| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
| 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/gtest_prod_util.h" | 10 #include "base/gtest_prod_util.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 class NET_EXPORT_PRIVATE GSSAPILibrary { | 34 class NET_EXPORT_PRIVATE GSSAPILibrary { |
| 35 public: | 35 public: |
| 36 virtual ~GSSAPILibrary() {} | 36 virtual ~GSSAPILibrary() {} |
| 37 | 37 |
| 38 // Initializes the library, including any necessary dynamic libraries. | 38 // Initializes the library, including any necessary dynamic libraries. |
| 39 // This is done separately from construction (which happens at startup time) | 39 // This is done separately from construction (which happens at startup time) |
| 40 // in order to delay work until the class is actually needed. | 40 // in order to delay work until the class is actually needed. |
| 41 virtual bool Init() = 0; | 41 virtual bool Init() = 0; |
| 42 | 42 |
| 43 // These methods match the ones in the GSSAPI library. | 43 // These methods match the ones in the GSSAPI library. |
| 44 virtual OM_uint32 import_name( | 44 virtual OM_uint32 import_name(OM_uint32* minor_status, |
| 45 OM_uint32* minor_status, | 45 const gss_buffer_t input_name_buffer, |
| 46 const gss_buffer_t input_name_buffer, | 46 const gss_OID input_name_type, |
| 47 const gss_OID input_name_type, | 47 gss_name_t* output_name) = 0; |
| 48 gss_name_t* output_name) = 0; | 48 virtual OM_uint32 release_name(OM_uint32* minor_status, |
| 49 virtual OM_uint32 release_name( | 49 gss_name_t* input_name) = 0; |
| 50 OM_uint32* minor_status, | 50 virtual OM_uint32 release_buffer(OM_uint32* minor_status, |
| 51 gss_name_t* input_name) = 0; | 51 gss_buffer_t buffer) = 0; |
| 52 virtual OM_uint32 release_buffer( | 52 virtual OM_uint32 display_name(OM_uint32* minor_status, |
| 53 OM_uint32* minor_status, | 53 const gss_name_t input_name, |
| 54 gss_buffer_t buffer) = 0; | 54 gss_buffer_t output_name_buffer, |
| 55 virtual OM_uint32 display_name( | 55 gss_OID* output_name_type) = 0; |
| 56 OM_uint32* minor_status, | 56 virtual OM_uint32 display_status(OM_uint32* minor_status, |
| 57 const gss_name_t input_name, | 57 OM_uint32 status_value, |
| 58 gss_buffer_t output_name_buffer, | 58 int status_type, |
| 59 gss_OID* output_name_type) = 0; | 59 const gss_OID mech_type, |
| 60 virtual OM_uint32 display_status( | 60 OM_uint32* message_contex, |
| 61 OM_uint32* minor_status, | 61 gss_buffer_t status_string) = 0; |
| 62 OM_uint32 status_value, | |
| 63 int status_type, | |
| 64 const gss_OID mech_type, | |
| 65 OM_uint32* message_contex, | |
| 66 gss_buffer_t status_string) = 0; | |
| 67 virtual OM_uint32 init_sec_context( | 62 virtual OM_uint32 init_sec_context( |
| 68 OM_uint32* minor_status, | 63 OM_uint32* minor_status, |
| 69 const gss_cred_id_t initiator_cred_handle, | 64 const gss_cred_id_t initiator_cred_handle, |
| 70 gss_ctx_id_t* context_handle, | 65 gss_ctx_id_t* context_handle, |
| 71 const gss_name_t target_name, | 66 const gss_name_t target_name, |
| 72 const gss_OID mech_type, | 67 const gss_OID mech_type, |
| 73 OM_uint32 req_flags, | 68 OM_uint32 req_flags, |
| 74 OM_uint32 time_req, | 69 OM_uint32 time_req, |
| 75 const gss_channel_bindings_t input_chan_bindings, | 70 const gss_channel_bindings_t input_chan_bindings, |
| 76 const gss_buffer_t input_token, | 71 const gss_buffer_t input_token, |
| 77 gss_OID* actual_mech_type, | 72 gss_OID* actual_mech_type, |
| 78 gss_buffer_t output_token, | 73 gss_buffer_t output_token, |
| 79 OM_uint32* ret_flags, | 74 OM_uint32* ret_flags, |
| 80 OM_uint32* time_rec) = 0; | 75 OM_uint32* time_rec) = 0; |
