Fix Solaris break for case-sensitive file name

git-svn-id: svn://10.0.0.236/branches/PSM_GLUE_JAVI@72695 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/extensions/psm-glue/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= public src res
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = public src res
+
+include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/public/MANIFEST

@@ -0,0 +1,4 @@
+nsIPSMComponent.idl
+nsIPSMUIHandler.idl
+nsISecureBrowserUI.idl
+nsISSLSocketProvider.idl

mozilla/extensions/psm-glue/public/Makefile.in

@@ -0,0 +1,45 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+# 
+
+MODULE = psmglue
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+XPIDLSRCS = \
+	nsIPSMComponent.idl \
+	nsIPSMUIHandler.idl \
+	nsISecureBrowserUI.idl \
+    nsIPSMSocketInfo.idl \
+	nsISSLSocketProvider.idl \
+	nsISecretDecoderRing.idl \
+	$(NULL)
+
+PREF_JS_EXPORTS	= $(srcdir)/psm-glue.js
+
+include $(topsrcdir)/config/rules.mk

mozilla/extensions/psm-glue/public/makefile.win

@@ -0,0 +1,53 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#   Terry Hayes <thayes@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+XPIDL_INCLUDES=-I$(DEPTH)\..\mozilla\dist\idl
+
+XPIDLSRCS= \
+    .\nsIPSMComponent.idl \
+    .\nsIPSMUIHandler.idl \
+    .\nsISecureBrowserUI.idl \
+    .\nsISSLSocketProvider.idl \
+    .\nsIPSMSocketInfo.idl \
+    .\nsISecretDecoderRing.idl \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install::
+    $(MAKE_INSTALL) .\psm-glue.js $(DIST)\bin\defaults\pref

mozilla/extensions/psm-glue/public/nsIPSMComponent.idl

@@ -0,0 +1,58 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsISupports.idl"
+interface nsIPrincipal;
+
+%{C++
+#include "cmtcmn.h"
+%}
+
+[ptr] native nsCMTControlStar(CMT_CONTROL);
+
+[scriptable, uuid(9e482670-5412-11d3-bbc8-0000861d1237)]
+interface nsIPSMComponent : nsISupports 
+{
+
+  [noscript] nsCMTControlStar getControlConnection( );
+
+  /**
+   *  Display the Security Advisor.  PickledStatus and hostName can be null. 
+   *  If they are, the "Selected Info" dialog will be empty.
+   */
+
+  void displaySecurityAdvisor(in string pickledStatus, in string hostName);
+
+  /**
+   *  This will send PSM all preferences that we know about.
+   */
+  void passPrefs();
+};
+
+%{C++
+#define PSM_COMPONENT_PROGID "component://netscape/psm"
+#define PSM_COMPONENT_CLASSNAME "Mozilla PSM Component"
+%}
+

mozilla/extensions/psm-glue/public/nsIPSMSocketInfo.idl

@@ -0,0 +1,50 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISupports.idl"
+
+%{C++
+#include "cmtcmn.h"
+#include "nsPSMShimLayer.h"
+%}
+
+[ptr] native psmtControlStar(CMT_CONTROL);
+[ptr] native cmSocketStar(CMSocket);
+[ptr] native nsFileDescStar(PRFileDesc);
+
+[noscript, uuid(deeb8dfc-fb7a-11d3-ac84-00c04fa0d26b)]
+interface nsIPSMSocketInfo : nsISupports {
+    
+    readonly attribute string           hostName;
+    readonly attribute PRInt32          hostPort;
+    
+    readonly attribute string           proxyName;
+    readonly attribute PRInt32          proxyPort;
+
+    readonly attribute psmtControlStar  controlPtr;
+    readonly attribute cmSocketStar     socketPtr;
+    readonly attribute nsFileDescStar   fileDescPtr;
+    
+    void getPickledStatus(out charPtr pickledStatus);
+};
+

mozilla/extensions/psm-glue/public/nsIPSMUIHandler.idl

@@ -0,0 +1,36 @@
+/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Mozilla browser.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications, Inc.  Portions created by Netscape are
+ * Copyright (C) 1999, Mozilla.  All Rights Reserved.
+ * 
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(d92be9b0-601b-11d3-8c4a-000064657374)]
+interface nsIPSMUIHandler : nsISupports
+{
+    void DisplayURI(in long width, in long height, in PRBool modal, in string urlStr);
+    void PromptForFile(in wstring prompt, in string fileRegEx, in boolean shouldFileExist, out string outFile);
+};
+
+%{C++
+#define PSM_UI_HANLDER_PROGID "component://netscape/psm/ui"
+#define PSM_UI_HANLDER_CLASSNAME "Mozilla PSM UI Handler"
+%}

mozilla/extensions/psm-glue/public/nsISSLSocketProvider.idl

@@ -0,0 +1,35 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISocketProvider.idl"
+
+[noscript, uuid(856a93d0-5415-11d3-bbc8-0000861d1237)]
+interface nsISSLSocketProvider : nsISocketProvider {
+};
+
+%{C++
+#define NS_ISSLSOCKETPROVIDER_PROGID     NS_NETWORK_SOCKET_PROGID_PREFIX "ssl"
+#define NS_ISSLSOCKETPROVIDER_CLASSNAME  "Mozilla SSL Socket Provider Component"
+
+%}

mozilla/extensions/psm-glue/public/nsISecretDecoderRing.idl

@@ -0,0 +1,63 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *  thayes@netscape.com
+ *
+ */
+
+#include "nsISupports.idl"
+
+/* Buffer type - for storing 8-bit octet values */
+[ptr] native buffer(unsigned char);
+
+[scriptable, uuid(0EC80360-075C-11d4-9FD4-00C04F1B83D8)]
+interface nsISecretDecoderRing: nsISupports {
+
+  /* Encrypt a buffer - callable only from C++ */
+  [noscript] long encrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Decrypt a buffer - callable only from C++ */
+  [noscript] long decrypt(in buffer data, in long dataLen, out buffer result);
+
+  /* Encrypt nul-terminated string to BASE64 output */
+  string encryptString(in string text);
+
+  /* Decrypt BASE64 input to nul-terminated string output */
+  /* There is no check for embedded nul values in the decrypted output */
+  string decryptString(in string crypt);
+
+  /* Prompt the user to change the password on the SDR key */
+  void changePassword();
+
+  /* Logout of the security device that protects the SDR key */
+  void logout();
+};
+
+/*
+ * Configuration interface for the Secret Decoder Ring
+ *  - this interface allows setting the window that will be
+ *    used as parent for dialog windows (such as password prompts)
+ */
+[scriptable, uuid(01D8C0F0-0CCC-11d4-9FDD-000064657374)]
+interface nsISecretDecoderRingConfig: nsISupports {
+  void setWindow(in nsISupports w);
+};
+
+

mozilla/extensions/psm-glue/public/nsISecureBrowserUI.idl

@@ -0,0 +1,44 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsISupports.idl"
+
+interface nsIDOMWindow;
+interface nsIDOMElement;
+
+[scriptable, uuid(081e31e0-a144-11d3-8c7c-00609792278c)]
+interface nsSecureBrowserUI : nsISupports
+{
+	void init(in nsIDOMWindow window, in nsIDOMElement button);
+    void displayPageInfoUI();
+};
+
+%{C++
+#define NS_SECURE_BROWSER_UI_PROGID "component://netscape/secure_browser_ui"
+#define NS_SECURE_BROWSER_UI_CLASSNAME "Mozilla Secure Browser UI Handler"
+
+#define NS_SECURE_BROWSER_UI_CID \
+{ 0x10fe7ea0, 0xa10a, 0x11d3, {0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+%}

mozilla/extensions/psm-glue/public/psm-glue.js

@@ -0,0 +1,11 @@
+pref("general.useragent.security",       "U");
+
+pref("security.enable_ssl2",             true);
+pref("security.enable_ssl3",             true);
+pref("security.default_personal_cert",   "Select Automatically");
+pref("security.ask_for_password",        0);
+pref("security.password_lifetime",       30);
+pref("security.warn_entering_secure",    true);
+pref("security.warn_leaving_secure",     true);
+pref("security.warn_viewing_mixed",      true);
+pref("security.warn_submit_insecure",    true);

mozilla/extensions/psm-glue/res/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= content locale
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/res/content/MANIFEST

@@ -0,0 +1,3 @@
+securityOverlay.xul
+securityUI.js
+PSMTaskMenu.xul

mozilla/extensions/psm-glue/res/content/Makefile.in

@@ -0,0 +1,38 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+COMMUNICATOR_CONTENT_DIR = $(DIST)/bin/chrome/packages/core/communicator/content/
+COMMUNICATOR_EXPORT_CONTENT = \
+  $(srcdir)/securityOverlay.xul \
+  $(srcdir)/securityUI.js       \
+  $(srcdir)/PSMTaskMenu.xul \
+  $(NULL)
+
+install::
+	$(INSTALL) $(COMMUNICATOR_EXPORT_CONTENT) $(COMMUNICATOR_CONTENT_DIR)

mozilla/extensions/psm-glue/res/content/PSMTaskMenu.xul

@@ -0,0 +1,22 @@
+<?xml version="1.0"?>
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/PSMTaskMenu.dtd" >
+
+<overlay id="psmTaskMenuID"
+         xmlns:html="http://www.w3.org/1999/xhtml"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript">
+    function displaySecurityAdvisor()
+    {
+      var psm = Components.classes["component://netscape/psm"].getService();
+      psm = psm.QueryInterface(Components.interfaces.nsIPSMComponent);
+      psm.displaySecurityAdvisor( null, null );
+    }
+  </script>
+
+  <menupopup id="personalManagers">
+    <menuitem id="PSMMentItem" position="1" value="&PSMCmd.label;" oncommand="displaySecurityAdvisor()"/>
+  </menupopup>
+
+</overlay>

mozilla/extensions/psm-glue/res/content/makefile.win

@@ -0,0 +1,35 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..
+include <$(DEPTH)/config/config.mak>
+include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) securityOverlay.xul     $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) securityUI.js           $(DIST)\bin\chrome\packages\core\communicator\content
+    $(MAKE_INSTALL) PSMTaskMenu.xul	$(DIST)\bin\chrome\packages\core\communicator\content
+    
+clobber::
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityOverlay.xul
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\securityUI.js
+    $(RM) $(DIST)\bin\chrome\packages\core\communicator\content\PSMTaskMenu.xul
+

mozilla/extensions/psm-glue/res/content/securityOverlay.xul

@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="chrome://communicator/skin/securityOverlay.css" type="text/css"?> 
+
+<!DOCTYPE window SYSTEM "chrome://communicator/locale/securityOverlay.dtd">
+
+<overlay id="NavSecurityOverlay"
+         xmlns:html="http://www.w3.org/TR/REC-html40"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+  <script language="JavaScript" src="chrome://communicator/content/securityUI.js" />
+
+  <statusbarpanel id="security-button" onclick="displayPageInfo()" tooltip="aToolTip" tooltiptext="&lockIcon.label;"/>    
+      
+</overlay>

mozilla/extensions/psm-glue/res/content/securityUI.js

@@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+window.addEventListener("load", SetSecurityButton, false);
+
+var securityUI;
+
+function SetSecurityButton()
+{
+    dump("in SetSecurityButton\n");
+
+    var ui = Components.classes["component://netscape/secure_browser_ui"].createInstance();
+    securityUI = ui.QueryInterface(Components.interfaces.nsSecureBrowserUI);
+
+    var button  = document.getElementById('security-button');
+	if (button && window.content)
+		securityUI.init(window.content, button);
+}
+
+function displayPageInfo()
+{
+   if (securityUI)
+     securityUI.displayPageInfoUI();
+}
+
+

mozilla/extensions/psm-glue/res/locale/Makefile.in

@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#
+
+DEPTH		= ../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+DIRS		= en-US
+
+include $(topsrcdir)/config/rules.mk
+

mozilla/extensions/psm-glue/res/locale/en-US/MANIFEST

@@ -0,0 +1,3 @@
+PSMTaskMenu.dtd
+securityOverlay.dtd
+security.properties

mozilla/extensions/psm-glue/res/locale/en-US/Makefile.in

@@ -0,0 +1,41 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#
+
+DEPTH		= ../../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+COMMUNICATOR_RESOURCE_CONTENT = \
+	$(srcdir)/PSMTaskMenu.dtd \
+	$(srcdir)/security.properties \
+	$(srcdir)/securityOverlay.dtd \
+	$(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+install:: 
+	$(INSTALL) $(COMMUNICATOR_RESOURCE_CONTENT) $(DIST)/bin/chrome/locales/en-US/communicator/locale
+
+
+

mozilla/extensions/psm-glue/res/locale/en-US/PSMTaskMenu.dtd

@@ -0,0 +1 @@
+<!ENTITY PSMCmd.label     "Security Manager">

mozilla/extensions/psm-glue/res/locale/en-US/makefile.win

@@ -0,0 +1,37 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..\..
+
+include <$(DEPTH)\config\rules.mak>
+
+COMMUNICATOR_DIST=$(DIST)\bin\chrome\locales\en-US\communicator\locale
+
+
+install::
+	$(MAKE_INSTALL) PSMTaskMenu.dtd $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) security.properties $(COMMUNICATOR_DIST)
+	$(MAKE_INSTALL) securityOverlay.dtd $(COMMUNICATOR_DIST)
+
+clobber::
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\PSMTaskMenu.dtd
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\security.properties
+  $(RM) -f $(DIST)\bin\chrome\locales\en-US\communicator\locale\securityOverlay.dtd

mozilla/extensions/psm-glue/res/locale/en-US/security.properties

@@ -0,0 +1,29 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+# 
+
+Title=Security Warning
+MixedContentMessage=You have requested a secure document that contains some insecure information.
+LeaveSiteMessage=You have requested an insecure document. The document and any information you send back could be observed by a third party while in transit.
+EnterSiteMessage=You have requested a secure document. The document and any information you send back are encrypted for privacy while in transit.
+PostToInsecure=Warning! Although this document is secure, the information you have submitted is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission.
+PostToInsecureFromInsecure=Any information you submit is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission. 
+DontShowAgain=Show Me This Alert Next Time.
+FindText=Please find the Personal Security Manager application

mozilla/extensions/psm-glue/res/locale/en-US/securityOverlay.dtd

@@ -0,0 +1,2 @@
+
+<!ENTITY  lockIcon.label  "Show security information for this window">

mozilla/extensions/psm-glue/res/locale/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..\..
+
+DIRS=en-US
+
+include <$(DEPTH)\config\rules.mak>
+

mozilla/extensions/psm-glue/res/makefile.win

@@ -0,0 +1,27 @@
+#!nmake
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+
+DEPTH=..\..\..
+include <$(DEPTH)/config/config.mak>
+
+DIRS = content locale
+
+include <$(DEPTH)\config\rules.mak>

mozilla/extensions/psm-glue/src/Makefile.in

@@ -0,0 +1,66 @@
+#
+# The contents of this file are subject to the Netscape Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/NPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): 
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+# 
+
+DEPTH		= ../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+
+include $(DEPTH)/config/autoconf.mk
+
+MODULE = psmglue
+
+IS_COMPONENT	= 1
+LIBRARY_NAME	= psmglue
+
+
+CPPSRCS	= \
+	nsPSMComponent.cpp \
+	nsPSMUICallbacks.cpp \
+	nsSSLSocketProvider.cpp \
+	nsPSMModule.cpp \
+	nsSSLIOLayer.cpp \
+	nsSecureBrowserUIImpl.cpp \
+	nsSDR.cpp \
+	nsFSDR.cpp \
+	nsCrypto.cpp \
+	nsKeygenHandler.cpp \
+	$(NULL)
+
+CSRCS = \
+	nsPSMMutex.c	\
+	nsPSMShimLayer.c	\
+	$(NULL)
+
+EXTRA_DSO_LDOPTS = \
+	$(MOZ_COMPONENT_LIBS) \
+	-lcmt \
+	-lprotocol \
+	$(MOZ_JS_LIBS) \
+	$(NULL)
+
+include $(topsrcdir)/config/rules.mk
+
+INCLUDES	+= \
+		-I$(srcdir) \
+		$(NULL)

mozilla/extensions/psm-glue/src/makefile.win

@@ -0,0 +1,72 @@
+#!nmake
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code is mozilla.org code.
+# 
+# The Initial Developer of the Original Code is Netscape
+# Communications Corporation.  Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+# 
+# Contributor(s):
+#   Hubbie Shaw
+#   Doug Turner <dougt@netscape.com>
+#
+
+MODULE = psmglue
+
+DEPTH=..\..\..
+IGNORE_MANIFEST=1
+
+DLLNAME       = psmglue
+PDBFILE       = $(DLLNAME).pdb
+MAPFILE       = $(DLLNAME).map
+DLL           = .\$(OBJDIR)\$(DLLNAME).dll
+MAKE_OBJ_TYPE = DLL
+
+include <$(DEPTH)/config/config.mak>
+
+LINCS = $(LINCS)     \
+    -I$(PUBLIC)      \
+    -I$(PUBLIC)/security \
+    $(NULL)
+
+LLIBS   = \
+    $(LIBNSPR) \
+    $(DIST)\lib\neckobase_s.lib \
+    $(DIST)\lib\xpcom.lib \
+    $(DIST)\lib\js3250.lib \
+    $(DIST)\lib\cmt.lib       \
+    $(DIST)\lib\protocol.lib  \
+    $(DIST)\lib\mozreg.lib       \
+    $(DIST)\lib\jsdom.lib \
+    $(NULL)
+
+OBJS = \
+    .\$(OBJDIR)\nsPSMMutex.obj \
+    .\$(OBJDIR)\nsPSMShimLayer.obj \
+    .\$(OBJDIR)\nsPSMComponent.obj \
+    .\$(OBJDIR)\nsPSMUICallbacks.obj \
+    .\$(OBJDIR)\nsPSMModule.obj \
+    .\$(OBJDIR)\nsSecureBrowserUIImpl.obj \
+    .\$(OBJDIR)\nsSSLIOLayer.obj \
+    .\$(OBJDIR)\nsSSLSocketProvider.obj \
+    .\$(OBJDIR)\nsSDR.obj \
+    .\$(OBJDIR)\nsFSDR.obj \
+    .\$(OBJDIR)\nsCrypto.obj \
+    .\$(OBJDIR)\nsKeygenHandler.obj \
+    $(NULL)
+
+include <$(DEPTH)\config\rules.mak>
+
+install:: $(DLL)
+    $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME).dll $(DIST)\bin\components

