nsReadConfig.cpp - mozsearch

mozilla-central/extensions/pref/autoconfig/src/nsReadConfig.cpp (file symbol)

Enable keyboard shortcuts

Source code

Revision control

Copy as Markdown

Other Tools

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsReadConfig.h"

#include "nsJSConfigTriggers.h"

#include "mozilla/Logging.h"

#include "mozilla/Components.h"

#include "nsAppDirectoryServiceDefs.h"

#include "nsIAppStartup.h"

#include "nsIChannel.h"

#include "nsContentUtils.h"

#include "nsDirectoryServiceDefs.h"

#include "nsIFile.h"

#include "nsIInputStream.h"

#include "nsIObserverService.h"

#include "nsIPrefBranch.h"

#include "nsIPrefService.h"

#include "nsIPromptService.h"

#include "nsIStringBundle.h"

#include "nsNetUtil.h"

#include "nsString.h"

#include "nsCRT.h"

#include "nspr.h"

#include "nsXULAppAPI.h"

#if defined(MOZ_WIDGET_GTK)

#  include "mozilla/WidgetUtilsGtk.h"

#endif  // defined(MOZ_WIDGET_GTK)

using namespace mozilla;

extern bool sandboxEnabled;

extern mozilla::LazyLogModule MCD;

extern nsresult CentralizedAdminPrefManagerInit(bool aSandboxEnabled);

extern nsresult CentralizedAdminPrefManagerFinish();

static nsresult DisplayError(void) {

  nsresult rv;

  nsCOMPtr<nsIPromptService> promptService =

      do_GetService("@mozilla.org/prompter;1");

  if (!promptService) return NS_ERROR_FAILURE;

  nsCOMPtr<nsIStringBundleService> bundleService =

      do_GetService(NS_STRINGBUNDLE_CONTRACTID);

  if (!bundleService) return NS_ERROR_FAILURE;

  nsCOMPtr<nsIStringBundle> bundle;

  bundleService->CreateBundle(

      "chrome://autoconfig/locale/autoconfig.properties",

      getter_AddRefs(bundle));

  if (!bundle) return NS_ERROR_FAILURE;

  nsAutoString title;

  rv = bundle->GetStringFromName("readConfigTitle", title);

  if (NS_FAILED(rv)) return rv;

  nsAutoString err;

  rv = bundle->GetStringFromName("readConfigMsg", err);

  if (NS_FAILED(rv)) return rv;

  return promptService->Alert(nullptr, title.get(), err.get());

// nsISupports Implementation

NS_IMPL_ISUPPORTS(nsReadConfig, nsIObserver)

nsReadConfig::nsReadConfig() : mRead(false) {}

nsresult nsReadConfig::Init() {

  nsresult rv;

  nsCOMPtr<nsIObserverService> observerService =

      do_GetService("@mozilla.org/observer-service;1", &rv);

  if (observerService) {

    rv =

        observerService->AddObserver(this, NS_PREFSERVICE_READ_TOPIC_ID, false);

  return (rv);

nsReadConfig::~nsReadConfig() { CentralizedAdminPrefManagerFinish(); }

NS_IMETHODIMP nsReadConfig::Observe(nsISupports* aSubject, const char* aTopic,

                                    const char16_t* someData) {

  nsresult rv = NS_OK;

  if (!nsCRT::strcmp(aTopic, NS_PREFSERVICE_READ_TOPIC_ID)) {

    rv = readConfigFile();

    // Don't show error alerts if the sandbox is enabled, just show

    // sandbox warning.

    if (NS_FAILED(rv)) {

      if (sandboxEnabled) {

        nsContentUtils::ReportToConsoleNonLocalized(

            u"Autoconfig is sandboxed by default. See "

            "https://support.mozilla.org/products/"

            "firefox-enterprise for more information."_ns,

            nsIScriptError::warningFlag, "autoconfig"_ns, nullptr);

      } else {

        rv = DisplayError();

        if (NS_FAILED(rv)) {

          nsCOMPtr<nsIAppStartup> appStartup =

              components::AppStartup::Service();

          if (appStartup) {

            bool userAllowedQuit = true;

            appStartup->Quit(nsIAppStartup::eAttemptQuit, 0, &userAllowedQuit);

  return rv;

/**

 * This is the blocklist for known bad autoconfig files.

