| Index: components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc
|
| diff --git a/components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc b/components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc
|
| index dc87a521adf9d5ce95572182b09cc5f3ff6a67dd..c6eb905ee10c24669d75ce923eb848f30a804f09 100644
|
| --- a/components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc
|
| +++ b/components/data_reduction_proxy/browser/data_reduction_proxy_settings.cc
|
| @@ -15,17 +15,14 @@
|
| #include "base/strings/string_util.h"
|
| #include "base/strings/stringprintf.h"
|
| #include "base/strings/utf_string_conversions.h"
|
| +#include "components/data_reduction_proxy/browser/data_reduction_proxy_auth_request_handler.h"
|
| #include "components/data_reduction_proxy/browser/data_reduction_proxy_configurator.h"
|
| #include "components/data_reduction_proxy/browser/data_reduction_proxy_params.h"
|
| #include "components/data_reduction_proxy/common/data_reduction_proxy_pref_names.h"
|
| #include "components/data_reduction_proxy/common/data_reduction_proxy_switches.h"
|
| -#include "crypto/random.h"
|
| -#include "net/base/auth.h"
|
| #include "net/base/host_port_pair.h"
|
| #include "net/base/load_flags.h"
|
| #include "net/base/net_errors.h"
|
| -#include "net/http/http_auth.h"
|
| -#include "net/http/http_auth_cache.h"
|
| #include "net/http/http_network_session.h"
|
| #include "net/http/http_response_headers.h"
|
| #include "net/url_request/url_fetcher.h"
|
| @@ -46,10 +43,6 @@ const char kUMAProxyStartupStateHistogram[] =
|
| // Key of the UMA DataReductionProxy.ProbeURL histogram.
|
| const char kUMAProxyProbeURL[] = "DataReductionProxy.ProbeURL";
|
|
|
| -// TODO(marq): Factor this string out into a constant here and in
|
| -// http_auth_handler_spdyproxy.
|
| -const char kAuthenticationRealmName[] = "SpdyProxy";
|
| -
|
| int64 GetInt64PrefValue(const base::ListValue& list_value, size_t index) {
|
| int64 val = 0;
|
| std::string pref_value;
|
| @@ -62,6 +55,12 @@ int64 GetInt64PrefValue(const base::ListValue& list_value, size_t index) {
|
| return val;
|
| }
|
|
|
| +bool IsEnabledOnCommandLine() {
|
| + const CommandLine& command_line = *CommandLine::ForCurrentProcess();
|
| + return command_line.HasSwitch(
|
| + data_reduction_proxy::switches::kEnableDataReductionProxy);
|
| +}
|
| +
|
| } // namespace
|
|
|
| namespace data_reduction_proxy {
|
| @@ -139,112 +138,8 @@ void DataReductionProxySettings::SetProxyConfigurator(
|
| configurator_ = configurator.Pass();
|
| }
|
|
|
| -// static
|
| -void DataReductionProxySettings::InitDataReductionProxySession(
|
| - net::HttpNetworkSession* session,
|
| - const DataReductionProxyParams* params) {
|
| -// This is a no-op unless the authentication parameters are compiled in.
|
| -// (even though values for them may be specified on the command line).
|
| -// Authentication will still work if the command line parameters are used,
|
| -// however there will be a round-trip overhead for each challenge/response
|
| -// (typically once per session).
|
| -// TODO(bengr):Pass a configuration struct into DataReductionProxyConfigurator's
|
| -// constructor. The struct would carry everything in the preprocessor flags.
