OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file contains common routines used by NTLM and Negotiate authentication | 5 // This file contains common routines used by NTLM and Negotiate authentication |
6 // using the SSPI API on Windows. | 6 // using the SSPI API on Windows. |
7 | 7 |
8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 8 #ifndef NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 9 #define NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
10 | 10 |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
139 // until the callback has been called. | 139 // until the callback has been called. |
140 // | 140 // |
141 // |spn| is the Service Principal Name of the server that the token is | 141 // |spn| is the Service Principal Name of the server that the token is |
142 // being generated for. | 142 // being generated for. |
143 // | 143 // |
144 // If this is the first round of a multiple round scheme, credentials are | 144 // If this is the first round of a multiple round scheme, credentials are |
145 // obtained using |*credentials|. If |credentials| is NULL, the default | 145 // obtained using |*credentials|. If |credentials| is NULL, the default |
146 // credentials are used instead. | 146 // credentials are used instead. |
147 int GenerateAuthToken(const AuthCredentials* credentials, | 147 int GenerateAuthToken(const AuthCredentials* credentials, |
148 const std::string& spn, | 148 const std::string& spn, |
| 149 const std::string& channel_bindings, |
149 std::string* auth_token, | 150 std::string* auth_token, |
150 const CompletionCallback& callback); | 151 const CompletionCallback& callback); |
151 | 152 |
152 // Delegation is allowed on the Kerberos ticket. This allows certain servers | 153 // Delegation is allowed on the Kerberos ticket. This allows certain servers |
153 // to act as the user, such as an IIS server retrieving data from a | 154 // to act as the user, such as an IIS server retrieving data from a |
154 // Kerberized MSSQL server. | 155 // Kerberized MSSQL server. |
155 void Delegate(); | 156 void Delegate(); |
156 | 157 |
157 private: | 158 private: |
158 int OnFirstRound(const AuthCredentials* credentials); | 159 int OnFirstRound(const AuthCredentials* credentials); |
159 | 160 |
160 int GetNextSecurityToken( | 161 int GetNextSecurityToken(const std::string& spn, |
161 const std::string& spn, | 162 const std::string& channing_bindings, |
162 const void* in_token, | 163 const void* in_token, |
163 int in_token_len, | 164 int in_token_len, |
164 void** out_token, | 165 void** out_token, |
165 int* out_token_len); | 166 int* out_token_len); |
166 | 167 |
167 void ResetSecurityContext(); | 168 void ResetSecurityContext(); |
168 | 169 |
169 SSPILibrary* library_; | 170 SSPILibrary* library_; |
170 std::string scheme_; | 171 std::string scheme_; |
171 const SEC_WCHAR* security_package_; | 172 const SEC_WCHAR* security_package_; |
172 std::string decoded_server_auth_token_; | 173 std::string decoded_server_auth_token_; |
173 ULONG max_token_length_; | 174 ULONG max_token_length_; |
174 CredHandle cred_; | 175 CredHandle cred_; |
175 CtxtHandle ctxt_; | 176 CtxtHandle ctxt_; |
(...skipping 24 matching lines...) Expand all Loading... |
200 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem | 201 // If the return value is ERR_UNEXPECTED, there was an unanticipated problem |
201 // in the underlying SSPI call. The details are logged, and |*max_token_length| | 202 // in the underlying SSPI call. The details are logged, and |*max_token_length| |
202 // is not changed. | 203 // is not changed. |
203 NET_EXPORT_PRIVATE int DetermineMaxTokenLength(SSPILibrary* library, | 204 NET_EXPORT_PRIVATE int DetermineMaxTokenLength(SSPILibrary* library, |
204 const std::wstring& package, | 205 const std::wstring& package, |
205 ULONG* max_token_length); | 206 ULONG* max_token_length); |
206 | 207 |
207 } // namespace net | 208 } // namespace net |
208 | 209 |
209 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ | 210 #endif // NET_HTTP_HTTP_AUTH_SSPI_WIN_H_ |
OLD | NEW |