;
+} SingleItemMessage;
+
+extern CMTMessageTemplate SingleItemMessageTemplate[];
+
+typedef struct HelloRequest {
+  CMInt32 version;
+  CMInt32 policy;
+  CMBool doesUI;
+  char *profile;
+  char* profileDir;
+} HelloRequest;
+
+extern CMTMessageTemplate HelloRequestTemplate[];
+
+typedef struct HelloReply {
+  CMInt32 result;
+  CMInt32 sessionID;
+  CMInt32 version;
+  CMInt32 httpPort;
+  CMInt32 policy;
+  CMTItem nonce;
+  char *stringVersion;
+} HelloReply;
+
+extern CMTMessageTemplate HelloReplyTemplate[];
+
+typedef struct SSLDataConnectionRequest {
+  CMInt32 flags;
+  CMInt32 port;
+  char *hostIP;
+  char *hostName;
+  CMBool forceHandshake;
+  CMTItem clientContext;
+} SSLDataConnectionRequest;
+
+extern CMTMessageTemplate SSLDataConnectionRequestTemplate[];
+
+typedef struct TLSDataConnectionRequest {
+    CMInt32 port;
+    char* hostIP;
+    char* hostName;
+} TLSDataConnectionRequest;
+
+extern CMTMessageTemplate TLSDataConnectionRequestTemplate[];
+
+typedef struct TLSStepUpRequest {
+    CMUint32 connID;
+    CMTItem clientContext;
+} TLSStepUpRequest;
+
+extern CMTMessageTemplate TLSStepUpRequestTemplate[];
+
+typedef struct ProxyStepUpRequest {
+    CMUint32 connID;
+    CMTItem clientContext;
+    char* url;
+} ProxyStepUpRequest;
+
+extern CMTMessageTemplate ProxyStepUpRequestTemplate[];
+
+typedef struct PKCS7DataConnectionRequest {
+    CMUint32 resID;
+    CMTItem clientContext;
+} PKCS7DataConnectionRequest;
+
+extern CMTMessageTemplate PKCS7DataConnectionRequestTemplate[];
+
+typedef struct DataConnectionReply {
+  CMInt32 result;
+  CMInt32 connID;
+  CMInt32 port;
+} DataConnectionReply;
+
+extern CMTMessageTemplate DataConnectionReplyTemplate[];
+
+typedef struct UIEvent {
+  CMInt32 resourceID;
+  CMInt32 width;
+  CMInt32 height;
+  CMBool isModal;
+  char *url;
+  CMTItem clientContext;
+} UIEvent;
+
+extern CMTMessageTemplate UIEventTemplate[];
+extern CMTMessageTemplate OldUIEventTemplate[];
+
+typedef struct TaskCompletedEvent {
+  CMInt32 resourceID;
+  CMInt32 numTasks;
+  CMInt32 result;
+} TaskCompletedEvent;
+
+extern CMTMessageTemplate TaskCompletedEventTemplate[];
+
+typedef struct VerifyDetachedSigRequest {
+  CMInt32 pkcs7ContentID;
+  CMInt32 certUsage;
+  CMInt32 hashAlgID;
+  CMBool keepCert;
+  CMTItem hash;
+} VerifyDetachedSigRequest;
+
+extern CMTMessageTemplate VerifyDetachedSigRequestTemplate[];
+
+typedef struct CreateSignedRequest {
+  CMInt32 scertRID;
+  CMInt32 ecertRID;
+  CMInt32 dig_alg;
+  CMTItem digest;
+} CreateSignedRequest;
+
+extern CMTMessageTemplate CreateSignedRequestTemplate[];
+
+typedef struct CreateContentInfoReply {
+  CMInt32 ciRID;
+  CMInt32 result;
+  CMInt32 errorCode;
+} CreateContentInfoReply;
+
+extern CMTMessageTemplate CreateContentInfoReplyTemplate[];
+
+typedef struct CreateEncryptedRequest {
+  CMInt32 scertRID;
+  CMInt32 nrcerts;
+  CMInt32 *rcertRIDs;
+} CreateEncryptedRequest;
+
+extern CMTMessageTemplate CreateEncryptedRequestTemplate[];
+
+typedef struct CreateResourceRequest {
+  CMInt32 type;
+  CMTItem params;
+} CreateResourceRequest;
+
+extern CMTMessageTemplate CreateResourceRequestTemplate[];
+
+typedef struct CreateResourceReply {
+  CMInt32 result;
+  CMInt32 resID;
+} CreateResourceReply;
+
+extern CMTMessageTemplate CreateResourceReplyTemplate[];
+
+typedef struct GetAttribRequest {
+  CMInt32 resID;
+  CMInt32 fieldID;
+} GetAttribRequest;
+
+extern CMTMessageTemplate GetAttribRequestTemplate[];
+
+typedef struct GetAttribReply {
+  CMInt32 result;
+  SSMAttributeValue value;
+} GetAttribReply;
+
+extern CMTMessageTemplate GetAttribReplyTemplate[];
+
+typedef struct SetAttribRequest {
+  CMInt32 resID;
+  CMInt32 fieldID;
+  SSMAttributeValue value;
+} SetAttribRequest;
+
+extern CMTMessageTemplate SetAttribRequestTemplate[];
+
+typedef struct PickleResourceReply {
+    CMInt32 result;
+    CMTItem blob;
+} PickleResourceReply;
+
+extern CMTMessageTemplate PickleResourceReplyTemplate[];
+
+typedef struct UnpickleResourceRequest {
+  CMInt32 resourceType;
+  CMTItem resourceData;
+} UnpickleResourceRequest;
+
+extern CMTMessageTemplate UnpickleResourceRequestTemplate[];
+
+typedef struct UnpickleResourceReply {
+    CMInt32 result;
+    CMInt32 resID;
+} UnpickleResourceReply;
+
+extern CMTMessageTemplate UnpickleResourceReplyTemplate[];
+
+typedef struct PickleSecurityStatusReply {
+    CMInt32 result;
+    CMInt32 securityLevel;
+    CMTItem blob;
+} PickleSecurityStatusReply;
+
+extern CMTMessageTemplate PickleSecurityStatusReplyTemplate[];
+
+typedef struct DupResourceReply {
+    CMInt32 result;
+    CMUint32 resID;
+} DupResourceReply;
+
+extern CMTMessageTemplate DupResourceReplyTemplate[];
+
+typedef struct DestroyResourceRequest {
+  CMInt32 resID;
+  CMInt32 resType;
+} DestroyResourceRequest;
+
+extern CMTMessageTemplate DestroyResourceRequestTemplate[];
+
+typedef struct VerifyCertRequest {
+  CMInt32 resID;
+  CMInt32 certUsage;
+} VerifyCertRequest;
+
+extern CMTMessageTemplate VerifyCertRequestTemplate[];
+
+typedef struct AddTempCertToDBRequest {
+  CMInt32 resID;
+  char *nickname;
+  CMInt32 sslFlags;
+  CMInt32 emailFlags;
+  CMInt32 objSignFlags;
+} AddTempCertToDBRequest;
+
+extern CMTMessageTemplate AddTempCertToDBRequestTemplate[];
+
+typedef struct MatchUserCertRequest {
+  CMInt32 certType;
+  CMInt32 numCANames;
+  char **caNames;
+} MatchUserCertRequest;
+
+extern CMTMessageTemplate MatchUserCertRequestTemplate[];
+
+typedef struct MatchUserCertReply {
+  CMInt32 numCerts;
+  CMInt32 *certs;
+} MatchUserCertReply;
+
+extern CMTMessageTemplate MatchUserCertReplyTemplate[];
+
+typedef struct EncodeCRMFReqRequest {
+    CMInt32 numRequests;
+    CMInt32 * reqIDs;
+} EncodeCRMFReqRequest;
+
+extern CMTMessageTemplate EncodeCRMFReqRequestTemplate[];
+
+typedef struct CMMFCertResponseRequest {
+    char *nickname;
+    char *base64Der;
+    CMBool doBackup;
+    CMTItem clientContext;
+} CMMFCertResponseRequest;
+
+extern CMTMessageTemplate CMMFCertResponseRequestTemplate[];
+
+typedef struct PasswordRequest {
+    CMInt32 tokenKey;
+    char *prompt;
+    CMTItem clientContext;
+} PasswordRequest;
+
+extern CMTMessageTemplate PasswordRequestTemplate[];
+
+typedef struct PasswordReply {
+    CMInt32 result;
+    CMInt32 tokenID;
+    char * passwd;
+} PasswordReply;
+
+extern CMTMessageTemplate PasswordReplyTemplate[];
+
+typedef struct KeyPairGenRequest {
+    CMInt32 keyGenCtxtID;
+    CMInt32 genMechanism;
+    CMInt32 keySize;
+    CMTItem params;
+} KeyPairGenRequest;
+
+extern CMTMessageTemplate KeyPairGenRequestTemplate[];
+
+typedef struct DecodeAndCreateTempCertRequest {
+    CMInt32 type;
+    CMTItem cert;
+} DecodeAndCreateTempCertRequest;
+
+extern CMTMessageTemplate DecodeAndCreateTempCertRequestTemplate[];
+
+typedef struct GenKeyOldStyleRequest {
+    char *choiceString;
+    char *challenge;
+    char *typeString;
+    char *pqgString;
+} GenKeyOldStyleRequest;
+
+extern CMTMessageTemplate GenKeyOldStyleRequestTemplate[];
+
+typedef struct GenKeyOldStyleTokenRequest {
+    CMInt32 rid;
+    CMInt32 numtokens;
+    char ** tokenNames;
+} GenKeyOldStyleTokenRequest;
+
+extern CMTMessageTemplate GenKeyOldStyleTokenRequestTemplate[];
+
+typedef struct GenKeyOldStyleTokenReply {
+    CMInt32 rid;
+    CMBool cancel;
+    char * tokenName;
+} GenKeyOldStyleTokenReply;
+
+extern CMTMessageTemplate GenKeyOldStyleTokenReplyTemplate[];
+
+typedef struct GenKeyOldStylePasswordRequest {
+    CMInt32 rid;
+    char * tokenName;
+    CMBool internal;
+    CMInt32 minpwdlen;
+    CMInt32 maxpwdlen;
+} GenKeyOldStylePasswordRequest;
+
+extern CMTMessageTemplate GenKeyOldStylePasswordRequestTemplate[];
+
+typedef struct GenKeyOldStylePasswordReply {
+    CMInt32 rid;
+    CMBool cancel;
+    char * password;
+} GenKeyOldStylePasswordReply;
+
+extern CMTMessageTemplate GenKeyOldStylePasswordReplyTemplate[];
+
+typedef struct GetKeyChoiceListRequest {
+    char *type;
+    char *pqgString;
+} GetKeyChoiceListRequest;
+
+extern CMTMessageTemplate GetKeyChoiceListRequestTemplate[];
+
+typedef struct GetKeyChoiceListReply {
+    CMInt32 nchoices;
+    char **choices;
+} GetKeyChoiceListReply;
+
+extern CMTMessageTemplate GetKeyChoiceListReplyTemplate[];
+
+typedef struct AddNewSecurityModuleRequest {
+    char *moduleName;
+    char *libraryPath;
+    CMInt32 pubMechFlags;
+    CMInt32 pubCipherFlags;
+} AddNewSecurityModuleRequest;
+
+extern CMTMessageTemplate AddNewSecurityModuleRequestTemplate[];
+
+typedef struct FilePathRequest {
+    CMInt32 resID;
+    char *prompt;
+    CMBool getExistingFile;
+    char *fileRegEx;
+} FilePathRequest;
+
+extern CMTMessageTemplate FilePathRequestTemplate[];
+
+typedef struct FilePathReply {
+    CMInt32 resID;
+    char *filePath;
+} FilePathReply;
+
+extern CMTMessageTemplate FilePathReplyTemplate[];
+
+typedef struct PasswordPromptReply {
+    CMInt32 resID;
+    char *promptReply;
+} PasswordPromptReply;
+
+extern CMTMessageTemplate PasswordPromptReplyTemplate[];
+
+typedef struct SignTextRequest {
+    CMInt32 resID;
+    char *stringToSign;
+    char *hostName;
+    char *caOption;
+    CMInt32 numCAs;
+    char** caNames;
+} SignTextRequest;
+
+extern CMTMessageTemplate SignTextRequestTemplate[];
+
+typedef struct GetLocalizedTextReply {
+    CMInt32 whichString;
+    char *localizedString;
+} GetLocalizedTextReply;
+
+extern CMTMessageTemplate GetLocalizedTextReplyTemplate[];
+
+typedef struct ImportCertReply {
+    CMInt32 result;
+    CMInt32 resID;
+} ImportCertReply;
+
+extern CMTMessageTemplate ImportCertReplyTemplate[];
+
+typedef struct PromptRequest {
+    CMInt32 resID;
+    char *prompt;
+    CMTItem clientContext;
+} PromptRequest;
+
+extern CMTMessageTemplate PromptRequestTemplate[];
+
+typedef struct PromptReply {
+    CMInt32 resID;
+    CMBool cancel;
+    char *promptReply;
+} PromptReply;
+
+extern CMTMessageTemplate PromptReplyTemplate[];
+
+typedef struct RedirectCompareReqeust {
+    CMTItem socketStatus1Data;
+    CMTItem socketStatus2Data;
+} RedirectCompareRequest;
+
+extern CMTMessageTemplate RedirectCompareRequestTemplate[];
+
+typedef struct DecodeAndAddCRLRequest {
+    CMTItem  derCrl;
+    CMUint32 type;
+    char *url;
+} DecodeAndAddCRLRequest;
+
+extern CMTMessageTemplate DecodeAndAddCRLRequestTemplate[];
+
+typedef struct SecurityAdvisorRequest {
+    CMInt32 infoContext;
+    CMInt32 resID;
+    char * hostname;
+	char * senderAddr;
+    CMUint32 encryptedP7CInfo;
+    CMUint32 signedP7CInfo;
+    CMInt32 decodeError;
+    CMInt32 verifyError;
+	CMBool encryptthis;
+	CMBool signthis;
+	CMInt32 numRecipients;
+	char ** recipients;
+} SecurityAdvisorRequest;
+
+extern CMTMessageTemplate SecurityAdvisorRequestTemplate[];
+
+/* "SecurityConfig" javascript related message templates */
+typedef struct SCAddTempCertToPermDBRequest {
+    CMTItem certKey;
+    char* trustStr;
+    char* nickname;
+} SCAddTempCertToPermDBRequest;
+
+extern CMTMessageTemplate SCAddTempCertToPermDBRequestTemplate[];
+
+typedef struct SCDeletePermCertsRequest {
+    CMTItem certKey;
+    CMBool deleteAll;
+} SCDeletePermCertsRequest;
+
+extern CMTMessageTemplate SCDeletePermCertsRequestTemplate[];
+
+typedef struct TimeMessage {
+    CMInt32 year;
+    CMInt32 month;
+    CMInt32 day;
+    CMInt32 hour;
+    CMInt32 minute;
+    CMInt32 second;
+} TimeMessage;
+
+extern CMTMessageTemplate TimeMessageTemplate[];
+
+typedef struct CertEnumElement {
+    char* name;
+    CMTItem certKey;
+} CertEnumElement;
+
+typedef struct SCCertIndexEnumReply {
+      int length;
+      CertEnumElement* list;
+} SCCertIndexEnumReply;
+
+extern CMTMessageTemplate SCCertIndexEnumReplyTemplate[];
+
+/* Test message */
+typedef struct TestListElement {
+	char * name;
+	char * value;
+} TestListElement;
+
+typedef struct TestList {
+	char *listName;
+	int numElements;
+	TestListElement *elements;
+} TestList;
+
+extern CMTMessageTemplate TestListTemplate[];
+
+/* Preference-related structs */
+typedef struct SetPrefElement {
+    char* key;
+    char* value;
+    CMInt32 type;
+} SetPrefElement;
+
+typedef struct SetPrefListMessage {
+    int length;
+    SetPrefElement* list;
+} SetPrefListMessage;
+
+extern CMTMessageTemplate SetPrefListMessageTemplate[];
+
+typedef struct GetPrefElement {
+    char* key;
+    CMInt32 type;
+} GetPrefElement;
+
+typedef struct GetPrefListRequest {
+    int length;
+    GetPrefElement* list;
+} GetPrefListRequest;
+
+extern CMTMessageTemplate GetPrefListRequestTemplate[];
+
+typedef struct GetCertExtension {
+    CMUint32 resID;
+    CMUint32 extension;
+} GetCertExtension;
+
+extern CMTMessageTemplate GetCertExtensionTemplate[];
+
+typedef struct HTMLCertInfoRequest {
+    CMUint32 certID;
+    CMUint32 showImages;
+    CMUint32 showIssuer;
+} HTMLCertInfoRequest;
+
+extern CMTMessageTemplate HTMLCertInfoRequestTemplate[];
+
+typedef struct EncryptRequestMessage
+{
+  CMTItem keyid;  /* May have length 0 for default */
+  CMTItem data;
+  CMTItem ctx;  /* serialized void* ptr */
+} EncryptRequestMessage;
+
+extern CMTMessageTemplate EncryptRequestTemplate[];
+
+typedef struct SingleItemMessage EncryptReplyMessage;
+#define EncryptReplyTemplate SingleItemMessageTemplate
+
+typedef struct DecryptRequestMessage
+{
+  CMTItem data;
+  CMTItem ctx;  /* serialized void* ptr */
+} DecryptRequestMessage;
+extern CMTMessageTemplate DecryptRequestTemplate[];
+
+typedef struct SingleItemMessage DecryptReplyMessage;
+#define DecryptReplyTemplate SingleItemMessageTemplate
+
+#endif /* __MESSAGES_H__ */

mozilla/security/psm/lib/protocol/newproto.c

@@ -0,0 +1,602 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include <string.h>
+#include <assert.h>
+#ifdef WIN32
+#include <winsock.h>
+#endif
+#ifdef XP_MAC
+#include "macsocket.h"
+#endif
+
+#include "newproto.h"
+
+char SSMVersionString[] = "1.1";
+
+CMT_Alloc_fn cmt_alloc = malloc;
+CMT_Free_fn cmt_free = free;
+
+#define ASSERT(x) assert(x)
+
+#define CM_ntohl ntohl
+#define CM_htonl htonl
+
+
+/*************************************************************
+ *
+ * CMT_Init
+ *
+ *
+ ************************************************************/
+void
+CMT_Init(CMT_Alloc_fn allocfn, CMT_Free_fn freefn)
+{
+    cmt_alloc = allocfn;
+    cmt_free = freefn;
+}
+
+static CMTStatus
+decode_int(unsigned char **curptr, void *dest, CMInt32 *remaining)
+{
+    CMInt32 datalen = sizeof(CMInt32);
+
+    if (*remaining < datalen)
+        return CMTFailure;
+    *(CMInt32 *)dest = ntohl(**(CMInt32 **)curptr);
+    *remaining -= datalen;
+    *curptr += datalen;
+    return CMTSuccess;
+}
+
+static CMTStatus
+decode_string(unsigned char **curptr, CMInt32 *len,
+              unsigned char **data, CMInt32 *remaining)
+{
+    CMTStatus rv;
+    CMInt32 datalen;
+
+    rv = decode_int(curptr, len, remaining);
+    if (rv != CMTSuccess)
+        return CMTFailure;
+
+    /* NULL string */
+    if (*len == 0) {
+        *data = NULL;
+        goto done;
+    }
+
+    datalen = (*len + 3) & ~3;
+    if (*remaining < datalen)
+        return CMTFailure;
+
+    *data = (unsigned char *) cmt_alloc(*len + 1);
+    if (*data == NULL)
+        return CMTFailure;
+
+    memcpy(*data, *curptr, *len);
+    (*data)[*len] = 0;
+    *remaining -= datalen;
+    *curptr += datalen;
+done:
+    return CMTSuccess;
+}
+
+/*************************************************************
+ * CMT_DecodeMessage
+ *
+ * Decode msg into dest as specified by tmpl.
+ *
+ ************************************************************/
+CMTStatus
+CMT_DecodeMessage(CMTMessageTemplate *tmpl, void *dest, CMTItem *msg)
+{
+    unsigned char *curptr, *destptr, *list;
+	void ** ptr;
+    CMInt32 remaining, len, choiceID = 0, listSize, listCount = 0;
+    CMBool inChoice = CM_FALSE, foundChoice = CM_FALSE, inList = CM_FALSE;
+    CMInt32 listItemSize = 0;
+    CMTStatus rv = CMTSuccess;
+	CMTMessageTemplate *startOfList, *p;
+	CMBool inStructList = CM_FALSE;
+
+    curptr = msg->data;
+    remaining = msg->len;
+
+    while(tmpl->type != CMT_DT_END) {
+        /* XXX Maybe this should be a more formal state machine? */
+        if (inChoice) {
+            if (tmpl->type == CMT_DT_END_CHOICE) {
+                if (!foundChoice)
+                    goto loser;
+                inChoice = CM_FALSE;
+                foundChoice = CM_FALSE;
+                tmpl++;
+                continue;
+            }
+            if (choiceID != tmpl->choiceID) {
+                tmpl++;
+                continue;  /* Not this option */
+            } else {
+                foundChoice = CM_TRUE;
+            }
+        }
+        if (inList) {
+            destptr = &list[listCount * listItemSize];
+            listCount++;
+        } else {
+			if (inStructList) {
+				destptr = tmpl->offset + list;
+			} else {
+				destptr = tmpl->offset + (unsigned char *)dest;
+			}
+        }
+        switch (tmpl->type) {
+          case CMT_DT_RID:
+          case CMT_DT_INT:
+          case CMT_DT_BOOL:
+            rv = decode_int(&curptr, destptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            break;
+          case CMT_DT_STRING:
+            rv = decode_string(&curptr, &len, (unsigned char **)destptr,
+                               &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            break;
+          case CMT_DT_ITEM:
+            rv = decode_string(&curptr, (long *) &((CMTItem *)destptr)->len,
+                               &((CMTItem *)destptr)->data, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            break;
+          case CMT_DT_LIST:
+            /* XXX This is too complicated */
+            rv = decode_int(&curptr, destptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            listSize = *(CMInt32 *)destptr;
+            tmpl++;
+            if (tmpl->type == CMT_DT_STRING) {
+                listItemSize = sizeof(unsigned char *);
+            } else if (tmpl->type == CMT_DT_ITEM) {
+                listItemSize = sizeof(CMTItem);
+            } else {
+                listItemSize = sizeof(CMInt32);
+            }
+            if (listSize == 0) {
+                list = NULL;
+            } else {
+                list = (unsigned char *) cmt_alloc(listSize * listItemSize);
+            }
+            *(void **)(tmpl->offset + (unsigned char *)dest) = list;
+            inList = CM_TRUE;
+            listCount = 0;
+            break;
+          case CMT_DT_STRUCT_LIST:
+            /* XXX This is too complicated */
+            rv = decode_int(&curptr, destptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            listSize = *(CMInt32 *)destptr;
+            tmpl++;
+			if (tmpl->type != CMT_DT_STRUCT_PTR) {
+				goto loser;
+			}
+			ptr = (void**)(tmpl->offset + (unsigned char *)dest);
+			startOfList = tmpl;
+			p = tmpl;
+			listItemSize = 0;
+			while (p->type != CMT_DT_END_STRUCT_LIST) {
+				if (p->type == CMT_DT_STRING) {
+					listItemSize += sizeof(unsigned char *);
+				} else if (p->type == CMT_DT_ITEM) {
+					listItemSize += sizeof(CMTItem);
+				} else if (p->type == CMT_DT_INT) {
+	                listItemSize += sizeof(CMInt32);
+		        }
+				p++;
+			}
+            if (listSize == 0) {
+                list = NULL;
+            } else {
+                list = (unsigned char *) cmt_alloc(listSize * listItemSize);
+            }
+            *ptr = list;
+            inStructList = CM_TRUE;
+            listCount = 0;
+            break;
+		  case CMT_DT_END_STRUCT_LIST:
+			listCount++;
+			if (listCount == listSize) {
+				inStructList = CM_FALSE;
+			} else {
+				list += listItemSize;
+				tmpl = startOfList;
+			}
+			break;
+          case CMT_DT_CHOICE:
+            rv = decode_int(&curptr, destptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            choiceID = *(CMInt32 *)destptr;
+            inChoice = CM_TRUE;
+            foundChoice = CM_FALSE;
+            break;
+          case CMT_DT_END_CHOICE: /* Loop should exit before we see these. */
+          case CMT_DT_END:
+          default:
+            ASSERT(0);
+            break;
+        }
+        if (inList) {
+            if (listCount == listSize) {
+                inList = CM_FALSE;
+                tmpl++;
+            }
+        } else {
+            tmpl++;
+        }
+    }
+loser:
+    /* Free the data buffer */
+    if (msg->data) {
+        cmt_free(msg->data);
+        msg->data = NULL;
+    }
+    return rv;
+}
+
+static CMTStatus
+calc_msg_len(CMTMessageTemplate *tmpl, void *src, CMInt32 *len_out)
+{
+    CMInt32 len = 0, choiceID = 0, listSize, listItemSize, listCount;
+    unsigned char *srcptr, *list;
+    CMBool inChoice = CM_FALSE, inList = CM_FALSE, foundChoice = CM_FALSE;
+	CMTMessageTemplate *startOfList, *p;
+	CMBool inStructList = CM_FALSE;
+
+    while(tmpl->type != CMT_DT_END) {
+        if (inChoice) {
+            if (tmpl->type == CMT_DT_END_CHOICE) {
+                if (!foundChoice)
+                    goto loser;
+                inChoice = CM_FALSE;
+                foundChoice = CM_FALSE;
+                tmpl++;
+                continue;
+            }
+            if (choiceID != tmpl->choiceID) {
+                tmpl++;
+                continue;  /* Not this option */
+            } else {
+                foundChoice = CM_TRUE;
+            }
+        }
+        if (inList) {
+            srcptr = &list[listCount * listItemSize];
+            listCount++;
+        } else if (inStructList) {
+			srcptr = tmpl->offset + list;
+		} else {
+            srcptr = tmpl->offset + (unsigned char *)src;
+        }
+        switch(tmpl->type) {
+          case CMT_DT_RID:
+          case CMT_DT_INT:
+          case CMT_DT_BOOL:
+            len += sizeof(CMInt32);
+            break;
+          case CMT_DT_STRING:
+            len += sizeof(CMInt32);
+            /* Non NULL string */
+            if (*(char**)srcptr) {
+                len += (strlen(*(char**)srcptr) + 4) & ~3;
+            }
+            break;
+          case CMT_DT_ITEM:
+            len += sizeof(CMInt32);
+            len += (((CMTItem *)srcptr)->len + 3) & ~3;
+            break;
+          case CMT_DT_LIST:
+            len += sizeof(CMInt32);
+            listSize = *(CMInt32 *)srcptr;
+            tmpl++;
+            if (tmpl->type == CMT_DT_STRING) {
+                listItemSize = sizeof(unsigned char *);
+            } else if (tmpl->type == CMT_DT_ITEM) {
+                listItemSize = sizeof(CMTItem);
+            } else {
+                listItemSize = sizeof(CMInt32);
+            }
+            list = *(unsigned char **)(tmpl->offset + (unsigned char *)src);
+            listCount = 0;
+            inList = CM_TRUE;
+            break;
+		  case CMT_DT_STRUCT_LIST:
+			len += sizeof(CMInt32);
+			listSize = *(CMInt32 *)srcptr;
+			tmpl++;
+			if (tmpl->type != CMT_DT_STRUCT_PTR) {
+				goto loser;
+			}
+			list = *(unsigned char**)(tmpl->offset + (unsigned char*)src);
+			startOfList = tmpl;
+			p = tmpl;
+			listItemSize = 0;
+			while (p->type != CMT_DT_END_STRUCT_LIST) {
+				if (p->type == CMT_DT_STRING) {
+					listItemSize += sizeof(unsigned char *);
+				} else if (p->type == CMT_DT_ITEM) {
+					listItemSize += sizeof(CMTItem);
+				} else if (p->type == CMT_DT_INT) {
+					listItemSize += sizeof(CMInt32);
+				}
+				p++;
+			}
+			listCount = 0;
+			inStructList = CM_TRUE;
+			break;
+		  case CMT_DT_END_STRUCT_LIST:
+			listCount++;
+			if (listCount == listSize) {
+				inStructList = CM_FALSE;
+			} else {
+				list += listItemSize;
+				tmpl = startOfList;
+			}
+			break;
+          case CMT_DT_CHOICE:
+            len += sizeof(CMInt32);
+            choiceID = *(CMInt32 *)srcptr;
+            inChoice = CM_TRUE;
+            foundChoice = CM_FALSE;
+            break;
+          case CMT_DT_END_CHOICE: /* Loop should exit before we see these. */
+          case CMT_DT_END:
+          default:
+            ASSERT(0);
+            break;
+        }
+        if (inList) {
+            if (listCount == listSize) {
+                inList = CM_FALSE;
+                tmpl++;
+            }
+        } else {
+            tmpl++;
+        }
+    }
+    *len_out = len;
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}
+
+static CMTStatus
+encode_int(unsigned char **curptr, void *src, CMInt32 *remaining)
+{
+    CMInt32 datalen = sizeof(CMInt32);
+
+    if (*remaining < datalen)
+        return CMTFailure;
+    **(CMInt32 **)curptr = CM_htonl(*(CMInt32 *)src);
+    *remaining -= datalen;
+    *curptr += datalen;
+    return CMTSuccess;
+}
+
+static CMTStatus
+encode_string(unsigned char **curptr, CMInt32 len,
+              unsigned char *data, CMInt32 *remaining)
+{
+    CMTStatus rv;
+    CMInt32 datalen;
+
+    rv = encode_int(curptr, &len, remaining);
+    if (rv != CMTSuccess)
+        return CMTFailure;
+
+    /* NULL string */
+    if (len == 0) {
+        goto done;
+    }
+
+    datalen = (len + 3) & ~3;
+    if (*remaining < datalen)
+        return CMTFailure;
+
+    memcpy(*curptr, data, len);
+    *remaining -= datalen;
+    *curptr += datalen;
+done:
+    return CMTSuccess;
+}
+
+/*************************************************************
+ * CMT_EncodeMessage
+ *
+ * Encode src into msg as specified by tmpl.
+ *
+ ************************************************************/
+CMTStatus
+CMT_EncodeMessage(CMTMessageTemplate *tmpl, CMTItem *msg, void *src)
+{
+    CMInt32 choiceID = 0, listSize, listItemSize, listCount, remaining;
+    unsigned char *srcptr, *curptr, *list;
+    CMBool inChoice = CM_FALSE, inList = CM_FALSE, foundChoice = CM_FALSE;
+    CMTStatus rv = CMTSuccess;
+	CMTMessageTemplate *startOfList, *p;
+	CMBool inStructList = CM_FALSE;
+
+    rv = calc_msg_len(tmpl, src, (long *) &msg->len);
+    if (rv != CMTSuccess)
+        goto loser;
+    curptr = msg->data = (unsigned char *) cmt_alloc(msg->len);
+    if(msg->data == NULL)
+        goto loser;
+    remaining = msg->len;
+
+    while(tmpl->type != CMT_DT_END) {
+        if (inChoice) {
+            if (tmpl->type == CMT_DT_END_CHOICE) {
+                if (!foundChoice)
+                    goto loser;
+                inChoice = CM_FALSE;
+                foundChoice = CM_FALSE;
+                tmpl++;
+                continue;
+            }
+            if (choiceID != tmpl->choiceID) {
+                tmpl++;
+                continue;  /* Not this option */
+            } else {
+                foundChoice = CM_TRUE;
+            }
+        }
+        if (inList) {
+            srcptr = &list[listCount * listItemSize];
+            listCount++;
+        } else {
+			if (inStructList) {
+				srcptr = tmpl->offset + list;
+			} else {
+				srcptr = tmpl->offset + (unsigned char *)src;
+			}
+        }
+        switch(tmpl->type) {
+          case CMT_DT_RID:
+          case CMT_DT_INT:
+          case CMT_DT_BOOL:
+            rv = encode_int(&curptr, srcptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            break;
+          case CMT_DT_STRING:
+             if (*(char**)srcptr) {
+                 /* Non NULL string */
+                 rv = encode_string(&curptr, (long) strlen(*(char**)srcptr), 
+                 	                *(unsigned char**)srcptr, &remaining);
+             } else {
+                 /* NULL string */
+                 rv = encode_string(&curptr, 0L, *(unsigned char**)srcptr, &remaining);
+             }
+             if (rv != CMTSuccess)
+                goto loser;
+             break;
+          case CMT_DT_ITEM:
+            rv = encode_string(&curptr, ((CMTItem *)srcptr)->len,
+                               ((CMTItem *)srcptr)->data, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            break;
+          case CMT_DT_LIST:
+            rv = encode_int(&curptr, srcptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            listSize = *(CMInt32 *)srcptr;
+            tmpl++;
+            if (tmpl->type == CMT_DT_STRING) {
+                listItemSize = sizeof(unsigned char *);
+            } else if (tmpl->type == CMT_DT_ITEM) {
+                listItemSize = sizeof(CMTItem);
+            } else {
+                listItemSize = sizeof(CMInt32);
+            }
+            list = *(unsigned char **)(tmpl->offset + (unsigned char *)src);
+            listCount = 0;
+            inList = CM_TRUE;
+            break;
+		  case CMT_DT_STRUCT_LIST:
+            rv = encode_int(&curptr, srcptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            listSize = *(CMInt32 *)srcptr;
+			tmpl++;
+			if (tmpl->type != CMT_DT_STRUCT_PTR) {
+				goto loser;
+			}
+			list = *(unsigned char**)(tmpl->offset + (unsigned char*)src);
+			startOfList = tmpl;
+			p = tmpl;
+			listItemSize = 0;
+			while (p->type != CMT_DT_END_STRUCT_LIST) {
+				if (p->type == CMT_DT_STRING) {
+					listItemSize += sizeof(unsigned char *);
+				} else if (p->type == CMT_DT_ITEM) {
+					listItemSize += sizeof(CMTItem);
+				} else if (p->type == CMT_DT_INT) {
+					listItemSize += sizeof(CMInt32);
+				}
+				p++;
+			}
+			listCount = 0;
+			inStructList = CM_TRUE;
+			break;
+		  case CMT_DT_END_STRUCT_LIST:
+			listCount++;
+			if (listCount == listSize) {
+				inStructList = CM_FALSE;
+			} else {
+				list += listItemSize;
+				tmpl = startOfList;
+			}
+			break;
+          case CMT_DT_CHOICE:
+            rv = encode_int(&curptr, srcptr, &remaining);
+            if (rv != CMTSuccess)
+                goto loser;
+            choiceID = *(CMInt32 *)srcptr;
+            inChoice = CM_TRUE;
+            foundChoice = CM_FALSE;
+            break;
+          case CMT_DT_END_CHOICE: /* Loop should exit before we see these. */
+          case CMT_DT_END:
+          default:
+            ASSERT(0);
+            break;
+        }
+        if (inList) {
+            if (listCount == listSize) {
+                inList = CM_FALSE;
+                tmpl++;
+            }
+        } else {
+            tmpl++;
+        }
+    }
+    return CMTSuccess;
+loser:
+    return CMTFailure;
+}