mozilla/extensions/psm-glue/src/nsCrypto.h

@@ -0,0 +1,112 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ */
+#ifndef _nsCrypto_h_
+#define _nsCrypto_h_
+#include "nsIDOMCRMFObject.h"
+#include "nsIDOMCrypto.h"
+#include "nsIScriptObjectOwner.h"
+#include "nsIDOMPkcs11.h"
+
+#define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class"
+#define NS_CRYPTO_CID \
+  {0x929d9320, 0x251e, 0x11d4, { 0x8a, 0x7c, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
+
+#define NS_PKCS11_CLASSNAME "Pkcs11 JavaScript Class"
+#define NS_PKCS11_CID \
+  {0x74b7a390, 0x3b41, 0x11d4, { 0x8a, 0x80, 0x00, 0x60, 0x08, 0xc8, 0x44, 0xc3} }
+
+class nsIPSMComponent;
+class nsIDOMScriptObjectFactory;
+
+
+class nsCRMFObject : public nsIDOMCRMFObject,
+                     public nsIScriptObjectOwner {
+public:
+  nsCRMFObject();
+  virtual ~nsCRMFObject();
+  NS_DECL_IDOMCRMFOBJECT
+  NS_DECL_ISUPPORTS
+
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+  nsresult init();
+
+  nsresult SetCRMFRequest(char *inRequest);
+private:
+
+  nsString mBase64Request;
+  void *mScriptObject;
+};
+
+
+class nsCrypto: public nsIDOMCrypto,
+                public nsIScriptObjectOwner {
+public:
+  nsCrypto();
+  virtual ~nsCrypto();
+  nsresult init();
+  
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_IDOMCRYPTO
+
+  static nsresult GetScriptObjectFactory(nsIDOMScriptObjectFactory **aResult);
+  static nsIDOMScriptObjectFactory *gScriptObjectFactory;
+  static nsIPrincipal* GetScriptPrincipal(JSContext *cx);
+  static const char *kPSMComponentProgID;
+
+ private:
+
+  nsIPSMComponent *mPSM;
+  nsString         mVersionString;
+  PRBool           mVersionStringSet;
+  void            *mScriptObject;
+};
+
+class nsPkcs11 : public nsIDOMPkcs11,
+                 public nsIScriptObjectOwner {
+public:
+  nsPkcs11();
+  virtual ~nsPkcs11();
+
+  nsresult init();
+  NS_DECL_ISUPPORTS
+  NS_DECL_IDOMPKCS11
+  NS_IMETHOD GetScriptObject(nsIScriptContext *aContext, void** aScriptObject);
+  NS_IMETHOD SetScriptObject(void* aScriptObject);
+
+private:
+  nsIPSMComponent *mPSM;
+  void            *mScriptObject;
+};
+
+nsresult
+getPSMComponent(nsIPSMComponent ** retPSM);
+
+#endif //_nsCrypto_h_
+
+
+
+

mozilla/extensions/psm-glue/src/nsFSDR.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Terry Hayes <thayes@netscape.com>
+ *   Steve Morse <morse@netscape.com>
+ */
+
+#ifndef _NSFSDR_H_
+#define _NSFSDR_H_
+
+#include "nsISecretDecoderRing.h"
+
+// ===============================================
+// nsFSecretDecoderRing - "fake" implementation of nsISecretDecoderRing
+// ===============================================
+
+#define NS_FSDR_CLASSNAME "Fake Secret Decoder Ring"
+#define NS_FSDR_CID \
+  { 0x1ee28720, 0x2b93, 0x11d4, { 0xa0, 0xa4, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+
+#define NS_FSDR_PROGID "netscape.security.fsdr"
+
+class nsFSecretDecoderRing : public nsISecretDecoderRing
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSISECRETDECODERRING
+
+  nsFSecretDecoderRing();
+  virtual ~nsFSecretDecoderRing();
+
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
+
+  nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
+  nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
+};
+
+#endif /* _NSFSDR_H_ */

mozilla/extensions/psm-glue/src/nsKeygenHandler.cpp

@@ -0,0 +1,255 @@
+//For some weird reason, nsProxiedService has to be the first file 
+//included.  Don't ask me, I'm just the messenger.
+#include "nsProxiedService.h"
+#include "nsKeygenHandler.h"
+#include "nsVoidArray.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIServiceManager.h"
+#include "nsIDOMHTMLSelectElement.h"
+#include "nsIContent.h"
+#include "nsIPSMComponent.h"
+#include "nsIPSMUIHandler.h"
+#include "nsPSMUICallbacks.h"
+#include "nsCrypto.h"
+#include "cmtcmn.h"
+#include "cmtjs.h"
+
+//These defines are taken from the PKCS#11 spec
+#define CKM_RSA_PKCS_KEY_PAIR_GEN     0x00000000
+#define CKM_DH_PKCS_KEY_PAIR_GEN      0x00000020
+#define CKM_DSA_KEY_PAIR_GEN          0x00000010
+
+static NS_DEFINE_IID(kFormProcessorIID,   NS_IFORMPROCESSOR_IID); 
+static NS_DEFINE_IID(kIDOMHTMLSelectElementIID, NS_IDOMHTMLSELECTELEMENT_IID);
+
+static const char *mozKeyGen = "-mozilla-keygen";
+
+NS_IMPL_ADDREF(nsKeygenFormProcessor); 
+NS_IMPL_RELEASE(nsKeygenFormProcessor); 
+NS_IMPL_QUERY_INTERFACE(nsKeygenFormProcessor, kFormProcessorIID); 
+
+nsKeygenFormProcessor::nsKeygenFormProcessor() 
+{ 
+   NS_INIT_REFCNT(); 
+   getPSMComponent(&mPSM);
+} 
+
+char *
+nsKeygenFormProcessor::ChooseToken(PCMT_CONTROL control, 
+				   CMKeyGenTagArg *psmarg,
+				   CMKeyGenTagReq *reason)
+{
+  CMUint32 resID;
+  CMTStatus crv;
+  CMTItem url;
+  char *keyString = nsnull;
+  nsresult rv = NS_OK;
+  NameList *tokenNames;
+  int i;
+
+  // In this case, PSM provided us with a list of potential tokens to choose
+  // from, but we're gonna make it use it's UI for now, so let's delte the
+  // memory associated with the structure it sent back.
+  tokenNames = (NameList*)psmarg->current;
+  for (i=0; i < tokenNames->numitems; i++) {
+    nsCRT::free(tokenNames->names[i]);
+  }
+  nsCRT::free((char*)tokenNames);
+  resID = psmarg->rid;
+  memset(&url, 0, sizeof(CMTItem));
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  crv = CMT_GetStringAttribute(control, resID, SSM_FID_CHOOSE_TOKEN_URL, &url);
+  if (crv != CMTSuccess) {
+    goto loser;
+  }
+  if (NS_SUCCEEDED(rv)) {
+    handler->DisplayURI(400, 300, PR_TRUE, (char*)url.data);
+  } else {
+    goto loser;
+  }
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keyString)
+    nsCRT::free(keyString);
+  return nsnull;
+}
+
+char *
+nsKeygenFormProcessor::SetUserPassword(PCMT_CONTROL control, 
+				       CMKeyGenTagArg *psmarg,
+				       CMKeyGenTagReq *reason)
+{
+  nsresult rv;
+  CMTStatus crv;
+  CMTItem url;
+  char *keystring=nsnull;
+
+  // We need to delete the memory the PSM client API allocated for us since
+  // we're just gonna tell it to use it's own UI.
+  nsCRT::free((char*)psmarg->current);
+  NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+  memset (&url, 0, sizeof(CMTItem));
+  crv = CMT_GetStringAttribute(control,psmarg->rid, SSM_FID_INIT_DB_URL, &url);
+  if (crv != CMTSuccess || NS_FAILED(rv)){
+    goto loser;
+  }
+
+  handler->DisplayURI(500, 450, PR_TRUE, (char*)url.data);
+  
+  return CMT_GetGenKeyResponse(control, psmarg, reason);
+ loser:
+  if (keystring)
+    nsCRT::free(keystring);
+  return nsnull;
+}
+
+nsresult
+nsKeygenFormProcessor::GetPublicKey(nsString& value, nsString& challenge, 
+				    nsString& keyType,
+				    nsString& outPublicKey, nsString& pqg)
+{
+    PCMT_CONTROL control;
+    nsresult rv;
+    CMKeyGenParams *params = nsnull;
+    CMKeyGenTagArg *psmarg = nsnull;
+    CMKeyGenTagReq reason;
+    char *emptyCString = "null";
+    char *keystring = nsnull;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    params = new CMKeyGenParams;
+    if (params == nsnull) {
+      goto loser;
+    }
+    params->typeString = (keyType.IsEmpty()) ? emptyCString : 
+                                               keyType.ToNewCString();
+    params->challenge  = (challenge.IsEmpty()) ? emptyCString : 
+                                                 challenge.ToNewCString();
+    params->choiceString = value.ToNewCString();
+    params->pqgString = (pqg.IsEmpty()) ? emptyCString : pqg.ToNewCString();
+    psmarg = new CMKeyGenTagArg;
+    if (psmarg == nsnull) {
+      goto loser;
+    }
+    // ARGH, while this is going on, we need to lock the control
+    // connection so that the event loop doesn't drop our response on
+    // the floor.
+    CMT_LockConnection(control);
+    psmarg->op = CM_KEYGEN_START;
+    psmarg->rid = 0;
+    psmarg->tokenName = NULL;
+    psmarg->current = params;
+    keystring = CMT_GenKeyOldStyle(control, psmarg, &reason);
+    while (!keystring) {
+      psmarg->op = reason;
+      switch (psmarg->op) {
+      case CM_KEYGEN_PICK_TOKEN:
+	keystring = ChooseToken(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_SET_PASSWORD:
+	keystring = SetUserPassword(control, psmarg, &reason);
+	break;
+      case CM_KEYGEN_ERR:
+      default:
+	goto loser;
+      }
+    }
+    CMT_UnlockConnection(control);
+    outPublicKey.AssignWithConversion(keystring);
+    nsCRT::free(keystring);
+    return NS_OK;
+ loser:
+    return NS_ERROR_FAILURE;
+}
+
+NS_METHOD 
+nsKeygenFormProcessor::ProcessValue(nsIDOMHTMLElement *aElement, 
+				    const nsString& aName, 
+				    nsString& aValue) 
+{ 
+#ifdef DEBUG_javi
+  char *name = aName.ToNewCString(); 
+  char *value = aValue.ToNewCString(); 
+  printf("ProcessValue: name %s value %s\n",  name, value); 
+  delete [] name; 
+  delete [] value; 
+#endif 
+  nsresult rv = NS_OK;
+  nsCOMPtr<nsIDOMHTMLSelectElement>selectElement;
+  nsresult res = aElement->QueryInterface(kIDOMHTMLSelectElementIID, 
+					  getter_AddRefs(selectElement));
+  if (NS_SUCCEEDED(res)) {
+    nsAutoString keygenvalue;
+    nsAutoString challengeValue;
+    nsString publicKey;
+    nsString mozillaKeygen;
+    nsString mozType;
+
+    mozType.AssignWithConversion("_moz-type");
+    mozillaKeygen.AssignWithConversion(mozKeyGen);
+    res = selectElement->GetAttribute(mozType, keygenvalue);
+
+    if (NS_CONTENT_ATTR_HAS_VALUE == res && keygenvalue.Equals(mozillaKeygen)) {
+      nsString challenge;
+      nsString keyType;
+      nsString keyTypeValue;
+      nsString pqg, pqgValue;
+
+      challenge.AssignWithConversion("challenge");
+      pqg.AssignWithConversion("pqg");
+      res = selectElement->GetAttribute(pqg, pqgValue);
+      keyType.AssignWithConversion("keytype");
+      res = selectElement->GetAttribute(keyType, keyTypeValue);
+      if (NS_FAILED(res) || keyTypeValue.IsEmpty()) {
+	// If this field is not present, we default to rsa.
+	keyTypeValue.AssignWithConversion("rsa");
+      }
+      res = selectElement->GetAttribute(challenge, challengeValue);
+      rv = GetPublicKey(aValue, challenge, keyTypeValue, 
+			publicKey, pqgValue);
+      aValue = publicKey;
+    }
+  }
+
+  return rv; 
+} 
+
+NS_METHOD nsKeygenFormProcessor::ProvideContent(const nsString& aFormType, 
+						nsVoidArray& aContent, 
+						nsString& aAttribute) 
+{ 
+  nsString selectString;
+  nsresult rv;
+  PCMT_CONTROL control;
+  PRUint32 i;
+
+  selectString.AssignWithConversion("SELECT");
+  if (aFormType.EqualsIgnoreCase(selectString)) {
+    nsString *selectString;
+    char **result;
+
+    rv = mPSM->GetControlConnection(&control);
+    if (NS_FAILED(rv)) {
+	goto loser;
+    }
+    result = CMT_GetKeyChoiceList(control, "rsa"/*Need to figure out if DSA*/,
+				  nsnull);
+    for (i=0; result[i] != nsnull; i++) {
+	selectString = new nsString;
+	selectString->AssignWithConversion(result[i]);
+	aContent.AppendElement(selectString);
+	delete []result[i];
+    }
+    delete []result;
+    aAttribute.AssignWithConversion(mozKeyGen);
+  }
+  return NS_OK;
+ loser:
+  return NS_ERROR_FAILURE; 
+} 
+
+
+

mozilla/extensions/psm-glue/src/nsKeygenHandler.h

@@ -0,0 +1,32 @@
+#ifndef _NSKEYGENHANDLER_H_
+#define _NSKEYGENHANDLER_H_
+// Form Processor 
+#include "nsIFormProcessor.h" 
+#include "ssmdefs.h"
+#include "cmtcmn.h"
+
+class nsIPSMComponent;
+
+class nsKeygenFormProcessor : public nsIFormProcessor { 
+public: 
+  nsKeygenFormProcessor(); 
+  NS_IMETHOD ProcessValue(nsIDOMHTMLElement *aElement, 
+                          const nsString& aName, 
+                          nsString& aValue); 
+
+  NS_IMETHOD ProvideContent(const nsString& aFormType, 
+                            nsVoidArray& aContent, 
+                            nsString& aAttribute); 
+  NS_DECL_ISUPPORTS 
+protected:
+  nsresult GetPublicKey(nsString& value, nsString& challenge, 
+			nsString& keyType, nsString& outPublicKey,
+			nsString& pqg);
+  char * ChooseToken(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  char * SetUserPassword(PCMT_CONTROL control, CMKeyGenTagArg *psmarg,  
+		     CMKeyGenTagReq *reason);
+  nsIPSMComponent *mPSM;
+}; 
+
+#endif //_NSKEYGENHANDLER_H_

