Use SSPI for NTLM authentication on Windows.

net/http/http_network_transaction.h

 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 #define NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 
 #include <string>
 
 #include "base/ref_counted.h"
@@ skipping 334 matching lines @@
   // use this boolean to disambiguate a |result| of 0 between a connection
   // closure (EOF) and reaching the end of the response body (no more data).
   //
   // TODO(wtc): this is similar to the |ignore_ok_result_| member of the
   // SSLClientSocketWin class.  We may want to add an internal error code, say
   // ERR_EOF, to indicate a connection closure, so that 0 simply means 0 bytes
   // or OK.  Note that we already have an ERR_CONNECTION_CLOSED error code,
   // but it isn't really being used.
   bool reading_body_from_socket_;
 
+  // True if we've used the username/password embedded in the URL.  This
+  // makes sure we use the embedded identity only once for the transaction,
+  // preventing an infinite auth restart loop.
+  bool embedded_identity_used_;
+
   SSLConfig ssl_config_;
 
   scoped_refptr<RequestHeaders> request_headers_;
   size_t request_headers_bytes_sent_;
   scoped_ptr<UploadDataStream> request_body_stream_;
 
   // The read buffer |header_buf_| may be larger than it is full.  The
   // 'capacity' indicates the allocation size of the buffer, and the 'len'
   // indicates how much data is in the buffer already.  The 'body offset'
   // indicates the offset of the start of the response body within the read
@@ skipping 41 matching lines @@
   // The time the Connect() method was called (if it got called).
   base::Time connect_start_time_;
 
   // The next state in the state machine.
   State next_state_;
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_NETWORK_TRANSACTION_H_