| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_gssapi_posix.h" | 5 #include "net/http/http_auth_gssapi_posix.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| 11 #include "base/file_path.h" | 11 #include "base/file_path.h" |
| 12 #include "base/format_macros.h" | 12 #include "base/format_macros.h" |
| 13 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "base/string_util.h" | 14 #include "base/string_util.h" |
| 15 #include "base/stringprintf.h" | 15 #include "base/stringprintf.h" |
| 16 #include "base/threading/thread_restrictions.h" | 16 #include "base/threading/thread_restrictions.h" |
| 17 #include "net/base/net_errors.h" | 17 #include "net/base/net_errors.h" |
| 18 #include "net/base/net_util.h" | 18 #include "net/base/net_util.h" |
| 19 | 19 |
| 20 #if defined(DLOPEN_KERBEROS) |
| 20 // These are defined for the GSSAPI library: | 21 // These are defined for the GSSAPI library: |
| 21 // Paraphrasing the comments from gssapi.h: | 22 // Paraphrasing the comments from gssapi.h: |
| 22 // "The implementation must reserve static storage for a | 23 // "The implementation must reserve static storage for a |
| 23 // gss_OID_desc object for each constant. That constant | 24 // gss_OID_desc object for each constant. That constant |
| 24 // should be initialized to point to that gss_OID_desc." | 25 // should be initialized to point to that gss_OID_desc." |
| 25 namespace { | 26 namespace { |
| 26 | 27 |
| 27 static gss_OID_desc GSS_C_NT_USER_NAME_VAL = { | 28 static gss_OID_desc GSS_C_NT_USER_NAME_VAL = { |
| 28 10, | 29 10, |
| 29 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01") | 30 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01") |
| (...skipping 25 matching lines...) Expand all Loading... |
| 55 | 56 |
| 56 } // namespace | 57 } // namespace |
| 57 | 58 |
| 58 gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_VAL; | 59 gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_VAL; |
| 59 gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_VAL; | 60 gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_VAL; |
| 60 gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_VAL; | 61 gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_VAL; |
| 61 gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_VAL; | 62 gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_VAL; |
| 62 gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_VAL; | 63 gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_VAL; |
| 63 gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_VAL; | 64 gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_VAL; |
| 64 gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_VAL; | 65 gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_VAL; |
| 66 #endif // defined(DLOPEN_KERBEROS) |
| 65 | 67 |
| 66 namespace net { | 68 namespace net { |
| 67 | 69 |
| 68 // These are encoded using ASN.1 BER encoding. | 70 // These are encoded using ASN.1 BER encoding. |
| 69 | 71 |
| 70 // This one is used by Firefox's nsAuthGSSAPI class. | 72 // This one is used by Firefox's nsAuthGSSAPI class. |
| 71 gss_OID_desc CHROME_GSS_KRB5_MECH_OID_DESC_VAL = { | 73 gss_OID_desc CHROME_GSS_KRB5_MECH_OID_DESC_VAL = { |
| 72 9, | 74 9, |
| 73 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") | 75 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") |
| 74 }; | 76 }; |
| (...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 403 } | 405 } |
| 404 | 406 |
| 405 bool GSSAPISharedLibrary::Init() { | 407 bool GSSAPISharedLibrary::Init() { |
| 406 if (!initialized_) | 408 if (!initialized_) |
| 407 InitImpl(); | 409 InitImpl(); |
| 408 return initialized_; | 410 return initialized_; |
| 409 } | 411 } |
| 410 | 412 |
| 411 bool GSSAPISharedLibrary::InitImpl() { | 413 bool GSSAPISharedLibrary::InitImpl() { |
| 412 DCHECK(!initialized_); | 414 DCHECK(!initialized_); |
| 415 #if defined(DLOPEN_KERBEROS) |
