1 files changed, 95 insertions, 0 deletions
diff --git a/udkapi/com/sun/star/connection/SocketPermission.idl b/udkapi/com/sun/star/connection/SocketPermission.idl
new file mode 100644
index 000000000..7f838a25f
--- /dev/null
+++ b/udkapi/com/sun/star/connection/SocketPermission.idl
@@ -0,0 +1,95 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+#ifndef __com_sun_star_connection_SocketPermission_idl__
+#define __com_sun_star_connection_SocketPermission_idl__
+
+
+module com {  module sun {  module star {  module connection {
+
+
+/** This permission represents access to a network via sockets.
+    A SocketPermission consists of a host specification and a set of actions
+    specifying ways to connect to that host.  The host is specified as
+    <pre>
+    host = (hostname | IPaddress)[:portrange]
+    portrange = portnumber | -portnumber | portnumber-[portnumber]
+    </pre>
+    The host is expressed as a DNS name, as a numerical IP address, or as
+    <code>"localhost"</code> (for the local machine).  The wildcard <code>"*"</code>
+     may be included once
+    in a DNS name host specification.  If it is included, it must be in the
+    leftmost position, as in <code>"*.sun.com"</code>.
+    <br>
+    The port or portrange is optional.  A port specification of the form <code>"N-"</code>,
+    where <code>N</code> is a port number, signifies all ports numbered <code>N</code> and above,
+    while a specification of the form <code>"-N"</code> indicates all ports numbered
+    <code>N</code> and below.
+
+    <p>
+    The possible ways to connect to the host are
+    <ul>
+    <li><code>accept</code></li>
+    <li><code>connect</code></li>
+    <li><code>listen</code></li>
+    <li><code>resolve</code></li>
+    </ul><br>
+    The <code>"listen"</code> action is only meaningful when used with <code>"localhost"</code>.
+    The <code>"resolve"</code> (resolve host/ip name service lookups) action is implied when
+    any of the other actions are present.
+    <br>
+    As an example of the creation and meaning of SocketPermissions, note that if
+    the following permission
+<pre>
+SocketPermission("foo.bar.com:7777", "connect,accept");
+</pre>
+    is granted, it allows to connect to port 7777 on foo.bar.com, and to
+    accept connections on that port.
+    <br>
+    Similarly, if the following permission
+<pre>
+SocketPermission("localhost:1024-", "accept,connect,listen");
+</pre>
+    is granted, it allows that code to accept connections on, connect to, or listen
+    on any port between 1024 and 65535 on the local host.
+    </p>
+
+    @attention
+    Granting code permission to accept or make connections to remote hosts may be
+    dangerous because malevolent code can then more easily transfer and share
+    confidential data among parties who may not otherwise have access to the data.
+    </p>
+
+    @since OOo 1.1.2
+*/
+published struct SocketPermission
+{
+    /** target host with optional portrange
+    */
+    string Host;
+    /** comma separated actions list
+    */
+    string Actions;
+};
+
+
+}; }; }; };
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */