summaryrefslogtreecommitdiffstats
path: root/net/http/http_auth.cc
Commit message (Collapse)AuthorAgeFilesLines
* MAC Cookies (patch 4 of N)abarth@chromium.org2011-05-131-3/+4
| | | | | | | | | | Wire up the pieces of MAC cookies (behind the --enable-mac-cookies flag). Also, update the syntax of the header now that issuer has been removed and the timestamp and nonce are combined into one field. Review URL: http://codereview.chromium.org/6969050 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@85309 0039d316-1c4b-4281-b951-d872f2087c98
* Even more reordering the methods in headers and implementation in net/.erg@google.com2011-01-201-18/+18
| | | | | | | | | BUG=68682 TEST=compiles Review URL: http://codereview.chromium.org/6314010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71880 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: Use AUTH_SCHEME enum instead of a string.cbentzel@chromium.org2011-01-131-8/+34
| | | | | | | | | BUG=None TEST=trybots Review URL: http://codereview.chromium.org/6191001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71318 0039d316-1c4b-4281-b951-d872f2087c98
* Add more tests cases for HttpAuth::HandleChallengeResponse.cbentzel@chromium.org2010-10-201-0/+3
| | | | | | | | | | | This also improves the documentation for HandleChallengeResponse and clears the challenge_response arugment. BUG=None TEST=net_unittests --gtest_filter="*HandleChallengeResponse*" Review URL: http://codereview.chromium.org/3752003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63227 0039d316-1c4b-4281-b951-d872f2087c98
* Convert LOG(INFO) to VLOG(1) - net/.pkasting@chromium.org2010-10-161-2/+2
| | | | | | | | | | Also converts COOKIE_DLOG (since VLOG can be toggled on a granular basis), removes some unneeded "endl"s and {}s, aligns "<<"s per style guide, and changes KeygenHandler::GenKeyAndSignChallenge() to avoid using "goto". BUG=none TEST=none Review URL: http://codereview.chromium.org/3846001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62831 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: Continue fixing nits found by my automated source scanner.erg@google.com2010-10-051-0/+2
| | | | | | | | | | | (~1.3 megs off Debug linux .a files) BUG=none TEST=compiles Review URL: http://codereview.chromium.org/3556013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61587 0039d316-1c4b-4281-b951-d872f2087c98
* Extract name-value pair parsing from http_auth.cc (ChallengeTokenizer) into ↵erikwright@chromium.org2010-09-301-61/+18
| | | | | | | | | | http_util.cc (NameValuePairsIterator). In preparation for re-use of name-value pair parsing in ChromeFrame (for X-UA-Compatible header). BUG=None TEST=net_unittests (HttpAuth* and HttpUtilTest.NameValuePairs*) Review URL: http://codereview.chromium.org/3525004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61061 0039d316-1c4b-4281-b951-d872f2087c98
* Don't evict username/password when handling "stale" digest authentication ↵cbentzel@chromium.org2010-09-161-3/+7
| | | | | | | | | | | | | challenges. Stale challenges indicate that the cached nonce (and associated nonce_count) are no longer valid. BUG=53353 TEST=Use a digest authentication Squid proxy with default settings (which complain about stale nonce's). Ensure that there are no username/password prompts after getting a stale challenge. Also, net_unittests. Review URL: http://codereview.chromium.org/3421005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59643 0039d316-1c4b-4281-b951-d872f2087c98
* Fix multi-round authentication.cbentzel@chromium.org2010-09-111-15/+27
| | | | | | | | | | | | | | | | | | | | | | | | In the case of Negotiate, authentication can look like C: GET S: 401, WWW-Authenticate: Negotiate C: GET, WWW-Authorization: Negotiate <client_token_1> S: 401, WWW-Authenticate: Negotiate <server_token_1> C: GET, WWW-Authorization: Negotiate <client_token_2> S: 401, WWW-Authenticate: Negotiate <server_token_2> on that third challenge, the handler was reported as being in "the final round" and this was treated as a rejection of the authentication attempt. After that, the new challenge token was used by a new auth handler that hadn't established a security context, and an ERR_INVALID_HANDLE would be returned. This CL also does some prep work to correctly handle the "stale=true" value for Digest authentication, but I decided to defer the HttpAuthCache changes needed for that to a separate CL since this was large enough. BUG=53282 TEST=net_unittests. Unfortunately, I haven't been able to set up a proxy/server to do more than two auth challenges, but this does happen in the wild. Review URL: http://codereview.chromium.org/3360017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59188 0039d316-1c4b-4281-b951-d872f2087c98