| 413 gssapi_library_ = LoadSharedLibrary(); | 416 gssapi_library_ = LoadSharedLibrary(); |
| 414 if (gssapi_library_ == NULL) | 417 if (gssapi_library_ == NULL) |
| 415 return false; | 418 return false; |
| 419 #endif // defined(DLOPEN_KERBEROS) |
| 416 initialized_ = true; | 420 initialized_ = true; |
| 417 return true; | 421 return true; |
| 418 } | 422 } |
| 419 | 423 |
| 420 base::NativeLibrary GSSAPISharedLibrary::LoadSharedLibrary() { | 424 base::NativeLibrary GSSAPISharedLibrary::LoadSharedLibrary() { |
| 421 const char** library_names; | 425 const char** library_names; |
| 422 size_t num_lib_names; | 426 size_t num_lib_names; |
| 423 const char* user_specified_library[1]; | 427 const char* user_specified_library[1]; |
| 424 if (!gssapi_library_name_.empty()) { | 428 if (!gssapi_library_name_.empty()) { |
| 425 user_specified_library[0] = gssapi_library_name_.c_str(); | 429 user_specified_library[0] = gssapi_library_name_.c_str(); |
| (...skipping 26 matching lines...) Expand all Loading... |
| 452 // Only return this library if we can bind the functions we need. | 456 // Only return this library if we can bind the functions we need. |
| 453 if (BindMethods(lib)) | 457 if (BindMethods(lib)) |
| 454 return lib; | 458 return lib; |
| 455 base::UnloadNativeLibrary(lib); | 459 base::UnloadNativeLibrary(lib); |
| 456 } | 460 } |
| 457 } | 461 } |
| 458 LOG(WARNING) << "Unable to find a compatible GSSAPI library"; | 462 LOG(WARNING) << "Unable to find a compatible GSSAPI library"; |
| 459 return NULL; | 463 return NULL; |
| 460 } | 464 } |
| 461 | 465 |
| 466 #if defined(DLOPEN_KERBEROS) |
| 462 #define BIND(lib, x) \ | 467 #define BIND(lib, x) \ |
| 468 DCHECK(lib); \ |
| 463 gss_##x##_type x = reinterpret_cast<gss_##x##_type>( \ | 469 gss_##x##_type x = reinterpret_cast<gss_##x##_type>( \ |
| 464 base::GetFunctionPointerFromNativeLibrary(lib, "gss_" #x)); \ | 470 base::GetFunctionPointerFromNativeLibrary(lib, "gss_" #x)); \ |
| 465 if (x == NULL) { \ | 471 if (x == NULL) { \ |
| 466 LOG(WARNING) << "Unable to bind function \"" << "gss_" #x << "\""; \ | 472 LOG(WARNING) << "Unable to bind function \"" << "gss_" #x << "\""; \ |
| 467 return false; \ | 473 return false; \ |
| 468 } | 474 } |
| 475 #else |
| 476 #define BIND(lib, x) gss_##x##_type x = gss_##x |
| 477 #endif |
| 469 | 478 |
| 470 bool GSSAPISharedLibrary::BindMethods(base::NativeLibrary lib) { | 479 bool GSSAPISharedLibrary::BindMethods(base::NativeLibrary lib) { |
| 471 DCHECK(lib != NULL); | |
| 472 | |
| 473 BIND(lib, import_name); | 480 BIND(lib, import_name); |
| 474 BIND(lib, release_name); | 481 BIND(lib, release_name); |
| 475 BIND(lib, release_buffer); | 482 BIND(lib, release_buffer); |
| 476 BIND(lib, display_name); | 483 BIND(lib, display_name); |
| 477 BIND(lib, display_status); | 484 BIND(lib, display_status); |
| 478 BIND(lib, init_sec_context); | 485 BIND(lib, init_sec_context); |
| 479 BIND(lib, wrap_size_limit); | 486 BIND(lib, wrap_size_limit); |
| 480 BIND(lib, delete_sec_context); | 487 BIND(lib, delete_sec_context); |
| 481 BIND(lib, inquire_context); | 488 BIND(lib, inquire_context); |
| 482 | 489 |
| (...skipping 393 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 876 if (rv != OK) { | 883 if (rv != OK) { |
| 877 LOG(ERROR) << "Problem initializing context. \n" | 884 LOG(ERROR) << "Problem initializing context. \n" |
| 878 << DisplayExtendedStatus(library_, major_status, minor_status) | 885 << DisplayExtendedStatus(library_, major_status, minor_status) |
| 879 << '\n' | 886 << '\n' |
| 880 << DescribeContext(library_, scoped_sec_context_.get()); | 887 << DescribeContext(library_, scoped_sec_context_.get()); |
| 881 } | 888 } |
| 882 return rv; | 889 return rv; |
| 883 } | 890 } |
| 884 | 891 |
| 885 } // namespace net | 892 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7655046:
Linux: allow linking directly with Kerberos instead of using dlopen. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src