*/

static const char* gBlockedConfigs[] = {"dsengine.cfg"};

nsresult nsReadConfig::readConfigFile() {

  nsresult rv = NS_OK;

  nsAutoCString lockFileName;

  nsAutoCString lockVendor;

  uint32_t fileNameLen = 0;

  nsCOMPtr<nsIPrefBranch> defaultPrefBranch;

  nsCOMPtr<nsIPrefService> prefService =

      do_GetService(NS_PREFSERVICE_CONTRACTID, &rv);

  if (NS_FAILED(rv)) return rv;

  rv =

      prefService->GetDefaultBranch(nullptr, getter_AddRefs(defaultPrefBranch));

  if (NS_FAILED(rv)) return rv;

  constexpr auto channel = nsLiteralCString{MOZ_STRINGIFY(MOZ_UPDATE_CHANNEL)};

  bool sandboxEnabled =

      channel.EqualsLiteral("beta") || channel.EqualsLiteral("release");

  mozilla::Unused << defaultPrefBranch->GetBoolPref(

      "general.config.sandbox_enabled", &sandboxEnabled);

  rv = defaultPrefBranch->GetCharPref("general.config.filename", lockFileName);

  if (NS_FAILED(rv)) return rv;

  MOZ_LOG(MCD, LogLevel::Debug,

          ("general.config.filename = %s\n", lockFileName.get()));

  for (size_t index = 0, len = mozilla::ArrayLength(gBlockedConfigs);

       index < len; ++index) {

    if (lockFileName == gBlockedConfigs[index]) {

      // This is NS_OK because we don't want to show an error to the user

      return rv;

  // This needs to be read only once.

//

  if (!mRead) {

    // Initiate the new JS Context for Preference management

    rv = CentralizedAdminPrefManagerInit(sandboxEnabled);

    if (NS_FAILED(rv)) return rv;

    // Open and evaluate function calls to set/lock/unlock prefs

    rv = openAndEvaluateJSFile("prefcalls.js", 0, false, false);

    if (NS_FAILED(rv)) return rv;

    mRead = true;

  // If the lockFileName is nullptr return ok, because no lockFile will be used

  // Once the config file is read, we should check that the vendor name

  // is consistent By checking for the vendor name after reading the config

  // file we allow for the preference to be set (and locked) by the creator

  // of the cfg file meaning the file can not be renamed (successfully).

  nsCOMPtr<nsIPrefBranch> prefBranch;

  rv = prefService->GetBranch(nullptr, getter_AddRefs(prefBranch));

  NS_ENSURE_SUCCESS(rv, rv);

  int32_t obscureValue = 0;

  (void)defaultPrefBranch->GetIntPref("general.config.obscure_value",

                                      &obscureValue);

  MOZ_LOG(MCD, LogLevel::Debug,

          ("evaluating .cfg file %s with obscureValue %d\n", lockFileName.get(),

           obscureValue));

  rv = openAndEvaluateJSFile(lockFileName.get(), obscureValue, true, true);

  if (NS_FAILED(rv)) {

    MOZ_LOG(MCD, LogLevel::Debug,

            ("error evaluating .cfg file %s %" PRIx32 "\n", lockFileName.get(),

             static_cast<uint32_t>(rv)));

    return rv;

  rv = prefBranch->GetCharPref("general.config.filename", lockFileName);

  if (NS_FAILED(rv))

    // There is NO REASON we should ever get here. This is POST reading

    // of the config file.

    return NS_ERROR_FAILURE;

  rv = prefBranch->GetCharPref("general.config.vendor", lockVendor);

  // If vendor is not nullptr, do this check

  if (NS_SUCCEEDED(rv)) {

    fileNameLen = strlen(lockFileName.get());

