diff options
Diffstat (limited to 'comm/suite/components/security')
8 files changed, 464 insertions, 0 deletions
diff --git a/comm/suite/components/security/content/prefs/pref-certs.js b/comm/suite/components/security/content/prefs/pref-certs.js new file mode 100644 index 0000000000..a630f0aa9d --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-certs.js @@ -0,0 +1,32 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function Startup() +{ + var securityOCSPEnabled = document.getElementById("security.OCSP.enabled"); + DoEnabling(securityOCSPEnabled.value); +} + +function DoEnabling(aOCSPPrefValue) +{ + EnableElementById("requireWorkingOCSP", aOCSPPrefValue != 0, false); +} + +function OpenCertManager() +{ + document.documentElement + .openWindow("mozilla:certmanager", + "chrome://pippki/content/certManager.xul", + "", null); +} + +function OpenDeviceManager() +{ + document.documentElement + .openWindow("mozilla:devicemanager", + "chrome://pippki/content/device_manager.xul", + "", null); +} diff --git a/comm/suite/components/security/content/prefs/pref-certs.xul b/comm/suite/components/security/content/prefs/pref-certs.xul new file mode 100644 index 0000000000..3caac6499c --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-certs.xul @@ -0,0 +1,100 @@ +<?xml version="1.0"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> + +<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?> + +<!DOCTYPE overlay [ + <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd"> + %brandDTD; + <!ENTITY % prefCertsDTD SYSTEM "chrome://pippki/locale/pref-certs.dtd"> + %prefCertsDTD; + <!ENTITY % prefSslDTD SYSTEM "chrome://pippki/locale/pref-ssl.dtd"> + %prefSslDTD; +]> + +<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> + + <prefpane id="certs_pane" + label="&pref.certs.title;" + script="chrome://pippki/content/pref-certs.js"> + <preferences id="cert_preferences"> + <preference id="security.default_personal_cert" + name="security.default_personal_cert" + type="string"/> + <preference id="security.disable_button.openCertManager" + name="security.disable_button.openCertManager" + type="bool"/> + <preference id="security.disable_button.openDeviceManager" + name="security.disable_button.openDeviceManager" + type="bool"/> + <preference id="security.OCSP.enabled" + name="security.OCSP.enabled" + type="int" + onchange="DoEnabling(this.value);"/> + <preference id="security.OCSP.require" + name="security.OCSP.require" + type="bool"/> + </preferences> + + + <groupbox align="start"> + <caption label="&SSLClientAuthMethod.caption;"/> + <description>&certselect.description;</description> + <radiogroup id="certSelection" + orient="horizontal" + preference="security.default_personal_cert" + aria-labelledby="CertGroupCaption CertSelectionDesc"> + <radio value="Select Automatically" + label="&certselect.auto;" + accesskey="&certselect.auto.accesskey;"/> + <radio value="Ask Every Time" + label="&certselect.ask;" + accesskey="&certselect.ask.accesskey;"/> + </radiogroup> + </groupbox> + + <!-- Certificate manager --> + <groupbox> + <caption label="&managecerts.caption;"/> + <description>&managecerts.text;</description> + <hbox align="center"> + <button label="&managecerts.button;" + oncommand="OpenCertManager();" + id="openCertManagerButton" + accesskey="&managecerts.accesskey;" + preference="security.disable_button.openCertManager"/> + </hbox> + </groupbox> + + <!-- Device manager --> + <groupbox> + <caption label="&managedevices.caption;"/> + <description>&managedevices.text;</description> + <hbox align="center"> + <button label="&managedevices.button;" + oncommand="OpenDeviceManager();" + id="openDeviceManagerButton" + accesskey="&managedevices.accesskey;" + preference="security.disable_button.openDeviceManager"/> + </hbox> + </groupbox> + + <!