mozilla/extensions/psm-glue/src/nsPSMComponent.cpp

@@ -0,0 +1,935 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Mitch Stoltz <mstoltz@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsPSMUICallbacks.h"
+#include "VerReg.h"
+
+#include "nspr.h"
+#include "nsPSMComponent.h"
+
+#include "nsCRT.h"
+
+#include "nsNetUtil.h"
+#include "nsIURI.h"
+#include "nsIChannel.h"
+#include "nsIInputStream.h"
+#include "nsIStreamListener.h"
+
+#include "nsIPref.h"
+#include "nsIProfile.h"
+#include "nsILocalFile.h"
+
+#include "nsDirectoryService.h"
+
+#include "rsrcids.h"
+
+#include "nsPSMMutex.h"
+#include "nsPSMShimLayer.h"
+#include "nsPSMUICallbacks.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIScriptSecurityManager.h"
+#include "nsICertificatePrincipal.h"
+
+#include "nsIProtocolProxyService.h"
+
+#define PSM_VERSION_REG_KEY "/Netscape/Personal Security Manager"
+
+#ifdef WIN32
+#define PSM_FILE_NAME "psm.exe"
+#elif XP_UNIX
+#define PSM_FILE_NAME "start-psm"
+#else
+#define PSM_FILE_NAME "psm"
+#endif
+
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kProfileCID, NS_PROFILE_CID);
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+static NS_DEFINE_CID(kProtocolProxyServiceCID, NS_PROTOCOLPROXYSERVICE_CID);
+
+nsPSMComponent* nsPSMComponent::mInstance = nsnull;
+
+nsPSMComponent::nsPSMComponent()
+{
+    NS_INIT_REFCNT();
+    mControl = nsnull;
+}
+
+nsPSMComponent::~nsPSMComponent()
+{
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = nsnull;
+    }
+}
+
+
+NS_IMETHODIMP      
+nsPSMComponent::CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    if (!aResult) {                                                
+        return NS_ERROR_INVALID_POINTER;                           
+    }                                                              
+    if (aOuter) {                                                  
+        *aResult = nsnull;                                         
+        return NS_ERROR_NO_AGGREGATION;                              
+    }                                                                
+    
+    if (mInstance == nsnull) 
+    {
+        mInstance = new nsPSMComponent();
+    }
+
+    if (mInstance == nsnull)
+        return NS_ERROR_OUT_OF_MEMORY;
+    
+    nsresult rv = mInstance->QueryInterface(aIID, aResult);                        
+    if (NS_FAILED(rv)) 
+    {                                             
+        *aResult = nsnull;                                           
+    }                                                                
+    return rv;                                                       
+}
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS3(nsPSMComponent, 
+                              nsIPSMComponent, 
+                              nsIContentHandler,
+                              nsISignatureVerifier);
+
+#define INIT_NUM_PREFS 100
+/* preference types */
+#define STRING_PREF 0
+#define BOOL_PREF 1
+#define INT_PREF 2
+
+
+/* resizable list struct that contains pref items */
+typedef struct CMSetPrefList {
+    int n; /* number of filled items */
+    int capacity; /* allocated memory */
+    CMTSetPrefElement* list; /* actual list */
+} CMSetPrefList;
+
+static void get_pack_bool_pref(nsIPref *prefManager, char* key, CMTSetPrefElement* list, int* n)
+{
+    PRBool boolpref;
+
+    list[*n].key = nsCRT::strdup(key);
+    list[*n].type = BOOL_PREF;
+
+    if ((prefManager->GetBoolPref(key, &boolpref) != 0) || boolpref) 
+    {
+        list[*n].value = nsCRT::strdup("true");
+    }
+    else 
+    {
+        list[*n].value = nsCRT::strdup("false");
+    }
+
+    (*n)++;    /* increment the counter after done packing */
+
+    return;
+}
+
+static void SaveAllPrefs(int number, CMTSetPrefElement* list)
+{
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+    
+    if (NS_FAILED(res)  || !prefManager)
+    {
+        return;
+    }
+
+
+    int i;
+    int intval;
+
+    for (i = 0; i < number; i++) 
+    {
+        if (list[i].key == nsnull) 
+        {
+            /* misconfigured item: next */
+            continue;
+        }
+
+        switch (list[i].type) 
+        {
+             case 0:    /* string type */
+                 prefManager->SetCharPref(list[i].key, list[i].value);
+                 break;
+             case 1:    /* boolean type */
+                 if (strcmp(list[i].value, "true") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)1);
+                 }
+                 else if (strcmp(list[i].value, "false") == 0) {
+                  prefManager->SetBoolPref(list[i].key, (PRBool)0);
+                 }
+                 break;
+             case 2:
+                 intval = atoi(list[i].value);
+                 prefManager->SetIntPref(list[i].key, intval);
+                 break;
+             default:
+                 break;
+         }
+    }
+
+    return;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::PassPrefs()
+{
+    // if we have not passed anything to psm yet, this function can just return.
+
+    if (!mControl)
+        return NS_OK;
+
+    int i;
+    nsresult rv = NS_ERROR_FAILURE;
+    char* strpref = NULL;
+    int intpref;
+    PRBool boolpref;
+    CMSetPrefList prefs = {0};
+    CMTSetPrefElement* list = NULL;
+
+    char* pickAuto = "Select Automatically";
+    char* alwaysAsk = "Ask Every Time";
+    
+    nsCOMPtr<nsIPref> prefManager;
+
+    nsresult res = nsServiceManager::GetService(kPrefCID, 
+                                                nsIPref::GetIID(), 
+                                                getter_AddRefs(prefManager));
+
+    if (NS_OK != res) 
+    {
+        return NS_ERROR_FAILURE;
+    }
+
+    /* allocate memory for list */
+    prefs.n = 0; /* counter */
+    prefs.capacity = INIT_NUM_PREFS;
+    prefs.list = (CMTSetPrefElement*) new char[(INIT_NUM_PREFS * sizeof(CMTSetPrefElement))];
+    
+    if (prefs.list == NULL) 
+    {
+         return rv;
+    }
+
+    /* shorthand */
+    list = prefs.list;
+
+    /* get preferences */
+    get_pack_bool_pref(prefManager, "security.enable_ssl2", (CMTSetPrefElement*)list, &(prefs.n));
+    get_pack_bool_pref(prefManager, "security.enable_ssl3", (CMTSetPrefElement*)list, &(prefs.n));
+
+    /* this pref is a boolean pref in nature but a string pref for 
+     * historical reason
+     */
+
+    list[prefs.n].key = nsCRT::strdup("security.default_personal_cert");
+    list[prefs.n].type = STRING_PREF;
+
+    if ((prefManager->CopyCharPref(list[prefs.n].key, &strpref) == 0) && (strcmp(strpref, pickAuto) == 0)) 
+    {
+         list[prefs.n].value = nsCRT::strdup(pickAuto);
+    }
+    else 
+    {
+         /* although one could choose a specific cert for client auth in
+          * Nova, that mode is deprecated with PSM and mapped to ASK
+          */
+         list[prefs.n].value = nsCRT::strdup(alwaysAsk);
+    }
+
+    prefs.n++;
+    if (strpref != NULL) 
+    {
+         nsCRT::free(strpref);
+    }
+
+    list[prefs.n].key = nsCRT::strdup("security.default_mail_cert");
+    list[prefs.n].type = STRING_PREF;
+    if (prefManager->CopyCharPref(list[prefs.n].key, &list[prefs.n].value) != 0) 
+    {
+         list[prefs.n].value = NULL;
+    }
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.ask_for_password");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 0;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    list[prefs.n].key = nsCRT::strdup("security.password_lifetime");
+    list[prefs.n].type = INT_PREF;
+    if (prefManager->GetIntPref(list[prefs.n].key, &intpref) != 0) 
+    {
+         intpref = 30;    /* default */
+    }
+
+    list[prefs.n].value = PR_smprintf("%d", intpref);
+    prefs.n++;
+
+    /* OCSP preferences */
+    /* XXX since these are the new ones added by PSM, we will be more
+     *     error-tolerant in fetching them
+     */
+    if (prefManager->GetBoolPref("security.OCSP.enabled", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.enabled");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->GetBoolPref("security.OCSP.useDefaultResponder", &boolpref) == 0) 
+    {
+         if (boolpref) 
+        {
+             list[prefs.n].value = nsCRT::strdup("true");
+         }
+         else 
+        {
+             list[prefs.n].value = nsCRT::strdup("false");
+         }
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.useDefaultResponder");
+         list[prefs.n].type = BOOL_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.URL", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.URL");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    if (prefManager->CopyCharPref("security.OCSP.signingCA", &strpref) == 0) 
+    {
+         list[prefs.n].value = strpref;
+         list[prefs.n].key = nsCRT::strdup("security.OCSP.signingCA");
+         list[prefs.n].type = STRING_PREF;
+         prefs.n++;
+    }
+
+    /* now application-specific preferences */
+    /* get navigator preferences */
+    get_pack_bool_pref(prefManager, "security.warn_entering_secure", (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_leaving_secure",  (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_viewing_mixed",   (CMTSetPrefElement*)list, &prefs.n);
+    get_pack_bool_pref(prefManager, "security.warn_submit_insecure", (CMTSetPrefElement*)list, &prefs.n);
+
+    // Add any other prefs here such as ldap or mail/news.
+     
+     CMT_SetSavePrefsCallback(mControl, (savePrefsCallback_fn)SaveAllPrefs);
+
+    if (CMT_PassAllPrefs(mControl, prefs.n, (CMTSetPrefElement*)prefs.list) !=  CMTSuccess) 
+    {
+         goto loser;
+    }
+
+    rv = NS_OK; /* success */
+loser:
+    /* clean out memory for prefs */
+    for (i = 0; i < prefs.n; i++) 
+    {
+         if (prefs.list[i].key != NULL) 
+        {
+             nsCRT::free(prefs.list[i].key);
+         }
+         
+        if (prefs.list[i].value != NULL) 
+        {
+             nsCRT::free(prefs.list[i].value);
+         }
+    }
+
+    if (prefs.list != NULL) 
+    {
+         delete(prefs.list);
+    }
+    return rv;
+}
+
+#ifdef XP_MAC
+extern "C" {
+    void RunMacPSM(void* arg);
+    PRThread* SSM_CreateAndRegisterThread(PRThreadType type, void (*start)(void *arg),
+                                          void *arg, PRThreadPriority priority,
+                                          PRThreadScope scope, PRThreadState state,
+                                          PRUint32 stackSize);
+    void SSM_KillAllThreads(void);
+}
+#endif
+            
+NS_IMETHODIMP
+nsPSMComponent::GetControlConnection( CMT_CONTROL * *_retval )
+{
+     nsresult rv;
+     *_retval = nsnull;
+    if (mControl) 
+    {
+        *_retval = mControl;
+        return NS_OK;
+    }
+    else      /* initialize mutex, sock table, etc. */
+    {
+            
+        if (nsPSMMutexInit() != PR_SUCCESS)
+            return NS_ERROR_FAILURE;
+
+#ifdef XP_MAC
+        /* FIXME:  Really need better error handling in PSM, which simply exits on error. */
+        /* use a cached monitor to rendezvous with the PSM thread. */
+        PRMonitor* monitor = PR_CEnterMonitor(this);
+        if (monitor != nsnull) {
+            /* create the Cartman thread, and let it run awhile to get things going. */
+            PRThread* cartmanThread = SSM_CreateAndRegisterThread(PR_USER_THREAD, RunMacPSM, 
+							                                      this, PR_PRIORITY_NORMAL,
+							                                      PR_LOCAL_THREAD, PR_UNJOINABLE_THREAD, 0);
+            if (cartmanThread != nsnull) {
+                /* need a good way to rendezvouz with the Cartman thread. */
+                PR_CWait(this, PR_INTERVAL_NO_TIMEOUT);
+            }
+            
+            PR_CExitMonitor(this);
+        }
+#endif
+
+        // Try to see if it is open already
+        mControl = CMT_ControlConnect(&nsPSMMutexTbl, &nsPSMShimTbl);
+        
+        // Find the one in the bin directory
+        if (mControl == nsnull)
+        {
+            nsCOMPtr<nsILocalFile> psmAppFile;
+            NS_WITH_SERVICE(nsIProperties, directoryService, NS_DIRECTORY_SERVICE_PROGID, &rv);
+            if (NS_FAILED(rv)) return rv;
+
+            directoryService->Get("system.OS_CurrentProcessDirectory", 
+                                   NS_GET_IID(nsIFile), 
+                                   getter_AddRefs(psmAppFile));
+
+        
+            psmAppFile->Append("psm");
+            psmAppFile->Append(PSM_FILE_NAME);
+        
+            PRBool isExecutable, exists;
+            psmAppFile->Exists(&exists);
+            psmAppFile->IsExecutable(&isExecutable);
+            if (exists && isExecutable)
+            {
+                nsXPIDLCString path;
+                psmAppFile->GetPath(getter_Copies(path));
+                // FIX THIS.  using a file path is totally wrong here.  
+                mControl = CMT_EstablishControlConnection((char*)(const char*)path, &nsPSMShimTbl, &nsPSMMutexTbl);
+            }
+        }
+
+        // Get the one in the version registry           
+        if (mControl == nsnull)
+        {
+            //Try to find it.
+            int err;
+            char filepath[MAXREGPATHLEN];
+
+            err = VR_GetPath(PSM_VERSION_REG_KEY, sizeof(filepath), filepath);
+            if ( err == REGERR_OK )
+            {
+                nsFileSpec psmSpec(filepath);
+                psmSpec += PSM_FILE_NAME;
+		
+                if (psmSpec.Exists())
+                {
+                    mControl = CMT_EstablishControlConnection((char *)psmSpec.GetNativePathCString(), &nsPSMShimTbl, &nsPSMMutexTbl);
+                }
+            }
+         }
+
+        
+        if (!mControl || InitPSMUICallbacks(mControl) != PR_SUCCESS)
+            goto failure;
+
+        nsFileSpec profileSpec;
+        PRUnichar*      profileName;
+        
+        NS_WITH_SERVICE(nsIProfile, profile, kProfileCID, &rv);
+        if (NS_FAILED(rv)) goto failure;
+        
+        rv = profile->GetCurrentProfileDir(&profileSpec);
+        if (NS_FAILED(rv)) goto failure;;
+        
+#ifdef XP_MAC
+        profileSpec += "Security";
+        // make sure the dir exists
+        profileSpec.CreateDirectory();
+#endif
+        
+        rv = profile->GetCurrentProfile(&profileName);
+        if (NS_FAILED(rv)) goto failure;
+          
+        CMTStatus psmStatus;
+        nsCAutoString profilenameC;
+        profilenameC.AssignWithConversion(profileName);
+
+        psmStatus = CMT_Hello( mControl, 
+                               PROTOCOL_VERSION, 
+                               profilenameC, 
+                               (char*)profileSpec.GetNativePathCString());        
+        
+        if (psmStatus == CMTFailure)
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+        
+        if (InitPSMEventLoop(mControl) != PR_SUCCESS)
+        {
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+            
+        if (NS_FAILED(PassPrefs()))
+        {  
+            PR_FREEIF(profileName);       
+            goto failure;
+        }
+
+        PR_FREEIF(profileName);
+        
+        nsCOMPtr<nsIProtocolProxyService> proxySvc = do_GetService(kProtocolProxyServiceCID, &rv);
+        if (NS_FAILED(rv)) return rv;
+        proxySvc->AddNoProxyFor("127.0.0.1", mControl->port);
+        
+        *_retval = mControl;
+        return NS_OK;
+    }
+
+failure:
+#ifdef DEBUG
+    printf("*** Failure setting up Cartman! \n");
+#endif
+
+    if (mControl)
+    {
+        CMT_CloseControlConnection(mControl);
+        mControl = NULL;
+    }
+
+    // TODO we need to unregister our UI callback BEFORE destroying our mutex.
+    // nsPSMMutexDestroy();
+
+    return NS_ERROR_FAILURE;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::DisplaySecurityAdvisor(const char *pickledStatus, const char *hostName)
+{
+    CMT_CONTROL *controlConnection;
+    GetControlConnection( &controlConnection );
+    if (DisplayPSMUIDialog(controlConnection, pickledStatus, hostName) == PR_SUCCESS)
+        return NS_OK;
+    return NS_ERROR_FAILURE;
+}
+
+class CertDownloader : public nsIStreamListener
+{
+    public:
+        CertDownloader() {NS_ASSERTION(0, "don't use this constructor."); }
+        CertDownloader(PRInt32 type);
+        virtual ~CertDownloader();
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSISTREAMOBSERVER
+        NS_DECL_NSISTREAMLISTENER
+    protected:
+        char* mByteData;
+        PRInt32 mBufferOffset;
+        PRInt32 mContentLength;
+        PRInt32 mType;
+};
+
+
+CertDownloader::CertDownloader(PRInt32 type)
+{
+    NS_INIT_REFCNT();
+    mByteData = nsnull;
+    mType = type;
+}
+
+CertDownloader::~CertDownloader()
+{
+    if (mByteData)
+        nsMemory::Free(mByteData);
+}
+
+NS_IMPL_ISUPPORTS(CertDownloader,NS_GET_IID(nsIStreamListener));
+
+
+NS_IMETHODIMP
+CertDownloader::OnStartRequest(nsIChannel* channel, nsISupports* context)
+{
+    channel->GetContentLength(&mContentLength);
+    if (mContentLength == -1)
+        return NS_ERROR_FAILURE;
+    
+    mBufferOffset = 0;
+    mByteData = (char*) nsMemory::Alloc(mContentLength);
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnDataAvailable(nsIChannel* channel, 
+                                nsISupports* context,
+                                nsIInputStream *aIStream, 
+                                PRUint32 aSourceOffset,
+                                PRUint32 aLength)
+{
+    if (!mByteData)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    PRUint32 amt;
+    nsresult err;
+
+    do 
+    {
+        err = aIStream->Read(mByteData+mBufferOffset, mContentLength-mBufferOffset, &amt);
+        if (amt == 0) break;
+        if (NS_FAILED(err))  return err;
+        
+        aLength -= amt;
+        mBufferOffset += amt;
+
+    } while (aLength > 0);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+CertDownloader::OnStopRequest(nsIChannel* channel, 
+                              nsISupports* context,
+                              nsresult aStatus,
+                              const PRUnichar* aMsg)
+{
+
+    nsCOMPtr<nsIPSMComponent> psm = do_QueryInterface(context);
+
+    if (!psm) return NS_ERROR_FAILURE;
+
+    CMT_CONTROL *controlConnection;
+    psm->GetControlConnection( &controlConnection );
+    unsigned int certID;
+                    
+    certID = CMT_DecodeAndCreateTempCert(controlConnection, mByteData, mContentLength, mType);
+
+    if (certID)
+        CMT_DestroyResource(controlConnection, certID, SSM_RESTYPE_CERTIFICATE);
+
+  return NS_OK;
+}
+
+
+/* other mime types that we should handle sometime:
+
+application/x-pkcs7-crl
+application/x-pkcs7-mime
+application/pkcs7-signature
+application/pre-encrypted
+
+*/
+
+
+NS_IMETHODIMP 
+nsPSMComponent::HandleContent(const char * aContentType, 
+                              const char * aCommand, 
+                              const char * aWindowTarget, 
+                              nsISupports* aWindowContext, 
+                              nsIChannel * aChannel)
+{
+    // We were called via CI.  We better protect ourselves and addref.
+    NS_ADDREF_THIS();
+
+    nsresult rv = NS_OK;
+    if (!aChannel) return NS_ERROR_NULL_POINTER;
+    
+    CMUint32 type = -1;
+
+    if ( nsCRT::strcasecmp(aContentType, "application/x-x509-ca-cert") == 0)
+    {
+        type = 1;  //CA cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-server-cert") == 0)
+    {
+        type =  2; //Server cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-user-cert") == 0)
+    {
+        type =  3; //User cert
+    }
+    else if (nsCRT::strcasecmp(aContentType, "application/x-x509-email-cert") == 0)
+    {
+        type =  4; //Someone else's email cert
+    }
+    
+    if (type != -1)
+    {
+        // I can't directly open the passed channel cause it fails :-(
+
+        nsCOMPtr<nsIURI> uri;
+        rv = aChannel->GetURI(getter_AddRefs(uri));
+        if (NS_FAILED(rv)) return rv;
+
+        nsCOMPtr<nsIChannel> channel;
+        rv = NS_OpenURI(getter_AddRefs(channel), uri);
+        if (NS_FAILED(rv)) return rv;
+
+        return channel->AsyncRead(new CertDownloader(type), NS_STATIC_CAST(nsIPSMComponent*,this));
+    }
+
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+//---------------------------------------------
+// Functions Implenenting NSISignatureVerifier
+//---------------------------------------------
+NS_IMETHODIMP
+nsPSMComponent::HashBegin(PRUint32 alg, PRUint32* id)
+{
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+
+  if(CMT_HashCreate(controlConnection, alg, (CMUint32*)id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  if(CMT_HASH_Begin(controlConnection, *id) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+
+  return NS_OK;  
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashUpdate(PRUint32 id, const char* buf, PRUint32 buflen)
+{
+  CMT_CONTROL *controlConnection;
+
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  if (CMT_HASH_Update(controlConnection, id, 
+      (const unsigned char*)buf, buflen) != CMTSuccess)    
+    return NS_ERROR_FAILURE;
+    
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::HashEnd(PRUint32 id, unsigned char** hash, 
+                        PRUint32* hashLen, PRUint32 maxLen)
+{
+  if (!hash)
+    return NS_ERROR_ILLEGAL_VALUE;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+ 
+  if(CMT_HASH_End(controlConnection, id, *hash,
+                        (CMUint32*)hashLen, maxLen) != CMTSuccess)
+    return NS_ERROR_FAILURE;
+  CMT_HASH_Destroy(controlConnection, id);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMComponent::CreatePrincipalFromSignature(const char* aRSABuf, PRUint32 aRSABufLen,
+                                             nsIPrincipal** aPrincipal)
+{
+  PRInt32 errorCode;
+  return VerifySignature(aRSABuf, aRSABufLen, nsnull, 0, &errorCode, aPrincipal);
+}
+
+PR_STATIC_CALLBACK(void)
+UselessPK7DataSink(void* arg, const char* buf, CMUint32 len)
+{
+}
+
+NS_IMETHODIMP
+nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen, 
+                                const char* aPlaintext, PRUint32 aPlaintextLen,
+                                PRInt32* aErrorCode,
+                                nsIPrincipal** aPrincipal)
+{
+  if (!aPrincipal || !aErrorCode)
+    return NS_ERROR_NULL_POINTER;
+  *aErrorCode = 0;
+  *aPrincipal = nsnull;
+
+  CMT_CONTROL *controlConnection;
+  if (NS_FAILED(GetControlConnection( &controlConnection )))
+    return NS_ERROR_FAILURE;
+  
+  //-- Decode the signature stream
+  CMUint32 decoderID;
+  CMInt32* blah = nsnull;
+  CMTStatus result = CMT_PKCS7DecoderStart(controlConnection, nsnull,
+                                           &decoderID, blah,
+                                           UselessPK7DataSink, nsnull);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  result = CMT_PKCS7DecoderUpdate(controlConnection, decoderID, aRSABuf, aRSABufLen);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMUint32 contentInfo;
+  result = CMT_PKCS7DecoderFinish(controlConnection, 
+                                            decoderID, &contentInfo);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  CMTItem hashItem;
+  hashItem.data = 0;
+  hashItem.len = 0;
+  //-- If a plaintext was provided, hash it.
+  if (aPlaintext)
+  {
+    CMUint32 hashId;
+    CMT_HashCreate(controlConnection, nsISignatureVerifier::SHA1, &hashId);
+    CMT_HASH_Begin(controlConnection, hashId);
+    CMTStatus result = CMT_HASH_Update(controlConnection, hashId, 
+                                       (const unsigned char*)aPlaintext, aPlaintextLen);
+    if (result != CMTSuccess) return NS_ERROR_FAILURE;
+    
+    unsigned char* hash = (unsigned char*)PR_MALLOC(nsISignatureVerifier::SHA1_LENGTH);
+    if (!hash) return NS_ERROR_OUT_OF_MEMORY;
+    CMUint32 hashLen;
+    result = CMT_HASH_End(controlConnection, hashId, hash,
+                          &hashLen, nsISignatureVerifier::SHA1_LENGTH);
+    if (result != CMTSuccess)
+    {
+      PR_FREEIF(hash);
+      return NS_ERROR_FAILURE;
+    }
+    NS_ASSERTION(hashLen == nsISignatureVerifier::SHA1_LENGTH,
+                 "PSMComponent: Hash too short.");
+    CMT_HASH_Destroy(controlConnection, hashId);
+    hashItem.data = hash;
+    hashItem.len = hashLen;
+  }
+
+  //-- Verify signature
+  // We need to call this function even if we're only creating a principal, not
+  // verifying, because PSM won't give us certificate information unless this
+  // function has been called.
+  result = CMT_PKCS7VerifyDetachedSignature(controlConnection, contentInfo,
+                                            6 /* =Object Signing Cert */,
+                                            3 /* =SHA1 algorithm (MD5=2)*/,
+                                            1,/* Save Certificate */
+                                            &hashItem, (CMInt32*)aErrorCode);
+
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  if (aPlaintext && *aErrorCode != 0) return NS_OK; // Verification failed.
+
+  CMUint32 certID;
+  result = CMT_GetRIDAttribute(controlConnection, contentInfo,
+                               SSM_FID_P7CINFO_SIGNER_CERT, &certID);
+  if ((result != CMTSuccess) || !certID) return NS_OK; // No signature present
+  
+  CMTItem fingerprint;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_FINGERPRINT, &fingerprint);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  //-- Get a principal
+  nsresult rv;
+  NS_WITH_SERVICE(nsIScriptSecurityManager, secMan,
+                  NS_SCRIPTSECURITYMANAGER_PROGID, &rv)
+    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+  rv = secMan->GetCertificatePrincipal((char*)fingerprint.data,
+                                       aPrincipal);
+  if (NS_FAILED(rv)) return rv;
+
+  //-- Get common name and store it in the principal.
+  //   Using common name + organizational unit as the user-visible certificate name
+  nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(*aPrincipal, &rv);
+  if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+
+  CMTItem common;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_COMMON_NAME, &common);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+  CMTItem subject;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_SUBJECT_NAME, &subject);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  nsCAutoString commonName;
+  commonName = (char*)common.data;
+  static const char orgUnitTag[] = " OU=";
+  char* orgUnitPos = PL_strstr((char*)subject.data, orgUnitTag);
+  if (orgUnitPos)
+  {
+    orgUnitPos += sizeof(orgUnitTag)-1;
+    char* orgUnitEnd = PL_strchr(orgUnitPos, ',');
+    PRInt32 orgUnitLen;
+    if(orgUnitEnd)
+      orgUnitLen = orgUnitEnd - orgUnitPos;
+    else
+      orgUnitLen = PL_strlen(orgUnitPos);
+    commonName.Append(' ');
+    commonName.Append(orgUnitPos, orgUnitLen);
+  }
+  char* commonChar = commonName.ToNewCString();
+  if (!commonChar) return NS_ERROR_OUT_OF_MEMORY;
+  rv = certificate->SetCommonName(commonChar);
+  Recycle(commonChar);
+  return rv;
+}
+

