net/http/http_auth_gssapi_posix.h - Issue 1128043007: Support Kerberos on Android

Unified Diff: net/http/http_auth_gssapi_posix.h

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix a nit I had missed. Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/android/unittest_support/res/xml/dummy_spnego_account_preferences.xml ('K') | « net/android/unittest_support/res/xml/dummy_spnego_authenticator.xml ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | net/http/http_auth_handler_factory_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/http/http_auth_gssapi_posix.h

diff --git a/net/http/http_auth_gssapi_posix.h b/net/http/http_auth_gssapi_posix.h

index ab967c96053fe3052ac8f70a199640c960da47ec..1746c5c8ff9323901ba6ed89a0513f40a1799c56 100644

--- a/net/http/http_auth_gssapi_posix.h

+++ b/net/http/http_auth_gssapi_posix.h

@@ -9,6 +9,7 @@

#include "base/gtest_prod_util.h"

#include "base/native_library.h"

+#include "net/base/completion_callback.h"

#include "net/base/net_export.h"

#include "net/http/http_auth.h"

@@ -22,7 +23,7 @@

// Chrome supports OSX 10.6, which doesn't have access to GSS.framework. Chrome

// always dlopens libgssapi_krb5.dylib, which is provided by

-// Kerberos.framework. On OSX 10.7+ this is an ABI comptabile shim that loads

+// Kerberos.framework. On OSX 10.7+ this is an ABI compatible shim that loads

// GSS.framework.

#include <Kerberos/gssapi.h>

#elif defined(OS_FREEBSD)

@@ -246,19 +247,35 @@ class NET_EXPORT_PRIVATE HttpAuthGSSAPI {

HttpAuthChallengeTokenizer* tok);

// Generates an authentication token.

- // The return value is an error code. If it's not |OK|, the value of

+ //

+ // The return value is an error code. The authentication token will be

cbentzel 2015/06/11 20:51:43 Thanks for improving this comment!

+ // returned in |*auth_token|. If the result code not |OK|, the value of

// |*auth_token| is unspecified.

cbentzel 2015/06/11 20:51:43 Nit: If the result code is not |OK|

aberent 2015/06/15 15:52:20 Done.

+ //

+ // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will

+ // be returned and the real result code will be passed to the completion

+ // callback. Otherwise the result code is returned immediately from this

+ // call.

+ //

+ // If the HttpAuthGSSAPI object is deleted before completion then the callback

+ // will not be called.

+ //

+ // If no immediate result is returned then |auth_token| must remain valid

+ // until the callback has been called.

+ //

// |spn| is the Service Principal Name of the server that the token is

// being generated for.

+ //

// If this is the first round of a multiple round scheme, credentials are

// obtained using |*credentials|. If |credentials| is NULL, the default

// credentials are used instead.

int GenerateAuthToken(const AuthCredentials* credentials,

const std::string& spn,

- std::string* auth_token);

+ std::string* auth_token,

+ const CompletionCallback& callback);

// Delegation is allowed on the Kerberos ticket. This allows certain servers

- // to act as the user, such as an IIS server retrieiving data from a

+ // to act as the user, such as an IIS server retrieving data from a

// Kerberized MSSQL server.

void Delegate();