-- Validation --> + <groupbox align="start"> + <caption label="&validation.ocsp.caption;"/> + <checkbox id="enableOCSPBox" + label="&enableOCSP.label;" + accesskey="&enableOCSP.accesskey;" + onsynctopreference="return +this.checked;" + preference="security.OCSP.enabled"/> + <separator class="thin"/> + <checkbox id="requireWorkingOCSP" + label="&validation.requireOCSP.description;" + accesskey="&validation.requireOCSP.accesskey;" + preference="security.OCSP.require"/> + </groupbox> + + </prefpane> +</overlay> diff --git a/comm/suite/components/security/content/prefs/pref-passwords.js b/comm/suite/components/security/content/prefs/pref-passwords.js new file mode 100644 index 0000000000..f958a37055 --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-passwords.js @@ -0,0 +1,31 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +var gInternalToken; + +function Startup() { + var tokendb = Cc["@mozilla.org/security/pk11tokendb;1"] + .getService(Ci.nsIPK11TokenDB); + gInternalToken = tokendb.getInternalKeyToken(); +} + +function ChangePW() +{ + var p = Cc["@mozilla.org/embedcomp/dialogparam;1"] + .createInstance(Ci.nsIDialogParamBlock); + p.SetString(1, ""); + window.openDialog("chrome://pippki/content/changepassword.xul", "", + "chrome,centerscreen,modal", p); +} + +function ResetPW() +{ + var p = Cc["@mozilla.org/embedcomp/dialogparam;1"] + .createInstance(Ci.nsIDialogParamBlock); + p.SetString(1, gInternalToken.tokenName); + window.openDialog("chrome://pippki/content/resetpassword.xul", "", + "chrome,centerscreen,modal", p); +} diff --git a/comm/suite/components/security/content/prefs/pref-passwords.xul b/comm/suite/components/security/content/prefs/pref-passwords.xul new file mode 100644 index 0000000000..af12060f0d --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-passwords.xul @@ -0,0 +1,82 @@ +<?xml version="1.0"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> + +<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?> + +<!DOCTYPE overlay [ + <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd"> + %brandDTD; + <!ENTITY % prefMast SYSTEM "chrome://pippki/locale/pref-masterpass.dtd"> + %prefMast; + <!ENTITY % prefPass SYSTEM "chrome://pippki/locale/pref-passwords.dtd"> + %prefPass; +]> + +<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> + <prefpane id="passwords_pane" + label="&pref.passwords.title;" + script="chrome://pippki/content/pref-passwords.js"> + + <preferences id="passwords_preferences"> + <preference id="signon.rememberSignons" + name="signon.rememberSignons" + type="bool"/> + <preference id="pref.advanced.password.disable_button.view_stored_password" + name="pref.advanced.password.disable_button.view_stored_password" + type="bool"/> + <preference id="security.disable_button.changePassword" + name="security.disable_button.changePassword" + type="bool"/> + <preference id="security.disable_button.resetPassword" + name="security.disable_button.resetPassword" + type="bool"/> + </preferences> + + <groupbox> + <caption label="&signonHeader.caption;"/> + <description>&signonDescription.label;</description> + <hbox> + <checkbox id="signonRememberSignons" + label="&signonEnabled.label;" + accesskey="&signonEnabled.accesskey;" + preference="signon.rememberSignons"/> + </hbox> + <hbox pack="end"> + <button id="viewStoredPassword" + label="&viewSignons.label;" + accesskey="&viewSignons.accesskey;" + oncommand="toDataManager('|passwords');" + preference="pref.advanced.password.disable_button.view_stored_password"/> + </hbox> + </groupbox> + + <!-- Change Password --> + <groupbox> + <caption label="&changepassword.caption;"/> + <description>&changepassword.text;</description> + <hbox> + <button label="&changepassword.button;" + oncommand="ChangePW();" + id="changePasswordButton" + accesskey="&changepassword.accesskey;" + preference="security.disable_button.changePassword"/> + </hbox> + </groupbox> + + <!