Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(133)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_auth_gssapi_posix.h

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix mistake in previous Windows fixes Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/android/http_android_auth_negotiate.h ('K') | « net/android/net_jni_registrar.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | net/http/http_auth_gssapi_posix.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/gtest_prod_util.h" 10 #include "base/gtest_prod_util.h"
11 #include "base/native_library.h" 11 #include "base/native_library.h"
12 #include "net/base/completion_callback.h"
12 #include "net/base/net_export.h" 13 #include "net/base/net_export.h"
13 #include "net/http/http_auth.h" 14 #include "net/http/http_auth.h"
14 15
15 #if defined(OS_MACOSX) 16 #if defined(OS_MACOSX)
16 // The OSX 10.9+ SDKs mark the functions in Kereberos.framework as deprecated, 17 // The OSX 10.9+ SDKs mark the functions in Kereberos.framework as deprecated,
17 // so the warnings must be manually suppressed. 18 // so the warnings must be manually suppressed.
18 #if defined(MAC_OS_X_VERSION_10_9) && \ 19 #if defined(MAC_OS_X_VERSION_10_9) && \
19 MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_9 20 MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_9
20 #define GSSKRB_APPLE_DEPRECATED(x) 21 #define GSSKRB_APPLE_DEPRECATED(x)
21 #endif 22 #endif
(...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after
241 bool NeedsIdentity() const; 242 bool NeedsIdentity() const;
242 243
243 bool AllowsExplicitCredentials() const; 244 bool AllowsExplicitCredentials() const;
244 245
245 HttpAuth::AuthorizationResult ParseChallenge( 246 HttpAuth::AuthorizationResult ParseChallenge(
246 HttpAuthChallengeTokenizer* tok); 247 HttpAuthChallengeTokenizer* tok);
247 248
248 // Generates an authentication token. 249 // Generates an authentication token.
249 // The return value is an error code. If it's not |OK|, the value of 250 // The return value is an error code. If it's not |OK|, the value of
250 // |*auth_token| is unspecified. 251 // |*auth_token| is unspecified.
252 // The function may return |IO_PENDING|, and call |callback| on completion.
253 // |auth_token| must remain valid until the callback has been called.
251 // |spn| is the Service Principal Name of the server that the token is 254 // |spn| is the Service Principal Name of the server that the token is
252 // being generated for. 255 // being generated for.
253 // If this is the first round of a multiple round scheme, credentials are 256 // If this is the first round of a multiple round scheme, credentials are
254 // obtained using |*credentials|. If |credentials| is NULL, the default 257 // obtained using |*credentials|. If |credentials| is NULL, the default
255 // credentials are used instead. 258 // credentials are used instead.
256 int GenerateAuthToken(const AuthCredentials* credentials, 259 int GenerateAuthToken(const AuthCredentials* credentials,
257 const std::string& spn, 260 const std::string& spn,
258 std::string* auth_token); 261 std::string* auth_token,
262 const CompletionCallback& callback);
259 263
260 // Delegation is allowed on the Kerberos ticket. This allows certain servers 264 // Delegation is allowed on the Kerberos ticket. This allows certain servers
261 // to act as the user, such as an IIS server retrieiving data from a 265 // to act as the user, such as an IIS server retrieiving data from a
262 // Kerberized MSSQL server. 266 // Kerberized MSSQL server.
263 void Delegate(); 267 void Delegate();
264 268
265 private: 269 private:
266 int GetNextSecurityToken(const std::string& spn, 270 int GetNextSecurityToken(const std::string& spn,
267 gss_buffer_t in_token, 271 gss_buffer_t in_token,
268 gss_buffer_t out_token); 272 gss_buffer_t out_token);
269 273
270 std::string scheme_; 274 std::string scheme_;
271 gss_OID gss_oid_; 275 gss_OID gss_oid_;
272 GSSAPILibrary* library_; 276 GSSAPILibrary* library_;
273 std::string decoded_server_auth_token_; 277 std::string decoded_server_auth_token_;
274 ScopedSecurityContext scoped_sec_context_; 278 ScopedSecurityContext scoped_sec_context_;
275 bool can_delegate_; 279 bool can_delegate_;
276 }; 280 };
277 281
278 } // namespace net 282 } // namespace net
279 283
280 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 284 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
OLDNEW
« net/android/http_android_auth_negotiate.h ('K') | « net/android/net_jni_registrar.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | net/http/http_auth_gssapi_posix.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698