mozilla/extensions/psm-glue/src/nsPSMComponent.h

@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nscore.h"
+#include "nsIPSMComponent.h"
+#include "nsISignatureVerifier.h"
+#include "nsIStringBundle.h"
+
+#include "nsIContentHandler.h"
+
+#define SECURITY_STRING_BUNDLE_URL "chrome://communicator/locale/security.properties"
+
+#define NS_PSMCOMPONENT_CID {0xddcae170, 0x5412, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
+
+// Implementation of the PSM component interface.
+class nsPSMComponent : public nsIPSMComponent, 
+                       public nsIContentHandler, 
+                       public nsISignatureVerifier
+{
+public:
+  NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMCOMPONENT_CID );
+
+  nsPSMComponent();
+  virtual ~nsPSMComponent();
+
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIPSMCOMPONENT
+  NS_DECL_NSICONTENTHANDLER
+  NS_DECL_NSISIGNATUREVERIFIER
+
+  static NS_METHOD CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+
+private:
+  
+  PCMT_CONTROL mControl;
+  
+  nsCOMPtr<nsISupports> mSecureBrowserIU;
+  static nsPSMComponent* mInstance;
+}; 

mozilla/extensions/psm-glue/src/nsPSMModule.cpp

@@ -0,0 +1,178 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsIModule.h"
+#include "nsIGenericFactory.h"
+
+#include "nsPSMUICallbacks.h"
+#include "nsPSMComponent.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+
+#include "nsSSLSocketProvider.h"
+
+#include "nsSDR.h"
+#include "nsFSDR.h"
+#include "nsCrypto.h"
+#include "nsKeygenHandler.h"
+//For the NS_CRYPTO_PROGID define
+#include "nsDOMCID.h"
+
+#include "nsCURILoader.h"
+#include "nsISupportsUtils.h"
+
+// Define SDR object constructor
+static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
+static NS_DEFINE_IID(kFormProcessorCID,   NS_IFORMPROCESSOR_CID); 
+
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFSecretDecoderRing, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsCrypto, init)
+NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsPkcs11, init)
+
+static nsModuleComponentInfo components[] =
+{
+    { 
+        PSM_COMPONENT_CLASSNAME,  
+        NS_PSMCOMPONENT_CID, 
+        PSM_COMPONENT_PROGID,   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-ca-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-ca-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-server-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-server-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+    { 
+        "PSM Content Handler - application/x-x509-user-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-user-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+    
+    { 
+        "PSM Content Handler - application/x-x509-email-cert",  
+        NS_PSMCOMPONENT_CID, 
+        NS_CONTENT_HANDLER_PROGID_PREFIX"application/x-x509-email-cert",   
+        nsPSMComponent::CreatePSMComponent
+    },
+
+
+    { 
+        PSM_UI_HANLDER_CLASSNAME, 
+        NS_PSMUIHANDLER_CID, 
+        PSM_UI_HANLDER_PROGID,  
+        nsPSMUIHandlerImpl::CreatePSMUIHandler
+    },
+
+    { 
+        NS_SECURE_BROWSER_UI_CLASSNAME, 
+        NS_SECURE_BROWSER_UI_CID, 
+        NS_SECURE_BROWSER_UI_PROGID, 
+        nsSecureBrowserUIImpl::Create 
+    },
+
+    { 
+        NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME, 
+        NS_SECURE_BROWSER_DOCOBSERVER_CID, 
+        NS_SECURE_BROWSER_DOCOBSERVER_PROGID, 
+        nsSecureBrowserUIImpl::Create
+    },
+
+    { 
+        NS_ISSLSOCKETPROVIDER_CLASSNAME,
+        NS_SSLSOCKETPROVIDER_CID,
+        NS_ISSLSOCKETPROVIDER_PROGID,
+        nsSSLSocketProvider::Create 
+    },
+
+    {
+        NS_SDR_CLASSNAME,
+        NS_SDR_CID,
+        NS_SDR_PROGID,
+        nsSecretDecoderRingConstructor
+    },
+
+    {
+        NS_FSDR_CLASSNAME,
+        NS_FSDR_CID,
+        NS_FSDR_PROGID,
+        nsFSecretDecoderRingConstructor
+    },
+    
+    {
+        NS_CRYPTO_CLASSNAME,
+        NS_CRYPTO_CID,
+        NS_CRYPTO_PROGID,
+        nsCryptoConstructor
+    },
+    {
+        NS_PKCS11_CLASSNAME,
+        NS_PKCS11_CID,
+        NS_PKCS11_PROGID,
+        nsPkcs11Constructor
+    }
+
+};
+
+#if 0
+NS_IMPL_NSGETMODULE("PSMComponent", components);
+#endif
+
+extern "C" NS_EXPORT nsresult NSGetModule(nsIComponentManager *servMgr,
+                                          nsIFile* location,
+                                          nsIModule** result)
+{
+  nsresult rv;
+  // Put in code to register KEYGEN form input handler.
+  rv= NS_NewGenericModule("PSMComponent",
+                          sizeof(components) / sizeof(components[0]),
+                          components, nsnull, result);
+  // Register a form processor. The form processor has the opportunity to 
+  // modify the value's passed during form submission. 
+  nsKeygenFormProcessor* testFormProcessor = new nsKeygenFormProcessor(); 
+  nsCOMPtr<nsISupports> formProcessor; 
+  rv = testFormProcessor->QueryInterface(kISupportsIID, 
+                                         getter_AddRefs(formProcessor)); 
+  if (NS_SUCCEEDED(rv) && formProcessor) { 
+    rv = nsServiceManager::RegisterService(kFormProcessorCID, formProcessor); 
+  } 
+  return rv;
+}
+
+
+
+
+

mozilla/extensions/psm-glue/src/nsPSMMutex.c

@@ -0,0 +1,72 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "prmon.h"
+#include "prtypes.h"
+
+#include "nsPSMMutex.h"
+
+static PRMonitor *_nsPSMMutexVar;
+
+PRStatus
+nsPSMMutexInit()
+{
+  if (!_nsPSMMutexVar)
+      _nsPSMMutexVar = PR_NewMonitor();
+
+  return _nsPSMMutexVar ? PR_SUCCESS : PR_FAILURE;
+}
+
+PRStatus
+nsPSMMutexDestroy()
+{
+    if (!_nsPSMMutexVar)
+        return PR_FAILURE;
+    
+    PR_Wait(_nsPSMMutexVar, PR_INTERVAL_NO_TIMEOUT);
+
+    PR_DestroyMonitor(_nsPSMMutexVar);
+    return PR_SUCCESS;
+}
+
+static void
+nsPSMMutexLock(CMTMutexPointer *p)
+{
+  PR_EnterMonitor(*(PRMonitor **)p);
+  return;
+}
+
+static void
+nsPSMMutexUnlock(CMTMutexPointer *p)
+{
+  PR_ExitMonitor(*(PRMonitor **)p);
+  return;
+}
+
+CMT_MUTEX nsPSMMutexTbl = 
+{
+  &_nsPSMMutexVar,
+  (CMTMutexFunction)nsPSMMutexLock,
+  (CMTMutexFunction)nsPSMMutexUnlock
+};

mozilla/extensions/psm-glue/src/nsPSMMutex.h

@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMMUTEX_H
+#define _NSPSMMUTEX_H
+
+#include "cmtcmn.h"
+
+PR_BEGIN_EXTERN_C
+
+PR_EXTERN(CMT_MUTEX) nsPSMMutexTbl;
+
+PR_EXTERN(PRStatus) nsPSMMutexInit(void);
+PR_EXTERN(PRStatus) nsPSMMutexDestroy(void);
+
+PR_END_EXTERN_C
+
+#endif

mozilla/extensions/psm-glue/src/nsPSMShimLayer.c

@@ -0,0 +1,293 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nspr.h"
+#include "nsPSMShimLayer.h"
+
+#ifdef XP_UNIX
+#include <sys/stat.h>
+#include <unistd.h>
+#include "private/pprio.h"  /* for PR_Socket */
+#endif
+
+#define PSM_TIMEOUT_IN_SEC 300
+
+#define NSPSMSHIMMAXFD 50
+
+
+static PRIntervalTime gTimeout  = PR_INTERVAL_NO_TIMEOUT;
+
+CMT_SocketFuncs nsPSMShimTbl =
+{
+    nsPSMShimGetSocket,
+    nsPSMShimConnect,
+    nsPSMShimVerifyUnixSocket,
+    nsPSMShimSend,
+    nsPSMShimSelect,
+    nsPSMShimReceive,
+    nsPSMShimShutdown,
+    nsPSMShimClose
+};
+
+
+CMTSocket
+nsPSMShimGetSocket(int unixSock)
+{
+    PRStatus   rv;
+    PRFileDesc *fd;
+    CMSocket   *sock;
+    PRSocketOptionData sockopt;
+
+    /*
+    if (PR_INTERVAL_NO_WAIT == gTimeout) 
+    {
+        gTimeout  = PR_SecondsToInterval(PSM_TIMEOUT_IN_SEC);
+    }
+    */
+
+    if (unixSock)
+    {
+#ifndef XP_UNIX        
+        return NULL;
+#else
+        fd = PR_Socket(PR_AF_LOCAL, PR_SOCK_STREAM, 0);
+        PR_ASSERT(fd);
+#endif
+    }
+    else
+    {
+        fd = PR_NewTCPSocket();
+        PR_ASSERT(fd);
+
+        /* disable Nagle algorithm delay for control sockets */
+        sockopt.option = PR_SockOpt_NoDelay;
+        sockopt.value.no_delay = PR_TRUE;   
+        rv = PR_SetSocketOption(fd, &sockopt);
+        PR_ASSERT(PR_SUCCESS == rv);
+    }
+
+    sock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+
+    if (sock == NULL)
+      return sock;
+    
+    sock->fd     = fd;
+    sock->isUnix = unixSock;
+
+    memset(&sock->netAddr, 0, sizeof(PRNetAddr));
+    
+    return (CMTSocket)sock;
+}
+
+CMTStatus
+nsPSMShimConnect(CMTSocket sock, short port, char *path)
+{
+    CMTStatus   rv = CMTSuccess;
+    PRStatus    err;
+    PRErrorCode errcode;
+    PRSocketOptionData   sockopt;
+    PRBool      nonBlocking;
+    CMSocket    *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    if (cmSock->isUnix)
+    {
+#ifndef XP_UNIX
+        return CMTFailure;
+#else
+        int pathLen;
+        if (!path)
+        {
+            return CMTFailure;
+        }
+
+        /* check buffer overrun */
+        pathLen = strlen(path)+1;
+        
+        pathLen = pathLen < sizeof(cmSock->netAddr.local.path)
+                ? pathLen : sizeof(cmSock->netAddr.local.path);
+  
+        memcpy(&cmSock->netAddr.local.path, path, pathLen);
+        cmSock->netAddr.local.family = PR_AF_LOCAL;
+#endif
+    }
+    else  /* cmSock->isUnix */
+    {
+        cmSock->netAddr.inet.family = PR_AF_INET;
+        cmSock->netAddr.inet.port   = PR_htons(port);
+        cmSock->netAddr.inet.ip     = PR_htonl(PR_INADDR_LOOPBACK);
+    }
+
+    /* Save non-blocking status */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    err = PR_GetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    nonBlocking = sockopt.value.non_blocking;
+
+    /* make connect blocking for now */
+    sockopt.option = PR_SockOpt_Nonblocking;
+    sockopt.value.non_blocking = PR_FALSE;   
+    err = PR_SetSocketOption(cmSock->fd, &sockopt);
+    PR_ASSERT(PR_SUCCESS == err);
+
+    err = PR_Connect( cmSock->fd, &cmSock->netAddr, PR_INTERVAL_MAX );
+    
+    if (err == PR_FAILURE)    
+    {
+        errcode = PR_GetError();
+        
+        if (PR_IS_CONNECTED_ERROR != errcode)
+            rv = CMTFailure;
+    }    
+    
+    /* restore nonblock status */
+    if (nonBlocking) {
+      sockopt.option = PR_SockOpt_Nonblocking;
+      sockopt.value.non_blocking = nonBlocking;  
+      err = PR_SetSocketOption(cmSock->fd, &sockopt);
+      PR_ASSERT(PR_SUCCESS == err);
+    }
+
+    return rv;
+}
+
+CMTStatus
+nsPSMShimVerifyUnixSocket(CMTSocket sock)
+{
+#ifndef XP_UNIX
+    return CMTFailure;
+#else
+
+    int  rv;
+    CMSocket  *cmSock;
+    struct stat statbuf;
+
+    cmSock = (CMSocket *)sock;
+        
+    if (!cmSock || !cmSock->isUnix) 
+        return CMTFailure;
+ 
+    rv = stat(cmSock->netAddr.local.path, &statbuf);
+    if (rv < 0 || statbuf.st_uid != geteuid() )
+    {
+        PR_Close(cmSock->fd);
+        cmSock->fd = NULL;
+        PR_Free(cmSock);
+        return CMTFailure;
+    }
+    return CMTSuccess;   
+#endif
+}
+
+size_t
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+
+    if (!sock) return CMTFailure;
+    
+   return PR_Send(cmSock->fd, buffer, length, 0, gTimeout);
+}
+
+size_t
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize)
+{
+    CMSocket *cmSock = (CMSocket *)sock;
+    
+    if (!sock) return CMTFailure;
+
+    return PR_Recv(cmSock->fd, buffer, bufSize, 0, gTimeout);
+}
+
+
+CMTSocket
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll)
+{
+    CMSocket       **sockArr = (CMSocket **)socks;
+    PRPollDesc       readPDs[NSPSMSHIMMAXFD];
+    PRIntervalTime   timeout;
+    PRInt32          cnt;
+    int              i;
+
+    if (!socks) return NULL;
+
+    memset(readPDs, 0, sizeof(readPDs));
+
+    PR_ASSERT(NSPSMSHIMMAXFD >= numsocks);
+
+    for (i=0; i<numsocks; i++)
+    {
+        readPDs[i].fd       = sockArr[i]->fd;
+        readPDs[i].in_flags = PR_POLL_READ;
+    }
+
+    timeout = poll ? PR_INTERVAL_NO_WAIT : PR_INTERVAL_NO_TIMEOUT;
+
+    cnt = PR_Poll(readPDs, numsocks, timeout);
+
+    /* Figure out which socket was selected */
+    if (cnt > 0)
+    {
+        for (i=0; i<numsocks; i++)
+        {
+            if (readPDs[i].out_flags & PR_POLL_READ)
+            {
+            return (CMTSocket)sockArr[i];
+            }
+        }
+    }
+    return NULL;
+}
+
+
+CMTStatus
+nsPSMShimShutdown(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv;
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Shutdown(cmSock->fd, PR_SHUTDOWN_SEND);
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}
+
+CMTStatus
+nsPSMShimClose(CMTSocket sock)
+{
+    CMSocket *cmSock = (CMSocket*)sock;
+    PRStatus rv      = PR_SUCCESS;
+    PR_ASSERT(cmSock);
+
+    if (!sock) return CMTFailure;
+
+    rv = PR_Close(cmSock->fd);
+    cmSock->fd = NULL;
+
+    PR_Free(cmSock);
+
+    return (PR_SUCCESS == rv) ? CMTSuccess : CMTFailure;
+}

