| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_gssapi_posix.h" | 5 #include "net/http/http_auth_gssapi_posix.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| 11 #include "base/file_path.h" | 11 #include "base/file_path.h" |
| 12 #include "base/format_macros.h" | 12 #include "base/format_macros.h" |
| 13 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "base/string_util.h" | 14 #include "base/string_util.h" |
| 15 #include "base/stringprintf.h" | 15 #include "base/stringprintf.h" |
| 16 #include "base/threading/thread_restrictions.h" | 16 #include "base/threading/thread_restrictions.h" |
| 17 #include "net/base/net_errors.h" | 17 #include "net/base/net_errors.h" |
| 18 #include "net/base/net_util.h" | 18 #include "net/base/net_util.h" |
| 19 | 19 |
| 20 #if defined(DLOPEN_KERBEROS) | |
| 21 // These are defined for the GSSAPI library: | 20 // These are defined for the GSSAPI library: |
| 22 // Paraphrasing the comments from gssapi.h: | 21 // Paraphrasing the comments from gssapi.h: |
| 23 // "The implementation must reserve static storage for a | 22 // "The implementation must reserve static storage for a |
| 24 // gss_OID_desc object for each constant. That constant | 23 // gss_OID_desc object for each constant. That constant |
| 25 // should be initialized to point to that gss_OID_desc." | 24 // should be initialized to point to that gss_OID_desc." |
| 26 namespace { | 25 namespace { |
| 27 | 26 |
| 28 static gss_OID_desc GSS_C_NT_USER_NAME_VAL = { | 27 static gss_OID_desc GSS_C_NT_USER_NAME_VAL = { |
| 29 10, | 28 10, |
| 30 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01") | 29 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01") |
| (...skipping 25 matching lines...) Expand all Loading... |
| 56 | 55 |
| 57 } // namespace | 56 } // namespace |
| 58 | 57 |
| 59 gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_VAL; | 58 gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_VAL; |
| 60 gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_VAL; | 59 gss_OID GSS_C_NT_MACHINE_UID_NAME = &GSS_C_NT_MACHINE_UID_NAME_VAL; |
| 61 gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_VAL; | 60 gss_OID GSS_C_NT_STRING_UID_NAME = &GSS_C_NT_STRING_UID_NAME_VAL; |
| 62 gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_VAL; | 61 gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &GSS_C_NT_HOSTBASED_SERVICE_X_VAL; |
| 63 gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_VAL; | 62 gss_OID GSS_C_NT_HOSTBASED_SERVICE = &GSS_C_NT_HOSTBASED_SERVICE_VAL; |
| 64 gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_VAL; | 63 gss_OID GSS_C_NT_ANONYMOUS = &GSS_C_NT_ANONYMOUS_VAL; |
| 65 gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_VAL; | 64 gss_OID GSS_C_NT_EXPORT_NAME = &GSS_C_NT_EXPORT_NAME_VAL; |
| 66 #endif // defined(DLOPEN_KERBEROS) | |
| 67 | 65 |
| 68 namespace net { | 66 namespace net { |
| 69 | 67 |
| 70 // These are encoded using ASN.1 BER encoding. | 68 // These are encoded using ASN.1 BER encoding. |
| 71 | 69 |
| 72 // This one is used by Firefox's nsAuthGSSAPI class. | 70 // This one is used by Firefox's nsAuthGSSAPI class. |
| 73 gss_OID_desc CHROME_GSS_KRB5_MECH_OID_DESC_VAL = { | 71 gss_OID_desc CHROME_GSS_KRB5_MECH_OID_DESC_VAL = { |
| 74 9, | 72 9, |
| 75 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") | 73 const_cast<char*>("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") |
| 76 }; | 74 }; |
| (...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 405 } | 403 } |
| 406 | 404 |
| 407 bool GSSAPISharedLibrary::Init() { | 405 bool GSSAPISharedLibrary::Init() { |
| 408 if (!initialized_) | 406 if (!initialized_) |
| 409 InitImpl(); | 407 InitImpl(); |
| 410 return initialized_; | 408 return initialized_; |
| 411 } | 409 } |
| 412 | 410 |
| 413 bool GSSAPISharedLibrary::InitImpl() { | 411 bool GSSAPISharedLibrary::InitImpl() { |
| 414 DCHECK(!initialized_); | 412 DCHECK(!initialized_); |
| 415 #if defined(DLOPEN_KERBEROS) | |