| 81 virtual OM_uint32 wrap_size_limit( | 76 virtual OM_uint32 wrap_size_limit(OM_uint32* minor_status, |
| 82 OM_uint32* minor_status, | 77 const gss_ctx_id_t context_handle, |
| 83 const gss_ctx_id_t context_handle, | 78 int conf_req_flag, |
| 84 int conf_req_flag, | 79 gss_qop_t qop_req, |
| 85 gss_qop_t qop_req, | 80 OM_uint32 req_output_size, |
| 86 OM_uint32 req_output_size, | 81 OM_uint32* max_input_size) = 0; |
| 87 OM_uint32* max_input_size) = 0; | 82 virtual OM_uint32 delete_sec_context(OM_uint32* minor_status, |
| 88 virtual OM_uint32 delete_sec_context( | 83 gss_ctx_id_t* context_handle, |
| 89 OM_uint32* minor_status, | 84 gss_buffer_t output_token) = 0; |
| 90 gss_ctx_id_t* context_handle, | 85 virtual OM_uint32 inquire_context(OM_uint32* minor_status, |
| 91 gss_buffer_t output_token) = 0; | 86 const gss_ctx_id_t context_handle, |
| 92 virtual OM_uint32 inquire_context( | 87 gss_name_t* src_name, |
| 93 OM_uint32* minor_status, | 88 gss_name_t* targ_name, |
| 94 const gss_ctx_id_t context_handle, | 89 OM_uint32* lifetime_rec, |
| 95 gss_name_t* src_name, | 90 gss_OID* mech_type, |
| 96 gss_name_t* targ_name, | 91 OM_uint32* ctx_flags, |
| 97 OM_uint32* lifetime_rec, | 92 int* locally_initiated, |
| 98 gss_OID* mech_type, | 93 int* open) = 0; |
| 99 OM_uint32* ctx_flags, | |
| 100 int* locally_initiated, | |
| 101 int* open) = 0; | |
| 102 | |
| 103 }; | 94 }; |
| 104 | 95 |
| 105 // GSSAPISharedLibrary class is defined here so that unit tests can access it. | 96 // GSSAPISharedLibrary class is defined here so that unit tests can access it. |
| 106 class NET_EXPORT_PRIVATE GSSAPISharedLibrary : public GSSAPILibrary { | 97 class NET_EXPORT_PRIVATE GSSAPISharedLibrary : public GSSAPILibrary { |
| 107 public: | 98 public: |
| 108 // If |gssapi_library_name| is empty, hard-coded default library names are | 99 // If |gssapi_library_name| is empty, hard-coded default library names are |
| 109 // used. | 100 // used. |
| 110 explicit GSSAPISharedLibrary(const std::string& gssapi_library_name); | 101 explicit GSSAPISharedLibrary(const std::string& gssapi_library_name); |
| 111 virtual ~GSSAPISharedLibrary(); | 102 virtual ~GSSAPISharedLibrary(); |
| 112 | 103 |
| 113 // GSSAPILibrary methods: | 104 // GSSAPILibrary methods: |
| 114 virtual bool Init() OVERRIDE; | 105 virtual bool Init() OVERRIDE; |
| 115 virtual OM_uint32 import_name( | 106 virtual OM_uint32 import_name(OM_uint32* minor_status, |
| 116 OM_uint32* minor_status, | 107 const gss_buffer_t input_name_buffer, |
| 117 const gss_buffer_t input_name_buffer, | 108 const gss_OID input_name_type, |
| 118 const gss_OID input_name_type, | 109 gss_name_t* output_name) OVERRIDE; |
| 119 gss_name_t* output_name) OVERRIDE; | 110 virtual OM_uint32 release_name(OM_uint32* minor_status, |
| 120 virtual OM_uint32 release_name( | 111 gss_name_t* input_name) OVERRIDE; |
| 121 OM_uint32* minor_status, | 112 virtual OM_uint32 release_buffer(OM_uint32* minor_status, |
| 122 gss_name_t* input_name) OVERRIDE; | 113 gss_buffer_t buffer) OVERRIDE; |
| 123 virtual OM_uint32 release_buffer( | 114 virtual OM_uint32 display_name(OM_uint32* minor_status, |
| 124 OM_uint32* minor_status, | 115 const gss_name_t input_name, |
| 125 gss_buffer_t buffer) OVERRIDE; | 116 gss_buffer_t output_name_buffer, |
| 126 virtual OM_uint32 display_name( | 117 gss_OID* output_name_type) OVERRIDE; |
| 127 OM_uint32* minor_status, | 118 virtual OM_uint32 display_status(OM_uint32* minor_status, |
| 128 const gss_name_t input_name, | 119 OM_uint32 status_value, |
| 129 gss_buffer_t output_name_buffer, | 120 int status_type, |
| 130 gss_OID* output_name_type) OVERRIDE; | 121 const gss_OID mech_type, |