mozilla/security/psm/lib/protocol/newproto.h

@@ -0,0 +1,102 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __NEWPROTO_H__
+#define __NEWPROTO_H__
+
+#include <stdlib.h>
+#include "ssmdefs.h"
+
+typedef enum CMTDataType {
+    CMT_DT_END,
+    CMT_DT_RID,
+    CMT_DT_INT,
+    CMT_DT_BOOL,
+    CMT_DT_STRING,
+    CMT_DT_ITEM,
+    CMT_DT_LIST,
+    CMT_DT_CHOICE,
+    CMT_DT_END_CHOICE,
+	CMT_DT_STRUCT_LIST,
+	CMT_DT_END_STRUCT_LIST,
+	CMT_DT_STRUCT_PTR
+} CMTDataType;
+
+typedef struct CMTMessageTemplate {
+    CMTDataType type;
+    CMUint32 offset;
+    CMInt32 validator;
+    CMInt32 choiceID;
+} CMTMessageTemplate;
+
+typedef struct CMTMessageHeader {
+    CMInt32 type;
+    CMInt32 len;
+} CMTMessageHeader;
+
+typedef void *(* CMT_Alloc_fn) (size_t size);
+typedef void (* CMT_Free_fn)(void * ptr);
+
+extern CMT_Alloc_fn cmt_alloc;
+extern CMT_Free_fn cmt_free;
+
+/*************************************************************
+ *
+ * CMT_Init
+ *
+ *
+ ************************************************************/
+void
+CMT_Init(CMT_Alloc_fn allocfn, CMT_Free_fn freefn);
+
+/*************************************************************
+ * CMT_DecodeMessage
+ *
+ * Decode msg into dest as specified by tmpl.
+ *
+ ************************************************************/
+CMTStatus
+CMT_DecodeMessage(CMTMessageTemplate *tmpl, void *dest, CMTItem *msg);
+
+
+/*************************************************************
+ * CMT_EncodeMessage
+ *
+ * Encode src into msg as specified by tmpl.
+ *
+ ************************************************************/
+CMTStatus
+CMT_EncodeMessage(CMTMessageTemplate *tmpl, CMTItem *msg, void *src);
+
+
+#endif /* __NEWPROTO_H__ */

mozilla/security/psm/lib/protocol/obsample.c

@@ -0,0 +1,187 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/* SAMPLE CODE
+** Illustrates use of SSMObscure object methods.
+**
+** Author:  Nelson Bolyard	June 1999
+*/
+
+#include <stdio.h>
+#include "obscure.h"
+
+
+/* On error, returns -1.
+** On success, returns non-negative number of unobscured bytes in buf
+int
+RecvInitObscureData(int fd, SSMObscureObject * obj, void * buf, int bufSize )
+{
+    SSMObscureBool done = 0;
+
+    do {
+	int cc;
+	int rv;
+	cc = read(fd, buf, bufSize);
+	if (cc <= 0)
+	    return -1;
+	rv = SSMObscure_RecvInit(obj, buf, cc, &done);
+    } while (!done);
+    return rv;
+}
+
+
+/* returns -1 on error, 0 on success. */
+int
+SendInitObscureData(int fd, SSMObscureObject * obj)
+{
+    unsigned char * initBuf = NULL;
+    int             rv      = -1;
+
+    do {
+	int bufLen;
+	int len;
+	int cc;
+
+	bufLen = SSMObscure_SendInit(obj, NULL);
+	if (bufLen <= 0)
+	    break;
+
+	initBuf = malloc(bufLen);
+	if (!initBuf)
+	    break;
+
+	len = SSMObscure_SendInit(obj, initBuf);
+	if (len != bufLen)
+	    break;
+
+	cc = write(fd, initBuf, len);
+
+	/* Note, this code assumes a blocking socket, 
+	** and hence doesn't deal with short writes.
+	*/
+	if (cc < len) 
+	    break;
+
+    	rv = 0;
+
+    } while (0);
+
+    if (initBuf) {
+	free(initBuf);
+    	initBuf = NULL;
+    }
+    return rv;
+}
+
+/* This is like write, but it obscures the data first. */
+/* This code assumes a blocking socket, and so it doesn't handle short 
+** writes.
+*/
+int 
+obscuredWrite(SSMObscureObject * obj, int fd, void * buf, int len)
+{
+    int rv;
+    int cc;
+
+    cc = SSMObscure_Send(obj, buf, len);
+    if (cc <= 0)
+    	return cc;
+    rv = write(fd, buf, cc);
+    ASSERT(rv == cc || rv < 0);
+    return rv;
+}
+
+/* This is like read, but it unobscures the data after reading it. */
+int 
+obscuredRead(SSMObscureObject * obj, int fd, void * buf, int len)
+{
+    int rv;
+    int cc;
+
+    do {
+	cc = read(fd, buf, len);
+	if (cc <= 0)
+	    return cc;
+	rv = SSMObscure_Recv(obj, buf, len);
+    } while (rv == 0);
+    return rv;
+}
+
+SSMObscureObject * sobj;
+unsigned char buf[8192];
+
+/* Call this with fd for socket that has just been accepted.
+** returns -1 on error, 
+** On success, returns non-negative number of bytes received in buf. 
+*/
+int
+InitClientObscureObject(int fd) 
+{
+    int rv;
+
+    sobj = SSMObscure_Create(0);
+    if (!sobj)
+    	return -1;
+
+    rv = SendInitObscureData(fd, sobj);
+    if (rv < 0)
+    	return rv;
+
+    rv = RecvInitObscureData(fd, sobj, buf, sizeof buf);
+    return rv;
+}
+
+/* Call this with fd for socket that has just been connected.
+** returns -1 on error, 
+** On success, returns non-negative number of bytes received in buf. 
+*/
+int
+InitServerObscureObject(int fd)
+{
+    int cc;
+
+    sobj = SSMObscure_Create(1);
+    if (!sobj)
+    	return -1;
+
+    cc = RecvInitObscureData(fd, sobj, buf, sizeof buf);
+    if (cc < 0) 
+    	return cc;
+
+
+    rv = SendInitObscureData(fd, sobj);
+    if (rv < 0)
+    	return rv;
+
+    return cc;
+}
+

mozilla/security/psm/lib/protocol/obscure.c

@@ -0,0 +1,136 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include <stdlib.h>
+#include "obspriv.h"
+#include "newproto.h"
+
+
+/* 
+** Create a new Obscuring object 
+*/
+SSMObscureObject * 
+SSMObscure_Create(SSMObscureBool IsServer)
+{
+    SSMObscureObject * obj;
+    void *             priv;
+
+    obj = (SSMObscureObject *) cmt_alloc(sizeof *obj);
+    if (!obj)
+    	return obj;
+    /* This needs to be a little more elegant */
+    priv = SSMObscure_InitPrivate(obj, IsServer);
+    if (!priv) {
+    	cmt_free(obj);
+	return NULL;
+    }
+    obj->privData = priv;
+    return obj;
+}
+
+
+/* Prepare initial buffer with initial message to send to other side to 
+** establish cryptographic * synchronization.
+**
+** If buf is NULL, function returns the size of the buffer that 
+** the caller needs to allocate for sending the initial message.
+** 
+** If buf is non-null, function returns the number of bytes of data filled 
+** into buf, the amount that the caller should then send to the other side.
+**
+*/
+int 
+SSMObscure_SendInit( SSMObscureObject * obj, void * buf)
+{
+    int rv;
+    rv = obj->sendInit(obj->privData, buf);
+    return rv;
+}
+
+/* 
+** Obscure "len" bytes in "buf" before sending it. 
+*/
+int 
+SSMObscure_Send(	SSMObscureObject * obj, 
+			void *             buf, 
+			unsigned int       len)
+{
+    int rv;
+    rv = obj->send(obj->privData, buf, len);
+    return rv;
+}
+
+/* 
+** UnObscure "len" bytes in "buf" after receiving it. 
+** This function may absorb some or all of the received bytes, leaving 
+** fewer bytes (possibly none) in the buffer for the application to use 
+** than were in the buffer when the function was called.
+** Function returns the number of bytes of unobscured data remaining in
+** buf.  Zero means all data was used internally and no data remains 
+** for application use. Negative number means error occurred.
+*/
+int 
+SSMObscure_Recv(	SSMObscureObject * obj, 
+			void *             buf, 
+			unsigned int       len)
+{
+    int rv;
+    rv = obj->recv(obj->privData, buf, len);
+    return rv;
+}
+
+/* like _Recv, but returns a flag telling when all initialization info has
+** been received.
+*/
+int 
+SSMObscure_RecvInit(	SSMObscureObject * obj, 
+			void *             buf, 
+			unsigned int       len,
+			SSMObscureBool   * done)
+{
+    int rv;
+    rv = obj->recvInit(obj->privData, buf, len, done);
+    return rv;
+}
+
+/* 
+** Destroy the Obscure Object 
+*/
+int 
+SSMObscure_Destroy(SSMObscureObject * obj)
+{
+    int rv;
+    rv = obj->destroy(obj->privData);
+    cmt_free(obj);
+    return rv;
+}
+

mozilla/security/psm/lib/protocol/obscure.h

@@ -0,0 +1,98 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __obscure_h__
+#define __obscure_h__ 1
+#ifdef __cplusplus
+extern "C" {
+#endif
+typedef unsigned char SSMObscureBool;
+
+typedef struct SSMObscureObjectStr 	SSMObscureObject;
+
+/* 
+** Create a new Obscuring object 
+*/
+extern SSMObscureObject * SSMObscure_Create(SSMObscureBool IsServer);
+
+
+/* Prepare initial buffer with initial message to send to other side to 
+** establish cryptographic * synchronization.
+**
+** If buf is NULL, function returns the size of the buffer that 
+** the caller needs to allocate for sending the initial message.
+** 
+** If buf is non-null, function returns the number of bytes of data filled 
+** into buf, the amount that the caller should then send to the other side.
+**
+*/
+extern int SSMObscure_SendInit( SSMObscureObject * obj,
+				void *             buf);
+
+/* 
+** Obscure "len" bytes in "buf" before sending it. 
+*/
+extern int SSMObscure_Send(	SSMObscureObject * obj, 
+                            	void *             buf, 
+				unsigned int       len);
+
+/* 
+** UnObscure "len" bytes in "buf" after receiving it. 
+** This function may absorb some or all of the received bytes, leaving 
+** fewer bytes (possibly none) in the buffer for the application to use 
+** than were in the buffer when the function was called.
+** Function returns the number of bytes of unobscured data remaining in
+** buf.  Zero means all data was used internally and no data remains 
+** for application use. Negative number means error occurred.
+*/
+extern int SSMObscure_Recv(	SSMObscureObject * obj, 
+                                void *             buf, 
+				unsigned int       len);
+
+/* like _Recv, but returns a flag telling when all initialization info has
+** been received.
+*/
+extern int SSMObscure_RecvInit(	SSMObscureObject * obj, 
+                                void *             buf, 
+				unsigned int       len,
+				SSMObscureBool   * done);
+
+/* 
+** Destroy the Obscure Object 
+*/
+extern int SSMObscure_Destroy(SSMObscureObject * obj);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __obscure_h__ */

mozilla/security/psm/lib/protocol/obspriv.c

@@ -0,0 +1,115 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "obspriv.h"
+#include "newproto.h"
+#include <string.h>
+#include <assert.h>
+#include <time.h>
+
+/* 
+   Originally this code was used to obscure the control messages
+   traveling between processes. With the relaxation of export rules,
+   this whole step is no longer necessary, and is included for
+   informational purposes only. (We need to finish removing the 
+   obscuring code.)
+*/
+struct obscureNOPStr {
+    SSMObscureObject * obj;
+};
+
+typedef struct obscureNOPStr obscureV1;
+
+static int 
+ssmObscure_Destroy(void * privData)
+{
+    obscureV1 * priv = (obscureV1 *)privData;
+
+    memset(priv, 0, sizeof *priv);
+    cmt_free(priv);
+    return 0;
+}
+
+static int
+ssmObscure_Send(void * privData, void * buf, unsigned int len)
+{
+    /* obscureV1 *  priv 		= (obscureV1 *)privData;*/
+
+    /* NOP */
+    return len;
+}
+
+static int    
+ssmObscure_Recv(void * privData, void * buf, unsigned int len)
+{
+    /*obscureV1 *  priv 		= (obscureV1 *)privData;*/
+
+    /* NOP */
+    return len;
+}
+
+static int    
+ssmObscure_SendInit(void * privData, void * buf)
+{
+    /*obscureV1 *      priv = (obscureV1 *)privData;*/
+
+    return 0;
+}
+
+static int    
+ssmObscure_RecvInit(void * privData, void * buf, unsigned int len,
+                    SSMObscureBool * pDone)
+{
+    return 0;
+}
+
+static void *
+ssmObscure_InitPrivate(SSMObscureObject * obj, SSMObscureBool IsServer)
+{
+    obscureV1 *   priv 		= (obscureV1 *) cmt_alloc(sizeof (obscureV1));
+
+    if (!priv)
+    	return NULL;
+
+    priv->obj        = obj;
+
+    obj->privData  = (void *)priv;
+    obj->destroy  = ssmObscure_Destroy;
+    obj->send     = ssmObscure_Send;
+    obj->recv     = ssmObscure_Recv;
+    obj->sendInit = ssmObscure_SendInit;
+    obj->recvInit = ssmObscure_RecvInit;
+    
+    return priv;
+}
+
+obsInitFn SSMObscure_InitPrivate = ssmObscure_InitPrivate;

mozilla/security/psm/lib/protocol/obspriv.h

@@ -0,0 +1,63 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "obscure.h"
+
+typedef void * (* obsInitFn)    (SSMObscureObject * instance, 
+                                 SSMObscureBool     IsServer);
+typedef int    (* obsDestroyFn) (void * priv);
+typedef int    (* obsSendFn)    (void * priv, void * buf, unsigned int len);
+typedef int    (* obsRecvFn)    (void * priv, void * buf, unsigned int len);
+typedef int    (* obsSendInitFn)(void * priv, void * buf);
+typedef int    (* obsRecvInitFn)(void * priv, void * buf, unsigned int len,
+                                 SSMObscureBool * done);
+
+struct SSMObscureObjectStr {
+    void *	  privData;
+    obsDestroyFn  destroy;
+    obsSendFn     send;
+    obsRecvFn     recv;
+    obsSendInitFn sendInit;
+    obsRecvInitFn recvInit;
+};
+
+
+/* This is common to the beginning of all versions of the obscuring protocol */
+struct SSMInitMsgHdrStr {
+    short	version;
+    short	length;
+};
+
+typedef struct SSMInitMsgHdrStr SSMInitMsgHdr;
+
+extern obsInitFn SSMObscure_InitPrivate;
+

mozilla/security/psm/lib/protocol/protocol.h

@@ -0,0 +1,141 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*
+  protocol.h - Definitions of various items to support the PSM protocol.
+ */
+
+#ifndef __PROTOCOL_H__
+#define __PROTOCOL_H__
+
+
+#include "rsrcids.h"
+
+#define SSMPRStatus SSMStatus
+#define SSMPR_SUCCESS SSM_SUCCESS
+#define SSMPR_FAILURE SSM_FAILURE
+
+#define SSMPR_INVALID_ARGUMENT_ERROR PR_INVALID_ARGUMENT_ERROR
+#define SSMPR_OUT_OF_MEMORY_ERROR    PR_OUT_OF_MEMORY_ERROR
+
+#define SSMPRInt32 PRInt32
+#define SSMPRUint32 PRUint32
+
+#define SSMPR_ntohl  PR_ntohl
+#define SSMPR_htonl  PR_htonl
+#define SSMPORT_Free   PORT_Free
+#define SSMPORT_ZAlloc PORT_ZAlloc
+
+#define SSMPR_SetError PR_SetError
+#define SSMPR_GetError PR_GetError
+#define SSMPORT_SetError PORT_SetError
+#define SSMPORT_GetError PORT_GetError
+
+/* 
+   Current version of PSM protocol. 
+   Increment this value when the protocol changes. 
+*/
+
+#define SSMSTRING_PADDED_LENGTH(x) ((((x)+3)/4)*4)
+#define SSMPORT_ZNEW(type) (type*)SSMPORT_ZAlloc(sizeof(type))
+#define SSMPORT_ZNewArray(type,size) (type*)SSMPORT_ZAlloc(sizeof(type)*(size))
+/* Various message structs */
+
+struct _SSMHelloRequest {
+  CMUint32          m_version; /* Protocol version supported by client */
+  struct _SSMString m_profileName; /* Name of user profile (where to find 
+				 certs etc) */
+};
+
+struct _SSMHelloReply {
+  CMInt32           m_result; /* Error, if any, which occurred 
+				 (0 == success) */
+  CMUint32          m_version; /* Protocol version supported by PSM */
+  struct _SSMString m_nonce; /* Session nonce -- must be written to data channels */
+};
+
+struct _SSMRequestSSLDataConnection
+{
+  CMUint32          m_flags; /* Flags to indicate to SSM what to do with
+				the connection */
+  CMUint32          m_port; /* Port number to connect to */
+  struct _SSMString m_hostIP; /* IP address of final target machine (not proxy) */
+  /* struct _SSMString m_hostName; Host name of target machine (for server auth) -- not accessed directly */
+};
+
+struct _SSMReplySSLDataConnection {
+  CMInt32 m_result; /* Error, if any, which occurred (0 == success) */
+  CMUint32 m_connectionID; /* Connection ID of newly opened channel */
+  CMUint32 m_port; /* Port number to which to connect on PSM */
+};
+
+
+struct _SSMRequestSecurityStatus {
+  CMUint32 m_connectionID; /* ID of connection of which to stat */
+};
+
+struct _SSMReplySecurityStatus {
+  CMInt32 m_result; /* Error, if any, which occurred (0 == success) */
+  CMUint32 m_keySize; /* Key size */
+  CMUint32 m_secretKeySize; /* Secret key size */
+  struct _SSMString m_cipherName; /* Name of cipher in use */
+  /* SSMString m_certificate; -- DER encoded cert
+     We do not access this as a field, we have to skip over m_cipherName */
+};
+
+/* 
+   Use this macro to jump over strings.
+   For example, if you wanted to access m_certificate above, 
+   use a line like the following:
+
+   char *ptr = &(reply->m_cipherName) + SSM_SIZEOF_STRING(reply->m_cipherName);
+*/
+#define SSM_SIZEOF_STRING(str) (SSMSTRING_PADDED_LENGTH(PR_ntohl((str).m_length)) + sizeof(CMUint32))
+
+
+typedef struct _SSMHelloRequest SSMHelloRequest;
+typedef struct _SSMHelloReply SSMHelloReply;
+typedef struct _SSMRequestSSLDataConnection SSMRequestSSLDataConnection;
+typedef struct _SSMReplySSLDataConnection SSMReplySSLDataConnection;
+typedef struct _SSMRequestSecurityStatus SSMRequestSecurityStatus;
+typedef struct _SSMReplySecurityStatus SSMReplySecurityStatus;
+
+/* 
+   Functions to convert between an SSMString and a C string.
+   Return values are allocated using PR_Malloc (which means that
+   SSMPR_Free must be used to free up the memory after use). 
+*/
+CMTStatus SSM_StringToSSMString(SSMString ** ssmString, int len, char * string);
+CMTStatus SSM_SSMStringToString(char ** string,int *len, SSMString * ssmString);
+
+
+#endif /* __PROTOCOL_H__ */

mozilla/security/psm/lib/protocol/protocolf.h

@@ -0,0 +1,359 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __PROTOCOLF_H__
+#define __PROTOCOLF_H__
+/*************************************************************************
+ * For each type of message, parse and pack function is provided. 
+ *
+ * Parse functions accept a ptr to the "blob" of data received from the 
+ * network and fill in fields of the message, numbers in host-order, strings
+ * as C-style NULL-terminated strings. Return SSMPRStatus. 
+ *
+ * Pack functions take all the info to construct a message and fill in a 
+ * ptr to the "blob" of data to be sent. Return length of the data blob, or 
+ * a zero in case of an error
+ *
+ * All functions set NSPR errors when necessary.
+ ************************************************************************/
+#include "protocol.h"
+#include "cert.h"
+
+SSMPRStatus SSM_ParseHelloRequest(void * helloRequest, 
+				  SSMPRUint32 * version, 
+				  PRBool * doesUI,
+				  PRInt32 * policyType,
+				  SSMPRUint32 * profileLen,
+				  char ** profile);
+SSMPRInt32 SSM_PackHelloReply(void ** helloReply, SSMPRInt32 result, 
+			      SSMPRUint32 sessionID, SSMPRUint32 version, 
+			      SSMPRUint32 httpPort, SSMPRUint32 nonceLen, 
+			      char * nonce, SSMPolicyType policy);
+
+/* Parse data connections requests */
+SSMPRStatus SSM_ParseSSLDataConnectionRequest(void *sslRequest, 
+					      SSMPRUint32 * flags, 
+					      SSMPRUint32 * port,
+					      SSMPRUint32 * hostIPLen,
+					      char ** hostIP, 
+					      SSMPRUint32 * hostNameLen,
+					      char ** hostName);
+SSMPRStatus SSM_ParseHashStreamRequest(void * hashStreamRequest,
+                                       SSMPRUint32 * type);
+SSMPRStatus SSM_ParseP7EncodeConnectionRequest(void *request,
+					       SSMPRUint32 *ciRID);
+/* Messages to initiate PKCS7 data connection */
+/* PKCS7DecodeRequest message has no data */ 
+
+/* Single data connection reply */
+SSMPRInt32 SSM_PackDataConnectionReply(void ** sslReply, 
+				       SSMPRInt32 result, 
+				       SSMPRUint32 connID, 
+				       SSMPRUint32 port);
+
+SSMPRStatus SSM_ParseSSLSocketStatusRequest(void * statusRequest, 
+					    SSMPRUint32 * connID);
+SSMPRInt32 SSM_PackSSLSocketStatusReply(void ** statusReply, 
+					SSMPRInt32 result, 
+					SSMPRUint32 resourceID);
+
+/* 
+ * UI event is an asynchroneous message sent from PSM server to the client
+ * NOTE: (context) is the actual context pointer, it is NOT a ptr-to-ptr.
+ * The value of (context) is copied into the packet.
+ */
+SSMPRInt32 SSM_PackUIEvent(void ** eventRequest, SSMPRUint32 resourceID, 
+			   SSMPRUint32 width, SSMPRUint32 height,
+			   SSMPRUint32 urlLen, char * url);
+
+SSMPRInt32 SSM_PackTaskCompletedEvent(void **event, SSMPRUint32 resourceID,
+                                     SSMPRUint32 numTasks, SSMPRUint32 result);
+
+/* Verify raw signature */
+
+SSMPRStatus SSM_ParseVerifyRawSigRequest(void * verifyRawSigRequest, 
+					 SSMPRUint32 * algorithmID,
+					 SSMPRUint32 * paramsLen, 
+					 unsigned char ** params,
+					 SSMPRUint32 * pubKeyLen,
+					 unsigned char ** pubKey,
+					 SSMPRUint32 * hashLen,
+					 unsigned char ** hash,
+					 SSMPRUint32 * signatureLen,
+					 unsigned char ** signature);
+SSMPRInt32 SSM_PackVerifyRawSigReply(void ** verifyRawSigReply, 
+				     SSMPRInt32 result);
+
+/* Verify detached signature */
+SSMPRStatus SSM_ParseVerifyDetachedSigRequest(void * request, 
+											  SSMPRInt32 * pkcs7ContentID,
+											  SSMPRInt32 * certUsage,
+											  SSMPRInt32 * hashAlgID,
+											  SSMPRUint32 * keepCert,
+											  SSMPRUint32 * digestLen,
+											  unsigned char ** hash);
+
+SSMPRInt32 SSM_PackVerifyDetachedSigReply(void ** verifyDetachedSigReply, 
+										  SSMPRInt32 result);
+
+/* PKCS#7 functions */
+SSMPRStatus SSM_ParseCreateSignedRequest(void *request,
+                                         SSMPRInt32 *scertRID,
+                                         SSMPRInt32 *ecertRID,
+                                         SSMPRUint32 *dig_alg,
+                                         SECItem **digest);
+
+SSMPRInt32 SSM_PackCreateSignedReply(void **reply, SSMPRInt32 ciRID,
+                                     SSMPRUint32 result);
+
+SSMPRStatus SSM_ParseCreateEncryptedRequest(void *request,
+					    SSMPRInt32 *scertRID,
+                                            SSMPRInt32 *nrcerts,
+					    SSMPRInt32 **rcertRIDs);
+
+SSMPRInt32 SSM_PackCreateEncryptedReply(void **reply, SSMPRInt32 ciRID,
+					SSMPRUint32 result);
+
+/* Resource functions */
+SSMPRStatus SSM_ParseCreateResourceRequest(void *request,
+                                           SSMPRUint32 *type,
+                                           unsigned char **params,
+                                           SSMPRUint32 *paramLen);
+
+SSMPRStatus SSM_PackCreateResourceReply(void **reply, SSMPRStatus rv,
+                                        SSMPRUint32 resID);
+
+SSMPRStatus SSM_ParseGetAttribRequest(void * getAttribRequest, 
+				      SSMPRUint32 * resourceID, 
+				      SSMPRUint32 * fieldID);
+
+void SSM_DestroyAttrValue(SSMAttributeValue *value, PRBool freeit);
+
+SSMPRInt32 SSM_PackGetAttribReply(void **getAttribReply,
+				  SSMPRInt32 result,
+				  SSMAttributeValue *value);
+SSMPRStatus SSM_ParseSetAttribRequest(SECItem *msg,
+				      SSMPRInt32 *resourceID,
+				      SSMPRInt32 *fieldID,
+				      SSMAttributeValue *value);
+/* Currently, there is no need for a pack version.  There is nothing to send
+ * back except for the notice that the operation was successful.
+ */
+				  
+				       
+				       
+/* Pickle and unpickle resources. */
+SSMPRStatus SSM_ParsePickleResourceRequest(void * pickleResourceRequest, 
+					  SSMPRUint32 * resourceID);
+SSMPRInt32 SSM_PackPickleResourceReply(void ** pickleResourceReply, 
+				       SSMPRInt32 result,
+				       SSMPRUint32 resourceLen,
+				       void * resource);
+SSMPRStatus SSM_ParseUnpickleResourceRequest(void * unpickleResourceRequest,
+					     SSMPRUint32 blobSize,
+					     SSMPRUint32 * resourceType,
+					     SSMPRUint32 * resourceLen,
+					     void ** resource);
+SSMPRInt32 SSM_PackUnpickleResourceReply(void ** unpickleResourceReply, 
+					   SSMPRInt32 result, 
+					   SSMPRUint32 resourceID);
+
+/* Destroy resource */
+SSMPRStatus SSM_ParseDestroyResourceRequest(void * destroyResourceRequest, 
+					    SSMPRUint32 * resourceID, 
+					    SSMPRUint32 * resourceType);
+SSMPRInt32 SSM_PackDestroyResourceReply(void ** destroyResourceReply, 
+                                        SSMPRInt32 result);
+
+/* Duplicate resource */
+SSMPRStatus SSM_ParseDuplicateResourceRequest(void * request, 
+					      SSMPRUint32 * resourceID);
+SSMPRInt32 SSM_PackDuplicateResourceReply(void ** reply, SSMPRInt32 result,
+					  SSMPRUint32 resID);
+
+/* Cert actions */
+typedef struct MatchUserCertRequestData {
+    PRUint32 certType;
+    PRInt32 numCANames;
+    char ** caNames;
+} MatchUserCertRequestData;
+
+typedef struct SSMCertList {
+    PRCList certs;
+    PRInt32 count;
+} SSMCertList;
+
+typedef struct SSMCertListElement {
+    PRCList links;
+    PRUint32 certResID;
+} SSMCertListElement;
+
+#define SSM_CERT_LIST_ELEMENT_PTR(_q) (SSMCertListElement*)(_q);
+
+SSMPRStatus SSM_ParseVerifyCertRequest(void * verifyCertRequest, 
+				       SSMPRUint32 * resourceID, 
+				       SSMPRInt32 * certUsage);
+SSMPRInt32 SSM_PackVerifyCertReply(void ** verifyCertReply, 
+			           SSMPRInt32 result);
+
+SSMPRStatus SSM_ParseImportCertRequest(void * importCertRequest, 
+				       SSMPRUint32 * blobLen, 
+				       void ** certBlob);
+SSMPRInt32 SSM_PackImportCertReply(void ** importCertReply, SSMPRInt32 result, 
+				   SSMPRUint32 resourceID);
+PRStatus SSM_ParseFindCertByNicknameRequest(void *request, char ** nickname);
+PRInt32 SSM_PackFindCertByNicknameReply(void ** reply, PRUint32 resourceID);
+PRStatus SSM_ParseFindCertByKeyRequest(void *request, SECItem ** key);
+PRInt32 SSM_PackFindCertByKeyReply(void ** reply, PRUint32 resourceID);
+PRStatus SSM_ParseFindCertByEmailAddrRequest(void *request, char ** emailAddr);
+PRInt32 SSM_PackFindCertByEmailAddrReply(void ** reply, PRUint32 resourceID);
+PRStatus SSM_ParseAddTempCertToDBRequest(void *request, PRUint32 *resourceID, char ** nickname, PRInt32 *ssl, PRInt32 *email, PRInt32 *objectSigning);
+PRInt32 SSM_PackAddTempCertToDBReply(void ** reply);
+PRStatus SSM_ParseMatchUserCertRequest(void *request, MatchUserCertRequestData** data);
+PRInt32 SSM_PackMatchUserCertReply(void **reply, SSMCertList * certList);
+
+SSMPRInt32 SSM_PackErrorMessage(void ** errorReply, SSMPRInt32 result);
+
+
+/* PKCS11 actions */
+SSMPRStatus SSM_ParseKeyPairGenRequest(void *keyPairGenRequest, 
+				       SSMPRInt32 requestLen,
+				       SSMPRUint32 *keyPairCtxtID,
+				       SSMPRUint32 *genMechanism,
+				       SSMPRUint32 *keySize,
+				       unsigned char **params, 
+				       SSMPRUint32 *paramLen);
+
+SSMPRInt32 SSM_PackKeyPairGenResponse(void ** keyPairGenResponse, 
+				      SSMPRUint32 keyPairId);
+
+PRStatus
+SSM_ParseFinishKeyGenRequest(void    *finishKeyGenRequest,
+                             PRInt32  requestLen,
+                             PRInt32 *keyGenContext);
+
+/* CMMF/CRMF Actions */
+SSMPRStatus SSM_ParseCreateCRMFReqRequest(void        *crmfReqRequest,
+					  SSMPRInt32   requestLen,
+					  SSMPRUint32 *keyPairId);
+
+SSMPRInt32 SSM_PackCreateCRMFReqReply(void        **crmfReqReply,
+				      SSMPRUint32   crmfReqId);
+
+SSMPRStatus SSM_ParseEncodeCRMFReqRequest(void         *encodeReq,
+					  SSMPRInt32    requestLen,
+					  SSMPRUint32 **crmfReqId,
+					  SSMPRInt32   *numRequests);
+
+SSMPRInt32 SSM_PackEncodeCRMFReqReply(void        **encodeReply,
+				      char         *crmfDER,
+				      SSMPRUint32   derLen);
+
+SSMPRStatus SSM_ParseCMMFCertResponse(void        *encodedRes,
+				      SSMPRInt32   encodeLen,
+				      char       **nickname,
+				      char       **base64Der,
+				      PRBool      *doBackup);
+
+PRStatus SSM_ParsePOPChallengeRequest(void     *challenge,
+				      PRInt32   len,
+				      char    **responseString);
+PRInt32 SSM_PackPOPChallengeResponse(void   **response,
+				     char    *responseString,
+				     PRInt32  responseStringLen);
+
+PRInt32 SSM_PackPasswdRequest(void ** passwdRequest, PRInt32 tokenID,
+                              char * prompt, PRInt32 promptLen);
+PRStatus SSM_ParsePasswordReply(void * passwdReply, PRInt32 * result, 
+                                PRInt32 * tokenID,
+                                char ** passwd, PRInt32 * passwdLen);
+
+/* Sign Text Actions */
+typedef struct {
+    char *stringToSign;
+    char *hostName;
+    char *caOption;
+    PRInt32 numCAs;
+    char **caNames;
+} signTextRequestData;
+
+PRStatus SSM_ParseSignTextRequest(void* signTextRequest, PRInt32 len, PRUint32* resID, signTextRequestData ** data);
+
+PRStatus SSM_ParseGetLocalizedTextRequest(void               *data,
+                                          SSMLocalizedString *whichString);  
+
+PRInt32 SSM_PackGetLocalizedTextResponse(void               **data,
+					 SSMLocalizedString   whichString,
+					 char                *retString);
+
+PRStatus SSM_ParseAddNewSecurityModuleRequest(void          *data, 
+					      char         **moduleName,
+					      char         **libraryPath, 
+					      unsigned long *pubMechFlags,
+					      unsigned long *pubCipherFlags);
+
+PRInt32 SSM_PackAddNewModuleResponse(void **data, PRInt32 rv);
+
+PRStatus SSM_ParseDeleteSecurityModuleRequest(void *data, char **moduleName);
+
+PRInt32 SSM_PackDeleteModuleResponse(void **data, PRInt32 moduleType);
+
+PRInt32 SSM_PackFilePathRequest(void **data, PRInt32 resID, char *prompt,
+				PRBool shouldFileExist, char *fileSuffix);
+
+PRStatus SSM_ParseFilePathReply(void *message, char **filePath,
+				PRInt32 *rid);
+
+PRInt32 SSM_PackPromptRequestEvent(void **data, PRInt32 resID, char *prompt);
+PRStatus SSM_ParsePasswordPromptReply(void *data, PRInt32 *resID, 
+				      char **reply);
+
+/* messages for importing certs *the traditional way* */
+PRInt32 SSM_PackDecodeCertReply(void ** data, PRInt32 certID);
+PRStatus SSM_ParseDecodeCertRequest(void * data, PRInt32 * len, 
+					char ** buffer);
+PRStatus SSM_ParseGetKeyChoiceListRequest(void * data, PRUint32 dataLen, 
+					  char ** type, PRUint32 *typeLen, 
+					  char ** pqgString, PRUint32 *pqgLen);
+PRInt32 SSM_PackGetKeyChoiceListReply(void **data, char ** list);
+
+PRStatus SSM_ParseGenKeyOldStyleRequest(void * data, PRUint32 datalen, 
+					char ** choiceString, 
+					char ** challenge, 
+					char ** typeString, 
+					char ** pqgString);
+PRInt32 SSM_PackGenKeyOldStyleReply(void ** data, char * keydata);
+
+PRStatus SSM_ParseDecodeAndCreateTempCertRequest(void * data, 
+			char ** certbuf, PRUint32 * certlen, int * certClass);
+
+#endif /*PROTOCOLF_H_*/

