OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_ntlm.h" | 5 #include "net/http/http_auth_handler_ntlm.h" |
6 | 6 |
7 #if !defined(NTLM_SSPI) | 7 #if !defined(NTLM_SSPI) |
8 #include "base/base64.h" | 8 #include "base/base64.h" |
9 #endif | 9 #endif |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
14 #include "net/base/url_util.h" | 14 #include "net/base/url_util.h" |
| 15 #include "net/cert/x509_util.h" |
15 #include "net/http/http_auth_challenge_tokenizer.h" | 16 #include "net/http/http_auth_challenge_tokenizer.h" |
16 #include "net/http/http_auth_scheme.h" | 17 #include "net/http/http_auth_scheme.h" |
| 18 #include "net/http/http_response_info.h" |
17 | 19 |
18 namespace net { | 20 namespace net { |
19 | 21 |
20 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( | 22 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::HandleAnotherChallenge( |
21 HttpAuthChallengeTokenizer* challenge) { | 23 HttpAuthChallengeTokenizer* challenge) { |
22 return ParseChallenge(challenge, false); | 24 return ParseChallenge(challenge, false); |
23 } | 25 } |
24 | 26 |
25 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok) { | 27 bool HttpAuthHandlerNTLM::Init(HttpAuthChallengeTokenizer* tok, |
| 28 const SSLInfo& ssl_info) { |
26 auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; | 29 auth_scheme_ = HttpAuth::AUTH_SCHEME_NTLM; |
27 score_ = 3; | 30 score_ = 3; |
28 properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; | 31 properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; |
29 | 32 |
| 33 if (ssl_info.is_valid()) |
| 34 x509_util::GetTLSServerEndPointChannelBinding(*ssl_info.cert, |
| 35 &channel_bindings_); |
| 36 |
30 return ParseChallenge(tok, true) == HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | 37 return ParseChallenge(tok, true) == HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
31 } | 38 } |
32 | 39 |
33 int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( | 40 int HttpAuthHandlerNTLM::GenerateAuthTokenImpl( |
34 const AuthCredentials* credentials, const HttpRequestInfo* request, | 41 const AuthCredentials* credentials, const HttpRequestInfo* request, |
35 const CompletionCallback& callback, std::string* auth_token) { | 42 const CompletionCallback& callback, std::string* auth_token) { |
36 #if defined(NTLM_SSPI) | 43 #if defined(NTLM_SSPI) |
37 return auth_sspi_.GenerateAuthToken(credentials, CreateSPN(origin_), | 44 return auth_sspi_.GenerateAuthToken(credentials, CreateSPN(origin_), |
38 auth_token, callback); | 45 channel_bindings_, auth_token, callback); |
39 #else // !defined(NTLM_SSPI) | 46 #else // !defined(NTLM_SSPI) |
40 // TODO(cbentzel): Shouldn't be hitting this case. | 47 // TODO(cbentzel): Shouldn't be hitting this case. |
41 if (!credentials) { | 48 if (!credentials) { |
42 LOG(ERROR) << "Username and password are expected to be non-NULL."; | 49 LOG(ERROR) << "Username and password are expected to be non-NULL."; |
43 return ERR_MISSING_AUTH_CREDENTIALS; | 50 return ERR_MISSING_AUTH_CREDENTIALS; |
44 } | 51 } |
45 // TODO(wtc): See if we can use char* instead of void* for in_buf and | 52 // TODO(wtc): See if we can use char* instead of void* for in_buf and |
46 // out_buf. This change will need to propagate to GetNextToken, | 53 // out_buf. This change will need to propagate to GetNextToken, |
47 // GenerateType1Msg, and GenerateType3Msg, and perhaps further. | 54 // GenerateType1Msg, and GenerateType3Msg, and perhaps further. |
48 const void* in_buf; | 55 const void* in_buf; |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
134 // static | 141 // static |
135 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { | 142 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) { |
136 // The service principal name of the destination server. See | 143 // The service principal name of the destination server. See |
137 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx | 144 // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx |
138 std::string target("HTTP/"); | 145 std::string target("HTTP/"); |
139 target.append(GetHostAndPort(origin)); | 146 target.append(GetHostAndPort(origin)); |
140 return target; | 147 return target; |
141 } | 148 } |
142 | 149 |
143 } // namespace net | 150 } // namespace net |
OLD | NEW |