Replace NTLMv1 implementation with a functionally equivalent one.

net/http/http_auth_handler_ntlm.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_auth_handler_ntlm.h"
 
 #if !defined(NTLM_SSPI)
 #include "base/base64.h"
 #endif
 #include "base/logging.h"
@@ skipping 31 matching lines @@
     const CompletionCallback& callback, std::string* auth_token) {
 #if defined(NTLM_SSPI)
   return auth_sspi_.GenerateAuthToken(credentials, CreateSPN(origin_),
                                       channel_bindings_, auth_token, callback);
 #else  // !defined(NTLM_SSPI)
   // TODO(cbentzel): Shouldn't be hitting this case.
   if (!credentials) {
     LOG(ERROR) << "Username and password are expected to be non-NULL.";
     return ERR_MISSING_AUTH_CREDENTIALS;
   }
-  // TODO(wtc): See if we can use char* instead of void* for in_buf and
-  // out_buf.  This change will need to propagate to GetNextToken,
-  // GenerateType1Msg, and GenerateType3Msg, and perhaps further.
-  const void* in_buf;
-  void* out_buf;
-  uint32_t in_buf_len, out_buf_len;
-  std::string decoded_auth_data;
 
   // The username may be in the form "DOMAIN\user".  Parse it into the two
   // components.
   base::string16 domain;
   base::string16 user;
   const base::string16& username = credentials->username();
   const base::char16 backslash_character = '\\';
   size_t backslash_idx = username.find(backslash_character);
   if (backslash_idx == base::string16::npos) {
     user = username;
   } else {
     domain = username.substr(0, backslash_idx);
     user = username.substr(backslash_idx + 1);
   }
   domain_ = domain;
   credentials_.Set(user, credentials->password());
 
-  // Initial challenge.
+  std::string decoded_auth_data;
   if (auth_data_.empty()) {
-    in_buf_len = 0;
-    in_buf = NULL;
+    // There is no |auth_data_| because the client sends the first message.
     int rv = InitializeBeforeFirstChallenge();
     if (rv != OK)
       return rv;
   } else {
+    // When |auth_data_| is present it contains the Challenge message.
     if (!base::Base64Decode(auth_data_, &decoded_auth_data)) {
       LOG(ERROR) << "Unexpected problem Base64 decoding.";
       return ERR_UNEXPECTED;
     }
-    in_buf_len = decoded_auth_data.length();
-    in_buf = decoded_auth_data.data();
   }
 
-  int rv = GetNextToken(in_buf, in_buf_len, &out_buf, &out_buf_len);
-  if (rv != OK)
-    return rv;
+  ntlm::Buffer next_token = GetNextToken(
+      ntlm::Buffer(reinterpret_cast<const uint8_t*>(decoded_auth_data.data()),
+                   decoded_auth_data.size()));
+  if (next_token.empty())
+    return ERR_UNEXPECTED;
 
   // Base64 encode data in output buffer and prepend "NTLM ".
-  std::string encode_input(static_cast<char*>(out_buf), out_buf_len);
   std::string encode_output;
-  base::Base64Encode(encode_input, &encode_output);
-  // OK, we are done with |out_buf|
-  free(out_buf);
+  base::Base64Encode(
+      base::StringPiece(reinterpret_cast<const char*>(next_token.data()),
+                        next_token.size()),
+      &encode_output);
+
   *auth_token = std::string("NTLM ") + encode_output;
   return OK;
 #endif
 }
 
 // The NTLM challenge header looks like:
 //   WWW-Authenticate: NTLM auth-data
 HttpAuth::AuthorizationResult HttpAuthHandlerNTLM::ParseChallenge(
     HttpAuthChallengeTokenizer* tok, bool initial_challenge) {
 #if defined(NTLM_SSPI)
@@ skipping 29 matching lines @@
 // static
 std::string HttpAuthHandlerNTLM::CreateSPN(const GURL& origin) {
   // The service principal name of the destination server.  See
   // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx
   std::string target("HTTP/");
   target.append(GetHostAndPort(origin));
   return target;
 }
 
 }  // namespace net