From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 19:32:43 +0200
Subject: Adding upstream version 1:115.7.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 toolkit/mozapps/preferences/changemp.js | 220 ++++++++++++++++++++++++++++++++
 1 file changed, 220 insertions(+)
 create mode 100644 toolkit/mozapps/preferences/changemp.js

(limited to 'toolkit/mozapps/preferences/changemp.js')

diff --git a/toolkit/mozapps/preferences/changemp.js b/toolkit/mozapps/preferences/changemp.js
new file mode 100644
index 0000000000..2062d497df
--- /dev/null
+++ b/toolkit/mozapps/preferences/changemp.js
@@ -0,0 +1,220 @@
+// -*- tab-width: 2; indent-tabs-mode: nil; js-indent-level: 2 -*-
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
+const nsIPK11TokenDB = Ci.nsIPK11TokenDB;
+const nsIDialogParamBlock = Ci.nsIDialogParamBlock;
+const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
+const nsIPKCS11ModuleDB = Ci.nsIPKCS11ModuleDB;
+const nsIPKCS11Slot = Ci.nsIPKCS11Slot;
+const nsIPK11Token = Ci.nsIPK11Token;
+
+var params;
+var pw1;
+
+function init() {
+  pw1 = document.getElementById("pw1");
+
+  process();
+  document.addEventListener("dialogaccept", setPassword);
+}
+
+function process() {
+  // If the token is unitialized, don't use the old password box.
+  // Otherwise, do.
+
+  let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
+    Ci.nsIPK11TokenDB
+  );
+  let token = tokenDB.getInternalKeyToken();
+  if (token) {
+    let oldpwbox = document.getElementById("oldpw");
+    let msgBox = document.getElementById("message");
+    if ((token.needsLogin() && token.needsUserInit) || !token.needsLogin()) {
+      oldpwbox.hidden = true;
+      msgBox.hidden = false;
+
+      if (!token.needsLogin()) {
+        oldpwbox.setAttribute("inited", "empty");
+      } else {
+        oldpwbox.setAttribute("inited", "true");
+      }
+
+      // Select first password field
+      document.getElementById("pw1").focus();
+    } else {
+      // Select old password field
+      oldpwbox.hidden = false;
+      msgBox.hidden = true;
+      oldpwbox.setAttribute("inited", "false");
+      oldpwbox.focus();
+    }
+  }
+
+  if (
+    !token.hasPassword &&
+    !Services.policies.isAllowed("removeMasterPassword")
+  ) {
+    document.getElementById("admin").hidden = false;
+  }
+
+  if (params) {
+    // Return value 0 means "canceled"
+    params.SetInt(1, 0);
+  }
+
+  checkPasswords();
+}
+
+async function createAlert(titleL10nId, messageL10nId) {
+  const [title, message] = await document.l10n.formatValues([
+    { id: titleL10nId },
+    { id: messageL10nId },
+  ]);
+  Services.prompt.alert(window, title, message);
+}
+
+function setPassword() {
+  var pk11db = Cc[nsPK11TokenDB].getService(nsIPK11TokenDB);
+  var token = pk11db.getInternalKeyToken();
+
+  var oldpwbox = document.getElementById("oldpw");
+  var initpw = oldpwbox.getAttribute("inited");
+
+  if (initpw == "false" || initpw == "empty") {
+    try {
+      var oldpw = "";
+      var passok = 0;
+
+      if (initpw == "empty") {
+        passok = 1;
+      } else {
+        oldpw = oldpwbox.value;
+        passok = token.checkPassword(oldpw);
+      }
+
+      if (passok) {
+        if (initpw == "empty" && pw1.value == "") {
+          // This makes no sense that we arrive here,
+          // we reached a case that should have been prevented by checkPasswords.
+        } else {
+          if (pw1.value == "") {
+            var secmoddb = Cc[nsPKCS11ModuleDB].getService(nsIPKCS11ModuleDB);
+            if (secmoddb.isFIPSEnabled) {
+              // empty passwords are not allowed in FIPS mode
+              createAlert(
+                "pw-change-failed-title",
+                "pp-change2empty-in-fips-mode"
+              );
+              passok = 0;
+            }
+          }
+          if (passok) {
+            token.changePassword(oldpw, pw1.value);
+            if (pw1.value == "") {
+              createAlert("pw-change-success-title", "settings-pp-erased-ok");
+            } else {
+              createAlert("pw-change-success-title", "pp-change-ok");
+            }
+          }
+        }
+      } else {
+        oldpwbox.focus();
+        oldpwbox.setAttribute("value", "");
+        createAlert("pw-change-failed-title", "incorrect-pp");
+      }
+    } catch (e) {
+      console.error(e);
+      createAlert("pw-change-failed-title", "failed-pp-change");
+    }
+  } else {
+    token.initPassword(pw1.value);
+    if (pw1.value == "") {
+      createAlert("pw-change-success-title", "settings-pp-not-wanted");
+    }
+  }
+}
+
+function setPasswordStrength() {
+  // Here is how we weigh the quality of the password
+  // number of characters
+  // numbers
+  // non-alpha-numeric chars
+  // upper and lower case characters
+
+  var pw = document.getElementById("pw1").value;
+
+  // length of the password
+  var pwlength = pw.length;
+  if (pwlength > 5) {
+    pwlength = 5;
+  }
+
+  // use of numbers in the password
+  var numnumeric = pw.replace(/[0-9]/g, "");
+  var numeric = pw.length - numnumeric.length;
+  if (numeric > 3) {
+    numeric = 3;
+  }
+
+  // use of symbols in the password
+  var symbols = pw.replace(/\W/g, "");
+  var numsymbols = pw.length - symbols.length;
+  if (numsymbols > 3) {
+    numsymbols = 3;
+  }
+
+  // use of uppercase in the password
+  var numupper = pw.replace(/[A-Z]/g, "");
+  var upper = pw.length - numupper.length;
+  if (upper > 3) {
+    upper = 3;
+  }
+
+  var pwstrength =
+    pwlength * 10 - 20 + numeric * 10 + numsymbols * 15 + upper * 10;
+
+  // make sure we're give a value between 0 and 100
+  if (pwstrength < 0) {
+    pwstrength = 0;
+  }
+
+  if (pwstrength > 100) {
+    pwstrength = 100;
+  }
+
+  var mymeter = document.getElementById("pwmeter");
+  mymeter.value = pwstrength;
+}
+
+function checkPasswords() {
+  var pw1 = document.getElementById("pw1").value;
+  var pw2 = document.getElementById("pw2").value;
+  var ok = document.getElementById("changemp").getButton("accept");
+
+  var oldpwbox = document.getElementById("oldpw");
+  if (oldpwbox) {
+    var initpw = oldpwbox.getAttribute("inited");
+
+    if (initpw == "empty" && pw1 == "") {
+      // The token has already been initialized, therefore this dialog
+      // was called with the intention to change the password.
+      // The token currently uses an empty password.
+      // We will not allow changing the password from empty to empty.
+      ok.setAttribute("disabled", "true");
+      return;
+    }
+  }
+
+  if (
+    pw1 == pw2 &&
+    (pw1 != "" || Services.policies.isAllowed("removeMasterPassword"))
+  ) {
+    ok.setAttribute("disabled", "false");
+  } else {
+    ok.setAttribute("disabled", "true");
+  }
+}
-- 
cgit v1.2.3