mozilla/security/psm/lib/protocol/protocolnspr20.h

@@ -0,0 +1,74 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*****************************************************************************
+ *
+ *
+ *
+ *****************************************************************************
+ */
+
+#ifndef NULL
+#define NULL 0x00000000
+#endif
+
+#define SSMPR_BYTES_PER_INT  4
+#define SSMPR_BYTES_PER_LONG  4
+
+/******************************************************************
+ *  No NSPR - define all the SSMPR values and functions here   
+ ******************************************************************
+ */
+
+#define SSMPRStatus PRStatus
+#define SSMPR_SUCCESS PR_SUCCESS
+#define SSMPR_FAILURE PR_FAILURE
+
+#define SSMPR_INVALID_ARGUMENT_ERROR PR_INVALID_ARGUMENT_ERROR
+#define SSMPR_OUT_OF_MEMORY_ERROR    PR_OUT_OF_MEMORY_ERROR
+
+#define SSMPRInt32 PRInt32
+#define SSMPRUint32 PRUint32
+
+#define SSMPR_ntohl  PR_ntohl
+#define SSMPR_htonl  PR_htonl
+#define SSMPORT_Free   PORT_Free
+#define SSMPORT_ZAlloc PORT_ZAlloc
+
+#define SSMPR_SetError PR_SetError
+#define SSMPR_GetError PR_GetError
+#define SSMPORT_SetError PORT_SetError
+#define SSMPORT_GetError PORT_GetError
+
+
+
+

mozilla/security/psm/lib/protocol/protocolport.c

@@ -0,0 +1,49 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*************************************************************************
+ *
+ * PSM portable run-time. (Used when NSPR20 is not available.)
+ *
+ *************************************************************************
+ */
+
+SSMPRInt32 ssmprErrno;
+
+void SSMPORT_SetError(SSMPRInt32 errorcode) 
+{ ssmprErrno = errorcode; }  
+
+
+SSMPRInt32 SSMPORT_GetError(void)
+{ return ssmprErrno; }
+
+

mozilla/security/psm/lib/protocol/protocolport.h

@@ -0,0 +1,93 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*****************************************************************************
+ *
+ *
+ *
+ *****************************************************************************
+ */
+
+#ifndef NULL
+#define NULL 0x00000000
+#endif
+
+#define SSMPR_BYTES_PER_INT  4
+#define SSMPR_BYTES_PER_LONG  4
+
+/******************************************************************
+ *  No NSPR - define all the SSMPR values and functions here   
+ ******************************************************************
+ */
+
+typedef enum { SSMPR_SUCCESS = 0,  SSMPR_FAILURE = -1 } SSMPRStatus;
+enum { 
+  SSMPR_INVALID_ARGUMENT_ERROR = -6000,
+  SSMPR_OUT_OF_MEMORY_ERROR =  -5987
+};
+
+#if SSMPR_BYTES_PER_INT == 4
+typedef unsigned int SSMPRUint32;
+typedef int SSMPRInt32; 
+#elif SSMPR_BYTES_PER_LONG == 4
+typedef unsigned long SSMPRUint32;
+typedef long SSMPRInt32;
+#else
+#error No suitable type for SSMPRInt32/SSMPRUint32
+#endif
+
+/*******************************************************************
+ * Use libc functions instead 
+ *******************************************************************
+ */
+#include <sys/types.h>
+#ifdef WIN32
+#include <winsock.h>
+#else
+#include <netinet/in.h>
+#endif
+#define SSMPR_ntohl  ntohl
+#define SSMPR_htonl  htonl
+
+#include <stdlib.h>
+#define SSMPORT_Free   free
+#define SSMPR_sprint   printf
+#define SSMPORT_ZAlloc malloc
+
+extern SSMPRInt32 ssmprErrno;
+#define SSMPR_SetError(x, y) SSMPORT_SetError(x)
+#define SSMPR_GetError SSMPORT_GetError
+void SSMPORT_SetError(SSMPRInt32 errorcode);
+
+
+
+

mozilla/security/psm/lib/protocol/protocolshr.c

@@ -0,0 +1,169 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "string.h"
+#include "protocol.h"
+#include "protocolshr.h"
+#include "messages.h"
+
+/* Forward ref */
+static void encrypt(CMTItem *data);
+static void decrypt(CMTItem *data);
+
+const char *kPrefix = "Encrypted";
+
+/* encryption request */
+CMTStatus
+CMT_DoEncryptionRequest(CMTItem *message)
+{
+  CMTStatus rv = CMTSuccess;
+  EncryptRequestMessage request;
+  EncryptReplyMessage reply;
+  CMUint32 pLen = strlen(kPrefix);
+
+  /* Initialize */
+  request.keyid.data = 0;
+  request.data.data = 0;
+  reply.item.data = 0;
+
+  /* Decode incoming message */
+  rv = CMT_DecodeMessage(EncryptRequestTemplate, &request, message);
+  if (rv != CMTSuccess) goto loser;  /* Protocol error */
+
+  /* Free incoming message */
+  free(message->data);
+  message->data = NULL;
+
+  /* "Encrypt" by prefixing the data */
+  reply.item.len = request.data.len + pLen;
+  reply.item.data = calloc(reply.item.len, 1);
+  if (!reply.item.data) {
+	rv = CMTFailure;
+	goto loser;
+  }
+
+  if (pLen) memcpy(reply.item.data, kPrefix, pLen);
+  encrypt(&request.data);
+  memcpy(&reply.item.data[pLen], request.data.data, request.data.len);
+  
+  /* Generate response */
+  message->type = SSM_SDR_ENCRYPT_REPLY;
+  rv = CMT_EncodeMessage(EncryptReplyTemplate, message, &reply);
+  if (rv != CMTSuccess) goto loser;  /* Unknown error */
+
+loser:
+  if (request.keyid.data) free(request.keyid.data);
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
+  if (reply.item.data) free(reply.item.data);
+
+  return rv;
+}
+
+/* decryption request */
+CMTStatus
+CMT_DoDecryptionRequest(CMTItem *message)
+{
+  CMTStatus rv = CMTSuccess;
+  DecryptRequestMessage request;
+  DecryptReplyMessage reply;
+  CMUint32 pLen = strlen(kPrefix);
+
+  /* Initialize */
+  request.data.data = 0;
+  request.ctx.data = 0;
+  reply.item.data = 0;
+
+  /* Decode the message */
+  rv = CMT_DecodeMessage(DecryptRequestTemplate, &request, message);
+  if (rv != CMTSuccess) goto loser;
+
+  /* Free incoming message */
+  free(message->data);
+  message->data = NULL;
+
+  /* "Decrypt" the message by removing the key */
+  if (pLen && memcmp(request.data.data, kPrefix, pLen) != 0) {
+    rv = CMTFailure;  /* Invalid format */
+    goto loser;
+  }
+
+  reply.item.len = request.data.len - pLen;
+  reply.item.data = calloc(reply.item.len, 1);
+  if (!reply.item.data) { rv = CMTFailure;  goto loser; }
+
+  memcpy(reply.item.data, &request.data.data[pLen], reply.item.len);
+  decrypt(&reply.item);
+
+  /* Create reply message */
+  message->type = SSM_SDR_DECRYPT_REPLY;
+  rv = CMT_EncodeMessage(DecryptReplyTemplate, message, &reply);
+  if (rv != CMTSuccess) goto loser;
+
+loser:
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
+  if (reply.item.data) free(reply.item.data);
+
+  return rv;
+}
+
+/* "encrypt" */
+static unsigned char mask[64] = {
+ 0x73, 0x46, 0x1a, 0x05, 0x24, 0x65, 0x43, 0xb4, 0x24, 0xee, 0x79, 0xc1, 0xcc,
+ 0x49, 0xc7, 0x27, 0x11, 0x91, 0x2e, 0x8f, 0xaa, 0xf7, 0x62, 0x75, 0x41, 0x7e,
+ 0xb2, 0x42, 0xde, 0x1b, 0x42, 0x7b, 0x1f, 0x33, 0x49, 0xca, 0xd1, 0x6a, 0x85,
+ 0x05, 0x6c, 0xf9, 0x0e, 0x3e, 0x72, 0x02, 0xf2, 0xd8, 0x9d, 0xa1, 0xb8, 0x6e,
+ 0x03, 0x18, 0x3e, 0x82, 0x86, 0x34, 0x1a, 0x61, 0xd9, 0x65, 0xb6, 0x7f
+};
+
+static void
+encrypt(CMTItem *data)
+{
+  unsigned int i, j;
+
+  j = 0;
+  for(i = 0;i < data->len;i++)
+  {
+    data->data[i] ^= mask[j];
+
+    if (++j >= 64) j = 0;
+  }
+}
+
+static void
+decrypt(CMTItem *data)
+{
+  encrypt(data);
+}
+
+

mozilla/security/psm/lib/protocol/protocolshr.h

@@ -0,0 +1,48 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*
+  protocolshr.h - Definitions of shared routines for both client and server
+    These are mostly for testing.
+ */
+
+#ifndef __PROTOCOLSHR_H__
+#define __PROTOCOLSHR_H__
+
+CMTStatus
+CMT_DoEncryptionRequest(CMTItem *message);
+
+CMTStatus
+CMT_DoDecryptionRequest(CMTItem *meessage);
+
+
+#endif /* __PROTOCOLSHR_H__ */

mozilla/security/psm/lib/protocol/protocoltest.c

@@ -0,0 +1,207 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "protocolf.h"
+#include <stdio.h>
+  
+ 
+int main() 
+{
+  void * blob, * recvd;
+  int blobSize;
+  SSMPRUint32 version, flags, port, connID, keySize, secretKeySize;
+  SSMPRUint32 sessionID, httpPort;
+  SSMPRInt32 result;
+  char *profile, * nonce, * hostIP, * hostName, * cipher, * CA;
+  SSMPRStatus rv;
+  
+  
+  /*
+   * Test functions to pack and parse HelloRequest message 
+   */
+  version = 3;
+  profile = (char *)SSMPORT_ZAlloc(strlen("profile"));
+  sprintf(profile, "profile");
+  printf("HelloRequest, packing version #%d, profile %s\n", 
+	 version, profile);
+  blobSize = SSM_PackHelloRequest(&blob, version, profile);
+  if (!blobSize)
+    printf("Error in PackHelloRequest: %d\n", SSMPR_GetError());
+  SSMPORT_Free(profile);
+  version = 0;
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);
+  rv = SSM_ParseHelloRequest(recvd, &version, &profile);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseHelloRequest: %d\n", SSMPR_GetError());
+  printf("HelloRequest, parsing version #%d, profile %s\n", 
+	 version, profile);
+
+
+  /* 
+   * Test functions to parse and pack HelloReply message
+   */
+  version = 5;
+  result = 2;
+  sessionID = 34567;
+  httpPort = 87654;
+  nonce = (char *)SSMPORT_ZAlloc(strlen("some secret nonce"));
+  sprintf(nonce, "some secret nonce");
+  printf("HelloReply, packing result %d, sessionID %d, version #%d, httpPort %d,\n nonce %s\n", 
+	 result, sessionID, version, httpPort, nonce);
+  blobSize = SSM_PackHelloReply(&blob, result, sessionID, version, httpPort, 
+				nonce);
+  if (!blobSize) 
+    printf("Error in PackHelloReply: %d\n", SSMPR_GetError());
+  memset(nonce, 0, strlen(nonce));
+  SSMPORT_Free(nonce);
+  version = result = sessionID = httpPort = 0;
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);
+  rv = SSM_ParseHelloReply(recvd, &result, &sessionID, &version, &httpPort, 
+			   &nonce);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseHelloReply: %d\n", SSMPR_GetError());
+  printf("HelloReply, parsing result %d, sessionID %d, version #%d, httpPort %d, \n nonce %s\n", 
+	 result, sessionID, version, httpPort, nonce);
+  
+  /*
+   * Test functions to parse and pack SSLDataConnectionRequest message
+   */
+  flags = 0x00044000;
+  port = 34567;
+  hostIP = (char *)SSMPORT_ZAlloc(strlen("somehostIP"));
+  sprintf(hostIP, "somehostIP");
+  hostName = (char *)SSMPORT_ZAlloc(strlen("somehostName"));
+  sprintf(hostName, "somehostName");
+  printf("SSLDataConnRequest, packing flags %x, port %d, hostIP %s, hostName %s\n", 
+	 flags, port, hostIP, hostName);
+  blobSize = SSM_PackSSLDataConnectionRequest(&blob, flags, port, hostIP, 
+					  hostName);
+  if (!blobSize) 
+    printf("Error in PackSSLDataConnectionRequest: %d\n", SSMPR_GetError());
+  SSMPORT_Free(hostIP);
+  SSMPORT_Free(hostName);
+  flags = port = 0;
+  
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);  
+  
+  rv = SSM_ParseSSLDataConnectionRequest(recvd, &flags, &port, &hostIP, 
+					 &hostName);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseSSLDataConnectionRequest: %d\n", SSMPR_GetError());
+  printf(
+"SSLDataConnRequest, parsing flags %x, port %d, hostIP %s, hostName %s\n", 
+	 flags, port, hostIP, hostName);
+  SSMPORT_Free(hostIP);
+  SSMPORT_Free(hostName);
+  
+  
+  /*
+   * Test functions to parse and pack SSLDataConnectionReply message 
+   */
+  result = 2;
+  connID = 713259;
+  port = 57402;
+  printf("SSLDataConnReply, packing result %d, connectionID %d, port %d\n",
+	 result, connID, port);
+  blobSize = SSM_PackSSLDataConnectionReply(&blob, result, connID, port);
+  if (!blobSize) 
+    printf("Error in PackSSLDataConnReply: %d\n", SSMPR_GetError());
+  result = connID = port = 0;
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);
+  rv = SSM_ParseSSLDataConnectionReply(recvd, &result, &connID, &port);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseSSLDataConnectionReply: %d\n", SSMPR_GetError());
+  printf("SSLDataConnReply, parsing result %d, connectionID %d, port %d\n", 
+	 result, connID, port);
+  
+  
+  /* 
+   * Test functions to parse and pack SecurityStatusRequest message
+   */
+  connID = 45375;
+  printf("SecurityStatusRequest, packing connection ID %d\n", connID);
+  blobSize = SSM_PackSecurityStatusRequest(&blob, connID);
+  if (!blobSize)  
+    printf("Error in PackSecurityStatusRequest: %d\n", SSMPR_GetError());
+  connID = 0;
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);
+  rv = SSM_ParseSecurityStatusRequest(recvd, &connID);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseSecurityStatusRequest: %d\n", SSMPR_GetError());
+  printf("SecurityStatusRequest, parsing connection ID %d\n", connID);
+  
+
+  /* 
+   * Test functions to parse and pack SecurityStatusReply message 
+   */
+  result = 2;
+  keySize = 256;
+  secretKeySize = 511;
+  cipher = (char *)SSMPORT_ZAlloc(strlen("My Cipher"));
+  sprintf(cipher, "My Cipher");
+  CA = (char *)SSMPORT_ZAlloc(strlen("My CA issuer"));
+  sprintf(CA, "My CA issuer");
+  printf("SecurityStatusReply, packing result %d, keysize %d, secretKeySize %d, cipher %s, CA %s\n", result, keySize, secretKeySize, cipher, CA);
+  blobSize = SSM_PackSecurityStatusReply(&blob, result, keySize, secretKeySize, cipher, CA);
+  if (!blobSize) 
+    printf("Error in PackSecurityStatusReply: %d\n", SSMPR_GetError());
+  result = keySize = secretKeySize = 0;
+  SSMPORT_Free(cipher);
+  SSMPORT_Free(CA);
+  recvd = (void *)SSMPORT_ZAlloc(blobSize);
+  if (!recvd) printf("Can't allocate %d bytes of memory!\n", blobSize);
+  memcpy(recvd, blob, blobSize);
+  SSMPORT_Free(blob);
+  rv = SSM_ParseSecurityStatusReply(recvd, &result, &keySize, &secretKeySize, 
+				    &cipher, &CA);
+  if (rv != SSMPR_SUCCESS) 
+    printf("Error in ParseSecurityStatusReply: %d\n", SSMPR_GetError());
+  printf("SecurityStatusReply, parsing result %d, keysize %d, secretKeySize %d, cipher %s, CA %s\n", result, keySize, secretKeySize, cipher, CA);
+}     
+
+
+

mozilla/security/psm/lib/protocol/protocolutil.c

@@ -0,0 +1,130 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#include "protocol.h"
+#include "prmem.h"
+#include "prnetdb.h"
+#include <string.h>
+
+#ifndef NSPR20
+#include "protocolport.c"
+#endif
+
+CMStatus SSM_SSMStringToString(char ** string,
+			       int *len, 
+			       SSMString * ssmString) 
+{
+  char * str = NULL;
+  int realLen;
+  PRStatus rv =PR_SUCCESS;
+
+  if (!ssmString || !string ) { 
+    rv = PR_INVALID_ARGUMENT_ERROR;
+    goto loser;
+  }
+
+  /* in case we fail */
+  *string = NULL;
+  if (len) *len = 0;
+
+  /* Convert from net byte order */
+  realLen = SSMPR_ntohl(ssmString->m_length);
+
+  str = (char *)PR_CALLOC(realLen+1); /* add 1 byte for end 0 */
+  if (!str) {
+    rv = PR_OUT_OF_MEMORY_ERROR;
+    goto loser;
+  }
+  
+  memcpy(str, (char *) &(ssmString->m_data), realLen);
+  /* str[realLen]=0; */
+
+  if (len) *len = realLen;
+  *string = str;
+  return rv;
+  
+loser:
+  if (str) 
+    PR_Free(str);
+  if (string && *string) {
+    PR_Free(*string);
+    *string = NULL;
+  }
+  if (rv == PR_SUCCESS) 
+    rv = PR_FAILURE;
+  return rv;
+}
+
+
+CMStatus SSM_StringToSSMString(SSMString ** ssmString, int length, 
+				  char * string)
+{
+  SSMPRUint32 len;
+  SSMString *result = NULL;
+  PRStatus rv = PR_SUCCESS;
+  
+  if (!string || !ssmString) {
+    rv = PR_INVALID_ARGUMENT_ERROR;
+    goto loser;
+  }
+
+  *ssmString = NULL; /* in case we fail */
+
+  if (length) len = length; 
+  else len = strlen(string);
+  if (len <= 0) {
+    rv = PR_INVALID_ARGUMENT_ERROR;
+    goto loser;
+  }
+  result = (SSMString *) PR_CALLOC(sizeof(PRUint32) + 
+				   SSMSTRING_PADDED_LENGTH(len));
+  if (!result) {
+    rv = PR_OUT_OF_MEMORY_ERROR;
+    goto loser;
+  }
+
+  result->m_length = SSMPR_htonl(len);
+  memcpy((char *) (&(result->m_data)), string, len);
+
+  *ssmString = result;
+  goto done;
+  
+loser:
+  if (result)
+    PR_Free(result);
+  *ssmString = NULL;
+  if (rv == PR_SUCCESS)
+    rv = PR_FAILURE;
+done:
+  return rv;
+}
+

mozilla/security/psm/lib/protocol/rsrcids.h

@@ -0,0 +1,165 @@
+/* -*- mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __SSM_RSRCIDS_H__
+#define __SSM_RSRCIDS_H__
+
+#include "ssmdefs.h"
+
+/*
+ * IMPORTANT:
+ *
+ * To preserve backward compatibility as much as possible, always add new 
+ * values to either one of the enumeration tables at the end of the table.
+ */
+
+typedef enum 
+{
+    SSM_RESTYPE_NULL = 0L,
+    SSM_RESTYPE_RESOURCE,
+    SSM_RESTYPE_CONNECTION,
+    SSM_RESTYPE_CONTROL_CONNECTION,
+    SSM_RESTYPE_DATA_CONNECTION,
+    SSM_RESTYPE_SSL_DATA_CONNECTION,
+    SSM_RESTYPE_PKCS7_DECODE_CONNECTION,
+    SSM_RESTYPE_PKCS7_ENCODE_CONNECTION,
+    SSM_RESTYPE_HASH_CONNECTION,
+    
+    SSM_RESTYPE_CERTIFICATE,
+    SSM_RESTYPE_SSL_SOCKET_STATUS,
+    SSM_RESTYPE_PKCS7_CONTENT_INFO,
+    SSM_RESTYPE_KEY_PAIR,
+    SSM_RESTYPE_CRMF_REQUEST,
+    SSM_RESTYPE_KEYGEN_CONTEXT,
+    SSM_RESTYPE_SECADVISOR_CONTEXT,
+    SSM_RESTYPE_SIGNTEXT,
+    SSM_RESTYPE_PKCS12_CONTEXT,
+    SSM_RESTYPE_MAX
+} SSMResourceType;
+
+/* Attribute/resource types */
+
+/* Attribute IDs */
+typedef enum
+{
+    SSM_FID_NULL = (CMUint32) 0, /* placeholder */
+
+    /* Connection attributes */
+    SSM_FID_CONN_ALIVE,
+    SSM_FID_CONN_PARENT,
+
+    /* Data connection attributes */
+    SSM_FID_CONN_DATA_PENDING,
+
+    /* SSL data connection attributes */
+    SSM_FID_SSLDATA_SOCKET_STATUS,
+    SSM_FID_SSLDATA_ERROR_VALUE,
+
+    /* PKCS7 decode connection attributes */
+    SSM_FID_P7CONN_CONTENT_INFO,
+    SSM_FID_P7CONN_RETURN_VALUE,
+    SSM_FID_P7CONN_ERROR_VALUE,
+
+    /* Hash connection attributes */
+    SSM_FID_HASHCONN_RESULT,
+
+    /* Certificate attributes */
+    SSM_FID_CERT_SUBJECT_NAME,
+    SSM_FID_CERT_ISSUER_NAME,
+    SSM_FID_CERT_SERIAL_NUMBER,
+    SSM_FID_CERT_EXP_DATE,
+    SSM_FID_CERT_FINGERPRINT,
+    SSM_FID_CERT_COMMON_NAME,
+    SSM_FID_CERT_NICKNAME,
+    SSM_FID_CERT_ORG_NAME,
+    SSM_FID_CERT_HTML_CERT,
+    SSM_FID_CERT_PICKLE_CERT,
+    SSM_FID_CERT_CERTKEY,
+    SSM_FID_CERT_FIND_CERT_ISSUER,
+    SSM_FID_CERT_EMAIL_ADDRESS,
+    SSM_FID_CERT_ISPERM,
+
+    /* SSL socket status attributes */
+    SSM_FID_SSS_KEYSIZE,
+    SSM_FID_SSS_SECRET_KEYSIZE,
+    SSM_FID_SSS_CERT_ID,
+    SSM_FID_SSS_CIPHER_NAME,
+    SSM_FID_SSS_SECURITY_LEVEL,
+    SSM_FID_SSS_HTML_STATUS,
+
+    /* PKCS7 content info attributes */
+    SSM_FID_P7CINFO_IS_SIGNED,
+    SSM_FID_P7CINFO_IS_ENCRYPTED,
+    SSM_FID_P7CINFO_SIGNER_CERT,
+
+    /* CRMF ID's */
+    SSM_FID_CRMFREQ_REGTOKEN,
+    SSM_FID_CRMFREQ_AUTHENTICATOR,
+    SSM_FID_CRMFREQ_EXTENSIONS,
+    SSM_FID_CRMFREQ_KEY_TYPE,
+    SSM_FID_CRMFREQ_DN,
+
+    /* Security advisor context */
+    SSM_FID_SECADVISOR_URL,
+    SSM_FID_SECADVISOR_WIDTH,
+    SSM_FID_SECADVISOR_HEIGHT,
+
+    /* Sign Text */
+    SSM_FID_SIGNTEXT_RESULT,
+
+    /* Key Gen ID's */
+    SSM_FID_KEYGEN_ESCROW_AUTHORITY,
+
+    /* Key Pair ID's */
+    SSM_FID_KEYPAIR_KEY_GEN_TYPE,
+
+    /* Session Attributes */
+    SSM_FID_DEFAULT_EMAIL_RECIPIENT_CERT,
+    SSM_FID_DEFAULT_EMAIL_SIGNER_CERT,
+
+    /* Client Context Attribute */
+    SSM_FID_CLIENT_CONTEXT,
+
+	/* Resource Error */
+	SSM_FID_RESOURCE_ERROR,
+
+    SSM_FID_KEYGEN_SLOT_NAME,
+    SSM_FID_DISABLE_ESCROW_WARN,
+    SSM_FID_KEYGEN_TOKEN_NAME,
+
+    SSM_FID_SSLDATA_DISCARD_SOCKET_STATUS,
+
+    SSM_FID_MAX /* placeholder */
+} SSMAttributeID;
+
+#endif

