| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_gssapi_posix.h" | 5 #include "net/http/http_auth_gssapi_posix.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| (...skipping 659 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 670 security_context_ = GSS_C_NO_CONTEXT; | 670 security_context_ = GSS_C_NO_CONTEXT; |
| 671 } | 671 } |
| 672 } | 672 } |
| 673 | 673 |
| 674 HttpAuthGSSAPI::HttpAuthGSSAPI(GSSAPILibrary* library, | 674 HttpAuthGSSAPI::HttpAuthGSSAPI(GSSAPILibrary* library, |
| 675 const std::string& scheme, | 675 const std::string& scheme, |
| 676 gss_OID gss_oid) | 676 gss_OID gss_oid) |
| 677 : scheme_(scheme), | 677 : scheme_(scheme), |
| 678 gss_oid_(gss_oid), | 678 gss_oid_(gss_oid), |
| 679 library_(library), | 679 library_(library), |
| 680 scoped_sec_context_(library) { | 680 scoped_sec_context_(library), |
| 681 can_delegate_(false) { |
| 681 DCHECK(library_); | 682 DCHECK(library_); |
| 682 } | 683 } |
| 683 | 684 |
| 684 HttpAuthGSSAPI::~HttpAuthGSSAPI() { | 685 HttpAuthGSSAPI::~HttpAuthGSSAPI() { |
| 685 } | 686 } |
| 686 | 687 |
| 687 bool HttpAuthGSSAPI::Init() { | 688 bool HttpAuthGSSAPI::Init() { |
| 688 if (!library_) | 689 if (!library_) |
| 689 return false; | 690 return false; |
| 690 return library_->Init(); | 691 return library_->Init(); |
| 691 } | 692 } |
| 692 | 693 |
| 693 bool HttpAuthGSSAPI::NeedsIdentity() const { | 694 bool HttpAuthGSSAPI::NeedsIdentity() const { |
| 694 return decoded_server_auth_token_.empty(); | 695 return decoded_server_auth_token_.empty(); |
| 695 } | 696 } |
| 696 | 697 |
| 697 bool HttpAuthGSSAPI::IsFinalRound() const { | 698 bool HttpAuthGSSAPI::IsFinalRound() const { |
| 698 return !NeedsIdentity(); | 699 return !NeedsIdentity(); |
| 699 } | 700 } |
| 700 | 701 |
| 702 void HttpAuthGSSAPI::Delegate() { |
| 703 can_delegate_ = true; |
| 704 } |
| 705 |
| 701 bool HttpAuthGSSAPI::ParseChallenge(HttpAuth::ChallengeTokenizer* tok) { | 706 bool HttpAuthGSSAPI::ParseChallenge(HttpAuth::ChallengeTokenizer* tok) { |
| 702 // Verify the challenge's auth-scheme. | 707 // Verify the challenge's auth-scheme. |
| 703 if (!tok->valid() || | 708 if (!tok->valid() || |
| 704 !LowerCaseEqualsASCII(tok->scheme(), StringToLowerASCII(scheme_).c_str())) | 709 !LowerCaseEqualsASCII(tok->scheme(), StringToLowerASCII(scheme_).c_str())) |
| 705 return false; | 710 return false; |
| 706 | 711 |
| 707 tok->set_expect_base64_token(true); | 712 tok->set_expect_base64_token(true); |
| 708 if (!tok->GetNext()) { | 713 if (!tok->GetNext()) { |
| 709 decoded_server_auth_token_.clear(); | 714 decoded_server_auth_token_.clear(); |
| 710 return true; | 715 return true; |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 792 << std::endl | 797 << std::endl |
| 793 << DisplayExtendedStatus(library_, | 798 << DisplayExtendedStatus(library_, |
| 794 major_status, | 799 major_status, |
| 795 minor_status); | 800 minor_status); |
| 796 return ERR_UNEXPECTED; | 801 return ERR_UNEXPECTED; |
| 797 } | 802 } |
| 798 ScopedName scoped_name(principal_name, library_); | 803 ScopedName scoped_name(principal_name, library_); |
| 799 | 804 |
| 800 // Continue creating a security context. | 805 // Continue creating a security context. |
| 801 OM_uint32 req_flags = 0; | 806 OM_uint32 req_flags = 0; |
| 807 if (can_delegate_) |
| 808 req_flags |= GSS_C_DELEG_FLAG; |
| 802 major_status = library_->init_sec_context( | 809 major_status = library_->init_sec_context( |
| 803 &minor_status, | 810 &minor_status, |
| 804 GSS_C_NO_CREDENTIAL, | 811 GSS_C_NO_CREDENTIAL, |
| 805 scoped_sec_context_.receive(), | 812 scoped_sec_context_.receive(), |
| 806 principal_name, | 813 principal_name, |
| 807 gss_oid_, | 814 gss_oid_, |
| 808 req_flags, | 815 req_flags, |
| 809 GSS_C_INDEFINITE, | 816 GSS_C_INDEFINITE, |
| 810 GSS_C_NO_CHANNEL_BINDINGS, | 817 GSS_C_NO_CHANNEL_BINDINGS, |
| 811 in_token, | 818 in_token, |
| (...skipping 10 matching lines...) Expand all Loading... |
| 822 minor_status) | 829 minor_status) |
| 823 << std::endl | 830 << std::endl |
| 824 << DescribeContext(library_, scoped_sec_context_.get()); | 831 << DescribeContext(library_, scoped_sec_context_.get()); |
| 825 return ERR_MISSING_AUTH_CREDENTIALS; | 832 return ERR_MISSING_AUTH_CREDENTIALS; |
| 826 } | 833 } |
| 827 | 834 |
| 828 return OK; | 835 return OK; |
| 829 } | 836 } |
| 830 | 837 |
| 831 } // namespace net | 838 } // namespace net |
| OLD | NEW |