summaryrefslogtreecommitdiffstats
path: root/comm/suite/components/security
diff options
context:
space:
mode:
Diffstat (limited to 'comm/suite/components/security')
-rw-r--r--comm/suite/components/security/content/prefs/pref-certs.js32
-rw-r--r--comm/suite/components/security/content/prefs/pref-certs.xul100
-rw-r--r--comm/suite/components/security/content/prefs/pref-passwords.js31
-rw-r--r--comm/suite/components/security/content/prefs/pref-passwords.xul82
-rw-r--r--comm/suite/components/security/content/prefs/pref-ssl.js82
-rw-r--r--comm/suite/components/security/content/prefs/pref-ssl.xul120
-rw-r--r--comm/suite/components/security/jar.mn11
-rw-r--r--comm/suite/components/security/moz.build6
8 files changed, 464 insertions, 0 deletions
diff --git a/comm/suite/components/security/content/prefs/pref-certs.js b/comm/suite/components/security/content/prefs/pref-certs.js
new file mode 100644
index 0000000000..a630f0aa9d
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-certs.js
@@ -0,0 +1,32 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function Startup()
+{
+ var securityOCSPEnabled = document.getElementById("security.OCSP.enabled");
+ DoEnabling(securityOCSPEnabled.value);
+}
+
+function DoEnabling(aOCSPPrefValue)
+{
+ EnableElementById("requireWorkingOCSP", aOCSPPrefValue != 0, false);
+}
+
+function OpenCertManager()
+{
+ document.documentElement
+ .openWindow("mozilla:certmanager",
+ "chrome://pippki/content/certManager.xul",
+ "", null);
+}
+
+function OpenDeviceManager()
+{
+ document.documentElement
+ .openWindow("mozilla:devicemanager",
+ "chrome://pippki/content/device_manager.xul",
+ "", null);
+}
diff --git a/comm/suite/components/security/content/prefs/pref-certs.xul b/comm/suite/components/security/content/prefs/pref-certs.xul
new file mode 100644
index 0000000000..3caac6499c
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-certs.xul
@@ -0,0 +1,100 @@
+<?xml version="1.0"?>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?>
+
+<!DOCTYPE overlay [
+ <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd">
+ %brandDTD;
+ <!ENTITY % prefCertsDTD SYSTEM "chrome://pippki/locale/pref-certs.dtd">
+ %prefCertsDTD;
+ <!ENTITY % prefSslDTD SYSTEM "chrome://pippki/locale/pref-ssl.dtd">
+ %prefSslDTD;
+]>
+
+<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+ <prefpane id="certs_pane"
+ label="&pref.certs.title;"
+ script="chrome://pippki/content/pref-certs.js">
+ <preferences id="cert_preferences">
+ <preference id="security.default_personal_cert"
+ name="security.default_personal_cert"
+ type="string"/>
+ <preference id="security.disable_button.openCertManager"
+ name="security.disable_button.openCertManager"
+ type="bool"/>
+ <preference id="security.disable_button.openDeviceManager"
+ name="security.disable_button.openDeviceManager"
+ type="bool"/>
+ <preference id="security.OCSP.enabled"
+ name="security.OCSP.enabled"
+ type="int"
+ onchange="DoEnabling(this.value);"/>
+ <preference id="security.OCSP.require"
+ name="security.OCSP.require"
+ type="bool"/>
+ </preferences>
+
+
+ <groupbox align="start">
+ <caption label="&SSLClientAuthMethod.caption;"/>
+ <description>&certselect.description;</description>
+ <radiogroup id="certSelection"
+ orient="horizontal"
+ preference="security.default_personal_cert"
+ aria-labelledby="CertGroupCaption CertSelectionDesc">
+ <radio value="Select Automatically"
+ label="&certselect.auto;"
+ accesskey="&certselect.auto.accesskey;"/>
+ <radio value="Ask Every Time"
+ label="&certselect.ask;"
+ accesskey="&certselect.ask.accesskey;"/>
+ </radiogroup>
+ </groupbox>
+
+ <!-- Certificate manager -->
+ <groupbox>
+ <caption label="&managecerts.caption;"/>
+ <description>&managecerts.text;</description>
+ <hbox align="center">
+ <button label="&managecerts.button;"
+ oncommand="OpenCertManager();"
+ id="openCertManagerButton"
+ accesskey="&managecerts.accesskey;"
+ preference="security.disable_button.openCertManager"/>
+ </hbox>
+ </groupbox>
+
+ <!-- Device manager -->
+ <groupbox>
+ <caption label="&managedevices.caption;"/>
+ <description>&managedevices.text;</description>
+ <hbox align="center">
+ <button label="&managedevices.button;"
