diff options
| author | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-22 16:41:01 +0000 |
|---|---|---|
| committer | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-22 16:41:01 +0000 |
| commit | 5b9eb6cd8f4428c4647e1546aa2461d0062e0301 (patch) | |
| tree | d2ecf90ec66cfb7d1b6d3503f46973e9e4c381fe /net/http/http_auth_handler_ntlm_win.cc | |
| parent | 74d1423427b9665b5506e8fdc285597358ed3cf6 (diff) | |
| download | chromium_src-5b9eb6cd8f4428c4647e1546aa2461d0062e0301.zip chromium_src-5b9eb6cd8f4428c4647e1546aa2461d0062e0301.tar.gz chromium_src-5b9eb6cd8f4428c4647e1546aa2461d0062e0301.tar.bz2 | |
Validate that an SSPI scheme is supported before generating a handler.
When SSPI is used (for Windows builds), the NTLM and Negotiate handler
factories determine the maximum token length the first time it is used.
The SSPI call to determinine the maximum length also returns an error code
if the scheme is unsupported. The factories remember if the scheme is
unsupported and will not attempt to create any handlers. If the token length
is found, it is remembered. If a different error occurs, don't create a
handler this round, but try again in the future.
BUG=None
TEST=Manually used an incorrect auth scheme and validated that it worked. Working on a mock SSPI Library I can use for unit testing.
Review URL: http://codereview.chromium.org/600129
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39600 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_auth_handler_ntlm_win.cc')
| -rw-r--r-- | net/http/http_auth_handler_ntlm_win.cc | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/net/http/http_auth_handler_ntlm_win.cc b/net/http/http_auth_handler_ntlm_win.cc index c096aaf..cf3b448 100644 --- a/net/http/http_auth_handler_ntlm_win.cc +++ b/net/http/http_auth_handler_ntlm_win.cc @@ -19,7 +19,8 @@ namespace net { -HttpAuthHandlerNTLM::HttpAuthHandlerNTLM() : auth_sspi_("NTLM", NTLMSP_NAME) { +HttpAuthHandlerNTLM::HttpAuthHandlerNTLM(ULONG max_token_length) : + auth_sspi_("NTLM", NTLMSP_NAME, max_token_length) { } HttpAuthHandlerNTLM::~HttpAuthHandlerNTLM() { @@ -60,5 +61,40 @@ int HttpAuthHandlerNTLM::GenerateDefaultAuthToken( auth_token); } +HttpAuthHandlerNTLM::Factory::Factory() : + max_token_length_(0), + first_creation_(true), + is_unsupported_(false) { +} + +HttpAuthHandlerNTLM::Factory::~Factory() { +} + +int HttpAuthHandlerNTLM::Factory::CreateAuthHandler( + HttpAuth::ChallengeTokenizer* challenge, + HttpAuth::Target target, + const GURL& origin, + scoped_refptr<HttpAuthHandler>* handler) { + if (is_unsupported_) + return ERR_UNSUPPORTED_AUTH_SCHEME; + + if (max_token_length_ == 0) { + int rv = DetermineMaxTokenLength(NTLMSP_NAME, &max_token_length_); + if (rv == ERR_UNSUPPORTED_AUTH_SCHEME) + is_unsupported_ = true; + if (rv != OK) + return rv; + } + + // TODO(cbentzel): Move towards model of parsing in the factory + // method and only constructing when valid. + scoped_refptr<HttpAuthHandler> tmp_handler( + new HttpAuthHandlerNTLM(max_token_length_)); + if (!tmp_handler->InitFromChallenge(challenge, target, origin)) + return ERR_INVALID_RESPONSE; + handler->swap(tmp_handler); + return OK; +} + } // namespace net |