| 131 virtual OM_uint32 display_status( | 122 OM_uint32* message_contex, |
| 132 OM_uint32* minor_status, | 123 gss_buffer_t status_string) OVERRIDE; |
| 133 OM_uint32 status_value, | |
| 134 int status_type, | |
| 135 const gss_OID mech_type, | |
| 136 OM_uint32* message_contex, | |
| 137 gss_buffer_t status_string) OVERRIDE; | |
| 138 virtual OM_uint32 init_sec_context( | 124 virtual OM_uint32 init_sec_context( |
| 139 OM_uint32* minor_status, | 125 OM_uint32* minor_status, |
| 140 const gss_cred_id_t initiator_cred_handle, | 126 const gss_cred_id_t initiator_cred_handle, |
| 141 gss_ctx_id_t* context_handle, | 127 gss_ctx_id_t* context_handle, |
| 142 const gss_name_t target_name, | 128 const gss_name_t target_name, |
| 143 const gss_OID mech_type, | 129 const gss_OID mech_type, |
| 144 OM_uint32 req_flags, | 130 OM_uint32 req_flags, |
| 145 OM_uint32 time_req, | 131 OM_uint32 time_req, |
| 146 const gss_channel_bindings_t input_chan_bindings, | 132 const gss_channel_bindings_t input_chan_bindings, |
| 147 const gss_buffer_t input_token, | 133 const gss_buffer_t input_token, |
| 148 gss_OID* actual_mech_type, | 134 gss_OID* actual_mech_type, |
| 149 gss_buffer_t output_token, | 135 gss_buffer_t output_token, |
| 150 OM_uint32* ret_flags, | 136 OM_uint32* ret_flags, |
| 151 OM_uint32* time_rec) OVERRIDE; | 137 OM_uint32* time_rec) OVERRIDE; |
| 152 virtual OM_uint32 wrap_size_limit( | 138 virtual OM_uint32 wrap_size_limit(OM_uint32* minor_status, |
| 153 OM_uint32* minor_status, | 139 const gss_ctx_id_t context_handle, |
| 154 const gss_ctx_id_t context_handle, | 140 int conf_req_flag, |
| 155 int conf_req_flag, | 141 gss_qop_t qop_req, |
| 156 gss_qop_t qop_req, | 142 OM_uint32 req_output_size, |
| 157 OM_uint32 req_output_size, | 143 OM_uint32* max_input_size) OVERRIDE; |
| 158 OM_uint32* max_input_size) OVERRIDE; | 144 virtual OM_uint32 delete_sec_context(OM_uint32* minor_status, |
| 159 virtual OM_uint32 delete_sec_context( | 145 gss_ctx_id_t* context_handle, |
| 160 OM_uint32* minor_status, | 146 gss_buffer_t output_token) OVERRIDE; |
| 161 gss_ctx_id_t* context_handle, | 147 virtual OM_uint32 inquire_context(OM_uint32* minor_status, |
| 162 gss_buffer_t output_token) OVERRIDE; | 148 const gss_ctx_id_t context_handle, |
| 163 virtual OM_uint32 inquire_context( | 149 gss_name_t* src_name, |
| 164 OM_uint32* minor_status, | 150 gss_name_t* targ_name, |
| 165 const gss_ctx_id_t context_handle, | 151 OM_uint32* lifetime_rec, |
| 166 gss_name_t* src_name, | 152 gss_OID* mech_type, |
| 167 gss_name_t* targ_name, | 153 OM_uint32* ctx_flags, |
| 168 OM_uint32* lifetime_rec, | 154 int* locally_initiated, |
| 169 gss_OID* mech_type, | 155 int* open) OVERRIDE; |
| 170 OM_uint32* ctx_flags, | |
| 171 int* locally_initiated, | |
| 172 int* open) OVERRIDE; | |
| 173 | 156 |
| 174 private: | 157 private: |
| 175 typedef typeof(&gss_import_name) gss_import_name_type; | 158 typedef typeof(&gss_import_name) gss_import_name_type; |
| 176 typedef typeof(&gss_release_name) gss_release_name_type; | 159 typedef typeof(&gss_release_name) gss_release_name_type; |
| 177 typedef typeof(&gss_release_buffer) gss_release_buffer_type; | 160 typedef typeof(&gss_release_buffer) gss_release_buffer_type; |
| 178 typedef typeof(&gss_display_name) gss_display_name_type; | 161 typedef typeof(&gss_display_name) gss_display_name_type; |
| 179 typedef typeof(&gss_display_status) gss_display_status_type; | 162 typedef typeof(&gss_display_status) gss_display_status_type; |
| 180 typedef typeof(&gss_init_sec_context) gss_init_sec_context_type; | 163 typedef typeof(&gss_init_sec_context) gss_init_sec_context_type; |