-- Reset Password --> + <groupbox> + <caption label="&resetpassword.caption;"/> + <description>&resetpassword.text;</description> + <hbox> + <button label="&resetpassword2.button;" + oncommand="ResetPW();" + id="resetPasswordButton" + accesskey="&resetpassword2.accesskey;" + preference="security.disable_button.resetPassword"/> + </hbox> + </groupbox> + + </prefpane> +</overlay> diff --git a/comm/suite/components/security/content/prefs/pref-ssl.js b/comm/suite/components/security/content/prefs/pref-ssl.js new file mode 100644 index 0000000000..1e807f7402 --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-ssl.js @@ -0,0 +1,82 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function Startup() +{ + // map associating preference values with checkbox element IDs + gSslPrefElements = new Map([[1, "allowTLS10"], + [2, "allowTLS11"], + [3, "allowTLS12"], + [4, "allowTLS13"]]); + + // initial setting of checkboxes based on preference values + UpdateSslBoxes(); +} + +function UpdateSslBoxes() +{ + // get minimum and maximum allowed protocol and locked status + let minVersion = document.getElementById("security.tls.version.min").value; + let maxVersion = document.getElementById("security.tls.version.max").value; + let minLocked = document.getElementById("security.tls.version.min").locked; + let maxLocked = document.getElementById("security.tls.version.max").locked; + + // check if allowable limits are violated, use default values if they are + if (minVersion > maxVersion || !gSslPrefElements.has(minVersion) + || !gSslPrefElements.has(maxVersion)) + { + minVersion = document.getElementById("security.tls.version.min").defaultValue; + maxVersion = document.getElementById("security.tls.version.max").defaultValue; + } + + // set checked, disabled, and locked status for each protocol checkbox + for (let [version, id] of gSslPrefElements) + { + let currentBox = document.getElementById(id); + currentBox.checked = version >= minVersion && version <= maxVersion; + + if ((minLocked && maxLocked) || (minLocked && version <= minVersion) || + (maxLocked && version >= maxVersion)) + { + // boxes subject to a preference's locked status are disabled and grayed + currentBox.removeAttribute("nogray"); + currentBox.disabled = true; + } + else + { + // boxes which the user can't uncheck are disabled but not grayed + currentBox.setAttribute("nogray", "true"); + currentBox.disabled = (version > minVersion && version < maxVersion) || + (version == minVersion && version == maxVersion); + } + } +} + +function UpdateSslPrefs() +{ + // this is called whenever a checkbox changes + let minVersion = -1; + let maxVersion = -1; + + // find the first and last checkboxes which are now checked + for (let [version, id] of gSslPrefElements) + { + if (document.getElementById(id).checked) + { + if (minVersion < 0) // first box checked + minVersion = version; + maxVersion = version; // last box checked so far + } + } + + // if minVersion is valid, then maxVersion is as well -> update prefs + if (minVersion >= 0) + { + document.getElementById("security.tls.version.min").value = minVersion; + document.getElementById("security.tls.version.max").value = maxVersion; + } + + // update checkbox values and visibility based on prefs again + UpdateSslBoxes(); +} diff --git a/comm/suite/components/security/content/prefs/pref-ssl.xul b/comm/suite/components/security/content/prefs/pref-ssl.xul new file mode 100644 index 0000000000..8541c0f2a1 --- /dev/null +++ b/comm/suite/components/security/content/prefs/pref-ssl.xul @@ -0,0 +1,120 @@ +<?xml version="1.0"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> + +<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?> + +<!DOCTYPE overlay [ + <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd"> + %brandDTD; + <!ENTITY % prefSslDTD SYSTEM "chrome://pippki/locale/pref-ssl.dtd"> + %prefSslDTD; +]> + +<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> + + <prefpane id="ssl_pane" + label="&pref.ssltls.title;" + script="chrome://pippki/content/pref-ssl.js"> + <preferences id="ssl_preferences"> + <preference id="security.tls.version.min" + name="security.tls.version.min" + type="int"/> + <preference id="security.tls.version.max" + name="security.tls.version.max" + type="int"/> + <preference id="security.warn_entering_secure" + name="security.warn_entering_secure" + type="bool"/> + <preference