    // lockVendor and lockFileName should be the same with the addtion of

    // .cfg to the filename by checking this post reading of the cfg file

    // this value can be set within the cfg file adding a level of security.

    if (strncmp(lockFileName.get(), lockVendor.get(), fileNameLen - 4) != 0) {

      return NS_ERROR_FAILURE;

  // get the value of the autoconfig url

  nsAutoCString urlName;

  rv = prefBranch->GetCharPref("autoadmin.global_config_url", urlName);

  if (NS_SUCCEEDED(rv) && !urlName.IsEmpty()) {

    // Instantiating nsAutoConfig object if the pref is present

    mAutoConfig = new nsAutoConfig();

    rv = mAutoConfig->Init();

    if (NS_WARN_IF(NS_FAILED(rv))) {

      return rv;

    mAutoConfig->SetConfigURL(urlName.get());

  return NS_OK;

}  // ReadConfigFile

nsresult nsReadConfig::openAndEvaluateJSFile(const char* aFileName,

                                             int32_t obscureValue,

                                             bool isEncoded, bool isBinDir) {

  nsresult rv;

  nsCOMPtr<nsIInputStream> inStr;

  if (isBinDir) {

    nsCOMPtr<nsIFile> jsFile;

#if defined(MOZ_WIDGET_GTK)

    if (!mozilla::widget::IsRunningUnderFlatpakOrSnap()) {

#endif  // defined(MOZ_WIDGET_GTK)

      rv = NS_GetSpecialDirectory(NS_GRE_DIR, getter_AddRefs(jsFile));

#if defined(MOZ_WIDGET_GTK)

    } else {

      rv = NS_GetSpecialDirectory(NS_OS_SYSTEM_CONFIG_DIR,

                                  getter_AddRefs(jsFile));

#endif  // defined(MOZ_WIDGET_GTK)

    if (NS_FAILED(rv)) return rv;

    rv = jsFile->AppendNative(nsDependentCString(aFileName));

    if (NS_FAILED(rv)) return rv;

    rv = NS_NewLocalFileInputStream(getter_AddRefs(inStr), jsFile);

    if (NS_FAILED(rv)) return rv;

  } else {

    nsAutoCString location("resource://gre/defaults/autoconfig/");

    location += aFileName;

    nsCOMPtr<nsIURI> uri;

    rv = NS_NewURI(getter_AddRefs(uri), location);

    NS_ENSURE_SUCCESS(rv, rv);

    nsCOMPtr<nsIChannel> channel;

    rv = NS_NewChannel(getter_AddRefs(channel), uri,

                       nsContentUtils::GetSystemPrincipal(),

                       nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,

                       nsIContentPolicy::TYPE_OTHER);

    NS_ENSURE_SUCCESS(rv, rv);

    rv = channel->Open(getter_AddRefs(inStr));

    NS_ENSURE_SUCCESS(rv, rv);

  uint64_t fs64;

  uint32_t amt = 0;

  rv = inStr->Available(&fs64);

  if (NS_FAILED(rv)) return rv;

  // This used to use PR_Malloc(), which doesn't support over 4GB.

  if (fs64 > UINT32_MAX) return NS_ERROR_FILE_TOO_BIG;

  uint32_t fs = (uint32_t)fs64;

  char* buf = (char*)malloc(fs * sizeof(char));

  if (!buf) return NS_ERROR_OUT_OF_MEMORY;

  rv = inStr->Read(buf, (uint32_t)fs, &amt);

  NS_ASSERTION((amt == fs), "failed to read the entire configuration file!!");

  if (NS_SUCCEEDED(rv)) {

    if (obscureValue > 0) {

      // Unobscure file by subtracting some value from every char.

      for (uint32_t i = 0; i < amt; i++) buf[i] -= obscureValue;

    rv = EvaluateAdminConfigScript(buf, amt, aFileName, false, true, isEncoded,

                                   !isBinDir);

  inStr->Close();

  free(buf);

  return rv;