Bug 833935 - Centralize UsingNeckoIPDLSecurity function. r=jdm
authorJason Duell <jduell.mcbugs@gmail.com>
Thu, 24 Jan 2013 19:22:00 +0000
changeset 130521 b662c6940cf45601fe8f4105873cdacfad457dcc
parent 130520 53640f283f68741d84ed030ae218dce8e05570e2
child 130522 eddbffde391870c763cdd95b406d95bc724edfa7
push id317
push userbbajaj@mozilla.com
push dateTue, 07 May 2013 01:20:33 +0000
treeherdermozilla-release@159a10910249 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjdm
bugs833935
milestone21.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 833935 - Centralize UsingNeckoIPDLSecurity function. r=jdm
netwerk/ipc/NeckoChild.cpp
netwerk/ipc/NeckoCommon.h
netwerk/ipc/NeckoParent.cpp
--- a/netwerk/ipc/NeckoChild.cpp
+++ b/netwerk/ipc/NeckoChild.cpp
@@ -10,32 +10,27 @@
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/net/HttpChannelChild.h"
 #include "mozilla/net/CookieServiceChild.h"
 #include "mozilla/net/WyciwygChannelChild.h"
 #include "mozilla/net/FTPChannelChild.h"
 #include "mozilla/net/WebSocketChannelChild.h"
 #include "mozilla/net/RemoteOpenFileChild.h"
 #include "mozilla/dom/network/TCPSocketChild.h"
-#include "mozilla/Preferences.h"
 
 using mozilla::dom::TCPSocketChild;
 
 namespace mozilla {
 namespace net {
 
-static bool gDisableIPCSecurity = false;
-static const char kPrefDisableIPCSecurity[] = "network.disable.ipc.security";
-
 PNeckoChild *gNeckoChild = nullptr;
 
 // C++ file contents
 NeckoChild::NeckoChild()
 {
-  Preferences::AddBoolVarCache(&gDisableIPCSecurity, kPrefDisableIPCSecurity);
 }
 
 NeckoChild::~NeckoChild()
 {
 }
 
 void NeckoChild::InitNeckoChild()
 {
--- a/netwerk/ipc/NeckoCommon.h
+++ b/netwerk/ipc/NeckoCommon.h
@@ -6,16 +6,17 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef mozilla_net_NeckoCommon_h
 #define mozilla_net_NeckoCommon_h
 
 #include "nsXULAppAPI.h"
 #include "prenv.h"
 #include "nsPrintfCString.h"
+#include "mozilla/Preferences.h"
 
 #if defined(DEBUG) || defined(ENABLE_TESTS)
 # define NECKO_ERRORS_ARE_FATAL_DEFAULT true
 #else
 # define NECKO_ERRORS_ARE_FATAL_DEFAULT false
 #endif 
 
 // TODO: Eventually remove NECKO_MAYBE_ABORT and DROP_DEAD (bug 575494).
@@ -90,14 +91,30 @@ IsNeckoChild()
     const char * e = PR_GetEnv("NECKO_SEPARATE_STACKS");
     if (!e) 
       amChild = (XRE_GetProcessType() == GeckoProcessType_Content);
     didCheck = true;
   }
   return amChild;
 }
 
+// This should always return true unless xpcshell tests are being used
+inline bool
+UsingNeckoIPCSecurity()
+{
+  static bool securityDisabled = true;
+  static bool registeredBool = false;
+
+  if (!registeredBool) {
+    Preferences::AddBoolVarCache(&securityDisabled,
+                                 "network.disable.ipc.security");
+    registeredBool = true;
+  }
+  return !securityDisabled;
+}
+
+
 
 } // namespace net
 } // namespace mozilla
 
 #endif // mozilla_net_NeckoCommon_h
 
--- a/netwerk/ipc/NeckoParent.cpp
+++ b/netwerk/ipc/NeckoParent.cpp
@@ -11,40 +11,34 @@
 #include "mozilla/net/CookieServiceParent.h"
 #include "mozilla/net/WyciwygChannelParent.h"
 #include "mozilla/net/FTPChannelParent.h"
 #include "mozilla/net/WebSocketChannelParent.h"
 #include "mozilla/net/RemoteOpenFileParent.h"
 #include "mozilla/dom/TabParent.h"
 #include "mozilla/dom/network/TCPSocketParent.h"
 #include "mozilla/ipc/URIUtils.h"
-#include "mozilla/Preferences.h"
 #include "mozilla/LoadContext.h"
 #include "nsPrintfCString.h"
 #include "nsHTMLDNSPrefetch.h"
 #include "nsIAppsService.h"
 #include "nsEscape.h"
 
