diff options
| author | danno@chromium.org <danno@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-11-12 12:47:05 +0000 |
|---|---|---|
| committer | danno@chromium.org <danno@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-11-12 12:47:05 +0000 |
| commit | ac7f3fdb4987d7f44c1612d55437cfcb3eb263f6 (patch) | |
| tree | c017e812bb298f7f2c7341372ab62021df3c8a29 /chrome | |
| parent | bb33eb1e2468eacb996e19493a36c3f6e4625b12 (diff) | |
| download | chromium_src-ac7f3fdb4987d7f44c1612d55437cfcb3eb263f6.zip chromium_src-ac7f3fdb4987d7f44c1612d55437cfcb3eb263f6.tar.gz chromium_src-ac7f3fdb4987d7f44c1612d55437cfcb3eb263f6.tar.bz2 | |
Support specifying the GSSAPI library that will be used.
This preference can be set either via command-line or via group policy.
BUG=53625
TEST=unittests: ConfigurationPolicyPrefStore*; net_unittests: HttpAuthHandlerNegotiateTest.*:HttpAuthGSSAPIPOSIXTest.*; manually: start Chrome with command-line switch --gssapi-library-name=XYZ and see if this results in the Chrome process loading /usr/lib/whatever/XYZ as soon as an authenticated HTTP site is encountered.
Review URL: http://codereview.chromium.org/4560001
Patch from Jakob Kummerow <jkummerow@google.com>.
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65939 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/app/policy/policy_templates.grd | 6 | ||||
| -rw-r--r-- | chrome/app/policy/policy_templates.json | 10 | ||||
| -rw-r--r-- | chrome/browser/io_thread.cc | 3 | ||||
| -rw-r--r-- | chrome/browser/io_thread.h | 1 | ||||
| -rw-r--r-- | chrome/browser/policy/configuration_policy_pref_store.cc | 5 | ||||
| -rw-r--r-- | chrome/browser/policy/configuration_policy_pref_store_unittest.cc | 4 | ||||
| -rw-r--r-- | chrome/browser/policy/configuration_policy_store_interface.h | 2 | ||||
| -rw-r--r-- | chrome/browser/prefs/command_line_pref_store.cc | 1 | ||||
| -rw-r--r-- | chrome/common/chrome_switches.cc | 3 | ||||
| -rw-r--r-- | chrome/common/chrome_switches.h | 1 | ||||
| -rw-r--r-- | chrome/common/policy_constants.cc | 1 | ||||
| -rw-r--r-- | chrome/common/policy_constants.h | 1 | ||||
| -rw-r--r-- | chrome/common/pref_names.cc | 2 | ||||
| -rw-r--r-- | chrome/common/pref_names.h | 1 |
14 files changed, 39 insertions, 2 deletions
diff --git a/chrome/app/policy/policy_templates.grd b/chrome/app/policy/policy_templates.grd index 2448267..08cd727 100644 --- a/chrome/app/policy/policy_templates.grd +++ b/chrome/app/policy/policy_templates.grd @@ -401,6 +401,12 @@ templates and will be translated for each locale. --> <message name="IDS_POLICY_AUTHNEGOTIATEDELEGATEWHITELIST_DESC" desc="Description of the 'auth negotiate delegate whitelist' policy."> Servers that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> may delegate to. </message> + <message name="IDS_POLICY_GSSAPILIBRARYNAME_CAPTION" desc="Caption of the 'GSSAPI library name' policy"> + GSSAPI library name + </message> + <message name="IDS_POLICY_GSSAPILIBRARYNAME_DESC" desc="Description of the 'GSSAPI library name' policy"> + Specifies which GSSAPI library to use for HTTP Authentication. You can set either just a library name, or a full path. If no setting is provided, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will fall back to using a default library name. + </message> <!-- End HTTP Authentication Policy messages --> <message name="IDS_POLICY_METRICSREPORTINGENABLED_CAPTION" desc="Caption of the 'crash reporting' policy."> diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json index fa31823..7d06fbd 100644 --- a/chrome/app/policy/policy_templates.json +++ b/chrome/app/policy/policy_templates.json @@ -358,6 +358,16 @@ 'example_value': 'foobar.example.com', } }, + { + 'name': 'GSSAPILibraryName', + 'type': 'string', + 'annotations': { + 'platforms': ['linux', 'mac'], + 'products': ['chrome'], + 'features': {'dynamic_refresh': 0}, + 'example_value': 'libgssapi_krb5.so.2', + } + }, ] }, { diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc index 9b7f718..65be41e 100644 --- a/chrome/browser/io_thread.cc +++ b/chrome/browser/io_thread.cc @@ -229,6 +229,7 @@ IOThread::IOThread(PrefService* local_state) auth_server_whitelist_ = local_state->GetString(prefs::kAuthServerWhitelist); auth_delegate_whitelist_ = local_state->GetString( prefs::kAuthNegotiateDelegateWhitelist); + gssapi_library_name_ = local_state->GetString(prefs::kGSSAPILibraryName); } IOThread::~IOThread() { @@ -428,6 +429,7 @@ void IOThread::RegisterPrefs(PrefService* local_state) { local_state->RegisterBooleanPref(prefs::kEnableAuthNegotiatePort, false); local_state->RegisterStringPref(prefs::kAuthServerWhitelist, ""); local_state->RegisterStringPref(prefs::kAuthNegotiateDelegateWhitelist, ""); + local_state->RegisterStringPref(prefs::kGSSAPILibraryName, ""); } net::HttpAuthHandlerFactory* IOThread::CreateDefaultAuthHandlerFactory( @@ -447,6 +449,7 @@ net::HttpAuthHandlerFactory* IOThread::CreateDefaultAuthHandlerFactory( supported_schemes, globals_->url_security_manager.get(), resolver, + gssapi_library_name_, negotiate_disable_cname_lookup_, negotiate_enable_port_); } diff --git a/chrome/browser/io_thread.h b/chrome/browser/io_thread.h index 4bc63cda..d7ba9db 100644 --- a/chrome/browser/io_thread.h +++ b/chrome/browser/io_thread.h @@ -144,6 +144,7 @@ class IOThread : public BrowserProcessSubThread { bool negotiate_enable_port_; std::string auth_server_whitelist_; std::string auth_delegate_whitelist_; + std::string gssapi_library_name_; // These member variables are initialized by a task posted to the IO thread, // which gets posted by calling certain member functions of IOThread. diff --git a/chrome/browser/policy/configuration_policy_pref_store.cc b/chrome/browser/policy/configuration_policy_pref_store.cc index 3d73182..e83887f 100644 --- a/chrome/browser/policy/configuration_policy_pref_store.cc +++ b/chrome/browser/policy/configuration_policy_pref_store.cc @@ -165,6 +165,8 @@ const ConfigurationPolicyPrefStore::PolicyToPreferenceMapEntry prefs::kAuthServerWhitelist }, { Value::TYPE_STRING, kPolicyAuthNegotiateDelegateWhitelist, prefs::kAuthNegotiateDelegateWhitelist }, + { Value::TYPE_STRING, kPolicyGSSAPILibraryName, + prefs::kGSSAPILibraryName }, #if defined(OS_CHROMEOS) { Value::TYPE_BOOLEAN, kPolicyChromeOsLockOnIdleSuspend, @@ -269,6 +271,9 @@ ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList() { key::kAuthServerWhitelist }, { kPolicyAuthNegotiateDelegateWhitelist, Value::TYPE_STRING, key::kAuthNegotiateDelegateWhitelist }, + { kPolicyGSSAPILibraryName, Value::TYPE_STRING, + key::kGSSAPILibraryName }, + #if defined(OS_CHROMEOS) { kPolicyChromeOsLockOnIdleSuspend, Value::TYPE_BOOLEAN, diff --git a/chrome/browser/policy/configuration_policy_pref_store_unittest.cc b/chrome/browser/policy/configuration_policy_pref_store_unittest.cc index 1940b73..2595f83 100644 --- a/chrome/browser/policy/configuration_policy_pref_store_unittest.cc +++ b/chrome/browser/policy/configuration_policy_pref_store_unittest.cc @@ -114,7 +114,9 @@ INSTANTIATE_TEST_CASE_P( TypeAndName(kPolicyAuthServerWhitelist, prefs::kAuthServerWhitelist), TypeAndName(kPolicyAuthNegotiateDelegateWhitelist, - prefs::kAuthNegotiateDelegateWhitelist))); + prefs::kAuthNegotiateDelegateWhitelist), + TypeAndName(kPolicyGSSAPILibraryName, + prefs::kGSSAPILibraryName))); // Test cases for boolean-valued policy settings. class ConfigurationPolicyPrefStoreBooleanTest diff --git a/chrome/browser/policy/configuration_policy_store_interface.h b/chrome/browser/policy/configuration_policy_store_interface.h index cd28771..646430b 100644 --- a/chrome/browser/policy/configuration_policy_store_interface.h +++ b/chrome/browser/policy/configuration_policy_store_interface.h @@ -58,7 +58,7 @@ enum ConfigurationPolicyType { kPolicyEnableAuthNegotiatePort, kPolicyAuthServerWhitelist, kPolicyAuthNegotiateDelegateWhitelist, - + kPolicyGSSAPILibraryName, }; static const int kPolicyNoProxyServerMode = 0; diff --git a/chrome/browser/prefs/command_line_pref_store.cc b/chrome/browser/prefs/command_line_pref_store.cc index f5c146d..2bebe5b 100644 --- a/chrome/browser/prefs/command_line_pref_store.cc +++ b/chrome/browser/prefs/command_line_pref_store.cc @@ -20,6 +20,7 @@ const CommandLinePrefStore::StringSwitchToPreferenceMapEntry { switches::kAuthServerWhitelist, prefs::kAuthServerWhitelist }, { switches::kAuthNegotiateDelegateWhitelist, prefs::kAuthNegotiateDelegateWhitelist }, + { switches::kGSSAPILibraryName, prefs::kGSSAPILibraryName }, }; const CommandLinePrefStore::BooleanSwitchToPreferenceMapEntry diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 91d82105..592bcd9 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -639,6 +639,9 @@ const char kGpuProcess[] = "gpu-process"; // Causes the GPU process to display a dialog on launch. const char kGpuStartupDialog[] = "gpu-startup-dialog"; +// Specifies a custom name for the GSSAPI library to load. +const char kGSSAPILibraryName[] = "gssapi-library-name"; + // These flags show the man page on Linux. They are equivalent to each // other. const char kHelp[] = "help"; diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 34a1986..16e1223 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -188,6 +188,7 @@ extern const char kForceRendererAccessibility[]; extern const char kGpuLauncher[]; extern const char kGpuProcess[]; extern const char kGpuStartupDialog[]; +extern const char kGSSAPILibraryName[]; extern const char kHelp[]; extern const char kHelpShort[]; extern const char kHideIcons[]; diff --git a/chrome/common/policy_constants.cc b/chrome/common/policy_constants.cc index 5eb5998..31b61b2 100644 --- a/chrome/common/policy_constants.cc +++ b/chrome/common/policy_constants.cc @@ -63,6 +63,7 @@ const char kDisableAuthNegotiateCnameLookup[] = const char kEnableAuthNegotiatePort[] = "EnableAuthNegotiatePort"; const char kAuthServerWhitelist[] = "AuthServerWhitelist"; const char kAuthNegotiateDelegateWhitelist[] = "AuthNegotiateDelegateWhitelist"; +const char kGSSAPILibraryName[] = "GSSAPILibraryName"; // Chrome Frame specific policy constants const char kChromeFrameRendererSettings[] = "ChromeFrameRendererSettings"; diff --git a/chrome/common/policy_constants.h b/chrome/common/policy_constants.h index e0244e0..be82cbd 100644 --- a/chrome/common/policy_constants.h +++ b/chrome/common/policy_constants.h @@ -59,6 +59,7 @@ extern const char kDisableAuthNegotiateCnameLookup[]; extern const char kEnableAuthNegotiatePort[]; extern const char kAuthServerWhitelist[]; extern const char kAuthNegotiateDelegateWhitelist[]; +extern const char kGSSAPILibraryName[]; // Chrome Frame specific policy constants extern const char kChromeFrameRendererSettings[]; diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc index d809dfd..575b311 100644 --- a/chrome/common/pref_names.cc +++ b/chrome/common/pref_names.cc @@ -1041,6 +1041,8 @@ const char kAuthServerWhitelist[] = "auth.server_whitelist"; // with. const char kAuthNegotiateDelegateWhitelist[] = "auth.negotiate_delegate_whitelist"; +// String that specifies the name of a custom GSSAPI library to load. +const char kGSSAPILibraryName[] = "auth.gssapi_library_name"; #if defined(OS_CHROMEOS) // Dictionary for transient storage of settings that should go into signed diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h index 6200467..190178d 100644 --- a/chrome/common/pref_names.h +++ b/chrome/common/pref_names.h @@ -405,6 +405,7 @@ extern const char kDisableAuthNegotiateCnameLookup[]; extern const char kEnableAuthNegotiatePort[]; extern const char kAuthServerWhitelist[]; extern const char kAuthNegotiateDelegateWhitelist[]; +extern const char kGSSAPILibraryName[]; } // namespace prefs |