mozilla/extensions/psm-glue/src/nsPSMShimLayer.h

@@ -0,0 +1,67 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMSHIMLAYER_H_
+#define _NSPSMSHIMLAYER_H_
+
+#include "cmtcmn.h"
+#include "prio.h"
+
+PR_BEGIN_EXTERN_C
+
+typedef struct CMSocket {
+    PRFileDesc *fd;
+    PRBool      isUnix;
+    PRNetAddr   netAddr;
+} CMSocket; 
+
+PR_EXTERN(CMT_SocketFuncs) nsPSMShimTbl;
+
+PR_EXTERN(CMTSocket)
+nsPSMShimGetSocket(int unixSock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimConnect(CMTSocket sock, short port, char *path);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimVerifyUnixSocket(CMTSocket sock);
+
+PR_EXTERN(size_t)
+nsPSMShimSend(CMTSocket sock, void *buffer, size_t length);
+
+PR_EXTERN(CMTSocket)
+nsPSMShimSelect(CMTSocket *socks, int numsocks, int poll);
+
+PR_EXTERN(size_t)
+nsPSMShimReceive(CMTSocket sock, void *buffer, size_t bufSize);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimShutdown(CMTSocket sock);
+
+PR_EXTERN(CMTStatus)
+nsPSMShimClose(CMTSocket sock);
+
+PR_END_EXTERN_C
+
+#endif /* _NSPSMSHIMLAYER_H_ */

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.cpp

@@ -0,0 +1,348 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#include "nsProxiedService.h"
+#include "nsIEventQueueService.h"
+#include "nsPSMUICallbacks.h"
+#include "nsINetSupportDialogService.h"
+#include "nsIFilePicker.h"
+
+#include "nsAppShellCIDs.h"
+#include "prprf.h"
+#include "prmem.h"
+
+#include "nsSSLIOLayer.h" // for SSMSTRING_PADDED_LENGTH
+#include "ssmdefs.h"
+#include "rsrcids.h"
+
+// Interfaces Needed
+#include "nsIAppShellService.h"
+#include "nsIDocShell.h"
+#include "nsIDOMWindow.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIPrompt.h"
+#include "nsIScriptGlobalObject.h"
+#include "nsIURL.h"
+#include "nsIXULWindow.h"
+
+static NS_DEFINE_IID(kAppShellServiceCID, NS_APPSHELL_SERVICE_CID);
+static NS_DEFINE_CID(kNetSupportDialogCID, NS_NETSUPPORTDIALOG_CID);
+
+
+// Happy callbacks
+static char * PromptUserCallback(void *arg, char *prompt, int isPasswd);
+static char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist);
+static void   ApplicationFreeCallback(char *userInput);
+
+static void * CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, 
+								CMBool isModal, char* urlStr, void *data);
+
+extern "C" void CARTMAN_UIEventLoop(void *data);
+
+
+/* nsISupports Implementation for the class */
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMUIHandlerImpl, nsIPSMUIHandler)
+
+NS_METHOD
+nsPSMUIHandlerImpl::DisplayURI(PRInt32 width, PRInt32 height, PRBool modal, const char *urlStr)
+{
+    nsresult rv;
+    nsCOMPtr<nsIDOMWindow> hiddenWindow;
+    JSContext *jsContext;
+
+    NS_WITH_SERVICE(nsIAppShellService, appShell, kAppShellServiceCID, &rv);
+	if (NS_SUCCEEDED(rv))
+	{
+		rv = appShell->GetHiddenWindowAndJSContext( getter_AddRefs( hiddenWindow ),
+                                                    &jsContext );
+
+	     if ( NS_SUCCEEDED( rv ) ) 
+         {
+            // Set up arguments for "window.open"
+            void *stackPtr;
+            char params[36];
+
+            if (modal)  // if you change this, remember to change the buffer size above.
+                strcpy(params, "menubar=no,height=%d,width=%d,modal");
+            else
+                strcpy(params, "menubar=no,height=%d,width=%d");
+
+            char buffer[256];
+            PR_snprintf(buffer,
+                        sizeof(buffer),
+                        params,
+                        height,
+                        width );
+
+            jsval	*argv = JS_PushArguments(jsContext, &stackPtr, "sss", urlStr, "_blank", buffer);
+            if (argv)
+            {
+	            // open the window
+	            nsIDOMWindow	*newWindow;
+	            hiddenWindow->Open(jsContext, argv, 3, &newWindow);
+                newWindow->ResizeTo(width, height);
+	            JS_PopArguments(jsContext, stackPtr);
+            }
+        }
+    }
+    return rv;
+}
+
+NS_IMETHODIMP
+nsPSMUIHandlerImpl::PromptForFile(const PRUnichar *prompt, const char *fileRegEx, PRBool shouldFileExist, char **outFile)
+{
+    NS_ENSURE_ARG_POINTER(outFile);
+    nsCOMPtr<nsIFilePicker> fp = do_CreateInstance("component://mozilla/filepicker");
+    
+    if (!fp)
+        return NS_ERROR_NULL_POINTER;
+
+
+    fp->Init(nsnull, prompt, nsIFilePicker::modeOpen);
+    fp->AppendFilter(NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode(), NS_ConvertASCIItoUCS2(fileRegEx).GetUnicode());  
+    fp->AppendFilters(nsIFilePicker::filterAll);
+    PRInt16 mode;
+    nsresult rv = fp->Show(&mode);
+
+    if (NS_FAILED(rv) || (mode == nsIFilePicker::returnCancel))
+         return rv;
+
+    nsCOMPtr<nsILocalFile> file;
+    rv = fp->GetFile(getter_AddRefs(file));
+
+    if (file)
+      file->GetPath(outFile);
+
+    return rv;
+}
+
+NS_METHOD      
+nsPSMUIHandlerImpl::CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult)
+{                                                                  
+    nsresult rv = NS_OK; 
+    if ( aResult ) 
+    { 
+        /* Allocate new find component object. */
+        nsPSMUIHandlerImpl *component = new nsPSMUIHandlerImpl(); 
+        if ( component ) 
+        { 
+            /* Allocated OK, do query interface to get proper */
+            /* pointer and increment refcount.                */
+            rv = component->QueryInterface( aIID, aResult ); 
+            if ( NS_FAILED( rv ) ) 
+            { 
+                /* refcount still at zero, delete it here. */
+                delete component; 
+            } 
+        } 
+        else 
+        { 
+            rv = NS_ERROR_OUT_OF_MEMORY; 
+        } 
+    } 
+    else 
+    { 
+        rv = NS_ERROR_NULL_POINTER; 
+    } 
+    return rv; 
+} 
+
+
+
+extern "C" void CARTMAN_UIEventLoop(void *data)
+{
+   CMT_EventLoop((PCMT_CONTROL)data);
+}
+
+PRStatus InitPSMEventLoop(PCMT_CONTROL control)
+{
+    PR_CreateThread(PR_USER_THREAD,
+                    CARTMAN_UIEventLoop,
+                    control, 
+                    PR_PRIORITY_NORMAL, 
+                    PR_GLOBAL_THREAD, 
+                    PR_UNJOINABLE_THREAD,
+                    0);  
+
+    return PR_SUCCESS;
+}
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL control)
+{
+    if (!control)
+        return PR_FAILURE;  
+    
+    CMT_SetPromptCallback(control, (promptCallback_fn)PromptUserCallback, nsnull);
+    CMT_SetAppFreeCallback(control, (applicationFreeCallback_fn) ApplicationFreeCallback);
+    CMT_SetFilePathPromptCallback(control, (filePathPromptCallback_fn) FilePathPromptCallback, nsnull);
+
+    if (CMT_SetUIHandlerCallback(control, (uiHandlerCallback_fn) CartmanUIHandler, NULL) != CMTSuccess) 
+            return PR_FAILURE;
+
+    return PR_SUCCESS;
+}
+
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char *pickledStatus, const char *hostName)
+{
+    CMUint32 advRID = 0;
+    CMInt32 width = 0;
+    CMInt32 height = 0;
+    CMTItem urlItem = {0, NULL, 0};
+    CMTStatus rv = CMTSuccess;
+    CMTItem advisorContext = {0, NULL, 0};
+    void * pwin;
+
+    CMTSecurityAdvisorData data;
+    memset(&data, '\0', sizeof(CMTSecurityAdvisorData));
+    
+    if (hostName)
+    {
+        // if there is a hostName, than this request is about
+        // a webpage.  
+        data.hostname    = (char*) hostName;
+        data.infoContext = SSM_BROWSER;
+    
+        if (pickledStatus)
+        {
+            CMTItem pickledResource = {0, NULL, 0};
+            CMUint32 socketStatus = 0;
+    
+            pickledResource.len = *(int*)(pickledStatus);
+            pickledResource.data = (unsigned char*) PR_Malloc(SSMSTRING_PADDED_LENGTH(pickledResource.len));
+        
+            if (! pickledResource.data) return PR_FAILURE;
+
+            memcpy(pickledResource.data, pickledStatus+sizeof(int), pickledResource.len);
+        
+            /* Unpickle the SSL Socket Status */
+            if (CMT_UnpickleResource( control, 
+                                      SSM_RESTYPE_SSL_SOCKET_STATUS,
+                                      pickledResource, 
+                                      &socketStatus) == CMTSuccess)
+            {
+                data.infoContext = SSM_BROWSER;    
+                data.resID = socketStatus;
+            }
+
+            PR_FREEIF(pickledResource.data);
+        }
+    }
+
+    /* Create a Security Advisor context object. */
+    rv = CMT_SecurityAdvisor(control, &data, &advRID);
+
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Get the URL, width, height, etc. from the advisor context. */
+    rv = CMT_GetStringAttribute(control, 
+                                advRID, 
+                                SSM_FID_SECADVISOR_URL,
+                                &urlItem);
+
+    if ((rv != CMTSuccess) || (!urlItem.data))
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_WIDTH,
+                                 &width);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    rv = CMT_GetNumericAttribute(control, 
+                                 advRID, 
+                                 SSM_FID_SECADVISOR_HEIGHT,
+                                 &height);
+    if (rv != CMTSuccess)
+        return PR_FAILURE;
+
+    /* Fire the URL up in a window of its own. */
+    pwin = CartmanUIHandler(advRID, nsnull, width, height, CM_FALSE, (char*)urlItem.data, NULL);
+    
+    //allocated by cmt, we can free with free:
+    free(urlItem.data);
+    
+    return PR_SUCCESS;
+}
+
+
+
+void* CartmanUIHandler(uint32 resourceID, void* clientContext, uint32 width, uint32 height, CMBool isModal, char* urlStr, void *data)
+{
+    nsresult rv = NS_OK;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->DisplayURI(width, height, isModal, urlStr);
+
+    return nsnull;
+}
+
+    
+    
+char * PromptUserCallback(void *arg, char *prompt, int isPasswd)
+{
+
+    nsresult rv = NS_OK;
+    PRUnichar *password;
+    PRBool  value;
+
+    NS_WITH_PROXIED_SERVICE(nsIPrompt, dialog, kNetSupportDialogCID, NS_UI_THREAD_EVENTQ, &rv);
+    
+    if (NS_SUCCEEDED(rv)) {
+	    rv = dialog->PromptPassword(nsnull, NS_ConvertASCIItoUCS2(prompt).GetUnicode(),
+                                  NS_ConvertASCIItoUCS2(" ").GetUnicode(),      // hostname
+                                  PR_TRUE, &password, &value);
+
+        if (NS_SUCCEEDED(rv) && value) {
+            nsString a(password);
+            char* str = a.ToNewCString();
+            Recycle(password);
+            return str;
+        }
+    }
+
+    return nsnull;
+}
+
+void ApplicationFreeCallback(char *userInput)
+{
+    nsMemory::Free(userInput);
+}
+
+char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32 shouldFileExist)
+{
+    nsresult rv = NS_OK;
+    
+    char* filePath = nsnull;
+    
+    NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
+    
+    if(NS_SUCCEEDED(rv))
+	    handler->PromptForFile(NS_ConvertASCIItoUCS2(prompt).GetUnicode(), fileRegEx, (PRBool)shouldFileExist, &filePath);
+
+    return filePath;
+}

mozilla/extensions/psm-glue/src/nsPSMUICallbacks.h

@@ -0,0 +1,56 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef _NSPSMUICALLBACKS_H
+#define _NSPSMUICALLBACKS_H
+
+#include "prtypes.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMUIHandler.h"
+
+PRStatus InitPSMUICallbacks(PCMT_CONTROL gControl);
+PRStatus InitPSMEventLoop(PCMT_CONTROL gControl);
+PRStatus DisplayPSMUIDialog(PCMT_CONTROL control, const char* pickledStatus, const char *hostName);
+
+
+#define NS_PSMUIHANDLER_CID {0x15944e30, 0x601e, 0x11d3, {0x8c, 0x4a, 0x00, 0x00, 0x64, 0x65, 0x73, 0x74}}
+
+class nsPSMUIHandlerImpl : public nsIPSMUIHandler 
+{
+    public:
+
+        NS_DEFINE_STATIC_CID_ACCESSOR( NS_PSMUIHANDLER_CID );
+    
+        /* ctor/dtor */
+        nsPSMUIHandlerImpl() { NS_INIT_REFCNT(); }
+        virtual ~nsPSMUIHandlerImpl() { }
+
+        NS_DECL_ISUPPORTS
+        NS_DECL_NSIPSMUIHANDLER
+
+        static NS_METHOD CreatePSMUIHandler(nsISupports* aOuter, REFNSIID aIID, void **aResult);
+};
+
+#endif