|
| - DCHECK(session);
|
| - net::HttpAuthCache* auth_cache = session->http_auth_cache();
|
| - DCHECK(auth_cache);
|
| - InitDataReductionAuthentication(auth_cache, params);
|
| -}
|
| -
|
| -// static
|
| -void DataReductionProxySettings::InitDataReductionAuthentication(
|
| - net::HttpAuthCache* auth_cache,
|
| - const DataReductionProxyParams* params) {
|
| - DCHECK(auth_cache);
|
| - DCHECK(params);
|
| - int64 timestamp =
|
| - (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds() / 1000;
|
| -
|
| - DataReductionProxyParams::DataReductionProxyList proxies =
|
| - params->GetAllowedProxies();
|
| - for (DataReductionProxyParams::DataReductionProxyList::iterator it =
|
| - proxies.begin();
|
| - it != proxies.end(); ++it) {
|
| - GURL auth_origin = (*it).GetOrigin();
|
| -
|
| - int32 rand[3];
|
| - crypto::RandBytes(rand, 3 * sizeof(rand[0]));
|
| -
|
| - std::string realm =
|
| - base::StringPrintf("%s%lld", kAuthenticationRealmName,
|
| - static_cast<long long>(timestamp));
|
| - std::string challenge = base::StringPrintf(
|
| - "%s realm=\"%s\", ps=\"%lld-%u-%u-%u\"",
|
| - kAuthenticationRealmName,
|
| - realm.data(),
|
| - static_cast<long long>(timestamp),
|
| - rand[0],
|
| - rand[1],
|
| - rand[2]);
|
| - base::string16 password = AuthHashForSalt(timestamp, params->key());
|
| -
|
| - DVLOG(1) << "origin: [" << auth_origin << "] realm: [" << realm
|
| - << "] challenge: [" << challenge << "] password: [" << password << "]";
|
| -
|
| - net::AuthCredentials credentials(base::string16(), password);
|
| - // |HttpAuthController| searches this cache by origin and path, the latter
|
| - // being '/' in the case of the data reduction proxy.
|
| - auth_cache->Add(auth_origin,
|
| - realm,
|
| - net::HttpAuth::AUTH_SCHEME_SPDYPROXY,
|
| - challenge,
|
| - credentials,
|
| - std::string("/"));
|
| - }
|
| -}
|
| -
|
| -bool DataReductionProxySettings::IsAcceptableAuthChallenge(
|
| - net::AuthChallengeInfo* auth_info) {
|
| - // Challenge realm must start with the authentication realm name.
|
| - std::string realm_prefix =
|
| - auth_info->realm.substr(0, strlen(kAuthenticationRealmName));
|
| - if (realm_prefix != kAuthenticationRealmName)
|
| - return false;
|
| -
|
| - // The challenger must be one of the configured proxies.
|
| - DataReductionProxyParams::DataReductionProxyList proxies =
|
| - params_->GetAllowedProxies();
|
| - for (DataReductionProxyParams::DataReductionProxyList::iterator it =
|
| - proxies.begin();
|
| - it != proxies.end(); ++it) {
|
| - net::HostPortPair origin_host = net::HostPortPair::FromURL(*it);
|
| - if (origin_host.Equals(auth_info->challenger))
|
| - return true;
|
| - }
|
| - return false;
|
| -}
|
| -
|
| -base::string16 DataReductionProxySettings::GetTokenForAuthChallenge(
|
| - net::AuthChallengeInfo* auth_info) {
|
| - if (auth_info->realm.length() > strlen(kAuthenticationRealmName)) {
|
| - int64 salt;
|
| - std::string realm_suffix =
|
| - auth_info->realm.substr(strlen(kAuthenticationRealmName));
|
| - if (base::StringToInt64(realm_suffix, &salt)) {
|
| - return AuthHashForSalt(salt, params_->key());
|
| - } else {
|
| - DVLOG(1) << "Unable to parse realm name " << auth_info->realm
|
| - << "into an int for salting.";
|
| - return base::string16();
|
| - }
|
| - } else {
|
| - return base::string16();
|
| - }
|
| -}
|
| -
|
| bool DataReductionProxySettings::IsDataReductionProxyEnabled() {
|
| - return spdy_proxy_auth_enabled_.GetValue() ||
|
| - DataReductionProxyParams::IsKeySetOnCommandLine();
|
| + return spdy_proxy_auth_enabled_.GetValue() || IsEnabledOnCommandLine();
|
| }
|
|
|
| bool
|
|
|
Chromium Code Reviews
Issue 333113002:
Move data reduction proxy to Chrome-Proxy header for authentication (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@flywheel-refactor-net-fake-a-redirect-response-headers-chrome-proxy-auth