Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(18)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_auth_sspi_win.h

Issue 1408433006: Support tls-server-end-point channel bindings for HTTP authentication. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Narrower dependencies, update comments, address review comments. Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/x509_util_openssl.cc ('K') | « net/http/http_auth_handler_unittest.cc ('k') | net/http/http_auth_sspi_win.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains common routines used by NTLM and Negotiate authentication 5 // This file contains common routines used by NTLM and Negotiate authentication
6 // using the SSPI API on Windows. 6 // using the SSPI API on Windows.
7 7
8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ 8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_
9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ 9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_
10 10
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
139 // until the callback has been called. 139 // until the callback has been called.
140 // 140 //
141 // |spn| is the Service Principal Name of the server that the token is 141 // |spn| is the Service Principal Name of the server that the token is
142 // being generated for. 142 // being generated for.
143 // 143 //
144 // If this is the first round of a multiple round scheme, credentials are 144 // If this is the first round of a multiple round scheme, credentials are
145 // obtained using |*credentials|. If |credentials| is NULL, the default 145 // obtained using |*credentials|. If |credentials| is NULL, the default
146 // credentials are used instead. 146 // credentials are used instead.
147 int GenerateAuthToken(const AuthCredentials* credentials, 147 int GenerateAuthToken(const AuthCredentials* credentials,
148 const std::string& spn, 148 const std::string& spn,
149 const std::string& channel_bindings,
149 std::string* auth_token, 150 std::string* auth_token,
150 const CompletionCallback& callback); 151 const CompletionCallback& callback);
151 152
152 // Delegation is allowed on the Kerberos ticket. This allows certain servers 153 // Delegation is allowed on the Kerberos ticket. This allows certain servers
153 // to act as the user, such as an IIS server retrieving data from a 154 // to act as the user, such as an IIS server retrieving data from a
154 // Kerberized MSSQL server. 155 // Kerberized MSSQL server.
155 void Delegate(); 156 void Delegate();
156 157
157 private: 158 private:
158 int OnFirstRound(const AuthCredentials* credentials); 159 int OnFirstRound(const AuthCredentials* credentials);
159 160
160 int GetNextSecurityToken( 161 int GetNextSecurityToken(const std::string& spn,
161 const std::string& spn, 162 const std::string& channing_bindings,
162 const void* in_token, 163 const void* in_token,
163 int in_token_len, 164 int in_token_len,
164 void** out_token, 165 void** out_token,
165 int* out_token_len); 166 int* out_token_len);
166 167
167 void ResetSecurityContext(); 168 void ResetSecurityContext();
168 169
169 SSPILibrary* library_; 170 SSPILibrary* library_;
170 std::string scheme_; 171 std::string scheme_;
171 const SEC_WCHAR* security_package_; 172 const SEC_WCHAR* security_package_;
172 std::string decoded_server_auth_token_; 173 std::string decoded_server_auth_token_;
173 ULONG max_token_length_; 174 ULONG max_token_length_;
174 CredHandle cred_; 175 CredHandle cred_;
175 CtxtHandle ctxt_; 176 CtxtHandle ctxt_;
(...skipping 24 matching lines...) Expand all
200 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem 201 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem
201 // in the underlying SSPI call. The details are logged, and |*max_token_length| 202 // in the underlying SSPI call. The details are logged, and |*max_token_length|
202 // is not changed. 203 // is not changed.
203 NET_EXPORT_PRIVATE int DetermineMaxTokenLength(SSPILibrary* library, 204 NET_EXPORT_PRIVATE int DetermineMaxTokenLength(SSPILibrary* library,
204 const std::wstring& package, 205 const std::wstring& package,
205 ULONG* max_token_length); 206 ULONG* max_token_length);
206 207
207 } // namespace net 208 } // namespace net
208 209
209 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ 210 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_
OLDNEW
« net/cert/x509_util_openssl.cc ('K') | « net/http/http_auth_handler_unittest.cc ('k') | net/http/http_auth_sspi_win.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698