| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file contains common routines used by NTLM and Negotiate authentication | 5 // This file contains common routines used by NTLM and Negotiate authentication |
| 6 // using the SSPI API on Windows. | 6 // using the SSPI API on Windows. |
| 7 | 7 |
| 8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
| 9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
| 10 #pragma once | 10 #pragma once |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 72 | 72 |
| 73 class HttpAuthSSPI { | 73 class HttpAuthSSPI { |
| 74 public: | 74 public: |
| 75 HttpAuthSSPI(SSPILibrary* sspi_library, | 75 HttpAuthSSPI(SSPILibrary* sspi_library, |
| 76 const std::string& scheme, | 76 const std::string& scheme, |
| 77 SEC_WCHAR* security_package, | 77 SEC_WCHAR* security_package, |
| 78 ULONG max_token_length); | 78 ULONG max_token_length); |
| 79 ~HttpAuthSSPI(); | 79 ~HttpAuthSSPI(); |
| 80 | 80 |
| 81 bool NeedsIdentity() const; | 81 bool NeedsIdentity() const; |
| 82 bool IsFinalRound() const; | |
| 83 | 82 |
| 84 bool ParseChallenge(HttpAuth::ChallengeTokenizer* tok); | 83 HttpAuth::AuthorizationResult ParseChallenge( |
| 84 HttpAuth::ChallengeTokenizer* tok); |
| 85 | 85 |
| 86 // Generates an authentication token for the service specified by the | 86 // Generates an authentication token for the service specified by the |
| 87 // Service Principal Name |spn| and stores the value in |*auth_token|. | 87 // Service Principal Name |spn| and stores the value in |*auth_token|. |
| 88 // If the return value is not |OK|, then the value of |*auth_token| is | 88 // If the return value is not |OK|, then the value of |*auth_token| is |
| 89 // unspecified. ERR_IO_PENDING is not a valid return code. | 89 // unspecified. ERR_IO_PENDING is not a valid return code. |
| 90 // If this is the first round of a multiple round scheme, credentials are | 90 // If this is the first round of a multiple round scheme, credentials are |
| 91 // obtained using |*username| and |*password|. If |username| and |password| | 91 // obtained using |*username| and |*password|. If |username| and |password| |
| 92 // are both NULL, the credentials for the currently logged in user are used | 92 // are both NULL, the credentials for the currently logged in user are used |
| 93 // instead. | 93 // instead. |
| 94 int GenerateAuthToken(const string16* username, | 94 int GenerateAuthToken(const string16* username, |
| 95 const string16* password, | 95 const string16* password, |
| 96 const std::wstring& spn, | 96 const std::wstring& spn, |
| 97 std::string* auth_token); | 97 std::string* auth_token); |
| 98 | 98 |
| 99 // Delegation is allowed on the Kerberos ticket. This allows certain servers | 99 // Delegation is allowed on the Kerberos ticket. This allows certain servers |
| 100 // to act as the user, such as an IIS server retrieiving data from a | 100 // to act as the user, such as an IIS server retrieiving data from a |
| 101 // Kerberized MSSQL server. | 101 // Kerberized MSSQL server. |
| 102 void Delegate(); | 102 void Delegate(); |
| 103 | 103 |
| 104 private: | 104 private: |
| 105 int OnFirstRound(const string16* username, | 105 int OnFirstRound(const string16* username, const string16* password); |
| 106 const string16* password); | |
| 107 | 106 |
| 108 int GetNextSecurityToken( | 107 int GetNextSecurityToken( |
| 109 const std::wstring& spn, | 108 const std::wstring& spn, |
| 110 const void* in_token, | 109 const void* in_token, |
| 111 int in_token_len, | 110 int in_token_len, |
| 112 void** out_token, | 111 void** out_token, |
| 113 int* out_token_len); | 112 int* out_token_len); |
| 114 | 113 |
| 115 void ResetSecurityContext(); | 114 void ResetSecurityContext(); |
| 116 | 115 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 148 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem | 147 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem |
| 149 // in the underlying SSPI call. The details are logged, and |*max_token_length| | 148 // in the underlying SSPI call. The details are logged, and |*max_token_length| |
| 150 // is not changed. | 149 // is not changed. |
| 151 int DetermineMaxTokenLength(SSPILibrary* library, | 150 int DetermineMaxTokenLength(SSPILibrary* library, |
| 152 const std::wstring& package, | 151 const std::wstring& package, |
| 153 ULONG* max_token_length); | 152 ULONG* max_token_length); |
| 154 | 153 |
| 155 } // namespace net | 154 } // namespace net |
| 156 | 155 |
| 157 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 156 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
| OLD | NEW |