 using mozilla::dom::TabParent;
 using mozilla::net::PTCPSocketParent;
 using mozilla::dom::TCPSocketParent;
 using IPC::SerializedLoadContext;
 
 namespace mozilla {
 namespace net {
 
-static bool gDisableIPCSecurity = false;
-static const char kPrefDisableIPCSecurity[] = "network.disable.ipc.security";
-
 // C++ file contents
 NeckoParent::NeckoParent()
 {
-  Preferences::AddBoolVarCache(&gDisableIPCSecurity, kPrefDisableIPCSecurity);
-
-  if (!gDisableIPCSecurity) {
+  if (UsingNeckoIPCSecurity()) {
     // cache values for core/packaged apps basepaths
     nsAutoString corePath, webPath;
     nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
     if (appsService) {
       appsService->GetCoreAppsBasePath(corePath);
       appsService->GetWebAppsBasePath(webPath);
     }
     // corePath may be empty: we don't use it for all build types
@@ -71,17 +65,17 @@ PBOverrideStatusFromLoadContext(const Se
 }
 
 const char*
 NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
                                  PBrowserParent* aBrowser,
                                  uint32_t* aAppId,
                                  bool* aInBrowserElement)
 {
-  if (!gDisableIPCSecurity) {
+  if (UsingNeckoIPCSecurity()) {
     if (!aBrowser) {
       return "missing required PBrowser argument";
     }
     if (!aSerialized.IsNotNull()) {
       return "SerializedLoadContext from child is null";
     }
   }
 
@@ -97,29 +91,29 @@ NeckoParent::GetValidatedAppInfo(const S
     if (*aAppId == NECKO_UNKNOWN_APP_ID) {
       return "TabParent reports appId=NECKO_UNKNOWN_APP_ID!";
     }
     // We may get appID=NO_APP if child frame is neither a browser nor an app
     if (*aAppId == NECKO_NO_APP_ID) {
       if (tabParent->HasOwnApp()) {
         return "TabParent reports NECKO_NO_APP_ID but also is an app";
       }
-      if (!gDisableIPCSecurity && tabParent->IsBrowserElement()) {
+      if (UsingNeckoIPCSecurity() && tabParent->IsBrowserElement()) {
         // <iframe mozbrowser> which doesn't have an <iframe mozapp> above it.
         // This is not supported now, and we'll need to do a code audit to make
         // sure we can handle it (i.e don't short-circuit using separate
         // namespace if just appID==0)
         return "TabParent reports appId=NECKO_NO_APP_ID but is a mozbrowser";
       }
     }
   } else {
     // Only trust appId/inBrowser from child-side loadcontext if we're in
     // testing mode: allows xpcshell tests to masquerade as apps
-    MOZ_ASSERT(gDisableIPCSecurity);
-    if (!gDisableIPCSecurity) {
+    MOZ_ASSERT(!UsingNeckoIPCSecurity());
+    if (UsingNeckoIPCSecurity()) {
       return "internal error";
     }
     if (aSerialized.IsNotNull()) {
       *aAppId = aSerialized.mAppId;
       *aInBrowserElement = aSerialized.mIsInBrowserElement;
     } else {
       *aAppId = NECKO_NO_APP_ID;
     }
@@ -140,17 +134,17 @@ NeckoParent::CreateChannelLoadContext(PB
     return error;
   }
 
   if (aBrowser) {
     nsRefPtr<TabParent> tabParent = static_cast<TabParent*>(aBrowser);
     topFrameElement = tabParent->GetOwnerElement();
   }
 
-  // if gDisableIPCSecurity, we may not have a LoadContext to set. This is
+  // if !UsingNeckoIPCSecurity(), we may not have a LoadContext to set. This is
   // the common case for most xpcshell tests.
   if (aSerialized.IsNotNull()) {
     aResult = new LoadContext(aSerialized, topFrameElement, appId, inBrowser);
   }
 
   return nullptr;
 }
 
@@ -305,17 +299,17 @@ NeckoParent::AllocPRemoteOpenFile(const 
 {
   nsCOMPtr<nsIURI> uri = DeserializeURI(aURI);
   nsCOMPtr<nsIFileURL> fileURL = do_QueryInterface(uri);
   if (!fileURL) {
     return nullptr;
   }
 
   // security checks
-  if (!gDisableIPCSecurity) {
+  if (UsingNeckoIPCSecurity()) {
     if (!aBrowser) {
       printf_stderr("NeckoParent::AllocPRemoteOpenFile: "
                     "FATAL error: missing TabParent: KILLING CHILD PROCESS\n");
       return nullptr;
     }
     nsRefPtr<TabParent> tabParent = static_cast<TabParent*>(aBrowser);
     uint32_t appId = tabParent->OwnOrContainingAppId();
     nsCOMPtr<nsIAppsService> appsService =