mozilla/security/psm/lib/protocol/ssmdefs.h

@@ -0,0 +1,324 @@
+/* -*- mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+#ifndef __SSMDEFS_H__
+#define __SSMDEFS_H__
+
+/* Basic type definitions for both client and server. */
+typedef long CMInt32;
+typedef unsigned long CMUint32;
+typedef long SSMResourceID;
+
+typedef int SSMStatus;
+
+#define PSM_PORT                        11111
+#define PSM_DATA_PORT                   11113 /* needs to be removed */
+ 
+typedef enum _CMTStatus {
+  CMTFailure = -1,
+  CMTSuccess = 0
+} CMTStatus;
+
+typedef enum {
+   CM_FALSE = 0,
+   CM_TRUE = 1
+} CMBool;
+ 
+typedef struct CMTItemStr {
+  CMUint32 type;
+  unsigned char *data;
+  unsigned int len;
+} CMTItem;
+
+/* A length-encoded string. */
+struct _SSMString {
+  CMUint32 m_length;
+  char m_data;
+};
+typedef struct _SSMString SSMString;
+
+#define SSM_PROTOCOL_VERSION 0x00000051
+
+#define SSM_INVALID_RESOURCE 0x00000000
+#define SSM_GLOBAL_RESOURCE  0x00000001
+#define SSM_SESSION_RESOURCE 0x00000002
+
+/* Message category flags */
+#define SSM_REQUEST_MESSAGE     0x10000000
+#define SSM_REPLY_OK_MESSAGE    0x20000000
+#define SSM_REPLY_ERR_MESSAGE   0x30000000
+#define SSM_EVENT_MESSAGE       0x40000000
+
+/* Message types */
+#define SSM_DATA_CONNECTION   0x00001000
+#define SSM_OBJECT_SIGNING    0x00002000
+#define SSM_RESOURCE_ACTION   0x00003000
+#define SSM_CERT_ACTION       0x00004000
+#define SSM_PKCS11_ACTION     0x00005000
+#define SSM_CRMF_ACTION       0x00006000
+#define SSM_FORMSIGN_ACTION   0x00007000
+#define SSM_LOCALIZED_TEXT    0x00008000
+#define SSM_HELLO_MESSAGE     0x00009000
+#define SSM_SECURITY_ADVISOR  0x0000a000
+#define SSM_SEC_CFG_ACTION    0x0000b000
+#define SSM_KEYGEN_TAG        0x0000c000
+#define SSM_PREF_ACTION       0x0000d000
+#define SSM_MISC_ACTION       0x0000f000
+
+/* Data connection messages subtypes */ 
+#define SSM_SSL_CONNECTION      0x00000100
+#define SSM_PKCS7DECODE_STREAM  0x00000200
+#define SSM_PKCS7ENCODE_STREAM  0x00000300
+#define SSM_HASH_STREAM         0x00000400
+#define SSM_TLS_CONNECTION      0x00000500
+#define SSM_PROXY_CONNECTION    0x00000600
+
+/* Object signing message subtypes */
+#define SSM_VERIFY_RAW_SIG      0x00000100
+#define SSM_VERIFY_DETACHED_SIG 0x00000200
+#define SSM_CREATE_SIGNED       0x00000300
+#define SSM_CREATE_ENCRYPTED    0x00000400
+
+/* Resource access messages subtypes  */
+#define SSM_CREATE_RESOURCE           0x00000100
+#define SSM_DESTROY_RESOURCE          0x00000200
+#define SSM_GET_ATTRIBUTE             0x00000300
+#define SSM_CONSERVE_RESOURCE         0x00000400
+#define SSM_DUPLICATE_RESOURCE        0x00000500
+#define SSM_SET_ATTRIBUTE             0x00000600
+#define SSM_TLS_STEPUP                0x00000700
+#define SSM_PROXY_STEPUP              0x00000800
+
+/* Further specification for resource access messages */
+#define SSM_SSLSocket_Status    0x00000010
+
+#define SSM_NO_ATTRIBUTE        0x00000000
+#define SSM_NUMERIC_ATTRIBUTE   0x00000010
+#define SSM_STRING_ATTRIBUTE    0x00000020
+#define SSM_RID_ATTRIBUTE       0x00000030
+
+#define SSM_PICKLE_RESOURCE             0x00000010
+#define SSM_UNPICKLE_RESOURCE           0x00000020
+#define SSM_PICKLE_SECURITY_STATUS      0x00000030
+
+/* Certificate access message subtypes */
+#define SSM_IMPORT_CERT         0x00000100
+#define SSM_VERIFY_CERT         0x00000200
+#define SSM_FIND_BY_NICKNAME    0x00000300
+#define SSM_FIND_BY_KEY         0x00000400
+#define SSM_FIND_BY_EMAILADDR   0x00000500
+#define SSM_ADD_TO_DB           0x00000600
+#define SSM_DECODE_CERT         0x00000700
+#define SSM_MATCH_USER_CERT     0x00000800
+#define SSM_DESTROY_CERT        0x00000900
+#define SSM_DECODE_TEMP_CERT    0x00000a00
+#define SSM_REDIRECT_COMPARE    0x00000b00
+#define SSM_DECODE_CRL          0x00000c00
+#define SSM_EXTENSION_VALUE     0x00000d00
+#define SSM_HTML_INFO           0x00000e00
+
+/* message subtypes used for KEYGEN form tag */
+#define SSM_GET_KEY_CHOICE       0x00000100
+#define SSM_KEYGEN_START         0x00000200
+#define SSM_KEYGEN_TOKEN         0x00000300
+#define SSM_KEYGEN_PASSWORD      0x00000400
+#define SSM_KEYGEN_DONE          0x00000500
+
+#define SSM_CREATE_KEY_PAIR    0x00000100
+#define SSM_FINISH_KEY_GEN     0x00000200
+#define SSM_ADD_NEW_MODULE     0x00000300
+#define SSM_DEL_MODULE         0x00000400
+#define SSM_LOGOUT_ALL         0x00000500
+#define SSM_ENABLED_CIPHERS    0x00000600
+
+#define SSM_CREATE_CRMF_REQ    0x00000100
+#define SSM_DER_ENCODE_REQ     0x00000200
+#define SSM_PROCESS_CMMF_RESP  0x00000300
+#define SSM_CHALLENGE          0x00000400
+
+#define SSM_SIGN_TEXT  0x00000100
+
+/* Security Config subtypes */
+#define SSM_ADD_CERT_TO_TEMP_DB     0x00000100
+#define SSM_ADD_TEMP_CERT_TO_DB     0x00000200
+#define SSM_DELETE_PERM_CERTS       0x00000300
+#define SSM_FIND_CERT_KEY           0x00000400
+#define SSM_GET_CERT_PROP_BY_KEY    0x00000500
+#define SSM_CERT_INDEX_ENUM         0x00000600
+
+/* subcategories for SSM_FIND_CERT_KEY and SSM_CERT_INDEX_ENUM */
+#define SSM_FIND_KEY_BY_NICKNAME    0x00000010
+#define SSM_FIND_KEY_BY_EMAIL_ADDR  0x00000020
+#define SSM_FIND_KEY_BY_DN          0x00000030
+
+/* subcategories for SSM_GET_CERT_PROP_BY_KEY */
+#define SSM_SECCFG_GET_NICKNAME      0x00000010
+#define SSM_SECCFG_GET_EMAIL_ADDR    0x00000020
+#define SSM_SECCFG_GET_DN            0x00000030
+#define SSM_SECCFG_GET_TRUST         0x00000040
+#define SSM_SECCFG_CERT_IS_PERM      0x00000050
+#define SSM_SECCFG_GET_NOT_BEFORE    0x00000060
+#define SSM_SECCFG_GET_NOT_AFTER     0x00000070
+#define SSM_SECCFG_GET_SERIAL_NO     0x00000080
+#define SSM_SECCFG_GET_ISSUER        0x00000090
+#define SSM_SECCFG_GET_ISSUER_KEY    0x000000a0
+#define SSM_SECCFG_GET_SUBJECT_NEXT  0x000000b0
+#define SSM_SECCFG_GET_SUBJECT_PREV  0x000000c0
+
+/* Misc requests */
+#define SSM_MISC_GET_RNG_DATA      0x00000100
+#define SSM_MISC_PUT_RNG_DATA      0x00000200
+#define SSM_MISC_SDR_ENCRYPT       0x00000300
+#define SSM_MISC_SDR_DECRYPT       0x00000400
+#define SSM_MISC_UI                0x00000500
+
+/* specific UI requests */
+#define SSM_UI_CHANGE_PASSWORD     0x00000010
+
+#define SSM_SDR_ENCRYPT_REQUEST \
+  (SSM_REQUEST_MESSAGE|SSM_MISC_ACTION|SSM_MISC_SDR_ENCRYPT)
+#define SSM_SDR_ENCRYPT_REPLY \
+  (SSM_REPLY_OK_MESSAGE|SSM_MISC_ACTION|SSM_MISC_SDR_ENCRYPT)
+#define SSM_SDR_DECRYPT_REQUEST \
+  (SSM_REQUEST_MESSAGE|SSM_MISC_ACTION|SSM_MISC_SDR_DECRYPT)
+#define SSM_SDR_DECRYPT_REPLY \
+  (SSM_REPLY_OK_MESSAGE|SSM_MISC_ACTION|SSM_MISC_SDR_DECRYPT)
+
+/* Type masks for message types */
+#define SSM_CATEGORY_MASK   0xF0000000
+#define SSM_TYPE_MASK       0x0000F000
+#define SSM_SUBTYPE_MASK    0x00000F00
+#define SSM_SPECIFIC_MASK   0x000000F0
+
+typedef struct SSMAttributeValue {
+  CMUint32 type;
+  union {
+    SSMResourceID rid;
+    CMTItem string;
+    CMInt32 numeric;
+  } u;
+} SSMAttributeValue;
+
+typedef enum {
+  rsaEnc, rsaDualUse, rsaSign, rsaNonrepudiation, rsaSignNonrepudiation,
+  dhEx, dsaSignNonrepudiation, dsaSign, dsaNonrepudiation, invalidKeyGen
+} SSMKeyGenType;
+
+typedef enum {
+  ssmUnknownPolicy= -1,ssmDomestic=0, ssmExport=1, ssmFrance=2
+} SSMPolicyType;
+
+/* These are the localized strings that PSM can feed back to 
+ * the plug-in.  These will initially be used by the plug-in for 
+ * JavaScript purposes to pop up alert/confirm dialogs that would 
+ * cause nightmares to do if we sent UI events.
+ */
+typedef enum {
+  SSM_STRING_BAD_PK11_LIB_PARAM,
+  SSM_STRING_BAD_PK11_LIB_PATH,
+  SSM_STRING_ADD_MOD_SUCCESS,
+  SSM_STRING_DUP_MOD_FAILURE,
+  SSM_STRING_ADD_MOD_FAILURE,
+  SSM_STRING_BAD_MOD_NAME,
+  SSM_STRING_EXT_MOD_DEL,
+  SSM_STRING_INT_MOD_DEL,
+  SSM_STRING_MOD_DEL_FAIL,
+  SSM_STRING_ADD_MOD_WARN,
+  SSM_STRING_MOD_PROMPT,
+  SSM_STRING_DLL_PROMPT,
+  SSM_STRING_DEL_MOD_WARN,
+  SSM_STRING_INVALID_CRL,
+  SSM_STRING_INVALID_CKL,
+  SSM_STRING_ROOT_CKL_CERT_NOT_FOUND,
+  SSM_STRING_BAD_CRL_SIGNATURE,
+  SSM_STRING_BAD_CKL_SIGNATURE,
+  SSM_STRING_ERR_ADD_CRL,
+  SSM_STRING_ERR_ADD_CKL,
+  SSM_STRING_JAVASCRIPT_DISABLED
+} SSMLocalizedString;
+
+/* Event types */
+#define SSM_UI_EVENT                    0x00001000
+#define SSM_TASK_COMPLETED_EVENT        0x00002000
+#define SSM_FILE_PATH_EVENT             0x00003000
+#define SSM_PROMPT_EVENT                0x00004000
+#define SSM_AUTH_EVENT                  0x00007000
+#define SSM_SAVE_PREF_EVENT             0x00008000
+#define SSM_MISC_EVENT                  0x0000f000
+
+/* Flags used in Create SSL Data request */
+#define SSM_REQUEST_SSL_DATA_SSL         0x00000001
+#define SSM_REQUEST_SSL_DATA_PROXY       0x00000002
+#define SSM_REQUEST_SSL_CONNECTION_MASK  0x00000003
+
+/* Create typedefs for the various #defines */
+typedef CMUint32 SSMMessageCategory;
+typedef CMUint32 SSMMessageType;
+typedef CMUint32 SSMDataConnectionSType;
+typedef CMUint32 SSMObjSignSType;
+typedef CMUint32 SSMResourceAccessSType;
+typedef CMUint32 SSMCreateResource;
+typedef CMUint32 SSMResourceAttrType;
+typedef CMUint32 SSMResourceConsv;
+typedef CMUint32 SSMCertAccessSType;
+typedef CMUint32 SSMKeyGenTagProcessType;
+typedef CMUint32 SSMPKCS11Actions;
+typedef CMUint32 SSMCRMFAction;
+typedef CMUint32 SSMFormSignAction;
+typedef CMUint32 SSMSecCfgAction;
+typedef CMUint32 SSMSecCfgFindByType;
+typedef CMUint32 SSMSecCfgGetCertPropType;
+typedef CMUint32 SSMMiscRequestType;
+typedef CMUint32 SSMMessageMaskType;
+typedef CMUint32 SSMEventType;
+typedef CMUint32 SSMSSLConnectionRequestType;
+
+/*
+ * This string is version that can be used to assemble any
+ * version information by the apllication using the protocol 
+ * library.
+ */
+extern char SSMVersionString[];
+
+/* What type of client */
+typedef enum
+{
+    SSM_NOINFO,
+    SSM_COMPOSE,
+    SSM_MAIL_MESSAGE,
+    SSM_NEWS_MESSAGE,
+    SSM_SNEWS_MESSAGE,
+    SSM_BROWSER
+} SSMClientType;
+
+#endif /* __SSMDEFS_H__ */

mozilla/security/psm/lib/protocol/templates.c

@@ -0,0 +1,628 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+
+#include "stddef.h"
+#include "messages.h"
+
+CMTMessageTemplate SingleNumMessageTemplate[] =
+{
+  { CMT_DT_INT, offsetof(SingleNumMessage, value) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate SingleStringMessageTemplate[] =
+{
+  { CMT_DT_STRING, offsetof(SingleStringMessage, string) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate SingleItemMessageTemplate[] =
+{
+  { CMT_DT_ITEM, offsetof(SingleItemMessage, item) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate HelloRequestTemplate[] =
+{
+  { CMT_DT_INT, offsetof(HelloRequest, version) },
+  { CMT_DT_INT, offsetof(HelloRequest, policy) },
+  { CMT_DT_BOOL, offsetof(HelloRequest, doesUI) },
+  { CMT_DT_STRING, offsetof(HelloRequest, profile) },
+  { CMT_DT_STRING, offsetof(HelloRequest, profileDir) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate HelloReplyTemplate[] =
+{
+  { CMT_DT_INT, offsetof(HelloReply, result) },
+  { CMT_DT_INT, offsetof(HelloReply, sessionID) },
+  { CMT_DT_INT, offsetof(HelloReply, version) },
+  { CMT_DT_STRING, offsetof(HelloReply, stringVersion) },
+  { CMT_DT_INT, offsetof(HelloReply, httpPort) },
+  { CMT_DT_INT, offsetof(HelloReply, policy) },
+  { CMT_DT_ITEM, offsetof(HelloReply, nonce) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate SSLDataConnectionRequestTemplate[] =
+{
+  { CMT_DT_INT, offsetof(SSLDataConnectionRequest, flags) },
+  { CMT_DT_INT, offsetof(SSLDataConnectionRequest, port) },
+  { CMT_DT_STRING, offsetof(SSLDataConnectionRequest, hostIP) },
+  { CMT_DT_STRING, offsetof(SSLDataConnectionRequest, hostName) },
+  { CMT_DT_BOOL, offsetof(SSLDataConnectionRequest, forceHandshake) },
+  { CMT_DT_ITEM, offsetof(SSLDataConnectionRequest, clientContext) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate TLSDataConnectionRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(TLSDataConnectionRequest, port) },
+    { CMT_DT_STRING, offsetof(TLSDataConnectionRequest, hostIP) },
+    { CMT_DT_STRING, offsetof(TLSDataConnectionRequest, hostName) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate TLSStepUpRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(TLSStepUpRequest, connID) },
+    { CMT_DT_ITEM, offsetof(TLSStepUpRequest, clientContext) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate ProxyStepUpRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(ProxyStepUpRequest, connID) },
+    { CMT_DT_ITEM, offsetof(ProxyStepUpRequest, clientContext) },
+    { CMT_DT_STRING, offsetof(ProxyStepUpRequest, url) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PKCS7DataConnectionRequestTemplate[] =
+{
+  { CMT_DT_INT, offsetof(PKCS7DataConnectionRequest, resID) },
+  { CMT_DT_ITEM, offsetof(PKCS7DataConnectionRequest, clientContext) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate DataConnectionReplyTemplate[] =
+{
+  { CMT_DT_INT, offsetof(DataConnectionReply, result) },
+  { CMT_DT_INT, offsetof(DataConnectionReply, connID) },
+  { CMT_DT_INT, offsetof(DataConnectionReply, port) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate UIEventTemplate[] =
+{
+    { CMT_DT_INT, offsetof(UIEvent, resourceID) },
+    { CMT_DT_INT, offsetof(UIEvent, width) },
+    { CMT_DT_INT, offsetof(UIEvent, height) },
+    { CMT_DT_BOOL, offsetof(UIEvent, isModal) },
+    { CMT_DT_STRING, offsetof(UIEvent, url) },
+    { CMT_DT_ITEM, offsetof(UIEvent, clientContext) },
+    { CMT_DT_END }
+};
+
+/*
+ * The old UI Event was missing the modal indication.
+ * As a transition aid, we use the old template if the
+ * "modern" version doesn't work.  Model is true in that case
+ */
+CMTMessageTemplate OldUIEventTemplate[] =
+{
+    { CMT_DT_INT, offsetof(UIEvent, resourceID) },
+    { CMT_DT_INT, offsetof(UIEvent, width) },
+    { CMT_DT_INT, offsetof(UIEvent, height) },
+    { CMT_DT_STRING, offsetof(UIEvent, url) },
+    { CMT_DT_ITEM, offsetof(UIEvent, clientContext) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate TaskCompletedEventTemplate[] =
+{
+    { CMT_DT_INT, offsetof(TaskCompletedEvent, resourceID) },
+    { CMT_DT_INT, offsetof(TaskCompletedEvent, numTasks) },
+    { CMT_DT_INT, offsetof(TaskCompletedEvent, result) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate VerifyDetachedSigRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(VerifyDetachedSigRequest, pkcs7ContentID) },
+    { CMT_DT_INT, offsetof(VerifyDetachedSigRequest, certUsage) },
+    { CMT_DT_INT, offsetof(VerifyDetachedSigRequest, hashAlgID) },
+    { CMT_DT_BOOL, offsetof(VerifyDetachedSigRequest, keepCert) },
+    { CMT_DT_ITEM, offsetof(VerifyDetachedSigRequest, hash) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate CreateSignedRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(CreateSignedRequest, scertRID) },
+    { CMT_DT_INT, offsetof(CreateSignedRequest, ecertRID) },
+    { CMT_DT_INT, offsetof(CreateSignedRequest, dig_alg) },
+    { CMT_DT_ITEM, offsetof(CreateSignedRequest, digest) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate CreateContentInfoReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(CreateContentInfoReply, ciRID) },
+    { CMT_DT_INT, offsetof(CreateContentInfoReply, result) },
+    { CMT_DT_INT, offsetof(CreateContentInfoReply, errorCode) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate CreateEncryptedRequestTemplate[] =
+{
+  { CMT_DT_INT, offsetof(CreateEncryptedRequest, scertRID) },
+  { CMT_DT_LIST, offsetof(CreateEncryptedRequest, nrcerts) },
+  { CMT_DT_INT, offsetof(CreateEncryptedRequest, rcertRIDs) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate CreateResourceRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(CreateResourceRequest, type) },
+    { CMT_DT_ITEM, offsetof(CreateResourceRequest, params) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate CreateResourceReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(CreateResourceReply, result) },
+    { CMT_DT_INT, offsetof(CreateResourceReply, resID) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetAttribRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(GetAttribRequest, resID) },
+    { CMT_DT_INT, offsetof(GetAttribRequest, fieldID) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetAttribReplyTemplate[] =
+{
+  { CMT_DT_INT, offsetof(GetAttribReply, result) },
+  { CMT_DT_CHOICE, offsetof(GetAttribReply, value.type) },
+  { CMT_DT_RID, offsetof(GetAttribReply, value.u.rid), 0, SSM_RID_ATTRIBUTE },
+  { CMT_DT_INT, offsetof(GetAttribReply, value.u.numeric), 0,
+    SSM_NUMERIC_ATTRIBUTE },
+  { CMT_DT_ITEM, offsetof(GetAttribReply, value.u.string), 0,
+    SSM_STRING_ATTRIBUTE},
+  { CMT_DT_END_CHOICE },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate SetAttribRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(SetAttribRequest, resID) },
+    { CMT_DT_INT, offsetof(SetAttribRequest, fieldID) },
+    { CMT_DT_CHOICE, offsetof(SetAttribRequest, value.type) },
+    { CMT_DT_RID, offsetof(SetAttribRequest, value.u.rid), 0, SSM_RID_ATTRIBUTE },
+    { CMT_DT_INT, offsetof(SetAttribRequest, value.u.numeric), 0,
+                            SSM_NUMERIC_ATTRIBUTE },
+    { CMT_DT_ITEM, offsetof(SetAttribRequest, value.u.string), 0,
+                            SSM_STRING_ATTRIBUTE},
+    { CMT_DT_END_CHOICE },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PickleResourceReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PickleResourceReply, result) },
+    { CMT_DT_ITEM, offsetof(PickleResourceReply, blob) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate UnpickleResourceRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(UnpickleResourceRequest, resourceType) },
+    { CMT_DT_ITEM, offsetof(UnpickleResourceRequest, resourceData) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate UnpickleResourceReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(UnpickleResourceReply, result) },
+    { CMT_DT_INT, offsetof(UnpickleResourceReply, resID) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PickleSecurityStatusReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PickleSecurityStatusReply, result) },
+    { CMT_DT_INT, offsetof(PickleSecurityStatusReply, securityLevel) },
+    { CMT_DT_ITEM, offsetof(PickleSecurityStatusReply, blob) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate DupResourceReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(DupResourceReply, result) },
+    { CMT_DT_RID, offsetof(DupResourceReply, resID), 0, SSM_RID_ATTRIBUTE },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate DestroyResourceRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(DestroyResourceRequest, resID) },
+    { CMT_DT_INT, offsetof(DestroyResourceRequest, resType) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate VerifyCertRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(VerifyCertRequest, resID) },
+    { CMT_DT_INT, offsetof(VerifyCertRequest, certUsage) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate AddTempCertToDBRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(AddTempCertToDBRequest, resID) },
+    { CMT_DT_STRING, offsetof(AddTempCertToDBRequest, nickname) },
+    { CMT_DT_INT, offsetof(AddTempCertToDBRequest, sslFlags) },
+    { CMT_DT_INT, offsetof(AddTempCertToDBRequest, emailFlags) },
+    { CMT_DT_INT, offsetof(AddTempCertToDBRequest, objSignFlags) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate MatchUserCertRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(MatchUserCertRequest, certType) },
+    { CMT_DT_LIST, offsetof(MatchUserCertRequest, numCANames) },
+    { CMT_DT_STRING, offsetof(MatchUserCertRequest, caNames) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate MatchUserCertReplyTemplate[] =
+{
+    { CMT_DT_LIST, offsetof(MatchUserCertReply, numCerts) },
+    { CMT_DT_INT, offsetof(MatchUserCertReply, certs) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate EncodeCRMFReqRequestTemplate[] =
+{
+    { CMT_DT_LIST, offsetof(EncodeCRMFReqRequest, numRequests) },
+    { CMT_DT_INT, offsetof(EncodeCRMFReqRequest, reqIDs) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate CMMFCertResponseRequestTemplate[] =
+{
+    { CMT_DT_STRING, offsetof(CMMFCertResponseRequest, nickname) },
+    { CMT_DT_STRING, offsetof(CMMFCertResponseRequest, base64Der) },
+    { CMT_DT_INT,    offsetof(CMMFCertResponseRequest, doBackup) },
+    { CMT_DT_ITEM,   offsetof(CMMFCertResponseRequest, clientContext) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PasswordRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PasswordRequest, tokenKey) },
+    { CMT_DT_STRING, offsetof(PasswordRequest, prompt) },
+    { CMT_DT_ITEM, offsetof(PasswordRequest, clientContext) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PasswordReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PasswordReply, result) },
+    { CMT_DT_INT, offsetof(PasswordReply, tokenID) },
+    { CMT_DT_STRING, offsetof(PasswordReply, passwd) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate KeyPairGenRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(KeyPairGenRequest, keyGenCtxtID) },
+    { CMT_DT_INT, offsetof(KeyPairGenRequest, genMechanism) },
+    { CMT_DT_INT, offsetof(KeyPairGenRequest, keySize) },
+    { CMT_DT_ITEM, offsetof(KeyPairGenRequest, params) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate DecodeAndCreateTempCertRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(DecodeAndCreateTempCertRequest, type) },
+    { CMT_DT_ITEM, offsetof(DecodeAndCreateTempCertRequest, cert) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GenKeyOldStyleRequestTemplate[] =
+{
+    { CMT_DT_STRING, offsetof(GenKeyOldStyleRequest, choiceString) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStyleRequest, challenge) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStyleRequest, typeString) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStyleRequest, pqgString) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GenKeyOldStyleTokenRequestTemplate[] = 
+{
+    { CMT_DT_INT,  offsetof(GenKeyOldStyleTokenRequest, rid)       },
+    { CMT_DT_LIST,  offsetof(GenKeyOldStyleTokenRequest, numtokens) },
+    { CMT_DT_STRING,offsetof(GenKeyOldStyleTokenRequest, tokenNames)},
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GenKeyOldStyleTokenReplyTemplate[] = 
+{
+    { CMT_DT_INT, offsetof(GenKeyOldStyleTokenReply, rid) },
+    { CMT_DT_BOOL, offsetof(GenKeyOldStyleTokenReply, cancel) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStyleTokenReply, tokenName) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GenKeyOldStylePasswordRequestTemplate[] = 
+{
+    { CMT_DT_INT, offsetof(GenKeyOldStylePasswordRequest, rid) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStylePasswordRequest, tokenName) },
+    { CMT_DT_BOOL, offsetof(GenKeyOldStylePasswordRequest, internal) },
+    { CMT_DT_INT, offsetof(GenKeyOldStylePasswordRequest, minpwdlen) },
+    { CMT_DT_INT, offsetof(GenKeyOldStylePasswordRequest, maxpwdlen) }, 
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GenKeyOldStylePasswordReplyTemplate[] = 
+{
+    { CMT_DT_INT, offsetof(GenKeyOldStylePasswordReply, rid) },
+    { CMT_DT_BOOL, offsetof(GenKeyOldStylePasswordReply, cancel) },
+    { CMT_DT_STRING, offsetof(GenKeyOldStylePasswordReply, password) },
+    { CMT_DT_END }
+};
+
+
+CMTMessageTemplate GetKeyChoiceListRequestTemplate[] =
+{
+    { CMT_DT_STRING, offsetof(GetKeyChoiceListRequest, type) },
+    { CMT_DT_STRING, offsetof(GetKeyChoiceListRequest, pqgString) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetKeyChoiceListReplyTemplate[] =
+{
+    { CMT_DT_LIST, offsetof(GetKeyChoiceListReply, nchoices) },
+    { CMT_DT_STRING, offsetof(GetKeyChoiceListReply, choices) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate AddNewSecurityModuleRequestTemplate[] =
+{
+    { CMT_DT_STRING, offsetof(AddNewSecurityModuleRequest, moduleName) },
+    { CMT_DT_STRING, offsetof(AddNewSecurityModuleRequest, libraryPath) },
+    { CMT_DT_INT, offsetof(AddNewSecurityModuleRequest, pubMechFlags) },
+    { CMT_DT_INT, offsetof(AddNewSecurityModuleRequest, pubCipherFlags) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate FilePathRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(FilePathRequest, resID) },
+    { CMT_DT_STRING, offsetof(FilePathRequest, prompt) },
+    { CMT_DT_BOOL, offsetof(FilePathRequest, getExistingFile) },
+    { CMT_DT_STRING, offsetof(FilePathRequest, fileRegEx) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate FilePathReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(FilePathReply, resID) },
+    { CMT_DT_STRING, offsetof(FilePathReply, filePath) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PasswordPromptReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PasswordPromptReply, resID) },
+    { CMT_DT_STRING, offsetof(PasswordPromptReply, promptReply) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate SignTextRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(SignTextRequest, resID) },
+    { CMT_DT_STRING, offsetof(SignTextRequest, stringToSign) },
+    { CMT_DT_STRING, offsetof(SignTextRequest, hostName) },
+    { CMT_DT_STRING, offsetof(SignTextRequest, caOption) },
+    { CMT_DT_LIST, offsetof(SignTextRequest, numCAs) },
+    { CMT_DT_STRING, offsetof(SignTextRequest, caNames) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetLocalizedTextReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(GetLocalizedTextReply, whichString) },
+    { CMT_DT_STRING, offsetof(GetLocalizedTextReply, localizedString) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate ImportCertReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(ImportCertReply, result) },
+    { CMT_DT_INT, offsetof(ImportCertReply, resID) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PromptRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PromptRequest, resID) },
+    { CMT_DT_STRING, offsetof(PromptRequest, prompt) },
+    { CMT_DT_ITEM, offsetof(PromptRequest, clientContext) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate PromptReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(PromptReply, resID) },
+    { CMT_DT_BOOL, offsetof(PromptReply, cancel) },
+    { CMT_DT_STRING, offsetof(PromptReply, promptReply) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate RedirectCompareRequestTemplate[] =
+{
+    { CMT_DT_ITEM, offsetof(RedirectCompareRequest, socketStatus1Data) },
+    { CMT_DT_ITEM, offsetof(RedirectCompareRequest, socketStatus2Data) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate DecodeAndAddCRLRequestTemplate[] = 
+{
+    { CMT_DT_ITEM,   offsetof(DecodeAndAddCRLRequest, derCrl) },
+    { CMT_DT_INT,    offsetof(DecodeAndAddCRLRequest, type)   },
+    { CMT_DT_STRING, offsetof(DecodeAndAddCRLRequest, url)    },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate SecurityAdvisorRequestTemplate[] =
+{
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, infoContext) },
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, resID) },
+    { CMT_DT_STRING, offsetof(SecurityAdvisorRequest, hostname) },
+    { CMT_DT_STRING, offsetof(SecurityAdvisorRequest, senderAddr) },
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, encryptedP7CInfo) },
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, signedP7CInfo) },
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, decodeError) },
+    { CMT_DT_INT,   offsetof(SecurityAdvisorRequest, verifyError) },
+    { CMT_DT_BOOL,   offsetof(SecurityAdvisorRequest, encryptthis) },
+    { CMT_DT_BOOL,   offsetof(SecurityAdvisorRequest, signthis) },
+    { CMT_DT_LIST,	offsetof(SecurityAdvisorRequest, numRecipients) },
+    { CMT_DT_STRING, offsetof(SecurityAdvisorRequest, recipients) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate SCAddTempCertToPermDBRequestTemplate[] =
+{
+    { CMT_DT_ITEM, offsetof(SCAddTempCertToPermDBRequest, certKey) },
+    { CMT_DT_STRING, offsetof(SCAddTempCertToPermDBRequest, trustStr) },
+    { CMT_DT_STRING, offsetof(SCAddTempCertToPermDBRequest, nickname) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate SCDeletePermCertsRequestTemplate[] =
+{
+    { CMT_DT_ITEM, offsetof(SCDeletePermCertsRequest, certKey) },
+    { CMT_DT_BOOL, offsetof(SCDeletePermCertsRequest, deleteAll) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate TimeMessageTemplate[] =
+{
+    { CMT_DT_INT, offsetof(TimeMessage, year) },
+    { CMT_DT_INT, offsetof(TimeMessage, month) },
+    { CMT_DT_INT, offsetof(TimeMessage, day) },
+    { CMT_DT_INT, offsetof(TimeMessage, hour) },
+    { CMT_DT_INT, offsetof(TimeMessage, minute) },
+    { CMT_DT_INT, offsetof(TimeMessage, second) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate SCCertIndexEnumReplyTemplate[] =
+{
+    { CMT_DT_INT, offsetof(SCCertIndexEnumReply, length) },
+    { CMT_DT_STRUCT_PTR, offsetof(SCCertIndexEnumReply, list) },
+    { CMT_DT_STRING, offsetof(CertEnumElement, name) },
+    { CMT_DT_ITEM, offsetof(CertEnumElement, certKey) },
+    { CMT_DT_END_STRUCT_LIST },
+    { CMT_DT_END }
+};
+
+/* Test template */
+
+CMTMessageTemplate TestListTemplate[] = 
+{
+	{ CMT_DT_STRING, offsetof(TestList, listName) },
+	{ CMT_DT_STRUCT_LIST, offsetof(TestList, numElements) },
+	{ CMT_DT_STRUCT_PTR, offsetof(TestList, elements) },
+	{ CMT_DT_STRING, offsetof(TestListElement, name) },
+	{ CMT_DT_STRING, offsetof(TestListElement, value) },
+	{ CMT_DT_END_STRUCT_LIST},
+	{ CMT_DT_END}
+};
+
+CMTMessageTemplate SetPrefListMessageTemplate[] =
+{
+    { CMT_DT_STRUCT_LIST, offsetof(SetPrefListMessage, length) },
+    { CMT_DT_STRUCT_PTR, offsetof(SetPrefListMessage, list) },
+    { CMT_DT_STRING, offsetof(SetPrefElement, key) },
+    { CMT_DT_STRING, offsetof(SetPrefElement, value) },
+    { CMT_DT_INT, offsetof(SetPrefElement, type) },
+    { CMT_DT_END_STRUCT_LIST },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetPrefListRequestTemplate[] =
+{
+    { CMT_DT_STRUCT_LIST, offsetof(GetPrefListRequest, length) },
+    { CMT_DT_STRUCT_PTR, offsetof(GetPrefListRequest, list) },
+    { CMT_DT_STRING, offsetof(GetPrefElement, key) },
+    { CMT_DT_INT, offsetof(GetPrefElement, type) },
+    { CMT_DT_END_STRUCT_LIST },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate GetCertExtensionTemplate[] =
+{
+    { CMT_DT_INT, offsetof(GetCertExtension, resID) },
+    { CMT_DT_INT, offsetof(GetCertExtension, extension) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate HTMLCertInfoRequestTemplate[] =
+{
+    { CMT_DT_INT, offsetof(HTMLCertInfoRequest, certID) },
+    { CMT_DT_INT, offsetof(HTMLCertInfoRequest, showImages) },
+    { CMT_DT_INT, offsetof(HTMLCertInfoRequest, showIssuer) },
+    { CMT_DT_END }
+};
+
+CMTMessageTemplate EncryptRequestTemplate[] =
+{
+  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, keyid) },
+  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, data) },
+  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, ctx) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate DecryptRequestTemplate[] =
+{
+  { CMT_DT_ITEM, offsetof(DecryptRequestMessage, data) },
+  { CMT_DT_ITEM, offsetof(DecryptRequestMessage, ctx) },
+  { CMT_DT_END }
+};

mozilla/webtools/bugzilla/docs/en/xml/Bugzilla-Guide.xml

@@ -1,135 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-
-]>
-
-
-<!-- Coding standards for this document 
-
-*  Other than the GFDL, please use the "section" tag instead of "sect1", 
-   "sect2", etc.
-*  Use Entities to include files for new chapters in Bugzilla-Guide.xml.
-*  Try to use Entities for frequently-used passages of text as well.
-*  Ensure all documents compile cleanly to HTML after modification.
-   The warning, "DTDDECL catalog types not supported" is normal.
-*  Try to index important terms wherever possible.
-*  Use "glossterm" whenever you introduce a new term.
-*  Follow coding standards at http://www.tldp.org, and
-   check out the KDE guidelines (they are nice, too)
-   http://i18n.kde.org/doc/markup.html
-*  All tags should be lowercase.
-*  Please use sensible spacing.  The comments at the very end of each
-   file define reasonable defaults for PSGML mode in EMACS.
-*  Double-indent tags, use double spacing whenever possible, and
-   try to avoid clutter and feel free to waste space in the code to make it 
-   more readable.
-
--->
-
-<book id="index">
-
-<!-- Header -->
-
-  <bookinfo>
-    <title>The Bugzilla Guide - &bz-ver; 
-    <!-- BZ-DEVEL -->Development <!-- /BZ-DEVEL -->
-    Release</title>
-
-    <authorgroup>
-      <corpauthor>The Bugzilla Team</corpauthor>
-    </authorgroup>
-
-    <pubdate>&bz-date;</pubdate>
-
-    <abstract>
-      <para>
-	      This is the documentation for Bugzilla, a 
-	      bug-tracking system from mozilla.org.
-	      Bugzilla is an enterprise-class piece of software
-	      that tracks millions of bugs and issues for hundreds of
-	      organizations around the world.
-      </para>
-
-      <para>
-        The most current version of this document can always be found on the
-        <ulink url="http://www.bugzilla.org/docs/">Bugzilla 
-        Documentation Page</ulink>.
-      </para>
-
-    </abstract>
-
-    <keywordset>
-      <keyword>Bugzilla</keyword>
-      <keyword>Guide</keyword>
-      <keyword>installation</keyword>
-      <keyword>FAQ</keyword>
-      <keyword>administration</keyword>
-      <keyword>integration</keyword>
-      <keyword>MySQL</keyword>
-      <keyword>Mozilla</keyword>
-      <keyword>webtools</keyword>
-    </keywordset>
-  </bookinfo>
-
-  <!-- About This Guide -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="about.xml" /> 
-  
-  <!-- Installing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="installation.xml" />
-
-  <!-- Administering Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="administration.xml" />
-
-  <!-- Securing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="security.xml" />
-  
-  <!-- Customizing Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="customization.xml" />
-
-  <!-- Using Bugzilla -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="using.xml" />
-
-  <!-- Appendix: Troubleshooting -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="troubleshooting.xml" />
-
-  <!-- Appendix: Custom Patches -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="patches.xml" />
-
-  <!-- Appendix: Manually Installing Perl Modules -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules.xml" />
-  
-  <!-- Appendix: GNU Free Documentation License -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="gfdl.xml" />
- 
-  <!-- Glossary -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="glossary.xml" />
-
-  <!-- Index -->
-  <!--xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="index.xml" /-->
-
-</book>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/about.xml