mozilla/extensions/psm-glue/src/nsSDR.cpp

@@ -0,0 +1,320 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s): 
+ *  thayes@netscape.com
+ */
+
+#include "stdlib.h"
+#include "plstr.h"
+#include "nsMemory.h"
+#include "nsIServiceManager.h"
+
+#include "plbase64.h"
+
+#include "nsISecretDecoderRing.h"
+
+#include "cmtcmn.h"
+#include "nsIPSMComponent.h"
+
+#include "nsSDR.h"
+
+NS_IMPL_ISUPPORTS1(nsSecretDecoderRing, nsISecretDecoderRing)
+
+nsSecretDecoderRing::nsSecretDecoderRing()
+{
+  NS_INIT_ISUPPORTS();
+
+  mPSM = NULL;
+}
+
+nsSecretDecoderRing::~nsSecretDecoderRing()
+{
+  if (mPSM) mPSM->Release();
+}
+
+/* Init the new instance */
+nsresult nsSecretDecoderRing::
+init()
+{
+  nsresult rv;
+  nsISupports *psm;
+
+  rv = nsServiceManager::GetService(kPSMComponentProgID, NS_GET_IID(nsIPSMComponent),
+                                    &psm);
+  if (rv != NS_OK) goto loser;  /* Should promote error */
+
+  mPSM = (nsIPSMComponent *)psm;
+
+loser:
+  return rv;
+}
+
+/* [noscript] long encrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Encrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    CMT_CONTROL *control;
+    CMTStatus status;
+    CMUint32 cLen;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connect to use for the request */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+   
+    status = CMT_SDREncrypt(control, (void *)0, (const unsigned char *)0, 0, 
+               data, dataLen, result, &cLen);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* XXX */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = cLen;
+
+loser:
+    return rv;
+}
+
+/* [noscript] long decrypt (in buffer data, in long dataLen, out buffer result); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Decrypt(unsigned char * data, PRInt32 dataLen, unsigned char * *result, PRInt32 *_retval)
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+    CMUint32 len;
+
+    if (data == nsnull || result == nsnull || _retval == nsnull) {
+       rv = NS_ERROR_INVALID_POINTER;
+       goto loser;
+    }
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_SDRDecrypt(control, (void *)0, data, dataLen, result, &len);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+    /* Copy returned data to nsMemory buffer ? */
+    *_retval = len;
+
+loser:
+    return rv;
+}
+
+/* string encryptString (in string text); */
+NS_IMETHODIMP nsSecretDecoderRing::
+EncryptString(const char *text, char **_retval)
+{
+    nsresult rv = NS_OK;
+    unsigned char *encrypted = 0;
+    PRInt32 eLen;
+
+    if (text == nsnull || _retval == nsnull) {
+        rv = NS_ERROR_INVALID_POINTER;
+        goto loser;
+    }
+
+    rv = Encrypt((unsigned char *)text, PL_strlen(text), &encrypted, &eLen);
+    if (rv != NS_OK) { goto loser; }
+
+    rv = encode(encrypted, eLen, _retval);
+
+loser:
+    if (encrypted) nsMemory::Free(encrypted);
+
+    return rv;
+}
+
+/* string decryptString (in string crypt); */
+NS_IMETHODIMP nsSecretDecoderRing::
+DecryptString(const char *crypt, char **_retval)
+{
+    nsresult rv = NS_OK;
+    char *r = 0;
+    unsigned char *decoded = 0;
+    PRInt32 decodedLen;
+    unsigned char *decrypted = 0;
+    PRInt32 decryptedLen;
+
+    if (crypt == nsnull || _retval == nsnull) {
+      rv = NS_ERROR_INVALID_POINTER;
+      goto loser;
+    }
+
+    rv = decode(crypt, &decoded, &decodedLen);
+    if (rv != NS_OK) goto loser;
+
+    rv = Decrypt(decoded, decodedLen, &decrypted, &decryptedLen);
+    if (rv != NS_OK) goto loser;
+
+    // Convert to NUL-terminated string
+    r = (char *)nsMemory::Alloc(decryptedLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, decrypted, decryptedLen);
+    r[decryptedLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+    if (decrypted) nsMemory::Free(decrypted);
+    if (decoded) nsMemory::Free(decoded);
+ 
+    return rv;
+}
+
+/* void changePassword(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+ChangePassword()
+{
+  nsresult rv = NS_OK;
+  CMTStatus status;
+  CMT_CONTROL *control;
+
+  rv = mPSM->GetControlConnection(&control);
+  if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+
+  status = CMT_SDRChangePassword(control, (void*)0);
+
+loser:
+  return rv;
+}
+
+/* void logout(); */
+NS_IMETHODIMP nsSecretDecoderRing::
+Logout()
+{
+    nsresult rv = NS_OK;
+    CMTStatus status;
+    CMT_CONTROL *control;
+
+    /* Check object initialization */
+    NS_ASSERTION(mPSM != nsnull, "SDR object not initialized");
+    if (mPSM == nsnull) { rv = NS_ERROR_NOT_INITIALIZED; goto loser; }
+
+    /* Get the control connection */
+    rv = mPSM->GetControlConnection(&control);
+    if (rv != NS_OK) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
+    
+    /* Call PSM to decrypt the value */
+    status = CMT_LogoutAllTokens(control);
+    if (status != CMTSuccess) { rv = NS_ERROR_FAILURE; goto loser; } /* Promote? */
+
+loser:
+    return rv;
+}
+
+
+// Support routines
+
+nsresult nsSecretDecoderRing::
+encode(const unsigned char *data, PRInt32 dataLen, char **_retval)
+{
+    nsresult rv = NS_OK;
+
+    *_retval = PL_Base64Encode((const char *)data, dataLen, NULL);
+    if (!*_retval) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    char *r = 0;
+
+    // Allocate space for encoded string (with NUL)
+    r = (char *)nsMemory::Alloc(dataLen+1);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, dataLen);
+    r[dataLen] = 0;
+
+    *_retval = r;
+    r = 0;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+nsresult nsSecretDecoderRing::
+decode(const char *data, unsigned char **result, PRInt32 * _retval)
+{
+    nsresult rv = NS_OK;
+    PRUint32 len = PL_strlen(data);
+    int adjust = 0;
+
+    /* Compute length adjustment */
+    if (data[len-1] == '=') {
+      adjust++;
+      if (data[len-2] == '=') adjust++;
+    }
+
+    *result = (unsigned char *)PL_Base64Decode(data, len, NULL);
+    if (!*result) { rv = NS_ERROR_ILLEGAL_VALUE; goto loser; }
+
+    *_retval = (len*3)/4 - adjust;
+
+loser:
+    return rv;
+
+#if 0
+    nsresult rv = NS_OK;
+    unsigned char *r = 0;
+    PRInt32 rLen;
+
+    // Allocate space for decoded string (missing NUL)
+    rLen = PL_strlen(data);
+    r = (unsigned char *)nsMemory::Alloc(rLen);
+    if (!r) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
+
+    memcpy(r, data, rLen);
+
+    *result = r;
+    r = 0;
+    *_retval = rLen;
+
+loser:
+    if (r) nsMemory::Free(r);
+
+    return rv;
+#endif
+}
+
+const char * nsSecretDecoderRing::kPSMComponentProgID = PSM_COMPONENT_PROGID;

mozilla/extensions/psm-glue/src/nsSDR.h

@@ -0,0 +1,58 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Terry Hayes <thayes@netscape.com>
+ */
+
+#ifndef _NSSDR_H_
+#define _NSSDR_H_
+
+#include "nsISecretDecoderRing.h"
+
+// ===============================================
+// nsSecretDecoderRing - implementation of nsISecretDecoderRing
+// ===============================================
+
+#define NS_SDR_CLASSNAME "Secret Decoder Ring"
+#define NS_SDR_CID \
+  { 0xd9a0341, 0xce7, 0x11d4, { 0x9f, 0xdd, 0x0, 0x0, 0x64, 0x65, 0x73, 0x74 } }
+#define NS_SDR_PROGID "netscape.security.sdr"
+
+class nsSecretDecoderRing : public nsISecretDecoderRing
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSISECRETDECODERRING
+
+  nsSecretDecoderRing();
+  virtual ~nsSecretDecoderRing();
+
+  nsresult init();
+
+private:
+  nsIPSMComponent *mPSM;
+
+  static const char *kPSMComponentProgID;
+
+  nsresult encode(const unsigned char *data, PRInt32 dataLen, char **_retval);
+  nsresult decode(const char *data, unsigned char **result, PRInt32 * _retval);
+};
+
+#endif /* _NSSDR_H_ */

mozilla/extensions/psm-glue/src/nsSSLIOLayer.cpp

@@ -0,0 +1,550 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nspr.h"
+#include "nsString.h"
+#include "cmtcmn.h"
+
+#include "nsIPSMComponent.h"
+#include "nsIPSMSocketInfo.h"
+#include "nsIServiceManager.h"
+#include "nsPSMShimLayer.h"
+#include "nsSSLIOLayer.h"
+
+static PRDescIdentity  nsSSLIOLayerIdentity;
+static PRIOMethods     nsSSLIOLayerMethods;
+static nsIPSMComponent* gPSMService = nsnull;
+
+
+
+class nsPSMSocketInfo : public nsIPSMSocketInfo
+{
+public:
+    nsPSMSocketInfo();
+    virtual ~nsPSMSocketInfo();
+
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSIPSMSOCKETINFO
+
+    // internal functions to psm-glue.
+    nsresult SetSocketPtr(CMSocket *socketPtr);
+    nsresult SetControlPtr(CMT_CONTROL *aControlPtr);
+    nsresult SetFileDescPtr(PRFileDesc *aControlPtr);
+    nsresult SetHostName(char *aHostName);
+    nsresult SetProxyName(char *aName);
+
+    nsresult SetHostPort(PRInt32 aPort);
+    nsresult SetProxyPort(PRInt32 aPort);
+    nsresult SetPickledStatus();
+
+protected:
+    CMT_CONTROL* mControl;
+    CMSocket*    mSocket;
+    PRFileDesc*  mFd;
+    
+    nsString     mHostName;
+    PRInt32      mHostPort;
+    
+    nsString     mProxyName;
+    PRInt32      mProxyPort;
+    
+    unsigned char* mPickledStatus;
+};
+
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerConnect(PRFileDesc *fd, const PRNetAddr *addr, PRIntervalTime timeout)
+{
+    nsresult                result;
+    PRStatus                rv = PR_SUCCESS;
+    CMTStatus               status = CMTFailure;
+    
+    /* Set the error in case of failure. */
+
+    PR_SetError(PR_UNKNOWN_ERROR, status);
+
+    if (!fd || !addr || !fd->secret || !gPSMService)
+        return PR_FAILURE;
+    
+    char ipBuffer[PR_NETDB_BUF_SIZE];
+    rv = PR_NetAddrToString(addr, (char*)&ipBuffer, PR_NETDB_BUF_SIZE);
+    if (rv != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    if (addr->raw.family == PR_AF_INET6 && PR_IsNetAddrType(addr, PR_IpAddrV4Mapped)) 
+    {
+      /* Chop off the leading "::ffff:" */
+      strcpy(ipBuffer, ipBuffer + 7);
+    }
+
+    
+    CMT_CONTROL *control;
+    result = gPSMService->GetControlConnection(&control);
+    if (result != PR_SUCCESS)
+        return PR_FAILURE;
+    
+    CMSocket* cmsock = (CMSocket *)PR_Malloc(sizeof(CMSocket));
+    if (!cmsock)
+        return PR_FAILURE;
+    
+    memset(cmsock, 0, sizeof(CMSocket));
+    
+    cmsock->fd        = fd->lower;
+    cmsock->isUnix    = PR_FALSE;
+   
+    nsPSMSocketInfo *infoObject = (nsPSMSocketInfo *)fd->secret;
+    
+    infoObject->SetControlPtr(control);
+    infoObject->SetSocketPtr(cmsock);
+    
+    char* proxyName;
+    char* hostName;
+    infoObject->GetProxyName(&proxyName);
+    infoObject->GetHostName(&hostName);
+    
+    if (!proxyName)
+    {
+        // Direct connection
+        status = CMT_OpenSSLConnection(control,
+                                       cmsock,
+                                       SSM_REQUEST_SSL_DATA_SSL,
+                                       PR_ntohs(addr->inet.port),
+                                       ipBuffer,
+                                       (hostName ? hostName : ipBuffer),
+                                       CM_FALSE, 
+                                       nsnull);
+    
+    }
+    else
+    {
+        // not supported yet.
+
+        return PR_FAILURE;
+#if 0
+        PRInt32 destPort;
+        
+        infoObject->GetProxyPort(&destPort);
+
+        status = CMT_OpenSSLProxyConnection(control,
+                                            cmsock,
+                                            destPort, 
+                                            proxyName,  // wants IP
+                                            hostName);
+#endif
+    }
+
+    if (hostName)  Recycle(hostName);
+    if (proxyName) Recycle(proxyName);
+        
+    if (CMTSuccess == status)
+    {
+        // since our stuff can block, what we want to do is return PR_FAILURE,
+        // but set the nspr ERROR to BLOCK.  This will put us into a select
+        // q.
+        PR_SetError(PR_WOULD_BLOCK_ERROR, status);
+        return PR_FAILURE;
+    }
+
+    return PR_FAILURE;
+}
+
+  /* CMT_DestroyDataConnection(ctrl, sock); */
+  /*   need to strip our layer, pass result to DestroyDataConnection */
+  /*   which will clean up the CMT accounting of sock, then call our */
+  /*   shim layer to translate back to NSPR */
+
+static PRStatus PR_CALLBACK
+nsSSLIOLayerClose(PRFileDesc *fd)
+{
+  nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+  PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+   
+  if (infoObject && id == nsSSLIOLayerIdentity)
+  {
+    CMInt32 errorCode = PR_FAILURE;
+    CMT_CONTROL* control;
+    CMSocket*    socket;
+    
+    PR_Shutdown(fd, PR_SHUTDOWN_BOTH);
+
+    infoObject->GetControlPtr(&control);
+    infoObject->GetSocketPtr(&socket);
+    infoObject->SetPickledStatus();
+
+    CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+    CMT_DestroyDataConnection(control, socket);
+    NS_RELEASE(infoObject);  // if someone is interested in us, the better have an addref.
+    fd->identity = PR_INVALID_IO_LAYER;
+    
+    return (PRStatus)errorCode;
+  }
+
+  return PR_FAILURE;
+}
+ 
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerRead( PRFileDesc *fd, void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Recv(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+    
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+    
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+
+			if (errorCode == PR_IO_TIMEOUT_ERROR)
+			{
+				PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+				return PR_FAILURE;
+			}
+
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+
+    return result;
+}
+
+static PRInt32 PR_CALLBACK
+nsSSLIOLayerWrite( PRFileDesc *fd, const void *buf, PRInt32 amount)
+{
+    if (!fd)
+        return PR_FAILURE;
+
+    PRInt32 result = PR_Send(fd, buf, amount, 0, PR_INTERVAL_MIN);
+    
+    if (result > 0)
+        return result;
+
+    if (result == -1)
+    {
+        PRErrorCode code = PR_GetError();
+
+        if (code == PR_IO_TIMEOUT_ERROR )
+            PR_SetError(PR_WOULD_BLOCK_ERROR, PR_WOULD_BLOCK_ERROR);
+        return PR_FAILURE;
+    }
+
+    if (result == 0)
+    {
+        nsPSMSocketInfo *infoObject    = (nsPSMSocketInfo *)fd->secret;
+        PRDescIdentity          id     = PR_GetLayersIdentity(fd);
+
+        if (infoObject && id == nsSSLIOLayerIdentity)
+        {
+            CMInt32 errorCode = PR_FAILURE;
+            CMT_CONTROL* control;
+            CMSocket*    socket;
+    
+            infoObject->GetControlPtr(&control);
+            infoObject->GetSocketPtr(&socket);
+
+            CMT_GetSSLDataErrorCode(control, socket, &errorCode);
+            PR_SetError(0, 0);
+            return errorCode;
+        }
+    }
+    return result;
+}
+
+
+
+nsPSMSocketInfo::nsPSMSocketInfo()
+{ 
+    NS_INIT_REFCNT(); 
+    mControl = nsnull; 
+    mSocket = nsnull;
+    mPickledStatus = nsnull;
+}
+
+nsPSMSocketInfo::~nsPSMSocketInfo()
+{
+    PR_FREEIF(mPickledStatus);    
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMSocketInfo, nsIPSMSocketInfo);
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetControlPtr(CMT_CONTROL * *aControlPtr)
+{
+    *aControlPtr = mControl;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetControlPtr(CMT_CONTROL *aControlPtr)
+{
+    mControl = aControlPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetSocketPtr(CMSocket * *socketPtr)
+{
+    *socketPtr = mSocket;
+    return NS_OK;
+}
+
+nsresult
+nsPSMSocketInfo::SetSocketPtr(CMSocket *socketPtr)
+{
+    mSocket = socketPtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetFileDescPtr(PRFileDesc * *aFilePtr)
+{
+    *aFilePtr = mFd;
+    return NS_OK;
+}
+
+
+nsresult
+nsPSMSocketInfo::SetFileDescPtr(PRFileDesc *aFilePtr)
+{
+    mFd = aFilePtr;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostName(char * *aHostName)
+{
+    if (mHostName.IsEmpty())
+        *aHostName = nsnull;
+    else
+        *aHostName = mHostName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetHostName(char *aHostName)
+{
+    mHostName.AssignWithConversion(aHostName);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetHostPort(PRInt32 *aPort)
+{
+    *aPort = mHostPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetHostPort(PRInt32 aPort)
+{
+    mHostPort = aPort;
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyName(char * *aName)
+{
+    if (mProxyName.IsEmpty())
+        *aName = nsnull;
+    else
+        *aName = mProxyName.ToNewCString();
+    return NS_OK;
+}
+
+
+nsresult 
+nsPSMSocketInfo::SetProxyName(char *aName)
+{
+    mProxyName.AssignWithConversion(aName);
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsPSMSocketInfo::GetProxyPort(PRInt32 *aPort)
+{
+    *aPort = mProxyPort;
+    return NS_OK;
+}
+
+nsresult 
+nsPSMSocketInfo::SetProxyPort(PRInt32 aPort)
+{
+    mProxyPort = aPort;
+    return NS_OK;
+}
+
+
+
+nsresult
+nsPSMSocketInfo::SetPickledStatus()
+{
+    PR_FREEIF(mPickledStatus);
+
+    long level;
+    CMTItem pickledStatus = {0, nsnull, 0};
+    unsigned char* ret    = nsnull;
+
+    if (CMT_GetSSLSocketStatus(mControl, mSocket, &pickledStatus, &level) != PR_FAILURE)
+    {        
+        ret = (unsigned char*) PR_Malloc( (SSMSTRING_PADDED_LENGTH(pickledStatus.len) + sizeof(int)) );
+        if (ret) 
+        {
+            *(int*)ret = pickledStatus.len;
+            memcpy(ret+sizeof(int), pickledStatus.data, *(int*)ret);
+        }
+
+        PR_FREEIF(pickledStatus.data);
+        mPickledStatus = ret;
+    }
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP
+nsPSMSocketInfo::GetPickledStatus(char * *pickledStatusString)
+{
+    if (!mPickledStatus)
+        SetPickledStatus();
+
+    if (mPickledStatus)
+    {
+        PRInt32 len = *(int*)mPickledStatus;
+        char *out = (char *)nsMemory::Alloc(len);
+        memcpy(out, mPickledStatus, len);
+        *pickledStatusString = out;
+        return NS_OK;
+    }
+    *pickledStatusString = nsnull;
+    return NS_ERROR_FAILURE;
+}
+
+nsresult
+nsSSLIOLayerNewSocket( const char *host, 
+                       PRInt32 port, 
+                       const char *proxyHost, 
+                       PRInt32 proxyPort,
+                       PRFileDesc **fd, 
+                       nsISupports** info)
+{
+    static PRBool  firstTime = PR_TRUE;
+    if (firstTime)
+    {
+        nsSSLIOLayerIdentity        = PR_GetUniqueIdentity("Cartman layer");
+        nsSSLIOLayerMethods         = *PR_GetDefaultIOMethods();
+
+        nsSSLIOLayerMethods.connect = nsSSLIOLayerConnect;
+        nsSSLIOLayerMethods.close   = nsSSLIOLayerClose;
+        nsSSLIOLayerMethods.read    = nsSSLIOLayerRead;
+        nsSSLIOLayerMethods.write   = nsSSLIOLayerWrite;
+        
+        
+        nsresult result = nsServiceManager::GetService( PSM_COMPONENT_PROGID,
+                                                        NS_GET_IID(nsIPSMComponent), 
+                                                        (nsISupports**)&gPSMService);  
+        if (NS_FAILED(result))
+            return PR_FAILURE;
+    
+        firstTime                   = PR_FALSE;
+
+    }
+    
+
+    PRFileDesc *   sock;
+    PRFileDesc *   layer;
+    PRStatus       rv;
+
+    /* Get a normal NSPR socket */
+    sock = PR_NewTCPSocket();  
+    if (! sock) return NS_ERROR_OUT_OF_MEMORY;
+    
+    /* disable Nagle algorithm delay for control sockets */
+    PRSocketOptionData sockopt;
+    sockopt.option = PR_SockOpt_NoDelay;
+    sockopt.value.no_delay = PR_TRUE;   
+    rv = PR_SetSocketOption(sock, &sockopt);
+    PR_ASSERT(PR_SUCCESS == rv);
+
+
+    layer = PR_CreateIOLayerStub(nsSSLIOLayerIdentity, &nsSSLIOLayerMethods);
+    if (! layer)
+    {
+        PR_Close(sock);
+        return NS_ERROR_FAILURE;
+    }
+        
+    nsPSMSocketInfo *infoObject = new nsPSMSocketInfo();
+    if (!infoObject)
+    {
+        PR_Close(sock);
+        // clean up IOLayerStub.
+        return NS_ERROR_FAILURE;
+    }
+    
+    NS_ADDREF(infoObject);
+    
+    infoObject->SetHostName((char*)host);
+    infoObject->SetHostPort(port);
+    infoObject->SetProxyName((char*)proxyHost);
+    infoObject->SetProxyPort(proxyPort);
+
+    layer->secret = (PRFilePrivate*) infoObject;
+    rv = PR_PushIOLayer(sock, PR_GetLayersIdentity(sock), layer);
+    
+    if (rv == PR_SUCCESS)
+    {
+        *fd   = sock;
+        *info = infoObject;
+        NS_ADDREF(*info);
+        return NS_OK;
+    }
+    
+    PR_Close(sock);
+    return NS_ERROR_FAILURE;
+}

