Support specifying the GSSAPI library that will be used.

net/http/http_auth_handler_negotiate.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_NEGOTIATE_H_
 #define NET_HTTP_HTTP_AUTH_HANDLER_NEGOTIATE_H_
 #pragma once
 
 #include <string>
 
@@ skipping 54 matching lines @@
     void set_host_resolver(HostResolver* host_resolver);
 
     virtual int CreateAuthHandler(HttpAuth::ChallengeTokenizer* challenge,
                                   HttpAuth::Target target,
                                   const GURL& origin,
                                   CreateReason reason,
                                   int digest_nonce_count,
                                   const BoundNetLog& net_log,
                                   scoped_ptr<HttpAuthHandler>* handler);
 
-    // Set the system library to use. Typically the only callers which need to
-    // use this are unit tests which pass in a mocked-out version of the
-    // system library.
-    // The caller is responsible for managing the lifetime of |*auth_library|,
-    // and the lifetime must exceed that of this Factory object and all
-    // HttpAuthHandler's that this Factory object creates.
+    // Set the system library to use. Typically used by unit tests which mock
+    // out the library, and on POSIX to pass a user-specified library.
+    // Callers beware: the passed |*auth_library| will be deleted when this
+    // factory is destructed.
     void set_library(AuthLibrary* auth_library) {
-      auth_library_ = auth_library;
+      auth_library_.reset(auth_library);

[cbentzel, 2010/11/09 16:18:03]

This is still doing the wrong thing in the Windows case - it will cause a double
delete of the default SSPI library if it is ever set (since the SSPI library is
a singleton which also deletes the lone instance.)

I recommend one of two ways to fix this:
  - Make it so the default library is not a singleton, and have it be owned by
the factory.
  - Change the code back to the way it was, and hold onto the GSSAPI library in
the IOThread::Globals

[Jakob Kummerow (corp), 2010/11/10 10:50:21]

Done.
I went with the first suggestion, as I consider it more elegant to have
ownership of the library at the same place where it's used. 

     }
 
    private:
     bool disable_cname_lookup_;
     bool use_port_;
     HostResolver* resolver_;
 #if defined(OS_WIN)
     ULONG max_token_length_;
     bool first_creation_;
     bool is_unsupported_;
 #endif
-    AuthLibrary* auth_library_;
+    scoped_ptr<AuthLibrary> auth_library_;
   };
 
   HttpAuthHandlerNegotiate(AuthLibrary* sspi_library,
 #if defined(OS_WIN)
                            ULONG max_token_length,
 #endif
                            URLSecurityManager* url_security_manager,
                            HostResolver* host_resolver,
                            bool disable_cname_lookup,
                            bool use_port);
@@ skipping 61 matching lines @@
   std::string* auth_token_;
 
   State next_state_;
 
   const URLSecurityManager* url_security_manager_;
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_AUTH_HANDLER_NEGOTIATE_H_