OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
(...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
265 // until the callback has been called. | 265 // until the callback has been called. |
266 // | 266 // |
267 // |spn| is the Service Principal Name of the server that the token is | 267 // |spn| is the Service Principal Name of the server that the token is |
268 // being generated for. | 268 // being generated for. |
269 // | 269 // |
270 // If this is the first round of a multiple round scheme, credentials are | 270 // If this is the first round of a multiple round scheme, credentials are |
271 // obtained using |*credentials|. If |credentials| is NULL, the default | 271 // obtained using |*credentials|. If |credentials| is NULL, the default |
272 // credentials are used instead. | 272 // credentials are used instead. |
273 int GenerateAuthToken(const AuthCredentials* credentials, | 273 int GenerateAuthToken(const AuthCredentials* credentials, |
274 const std::string& spn, | 274 const std::string& spn, |
| 275 const std::string& channel_bindings, |
275 std::string* auth_token, | 276 std::string* auth_token, |
276 const CompletionCallback& callback); | 277 const CompletionCallback& callback); |
277 | 278 |
278 // Delegation is allowed on the Kerberos ticket. This allows certain servers | 279 // Delegation is allowed on the Kerberos ticket. This allows certain servers |
279 // to act as the user, such as an IIS server retrieving data from a | 280 // to act as the user, such as an IIS server retrieving data from a |
280 // Kerberized MSSQL server. | 281 // Kerberized MSSQL server. |
281 void Delegate(); | 282 void Delegate(); |
282 | 283 |
283 private: | 284 private: |
284 int GetNextSecurityToken(const std::string& spn, | 285 int GetNextSecurityToken(const std::string& spn, |
| 286 const std::string& channel_bindings, |
285 gss_buffer_t in_token, | 287 gss_buffer_t in_token, |
286 gss_buffer_t out_token); | 288 gss_buffer_t out_token); |
287 | 289 |
288 std::string scheme_; | 290 std::string scheme_; |
289 gss_OID gss_oid_; | 291 gss_OID gss_oid_; |
290 GSSAPILibrary* library_; | 292 GSSAPILibrary* library_; |
291 std::string decoded_server_auth_token_; | 293 std::string decoded_server_auth_token_; |
292 ScopedSecurityContext scoped_sec_context_; | 294 ScopedSecurityContext scoped_sec_context_; |
293 bool can_delegate_; | 295 bool can_delegate_; |
294 }; | 296 }; |
295 | 297 |
296 } // namespace net | 298 } // namespace net |
297 | 299 |
298 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 300 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
OLD | NEW |