@@ -1,246 +0,0 @@
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                         "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- $Id: about.xml,v 1.26.4.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<chapter id="about">
-<title>About This Guide</title>
-
-  <section id="copyright">
-    <title>Copyright Information</title>
-
-    <para>This document is copyright (c) 2000-&current-year; by the various
-    Bugzilla contributors who wrote it.</para>
-    
-    <blockquote>
-      <para>
-	Permission is granted to copy, distribute and/or modify this
-	document under the terms of the GNU Free Documentation
-	License, Version 1.1 or any later version published by the
-	Free Software Foundation; with no Invariant Sections, no
-	Front-Cover Texts, and with no Back-Cover Texts. A copy of
-	the license is included in <xref linkend="gfdl"/>.
-      </para>
-    </blockquote>
-    <para>
-      If you have any questions regarding this document, its
-      copyright, or publishing this document in non-electronic form,
-      please contact the Bugzilla Team. 
-    </para>
-  </section>
-
-  <section id="disclaimer">
-    <title>Disclaimer</title>
-    <para>
-      No liability for the contents of this document can be accepted.
-      Follow the instructions herein at your own risk.
-      This document may contain errors
-      and inaccuracies that may damage your system, cause your partner 
-      to leave you, your boss to fire you, your cats to
-      pee on your furniture and clothing, and global thermonuclear
-      war. Proceed with caution.
-    </para>
-    <para>
-      Naming of particular products or brands should not be seen as
-      endorsements, with the exception of the term "GNU/Linux". We
-      wholeheartedly endorse the use of GNU/Linux; it is an extremely 
-      versatile, stable,
-      and robust operating system that offers an ideal operating
-      environment for Bugzilla.
-    </para>
-    <para>
-      Although the Bugzilla development team has taken great care to
-      ensure that all exploitable bugs have been fixed, security holes surely 
-      exist in any piece of code. Great care should be taken both in 
-      the installation and usage of this software. The Bugzilla development
-      team members assume no liability for your use of Bugzilla. You have 
-      the source code, and are responsible for auditing it yourself to ensure
-      your security needs are met.
-    </para>
-  </section>
-
-<!-- Section 2: New Versions -->
-
-  <section id="newversions">
-    <title>New Versions</title>
-    <para>
-      This is the &bz-ver; version of The Bugzilla Guide. It is so named 
-      to match the current version of Bugzilla. 
-      <!-- BZ-DEVEL --> This version of the guide, like its associated Bugzilla version, is a
-      development version.<!-- /BZ-DEVEL --> 
-    </para>
-    <para>
-      The latest version of this guide can always be found at <ulink
-      url="http://www.bugzilla.org"/>, or checked out via CVS by
-      following the <ulink url="http://www.mozilla.org/cvs.html">Mozilla 
-      CVS</ulink> instructions and check out the 
-      <filename>mozilla/webtools/bugzilla/docs/</filename>
-      subtree. However, you should read the version
-      which came with the Bugzilla release you are using.
-    </para>
-    <para>
-      The Bugzilla Guide, or a section of it, is also available in
-      the following languages:
-      <ulink url="http://www.traduc.org/docs/guides/lecture/bugzilla/">French</ulink>,
-      <ulink url="http://bugzilla-de.sourceforge.net/docs/html/">German</ulink>,
-      <ulink url="http://www.bugzilla.jp/docs/2.18/">Japanese</ulink>.
-      Note that these may be outdated or not up to date.
-    </para>
-    
-    <para>  
-      In addition, there are Bugzilla template localization projects in
-      the following languages. They may have translated documentation 
-      available: 
-      <ulink url="http://sourceforge.net/projects/bugzilla-ar/">Arabic</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-be/">Belarusian</ulink>,
-      <ulink url="http://openfmi.net/projects/mozilla-bg/">Bulgarian</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-br/">Brazilian Portuguese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-cn/">Chinese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-fr/">French</ulink>,
-      <ulink url="http://germzilla.ganderbay.net/">German</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-it/">Italian</ulink>,
-      <ulink url="http://www.bugzilla.jp/about/jp.html">Japanese</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-kr/">Korean</ulink>,
-      <ulink url="http://sourceforge.net/projects/bugzilla-ru/">Russian</ulink> and
-      <ulink url="http://sourceforge.net/projects/bugzilla-es/">Spanish</ulink>.
-    </para>
-    
-    <para>  
-      If you would like to volunteer to translate the Guide into additional
-      languages, please contact
-      <ulink url="mailto:justdave@bugzilla.org">Dave Miller</ulink>.
-    </para>
-  </section>
-
-  <section id="credits">
-    <title>Credits</title>
-    <para>
-      The people listed below have made enormous contributions to the
-      creation of this Guide, through their writing, dedicated hacking efforts,
-      numerous e-mail and IRC support sessions, and overall excellent
-      contribution to the Bugzilla community:
-    </para>
-
-    <!-- TODO: This is evil... there has to be a valid way to get this look -->
-    <variablelist>
-      <varlistentry>
-        <term>Matthew P. Barnson <email>mbarnson@sisna.com</email></term>
-        <listitem>
-          <para>for the Herculean task of pulling together the Bugzilla Guide
-          and shepherding it to 2.14.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Terry Weissman <email>terry@mozilla.org</email></term>
-        <listitem>
-          <para>for initially writing Bugzilla and creating the README upon
-          which the UNIX installation documentation is largely based.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Tara Hernandez <email>tara@tequilarists.org</email></term>
-        <listitem>
-          <para>for keeping Bugzilla development going strong after Terry left
-          mozilla.org and for running landfill.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Dave Lawrence <email>dkl@redhat.com</email></term>
-        <listitem>
-          <para>for providing insight into the key differences between Red
-          Hat's customized Bugzilla.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Dawn Endico <email>endico@mozilla.org</email></term>
-        <listitem>
-          <para>for being a hacker extraordinaire and putting up with Matthew's
-          incessant questions and arguments on irc.mozilla.org in #mozwebtools
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Jacob Steenhagen <email>jake@bugzilla.org</email></term>
-        <listitem>
-          <para>for taking over documentation during the 2.17 development
-          period.
-          </para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-	<term>Dave Miller <email>justdave@bugzilla.org</email></term>
-	<listitem>
-          <para>for taking over as project lead when Tara stepped down and
-	  continually pushing for the documentation to be the best it can be.
-          </para>
-        </listitem>
-      </varlistentry>
-
-    </variablelist>
-
-
-    <para>
-      Thanks also go to the following people for significant contributions 
-      to this documentation:
-      <simplelist type="inline">
-        <member>Kevin Brannen</member>
-        <member>Vlad Dascalu</member>
-        <member>Ben FrantzDale</member>
-        <member>Eric Hanson</member>
-        <member>Zach Lipton</member>
-        <member>Gervase Markham</member>
-        <member>Andrew Pearson</member>
-        <member>Joe Robins</member>
-        <member>Spencer Smith</member>
-        <member>Ron Teitelbaum</member>
-        <member>Shane Travis</member>
-        <member>Martin Wulffeld</member>
-      </simplelist>.
-    </para>
-    
-    <para>
-      Also, thanks are due to the members of the 
-      <ulink url="news://news.mozilla.org/mozilla.support.bugzilla">
-      mozilla.support.bugzilla</ulink>
-      newsgroup (and its predecessor, netscape.public.mozilla.webtools).
-      Without your discussions, insight, suggestions, and patches,
-      this could never have happened.
-    </para>
-  </section>
-
-  <!-- conventions used here (didn't want to give it a chapter of its own) -->
-  <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="conventions.xml" /> 
-</chapter> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-

mozilla/webtools/bugzilla/docs/en/xml/conventions.xml

@@ -1,168 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<section id="conventions">
-  <title>Document Conventions</title>
-
-  <indexterm zone="conventions">
-    <primary>conventions</primary>
-  </indexterm>
-
-  <para>This document uses the following conventions:</para>
-
-  <informaltable frame="none">
-    <tgroup cols="2">
-      <thead>
-        <row>
-          <entry>Descriptions</entry>
-
-          <entry>Appearance</entry>
-        </row>
-      </thead>
-
-      <tbody>
-        <row>
-          <entry>Caution</entry>
-
-          <entry>
-            <caution>
-              <para>Don't run with scissors!</para>
-            </caution>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Hint or Tip</entry>
-
-          <entry>
-            <tip>
-              <para>For best results... </para>
-            </tip>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Note</entry>
-
-          <entry>
-            <note>
-              <para>Dear John...</para>
-            </note>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Warning</entry>
-
-          <entry>
-            <warning>
-              <para>Read this or the cat gets it.</para>
-            </warning>
-          </entry>
-        </row>
-
-        <row>
-          <entry>File or directory name</entry>
-
-          <entry>
-            <filename>filename</filename>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Command to be typed</entry>
-
-          <entry>
-            <command>command</command>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Application name</entry>
-
-          <entry>
-            <application>application</application>
-          </entry>
-        </row>
-
-        <row>
-          <entry>
-          Normal user's prompt under bash shell</entry>
-
-          <entry>bash$</entry>
-        </row>
-
-        <row>
-          <entry>
-          Root user's prompt under bash shell</entry>
-
-          <entry>bash#</entry>
-        </row>
-
-        <row>
-          <entry>
-          Normal user's prompt under tcsh shell</entry>
-
-          <entry>tcsh$</entry>
-        </row>
-
-        <row>
-          <entry>Environment variables</entry>
-
-          <entry>
-            <envar>VARIABLE</envar>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Term found in the glossary</entry>
-
-          <entry>
-            <glossterm linkend="gloss-bugzilla">Bugzilla</glossterm>
-          </entry>
-        </row>
-
-        <row>
-          <entry>Code example</entry>
-
-          <entry>
-            <programlisting><sgmltag class="starttag">para</sgmltag>
-Beginning and end of paragraph
-<sgmltag class="endtag">para</sgmltag></programlisting>
-          </entry>
-        </row>
-      </tbody>
-    </tgroup>
-  </informaltable>
-
-  <para>  
-	  This documentation is maintained in DocBook 4.1.2 XML format.
-    Changes are best submitted as plain text or XML diffs, attached
-    to a bug filed in the &bzg-bugs; component.
-  </para>
-  
-</section>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/customization.xml

@@ -1,821 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<chapter id="customization">
-  <title>Customizing Bugzilla</title>
-
-  <section id="cust-skins">
-    <title>Custom Skins</title>
-    
-    <para>
-      Bugzilla allows you to have multiple skins. These are custom CSS and possibly
-      also custom images for Bugzilla. To create a new custom skin, you have two
-      choices:
-      <itemizedlist>
-        <listitem>
-          <para>
-            Make a single CSS file, and put it in the 
-            <filename>skins/contrib</filename> directory.
-          </para>
-        </listitem>
-        <listitem>
-          <para>
-            Make a directory that contains all the same CSS file
-            names as <filename>skins/standard/</filename>, and put
-            your directory in <filename>skins/contrib/</filename>.
-          </para>
-        </listitem>
-      </itemizedlist>
-    </para>
-      
-    <para>
-      After you put the file or the directory there, make sure to run checksetup.pl
-      so that it can reset the file permissions correctly.
-    </para>
-    <para>
-      After you have installed the new skin, it will show up as an option in the
-      user's General Preferences. If you would like to force a particular skin on all
-      users, just select it in the Default Preferences and then uncheck "Enabled" on
-      the preference.
-    </para>
-  </section>
-  
-  <section id="cust-templates">
-    <title>Template Customization</title>
-    
-    <para>
-      Administrators can configure the look and feel of Bugzilla without
-      having to edit Perl files or face the nightmare of massive merge
-      conflicts when they upgrade to a newer version in the future.
-    </para>
-    
-    <para>
-      Templatization also makes localized versions of Bugzilla possible, 
-      for the first time. It's possible to have Bugzilla's UI language 
-      determined by the user's browser. More information is available in
-      <xref linkend="template-http-accept"/>.
-    </para>
-    
-    <section id="template-directory">
-      <title>Template Directory Structure</title>
-      <para>
-        The template directory structure starts with top level directory 
-        named <filename>template</filename>, which contains a directory
-        for each installed localization. The next level defines the
-        language used in the templates. Bugzilla comes with English
-        templates, so the directory name is <filename>en</filename>,
-        and we will discuss <filename>template/en</filename> throughout
-        the documentation. Below <filename>template/en</filename> is the
-        <filename>default</filename> directory, which contains all the
-        standard templates shipped with Bugzilla.
-      </para>
-
-      <warning>
-        <para>
-          A directory <filename>data/templates</filename> also exists;
-          this is where Template Toolkit puts the compiled versions of
-          the templates from either the default or custom directories.
-          <emphasis>Do not</emphasis> directly edit the files in this
-          directory, or all your changes will be lost the next time
-          Template Toolkit recompiles the templates.
-        </para>
-      </warning>
-    </section>
-
-    <section id="template-method">
-      <title>Choosing a Customization Method</title>
-      <para>
-        If you want to edit Bugzilla's templates, the first decision
-        you must make is how you want to go about doing so. There are two
-        choices, and which you use depends mainly on the scope of your 
-        modifications, and the method you plan to use to upgrade Bugzilla.
-      </para> 
-
-      <para>
-        The first method of making customizations is to directly edit the
-        templates found in <filename>template/en/default</filename>.
-        This is probably the best way to go about it if you are going to
-        be upgrading Bugzilla through CVS, because if you then execute
-        a <command>cvs update</command>, any changes you have made will
-        be merged automagically with the updated versions.
-      </para>
-
-      <note>
-        <para>
-          If you use this method, and CVS conflicts occur during an
-          update, the conflicted templates (and possibly other parts
-          of your installation) will not work until they are resolved.
-        </para>
-      </note>
-
-      <para>
-        The second method is to copy the templates to be modified
-        into a mirrored directory structure under 
-        <filename>template/en/custom</filename>. Templates in this
-        directory structure automatically override any identically-named
-        and identically-located templates in the 
-        <filename>default</filename> directory. 
-      </para>
-
-      <note>
-        <para>
-          The <filename>custom</filename> directory does not exist
-          at first and must be created if you want to use it.
-        </para>
-      </note>
-
-      <para>
-        The second method of customization should be used if you 
-        use the overwriting method of upgrade, because otherwise 
-        your changes will be lost.  This method may also be better if
-        you are using the CVS method of upgrading and are going to make major
-        changes, because it is guaranteed that the contents of this directory
-        will not be touched during an upgrade, and you can then decide whether
-        to continue using your own templates, or make the effort to merge your
-        changes into the new versions by hand.
-      </para>
-
-      <para>
-        Using this method, your installation may break if incompatible
-        changes are made to the template interface.  Such changes should
-        be documented in the release notes, provided you are using a
-        stable release of Bugzilla.  If you use using unstable code, you will
-        need to deal with this one yourself, although if possible the changes
-        will be mentioned before they occur in the deprecations section of the
-        previous stable release's release notes.
-      </para>
-
-      <note>
-        <para>
-          Regardless of which method you choose, it is recommended that
-          you run <command>./checksetup.pl</command> after creating or
-          editing any templates in the <filename>template/en/default</filename>
-          directory, and after editing any templates in the 
-          <filename>custom</filename> directory.
-        </para>
-      </note>
-
-      <warning>
-        <para>
-          It is <emphasis>required</emphasis> that you run 
-          <command>./checksetup.pl</command> after creating a new
-          template in the <filename>custom</filename> directory. Failure
-          to do so will raise an incomprehensible error message.
-        </para>
-      </warning>
-    </section>
-    
-    <section id="template-edit">
-      <title>How To Edit Templates</title>
-      
-      <note>
-        <para>
-          If you are making template changes that you intend on submitting back
-          for inclusion in standard Bugzilla, you should read the relevant
-          sections of the 
-          <ulink url="http://www.bugzilla.org/docs/developer.html">Developers'
-          Guide</ulink>.
-        </para>
-      </note>
-      
-      <para>
-        The syntax of the Template Toolkit language is beyond the scope of
-        this guide. It's reasonably easy to pick up by looking at the current 
-        templates; or, you can read the manual, available on the
-        <ulink url="http://www.template-toolkit.org">Template Toolkit home
-        page</ulink>.
-      </para>
-      
-      <para>
-        One thing you should take particular care about is the need
-        to properly HTML filter data that has been passed into the template.
-        This means that if the data can possibly contain special HTML characters
-        such as &lt;, and the data was not intended to be HTML, they need to be
-        converted to entity form, i.e. &amp;lt;.  You use the 'html' filter in the
-        Template Toolkit to do this.  If you forget, you may open up
-        your installation to cross-site scripting attacks.
-      </para>
-
-      <para>
-        Also note that Bugzilla adds a few filters of its own, that are not
-        in standard Template Toolkit.  In particular, the 'url_quote' filter
-        can convert characters that are illegal or have special meaning in URLs,
-        such as &amp;, to the encoded form, i.e. %26.  This actually encodes most
-        characters (but not the common ones such as letters and numbers and so
-        on), including the HTML-special characters, so there's never a need to
-        HTML filter afterwards.
-      </para>
- 
-      <para>
-        Editing templates is a good way of doing a <quote>poor man's custom
-        fields</quote>.
-        For example, if you don't use the Status Whiteboard, but want to have
-        a free-form text entry box for <quote>Build Identifier</quote>,
-        then you can just
-        edit the templates to change the field labels. It's still be called
-        status_whiteboard internally, but your users don't need to know that.
-      </para>
-      
-    </section>
-            
-    
-    <section id="template-formats">
-      <title>Template Formats and Types</title>
-      
-      <para>
-        Some CGI's have the ability to use more than one template. For example,
-        <filename>buglist.cgi</filename> can output itself as RDF, or as two 
-        formats of HTML (complex and simple). The mechanism that provides this 
-        feature is extensible.
-      </para>
-
-      <para>
-        Bugzilla can support different types of output, which again can have 
-        multiple formats. In order to request a certain type, you can append 
-        the &amp;ctype=&lt;contenttype&gt; (such as rdf or html) to the 
-        <filename>&lt;cginame&gt;.cgi</filename> URL. If you would like to 
-        retrieve a certain format, you can use the &amp;format=&lt;format&gt; 
-        (such as simple or complex) in the URL.
-      </para>
-      
-      <para>
-        To see if a CGI supports multiple output formats and types, grep the
-        CGI for <quote>get_format</quote>. If it's not present, adding
-        multiple format/type support isn't too hard - see how it's done in
-        other CGIs, e.g. config.cgi.
-      </para>
-      
-      <para>
-        To make a new format template for a CGI which supports this, 
-        open a current template for
-        that CGI and take note of the INTERFACE comment (if present.) This 
-        comment defines what variables are passed into this template. If 
-        there isn't one, I'm afraid you'll have to read the template and
-        the code to find out what information you get. 
-      </para>     
-  
-      <para>
-        Write your template in whatever markup or text style is appropriate.
-      </para>
-      
-      <para>
-        You now need to decide what content type you want your template
-        served as. The content types are defined in the
-        <filename>Bugzilla/Constants.pm</filename> file in the 
-        <filename>contenttypes</filename>
-        constant. If your content type is not there, add it. Remember
-        the three- or four-letter tag assigned to your content type. 
-        This tag will be part of the template filename.
-      </para>
-
-      <note>
-        <para>
-          After adding or changing a content type, it's suitable to edit
-          <filename>Bugzilla/Constants.pm</filename> in order to reflect
-          the changes. Also, the file should be kept up to date after an
-          upgrade if content types have been customized in the past. 
-        </para>
-      </note>
-      
-      <para>
-        Save the template as <filename>&lt;stubname&gt;-&lt;formatname&gt;.&lt;contenttypetag&gt;.tmpl</filename>. 
-        Try out the template by calling the CGI as 
-        <filename>&lt;cginame&gt;.cgi?format=&lt;formatname&gt;&amp;ctype=&lt;type&gt;</filename> .
-      </para>       
-    </section>
-    
-    
-    <section id="template-specific">
-      <title>Particular Templates</title>
-      
-      <para>
-        There are a few templates you may be particularly interested in
-        customizing for your installation.
-      </para>
-      
-      <para>
-        <command>index.html.tmpl</command>:
-        This is the Bugzilla front page.
-      </para>      
-
-      <para>
-        <command>global/header.html.tmpl</command>:
-        This defines the header that goes on all Bugzilla pages.
-        The header includes the banner, which is what appears to users
-        and is probably what you want to edit instead.  However the
-        header also includes the HTML HEAD section, so you could for
-        example add a stylesheet or META tag by editing the header.
-      </para>
-
-      <para>
-        <command>global/banner.html.tmpl</command>:
-        This contains the <quote>banner</quote>, the part of the header
-        that appears
-        at the top of all Bugzilla pages.  The default banner is reasonably
-        barren, so you'll probably want to customize this to give your
-        installation a distinctive look and feel.  It is recommended you
-        preserve the Bugzilla version number in some form so the version 
-        you are running can be determined, and users know what docs to read.
-      </para>
-
-      <para>
-        <command>global/footer.html.tmpl</command>:
-        This defines the footer that goes on all Bugzilla pages.  Editing
-        this is another way to quickly get a distinctive look and feel for
-        your Bugzilla installation.
-      </para>
-
-      <para>
-        <command>global/variables.none.tmpl</command>:
-        This defines a list of terms that may be changed in order to
-        <quote>brand</quote> the Bugzilla instance In this way, terms
-        like <quote>bugs</quote> can be replaced with <quote>issues</quote>
-        across the whole Bugzilla installation. The name
-        <quote>Bugzilla</quote> and other words can be customized as well.
-      </para>
-
-      <para>
-        <command>list/table.html.tmpl</command>:
-        This template controls the appearance of the bug lists created
-        by Bugzilla. Editing this template allows per-column control of 
-        the width and title of a column, the maximum display length of
-        each entry, and the wrap behaviour of long entries.
-        For long bug lists, Bugzilla inserts a 'break' every 100 bugs by
-        default; this behaviour is also controlled by this template, and
-        that value can be modified here.
-       </para>
-
-      <para>
-        <command>bug/create/user-message.html.tmpl</command>:
-        This is a message that appears near the top of the bug reporting page.
-        By modifying this, you can tell your users how they should report
-        bugs.
-      </para>
-
-      <para>
-        <command>bug/process/midair.html.tmpl</command>:
-        This is the page used if two people submit simultaneous changes to the
-        same bug.  The second person to submit their changes will get this page
-        to tell them what the first person did, and ask if they wish to
-        overwrite those changes or go back and revisit the bug.  The default
-        title and header on this page read "Mid-air collision detected!"  If
-        you work in the aviation industry, or other environment where this
-        might be found offensive (yes, we have true stories of this happening)
-        you'll want to change this to something more appropriate for your
-        environment.
-      </para>
-
-      <para>
-        <command>bug/create/create.html.tmpl</command> and
-        <command>bug/create/comment.txt.tmpl</command>:
-        You may not wish to go to the effort of creating custom fields in
-        Bugzilla, yet you want to make sure that each bug report contains
-        a number of pieces of important information for which there is not
-        a special field. The bug entry system has been designed in an
-        extensible fashion to enable you to add arbitrary HTML widgets,
-        such as drop-down lists or textboxes, to the bug entry page
-        and have their values appear formatted in the initial comment.
-        A hidden field that indicates the format should be added inside
-        the form in order to make the template functional. Its value should
-        be the suffix of the template filename. For example, if the file
-        is called <filename>create-cust.html.tmpl</filename>, then
-        <programlisting>&lt;input type="hidden" name="format" value="cust"&gt;</programlisting>
-        should be used inside the form.
-      </para>
-
-      <para>  
-        An example of this is the mozilla.org 
-        <ulink url="http://landfill.bugzilla.org/bugzilla-tip/enter_bug.cgi?product=WorldControl&amp;format=guided">guided 
-        bug submission form</ulink>. The code for this comes with the Bugzilla
-        distribution as an example for you to copy. It can be found in the
-        files 
-        <filename>create-guided.html.tmpl</filename> and
-        <filename>comment-guided.html.tmpl</filename>.
-      </para>  
-
-      <para>
-        So to use this feature, create a custom template for 
-        <filename>enter_bug.cgi</filename>. The default template, on which you
-        could base it, is 
-        <filename>custom/bug/create/create.html.tmpl</filename>.
-        Call it <filename>create-&lt;formatname&gt;.html.tmpl</filename>, and
-        in it, add widgets for each piece of information you'd like
-        collected - such as a build number, or set of steps to reproduce.
-      </para>
-
-      <para>
-        Then, create a template like 
-        <filename>custom/bug/create/comment.txt.tmpl</filename>, and call it 
-        <filename>comment-&lt;formatname&gt;.txt.tmpl</filename>. This 
-        template should reference the form fields you have created using
-        the syntax <filename>[% form.&lt;fieldname&gt; %]</filename>. When a 
-        bug report is
-        submitted, the initial comment attached to the bug report will be
-        formatted according to the layout of this template.
-      </para> 
-
-      <para>
-        For example, if your custom enter_bug template had a field
-        <programlisting>&lt;input type="text" name="buildid" size="30"&gt;</programlisting>
-        and then your comment.txt.tmpl had
-        <programlisting>BuildID: [% form.buildid %]</programlisting>
-        then something like
-        <programlisting>BuildID: 20020303</programlisting>
-        would appear in the initial comment.
-      </para>            
-    </section>          
-
-
-    <section id="template-http-accept">
-      <title>Configuring Bugzilla to Detect the User's Language</title>
-
-      <para>Bugzilla honours the user's Accept: HTTP header. You can install
-      templates in other languages, and Bugzilla will pick the most appropriate
-      according to a priority order defined by you. Many
-      language templates can be obtained from <ulink 
-      url="http://www.bugzilla.org/download.html#localizations"/>. Instructions
-      for submitting new languages are also available from that location.
-      </para>
-    </section>
-      
-  </section>
-
-  <section id="cust-hooks">
-    <title>The Bugzilla Extension Mechanism</title>
-    
-    <warning>
-      <para>
-        Note that the below paths are inconsistent and confusing. They will
-        likely be changed in Bugzilla 4.0.
-      </para>
-    </warning>
-       
-    <para>
-      Extensions are a way for extensions to Bugzilla to insert code
-      into the standard Bugzilla templates and source files
-      without modifying these files themselves.  The extension mechanism 
-      defines a consistent API for extending the standard templates and source files 
-      in a way that cleanly separates standard code from extension code.  
-      Hooks reduce merge conflicts and make it easier to write extensions that work 
-      across multiple versions of Bugzilla, making upgrading a Bugzilla installation 
-      with installed extensions easier. Furthermore, they make it easy to install 
-      and remove extensions as each extension is nothing more than a 
-      simple directory structure. 
-    </para>
-    
-    <para>
-      There are two main types of hooks: code hooks and template hooks. Code 
-      hooks allow extensions to invoke code at specific points in various 
-      source files, while template hooks allow extensions to add elements to 
-      the Bugzilla user interface. 
-    </para>
-
-    <para>
-      A hook is just a named place in a standard source or template file
-      where extension source code or template files for that hook get processed. 
-      Each extension has a corresponding directory in the Bugzilla directory 
-      tree (<filename>BUGZILLA_ROOT/extensions/extension_name</filename>).  Hooking 
-      an extension source file or template to a hook is as simple as putting 
-      the extension file into extension's template or code directory. 
-      When Bugzilla processes the source file or template and reaches the hook, 
-      it will process all extension files in the hook's directory. 
-      The hooks themselves can be added into any source file or standard template 
-      upon request by extension authors.
-    </para>
-    
-    <para>
-      To use hooks to extend Bugzilla, first make sure there is
-      a hook at the appropriate place within the source file or template you 
-      want to extend. The exact appearance of a hook depends on if the hook 
-      is a code hook or a template hook. 
-    </para>
-    
-    <para>
-      Code hooks appear in Bugzilla source files as a single method call 
-      in the format <literal role="code">Bugzilla::Hook->process("<varname>name</varname>");</literal>.
-      For instance, <filename>enter_bug.cgi</filename> may invoke the hook 
-      "<varname>enter_bug-entrydefaultvars</varname>". Thus, a source file at 
-      <filename>BUGZILLA_ROOT/extensions/EXTENSION_NAME/code/enter_bug-entrydefaultvars.pl</filename>
-      will be automatically invoked when the code hook is reached. 
-    </para>
-   
-    <para>  
-      Template hooks appear in the standard Bugzilla templates as a 
-      single directive in the format
-      <literal role="code">[% Hook.process("<varname>name</varname>") %]</literal>,
-      where <varname>name</varname> is the unique name of the hook.
-    </para>
-
-    <para>
-      If you aren't sure what you want to extend or just want to browse the 
-      available hooks, either use your favorite multi-file search
-      tool (e.g. <command>grep</command>) to search the standard templates
-      for occurrences of <methodname>Hook.process</methodname> or the source 
-      files for occurrences of <methodname>Bugzilla::Hook::process</methodname>.
-    </para>
-
-    <para>
-      If there is no hook at the appropriate place within the Bugzilla 
-      source file or template you want to extend,
-      <ulink url="http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla&amp;component=User%20Interface">file
-      a bug requesting one</ulink>, specifying:
-    </para>
-
-    <simplelist>
-      <member>the source or template file for which you are 
-          requesting a hook;</member>
-      <member>
-        where in the file you would like the hook to be placed
-        (line number/position for latest version of the file in CVS
-        or description of location);
-      </member>
-      <member>the purpose of the hook;</member>
-      <member>a link to information about your extension, if any.</member>
-    </simplelist>
-
-    <para>
-      The Bugzilla reviewers will promptly review each hook request,
-      name the hook, add it to the template or source file, and check 
-      the new version of the template into CVS.
-    </para>
-
-    <para>
-      You may optionally attach a patch to the bug which implements the hook
-      and check it in yourself after receiving approval from a Bugzilla
-      reviewer.  The developers may suggest changes to the location of the
-      hook based on their analysis of your needs or so the hook can satisfy
-      the needs of multiple extensions, but the process of getting hooks
-      approved and checked in is not as stringent as the process for general
-      changes to Bugzilla, and any extension, whether released or still in
-      development, can have hooks added to meet their needs.
-    </para>
-
-    <para>
-      After making sure the hook you need exists (or getting it added if not),
-      add your extension to the directory within the Bugzilla
-      extensions tree corresponding to the hook. 
-    </para>
-    
-    <para>
-      That's it!  Now, when the source file or template containing the hook
-      is processed, your extension file will be processed at the point 
-      where the hook appears.
-    </para>
-
-    <para>
-      For example, let's say you have an extension named Projman that adds
-      project management capabilities to Bugzilla.  Projman has an
-      administration interface <filename>edit-projects.cgi</filename>, 
-      and you want to add a link to it into the navigation bar at the bottom
-      of every Bugzilla page for those users who are authorized
-      to administer projects.
-    </para>
-
-    <para>
-      The navigation bar is generated by the template file
-      <filename>useful-links.html.tmpl</filename>, which is located in
-      the <filename>global/</filename> subdirectory on the standard Bugzilla 
-      template path
-      <filename>BUGZILLA_ROOT/template/en/default/</filename>.
-      Looking in <filename>useful-links.html.tmpl</filename>, you find
-      the following hook at the end of the list of standard Bugzilla
-      administration links:
-    </para>
-
-    <programlisting><![CDATA[...
-    [% ', <a href="editkeywords.cgi">keywords</a>' 
-                                              IF user.groups.editkeywords %]
-    [% Hook.process("edit") %]
-...]]></programlisting>
-
-    <para>
-      The corresponding extension file for this hook is
-      <filename>BUGZILLA_ROOT/extensions/projman/template/en/global/useful-links-edit.html.tmpl</filename>.
-      You then create that template file and add the following constant:
-    </para>
-
-    <programlisting><![CDATA[...[% ', <a href="edit-projects.cgi">projects</a>' IF user.groups.projman_admins %]]]></programlisting>
-
-    <para>
-      Voila!  The link now appears after the other administration links in the
-      navigation bar for users in the <literal>projman_admins</literal> group.
-    </para>
-    
-    <para>
-      Now, let us say your extension adds a custom "project_manager" field 
-      to enter_bug.cgi. You want to modify the CGI script to set the default 
-      project manager to be productname@company.com. Looking at 
-      <filename>enter_bug.cgi</filename>, you see the enter_bug-entrydefaultvars 
-      hook near the bottom of the file before the default form values are set. 
-      The corresponding extension source file for this hook is located at 
-      <filename>BUGZILLA_ROOT/extensions/projman/code/enter_bug-entrydefaultvars.pl</filename>.
-      You then create that file and add the following:
-    </para>
-    
-    <programlisting>$default{'project_manager'} = $product.'@company.com';</programlisting>
-    
-    <para>
-      This code will be invoked whenever enter_bug.cgi is executed. 
-      Assuming that the rest of the customization was completed (e.g. the 
-      custom field was added to the enter_bug template and the required hooks 
-      were used in process_bug.cgi), the new field will now have this 
-      default value. 
-    </para>
-      
-    <para>
-      Notes:
-    </para>
-
-    <itemizedlist>
-      <listitem>
-        <para>
-          If your extension includes entirely new templates in addition to
-          extensions of standard templates, it should store those new
-          templates in its
-          <filename>BUGZILLA_ROOT/extensions/template/en/</filename> 
-          directory. Extension template directories, like the 
-          <filename>default/</filename> and <filename>custom/</filename>
-          directories, are part of the template search path, so putting templates
-          there enables them to be found by the template processor.
-        </para>
-
-        <para>
-          The template processor looks for templates first in the
-          <filename>custom/</filename> directory (i.e. templates added by the 
-          specific installation), then in the <filename>extensions/</filename>
-          directory (i.e. templates added by extensions), and finally in the 
-          <filename>default/</filename> directory (i.e. the standard Bugzilla 
-          templates). Thus, installation-specific templates override both 
-          default and extension templates.
-        </para>
-      </listitem>
-
-      <listitem>
-        <para>
-          If you are looking to customize Bugzilla, you can also take advantage 
-          of template hooks. To do so, create a directory in
-          <filename>BUGZILLA_ROOT/template/en/custom/hook/</filename>
-          that corresponds to the hook you wish to use, then place your 
-          customization templates into those directories. For example, 
-          if you wanted to use the hook "end" in 
-          <filename>global/useful-links.html.tmpl</filename>, you would 
-          create the directory <filename>BUGZILLA_ROOT/template/en/custom/hook/
-          global/useful-links.html.tmpl/end/</filename> and add your customization 
-          template to this directory. 
-        </para>
-
-        <para>
-          Obviously this method of customizing Bugzilla only lets you add code
-          to the standard source files and templates; you cannot change the 
-          existing code. Nevertheless, for those customizations that only add 
-          code, this method can reduce conflicts when merging changes, 
-          making upgrading your customized Bugzilla installation easier.
-        </para>
-      </listitem>
-    </itemizedlist>    
-  </section>
-
-  <section id="cust-change-permissions">
-    <title>Customizing Who Can Change What</title>
-    
-    <warning>
-      <para>
-        This feature should be considered experimental; the Bugzilla code you
-        will be changing is not stable, and could change or move between 
-        versions. Be aware that if you make modifications as outlined here, 
-        you may have
-        to re-make them or port them if Bugzilla changes internally between
-        versions, and you upgrade.
-      </para>
-    </warning>
-      
-    <para>
-      Companies often have rules about which employees, or classes of employees,
-      are allowed to change certain things in the bug system. For example, 
-      only the bug's designated QA Contact may be allowed to VERIFY the bug.
-      Bugzilla has been
-      designed to make it easy for you to write your own custom rules to define
-      who is allowed to make what sorts of value transition.
-    </para>
-
-    <para>
-     By default, assignees, QA owners and users
-     with <emphasis>editbugs</emphasis> privileges can edit all fields of bugs, 
-     except group restrictions (unless they are members of the groups they 
-     are trying to change). Bug reporters also have the ability to edit some 
-     fields, but in a more restrictive manner. Other users, without 
-     <emphasis>editbugs</emphasis> privileges, can not edit 
-     bugs, except to comment and add themselves to the CC list.
-    </para> 
-    
-    <para>
-      For maximum flexibility, customizing this means editing Bugzilla's Perl 
-      code. This gives the administrator complete control over exactly who is
-      allowed to do what. The relevant method is called
-      <filename>check_can_change_field()</filename>,
-      and is found in <filename>Bug.pm</filename> in your
-      Bugzilla/ directory. If you open that file and search for
-      <quote>sub check_can_change_field</quote>, you'll find it.
-    </para>
-    
-    <para>
-      This function has been carefully commented to allow you to see exactly
-      how it works, and give you an idea of how to make changes to it.
-      Certain marked sections should not be changed - these are
-      the <quote>plumbing</quote> which makes the rest of the function work.
-      In between those sections, you'll find snippets of code like:
-      <programlisting>    # Allow the assignee to change anything.
-    if ($ownerid eq $whoid) {
-        return 1;
-    }</programlisting>
-      It's fairly obvious what this piece of code does.
-    </para>      
-      
-    <para>
-      So, how does one go about changing this function? Well, simple changes
-      can be made just by removing pieces - for example, if you wanted to 
-      prevent any user adding a comment to a bug, just remove the lines marked
-      <quote>Allow anyone to change comments.</quote> If you don't want the
-      Reporter to have any special rights on bugs they have filed, just
-      remove the entire section that deals with the Reporter.
-    </para>
-    
-    <para>
-      More complex customizations are not much harder. Basically, you add
-      a check in the right place in the function, i.e. after all the variables
-      you are using have been set up. So, don't look at $ownerid before 
-      $ownerid has been obtained from the database. You can either add a
-      positive check, which returns 1 (allow) if certain conditions are true,
-      or a negative check, which returns 0 (deny.) E.g.:
-      <programlisting>    if ($field eq "qacontact") {
-        if (Bugzilla->user->groups("quality_assurance")) {
-            return 1;
-        } 
-        else {
-            return 0;
-        }
-    }</programlisting>
-      This says that only users in the group "quality_assurance" can change
-      the QA Contact field of a bug.
-    </para>
-
-    <para>
-      Getting more weird:
-      <programlisting><![CDATA[    if (($field eq "priority") &&
-        (Bugzilla->user->email =~ /.*\@example\.com$/))
-    {
-        if ($oldvalue eq "P1") {
-            return 1;
-        } 
-        else {
-            return 0;
-        }
-    }]]></programlisting>
-      This says that if the user is trying to change the priority field,
-      and their email address is @example.com, they can only do so if the
-      old value of the field was "P1". Not very useful, but illustrative.
-    </para>
-
-    <warning>
-      <para>
-        If you are modifying <filename>process_bug.cgi</filename> in any
-        way, do not change the code that is bounded by DO_NOT_CHANGE blocks.
-        Doing so could compromise security, or cause your installation to
-        stop working entirely.
-      </para>
-    </warning>
-    
-    <para>
-      For a list of possible field names, look at the bugs table in the 
-      database. If you need help writing custom rules for your organization,
-      ask in the newsgroup.
-    </para>    
-  </section>   
-
-  <!-- Integrating Bugzilla with Third-Party Tools -->
-<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="integration.xml" />
-</chapter>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/gfdl.xml

