We should pass the service principal name (SPN) of the

format "HTTP/host:port" as the third argument (pszTargetName)
to InitializeSecurityContext.  This requires adding a
host_and_port parameter to some methods.

Remove obsolete (and incorrect) logging code in
HttpNetworkTransaction::PrepareForAuthRestart().

R=eroman
BUG=18009
TEST=none
Review URL: http://codereview.chromium.org/206022

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26588 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 8 insertions, 3 deletions

diff --git a/net/http/http_auth_handler_ntlm_win.cc b/net/http/http_auth_handler_ntlm_win.cc
index d638e8a..7970740 100644
--- a/net/http/http_auth_handler_ntlm_win.cc
+++ b/net/http/http_auth_handler_ntlm_win.cc
@@ -10,7 +10,9 @@
 #include "net/http/http_auth_handler_ntlm.h"
 
 #include "base/logging.h"
+#include "base/string_util.h"
 #include "net/base/net_errors.h"
+#include "net/base/net_util.h"
 
 #pragma comment(lib, "secur32.lib")
 
@@ -134,13 +136,16 @@ int HttpAuthHandlerNTLM::GetNextToken(const void* in_token,
   if (!out_buffer.pvBuffer)
     return ERR_OUT_OF_MEMORY;
 
-  // Name of the destination server.  NULL for NTLM.
-  SEC_WCHAR* target = NULL;
+  // The service principal name of the destination server.  See
+  // http://msdn.microsoft.com/en-us/library/ms677949%28VS.85%29.aspx
+  std::wstring target(L"HTTP/");
+  target.append(ASCIIToWide(GetHostAndPort(origin_)));
+  wchar_t* target_name = const_cast<wchar_t*>(target.c_str());
 
   // This returns a token that is passed to the remote server.
   status = InitializeSecurityContext(&cred_,  // phCredential
                                      ctxt_ptr,  // phContext
-                                     target,  // pszTargetName
+                                     target_name,  // pszTargetName
                                      0,  // fContextReq
                                      0,  // Reserved1 (must be 0)
                                      SECURITY_NATIVE_DREP,  // TargetDataRep