| 416 gssapi_library_ = LoadSharedLibrary(); | 413 gssapi_library_ = LoadSharedLibrary(); |
| 417 if (gssapi_library_ == NULL) | 414 if (gssapi_library_ == NULL) |
| 418 return false; | 415 return false; |
| 419 #endif // defined(DLOPEN_KERBEROS) | |
| 420 initialized_ = true; | 416 initialized_ = true; |
| 421 return true; | 417 return true; |
| 422 } | 418 } |
| 423 | 419 |
| 424 base::NativeLibrary GSSAPISharedLibrary::LoadSharedLibrary() { | 420 base::NativeLibrary GSSAPISharedLibrary::LoadSharedLibrary() { |
| 425 const char** library_names; | 421 const char** library_names; |
| 426 size_t num_lib_names; | 422 size_t num_lib_names; |
| 427 const char* user_specified_library[1]; | 423 const char* user_specified_library[1]; |
| 428 if (!gssapi_library_name_.empty()) { | 424 if (!gssapi_library_name_.empty()) { |
| 429 user_specified_library[0] = gssapi_library_name_.c_str(); | 425 user_specified_library[0] = gssapi_library_name_.c_str(); |
| (...skipping 26 matching lines...) Expand all Loading... |
| 456 // Only return this library if we can bind the functions we need. | 452 // Only return this library if we can bind the functions we need. |
| 457 if (BindMethods(lib)) | 453 if (BindMethods(lib)) |
| 458 return lib; | 454 return lib; |
| 459 base::UnloadNativeLibrary(lib); | 455 base::UnloadNativeLibrary(lib); |
| 460 } | 456 } |
| 461 } | 457 } |
| 462 LOG(WARNING) << "Unable to find a compatible GSSAPI library"; | 458 LOG(WARNING) << "Unable to find a compatible GSSAPI library"; |
| 463 return NULL; | 459 return NULL; |
| 464 } | 460 } |
| 465 | 461 |
| 466 #if defined(DLOPEN_KERBEROS) | |
| 467 #define BIND(lib, x) \ | 462 #define BIND(lib, x) \ |
| 468 DCHECK(lib); \ | |
| 469 gss_##x##_type x = reinterpret_cast<gss_##x##_type>( \ | 463 gss_##x##_type x = reinterpret_cast<gss_##x##_type>( \ |
| 470 base::GetFunctionPointerFromNativeLibrary(lib, "gss_" #x)); \ | 464 base::GetFunctionPointerFromNativeLibrary(lib, "gss_" #x)); \ |
| 471 if (x == NULL) { \ | 465 if (x == NULL) { \ |
| 472 LOG(WARNING) << "Unable to bind function \"" << "gss_" #x << "\""; \ | 466 LOG(WARNING) << "Unable to bind function \"" << "gss_" #x << "\""; \ |
| 473 return false; \ | 467 return false; \ |
| 474 } | 468 } |
| 475 #else | |
| 476 #define BIND(lib, x) gss_##x##_type x = gss_##x | |
| 477 #endif | |
| 478 | 469 |
| 479 bool GSSAPISharedLibrary::BindMethods(base::NativeLibrary lib) { | 470 bool GSSAPISharedLibrary::BindMethods(base::NativeLibrary lib) { |
| 471 DCHECK(lib != NULL); |
| 472 |
| 480 BIND(lib, import_name); | 473 BIND(lib, import_name); |
| 481 BIND(lib, release_name); | 474 BIND(lib, release_name); |
| 482 BIND(lib, release_buffer); | 475 BIND(lib, release_buffer); |
| 483 BIND(lib, display_name); | 476 BIND(lib, display_name); |
| 484 BIND(lib, display_status); | 477 BIND(lib, display_status); |
| 485 BIND(lib, init_sec_context); | 478 BIND(lib, init_sec_context); |
| 486 BIND(lib, wrap_size_limit); | 479 BIND(lib, wrap_size_limit); |
| 487 BIND(lib, delete_sec_context); | 480 BIND(lib, delete_sec_context); |
| 488 BIND(lib, inquire_context); | 481 BIND(lib, inquire_context); |
| 489 | 482 |
| (...skipping 393 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 883 if (rv != OK) { | 876 if (rv != OK) { |
| 884 LOG(ERROR) << "Problem initializing context. \n" | 877 LOG(ERROR) << "Problem initializing context. \n" |
| 885 << DisplayExtendedStatus(library_, major_status, minor_status) | 878 << DisplayExtendedStatus(library_, major_status, minor_status) |
| 886 << '\n' | 879 << '\n' |
| 887 << DescribeContext(library_, scoped_sec_context_.get()); | 880 << DescribeContext(library_, scoped_sec_context_.get()); |
| 888 } | 881 } |
| 889 return rv; | 882 return rv; |
| 890 } | 883 } |
| 891 | 884 |
| 892 } // namespace net | 885 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7719024:
Revert 97925 - Linux: allow linking directly with Kerberos instead of using dlopen. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/