Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(311)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_auth_handler_ntlm_portable.cc

Issue 8340026: Use AuthCredentials throughout the network stack instead of username/password. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Reduce password zapping Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/http/http_auth_handler_negotiate.h ('K') | « net/http/http_auth_handler_ntlm.cc ('k') | net/http/http_auth_handler_unittest.cc » ('j') | net/http/http_cache_transaction.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_auth_handler_ntlm_portable.cc
diff --git a/net/http/http_auth_handler_ntlm_portable.cc b/net/http/http_auth_handler_ntlm_portable.cc
index 92b3e5bc3296d3eb76ebefcf9d2d93c945a796c7..d5febb68d30d98f9475d1bfbf428069a88393d51 100644
--- a/net/http/http_auth_handler_ntlm_portable.cc
+++ b/net/http/http_auth_handler_ntlm_portable.cc
@@ -19,6 +19,7 @@
#include "base/utf_string_conversions.h"
#include "net/base/net_errors.h"
#include "net/base/net_util.h"
+#include "net/base/zap.h"
#include "net/http/des.h"
#include "net/http/md4.h"
@@ -238,20 +239,6 @@ static uint32 ReadUint32(const uint8*& buf) {
//-----------------------------------------------------------------------------
-static void ZapBuf(void* buf, size_t buf_len) {
- memset(buf, 0, buf_len);
-}
-
-// TODO(wtc): Can we implement ZapString as
-// s.replace(0, s.size(), s.size(), '\0)?
-static void ZapString(std::string* s) {
- ZapBuf(&(*s)[0], s->length());
-}
-
-static void ZapString(string16* s) {
- ZapBuf(&(*s)[0], s->length() * 2);
-}
-
// LM_Hash computes the LM hash of the given password.
//
// param password
@@ -661,9 +648,7 @@ int HttpAuthHandlerNTLM::InitializeBeforeFirstChallenge() {
}
HttpAuthHandlerNTLM::~HttpAuthHandlerNTLM() {
- // Wipe our copy of the password from memory, to reduce the chance of being
- // written to the paging file on disk.
- ZapString(&password_);
+ credentials_.Zap();
}
// static
@@ -703,7 +688,9 @@ int HttpAuthHandlerNTLM::GetNextToken(const void* in_token,
return ERR_UNEXPECTED;
uint8 rand_buf[8];
generate_random_proc_(rand_buf, 8);
- rv = GenerateType3Msg(domain_, username_, password_, hostname, rand_buf,
+ rv = GenerateType3Msg(domain_,
+ credentials_.username(), credentials_.password(),
+ hostname, rand_buf,
in_token, in_token_len, out_token, out_token_len);
} else {
rv = GenerateType1Msg(out_token, out_token_len);
« net/http/http_auth_handler_negotiate.h ('K') | « net/http/http_auth_handler_ntlm.cc ('k') | net/http/http_auth_handler_unittest.cc » ('j') | net/http/http_cache_transaction.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698