mozilla/extensions/psm-glue/src/nsSSLIOLayer.h

@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#ifndef _NSSSLIOLAYER_H
+#define _NSSSLIOLAYER_H
+
+#include "prtypes.h"
+#include "prio.h"
+#include "nsIPSMSocketInfo.h"
+
+// define taken from 4.x cartman glue code.  
+#define SSMSTRING_PADDED_LENGTH(x) ((((x)+3)/4)*4)
+
+nsresult nsSSLIOLayerNewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **fd, 
+                               nsISupports **securityInfo);
+#endif /* _NSSSLIOLAYER_H */

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.cpp

@@ -0,0 +1,94 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#include "nsIComponentManager.h"
+#include "nsIServiceManager.h"
+#include "nsSSLSocketProvider.h"
+#include "nsSSLIOLayer.h"
+
+////////////////////////////////////////////////////////////////////////////////
+
+nsSSLSocketProvider::nsSSLSocketProvider()
+{
+  NS_INIT_REFCNT();
+}
+
+nsresult
+nsSSLSocketProvider::Init()
+{
+  nsresult rv = NS_OK;
+  return rv;
+}
+
+nsSSLSocketProvider::~nsSSLSocketProvider()
+{
+}
+
+NS_IMPL_THREADSAFE_ISUPPORTS2(nsSSLSocketProvider, nsISocketProvider, nsISSLSocketProvider);
+
+NS_METHOD
+nsSSLSocketProvider::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{                                                                               
+    nsresult rv;                                                                
+                                                                                
+    nsSSLSocketProvider * inst;                                                      
+                                                                                
+    if (NULL == aResult) {                                                      
+        rv = NS_ERROR_NULL_POINTER;                                             
+        return rv;                                                              
+    }                                                                           
+    *aResult = NULL;                                                            
+    if (NULL != aOuter) {                                                       
+        rv = NS_ERROR_NO_AGGREGATION;                                           
+        return rv;                                                              
+    }                                                                           
+                                                                                
+    NS_NEWXPCOM(inst, nsSSLSocketProvider);                                          
+    if (NULL == inst) {                                                         
+        rv = NS_ERROR_OUT_OF_MEMORY;                                            
+        return rv;                                                              
+    }                                                                           
+    NS_ADDREF(inst);                                                            
+    rv = inst->QueryInterface(aIID, aResult);                                   
+    NS_RELEASE(inst);                                                           
+                                                                                
+    return rv;                                                                  
+}                                                                               
+
+
+NS_IMETHODIMP
+nsSSLSocketProvider::NewSocket(const char *host, 
+                               PRInt32 port, 
+                               const char *proxyHost, 
+                               PRInt32 proxyPort, 
+                               PRFileDesc **_result, 
+                               nsISupports **securityInfo)
+{
+  nsresult rv = nsSSLIOLayerNewSocket(host,
+                                      port,
+                                      proxyHost,
+                                      proxyPort,
+                                      _result, 
+                                      securityInfo);
+  
+  return (NS_FAILED(rv)) ? NS_ERROR_SOCKET_CREATE_FAILED : NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSSLSocketProvider.h

@@ -0,0 +1,54 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+*/
+
+#ifndef _NSSSLSOCKETPROVIDER_H_
+#define _NSSSLSOCKETPROVIDER_H_
+
+#include "nsISSLSocketProvider.h"
+
+
+/* 274418d0-5437-11d3-bbc8-0000861d1237 */         
+#define NS_SSLSOCKETPROVIDER_CID   { 0x274418d0, 0x5437, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}
+
+
+class nsSSLSocketProvider : public nsISSLSocketProvider
+{
+public:
+  NS_DECL_ISUPPORTS
+
+  NS_DECL_NSISOCKETPROVIDER
+
+  NS_DECL_NSISSLSOCKETPROVIDER
+
+  // nsSSLSocketProvider methods:
+  nsSSLSocketProvider();
+  virtual ~nsSSLSocketProvider();
+
+  static NS_METHOD
+  Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+  nsresult Init();
+
+protected:
+};
+
+#endif /* _NSSSLSOCKETPROVIDER_H_ */

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp

@@ -0,0 +1,654 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998-2000 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+ *   Stuart Parmenter <pavlov@netscape.com>
+*/
+
+#include "nspr.h"
+#include "prlog.h"
+
+#include "nsISecureBrowserUI.h"
+#include "nsSecureBrowserUIImpl.h"
+#include "nsIPSMComponent.h"
+#include "nsPSMComponent.h"
+#include "nsCOMPtr.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsIServiceManager.h"
+
+#include "nsIScriptGlobalObject.h"
+#include "nsIObserverService.h"
+#include "nsIDocumentLoader.h"
+#include "nsCURILoader.h"
+#include "nsIDocShell.h"
+#include "nsIDocumentViewer.h"
+#include "nsCURILoader.h"
+#include "nsIDocument.h"
+#include "nsIDOMHTMLDocument.h"
+#include "nsIDOMXULDocument.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIContent.h"
+#include "nsIWebProgress.h"
+#include "nsIChannel.h"
+#include "nsIPSMSocketInfo.h"
+
+#include "nsIURI.h"
+
+#include "prmem.h"
+
+#include "nsINetSupportDialogService.h"
+#include "nsIPrompt.h"
+#include "nsICommonDialogs.h"
+#include "nsIPref.h"
+
+#include "nsIFormSubmitObserver.h"
+
+static NS_DEFINE_CID(kCStringBundleServiceCID,  NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kCommonDialogsCID,         NS_CommonDialog_CID );
+static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
+
+#define ENTER_SITE_PREF      "security.warn_entering_secure"
+#define LEAVE_SITE_PREF      "security.warn_leaving_secure"
+#define MIXEDCONTENT_PREF    "security.warn_viewing_mixed"
+#define INSECURE_SUBMIT_PREF "security.warn_submit_insecure"
+
+#if defined(PR_LOGGING)
+//
+// Log module for nsSecureBroswerUI logging...
+//
+// To enable logging (see prlog.h for full details):
+//
+//    set NSPR_LOG_MODULES=nsSecureBroswerUI:5
+//    set NSPR_LOG_FILE=nspr.log
+//
+// this enables PR_LOG_DEBUG level information and places all output in
+// the file nspr.log
+//
+PRLogModuleInfo* gSecureDocLog = nsnull;
+#endif /* PR_LOGGING */
+
+ 
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)
+{
+    nsresult rv;
+
+    nsSecureBrowserUIImpl * inst;
+
+    if (NULL == aResult) {
+        rv = NS_ERROR_NULL_POINTER;
+        return rv;
+    }
+    *aResult = NULL;
+    if (NULL != aOuter) {
+        rv = NS_ERROR_NO_AGGREGATION;
+        return rv;
+    }
+
+    NS_NEWXPCOM(inst, nsSecureBrowserUIImpl);
+    if (NULL == inst) {
+        rv = NS_ERROR_OUT_OF_MEMORY;
+        return rv;
+    }
+    NS_ADDREF(inst);
+    rv = inst->QueryInterface(aIID, aResult);
+    NS_RELEASE(inst);
+
+    return rv;
+}
+
+nsSecureBrowserUIImpl::nsSecureBrowserUIImpl()
+{
+    NS_INIT_REFCNT();
+    
+#if defined(PR_LOGGING)
+    if (nsnull == gSecureDocLog) {
+        gSecureDocLog = PR_NewLogModule("nsSecureBroswerUI");
+    }
+#endif /* PR_LOGGING */
+
+
+    mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+    mLastPSMStatus    = nsnull;
+    mCurrentURI       = nsnull;
+    mSecurityButton   = nsnull;
+}
+
+nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl()
+{
+    PR_FREEIF(mLastPSMStatus);
+}
+
+NS_IMPL_ISUPPORTS4(nsSecureBrowserUIImpl, 
+                   nsSecureBrowserUI, 
+                   nsIWebProgressListener, 
+                   nsIFormSubmitObserver,
+                   nsIObserver); 
+
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::Init(nsIDOMWindow *window, nsIDOMElement *button)
+{
+    mSecurityButton = button;
+    mWindow         = window;
+
+    nsresult rv = nsServiceManager::GetService( kPrefCID, 
+                                                NS_GET_IID(nsIPref), 
+                                                getter_AddRefs(mPref));  
+    if (NS_FAILED(rv)) return rv;
+
+    NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
+    if (NS_FAILED(rv)) return rv;
+
+    nsILocale* locale = nsnull;
+    rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL, locale, getter_AddRefs(mStringBundle));
+    if (NS_FAILED(rv)) return rv;
+
+    // hook up to the form post notifications:
+    nsIObserverService *svc = 0;
+    rv = nsServiceManager::GetService(NS_OBSERVERSERVICE_PROGID, 
+                                      NS_GET_IID(nsIObserverService), 
+                                      (nsISupports**)&svc );
+    if (NS_SUCCEEDED(rv) && svc) {
+        nsString  topic; topic.AssignWithConversion(NS_FORMSUBMIT_SUBJECT);
+        rv = svc->AddObserver( this, topic.GetUnicode());
+        nsServiceManager::ReleaseService( NS_OBSERVERSERVICE_PROGID, svc );
+    }
+
+    // hook up to the webprogress notifications.
+    nsCOMPtr<nsIDocShell> docShell;
+
+    nsCOMPtr<nsIScriptGlobalObject> sgo = do_QueryInterface(window);
+    if (!sgo) return NS_ERROR_NULL_POINTER;
+
+    sgo->GetDocShell(getter_AddRefs(docShell));
+    if (!docShell) return NS_ERROR_NULL_POINTER;
+
+    nsCOMPtr<nsIWebProgress> wp = do_GetInterface(docShell);
+    if (!wp) return NS_ERROR_NULL_POINTER;
+
+    wp->AddProgressListener(NS_STATIC_CAST(nsIWebProgressListener*,this));
+
+    mInitByLocationChange = PR_TRUE;
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsSecureBrowserUIImpl::DisplayPageInfoUI()
+{
+    nsresult res;
+    NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+    if (NS_FAILED(res)) 
+        return res;
+    
+    nsXPIDLCString host;
+    if (mCurrentURI)
+        mCurrentURI->GetHost(getter_Copies(host));
+    
+    return psm->DisplaySecurityAdvisor(mLastPSMStatus, host);
+}
+
+
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Observe(nsISupports*, const PRUnichar*, const PRUnichar*) 
+{
+    return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+
+static nsresult IsChildOfDomWindow(nsIDOMWindow *parent, nsIDOMWindow *child, PRBool* value)
+{
+    *value = PR_FALSE;
+
+    if (parent == child)
+    {
+        *value = PR_TRUE;
+        return NS_OK;
+    }
+
+    nsCOMPtr<nsIDOMWindow> childsParent;
+    child->GetParent(getter_AddRefs(childsParent));
+        
+    if (childsParent && childsParent.get() != child)
+        IsChildOfDomWindow(parent, childsParent, value);
+    
+    return NS_OK;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI* actionURL)
+{
+    // Return NS_OK unless we want to prevent this form from submitting.
+
+    if (!window || !actionURL || !formNode) {
+        return NS_OK;
+    }
+    
+    nsCOMPtr<nsIDocument> document; 
+    formNode->GetDocument(*getter_AddRefs(document)); 
+    if (!document) return NS_OK; 
+
+    nsCOMPtr<nsIScriptGlobalObject> globalObject; 
+    document->GetScriptGlobalObject(getter_AddRefs(globalObject)); 
+    nsCOMPtr<nsIDOMWindow> postingWindow = do_QueryInterface(globalObject); 
+    
+    PRBool isChild;
+    IsChildOfDomWindow(mWindow, postingWindow, &isChild);
+
+    if (!isChild)
+        return NS_OK;
+
+    PRBool okayToPost;
+    nsresult res = CheckPost(actionURL, &okayToPost);
+
+    if (NS_SUCCEEDED(res) && okayToPost)
+        return NS_OK;
+    
+    return NS_ERROR_FAILURE;
+}
+
+//  nsIWebProgressListener
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnProgressChange(nsIWebProgress* aWebProgress,
+                                        nsIRequest* aRequest, 
+                                        PRInt32 aCurSelfProgress, 
+                                        PRInt32 aMaxSelfProgress, 
+                                        PRInt32 aCurTotalProgress, 
+                                        PRInt32 aMaxTotalProgress)
+{
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
+                                     nsIRequest* aRequest, 
+                                     PRInt32 aProgressStateFlags,
+                                     nsresult aStatus)
+{
+    nsresult res = NS_OK;
+
+    if (aRequest == nsnull || !mSecurityButton || !mPref)
+        return NS_ERROR_NULL_POINTER;
+
+    // Get the channel from the request...
+    // If the request is not network based, then ignore it.    
+    nsCOMPtr<nsIChannel> channel;
+    channel = do_QueryInterface(aRequest, &res);
+    if (NS_FAILED(res))
+        return NS_OK;
+
+    nsCOMPtr<nsIURI> loadingURI;
+    channel->GetURI(getter_AddRefs(loadingURI));
+    
+#if defined(DEBUG)
+    nsXPIDLCString temp;
+    loadingURI->GetSpec(getter_Copies(temp));
+    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange: %x :%s\n", this, aProgressStateFlags,(const char*)temp));
+#endif
+
+    // A Document is starting to load...
+    if ((aProgressStateFlags & flag_start) && 
+        (aProgressStateFlags & flag_is_network))
+    {
+        // starting to load a webpage
+        PR_FREEIF(mLastPSMStatus); mLastPSMStatus = nsnull;
+
+        mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
+
+        res = CheckProtocolContextSwitch( loadingURI, mCurrentURI);    
+        return res;
+    } 
+
+    // A document has finished loading    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_network) &&
+        mIsSecureDocument)
+    {
+        if (!mIsDocumentBroken) // and status is okay  FIX
+        {
+            // qi for the psm information about this channel load.
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info);
+            if (psmInfo)
+            {
+                // Everything looks okay.  Lets stash the picked status.
+                PR_FREEIF(mLastPSMStatus);
+                res = psmInfo->GetPickledStatus(&mLastPSMStatus);
+
+                if (NS_SUCCEEDED(res)) {
+                    PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to lock\n", this));
+                    res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("high") );
+                    return res;
+                }
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to broken\n", this));
+        mIsDocumentBroken = PR_TRUE;
+        res = mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken"));
+        return res;
+    }
+    
+    ///    if (aProgressStateFlags == nsIWebProgress::flag_net_redirecting)
+    ///    {
+    ///        // need to implmentent.
+    ///    }
+
+    // don't need to do anything more if the page is broken or not secure...
+
+    if (!mIsSecureDocument || mIsDocumentBroken)
+        return NS_OK;
+
+    // A URL is starting to load...
+    if ((aProgressStateFlags & flag_start) &&
+        (aProgressStateFlags & flag_is_request))
+    {   // check to see if we are going to mix content.
+        return CheckMixedContext(loadingURI);
+    }
+
+    // A URL has finished loading...    
+    if ((aProgressStateFlags & flag_stop) &&
+        (aProgressStateFlags & flag_is_request))
+    {
+        if (1)  // FIX status from the flag...
+        {
+            nsCOMPtr<nsISupports> info;
+            channel->GetSecurityInfo(getter_AddRefs(info));
+            nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &res);
+
+                    // qi for the psm information about this channel load.
+            if (psmInfo) {
+                return NS_OK;    
+            }
+        }
+
+        PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStateChange - Icon set to broken\n", this));
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+        mIsDocumentBroken = PR_TRUE;
+    }    
+
+    return res;
+}
+
+
+NS_IMETHODIMP 
+nsSecureBrowserUIImpl::OnLocationChange(nsIURI* aLocation)
+{
+    mCurrentURI = aLocation;
+    
+    if (mInitByLocationChange)
+    {
+        IsURLHTTPS(mCurrentURI, &mIsSecureDocument);
+        mInitByLocationChange = PR_FALSE;
+    }
+
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
+{
+	*value = PR_FALSE;
+
+	if (!aURL)
+		return NS_OK;
+
+    char* scheme;
+	aURL->GetScheme(&scheme);
+
+	if (scheme == nsnull)
+		return NS_ERROR_NULL_POINTER;
+
+    if ( PL_strncasecmp(scheme, "https",  5) == 0 )
+		*value = PR_TRUE;
+	
+	nsMemory::Free(scheme);
+	return NS_OK;
+}
+
+
+
+void nsSecureBrowserUIImpl::GetBundleString(const nsString& name, nsString &outString)
+{
+    if (mStringBundle && name.Length() > 0) {
+        PRUnichar *ptrv = nsnull;
+        if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name.GetUnicode(), &ptrv)))
+            outString = ptrv;
+        else
+            outString.SetLength(0);;
+
+        nsMemory::Free(ptrv);
+
+    } else {
+        outString.SetLength(0);;
+    }
+}
+
+nsresult 
+nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI)
+{
+    nsresult res;
+    PRBool isNewSchemeSecure, isOldSchemeSecure, boolpref;
+
+    res = IsURLHTTPS(oldURI, &isOldSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+    res = IsURLHTTPS(newURI, &isNewSchemeSecure);
+    if (NS_FAILED(res)) 
+        return res;
+
+    // Check to see if we are going from a secure page to and insecure page
+    if ( !isNewSchemeSecure && isOldSchemeSecure)
+    {
+        mSecurityButton->RemoveAttribute( NS_ConvertASCIItoUCS2("level") );
+    
+        if ((mPref->GetBoolPref(LEAVE_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("LeaveSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(LEAVE_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+    // check to see if we are going from an insecure page to a secure one.
+    else if (isNewSchemeSecure && !isOldSchemeSecure)
+    {
+        if ((mPref->GetBoolPref(ENTER_SITE_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+        
+        if (boolpref) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
+            if (NS_FAILED(res)) 
+                return res;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("EnterSiteMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue)
+            {
+                mPref->SetBoolPref(ENTER_SITE_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
+                if (NS_FAILED(res)) 
+                    return res;
+                psm->PassPrefs();
+            }
+        }
+    }
+
+    mIsSecureDocument = isNewSchemeSecure;
+    return NS_OK;
+}
+
+
+nsresult
+nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(nextURI, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+
+    if (!secure  && mIsSecureDocument)
+    {
+        mIsDocumentBroken = PR_TRUE;
+        mSecurityButton->SetAttribute( NS_ConvertASCIItoUCS2("level"), NS_ConvertASCIItoUCS2("broken") );
+
+        if (!mPref) return NS_ERROR_NULL_POINTER;
+
+        PRBool boolpref;
+        if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
+            boolpref = PR_TRUE;
+
+        if (boolpref && !mMixContentAlertShown) 
+        {
+            NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+
+            nsAutoString windowTitle, message, dontShowAgain;
+
+            GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+            GetBundleString(NS_ConvertASCIItoUCS2("MixedContentMessage"), message);
+            GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+            PRBool outCheckValue = PR_TRUE;
+
+            dialog->AlertCheck(mWindow, 
+                               windowTitle.GetUnicode(), 
+                               message.GetUnicode(), 
+                               dontShowAgain.GetUnicode(), 
+                               &outCheckValue);
+
+            if (!outCheckValue) {
+                mPref->SetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
+                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+                if (NS_FAILED(rv)) 
+                    return rv;
+                psm->PassPrefs();
+            }
+
+            mMixContentAlertShown = PR_TRUE;
+        }
+    }
+
+  return NS_OK;
+}
+
+nsresult
+nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
+{
+    PRBool secure;
+
+    nsresult rv = IsURLHTTPS(actionURL, &secure);
+    if (NS_FAILED(rv))
+        return rv;
+    
+    // if we are posting to a secure link from a secure page, all is okay.
+    if (secure  && mIsSecureDocument)
+        return NS_OK;
+
+
+    PRBool boolpref;    
+
+    // posting to a non https URL.
+    if ((mPref->GetBoolPref(INSECURE_SUBMIT_PREF, &boolpref) != 0))
+        boolpref = PR_TRUE;
+    
+    if (boolpref) {
+        NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
+        if (NS_FAILED(rv)) 
+            return rv;
+
+        nsAutoString windowTitle, message, dontShowAgain;
+        
+        GetBundleString(NS_ConvertASCIItoUCS2("Title"), windowTitle);
+        GetBundleString(NS_ConvertASCIItoUCS2("DontShowAgain"), dontShowAgain);
+
+        // posting to insecure webpage from a secure webpage.
+        if (!secure  && mIsSecureDocument && !mIsDocumentBroken) {
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecure"), message);
+        } else { // anything else, post generic warning
+            GetBundleString(NS_ConvertASCIItoUCS2("PostToInsecureFromInsecure"), message);
+        }
+
+        PRBool outCheckValue = PR_TRUE;
+        dialog->ConfirmCheck(mWindow, 
+                             windowTitle.GetUnicode(), 
+                             message.GetUnicode(), 
+                             dontShowAgain.GetUnicode(), 
+                             &outCheckValue, 
+                             okayToPost);
+
+        if (!outCheckValue) {
+            mPref->SetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
+            NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
+            if (NS_FAILED(rv)) 
+                return rv;
+            psm->PassPrefs();
+        }
+    } else {
+        *okayToPost = PR_TRUE;
+    }
+  
+    return NS_OK;
+}