+ oncommand="OpenDeviceManager();"
+ id="openDeviceManagerButton"
+ accesskey="&managedevices.accesskey;"
+ preference="security.disable_button.openDeviceManager"/>
+ </hbox>
+ </groupbox>
+
+ <!-- Validation -->
+ <groupbox align="start">
+ <caption label="&validation.ocsp.caption;"/>
+ <checkbox id="enableOCSPBox"
+ label="&enableOCSP.label;"
+ accesskey="&enableOCSP.accesskey;"
+ onsynctopreference="return +this.checked;"
+ preference="security.OCSP.enabled"/>
+ <separator class="thin"/>
+ <checkbox id="requireWorkingOCSP"
+ label="&validation.requireOCSP.description;"
+ accesskey="&validation.requireOCSP.accesskey;"
+ preference="security.OCSP.require"/>
+ </groupbox>
+
+ </prefpane>
+</overlay>
diff --git a/comm/suite/components/security/content/prefs/pref-passwords.js b/comm/suite/components/security/content/prefs/pref-passwords.js
new file mode 100644
index 0000000000..f958a37055
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-passwords.js
@@ -0,0 +1,31 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+var gInternalToken;
+
+function Startup() {
+ var tokendb = Cc["@mozilla.org/security/pk11tokendb;1"]
+ .getService(Ci.nsIPK11TokenDB);
+ gInternalToken = tokendb.getInternalKeyToken();
+}
+
+function ChangePW()
+{
+ var p = Cc["@mozilla.org/embedcomp/dialogparam;1"]
+ .createInstance(Ci.nsIDialogParamBlock);
+ p.SetString(1, "");
+ window.openDialog("chrome://pippki/content/changepassword.xul", "",
+ "chrome,centerscreen,modal", p);
+}
+
+function ResetPW()
+{
+ var p = Cc["@mozilla.org/embedcomp/dialogparam;1"]
+ .createInstance(Ci.nsIDialogParamBlock);
+ p.SetString(1, gInternalToken.tokenName);
+ window.openDialog("chrome://pippki/content/resetpassword.xul", "",
+ "chrome,centerscreen,modal", p);
+}
diff --git a/comm/suite/components/security/content/prefs/pref-passwords.xul b/comm/suite/components/security/content/prefs/pref-passwords.xul
new file mode 100644
index 0000000000..af12060f0d
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-passwords.xul
@@ -0,0 +1,82 @@
+<?xml version="1.0"?>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?>
+
+<!DOCTYPE overlay [
+ <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd">
+ %brandDTD;
+ <!ENTITY % prefMast SYSTEM "chrome://pippki/locale/pref-masterpass.dtd">
+ %prefMast;
+ <!ENTITY % prefPass SYSTEM "chrome://pippki/locale/pref-passwords.dtd">
+ %prefPass;
+]>
+
+<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+ <prefpane id="passwords_pane"
+ label="&pref.passwords.title;"
+ script="chrome://pippki/content/pref-passwords.js">
+
+ <preferences id="passwords_preferences">
+ <preference id="signon.rememberSignons"
+ name="signon.rememberSignons"
+ type="bool"/>
+ <preference id="pref.advanced.password.disable_button.view_stored_password"
+ name="pref.advanced.password.disable_button.view_stored_password"
+ type="bool"/>
+ <preference id="security.disable_button.changePassword"
+ name="security.disable_button.changePassword"
+ type="bool"/>
+ <preference id="security.disable_button.resetPassword"
+ name="security.disable_button.resetPassword"
+ type="bool"/>
+ </preferences>
+
+ <groupbox>
+ <caption label="&signonHeader.caption;"/>
+ <description>&signonDescription.label;</description>
+ <hbox>
+ <checkbox id="signonRememberSignons"
+ label="&signonEnabled.label;"
+ accesskey="&signonEnabled.accesskey;"
+ preference="signon.rememberSignons"/>
+ </hbox>
+ <hbox pack="end">
+ <button id="viewStoredPassword"
+ label="&viewSignons.label;"
+ accesskey="&viewSignons.accesskey;"
+ oncommand="toDataManager('|passwords');"
+ preference="pref.advanced.password.disable_button.view_stored_password"/>
+ </hbox>
+ </groupbox>
+
+ <!-- Change Password -->
+ <groupbox>
+ <caption label="&changepassword.caption;"/>
+ <description>&changepassword.text;</description>
+ <hbox>
+ <button label="&changepassword.button;"
+ oncommand="ChangePW();"
+ id="changePasswordButton"
+ accesskey="&changepassword.accesskey;"
+ preference="security.disable_button.changePassword"/>
+ </hbox>
+ </groupbox>
+
+ <!-- Reset Password -->
+ <groupbox>
+ <caption label="&resetpassword.caption;"/>