| 181 typedef typeof(&gss_wrap_size_limit) gss_wrap_size_limit_type; | 164 typedef typeof(&gss_wrap_size_limit) gss_wrap_size_limit_type; |
| 182 typedef typeof(&gss_delete_sec_context) gss_delete_sec_context_type; | 165 typedef typeof(&gss_delete_sec_context) gss_delete_sec_context_type; |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 219 gss_ctx_id_t get() const { return security_context_; } | 202 gss_ctx_id_t get() const { return security_context_; } |
| 220 gss_ctx_id_t* receive() { return &security_context_; } | 203 gss_ctx_id_t* receive() { return &security_context_; } |
| 221 | 204 |
| 222 private: | 205 private: |
| 223 gss_ctx_id_t security_context_; | 206 gss_ctx_id_t security_context_; |
| 224 GSSAPILibrary* gssapi_lib_; | 207 GSSAPILibrary* gssapi_lib_; |
| 225 | 208 |
| 226 DISALLOW_COPY_AND_ASSIGN(ScopedSecurityContext); | 209 DISALLOW_COPY_AND_ASSIGN(ScopedSecurityContext); |
| 227 }; | 210 }; |
| 228 | 211 |
| 229 | |
| 230 // TODO(ahendrickson): Share code with HttpAuthSSPI. | 212 // TODO(ahendrickson): Share code with HttpAuthSSPI. |
| 231 class NET_EXPORT_PRIVATE HttpAuthGSSAPI { | 213 class NET_EXPORT_PRIVATE HttpAuthGSSAPI { |
| 232 public: | 214 public: |
| 233 HttpAuthGSSAPI(GSSAPILibrary* library, | 215 HttpAuthGSSAPI(GSSAPILibrary* library, |
| 234 const std::string& scheme, | 216 const std::string& scheme, |
| 235 const gss_OID gss_oid); | 217 const gss_OID gss_oid); |
| 236 ~HttpAuthGSSAPI(); | 218 ~HttpAuthGSSAPI(); |
| 237 | 219 |
| 238 bool Init(); | 220 bool Init(); |
| 239 | 221 |
| 240 bool NeedsIdentity() const; | 222 bool NeedsIdentity() const; |
| 241 | 223 |
| 242 bool AllowsExplicitCredentials() const; | 224 bool AllowsExplicitCredentials() const; |
| 243 | 225 |
| 244 HttpAuth::AuthorizationResult ParseChallenge( | 226 HttpAuth::AuthorizationResult ParseChallenge(HttpAuthChallengeTokenizer* tok); |
| 245 HttpAuthChallengeTokenizer* tok); | |
| 246 | 227 |
| 247 // Generates an authentication token. | 228 // Generates an authentication token. |
| 248 // The return value is an error code. If it's not |OK|, the value of | 229 // The return value is an error code. If it's not |OK|, the value of |
| 249 // |*auth_token| is unspecified. | 230 // |*auth_token| is unspecified. |
| 250 // |spn| is the Service Principal Name of the server that the token is | 231 // |spn| is the Service Principal Name of the server that the token is |
| 251 // being generated for. | 232 // being generated for. |
| 252 // If this is the first round of a multiple round scheme, credentials are | 233 // If this is the first round of a multiple round scheme, credentials are |
| 253 // obtained using |*credentials|. If |credentials| is NULL, the default | 234 // obtained using |*credentials|. If |credentials| is NULL, the default |
| 254 // credentials are used instead. | 235 // credentials are used instead. |
| 255 int GenerateAuthToken(const AuthCredentials* credentials, | 236 int GenerateAuthToken(const AuthCredentials* credentials, |
| (...skipping 14 matching lines...) Expand all Loading... |
| 270 gss_OID gss_oid_; | 251 gss_OID gss_oid_; |
| 271 GSSAPILibrary* library_; | 252 GSSAPILibrary* library_; |
| 272 std::string decoded_server_auth_token_; | 253 std::string decoded_server_auth_token_; |
| 273 ScopedSecurityContext scoped_sec_context_; | 254 ScopedSecurityContext scoped_sec_context_; |
| 274 bool can_delegate_; | 255 bool can_delegate_; |
| 275 }; | 256 }; |
| 276 | 257 |
| 277 } // namespace net | 258 } // namespace net |
| 278 | 259 |
| 279 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ | 260 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