@@ -1,449 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="gfdl">
-  <title>GNU Free Documentation License</title>
-
-<!-- - GNU Project - Free Software Foundation (FSF) -->
-<!-- LINK REV="made" HREF="mailto:webmasters@gnu.org" -->
-<!-- section>
-    <title>GNU Free Documentation License</title -->
-  <para>Version 1.1, March 2000</para>
-
-  <blockquote>
-    <para>Copyright (C) 2000 Free Software Foundation, Inc. 59 Temple Place,
-    Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and
-    distribute verbatim copies of this license document, but changing it is
-    not allowed.</para>
-  </blockquote>
-
-  <section label="0" id="gfdl-0">
-    <title>Preamble</title>
-
-    <para>The purpose of this License is to make a manual, textbook, or other
-    written document "free" in the sense of freedom: to assure everyone the
-    effective freedom to copy and redistribute it, with or without modifying
-    it, either commercially or noncommercially. Secondarily, this License
-    preserves for the author and publisher a way to get credit for their
-    work, while not being considered responsible for modifications made by
-    others.</para>
-
-    <para>This License is a kind of "copyleft", which means that derivative
-    works of the document must themselves be free in the same sense. It
-    complements the GNU General Public License, which is a copyleft license
-    designed for free software.</para>
-
-    <para>We have designed this License in order to use it for manuals for
-    free software, because free software needs free documentation: a free
-    program should come with manuals providing the same freedoms that the
-    software does. But this License is not limited to software manuals; it
-    can be used for any textual work, regardless of subject matter or whether
-    it is published as a printed book. We recommend this License principally
-    for works whose purpose is instruction or reference.</para>
-  </section>
-
-  <section label="1" id="gfdl-1">
-    <title>Applicability and Definition</title>
-
-    <para>This License applies to any manual or other work that contains a
-    notice placed by the copyright holder saying it can be distributed under
-    the terms of this License. The "Document", below, refers to any such
-    manual or work. Any member of the public is a licensee, and is addressed
-    as "you".</para>
-
-    <para>A "Modified Version" of the Document means any work containing the
-    Document or a portion of it, either copied verbatim, or with
-    modifications and/or translated into another language.</para>
-
-    <para>A "Secondary Section" is a named appendix or a front-matter section
-    of the Document that deals exclusively with the relationship of the
-    publishers or authors of the Document to the Document's overall subject
-    (or to related matters) and contains nothing that could fall directly
-    within that overall subject. (For example, if the Document is in part a
-    textbook of mathematics, a Secondary Section may not explain any
-    mathematics.) The relationship could be a matter of historical connection
-    with the subject or with related matters, or of legal, commercial,
-    philosophical, ethical or political position regarding them.</para>
-
-    <para>The "Invariant Sections" are certain Secondary Sections whose
-    titles are designated, as being those of Invariant Sections, in the
-    notice that says that the Document is released under this License.</para>
-
-    <para>The "Cover Texts" are certain short passages of text that are
-    listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says
-    that the Document is released under this License.</para>
-
-    <para>A "Transparent" copy of the Document means a machine-readable copy,
-    represented in a format whose specification is available to the general
-    public, whose contents can be viewed and edited directly and
-    straightforwardly with generic text editors or (for images composed of
-    pixels) generic paint programs or (for drawings) some widely available
-    drawing editor, and that is suitable for input to text formatters or for
-    automatic translation to a variety of formats suitable for input to text
-    formatters. A copy made in an otherwise Transparent file format whose
-    markup has been designed to thwart or discourage subsequent modification
-    by readers is not Transparent. A copy that is not "Transparent" is called
-    "Opaque".</para>
-
-    <para>Examples of suitable formats for Transparent copies include plain
-    ASCII without markup, Texinfo input format, LaTeX input format, SGML or
-    XML using a publicly available DTD, and standard-conforming simple HTML
-    designed for human modification. Opaque formats include PostScript, PDF,
-    proprietary formats that can be read and edited only by proprietary word
-    processors, SGML or XML for which the DTD and/or processing tools are not
-    generally available, and the machine-generated HTML produced by some word
-    processors for output purposes only.</para>
-
-    <para>The "Title Page" means, for a printed book, the title page itself,
-    plus such following pages as are needed to hold, legibly, the material
-    this License requires to appear in the title page. For works in formats
-    which do not have any title page as such, "Title Page" means the text
-    near the most prominent appearance of the work's title, preceding the
-    beginning of the body of the text.</para>
-  </section>
-
-  <section label="2" id="gfdl-2">
-    <title>Verbatim Copying</title>
-
-    <para>You may copy and distribute the Document in any medium, either
-    commercially or noncommercially, provided that this License, the
-    copyright notices, and the license notice saying this License applies to
-    the Document are reproduced in all copies, and that you add no other
-    conditions whatsoever to those of this License. You may not use technical
-    measures to obstruct or control the reading or further copying of the
-    copies you make or distribute. However, you may accept compensation in
-    exchange for copies. If you distribute a large enough number of copies
-    you must also follow the conditions in section 3.</para>
-
-    <para>You may also lend copies, under the same conditions stated above,
-    and you may publicly display copies.</para>
-  </section>
-
-  <section label="3" id="gfdl-3">
-    <title>Copying in Quantity</title>
-
-    <para>If you publish printed copies of the Document numbering more than
-    100, and the Document's license notice requires Cover Texts, you must
-    enclose the copies in covers that carry, clearly and legibly, all these
-    Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts
-    on the back cover. Both covers must also clearly and legibly identify you
-    as the publisher of these copies. The front cover must present the full
-    title with all words of the title equally prominent and visible. You may
-    add other material on the covers in addition. Copying with changes
-    limited to the covers, as long as they preserve the title of the Document
-    and satisfy these conditions, can be treated as verbatim copying in other
-    respects.</para>
-
-    <para>If the required texts for either cover are too voluminous to fit
-    legibly, you should put the first ones listed (as many as fit reasonably)
-    on the actual cover, and continue the rest onto adjacent pages.</para>
-
-    <para>If you publish or distribute Opaque copies of the Document
-    numbering more than 100, you must either include a machine-readable
-    Transparent copy along with each Opaque copy, or state in or with each
-    Opaque copy a publicly-accessible computer-network location containing a
-    complete Transparent copy of the Document, free of added material, which
-    the general network-using public has access to download anonymously at no
-    charge using public-standard network protocols. If you use the latter
-    option, you must take reasonably prudent steps, when you begin
-    distribution of Opaque copies in quantity, to ensure that this
-    Transparent copy will remain thus accessible at the stated location until
-    at least one year after the last time you distribute an Opaque copy
-    (directly or through your agents or retailers) of that edition to the
-    public.</para>
-
-    <para>It is requested, but not required, that you contact the authors of
-    the Document well before redistributing any large number of copies, to
-    give them a chance to provide you with an updated version of the
-    Document.</para>
-  </section>
-
-  <section label="4" id="gfdl-4">
-    <title>Modifications</title>
-
-    <para>You may copy and distribute a Modified Version of the Document
-    under the conditions of sections 2 and 3 above, provided that you release
-    the Modified Version under precisely this License, with the Modified
-    Version filling the role of the Document, thus licensing distribution and
-    modification of the Modified Version to whoever possesses a copy of it.
-    In addition, you must do these things in the Modified Version:</para>
-
-    <orderedlist numeration="upperalpha">
-      <listitem>
-        <para>Use in the Title Page (and on the covers, if any) a title
-        distinct from that of the Document, and from those of previous
-        versions (which should, if there were any, be listed in the History
-        section of the Document). You may use the same title as a previous
-        version if the original publisher of that version gives
-        permission.</para>
-      </listitem>
-
-      <listitem>
-        <para>List on the Title Page, as authors, one or more persons or
-        entities responsible for authorship of the modifications in the
-        Modified Version, together with at least five of the principal
-        authors of the Document (all of its principal authors, if it has less
-        than five).</para>
-      </listitem>
-
-      <listitem>
-        <para>State on the Title page the name of the publisher of the
-        Modified Version, as the publisher.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve all the copyright notices of the Document.</para>
-      </listitem>
-
-      <listitem>
-        <para>Add an appropriate copyright notice for your modifications
-        adjacent to the other copyright notices.</para>
-      </listitem>
-
-      <listitem>
-        <para>Include, immediately after the copyright notices, a license
-        notice giving the public permission to use the Modified Version under
-        the terms of this License, in the form shown in the Addendum
-        below.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve in that license notice the full lists of Invariant
-        Sections and required Cover Texts given in the Document's license
-        notice.</para>
-      </listitem>
-
-      <listitem>
-        <para>Include an unaltered copy of this License.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve the section entitled "History", and its title, and add
-        to it an item stating at least the title, year, new authors, and
-        publisher of the Modified Version as given on the Title Page. If
-        there is no section entitled "History" in the Document, create one
-        stating the title, year, authors, and publisher of the Document as
-        given on its Title Page, then add an item describing the Modified
-        Version as stated in the previous sentence.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve the network location, if any, given in the Document
-        for public access to a Transparent copy of the Document, and likewise
-        the network locations given in the Document for previous versions it
-        was based on. These may be placed in the "History" section. You may
-        omit a network location for a work that was published at least four
-        years before the Document itself, or if the original publisher of the
-        version it refers to gives permission.</para>
-      </listitem>
-
-      <listitem>
-        <para>In any section entitled "Acknowledgements" or "Dedications",
-        preserve the section's title, and preserve in the section all the
-        substance and tone of each of the contributor acknowledgements and/or
-        dedications given therein.</para>
-      </listitem>
-
-      <listitem>
-        <para>Preserve all the Invariant Sections of the Document, unaltered
-        in their text and in their titles. Section numbers or the equivalent
-        are not considered part of the section titles.</para>
-      </listitem>
-
-      <listitem>
-        <para>Delete any section entitled "Endorsements". Such a section may
-        not be included in the Modified Version.</para>
-      </listitem>
-
-      <listitem>
-        <para>Do not retitle any existing section as "Endorsements" or to
-        conflict in title with any Invariant Section.</para>
-      </listitem>
-    </orderedlist>
-
-    <para>If the Modified Version includes new front-matter sections or
-    appendices that qualify as Secondary Sections and contain no material
-    copied from the Document, you may at your option designate some or all of
-    these sections as invariant. To do this, add their titles to the list of
-    Invariant Sections in the Modified Version's license notice. These titles
-    must be distinct from any other section titles.</para>
-
-    <para>You may add a section entitled "Endorsements", provided it contains
-    nothing but endorsements of your Modified Version by various parties--for
-    example, statements of peer review or that the text has been approved by
-    an organization as the authoritative definition of a standard.</para>
-
-    <para>You may add a passage of up to five words as a Front-Cover Text,
-    and a passage of up to 25 words as a Back-Cover Text, to the end of the
-    list of Cover Texts in the Modified Version. Only one passage of
-    Front-Cover Text and one of Back-Cover Text may be added by (or through
-    arrangements made by) any one entity. If the Document already includes a
-    cover text for the same cover, previously added by you or by arrangement
-    made by the same entity you are acting on behalf of, you may not add
-    another; but you may replace the old one, on explicit permission from the
-    previous publisher that added the old one.</para>
-
-    <para>The author(s) and publisher(s) of the Document do not by this
-    License give permission to use their names for publicity for or to assert
-    or imply endorsement of any Modified Version.</para>
-  </section>
-
-  <section label="5" id="gfdl-5">
-    <title>Combining Documents</title>
-
-    <para>You may combine the Document with other documents released under
-    this License, under the terms defined in section 4 above for modified
-    versions, provided that you include in the combination all of the
-    Invariant Sections of all of the original documents, unmodified, and list
-    them all as Invariant Sections of your combined work in its license
-    notice.</para>
-
-    <para>The combined work need only contain one copy of this License, and
-    multiple identical Invariant Sections may be replaced with a single copy.
-    If there are multiple Invariant Sections with the same name but different
-    contents, make the title of each such section unique by adding at the end
-    of it, in parentheses, the name of the original author or publisher of
-    that section if known, or else a unique number. Make the same adjustment
-    to the section titles in the list of Invariant Sections in the license
-    notice of the combined work.</para>
-
-    <para>In the combination, you must combine any sections entitled
-    "History" in the various original documents, forming one section entitled
-    "History"; likewise combine any sections entitled "Acknowledgements", and
-    any sections entitled "Dedications". You must delete all sections
-    entitled "Endorsements."</para>
-  </section>
-
-  <section label="6" id="gfdl-6">
-    <title>Collections of Documents</title>
-
-    <para>You may make a collection consisting of the Document and other
-    documents released under this License, and replace the individual copies
-    of this License in the various documents with a single copy that is
-    included in the collection, provided that you follow the rules of this
-    License for verbatim copying of each of the documents in all other
-    respects.</para>
-
-    <para>You may extract a single document from such a collection, and
-    distribute it individually under this License, provided you insert a copy
-    of this License into the extracted document, and follow this License in
-    all other respects regarding verbatim copying of that document.</para>
-  </section>
-
-  <section label="7" id="gfdl-7">
-    <title>Aggregation with Independent Works</title>
-
-    <para>A compilation of the Document or its derivatives with other
-    separate and independent documents or works, in or on a volume of a
-    storage or distribution medium, does not as a whole count as a Modified
-    Version of the Document, provided no compilation copyright is claimed for
-    the compilation. Such a compilation is called an "aggregate", and this
-    License does not apply to the other self-contained works thus compiled
-    with the Document, on account of their being thus compiled, if they are
-    not themselves derivative works of the Document.</para>
-
-    <para>If the Cover Text requirement of section 3 is applicable to these
-    copies of the Document, then if the Document is less than one quarter of
-    the entire aggregate, the Document's Cover Texts may be placed on covers
-    that surround only the Document within the aggregate. Otherwise they must
-    appear on covers around the whole aggregate.</para>
-  </section>
-
-  <section label="8" id="gfdl-8">
-    <title>Translation</title>
-
-    <para>Translation is considered a kind of modification, so you may
-    distribute translations of the Document under the terms of section 4.
-    Replacing Invariant Sections with translations requires special
-    permission from their copyright holders, but you may include translations
-    of some or all Invariant Sections in addition to the original versions of
-    these Invariant Sections. You may include a translation of this License
-    provided that you also include the original English version of this
-    License. In case of a disagreement between the translation and the
-    original English version of this License, the original English version
-    will prevail.</para>
-  </section>
-
-  <section label="9" id="gfdl-9">
-    <title>Termination</title>
-
-    <para>You may not copy, modify, sublicense, or distribute the Document
-    except as expressly provided for under this License. Any other attempt to
-    copy, modify, sublicense or distribute the Document is void, and will
-    automatically terminate your rights under this License. However, parties
-    who have received copies, or rights, from you under this License will not
-    have their licenses terminated so long as such parties remain in full
-    compliance.</para>
-  </section>
-
-  <section label="10" id="gfdl-10">
-    <title>Future Revisions of this License</title>
-
-    <para>The Free Software Foundation may publish new, revised versions of
-    the GNU Free Documentation License from time to time. Such new versions
-    will be similar in spirit to the present version, but may differ in
-    detail to address new problems or concerns. See 
-    <ulink url="http://www.gnu.org/copyleft/"/>.</para>
-
-    <para>Each version of the License is given a distinguishing version
-    number. If the Document specifies that a particular numbered version of
-    this License "or any later version" applies to it, you have the option of
-    following the terms and conditions either of that specified version or of
-    any later version that has been published (not as a draft) by the Free
-    Software Foundation. If the Document does not specify a version number of
-    this License, you may choose any version ever published (not as a draft)
-    by the Free Software Foundation.</para>
-  </section>
-
-  <section label="" id="gfdl-howto">
-    <title>How to use this License for your documents</title>
-
-    <para>To use this License in a document you have written, include a copy
-    of the License in the document and put the following copyright and
-    license notices just after the title page:</para>
-
-    <blockquote>
-      <para>Copyright (c) YEAR YOUR NAME. Permission is granted to copy,
-      distribute and/or modify this document under the terms of the GNU Free
-      Documentation License, Version 1.1 or any later version published by
-      the Free Software Foundation; with the Invariant Sections being LIST
-      THEIR TITLES, with the Front-Cover Texts being LIST, and with the
-      Back-Cover Texts being LIST. A copy of the license is included in the
-      section entitled "GNU Free Documentation License".</para>
-    </blockquote>
-
-    <para>If you have no Invariant Sections, write "with no Invariant
-    Sections" instead of saying which ones are invariant. If you have no
-    Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover
-    Texts being LIST"; likewise for Back-Cover Texts.</para>
-
-    <para>If your document contains nontrivial examples of program code, we
-    recommend releasing these examples in parallel under your choice of free
-    software license, such as the GNU General Public License, to permit their
-    use in free software.</para>
-  </section>
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/glossary.xml

