Use AuthCredentials throughout the network stack instead of username/password.

net/http/http_auth_handler_ntlm_portable.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_auth_handler_ntlm.h"
 
 #include <stdlib.h>
 // For gethostname
 #if defined(OS_POSIX)
 #include <unistd.h>
 #elif defined(OS_WIN)
 #include <winsock2.h>
 #endif
 
 #include "base/md5.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
 #include "base/sys_string_conversions.h"
 #include "base/utf_string_conversions.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_util.h"
+#include "net/base/zap.h"
 #include "net/http/des.h"
 #include "net/http/md4.h"
 
 namespace net {
 
 // Based on mozilla/security/manager/ssl/src/nsNTLMAuthModule.cpp,
 // CVS rev. 1.14.
 //
 // TODO(wtc):
 // - The IS_BIG_ENDIAN code is not tested.
@@ skipping 199 matching lines @@
   uint32 x = (static_cast<uint32>(buf[0]))       |
              (static_cast<uint32>(buf[1]) << 8)  |
              (static_cast<uint32>(buf[2]) << 16) |
              (static_cast<uint32>(buf[3]) << 24);
   buf += sizeof(x);
   return x;
 }
 
 //-----------------------------------------------------------------------------
 
-static void ZapBuf(void* buf, size_t buf_len) {
-  memset(buf, 0, buf_len);
-}
-
-// TODO(wtc): Can we implement ZapString as
-// s.replace(0, s.size(), s.size(), '\0)?
-static void ZapString(std::string* s) {
-  ZapBuf(&(*s)[0], s->length());
-}
-
-static void ZapString(string16* s) {
-  ZapBuf(&(*s)[0], s->length() * 2);
-}
-
 // LM_Hash computes the LM hash of the given password.
 //
 // param password
 //       unicode password.
 // param hash
 //       16-byte result buffer
 //
 // Note: This function is not being used because our SendLM() function always
 // returns false.
 static void LM_Hash(const string16& password, uint8* hash) {
@@ skipping 389 matching lines @@
   // Default credentials are not supported in the portable implementation of
   // NTLM, but are supported in the SSPI implementation.
   return false;
 }
 
 int HttpAuthHandlerNTLM::InitializeBeforeFirstChallenge() {
   return OK;
 }
 
 HttpAuthHandlerNTLM::~HttpAuthHandlerNTLM() {
-  // Wipe our copy of the password from memory, to reduce the chance of being
-  // written to the paging file on disk.
-  ZapString(&password_);
+  credentials_.Zap();
 }
 
 // static
 HttpAuthHandlerNTLM::GenerateRandomProc
 HttpAuthHandlerNTLM::SetGenerateRandomProc(
     GenerateRandomProc proc) {
   GenerateRandomProc old_proc = generate_random_proc_;
   generate_random_proc_ = proc;
   return old_proc;
 }
@@ skipping 19 matching lines @@
   int rv = 0;
 
   // If in_token is non-null, then assume it contains a type 2 message...
   if (in_token) {
     LogToken("in-token", in_token, in_token_len);
     std::string hostname = get_host_name_proc_();
     if (hostname.empty())
       return ERR_UNEXPECTED;
     uint8 rand_buf[8];
     generate_random_proc_(rand_buf, 8);
-    rv = GenerateType3Msg(domain_, username_, password_, hostname, rand_buf,
+    rv = GenerateType3Msg(domain_,
+                          credentials_.username(), credentials_.password(),
+                          hostname, rand_buf,
                           in_token, in_token_len, out_token, out_token_len);
   } else {
     rv = GenerateType1Msg(out_token, out_token_len);
   }
 
   if (rv == OK)
     LogToken("out-token", *out_token, *out_token_len);
 
   return rv;
 }
@@ skipping 13 matching lines @@
   // NOTE: Default credentials are not supported for the portable implementation
   // of NTLM.
   scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerNTLM);
   if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log))
     return ERR_INVALID_RESPONSE;
   handler->swap(tmp_handler);
   return OK;
 }
 
 }  // namespace net