+ <description>&resetpassword.text;</description>
+ <hbox>
+ <button label="&resetpassword2.button;"
+ oncommand="ResetPW();"
+ id="resetPasswordButton"
+ accesskey="&resetpassword2.accesskey;"
+ preference="security.disable_button.resetPassword"/>
+ </hbox>
+ </groupbox>
+
+ </prefpane>
+</overlay>
diff --git a/comm/suite/components/security/content/prefs/pref-ssl.js b/comm/suite/components/security/content/prefs/pref-ssl.js
new file mode 100644
index 0000000000..1e807f7402
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-ssl.js
@@ -0,0 +1,82 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function Startup()
+{
+ // map associating preference values with checkbox element IDs
+ gSslPrefElements = new Map([[1, "allowTLS10"],
+ [2, "allowTLS11"],
+ [3, "allowTLS12"],
+ [4, "allowTLS13"]]);
+
+ // initial setting of checkboxes based on preference values
+ UpdateSslBoxes();
+}
+
+function UpdateSslBoxes()
+{
+ // get minimum and maximum allowed protocol and locked status
+ let minVersion = document.getElementById("security.tls.version.min").value;
+ let maxVersion = document.getElementById("security.tls.version.max").value;
+ let minLocked = document.getElementById("security.tls.version.min").locked;
+ let maxLocked = document.getElementById("security.tls.version.max").locked;
+
+ // check if allowable limits are violated, use default values if they are
+ if (minVersion > maxVersion || !gSslPrefElements.has(minVersion)
+ || !gSslPrefElements.has(maxVersion))
+ {
+ minVersion = document.getElementById("security.tls.version.min").defaultValue;
+ maxVersion = document.getElementById("security.tls.version.max").defaultValue;
+ }
+
+ // set checked, disabled, and locked status for each protocol checkbox
+ for (let [version, id] of gSslPrefElements)
+ {
+ let currentBox = document.getElementById(id);
+ currentBox.checked = version >= minVersion && version <= maxVersion;
+
+ if ((minLocked && maxLocked) || (minLocked && version <= minVersion) ||
+ (maxLocked && version >= maxVersion))
+ {
+ // boxes subject to a preference's locked status are disabled and grayed
+ currentBox.removeAttribute("nogray");
+ currentBox.disabled = true;
+ }
+ else
+ {
+ // boxes which the user can't uncheck are disabled but not grayed
+ currentBox.setAttribute("nogray", "true");
+ currentBox.disabled = (version > minVersion && version < maxVersion) ||
+ (version == minVersion && version == maxVersion);
+ }
+ }
+}
+
+function UpdateSslPrefs()
+{
+ // this is called whenever a checkbox changes
+ let minVersion = -1;
+ let maxVersion = -1;
+
+ // find the first and last checkboxes which are now checked
+ for (let [version, id] of gSslPrefElements)
+ {
+ if (document.getElementById(id).checked)
+ {
+ if (minVersion < 0) // first box checked
+ minVersion = version;
+ maxVersion = version; // last box checked so far
+ }
+ }
+
+ // if minVersion is valid, then maxVersion is as well -> update prefs
+ if (minVersion >= 0)
+ {
+ document.getElementById("security.tls.version.min").value = minVersion;
+ document.getElementById("security.tls.version.max").value = maxVersion;
+ }
+
+ // update checkbox values and visibility based on prefs again
+ UpdateSslBoxes();
+}
diff --git a/comm/suite/components/security/content/prefs/pref-ssl.xul b/comm/suite/components/security/content/prefs/pref-ssl.xul
new file mode 100644
index 0000000000..8541c0f2a1
--- /dev/null
+++ b/comm/suite/components/security/content/prefs/pref-ssl.xul
@@ -0,0 +1,120 @@
+<?xml version="1.0"?>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<?xml-stylesheet href="chrome://communicator/skin/" type="text/css"?>
+
+<!DOCTYPE overlay [
+ <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd">
+ %brandDTD;
+ <!ENTITY % prefSslDTD SYSTEM "chrome://pippki/locale/pref-ssl.dtd">
+ %prefSslDTD;
+]>
+
+<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+
+ <prefpane id="ssl_pane"
+ label="&pref.ssltls.title;"
+ script="chrome://pippki/content/pref-ssl.js">
+ <preferences id="ssl_preferences">
+ <preference id="security.tls.version.min"
+ name="security.tls.version.min"
+ type="int"/>
+ <preference id="security.tls.version.max"
+ name="security.tls.version.max"
+ type="int"/>
