+/*
+ * Copyright (c) 2015, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
console.log("gssweb_background.js loading: #4");
-
-
var gssNativePort = null;
var applicationPorts = {};
+navigator.generateNonce = function() {
+ // TODO: Make sure that we don't have a collision!
+ // Random integer in the range [0..(2^32-1)]
+ return Math.floor(Math.random() * ( 4294967295 )) ;
+}
+
/* What to do with the output of the GSS command line */
function onGSSResponse(msg) {
var nonce;
+++ /dev/null
-<!DOCTYPE html>
-<html>
- <head>
- <script src="./gssweb.js"></script>
- </head>
- <body>
- <button id='connect'>Connect</button>
- <input id='gss_command' />
- <button id='send-message'>Send</button>
- <div id='response'></div>
- </body>
-</html>
+++ /dev/null
-
-
-var gssAppPort = null;
-
-function report(msg) {
- var response = document.getElementById('response');
- response.innerHTML = '<p>' + msg + '</p>' + response.innerHTML;
-}
-
-function onGSSResponse(msg) {
- report('Response from GSS: ' + JSON.stringify(msg) );
-}
-
-function connectToNativeHost() {
- report('Connecting to json_gssapi command line.');
- // var host = 'com.google.chrome.example.echo';
- var host = 'com.painlesssecurity.jsongss'
- gssAppPort = chrome.runtime.connectNative( host );
- if (gssAppPort) {report("Connected.");};
- gssAppPort.onMessage.addListener( onGSSResponse );
-}
-
-function sendNativeMessage() {
- var msg = JSON.parse( document.getElementById('gss_command').value );
- gssAppPort.postMessage(msg);
- report('Sent message: ' + msg);
-}
-
-
-document.addEventListener('DOMContentLoaded', function () {
- document.getElementById('connect').addEventListener(
- 'click', connectToNativeHost);
- document.getElementById('send-message').addEventListener(
- 'click', sendNativeMessage);
-});
},
"background": {
"scripts": [
- "gssweb_background.js"
+ "background.js"
]
},
"content_scripts": [
{
"matches": ["*://*/*"],
- "js": ["gssweb.contentscript.js"]
+ "js": ["contentscript.js"]
}
],
"description": "Chrome plugin to supply GSSAPI calls.",
+/*
+ * Copyright (c) 2015, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
console.log("Loading content script #6...");
-
function addScript(url) {
var elt = document.createElement("script");
elt.setAttribute("src",
}
var port;
+var browser;
if ("undefined" != typeof(chrome) &&
"undefined" != typeof(chrome.extension) &&
"undefined" != typeof(chrome.extension.getURL))
{
// Running in chrome
+ browser = "Chrome";
gss_script_name = chrome.extension.getURL('navigator.gssEap.js');
port = chrome.runtime.connect({name: "com.painlesssecurity.gssweb"});
} else {
// Firefox
+ browser = "Firefox";
gss_script_name = 'chrome://gssweb/content/navigator.gssEap.js';
}
addScript( gss_script_name );
-
sendReplyToWebpage = function(gssReplyJSON) {
var appTag = gssReplyJSON.cookies.app_tag;
/* When we get a message back from the extension
* background script
*/
-if ("undefined" != typeof(port))
+if ("Chrome" == browser)
{
port.onMessage.addListener( sendReplyToWebpage );
}
-if ("undefined" != typeof(self) &&
- "undefined" != typeof(self.port) )
+else
{
self.port.on('gss_response', sendReplyToWebpage );
}
-
-
window.addEventListener("message", function(event) {
- // We only accept messages from ourselves
-// if ("undefined" != typeof(unsafeWindow) && event.source != unsafeWindow ) // Firefox
-// ("undefined" == typeof(unsafeWindow) && event.source != window) // Chrome
-// return;
-
// Check to see if this message's data is data we care about
if ( typeof(event.data.method) == 'undefined' ||
typeof(event.data.arguments) == 'undefined' ||
console.log("[" + appTag + "] Window message listener received message: [" +
JSON.stringify(event.data) + "]"
);
- if ("undefined" != typeof(port) )
+ if ("Chrome" == browser)
{
port.postMessage(event.data);
- } else if ("undefined" != typeof(self) &&
- "undefined" != typeof(self.port) )
+ } else
{
self.port.emit("gss_request", event.data);
}
+# Copyright (c) 2015, JANET(UK)
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# 3. Neither the name of JANET(UK) nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+#
content gssweb chrome/content/ contentaccessible=yes
resource gsseap chrome/resource/
+/*
+ * Copyright (c) 2015, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
var tabs = require("sdk/tabs");
const {Cu} = require("chrome");
pageMod.PageMod({
include: "*",
- contentScriptFile: [data.url("gssweb.contentscript.js")],
+ contentScriptFile: [data.url("contentscript.js")],
contentScriptWhen: "ready"
});
}
tabs.on("ready", function(tab) {
- app = tab.attach({ contentScriptFile: data.url("gssweb.contentscript.js") });
+ app = tab.attach({ contentScriptFile: data.url("contentscript.js") });
app.port.on("gss_request", function(message) {
var response = invokeNativeGSS(message);
app.port.emit("gss_response", response);
"description": "GSS-EAP and GSSWeb package provider",
"author": "mark@painless-security.com",
- "license": "Copyright (c) 2014, JANET(UK)\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in the\n documentation and/or other materials provided with the distribution.\n\n3. Neither the name of JANET(UK) nor the names of its contributors\n may be used to endorse or promote products derived from this software\n without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS\nFOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\nCOPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,\nINDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\nHOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\nSTRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\nARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\nOF THE POSSIBILITY OF SUCH DAMAGE.",
+ "license": "Copyright (c) 2015, JANET(UK)\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in the\n documentation and/or other materials provided with the distribution.\n\n3. Neither the name of JANET(UK) nor the names of its contributors\n may be used to endorse or promote products derived from this software\n without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS\nFOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\nCOPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,\nINDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\nHOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\nSTRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\nARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\nOF THE POSSIBILITY OF SUCH DAMAGE.",
"version": "0.1"
}