id="security.warn_leaving_secure" + name="security.warn_leaving_secure" + type="bool"/> + <preference id="security.warn_submit_insecure" + name="security.warn_submit_insecure" + type="bool"/> + <preference id="security.warn_mixed_active_content" + name="security.warn_mixed_active_content" + type="bool"/> + <preference id="security.mixed_content.block_active_content" + name="security.mixed_content.block_active_content" + type="bool"/> + <preference id="security.warn_mixed_display_content" + name="security.warn_mixed_display_content" + type="bool"/> + <preference id="security.mixed_content.block_display_content" + name="security.mixed_content.block_display_content" + type="bool"/> + </preferences> + + <groupbox align="start"> + <caption label="&SSLTLSProtocolVersions.caption;"/> + <description>&limit.description;</description> + + <hbox align="center"> + <label id="allowEnable" + value="&limit.enable.label;"/> + <checkbox id="allowTLS10" + class="nogray-disabled" + label="&limit.tls10.label;" + accesskey="&limit.tls10.accesskey;" + oncommand="UpdateSslPrefs();"/> + <checkbox id="allowTLS11" + class="nogray-disabled" + label="&limit.tls11.label;" + accesskey="&limit.tls11.accesskey;" + oncommand="UpdateSslPrefs();"/> + <checkbox id="allowTLS12" + class="nogray-disabled" + label="&limit.tls12.label;" + accesskey="&limit.tls12.accesskey;" + oncommand="UpdateSslPrefs();"/> + <checkbox id="allowTLS13" + class="nogray-disabled" + label="&limit.tls13.label;" + accesskey="&limit.tls13.accesskey;" + oncommand="UpdateSslPrefs();"/> + </hbox> + + </groupbox> + + <groupbox align="start"> + <caption label="&SSLTLSWarnings.caption;"/> + <description>&warn.description2;</description> + <checkbox id="warnEnteringSecure" + label="&warn.enteringsecure;" + accesskey="&warn.enteringsecure.accesskey;" + preference="security.warn_entering_secure"/> + <checkbox id="warnLeavingSecure" + label="&warn.leavingsecure;" + accesskey="&warn.leavingsecure.accesskey;" + preference="security.warn_leaving_secure"/> + <checkbox id="warnInsecurePost" + label="&warn.insecurepost;" + accesskey="&warn.insecurepost.accesskey;" + preference="security.warn_submit_insecure"/> + </groupbox> + + <groupbox align="start"> + <caption label="&SSLMixedContent.caption;"/> + <description>&mixed.description;</description> + <checkbox id="warnMixedActiveContent" + label="&warn.mixedactivecontent;" + accesskey="&warn.mixedactivecontent.accesskey;" + preference="security.warn_mixed_active_content"/> + <checkbox id="blockActiveContent" + label="&block.activecontent;" + accesskey="&block.activecontent.accesskey;" + preference="security.mixed_content.block_active_content"/> + <checkbox id="warnMixedDisplayContent" + label="&warn.mixeddisplaycontent;" + accesskey="&warn.mixeddisplaycontent.accesskey;" + preference="security.warn_mixed_display_content"/> + <checkbox id="blockDisplayContent" + label="&block.displaycontent;" + accesskey="&block.displaycontent.accesskey;" + preference="security.mixed_content.block_display_content"/> + </groupbox> + + </prefpane> +</overlay> diff --git a/comm/suite/components/security/jar.mn b/comm/suite/components/security/jar.mn new file mode 100644 index 0000000000..e98909e681 --- /dev/null +++ b/comm/suite/components/security/jar.mn @@ -0,0 +1,11 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +pippki.jar: + content/pippki/pref-certs.js (content/prefs/pref-certs.js) + content/pippki/pref-certs.xul (content/prefs/pref-certs.xul) + content/pippki/pref-passwords.js (content/prefs/pref-passwords.js) + content/pippki/pref-passwords.xul (content/prefs/pref-passwords.xul) + content/pippki/pref-ssl.js (content/prefs/pref-ssl.js) + content/pippki/pref-ssl.xul (content/prefs/pref-ssl.xul) diff --git a/comm/suite/components/security/moz.build b/comm/suite/components/security/moz.build new file mode 100644 index 0000000000..de5cd1bf81 --- /dev/null +++ b/comm/suite/components/security/moz.build @@ -0,0 +1,6 @@ +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +JAR_MANIFESTS += ["jar.mn"] |