@@ -1,555 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<glossary id="glossary">
-  <glossdiv>
-    <title>0-9, high ascii</title>
-
-    <glossentry id="gloss-htaccess">
-      <glossterm>.htaccess</glossterm>
-
-      <glossdef>
-        <para>Apache web server, and other NCSA-compliant web servers,
-        observe the convention of using files in directories called 
-        <filename>.htaccess</filename>
-
-        to restrict access to certain files. In Bugzilla, they are used
-        to keep secret files which would otherwise
-        compromise your installation - e.g. the 
-        <filename>localconfig</filename>
-        file contains the password to your database.
-        curious.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-a">
-    <title>A</title>
-
-    <glossentry id="gloss-apache">
-      <glossterm>Apache</glossterm>
-
-      <glossdef>
-        <para>In this context, Apache is the web server most commonly used
-        for serving up Bugzilla 
-        pages. Contrary to popular belief, the apache web server has nothing
-        to do with the ancient and noble Native American tribe, but instead
-        derived its name from the fact that it was 
-        <quote>a patchy</quote>
-        version of the original 
-        <acronym>NCSA</acronym>
-        world-wide-web server.</para>
-
-        <variablelist>
-          <title>Useful Directives when configuring Bugzilla</title>
-
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#addhandler">AddHandler</ulink></computeroutput></term>
-            <listitem>
-              <para>Tell Apache that it's OK to run CGI scripts.</para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#allowoverride">AllowOverride</ulink></computeroutput></term>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#options">Options</ulink></computeroutput></term>
-            <listitem>
-              <para>These directives are used to tell Apache many things about
-              the directory they apply to. For Bugzilla's purposes, we need
-              them to allow script execution and <filename>.htaccess</filename>
-              overrides.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/mod_dir.html#directoryindex">DirectoryIndex</ulink></computeroutput></term>
-            <listitem>
-              <para>Used to tell Apache what files are indexes. If you can
-              not add <filename>index.cgi</filename> to the list of valid files,
-              you'll need to set <computeroutput>$index_html</computeroutput> to
-              1 in <filename>localconfig</filename> so
-              <command>./checksetup.pl</command> will create an
-              <filename>index.html</filename> that redirects to
-              <filename>index.cgi</filename>.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#scriptinterpretersource">ScriptInterpreterSource</ulink></computeroutput></term>
-            <listitem>
-              <para>Used when running Apache on windows so the shebang line
-              doesn't have to be changed in every Bugzilla script.
-              </para>
-            </listitem>
-          </varlistentry>
-        </variablelist>
-
-        <para>For more information about how to configure Apache for Bugzilla,
-        see <xref linkend="http-apache"/>.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-b">
-    <title>B</title>
-
-    <glossentry>
-      <glossterm>Bug</glossterm>
-
-      <glossdef>
-        <para>A 
-        <quote>bug</quote>
-
-        in Bugzilla refers to an issue entered into the database which has an
-        associated number, assignments, comments, etc. Some also refer to a 
-        <quote>tickets</quote>
-        or 
-        <quote>issues</quote>; 
-        in the context of Bugzilla, they are synonymous.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>Bug Number</glossterm>
-
-      <glossdef>
-        <para>Each Bugzilla bug is assigned a number that uniquely identifies
-        that bug. The bug associated with a bug number can be pulled up via a
-        query, or easily from the very front page by typing the number in the
-        "Find" box.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-bugzilla">
-      <glossterm>Bugzilla</glossterm>
-
-      <glossdef>
-        <para>Bugzilla is the world-leading free software bug tracking system.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-c">
-    <title>C</title>
-
-    <glossentry id="gloss-cgi">
-      <glossterm>Common Gateway Interface</glossterm>
-      <acronym>CGI</acronym>
-      <glossdef>
-        <para><acronym>CGI</acronym> is an acronym for Common Gateway Interface. This is
-        a standard for interfacing an external application with a web server. Bugzilla
-        is an example of a <acronym>CGI</acronym> application.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-component">
-      <glossterm>Component</glossterm>
-
-      <glossdef>
-        <para>A Component is a subsection of a Product. It should be a narrow
-        category, tailored to your organization. All Products must contain at
-        least one Component (and, as a matter of fact, creating a Product
-        with no Components will create an error in Bugzilla).</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-cpan">
-      <glossterm>Comprehensive Perl Archive Network</glossterm>
-      <acronym>CPAN</acronym>
-
-      <!-- TODO: Rewrite def for CPAN -->
-      <glossdef>
-        <para>
-        <acronym>CPAN</acronym>
-
-        stands for the 
-        <quote>Comprehensive Perl Archive Network</quote>. 
-        CPAN maintains a large number of extremely useful 
-        <glossterm>Perl</glossterm>
-        modules - encapsulated chunks of code for performing a
-        particular task.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-contrib">
-      <glossterm><filename class="directory">contrib</filename></glossterm>
-
-      <glossdef>
-        <para>The <filename class="directory">contrib</filename> directory is
-        a location to put scripts that have been contributed to Bugzilla but
-        are not a part of the official distribution. These scripts are written
-        by third parties and may be in languages other than perl. For those
-        that are in perl, there may be additional modules or other requirements
-        than those of the official distribution.
-        <note>
-          <para>Scripts in the <filename class="directory">contrib</filename>
-          directory are not officially supported by the Bugzilla team and may
-          break in between versions.
-          </para>
-        </note>
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-d">
-    <title>D</title>
-
-    <glossentry id="gloss-daemon">
-      <glossterm>daemon</glossterm>
-
-      <glossdef>
-        <para>A daemon is a computer program which runs in the background. In
-        general, most daemons are started at boot time via System V init
-        scripts, or through RC scripts on BSD-based systems. 
-        <glossterm>mysqld</glossterm>, 
-        the MySQL server, and 
-        <glossterm>apache</glossterm>, 
-        a web server, are generally run as daemons.</para>
-      </glossdef>
-    </glossentry>
-    
-    <glossentry id="gloss-dos">
-      <glossterm>DOS Attack</glossterm>
-      
-      <glossdef>
-        <para>A DOS, or Denial of Service attack, is when a user attempts to
-        deny access to a web server by repeatedly accessing a page or sending
-        malformed requests to a webserver. A D-DOS, or
-        Distributed Denial of Service attack, is when these requests come
-        from multiple sources at the same time. Unfortunately, these are much
-        more difficult to defend against.
-        </para>
-      </glossdef>
-    </glossentry>
-    
-  </glossdiv>
-
-  <glossdiv id="gloss-g">
-    <title>G</title>
-
-    <glossentry id="gloss-groups">
-      <glossterm>Groups</glossterm>
-
-      <glossdef>
-        <para>The word 
-        <quote>Groups</quote>
-
-        has a very special meaning to Bugzilla. Bugzilla's main security
-        mechanism comes by placing users in groups, and assigning those
-        groups certain privileges to view bugs in particular
-        <glossterm>Products</glossterm>
-        in the 
-        <glossterm>Bugzilla</glossterm>
-        database.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-j">
-    <title>J</title>
-
-    <glossentry id="gloss-javascript">
-      <glossterm>JavaScript</glossterm>
-      <glossdef>
-        <para>JavaScript is cool, we should talk about it.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-m">
-    <title>M</title>
-
-    <glossentry id="gloss-mta">
-      <glossterm>Message Transport Agent</glossterm>
-      <acronym>MTA</acronym>
-
-      <glossdef>
-        <para>A Message Transport Agent is used to control the flow of email on a system.
-        The <ulink url="http://search.cpan.org/dist/Email-Send/lib/Email/Send.pm">Email::Send</ulink>
-        Perl module, which Bugzilla uses to send email, can be configured to
-        use many different underlying implementations for actually sending the
-        mail using the <option>mail_delivery_method</option> parameter.
-        Implementations other than <literal>sendmail</literal> require that the
-        <option>sendmailnow</option> param be set to <literal>on</literal>.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-mysql">
-      <glossterm>MySQL</glossterm>
-
-      <glossdef>
-        <para>MySQL is currently the required
-        <glossterm linkend="gloss-rdbms">RDBMS</glossterm> for Bugzilla. MySQL
-        can be downloaded from <ulink url="http://www.mysql.com"/>. While you
-        should familiarize yourself with all of the documentation, some high
-        points are:
-        </para>
-        <variablelist>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Backup.html">Backup</ulink></term>
-            <listitem>
-              <para>Methods for backing up your Bugzilla database.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Option_files.html">Option Files</ulink></term>
-            <listitem>
-              <para>Information about how to configure MySQL using
-              <filename>my.cnf</filename>.
-              </para>
-            </listitem>
-          </varlistentry>
-          <varlistentry>
-            <term><ulink url="http://www.mysql.com/doc/en/Privilege_system.html">Privilege System</ulink></term>
-            <listitem>
-              <para>Much more detailed information about the suggestions in
-              <xref linkend="security-mysql"/>.
-              </para>
-            </listitem>
-          </varlistentry>
-        </variablelist>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-p">
-    <title>P</title>
-
-    <glossentry id="gloss-ppm">
-      <glossterm>Perl Package Manager</glossterm>
-      <acronym>PPM</acronym>
-
-      <glossdef>
-        <para><ulink url="http://aspn.activestate.com/ASPN/Downloads/ActivePerl/PPM/"/>
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm id="gloss-product">Product</glossterm>
-
-      <glossdef>
-        <para>A Product is a broad category of types of bugs, normally
-        representing a single piece of software or entity. In general,
-        there are several Components to a Product. A Product may define a
-        group (used for security) for all bugs entered into
-        its Components.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>Perl</glossterm>
-
-      <glossdef>
-        <para>First written by Larry Wall, Perl is a remarkable program
-        language. It has the benefits of the flexibility of an interpreted
-        scripting language (such as shell script), combined with the speed
-        and power of a compiled language, such as C. 
-        <glossterm>Bugzilla</glossterm>
-
-        is maintained in Perl.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-q">
-    <title>Q</title>
-
-    <glossentry>
-      <glossterm>QA</glossterm>
-
-      <glossdef>
-        <para>
-        <quote>QA</quote>, 
-        <quote>Q/A</quote>, and 
-        <quote>Q.A.</quote>
-        are short for 
-        <quote>Quality Assurance</quote>. 
-        In most large software development organizations, there is a team
-        devoted to ensuring the product meets minimum standards before
-        shipping. This team will also generally want to track the progress of
-        bugs over their life cycle, thus the need for the 
-        <quote>QA Contact</quote>
-
-        field in a bug.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-r">
-    <title>R</title>
-
-    <glossentry id="gloss-rdbms">
-      <glossterm>Relational DataBase Management System</glossterm>
-      <acronym>RDBMS</acronym>
-
-      <glossdef>
-        <para>A relational database management system is a database system
-        that stores information in tables that are related to each other.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-regexp">
-      <glossterm>Regular Expression</glossterm>
-      <acronym>regexp</acronym>
-
-      <glossdef>
-          <para>A regular expression is an expression used for pattern matching.
-              <ulink url="http://perldoc.com/perl5.6/pod/perlre.html#Regular-Expressions">Documentation</ulink>
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-s">
-    <title>S</title>
-
-    <glossentry id="gloss-service">
-      <glossterm>Service</glossterm>
-      
-      <glossdef>
-        <para>In Windows NT environment, a boot-time background application
-        is referred to as a service. These are generally managed through the
-        control panel while logged in as an account with
-        <quote>Administrator</quote> level capabilities. For more
-        information, consult your Windows manual or the MSKB.
-        </para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry>
-      <glossterm>
-        <acronym>SGML</acronym>
-      </glossterm>
-
-      <glossdef>
-        <para>
-        <acronym>SGML</acronym>
-
-        stands for 
-        <quote>Standard Generalized Markup Language</quote>. 
-        Created in the 1980's to provide an extensible means to maintain
-        documentation based upon content instead of presentation, 
-        <acronym>SGML</acronym>
-
-        has withstood the test of time as a robust, powerful language. 
-        <glossterm>
-          <acronym>XML</acronym>
-        </glossterm>
-
-        is the 
-        <quote>baby brother</quote>
-
-        of SGML; any valid 
-        <acronym>XML</acronym>
-
-        document it, by definition, a valid 
-        <acronym>SGML</acronym>
-
-        document. The document you are reading is written and maintained in 
-        <acronym>SGML</acronym>, 
-        and is also valid 
-        <acronym>XML</acronym>
-
-        if you modify the Document Type Definition.</para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-t">
-    <title>T</title>
-
-    <glossentry id="gloss-target-milestone" xreflabel="Target Milestone">
-      <glossterm>Target Milestone</glossterm>
-
-      <glossdef>
-        <para>Target Milestones are Product goals. They are configurable on a
-        per-Product basis. Most software development houses have a concept of
-        
-        <quote>milestones</quote>
-
-        where the people funding a project expect certain functionality on
-        certain dates. Bugzilla facilitates meeting these milestones by
-        giving you the ability to declare by which milestone a bug will be
-        fixed, or an enhancement will be implemented.</para>
-      </glossdef>
-    </glossentry>
-
-    <glossentry id="gloss-tcl">
-      <glossterm>Tool Command Language</glossterm>
-      <acronym>TCL</acronym>
-      <glossdef>
-        <para>TCL is an open source scripting language available for Windows,
-        Macintosh, and Unix based systems. Bugzilla 1.0 was written in TCL but
-        never released. The first release of Bugzilla was 2.0, which was when
-        it was ported to perl.
-        </para>
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-
-  <glossdiv id="gloss-z">
-    <title>Z</title>
-
-    <glossentry id="gloss-zarro">
-      <glossterm>Zarro Boogs Found</glossterm>
-
-      <glossdef>
-        <para>This is just a goofy way of saying that there were no bugs
-        found matching your query. When asked to explain this message,
-        Terry had the following to say:
-        </para>
-
-        <blockquote>
-          <attribution>Terry Weissman</attribution>
-          <para>I've been asked to explain this ... way back when, when
-          Netscape released version 4.0 of its browser, we had a release
-          party.  Naturally, there had been a big push to try and fix every
-          known bug before the release. Naturally, that hadn't actually
-          happened.  (This is not unique to Netscape or to 4.0; the same thing
-          has happened with every software project I've ever seen.)  Anyway,
-          at the release party, T-shirts were handed out that said something
-          like "Netscape 4.0: Zarro Boogs". Just like the software, the
-          T-shirt had no known bugs.  Uh-huh.
-          </para>
-
-          <para>So, when you query for a list of bugs, and it gets no results,
-          you can think of this as a friendly reminder.  Of *course* there are
-          bugs matching your query, they just aren't in the bugsystem yet...
-          </para>
-        </blockquote>
-
-      </glossdef>
-    </glossentry>
-  </glossdiv>
-</glossary>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->

mozilla/webtools/bugzilla/docs/en/xml/index.xml

@@ -1,21 +0,0 @@
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/integration.xml

@@ -1,124 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- Keep these tools listings in alphabetical order please. -MPB -->
-<section id="integration">
-  <title>Integrating Bugzilla with Third-Party Tools</title>
-
-  <section id="bonsai"
-  xreflabel="Bonsai, the Mozilla automated CVS management system">
-    <title>Bonsai</title>
-
-    <para>Bonsai is a web-based tool for managing 
-    <xref linkend="cvs" />
-
-    . Using Bonsai, administrators can control open/closed status of trees,
-    query a fast relational database back-end for change, branch, and comment
-    information, and view changes made since the last time the tree was
-    closed. Bonsai
-    also integrates with  
-    <xref linkend="tinderbox" />.
-    </para>
-  </section>
-
-  <section id="cvs" xreflabel="CVS, the Concurrent Versioning System">
-    <title>CVS</title>
-
-    <para>CVS integration is best accomplished, at this point, using the
-    Bugzilla Email Gateway.</para>
-
-    <para>Follow the instructions in this Guide for enabling Bugzilla e-mail
-    integration. Ensure that your check-in script sends an email to your
-    Bugzilla e-mail gateway with the subject of 
-    <quote>[Bug XXXX]</quote>, 
-    and you can have CVS check-in comments append to your Bugzilla bug. If
-    you  want to have the bug be closed automatically, you'll have to modify
-    the <filename>contrib/bugzilla_email_append.pl</filename> script.
-    </para>
-
-    <para>There is also a CVSZilla project, based upon somewhat dated 
-    Bugzilla code, to integrate CVS and Bugzilla through CVS' ability to 
-    email. Check it out at: <ulink url="http://www.cvszilla.org/"/>.
-    </para>
-
-    <para>Another system capable of CVS integration with Bugzilla is
-    Scmbug. This system provides generic integration of Source code
-    Configuration Management with Bugtracking. Check it out at: <ulink
-    url="http://freshmeat.net/projects/scmbug/"/>.
-    </para>
-
-  </section>
-
-  <section id="scm"
-  xreflabel="Perforce SCM (Fast Software Configuration Management System, a powerful commercial alternative to CVS">
-
-    <title>Perforce SCM</title>
-
-    <para>You can find the project page for Bugzilla and Teamtrack Perforce
-    integration (p4dti) at: 
-    <ulink url="http://www.ravenbrook.com/project/p4dti/"/>
-
-    . 
-    <quote>p4dti</quote>
-
-    is now an officially supported product from Perforce, and you can find
-    the "Perforce Public Depot" p4dti page at 
-    <ulink url="http://public.perforce.com/public/perforce/p4dti/index.html"/>
-
-    .</para>
-
-    <para>Integration of Perforce with Bugzilla, once patches are applied, is
-    seamless. Perforce replication information will appear below the comments
-    of each bug. Be certain you have a matching set of patches for the
-    Bugzilla version you are installing. p4dti is designed to support
-    multiple defect trackers, and maintains its own documentation for it.
-    Please consult the pages linked above for further information.</para>
-  </section>
-
-  <section id="svn"
-  xreflabel="Subversion, a compelling replacement for CVS">
-     <title>Subversion</title>
-     <para>Subversion is a free/open-source version control system,
-     designed to overcome various limitations of CVS. Integration of
-     Subversion with Bugzilla is possible using Scmbug, a system
-     providing generic integration of Source Code Configuration
-     Management with Bugtracking. Scmbug is available at <ulink
-     url="http://freshmeat.net/projects/scmbug/"/>.</para>
-  </section>
-
-  <section id="tinderbox"
-  xreflabel="Tinderbox, the Mozilla automated build management system">
-    <title>Tinderbox/Tinderbox2</title>
-
-    <para>Tinderbox is a continuous-build system which can integrate with
-    Bugzilla - see
-    <ulink url="http://www.mozilla.org/projects/tinderbox"/> for details
-    of Tinderbox, and 
-    <ulink url="http://tinderbox.mozilla.org/showbuilds.cgi"/> to see it
-    in action.</para>
-  </section>
-</section>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/introduction.xml

@@ -1,121 +0,0 @@
-<chapter id="introduction">
-  <title>Introduction</title>
-
-  <section id="what-is-bugzilla">
-    <title>What is Bugzilla?</title>
-
-    <para>
-    Bugzilla is a bug- or issue-tracking system. Bug-tracking
-    systems allow individual or groups of developers effectively to keep track
-    of outstanding problems with their products. 
-    </para>
-    
-    <para><emphasis>Do we need more here?</emphasis></para>
-    
-  </section>
-
-  <section id="why-tracking">
-    <title>Why use a bug-tracking system?</title>
-    
-    <para>Those who do not use a bug-tracking system tend to rely on
-    shared lists, email, spreadsheets and/or Post-It notes to monitor the 
-    status of defects. This procedure
-    is usually error-prone and tends to cause those bugs judged least 
-    significant by developers to be dropped or ignored.</para>
-
-    <para>Integrated defect-tracking systems make sure that nothing gets
-    swept under the carpet; they provide a method of creating, storing,
-    arranging and processing defect reports and enhancement requests.</para>
-    
-  </section>
-    
-  <section id="why-bugzilla">
-    <title>Why use Bugzilla?</title>
-
-    <para>Bugzilla is the leading open-source/free software bug tracking 
-    system. It boasts many advanced features, including: 
-    <itemizedlist>
-      <listitem>
-        <para>Powerful searching</para>
-      </listitem>
-
-      <listitem>
-        <para>User-configurable email notifications of bug changes</para>
-      </listitem>
-
-      <listitem>
-        <para>Full change history</para>
-      </listitem>
-
-      <listitem>
-        <para>Inter-bug dependency tracking and graphing</para>
-      </listitem>
-
-      <listitem>
-        <para>Excellent attachment management</para>
-      </listitem>
-
-      <listitem>
-        <para>Integrated, product-based, granular security schema</para>
-      </listitem>
-
-      <listitem>
-        <para>Fully security-audited, and runs under Perl's taint mode</para>
-      </listitem>
-
-      <listitem>
-        <para>A robust, stable RDBMS back-end</para>
-      </listitem>
-
-      <listitem>
-        <para>Completely customizable and/or localizable web user
-        interface</para>
-      </listitem>
-
-      <listitem>
-        <para>Additional XML, email and console interfaces</para>
-      </listitem>
-
-      <listitem>
-        <para>Extensive configurability</para>
-      </listitem>
-
-      <listitem>
-        <para>Smooth upgrade pathway between versions</para>
-      </listitem>
-    </itemizedlist>
-    </para>
-    
-    <para>Bugzilla is very adaptable to various situations. Known uses
-    currently include IT support queues, Systems Administration deployment
-    management, chip design and development problem tracking (both
-    pre-and-post fabrication), and software and hardware bug tracking for
-    luminaries such as Redhat, NASA, Linux-Mandrake, and VA Systems.
-    Combined with systems such as 
-    <ulink url="http://www.cvshome.org">CVS</ulink>, 
-    <ulink url="http://www.mozilla.org/bonsai.html">Bonsai</ulink>, or 
-    <ulink url="http://www.perforce.com">Perforce SCM</ulink>, Bugzilla
-    provides a powerful, easy-to-use configuration management solution.</para>
-  </section>
-</chapter>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->

mozilla/webtools/bugzilla/docs/en/xml/modules.xml

@@ -1,197 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="install-perlmodules-manual">
-  <title>Manual Installation of Perl Modules</title>
-  
-  <section id="modules-manual-instructions">
-    <title>Instructions</title>
-    <para>
-      If you need to install Perl modules manually, here's how it's done.
-      Download the module using the link given in the next section, and then
-      apply this magic incantation, as root:
-    </para>
-
-    <para>  
-      <screen><prompt>bash#</prompt> tar -xzvf &lt;module&gt;.tar.gz
-<prompt>bash#</prompt> cd &lt;module&gt;
-<prompt>bash#</prompt> perl Makefile.PL
-<prompt>bash#</prompt> make
-<prompt>bash#</prompt> make test
-<prompt>bash#</prompt> make install</screen>
-    </para>
-    <note>
-      <para>
-        In order to compile source code under Windows you will need to obtain
-        a 'make' utility.  The <command>nmake</command> utility provided with
-        Microsoft Visual C++ may be used.  As an alternative, there is a
-        utility called <command>dmake</command> available from CPAN which is
-        written entirely in Perl.
-      </para>
-      <para>
-        As described in <xref linkend="modules-manual-download" />, however, most
-        packages already exist and are available from ActiveState or theory58S.
-        We highly recommend that you install them using the ppm GUI available with
-        ActiveState and to add the theory58S repository to your list of repositories.
-      </para>
-    </note>
-  </section>
-    
-  <section id="modules-manual-download">
-    <title>Download Locations</title>
-    
-    <note>
-      <para>
-        Running Bugzilla on Windows requires the use of ActiveState
-        Perl 5.8.1 or higher. Many modules already exist in the core
-        distribution of ActiveState Perl. Additional modules can be downloaded
-        from <ulink url="http://theoryx5.uwinnipeg.ca/ppms/" /> if you use
-        Perl 5.8.x or from <ulink url="http://cpan.uwinnipeg.ca/PPMPackages/10xx/" />
-        if you use Perl 5.10.x.
-      </para>
-    </note>
-
-    <para>
-      CGI:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/CGI.pm/"/>
-        Documentation: <ulink url="http://perldoc.perl.org/CGI.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Data-Dumper:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Data-Dumper/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/Data-Dumper/Dumper.pm"/>
-      </literallayout>
-    </para>
-    
-    <para>
-      Date::Format (part of TimeDate):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/TimeDate/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/TimeDate/lib/Date/Format.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBI:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBI/"/>
-        Documentation: <ulink url="http://dbi.perl.org/docs/"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBD::mysql:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-mysql/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/DBD-mysql/lib/DBD/mysql.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      DBD::Pg:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-Pg/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/DBD-Pg/Pg.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      File::Spec:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/File-Spec/"/>
-        Documentation: <ulink url="http://perldoc.perl.org/File/Spec.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Template-Toolkit:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-Toolkit/"/>
-        Documentation: <ulink url="http://www.template-toolkit.org/docs.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      GD:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GD/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GD/GD.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      Template::Plugin::GD:
-      <literallayout>
-       CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-GD/" />
-       Documentation: <ulink url="http://www.template-toolkit.org/docs/aqua/Modules/index.html" />
-      </literallayout>
-    </para>
-
-    <para>
-      MIME::Parser (part of MIME-tools):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/MIME-tools/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/MIME-tools/lib/MIME/Parser.pm"/>
-      </literallayout>
-    </para>
-
-  </section>
-
-  <section id="modules-manual-optional">
-    <title>Optional Modules</title>
-
-    <para>
-      Chart::Base:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/Chart/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/Chart/Chart.pod"/>
-      </literallayout>
-    </para>
-
-     <para>
-      GD::Graph:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDGraph/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GDGraph/Graph.pm"/>
-      </literallayout>
-    </para>
-
-    <para>
-      GD::Text::Align (part of GD::Text::Util):
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDTextUtil/"/>
-        Documentation: <ulink url="http://search.cpan.org/dist/GDTextUtil/Text/Align.pm"/>
-      </literallayout>
-    </para>
-
-   <para>
-      XML::Twig:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/XML-Twig/"/>
-        Documentation: <ulink url="http://standards.ieee.org/resources/spasystem/twig/twig_stable.html"/>
-      </literallayout>
-    </para>
-
-    <para>
-      PatchReader:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/author/JKEISER/PatchReader/"/>
-        Documentation: <ulink url="http://www.johnkeiser.com/mozilla/Patch_Viewer.html"/>
-      </literallayout>
-    </para>
-
-   <para>
-      Image::Magick:
-      <literallayout>
-        CPAN Download Page: <ulink url="http://search.cpan.org/dist/PerlMagick/"/>
-        Documentation: <ulink url="http://www.imagemagick.org/script/resources.php"/>
-      </literallayout>
-    </para>
-   </section>
-</appendix>

mozilla/webtools/bugzilla/docs/en/xml/patches.xml

@@ -1,135 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<appendix id="patches" xreflabel="Useful Patches and Utilities for Bugzilla">
-  <title>Contrib</title>
-
-  <para>
-    There are a number of unofficial Bugzilla add-ons in the 
-    <filename class="directory">$BUGZILLA_ROOT/contrib/</filename>
-    directory. This section documents them.
-  </para>
-
-  <section id="cmdline">
-    <title>Command-line Search Interface</title>
-
-    <para>
-      There are a suite of Unix utilities for searching Bugzilla from the 
-      command line. They live in the 
-      <filename class="directory">contrib/cmdline</filename> directory.
-      There are three files - <filename>query.conf</filename>,
-      <filename>buglist</filename> and <filename>bugs</filename>.
-    </para>
-
-    <warning>
-      <para>
-        These files pre-date the templatization work done as part of the
-        2.16 release, and have not been updated.
-      </para>
-    </warning>
-    
-    <para>
-      <filename>query.conf</filename> contains the mapping from
-      options to field names and comparison types. Quoted option names
-      are <quote>grepped</quote> for, so it should be easy to edit this
-      file. Comments (#) have no effect; you must make sure these lines
-      do not contain any quoted <quote>option</quote>.
-    </para>
-
-    <para>
-      <filename>buglist</filename> is a shell script that submits a
-      Bugzilla query and writes the resulting HTML page to stdout.
-      It supports both short options, (such as <quote>-Afoo</quote>
-      or <quote>-Rbar</quote>) and long options (such
-      as <quote>--assignedto=foo</quote> or <quote>--reporter=bar</quote>).
-      If the first character of an option is not <quote>-</quote>, it is
-      treated as if it were prefixed with <quote>--default=</quote>.
-    </para>
-
-    <para>
-      The column list is taken from the COLUMNLIST environment variable.
-      This is equivalent to the <quote>Change Columns</quote> option
-      that is available when you list bugs in buglist.cgi. If you have
-      already used Bugzilla, grep for COLUMNLIST in your cookies file
-      to see your current COLUMNLIST setting.
-    </para>
-
-    <para>
-      <filename>bugs</filename> is a simple shell script which calls
-      <filename>buglist</filename> and extracts the
-      bug numbers from the output. Adding the prefix
-      <quote>http://bugzilla.mozilla.org/buglist.cgi?bug_id=</quote>
-      turns the bug list into a working link if any bugs are found.
-      Counting bugs is easy. Pipe the results through 
-      <command>sed -e 's/,/ /g' | wc | awk '{printf $2 "\n"}'</command>
-    </para>
-
-    <para>
-      Akkana Peck says she has good results piping 
-      <filename>buglist</filename> output through 
-      <command>w3m -T text/html -dump</command>
-    </para>
-
-  </section>
-
-  <section id="cmdline-bugmail">
-    <title>Command-line 'Send Unsent Bug-mail' tool</title>
-
-    <para>
-      Within the <filename class="directory">contrib</filename> directory
-      exists a utility with the descriptive (if compact) name
-      of <filename>sendunsentbugmail.pl</filename>. The purpose of this
-      script is, simply, to send out any bug-related mail that should
-      have been sent by now, but for one reason or another has not.
-    </para>
-
-    <para>
-      To accomplish this task, <filename>sendunsentbugmail.pl</filename> uses
-      the same mechanism as the <filename>sanitycheck.cgi</filename> script;
-      it scans through the entire database looking for bugs with changes that
-      were made more than 30 minutes ago, but where there is no record of
-      anyone related to that bug having been sent mail. Having compiled a list,
-      it then uses the standard rules to determine who gets mail, and sends it
-      out.
-    </para>
-
-    <para>
-      As the script runs, it indicates the bug for which it is currently
-      sending mail; when it has finished, it gives a numerical count of how
-      many mails were sent and how many people were excluded. (Individual
-      user names are not recorded or displayed.) If the script produces
-      no output, that means no unsent mail was detected.
-    </para>
-
-    <para>
-      <emphasis>Usage</emphasis>: move the sendunsentbugmail.pl script
-      up into the main directory, ensure it has execute permission, and run it
-      from the command line (or from a cron job) with no parameters.
-    </para>
-  </section>
-
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/requiredsoftware.xml

@@ -1,77 +0,0 @@
-<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> -->
-<appendix id="downloadlinks">
-  <title>Software Download Links</title>
-
-  <para>All of these sites are current as of April, 2001. Hopefully they'll
-  stay current for a while.</para>
-
-  <para>Apache Web Server: 
-  <ulink url="http://www.apache.org/"/>
-
-  Optional web server for Bugzilla, but recommended because of broad user
-  base and support.</para>
-
-  <para>Bugzilla: 
-  <ulink url="http://www.bugzilla.org/"/>
-  </para>
-
-  <para>MySQL: 
-  <ulink url="http://www.mysql.com/"/>
-  </para>
-
-  <para>Perl: 
-  <ulink url="http://www.perl.org/"/>
-  </para>
-
-  <para>CPAN: 
-  <ulink url="http://www.cpan.org/"/>
-  </para>
-
-  <para>DBI Perl module: 
-  <ulink url="http://www.cpan.org/modules/by-module/DBI/"/>
-  </para>
-
-  <para>MySQL related Perl modules: 
-  <ulink url="http://www.cpan.org/modules/by-module/Mysql/"/>
-  </para>
-
-  <para>TimeDate Perl module collection: 
-  <ulink url="http://www.cpan.org/modules/by-module/Date/"/>
-  </para>
-
-  <para>GD Perl module: 
-  <ulink url="http://www.cpan.org/modules/by-module/GD/"/>
-
-  Alternately, you should be able to find the latest version of GD at 
-  <ulink url="http://www.boutell.com/gd/"/>
-  </para>
-
-  <para>Chart::Base module: 
-  <ulink url="http://www.cpan.org/modules/by-module/Chart/"/>
-  </para>
-
-  <para>(But remember, Bundle::Bugzilla will install all the modules for you.)
-  </para>
-</appendix>
-
-<!-- Keep this comment at the end of the file
-Local variables:
-mode: sgml
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t
-sgml-indent-step:2
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil
-sgml-minimize-attributes:nil
-sgml-namecase-general:t
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t
-sgml-tag-region-if-active:t
-End:
--->
-

mozilla/webtools/bugzilla/docs/en/xml/security.xml

@@ -1,364 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-    <!ENTITY % myents SYSTEM "bugzilla.ent">
-    %myents;
-]>
-<!-- $Id: security.xml,v 1.19.2.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<chapter id="security">
-<title>Bugzilla Security</title>
-
-  <para>While some of the items in this chapter are related to the operating
-  system Bugzilla is running on or some of the support software required to
-  run Bugzilla, it is all related to protecting your data. This is not
-  intended to be a comprehensive guide to securing Linux, Apache, MySQL, or
-  any other piece of software mentioned. There is no substitute for active
-  administration and monitoring of a machine. The key to good security is
-  actually right in the middle of the word: <emphasis>U R It</emphasis>.
-  </para>
-  
-  <para>While programmers in general always strive to write secure code,
-  accidents can and do happen. The best approach to security is to always
-  assume that the program you are working with isn't 100% secure and restrict
-  its access to other parts of your machine as much as possible.
-  </para>
- 
-  <section id="security-os">
-  <title>Operating System</title>
-  
-    <section id="security-os-ports">
-    <title>TCP/IP Ports</title>
-    
-      <!-- TODO: Get exact number of ports -->
-      <para>The TCP/IP standard defines more than 65,000 ports for sending
-      and receiving traffic. Of those, Bugzilla needs exactly one to operate
-      (different configurations and options may require up to 3). You should
-      audit your server and make sure that you aren't listening on any ports
-      you don't need to be. It's also highly recommended that the server
-      Bugzilla resides on, along with any other machines you administer, be
-      placed behind some kind of firewall.
-      </para>
-    
-    </section>
-    
-    <section id="security-os-accounts">
-    <title>System User Accounts</title>
-    
-      <para>Many <glossterm linkend="gloss-daemon">daemons</glossterm>, such
-      as Apache's <filename>httpd</filename> or MySQL's
-      <filename>mysqld</filename>, run as either <quote>root</quote> or
-      <quote>nobody</quote>. This is even worse on Windows machines where the
-      majority of <glossterm linkend="gloss-service">services</glossterm>
-      run as <quote>SYSTEM</quote>. While running as <quote>root</quote> or
-      <quote>SYSTEM</quote> introduces obvious security concerns, the
-      problems introduced by running everything as <quote>nobody</quote> may
-      not be so obvious. Basically, if you run every daemon as
-      <quote>nobody</quote> and one of them gets compromised it can
-      compromise every other daemon running as <quote>nobody</quote> on your
-      machine. For this reason, it is recommended that you create a user
-      account for each daemon.
-      </para>
-    
-      <note>
-        <para>You will need to set the <option>webservergroup</option> option
-        in <filename>localconfig</filename> to the group your web server runs
-        as. This will allow <filename>./checksetup.pl</filename> to set file
-        permissions on Unix systems so that nothing is world-writable.
-        </para>
-      </note>
-    
-    </section>
-    
-    <section id="security-os-chroot">
-    <title>The <filename>chroot</filename> Jail</title>
-    
-      <para>
-        If your system supports it, you may wish to consider running
-        Bugzilla inside of a <filename>chroot</filename> jail. This option
-        provides unprecedented security by restricting anything running
-        inside the jail from accessing any information outside of it. If you
-        wish to use this option, please consult the documentation that came
-        with your system.
-      </para>
-      
-    </section>
-  
-  </section>
-  
-  
-  
-  <section id="security-mysql">
-  <title>MySQL</title>
-  
-    <section id="security-mysql-account">
-    <title>The MySQL System Account</title>
-    
-      <para>As mentioned in <xref linkend="security-os-accounts"/>, the MySQL
-      daemon should run as a non-privileged, unique user. Be sure to consult
-      the MySQL documentation or the documentation that came with your system
-      for instructions.
-      </para>
-    </section>
-    
-    <section id="security-mysql-root">
-    <title>The MySQL <quote>root</quote> and <quote>anonymous</quote> Users</title>
-    
-      <para>By default, MySQL comes with a <quote>root</quote> user with a
-      blank password and an <quote>anonymous</quote> user, also with a blank
-      password. In order to protect your data, the <quote>root</quote> user
-      should be given a password and the anonymous user should be disabled.
-      </para>
-      
-      <example id="security-mysql-account-root">
-      <title>Assigning the MySQL <quote>root</quote> User a Password</title>
-      
-        <screen>
-<prompt>bash$</prompt> mysql mysql
-<prompt>mysql&gt;</prompt> UPDATE user SET password = password('<replaceable>new_password</replaceable>') WHERE user = 'root';
-<prompt>mysql&gt;</prompt> FLUSH PRIVILEGES;
-        </screen>
-      </example>
-      
-      <example id="security-mysql-account-anonymous">
-      <title>Disabling the MySQL <quote>anonymous</quote> User</title>
-        <screen>
-<prompt>bash$</prompt> mysql -u root -p mysql           <co id="security-mysql-account-anonymous-mysql"/>
-<prompt>Enter Password:</prompt> <replaceable>new_password</replaceable>
-<prompt>mysql&gt;</prompt> DELETE FROM user WHERE user = '';
-<prompt>mysql&gt;</prompt> FLUSH PRIVILEGES;
-        </screen>
-        <calloutlist>
-          <callout arearefs="security-mysql-account-anonymous-mysql">
-            <para>This command assumes that you have already completed
-            <xref linkend="security-mysql-account-root"/>.
-            </para>
-          </callout>
-        </calloutlist>
-      </example>
-          
-    </section>
-    
-    <section id="security-mysql-network">
-    <title>Network Access</title>
-    
-      <para>If MySQL and your web server both run on the same machine and you
-      have no other reason to access MySQL remotely, then you should disable
-      the network access. This, along with the suggestion in
-      <xref linkend="security-os-ports"/>, will help protect your system from
-      any remote vulnerabilities in MySQL.
-      </para>
-      
-      <example id="security-mysql-network-ex">
-      <title>Disabling Networking in MySQL</title>
-      
-        <para>Simply enter the following in <filename>/etc/my.cnf</filename>:
-        <screen>
-[mysqld]
-# Prevent network access to MySQL.
-skip-networking
-        </screen>
-        </para>
-      </example>
-      
-    </section>
-
-
-<!-- For possible addition in the future: How to better control the bugs user
-    <section id="security-mysql-bugs">
-    <title>The bugs User</title>
-    
-    </section>
--->
-  
-  </section>
-  
-  
-  
-  <section id="security-webserver">
-  <title>Web server</title>
-
-    <section id="security-webserver-access">
-    <title>Disabling Remote Access to Bugzilla Configuration Files</title>
-    
-      <para>
-        There are many files that are placed in the Bugzilla directory
-        area that should not be accessible from the web server. Because of the way
-        Bugzilla is currently layed out, the list of what should and should not
-        be accessible is rather complicated. A quick way is to run
-        <filename>testserver.pl</filename> to check if your web server serves
-        Bugzilla files as expected. If not, you may want to follow the few
-        steps below.
-      </para>
-      
-      <tip>
-        <para>Bugzilla ships with the ability to create
-        <glossterm linkend="gloss-htaccess"><filename>.htaccess</filename></glossterm>
-        files that enforce these rules. Instructions for enabling these
-        directives in Apache can be found in <xref linkend="http-apache"/>
-        </para>
-      </tip>
-        
-      <itemizedlist spacing="compact">
-        <listitem>
-          <para>In the main Bugzilla directory, you should:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block:
-              <simplelist type="inline">
-                <member><filename>*.pl</filename></member>
-                <member><filename>*localconfig*</filename></member>
-              </simplelist>
-              </para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">data</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">data/webdot</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>If you use a remote webdot server:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-                <listitem>
-                  <para>But allow
-                  <simplelist type="inline">
-                    <member><filename>*.dot</filename></member>
-                  </simplelist>
-                  only for the remote webdot server</para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-            <listitem>
-              <para>Otherwise, if you use a local GraphViz:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-                <listitem>
-                  <para>But allow:
-                  <simplelist type="inline">
-                    <member><filename>*.png</filename></member>
-                    <member><filename>*.gif</filename></member>
-                    <member><filename>*.jpg</filename></member>
-                    <member><filename>*.map</filename></member>
-                  </simplelist>
-                  </para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-            <listitem>
-              <para>And if you don't use any dot:</para>
-              <itemizedlist spacing="compact">
-                <listitem>
-                  <para>Block everything</para>
-                </listitem>
-              </itemizedlist>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">Bugzilla</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-
-        <listitem>
-          <para>In <filename class="directory">template</filename>:</para>
-          <itemizedlist spacing="compact">
-            <listitem>
-              <para>Block everything</para>
-            </listitem>
-          </itemizedlist>
-        </listitem>
-      </itemizedlist>
-
-      <para>Be sure to test that data that should not be accessed remotely is
-      properly blocked. Of particular interest is the localconfig file which
-      contains your database password. Also, be aware that many editors
-      create temporary and backup files in the working directory and that
-      those should also not be accessible. For more information, see
-      <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=186383">bug 186383</ulink>
-      or
-      <ulink url="http://online.securityfocus.com/bid/6501">Bugtraq ID 6501</ulink>.
-      To test, simply run <filename>testserver.pl</filename>, as said above.
-      </para>
-      
-      <tip>
-        <para>Be sure to check <xref linkend="http"/> for instructions
-        specific to the web server you use.
-        </para>
-      </tip>
-    
-    </section>
-
-      
-  </section>
-  
-  
-  <section id="security-bugzilla">
-  <title>Bugzilla</title>
-
-    <section id="security-bugzilla-charset">
-    <title>Prevent users injecting malicious Javascript</title>
-
-      <para>If you installed Bugzilla version 2.22 or later from scratch,
-      then the <emphasis>utf8</emphasis> parameter is switched on by default.
-      This makes Bugzilla explicitly set the character encoding, following
-      <ulink
-      url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">a
-      CERT advisory</ulink> recommending exactly this.
-      The following therefore does not apply to you; just keep
-      <emphasis>utf8</emphasis> turned on.
-      </para>
-
-      <para>If you've upgraded from an older version, then it may be possible
-      for a Bugzilla user to take advantage of character set encoding
-      ambiguities to inject HTML into Bugzilla comments.
-      This could include malicious scripts. 
-      This is because due to internationalization concerns, we are unable to
-      turn the <emphasis>utf8</emphasis> parameter on by default for upgraded
-      installations.
-      Turning it on manually will prevent this problem.
-      </para>
-    </section>    
-    
-  </section>
-
-</chapter> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-