mozilla/extensions/psm-glue/src/nsSecureBrowserUIImpl.h

@@ -0,0 +1,108 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *   Hubbie Shaw
+ *   Doug Turner <dougt@netscape.com>
+*/
+
+#ifndef nsSecureBrowserUIImpl_h_
+#define nsSecureBrowserUIImpl_h_
+
+#include "nsCOMPtr.h"
+#include "nsXPIDLString.h"
+#include "nsString.h"
+#include "nsIObserver.h"
+#include "nsIDocumentLoaderObserver.h"
+#include "nsIDOMElement.h"
+#include "nsIDOMWindow.h"
+#include "nsIStringBundle.h"
+#include "nsISecureBrowserUI.h"
+#include "nsIDocShell.h"
+#include "nsIPref.h"
+#include "nsIWebProgressListener.h"
+#include "nsIFormSubmitObserver.h"
+#include "nsIURI.h"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME "Mozilla Secure Browser Doc Observer"
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_CID \
+{0x97c06c30, 0xa145, 0x11d3, \
+{0x8c, 0x7c, 0x00, 0x60, 0x97, 0x92, 0x27, 0x8c}}
+
+#define NS_SECURE_BROWSER_DOCOBSERVER_PROGID "component://netscape/secure_browser_docobserver"
+
+
+class nsSecureBrowserUIImpl : public nsSecureBrowserUI, 
+                              public nsIWebProgressListener, 
+                              public nsIFormSubmitObserver,
+                              public nsIObserver
+{
+public:
+
+	nsSecureBrowserUIImpl();
+	virtual ~nsSecureBrowserUIImpl();
+    
+    static NS_METHOD Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
+
+	NS_DECL_ISUPPORTS    
+    NS_DECL_NSIWEBPROGRESSLISTENER
+    NS_DECL_NSSECUREBROWSERUI
+
+
+    // nsIObserver
+    NS_DECL_NSIOBSERVER
+    NS_IMETHOD Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI *actionURL);
+
+protected:
+
+	nsCOMPtr<nsIDOMWindow>              mWindow;
+    nsCOMPtr<nsIDOMElement>             mSecurityButton;
+	nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
+    nsCOMPtr<nsIPref>                   mPref;
+    nsCOMPtr<nsIStringBundle>           mStringBundle;
+    
+    nsCOMPtr<nsIURI>                    mCurrentURI;
+
+	PRBool					mIsSecureDocument;  // is https loaded
+	PRBool					mIsDocumentBroken;  // 
+	PRBool					mMixContentAlertShown;
+    
+    PRBool                  mInitByLocationChange;
+
+    char*                   mLastPSMStatus;
+    
+
+    void GetBundleString(const nsString& name, nsString &outString);
+    nsresult LoadStringBundle();
+    
+    nsresult CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI);
+    nsresult CheckMixedContext(nsIURI* nextURI);
+    nsresult CheckPost(nsIURI *actionURL, PRBool *okayToPost);
+    nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
+};
+
+
+#endif /* nsSecureBrowserUIImpl_h_ */
+
+
+
+
+
+

mozilla/tools/tinderbox-configs/firefox/linux/CLOBBER

@@ -1,2 +0,0 @@
-Clobbering to pick up changes from bug 409803.
-

mozilla/tools/tinderbox-configs/firefox/linux/mozconfig

@@ -1,27 +0,0 @@
-#
-## hostname: fx-linux-tbox
-## uname: Linux fx-linux-tbox.build.mozilla.org 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
-#
-
-export CFLAGS="-gstabs+"
-export CXXFLAGS="-gstabs+"
-
-mk_add_options MOZ_CO_PROJECT=browser
-mk_add_options PROFILE_GEN_SCRIPT=@TOPSRCDIR@/build/profile_pageloader.pl
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging mozilla/tools/codesighs"
-ac_add_options --enable-application=browser
-
-ac_add_options --enable-update-channel=nightly
-ac_add_options --enable-update-packaging
-
-# Don't add explicit optimize flags here, set them in configure.in, see bug 407794.
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-#not yet
-#ac_add_options --enable-glitz
-
-ac_add_options --enable-codesighs
-
-CC=/tools/gcc/bin/gcc
-CXX=/tools/gcc/bin/g++

mozilla/tools/tinderbox-configs/firefox/linux/tinder-config.pl

@@ -1,269 +0,0 @@
-#
-## hostname: fx-linux-tbox
-## uname: Linux fx-linux-tbox.build.mozilla.org 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-# To ensure Talkback client builds properly on some Linux boxen where LANG
-# is set to "en_US.UTF-8" by default, override that setting here by setting
-# it to "en_US.iso885915" (the setting on ocean).  Proper fix is to update
-# where xrestool is called in the build system so that 'LANG=C' in its
-# environment, according to bryner.
-$ENV{LANG} = "en_US.iso885915";
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = "Firefox";
-$VendorName               = 'Mozilla';
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-#$JavaTest                 = 0;
-#$ViewerTest               = 0;
-#$BloatTest                = 0;  # warren memory bloat test
-#$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-#$DomToTextConversionTest  = 0;  
-#$XpcomGlueTest            = 0;
-$CodesizeTest             = 1;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 1;  # mZ, require mozilla/tools/codesigns
-#$MailBloatTest            = 0;
-#$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-#$QATest                   = 0;  
-#$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-$GraphNameOverride        = 'fx-linux-tbox';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-#$pageload_server          = "spider";  # localhost
-$pageload_server      = "pageload.build.mozilla.org";
-
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-#$AliveTestTimeout                 = 45;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-#$LayoutPerformanceTestTimeout     = 1200;  # entire test, seconds
-#$DHTMLPerformanceTestTimeout      = 1200;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 15;    # seconds
-#$XULWindowOpenTestTimeout	      = 150;   # seconds
-
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-#$Make          = 'gmake';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-#$blat           = 'c:/nstools/bin/blat';
-#$use_blat       = 0;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-#$moz_cvsroot   = $ENV{CVSROOT};
-# CONFIG: $moz_cvsroot   = '%mozillaCvsroot%';
-$moz_cvsroot   = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = 'obj-fx-trunk';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox-bin';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = 14;
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = 'build-announce@mozilla.org';
-$stub_installer = 0;
-$sea_installer = 0;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_pushinfo = 0;
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "Linux_x86-gcc3";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/home/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';

mozilla/tools/tinderbox-configs/firefox/macosx/CLOBBER

@@ -1 +0,0 @@
-trigger a nightly to push the fix to bug 421841 to users

mozilla/tools/tinderbox-configs/firefox/macosx/mozconfig

@@ -1,28 +0,0 @@
-#
-## hostname: bm-xserve08.build.mozilla.org
-## uname: Darwin bm-xserve08.build.mozilla.org 8.8.4 Darwin Kernel Version 8.8.4: Sun Oct 29 15:26:54 PST 2006; root:xnu-792.16.4.obj~1/RELEASE_I386 i386 i386
-#
-
-# symbols for breakpad
-export CFLAGS="-g -gfull"
-export CXXFLAGS="-g -gfull"
-
-. $topsrcdir/build/macosx/universal/mozconfig
-
-mk_add_options MOZ_MAKE_FLAGS="-j4"
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging mozilla/tools/codesighs"
-mk_add_options MOZ_CO_PROJECT="browser"
-mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../build/universal
-
-ac_add_options --enable-application=browser
-ac_add_options --enable-update-channel=nightly
-# Don't add explicit optimize flags here, set them in configure.in, see bug 407794.
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-ac_add_options --enable-update-packaging
-
-# ac_add_options --enable-official-branding
-ac_add_app_options ppc --enable-prebinding
-
-ac_add_options --enable-codesighs

mozilla/tools/tinderbox-configs/firefox/macosx/tinder-config.pl

@@ -1,269 +0,0 @@
-#
-## hostname: bm-xserve08.build.mozilla.org
-## uname: Darwin bm-xserve08.build.mozilla.org 8.8.4 Darwin Kernel Version 8.8.4: Sun Oct 29 15:26:54 PST 2006; root:xnu-792.16.4.obj~1/RELEASE_I386 i386 i386
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{NO_EM_RESTART} = "1";
-$ENV{DYLD_NO_FIX_PREBINDING} = "1";
-$ENV{LD_PREBIND_ALLOW_OVERLAP} = "1";
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-$MacUniversalBinary = 1;
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-#$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = 'Minefield';
-$VendorName               = "";
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-#$JavaTest                 = 0;
-#$ViewerTest               = 0;
-#$BloatTest                = 0;  # warren memory bloat test
-#$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-#$DomToTextConversionTest  = 0;  
-#$XpcomGlueTest            = 0;
-$CodesizeTest             = 1;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 0;  # mZ, require mozilla/tools/codesigns
-#$MailBloatTest            = 0;
-#$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$LayoutPerformanceLocalTest   = 0;  # Tp2
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-#$QATest                   = 0;  
-$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-
-$GraphNameOverride        = 'xserve08.build.mozilla.org_Fx-Trunk';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-#$pageload_server          = "spider";  # localhost
-$pageload_server          = "pageload.build.mozilla.org";  # localhost
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-$AliveTestTimeout                 = 10;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-$LayoutPerformanceTestTimeout     = 300;  # entire test, seconds
-$LayoutPerformanceLocalTestTimeout     = 180;  # entire test, seconds
-$DHTMLPerformanceTestTimeout      = 180;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 15;    # seconds
-#$XULWindowOpenTestTimeout	      = 150;   # seconds
-
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-#$Make          = 'gmake';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-#$blat           = 'c:/nstools/bin/blat';
-#$use_blat       = 0;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-# CONFIG: $moz_cvsroot = '%mozillaCvsroot%';
-$moz_cvsroot = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = '../build/universal';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Universal Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox-bin';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = "14";
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = "build-announce\@mozilla.org";
-$stub_installer = 0;
-$sea_installer = 0;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "Darwin_Universal-gcc3";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$update_pushinfo = 0;
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/Users/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';

mozilla/tools/tinderbox-configs/firefox/win32/CLOBBER

@@ -1 +0,0 @@
-Clobbering to pick up fixes from bug 419319.

mozilla/tools/tinderbox-configs/firefox/win32/mozconfig

@@ -1,20 +0,0 @@
-#
-## hostname: fx-win32-tbox
-## uname: MINGW32_NT-5.2 FX-WIN32-TBOX 1.0.11(0.46/3/2) 2007-01-12 12:05 i686 Msys
-#
-export CFLAGS="-GL -wd4624 -wd4952"
-export CXXFLAGS="-GL -wd4624 -wd4952"
-export LDFLAGS="-LTCG"
-
-mk_add_options MOZ_CO_PROJECT=browser
-mk_add_options MOZ_MAKE_FLAGS="-j5"
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging"
-mk_add_options PROFILE_GEN_SCRIPT='$(PYTHON) $(MOZ_OBJDIR)/_profile/pgo/profileserver.py'
-
-ac_add_options --enable-application=browser
-ac_add_options --enable-update-channel=nightly
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-ac_add_options --enable-update-packaging
-ac_add_options --enable-jemalloc

mozilla/tools/tinderbox-configs/firefox/win32/tinder-config.pl

@@ -1,264 +0,0 @@
-#
-## hostname: fx-win32-tbox
-## uname: MINGW32_NT-5.2 FX-WIN32-TBOX 1.0.11(0.46/3/2) 2007-01-12 12:05 i686 Msys
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{NO_EM_RESTART} = '1';
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-#$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = "Firefox";
-$VendorName               = "Mozilla";
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-$JavaTest                 = 0;
-$ViewerTest               = 0;
-$BloatTest                = 0;  # warren memory bloat test
-$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-$DomToTextConversionTest  = 0;  
-$XpcomGlueTest            = 0;
-$CodesizeTest             = 0;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 0;  # mZ, require mozilla/tools/codesigns
-$MailBloatTest            = 0;
-$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-$QATest                   = 0;  
-$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-$NeckoUnitTest            = 0;
-$RenderPerformanceTest    = 0;  # Tgfx
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-$GraphNameOverride        = 'fx-win32-tbox';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-$pageload_server          = "pageload.build.mozilla.org";  # localhost
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-#$AliveTestTimeout                 = 30;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-$LayoutPerformanceTestTimeout     = 800;  # entire test, seconds
-#$DHTMLPerformanceTestTimeout      = 1200;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 20;    # seconds
-#$XULWindowOpenTestTimeout	      = 90;   # seconds
-#$NeckoUnitTestTimeout             = 30;    # seconds
-$RenderPerformanceTestTimeout     = 1800;  # seconds
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-$Make          = 'make';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-$blat           = '/d/mozilla-build/blat261/full/blat';
-#$use_blat       = 1;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-# CONFIG: $moz_cvsroot = '%mozillaCvsroot%';
-$moz_cvsroot = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = 'obj-fx-trunk';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox.exe';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-$ProfiledBuild = 1;
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = "14";
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = 'build-announce@mozilla.org';
-$stub_installer = 0;
-$sea_installer = 1;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "WINNT_x86-msvc";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$update_pushinfo = 0;
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/c/Documents and Settings/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';