| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_handler_negotiate.h" | 5 #include "net/http/http_auth_handler_negotiate.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| 11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
| 12 #include "base/strings/stringprintf.h" | 12 #include "base/strings/stringprintf.h" |
| 13 #include "base/values.h" | 13 #include "base/values.h" |
| 14 #include "net/base/address_family.h" | 14 #include "net/base/address_family.h" |
| 15 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
| 16 #include "net/cert/x509_util.h" | 16 #include "net/cert/x509_util.h" |
| 17 #include "net/dns/host_resolver.h" | 17 #include "net/dns/host_resolver.h" |
| 18 #include "net/dns/single_request_host_resolver.h" | |
| 19 #include "net/http/http_auth_filter.h" | 18 #include "net/http/http_auth_filter.h" |
| 20 #include "net/http/http_auth_preferences.h" | 19 #include "net/http/http_auth_preferences.h" |
| 21 #include "net/log/net_log.h" | 20 #include "net/log/net_log.h" |
| 22 #include "net/ssl/ssl_info.h" | 21 #include "net/ssl/ssl_info.h" |
| 23 | 22 |
| 24 namespace net { | 23 namespace net { |
| 25 | 24 |
| 26 namespace { | 25 namespace { |
| 27 | 26 |
| 28 std::unique_ptr<base::Value> NetLogParameterChannelBindings( | 27 std::unique_ptr<base::Value> NetLogParameterChannelBindings( |
| 29 const std::string& channel_binding_token, | 28 const std::string& channel_binding_token, |
| 30 NetLogCaptureMode capture_mode) { | 29 NetLogCaptureMode capture_mode) { |
| 31 std::unique_ptr<base::DictionaryValue> dict; | 30 std::unique_ptr<base::DictionaryValue> dict; |
| 32 if (!capture_mode.include_socket_bytes()) | 31 if (!capture_mode.include_socket_bytes()) |
| 33 return std::move(dict); | 32 return std::move(dict); |
| 34 | 33 |
| 35 dict.reset(new base::DictionaryValue()); | 34 dict.reset(new base::DictionaryValue()); |
| 36 dict->SetString("token", base::HexEncode(channel_binding_token.data(), | 35 dict->SetString("token", base::HexEncode(channel_binding_token.data(), |
| 37 channel_binding_token.size())); | 36 channel_binding_token.size())); |
| 38 return std::move(dict); | 37 return std::move(dict); |
| 39 } | 38 } |
| 40 | 39 |
| 41 } // namespace | 40 } // namespace |
| 42 | 41 |
| 43 HttpAuthHandlerNegotiate::Factory::Factory() | 42 HttpAuthHandlerNegotiate::Factory::Factory() |
| 44 : resolver_(NULL), | 43 : resolver_(nullptr), |
| 45 #if defined(OS_WIN) | 44 #if defined(OS_WIN) |
| 46 max_token_length_(0), | 45 max_token_length_(0), |
| 47 #endif | 46 #endif |
| 48 is_unsupported_(false) { | 47 is_unsupported_(false) { |
| 49 } | 48 } |
| 50 | 49 |
| 51 HttpAuthHandlerNegotiate::Factory::~Factory() { | 50 HttpAuthHandlerNegotiate::Factory::~Factory() { |
| 52 } | 51 } |
| 53 | 52 |
| 54 void HttpAuthHandlerNegotiate::Factory::set_host_resolver( | 53 void HttpAuthHandlerNegotiate::Factory::set_host_resolver( |
| (...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 317 } | 316 } |
| 318 | 317 |
| 319 int HttpAuthHandlerNegotiate::DoResolveCanonicalName() { | 318 int HttpAuthHandlerNegotiate::DoResolveCanonicalName() { |
| 320 next_state_ = STATE_RESOLVE_CANONICAL_NAME_COMPLETE; | 319 next_state_ = STATE_RESOLVE_CANONICAL_NAME_COMPLETE; |
| 321 if ((http_auth_preferences_ && | 320 if ((http_auth_preferences_ && |
| 322 http_auth_preferences_->NegotiateDisableCnameLookup()) || | 321 http_auth_preferences_->NegotiateDisableCnameLookup()) || |
| 323 !resolver_) | 322 !resolver_) |
| 324 return OK; | 323 return OK; |
| 325 | 324 |
| 326 // TODO(cbentzel): Add reverse DNS lookup for numeric addresses. | 325 // TODO(cbentzel): Add reverse DNS lookup for numeric addresses. |
| 327 DCHECK(!single_resolve_.get()); | |
| 328 HostResolver::RequestInfo info(HostPortPair(origin_.host(), 0)); | 326 HostResolver::RequestInfo info(HostPortPair(origin_.host(), 0)); |
| 329 info.set_host_resolver_flags(HOST_RESOLVER_CANONNAME); | 327 info.set_host_resolver_flags(HOST_RESOLVER_CANONNAME); |
| 330 single_resolve_.reset(new SingleRequestHostResolver(resolver_)); | 328 return resolver_->Resolve(info, DEFAULT_PRIORITY, &address_list_, |
| 331 return single_resolve_->Resolve( | 329 base::Bind(&HttpAuthHandlerNegotiate::OnIOComplete, |
| 332 info, | 330 base::Unretained(this)), |
| 333 DEFAULT_PRIORITY, | 331 &request_, net_log_); |
| 334 &address_list_, | |
| 335 base::Bind(&HttpAuthHandlerNegotiate::OnIOComplete, | |
| 336 base::Unretained(this)), | |
| 337 net_log_); | |
| 338 } | 332 } |
| 339 | 333 |
| 340 int HttpAuthHandlerNegotiate::DoResolveCanonicalNameComplete(int rv) { | 334 int HttpAuthHandlerNegotiate::DoResolveCanonicalNameComplete(int rv) { |
| 341 DCHECK_NE(ERR_IO_PENDING, rv); | 335 DCHECK_NE(ERR_IO_PENDING, rv); |
| 342 if (rv != OK) { | 336 if (rv != OK) { |
| 343 // Even in the error case, try to use origin_.host instead of | 337 // Even in the error case, try to use origin_.host instead of |
| 344 // passing the failure on to the caller. | 338 // passing the failure on to the caller. |
| 345 VLOG(1) << "Problem finding canonical name for SPN for host " | 339 VLOG(1) << "Problem finding canonical name for SPN for host " |
| 346 << origin_.host() << ": " << ErrorToString(rv); | 340 << origin_.host() << ": " << ErrorToString(rv); |
| 347 rv = OK; | 341 rv = OK; |
| (...skipping 23 matching lines...) Expand all Loading... |
| 371 bool HttpAuthHandlerNegotiate::CanDelegate() const { | 365 bool HttpAuthHandlerNegotiate::CanDelegate() const { |
| 372 // TODO(cbentzel): Should delegation be allowed on proxies? | 366 // TODO(cbentzel): Should delegation be allowed on proxies? |
| 373 if (target_ == HttpAuth::AUTH_PROXY) | 367 if (target_ == HttpAuth::AUTH_PROXY) |
| 374 return false; | 368 return false; |
| 375 if (!http_auth_preferences_) | 369 if (!http_auth_preferences_) |
| 376 return false; | 370 return false; |
| 377 return http_auth_preferences_->CanDelegate(origin_); | 371 return http_auth_preferences_->CanDelegate(origin_); |
| 378 } | 372 } |
| 379 | 373 |
| 380 } // namespace net | 374 } // namespace net |
| OLD | NEW |