+ <preference id="security.warn_entering_secure"
+ name="security.warn_entering_secure"
+ type="bool"/>
+ <preference id="security.warn_leaving_secure"
+ name="security.warn_leaving_secure"
+ type="bool"/>
+ <preference id="security.warn_submit_insecure"
+ name="security.warn_submit_insecure"
+ type="bool"/>
+ <preference id="security.warn_mixed_active_content"
+ name="security.warn_mixed_active_content"
+ type="bool"/>
+ <preference id="security.mixed_content.block_active_content"
+ name="security.mixed_content.block_active_content"
+ type="bool"/>
+ <preference id="security.warn_mixed_display_content"
+ name="security.warn_mixed_display_content"
+ type="bool"/>
+ <preference id="security.mixed_content.block_display_content"
+ name="security.mixed_content.block_display_content"
+ type="bool"/>
+ </preferences>
+
+ <groupbox align="start">
+ <caption label="&SSLTLSProtocolVersions.caption;"/>
+ <description>&limit.description;</description>
+
+ <hbox align="center">
+ <label id="allowEnable"
+ value="&limit.enable.label;"/>
+ <checkbox id="allowTLS10"
+ class="nogray-disabled"
+ label="&limit.tls10.label;"
+ accesskey="&limit.tls10.accesskey;"
+ oncommand="UpdateSslPrefs();"/>
+ <checkbox id="allowTLS11"
+ class="nogray-disabled"
+ label="&limit.tls11.label;"
+ accesskey="&limit.tls11.accesskey;"
+ oncommand="UpdateSslPrefs();"/>
+ <checkbox id="allowTLS12"
+ class="nogray-disabled"
+ label="&limit.tls12.label;"
+ accesskey="&limit.tls12.accesskey;"
+ oncommand="UpdateSslPrefs();"/>
+ <checkbox id="allowTLS13"
+ class="nogray-disabled"
+ label="&limit.tls13.label;"
+ accesskey="&limit.tls13.accesskey;"
+ oncommand="UpdateSslPrefs();"/>
+ </hbox>
+
+ </groupbox>
+
+ <groupbox align="start">
+ <caption label="&SSLTLSWarnings.caption;"/>
+ <description>&warn.description2;</description>
+ <checkbox id="warnEnteringSecure"
+ label="&warn.enteringsecure;"
+ accesskey="&warn.enteringsecure.accesskey;"
+ preference="security.warn_entering_secure"/>
+ <checkbox id="warnLeavingSecure"
+ label="&warn.leavingsecure;"
+ accesskey="&warn.leavingsecure.accesskey;"
+ preference="security.warn_leaving_secure"/>
+ <checkbox id="warnInsecurePost"
+ label="&warn.insecurepost;"
+ accesskey="&warn.insecurepost.accesskey;"
+ preference="security.warn_submit_insecure"/>
+ </groupbox>
+
+ <groupbox align="start">
+ <caption label="&SSLMixedContent.caption;"/>
+ <description>&mixed.description;</description>
+ <checkbox id="warnMixedActiveContent"
+ label="&warn.mixedactivecontent;"
+ accesskey="&warn.mixedactivecontent.accesskey;"
+ preference="security.warn_mixed_active_content"/>
+ <checkbox id="blockActiveContent"
+ label="&block.activecontent;"
+ accesskey="&block.activecontent.accesskey;"
+ preference="security.mixed_content.block_active_content"/>
+ <checkbox id="warnMixedDisplayContent"
+ label="&warn.mixeddisplaycontent;"
+ accesskey="&warn.mixeddisplaycontent.accesskey;"
+ preference="security.warn_mixed_display_content"/>
+ <checkbox id="blockDisplayContent"
+ label="&block.displaycontent;"
+ accesskey="&block.displaycontent.accesskey;"
+ preference="security.mixed_content.block_display_content"/>
+ </groupbox>
+
+ </prefpane>
+</overlay>
diff --git a/comm/suite/components/security/jar.mn b/comm/suite/components/security/jar.mn
new file mode 100644
index 0000000000..e98909e681
--- /dev/null
+++ b/comm/suite/components/security/jar.mn
@@ -0,0 +1,11 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+pippki.jar:
+ content/pippki/pref-certs.js (content/prefs/pref-certs.js)
+ content/pippki/pref-certs.xul (content/prefs/pref-certs.xul)
+ content/pippki/pref-passwords.js (content/prefs/pref-passwords.js)
+ content/pippki/pref-passwords.xul (content/prefs/pref-passwords.xul)
+ content/pippki/pref-ssl.js (content/prefs/pref-ssl.js)
+ content/pippki/pref-ssl.xul (content/prefs/pref-ssl.xul)
diff --git a/comm/suite/components/security/moz.build b/comm/suite/components/security/moz.build
new file mode 100644
index 0000000000..de5cd1bf81
--- /dev/null
+++ b/comm/suite/components/security/moz.build
@@ -0,0 +1,6 @@
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+JAR_MANIFESTS += ["jar.mn"]