mozilla/webtools/bugzilla/docs/en/xml/troubleshooting.xml

@@ -1,311 +0,0 @@
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                      "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-     <!ENTITY % myents SYSTEM "bugzilla.ent">
-     %myents;
- ]>
-<!-- $Id: troubleshooting.xml,v 1.13.4.1 2008-07-13 16:44:28 mozilla%colinogilvie.co.uk Exp $ -->
-
-<appendix id="troubleshooting">
-<title>Troubleshooting</title>
-
-  <para>This section gives solutions to common Bugzilla installation
-  problems. If none of the section headings seems to match your
-  problem, read the general advice.
-  </para>
-    
-  <section id="general-advice">
-  <title>General Advice</title>
-    <para>If you can't get <filename>checksetup.pl</filename> to run to 
-    completion, it normally explains what's wrong and how to fix it.
-    If you can't work it out, or if it's being uncommunicative, post 
-    the errors in the 
-    <ulink url="news://news.mozilla.org/mozilla.support.bugzilla">mozilla.support.bugzilla</ulink>
-    newsgroup.
-    </para>
-
-    <para>If you have made it all the way through
-    <xref linkend="installation"/> (Installation) and
-    <xref linkend="configuration"/> (Configuration) but accessing the Bugzilla
-    URL doesn't work, the first thing to do is to check your web server error
-    log. For Apache, this is often located at
-    <filename>/etc/logs/httpd/error_log</filename>. The error messages
-    you see may be self-explanatory enough to enable you to diagnose and
-    fix the problem. If not, see below for some commonly-encountered 
-    errors. If that doesn't help, post the errors to the newsgroup.
-    </para>
-
-    <para>
-      Bugzilla can also log all user-based errors (and many code-based errors)
-      that occur, without polluting the web server's error log.  To enable
-      Bugzilla error logging, create a file that Bugzilla can write to, named
-      <filename>errorlog</filename>, in the Bugzilla <filename>data</filename>
-      directory.  Errors will be logged as they occur, and will include the type
-      of the error, the IP address and username (if available) of the user who
-      triggered the error, and the values of all environment variables; if a
-      form was being submitted, the data in the form will also be included.
-      To disable error logging, delete or rename the
-      <filename>errorlog</filename> file.
-    </para>
-  </section>
-        
-  <section id="trbl-testserver">
-  <title>The Apache web server is not serving Bugzilla pages</title>
-    <para>After you have run <command>checksetup.pl</command> twice,
-    run <command>testserver.pl http://yoursite.yourdomain/yoururl</command>
-    to confirm that your web server is configured properly for
-    Bugzilla.
-    </para>
-    <programlisting>
-<prompt>bash$</prompt> ./testserver.pl http://landfill.bugzilla.org/bugzilla-tip
-TEST-OK Webserver is running under group id in $webservergroup.
-TEST-OK Got ant picture.
-TEST-OK Webserver is executing CGIs.
-TEST-OK Webserver is preventing fetch of http://landfill.bugzilla.org/bugzilla-tip/localconfig.
-</programlisting>
-  </section>
-
-  <section id="trbl-perlmodule">
-  <title>I installed a Perl module, but 
-      <filename>checksetup.pl</filename> claims it's not installed!</title>
-      
-    <para>This could be caused by one of two things:</para>
-    <orderedlist>
-      <listitem>
-        <para>You have two versions of Perl on your machine. You are installing
-        modules into one, and Bugzilla is using the other. Rerun the CPAN
-        commands (or manual compile) using the full path to Perl from the 
-        top of <filename>checksetup.pl</filename>. This will make sure you 
-        are installing the modules in the right place.
-        </para>
-      </listitem>
-      <listitem>
-        <para>The permissions on your library directories are set incorrectly.
-        They must, at the very least, be readable by the web server user or
-        group. It is recommended that they be world readable.
-        </para>
-      </listitem>
-    </orderedlist>
-  </section>
-
-  <section id="trbl-dbdSponge">
-  <title>DBD::Sponge::db prepare failed</title>
-      
-    <para>The following error message may appear due to a bug in DBD::mysql
-    (over which the Bugzilla team have no control):
-    </para>
-      
-<programlisting><![CDATA[ DBD::Sponge::db prepare failed: Cannot determine NUM_OF_FIELDS at D:/Perl/site/lib/DBD/mysql.pm line 248.
-  SV = NULL(0x0) at 0x20fc444
-  REFCNT = 1
-  FLAGS = (PADBUSY,PADMY)
-]]></programlisting>
-
-    <para>To fix this, go to 
-    <filename>&lt;path-to-perl&gt;/lib/DBD/sponge.pm</filename> 
-    in your Perl installation and replace
-    </para>
-        
-<programlisting><![CDATA[ my $numFields;
- if ($attribs->{'NUM_OF_FIELDS'}) {
-     $numFields = $attribs->{'NUM_OF_FIELDS'};
- } elsif ($attribs->{'NAME'}) {
-     $numFields = @{$attribs->{NAME}};
-]]></programlisting>
-
-    <para>with</para>
-
-<programlisting><![CDATA[ my $numFields;
- if ($attribs->{'NUM_OF_FIELDS'}) {
-     $numFields = $attribs->{'NUM_OF_FIELDS'};
- } elsif ($attribs->{'NAMES'}) {
-     $numFields = @{$attribs->{NAMES}};
-]]></programlisting>
-
-     <para>(note the S added to NAME.)</para>
-  </section>
-    
-  <section id="paranoid-security">
-  <title>cannot chdir(/var/spool/mqueue)</title>
-
-    <para>If you are installing Bugzilla on SuSE Linux, or some other
-    distributions with <quote>paranoid</quote> security options, it is
-    possible that the checksetup.pl script may fail with the error: 
-<programlisting><![CDATA[cannot chdir(/var/spool/mqueue): Permission denied
-]]></programlisting>
-    </para>
-      
-    <para>This is because your <filename>/var/spool/mqueue</filename>
-    directory has a mode of <computeroutput>drwx------</computeroutput>.
-    Type <command>chmod 755 <filename>/var/spool/mqueue</filename></command>
-    as root to fix this problem. This will allow any process running on your
-    machine the ability to <emphasis>read</emphasis> the
-    <filename>/var/spool/mqueue</filename> directory.
-    </para>
-  </section>    
-
-  <section id="trbl-relogin-everyone">
-  <title>Everybody is constantly being forced to relogin</title>
-  
-  <para>The most-likely cause is that the <quote>cookiepath</quote> parameter
-  is not set correctly in the Bugzilla configuration.  You can change this (if
-  you're a Bugzilla administrator) from the editparams.cgi page via the web interface.
-  </para>
-
-  <para>The value of the cookiepath parameter should be the actual directory
-  containing your Bugzilla installation, <emphasis>as seen by the end-user's
-  web browser</emphasis>. Leading and trailing slashes are mandatory. You can
-  also set the cookiepath to any directory which is a parent of the Bugzilla
-  directory (such as '/', the root directory). But you can't put something
-  that isn't at least a partial match or it won't work. What you're actually
-  doing is restricting the end-user's browser to sending the cookies back only
-  to that directory.
-  </para>
-
-  <para>How do you know if you want your specific Bugzilla directory or the
-  whole site?
-  </para>
-
-  <para>If you have only one Bugzilla running on the server, and you don't
-  mind having other applications on the same server with it being able to see
-  the cookies (you might be doing this on purpose if you have other things on
-  your site that share authentication with Bugzilla), then you'll want to have
-  the cookiepath set to "/", or to a sufficiently-high enough directory that
-  all of the involved apps can see the cookies.
-  </para>
-
-  <example id="trbl-relogin-everyone-share">
-  <title>Examples of urlbase/cookiepath pairs for sharing login cookies</title>
-
-    <blockquote>
-      <literallayout>
-        urlbase is <ulink url="http://bugzilla.mozilla.org/"/>
-        cookiepath is /
-
-        urlbase is <ulink url="http://tools.mysite.tld/bugzilla/"/>
-                but you have http://tools.mysite.tld/someotherapp/ which shares
-                authentication with your Bugzilla
-        cookiepath is /
-      </literallayout>
-    </blockquote>
-  </example>
-          
-   <para>On the other hand, if you have more than one Bugzilla running on the
-   server (some people do - we do on landfill) then you need to have the
-   cookiepath restricted enough so that the different Bugzillas don't
-   confuse their cookies with one another.
-   </para>
-
-
-   <example id="trbl-relogin-everyone-restrict">
-   <title>Examples of urlbase/cookiepath pairs to restrict the login cookie</title>
-      <blockquote>
-        <literallayout>
-        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-tip/"/>
-        cookiepath is /bugzilla-tip/
-
-        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-2.16-branch/"/>
-        cookiepath is /bugzilla-2.16-branch/
-        </literallayout>
-      </blockquote>
-    </example>
-
-    <para>If you had cookiepath set to <quote>/</quote> at any point in the
-    past and need to set it to something more restrictive
-    (i.e. <quote>/bugzilla/</quote>), you can safely do this without
-    requiring users to delete their Bugzilla-related cookies in their
-    browser (this is true starting with Bugzilla 2.18 and Bugzilla 2.16.5).
-    </para>
-  </section>
-
-  <section id="trbl-relogin-some">
-  <title>Some users are constantly being forced to relogin</title>
-
-    <para>First, make sure cookies are enabled in the user's browser.
-    </para>
-
-    <para>If that doesn't fix the problem, it may be that the user's ISP
-     implements a rotating proxy server. This causes the user's effective IP
-     address (the address which the Bugzilla server perceives him coming from)
-     to change periodically. Since Bugzilla cookies are tied to a specific IP
-     address, each time the effective address changes, the user will have to
-     log in again.
-     </para>
-
-     <para>If you are using 2.18 (or later), there is a
-     parameter called <quote>loginnetmask</quote>, which you can use to set
-     the number of bits of the user's IP address to require to be matched when
-     authenticating the cookies. If you set this to something less than 32,
-     then the user will be given a checkbox for <quote>Restrict this login to
-     my IP address</quote> on the login screen, which defaults to checked. If
-     they leave the box checked, Bugzilla will behave the same as it did
-     before, requiring an exact match on their IP address to remain logged in.
-     If they uncheck the box, then only the left side of their IP address (up
-     to the number of bits you specified in the parameter) has to match to
-     remain logged in.
-     </para>
-
-   </section>
-
-  <section id="trbl-index">
-  <title><filename>index.cgi</filename> doesn't show up unless specified in the URL</title>
-    <para>
-      You probably need to set up your web server in such a way that it
-      will serve the index.cgi page as an index page.
-    </para>
-    <para>
-      If you are using Apache, you can do this by adding 
-      <filename>index.cgi</filename> to the end of the 
-      <computeroutput>DirectoryIndex</computeroutput> line
-      as mentioned in <xref linkend="http-apache"/>.
-    </para>
-
-  </section>
-
-  <section id="trbl-passwd-encryption">
-    <title>
-      checksetup.pl reports "Client does not support authentication protocol
-      requested by server..."
-    </title>
-
-    <para>
-      This error is occurring because you are using the new password
-      encryption that comes with MySQL 4.1, while your
-      <filename>DBD::mysql</filename> module was compiled against an
-      older version of MySQL. If you recompile <filename>DBD::mysql</filename>
-      against the current MySQL libraries (or just obtain a newer version
-      of this module) then the error may go away.
-    </para>
-
-    <para>
-      If that does not fix the problem, or if you cannot recompile the
-      existing module (e.g. you're running Windows) and/or don't want to
-      replace it (e.g. you want to keep using a packaged version), then a
-      workaround is available from the MySQL docs:
-      <ulink url="http://dev.mysql.com/doc/mysql/en/Old_client.html"/>
-    </para>
-
-  </section>
-
-</appendix> 
-
-<!-- Keep this comment at the end of the file 
-Local variables: 
-mode: sgml 
-sgml-always-quote-attributes:t
-sgml-auto-insert-required-elements:t
-sgml-balanced-tag-edit:t
-sgml-exposed-tags:nil
-sgml-general-insert-case:lower
-sgml-indent-data:t 
-sgml-indent-step:2 
-sgml-local-catalogs:nil
-sgml-local-ecat-files:nil 
-sgml-minimize-attributes:nil
-sgml-namecase-general:t 
-sgml-omittag:t
-sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
-sgml-shorttag:t 
-sgml-tag-region-if-active:t 
-End: -->
-
-

mozilla/webtools/bugzilla/docs/makedocs.pl

@@ -1,217 +0,0 @@
-#!/usr/bin/perl -w
-# -*- Mode: perl; indent-tabs-mode: nil -*-
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Bugzilla Bug Tracking System.
-#
-# The Initial Developer of the Original Code is Netscape Communications
-# Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): Matthew Tuck <matty@chariot.net.au>
-#                 Jacob Steenhagen <jake@bugzilla.org>
-#                 Colin Ogilvie <colin.ogilvie@gmail.com>
-#                 Max Kanat-Alexander <mkanat@bugzilla.org>
-
-# This script compiles all the documentation.
-
-use strict;
-use Cwd;
-
-# We need to be in this directory to use our libraries.
-BEGIN {
-    require File::Basename;
-    import File::Basename qw(dirname);
-    chdir dirname($0);
-}
-
-use lib qw(.. ../lib lib);
-
-# We only compile our POD if Pod::Simple is installed. We do the checks
-# this way so that if there's a compile error in Pod::Simple::HTML::Bugzilla,
-# makedocs doesn't just silently fail, but instead actually tells us there's
-# a compile error.
-my $pod_simple;
-if (eval { require Pod::Simple }) {
-    require Pod::Simple::HTMLBatch::Bugzilla;
-    require Pod::Simple::HTML::Bugzilla;
-    $pod_simple = 1;
-};
-
-use Bugzilla::Install::Requirements 
-    qw(REQUIRED_MODULES OPTIONAL_MODULES);
-use Bugzilla::Constants qw(DB_MODULE BUGZILLA_VERSION);
-
-###############################################################################
-# Generate minimum version list
-###############################################################################
-
-my $modules = REQUIRED_MODULES;
-my $opt_modules = OPTIONAL_MODULES;
-
-open(ENTITIES, '>', 'bugzilla.ent') or die('Could not open bugzilla.ent: ' . $!);
-print ENTITIES <<END_ENTITIES;
-<?xml version="1.0" encoding="UTF-8" ?>
-
-<!ENTITY bz-ver "3.3">
-<!ENTITY bz-nextver "4.0">
-<!ENTITY bz-date "2008-05-20">
-<!ENTITY current-year "2008">
-
-<!ENTITY landfillbase "http://landfill.bugzilla.org/bugzilla-tip/">
-<!ENTITY bz "http://www.bugzilla.org/">
-<!ENTITY bzg-bugs "<ulink url='https://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla&amp;component=Documentation'>Bugzilla Documentation</ulink>">
-<!ENTITY mysql "http://www.mysql.com/">
-
-<!ENTITY min-perl-ver "5.8.1">
-
-
-<!-- Module Versions -->
-END_ENTITIES
-foreach my $module (@$modules, @$opt_modules)
-{
-    my $name = $module->{'module'};
-    $name =~ s/::/-/g;
-    $name = lc($name);
-    #This needs to be a string comparison, due to the modules having
-    #version numbers like 0.9.4
-    my $version = $module->{'version'} eq 0 ? 'any' : $module->{'version'};
-    print ENTITIES '<!ENTITY min-' . $name . '-ver "'.$version.'">' . "\n";
-}
-
-# CGI is a special case, because for Perl versions below 5.10, it has an
-# optional version *and* a required version.
-# We check @opt_modules first, then @modules, and pick the first we get.
-# We'll get the optional one then, if it is given, otherwise the required one.
-my ($cgi_opt) = grep($_->{module} eq 'CGI', @$opt_modules, @$modules);
-print ENTITIES '<!ENTITY min-mp-cgi-ver "' . $cgi_opt->{version} . '">' . "\n";
-
-print ENTITIES "\n <!-- Database Versions --> \n";
-
-my $db_modules = DB_MODULE;
-foreach my $db (keys %$db_modules) {
-    my $dbd  = $db_modules->{$db}->{dbd};
-    my $name = $dbd->{module};
-    $name =~ s/::/-/g;
-    $name = lc($name);
-    my $version    = $dbd->{version} || 'any';
-    my $db_version = $db_modules->{$db}->{'db_version'};
-    print ENTITIES '<!ENTITY min-' . $name . '-ver "'.$version.'">' . "\n";
-    print ENTITIES '<!ENTITY min-' . lc($db) . '-ver "'.$db_version.'">' . "\n";
-}
-close(ENTITIES);
-
-###############################################################################
-# Subs
-###############################################################################
-
-sub MakeDocs {
-
-    my ($name, $cmdline) = @_;
-
-    print "Creating $name documentation ...\n" if defined $name;
-    print "$cmdline\n\n";
-    system $cmdline;
-    print "\n";
-
-}
-
-sub make_pod {
-
-    print "Creating API documentation...\n";
-
-    my $converter = Pod::Simple::HTMLBatch::Bugzilla->new;
-    # Don't output progress information.
-    $converter->verbose(0);
-    $converter->html_render_class('Pod::Simple::HTML::Bugzilla');
-
-    my $doctype      = Pod::Simple::HTML::Bugzilla->DOCTYPE;
-    my $content_type = Pod::Simple::HTML::Bugzilla->META_CT;
-    my $bz_version   = BUGZILLA_VERSION;
-
-    my $contents_start = <<END_HTML;
-$doctype
-<html>
-  <head>
-    $content_type
-    <title>Bugzilla $bz_version API Documentation</title>
-  </head>
-  <body class="contentspage">
-    <h1>Bugzilla $bz_version API Documentation</h1>
-END_HTML
-
-    $converter->contents_page_start($contents_start);
-    $converter->contents_page_end("</body></html>");
-    $converter->add_css('./../../../style.css');
-    $converter->javascript_flurry(0);
-    $converter->css_flurry(0);
-    $converter->batch_convert(['../../'], 'html/api/');
-
-    print "\n";
-}
-
-###############################################################################
-# Make the docs ...
-###############################################################################
-
-my @langs;
-# search for sub directories which have a 'xml' sub-directory
-opendir(LANGS, './');
-foreach my $dir (readdir(LANGS)) {
-    next if (($dir eq '.') || ($dir eq '..') || (! -d $dir));
-    if (-d "$dir/xml") {
-        push(@langs, $dir);
-    }
-}
-closedir(LANGS);
-
-my $docparent = getcwd();
-foreach my $lang (@langs) {
-    chdir "$docparent/$lang";
-    MakeDocs(undef, 'cp ../bugzilla.ent ./xml/');
-
-    if (!-d 'txt') {
-        unlink 'txt';
-        mkdir 'txt', 0755;
-    }
-    if (!-d 'pdf') {
-        unlink 'pdf';
-        mkdir 'pdf', 0755;
-    }
-    if (!-d 'html') {
-        unlink 'html';
-        mkdir 'html', 0755;
-    }
-    if (!-d 'html/api') {
-        unlink 'html/api';
-        mkdir 'html/api', 0755;
-    }
-
-	MakeDocs(undef, 'cp ../style.css html/api/');
-
-    make_pod() if $pod_simple;
-
-    MakeDocs('separate HTML', 'xmlto -m ../xsl/chunks.xsl -o html html ' .
-             'xml/Bugzilla-Guide.xml');
-    MakeDocs('big HTML', 'xmlto -m ../xsl/nochunks.xsl -o html html-nochunks ' .
-             'xml/Bugzilla-Guide.xml');
-    MakeDocs('big text', "lynx -dump -justify=off -nolist html/Bugzilla-Guide.html " .
-        "> txt/Bugzilla-Guide.txt");
-
-    if (! grep($_ eq "--with-pdf", @ARGV)) {
-        next;
-    }
-	
-    MakeDocs('PDF', 'xmlto -m ../xsl/pdf.xsl -o pdf pdf xml/Bugzilla-Guide.xml');
-}
-

mozilla/webtools/bugzilla/docs/style.css

@@ -1,112 +0,0 @@
-/* The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Bugzilla Bug Tracking System.
- *
- * The Initial Developer of the Original Code is Everything Solved.
- * Portions created by Everything Solved are Copyright (C) 2006 
- * Everything Solved. All Rights Reserved.
- *
- * Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org>
- */
-
-body {
-  background: white;
-  color: #111;
-  padding: 0 1em;
-  margin: 0;
-  font-family: Verdana, Arial, sans-serif;
-  font-size: small;
-}
-
-td, th {
-  font-family: Verdana, Arial, sans-serif;
-  font-size: small;
-}
-
-a:link, a:active { color: #36415c; }
-a:visited { color: #666; }
-a:hover   { color: #888; }
-
-h1 {
-  font-size: 150%;
-  font-weight: bold;
-  border-bottom: 2px solid #ccc;
-}
-h2 {
-  font-size: 125%;
-  font-weight: bold;
-  border-bottom: 1px solid #ccc;
-  margin-bottom: 8px;
-}
-h3 {
-  font-size: 115%;
-  font-weight: bold;
-  margin-bottom: 0;
-  padding-bottom: 0;
-}
-
-/* This makes Description/Params/Returns look nice. */
-dd   { margin-top: .2em; }
-dd p { margin-top: 0; }
-dl   { margin-bottom: 1em; }
-
-/* This makes the names of functions slightly larger, in Gecko. */
-body > dl > dt code { font-size: 1.35em; }
-
-#pod h1 a, #pod h2 a, #pod h3 a {
-  color: #36415c;
-  text-decoration: none;
-}
-
-pre, code, tt, kbd, samp {
-  /* Unfortunately, the default monospace fonts on most browsers
-     look odd with relative sizing. */
-  font-size: 12px;
-}
-
-.code {
-  background: #eed;
-  border: 1px solid #ccc;
-}
-
-pre.code {
-  margin-left: 10px;
-  width: 90%;
-  padding: 10px;
-}
-
-/* Special styles for the Contents page */
-
-.contentspage dt {
-  font-size: large;
-  font-weight: bold;
-}
-
-.pod_desc_table {
-  border-collapse: collapse;
-  table-layout: auto;
-  border: 1px solid #ccc;
-}
-
-.pod_desc_table th {
-  text-align: left;
-}
-
-.pod_desc_table td, .pod_desc_table th {
-  padding: .25em;
-  border-top: 1px solid #ccc;
-}
-
-.pod_desc_table .odd th, .pod_desc_table .odd td {
-  background-color: #eee;
-}
-
-.pod_desc_table 

mozilla/webtools/bugzilla/docs/xsl/bugzilla-docs.xsl

@@ -1,102 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-
-<!-- Nicer Filenames -->
-<xsl:param name="use.id.as.filename" select="1"/>
-
-<!-- Label sections if they aren't automatically labeled -->
-<xsl:param name="section.autolabel" select="1"/>
-
-<!-- Table of Contents Depth -->
-<xsl:param name="toc.section.depth">1</xsl:param>
-
-<!-- Set chunk parameters -->
-<xsl:param name="chunk.section.depth" select="1"/>
-<xsl:param name="chunk.first.sections" select="1"/>
-<xsl:param name="chunker.output.encoding" select="UTF-8"/>
-
-<!-- Show titles of next/previous page -->
-<xsl:param name="navig.showtitles">1</xsl:param>
-
-<!-- Tidy up the HTML a bit... -->
-<xsl:param name="html.cleanup" select="1"/>
-<xsl:param name="make.valid.html" select="1"/>
-<xsl:param name="html.stylesheet">api/style.css</xsl:param>
-<!-- make links nicer... -->
-<xsl:param name="refentry.generate.title" select="1"/>
-<xsl:param name="refentry.generate.name" select="0"/>
-
-<!-- Use Graphics, specify their Path and Extension -->
-<xsl:param name="admon.graphics" select="1"/>
-<xsl:param name="admon.graphics.path">../images/</xsl:param>
-<xsl:param name="admon.graphics.extension">.gif</xsl:param>
-
-<xsl:param name="qanda.inherit.numeration" select="0" />
-
-<!--
-****
-CODE BELOW HERE IS EXTRACTED AND EDITED FROM THE DOCBOOK XSL SOURCES
-****
--->
-
-<xsl:template match="simplelist[@type='inline']/member">
-    <xsl:apply-templates/>
-</xsl:template>
-
-<!--
-To generate valid HTML, we need to redefine this section... Code extracted from
-http://cvs.sourceforge.net/viewcvs.py/docbook/xsl/html/qandaset.xsl?rev=1.19&view=log
-
-and modified below. Basic change: Remove the colspan attribute of the tr tags - no
-other changes have been made to the document.
--->
-
-<xsl:template match="qandadiv">
-  <xsl:variable name="preamble" select="*[name(.) != 'title'
-                                          and name(.) != 'titleabbrev'
-                                          and name(.) != 'qandadiv'
-                                          and name(.) != 'qandaentry']"/>
-
-  <xsl:if test="blockinfo/title|title">
-    <tr class="qandadiv">
-      <td align="left" valign="top" colspan="2">
-        <xsl:call-template name="anchor">
-          <xsl:with-param name="conditional" select="0"/>
-        </xsl:call-template>
-        <xsl:apply-templates select="(blockinfo/title|title)[1]"/>
-      </td>
-    </tr>
-  </xsl:if>
-
-  <xsl:variable name="toc">
-    <xsl:call-template name="dbhtml-attribute">
-      <xsl:with-param name="pis"
-                      select="processing-instruction('dbhtml')"/>
-      <xsl:with-param name="attribute" select="'toc'"/>
-    </xsl:call-template>
-  </xsl:variable>
-
-  <xsl:variable name="toc.params">
-    <xsl:call-template name="find.path.params">
-      <xsl:with-param name="table" select="normalize-space($generate.toc)"/>
-    </xsl:call-template>
-  </xsl:variable>
-
-  <xsl:if test="(contains($toc.params, 'toc') and $toc != '0') or $toc = '1'">
-    <tr class="toc">
-      <td align="left" valign="top" colspan="2">
-        <xsl:call-template name="process.qanda.toc"/>
-      </td>
-    </tr>
-  </xsl:if>
-  <xsl:if test="$preamble">
-    <tr class="toc"	>
-      <td align="left" valign="top" colspan="2">
-        <xsl:apply-templates select="$preamble"/>
-      </td>
-    </tr>
-  </xsl:if>
-  <xsl:apply-templates select="qandadiv|qandaentry"/>
-</xsl:template>
-</xsl:stylesheet>
-

mozilla/webtools/bugzilla/docs/xsl/chunks.xsl

@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-	<!-- Include default bugzilla XSL -->
-	<xsl:include href="bugzilla-docs.xsl"/>
-	<!-- Set Chunk Specific XSL Params -->
-	<xsl:param name="chunker.output.doctype-public">-//W3C//DTD HTML 4.01 Transitional//EN</xsl:param>
-	<xsl:param name="chunker.output.doctype-system">http://www.w3.org/TR/html4/loose.dtd</xsl:param>
-	<xsl:param name="chunk.section.depth" select="1"/>
-	<xsl:param name="chunk.first.sections" select="1"/>
-	<!-- Don't output filename list - mimic old behaviour-->
-	<xsl:param name="chunk.quietly" select="0" />
-</xsl:stylesheet>		

mozilla/webtools/bugzilla/docs/xsl/nochunks.xsl

@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-	<!-- Include default bugzilla XSL -->
-	<xsl:include href="bugzilla-docs.xsl"/>
-	<!-- No other params necessary -->
-</xsl:stylesheet>		

mozilla/webtools/bugzilla/docs/xsl/pdf.xsl

@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:fo="http://www.w3.org/1999/XSL/Format" version="1.0">
-    <!-- Enable passivetex extensions -->
-	<xsl:param name="passivetex.extensions" select="1"/>
-    <xsl:param name="tablecolumns.extensions" select="1"/>
-    
-	<!-- Show <ulink>s as footnotes -->
-    <xsl:param name="ulink.footnotes" select="1" />
-	<xsl:param name="ulink.show" select="1" />
-	
-	<!-- Don't use Graphics -->
-	<xsl:param name="admon.graphics" select="0"/>
-	<xsl:param name="callout.graphics" select="'0'"/>
-	
-	<xsl:template match="simplelist[@type='inline']/member">
-        <xsl:apply-templates/>
-    </xsl:template>
-
-</xsl:stylesheet>