1*cdf0e10cSrcweir/*************************************************************************
2*cdf0e10cSrcweir *
3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4*cdf0e10cSrcweir *
5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates.
6*cdf0e10cSrcweir *
7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite
8*cdf0e10cSrcweir *
9*cdf0e10cSrcweir * This file is part of OpenOffice.org.
10*cdf0e10cSrcweir *
11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify
12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3
13*cdf0e10cSrcweir * only, as published by the Free Software Foundation.
14*cdf0e10cSrcweir *
15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful,
16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of
17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details
19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code).
20*cdf0e10cSrcweir *
21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License
22*cdf0e10cSrcweir * version 3 along with OpenOffice.org.  If not, see
23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html>
24*cdf0e10cSrcweir * for a copy of the LGPLv3 License.
25*cdf0e10cSrcweir *
26*cdf0e10cSrcweir ************************************************************************/
27*cdf0e10cSrcweir#ifndef __com_sun_star_connection_SocketPermission_idl__
28*cdf0e10cSrcweir#define __com_sun_star_connection_SocketPermission_idl__
29*cdf0e10cSrcweir
30*cdf0e10cSrcweir//=============================================================================
31*cdf0e10cSrcweir
32*cdf0e10cSrcweirmodule com {  module sun {  module star {  module connection {
33*cdf0e10cSrcweir
34*cdf0e10cSrcweir//=============================================================================
35*cdf0e10cSrcweir
36*cdf0e10cSrcweir/** This permission represents access to a network via sockets.
37*cdf0e10cSrcweir    A SocketPermission consists of a host specification and a set of actions
38*cdf0e10cSrcweir    specifying ways to connect to that host.  The host is specified as
39*cdf0e10cSrcweir    <pre>
40*cdf0e10cSrcweir    host = (hostname | IPaddress)[:portrange]
41*cdf0e10cSrcweir    portrange = portnumber | -portnumber | portnumber-[portnumber]
42*cdf0e10cSrcweir    </pre>
43*cdf0e10cSrcweir    The host is expressed as a DNS name, as a numerical IP address, or as
44*cdf0e10cSrcweir    <code>"localhost"</code> (for the local machine).  The wildcard <code>"*"</code>
45*cdf0e10cSrcweir     may be included once
46*cdf0e10cSrcweir    in a DNS name host specification.  If it is included, it must be in the
47*cdf0e10cSrcweir    leftmost position, as in <code>"*.sun.com"</code>.
48*cdf0e10cSrcweir    <br>
49*cdf0e10cSrcweir    The port or portrange is optional.  A port specification of the form <code>"N-"</code>,
50*cdf0e10cSrcweir    where <code>N</code> is a port number, signifies all ports numbered <code>N</code> and above,
51*cdf0e10cSrcweir    while a specification of the form <code>"-N"</code> indicates all ports numbered
52*cdf0e10cSrcweir    <code>N</code> and below.
53*cdf0e10cSrcweir
54*cdf0e10cSrcweir    <p>
55*cdf0e10cSrcweir    The possible ways to connect to the host are
56*cdf0e10cSrcweir    <ul>
57*cdf0e10cSrcweir    <li><code>accept</code></li>
58*cdf0e10cSrcweir    <li><code>connect</code></li>
59*cdf0e10cSrcweir    <li><code>listen</code></li>
60*cdf0e10cSrcweir    <li><code>resolve</code></li>
61*cdf0e10cSrcweir    </ul><br>
62*cdf0e10cSrcweir    The <code>"listen"</code> action is only meaningful when used with <code>"localhost"</code>.
63*cdf0e10cSrcweir    The <code>"resolve"</code> (resolve host/ip name service lookups) action is implied when
64*cdf0e10cSrcweir    any of the other actions are present.
65*cdf0e10cSrcweir    <br>
66*cdf0e10cSrcweir    As an example of the creation and meaning of SocketPermissions, note that if
67*cdf0e10cSrcweir    the following permission
68*cdf0e10cSrcweir<pre>
69*cdf0e10cSrcweirSocketPermission("foo.bar.com:7777", "connect,accept");
70*cdf0e10cSrcweir</pre>
71*cdf0e10cSrcweir    is granted, it allows to connect to port 7777 on foo.bar.com, and to
72*cdf0e10cSrcweir    accept connections on that port.
73*cdf0e10cSrcweir    <br>
74*cdf0e10cSrcweir    Similarly, if the following permission
75*cdf0e10cSrcweir<pre>
76*cdf0e10cSrcweirSocketPermission("localhost:1024-", "accept,connect,listen");
77*cdf0e10cSrcweir</pre>
78*cdf0e10cSrcweir    is granted, it allows that code to accept connections on, connect to, or listen
79*cdf0e10cSrcweir    on any port between 1024 and 65535 on the local host.
80*cdf0e10cSrcweir    </p>
81*cdf0e10cSrcweir
82*cdf0e10cSrcweir    @attention
83*cdf0e10cSrcweir    Granting code permission to accept or make connections to remote hosts may be
84*cdf0e10cSrcweir    dangerous because malevolent code can then more easily transfer and share
85*cdf0e10cSrcweir    confidential data among parties who may not otherwise have access to the data.
86*cdf0e10cSrcweir    </p>
87*cdf0e10cSrcweir
88*cdf0e10cSrcweir    @since OOo 1.1.2
89*cdf0e10cSrcweir*/
90*cdf0e10cSrcweirpublished struct SocketPermission
91*cdf0e10cSrcweir{
92*cdf0e10cSrcweir	/** target host with optional portrange
93*cdf0e10cSrcweir	*/
94*cdf0e10cSrcweir	string Host;
95*cdf0e10cSrcweir	/** comma separated actions list
96*cdf0e10cSrcweir	*/
97*cdf0e10cSrcweir	string Actions;
98*cdf0e10cSrcweir};
99*cdf0e10cSrcweir
100*cdf0e10cSrcweir//=============================================================================
101*cdf0e10cSrcweir
102*cdf0e10cSrcweir}; }; }; };
103*cdf0e10cSrcweir
104*cdf0e10cSrcweir#endif
105