* Demote LOG(WARNING) about unable to handle an auth scheme to LOG(INFO).cbentzel@chromium.org2010-09-081-2/+2
| | | | | | | | | | | This shows up in the field a number of times due to the Kerberos HTTP authentication protocol not being supported by Chrome, and leads people to believe it's a bigger problem than it actually is. BUG=None TEST=None Review URL: http://codereview.chromium.org/3369004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58822 0039d316-1c4b-4281-b951-d872f2087c98
* Fix for Proxy server authentication without credentials available.ahendrickson@google.com2010-07-271-5/+5
| | | | | | | | | | | | | | | | This covers the cases using GSSAPI for Negotiate to authenticate to a proxy, where: - The user does not have a TGT (Ticket Generating Ticket), or - The user is unable to get to the TGS (Ticket Granting Server). The bug was that the authentication system tried to reuse the Negotiate handler even though it was not possible for it to succeed, leading to infinite retries. BUG=33033 Test=None Review URL: http://codereview.chromium.org/3040015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53819 0039d316-1c4b-4281-b951-d872f2087c98
* Attempt to back off from Kerberos authentication if we don't have credentials.ahendrickson@google.com2010-07-201-2/+5
| | | | | | | | | | | | | | | | | | | If the user has a stale TGT, or is unable to generate a TGS for the server they are trying to communicate to, then generating an authentication token fails. Rather than fail the entire network transaction in that case, we resend the request with an empty Authenticate (or Proxy-Authenticate) header, and remember that the Negotiate scheme is not a valid option for this particular transaction. If the server responds back with headers like WWW-Authenticate: Negotiate WWW-Authenticate: Digest realm=foo then the digest scheme is chosen in the next round. BUG=33033 TEST=None Review URL: http://codereview.chromium.org/3010010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53002 0039d316-1c4b-4281-b951-d872f2087c98
* Create HttpAuthController. (again)vandebo@chromium.org2010-06-241-0/+6
| | | | | | | | | | | | This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). Fix memory leak. BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50696 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 50647 - Create HttpAuthController.vandebo@chromium.org2010-06-231-6/+0
| | | | | | | | | | | | | | | | 'Memory tests' is not happy. This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 TBR=vandebo@chromium.org Review URL: http://codereview.chromium.org/2866018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50669 0039d316-1c4b-4281-b951-d872f2087c98
* Create HttpAuthController.vandebo@chromium.org2010-06-231-0/+6
| | | | | | | | | | | This packages up the auth state into a single class to enable a HttpProxyClientSocket class (which is needed for SSLClientSocketPool). BUG=30357 TEST=existing unit tests Review URL: http://codereview.chromium.org/2808020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50647 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandler's are no longer refcounted.cbentzel@chromium.org2010-06-071-5/+5
| | | | | | | | | | | | Since HttpAuthHandler objects are no longer contained inside of the HttpAuthCache, the lifetime of the handlers is more clearly defined. TEST=net_unittests (including some changes) BUG=42222 Review URL: http://codereview.chromium.org/2635004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49052 0039d316-1c4b-4281-b951-d872f2087c98
* HttpAuthHandlers hold onto a bound net log.cbentzel@chromium.org2010-05-271-2/+3
| | | | | | | | | | | Although this doesn't have a behavioral impact in this CL, it is needed for additional logging which I'd like to add. BUG=34737 TEST=net_unittests Review URL: http://codereview.chromium.org/2288001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@48391 0039d316-1c4b-4281-b951-d872f2087c98
* Gracefully recover from malformed auth challenge.jochen@chromium.org2010-03-311-5/+8
| | | | | | | | | BUG=39836 TEST=try to log in to an allnet webcam Review URL: http://codereview.chromium.org/1567008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43182 0039d316-1c4b-4281-b951-d872f2087c98
* Added factories for HttpAuthHandler.cbentzel@chromium.org2010-02-151-40/+33
| | | | | | | | | | | | | | | | | | | The driving rationale for this change was to prevent choosing an AuthHandler when it is not supported on the system due to a missing runtime component (such as not being able to locate a gssapi shared library when seeing a Negotiate scheme). It also has the advantage (currently unused) of determining some per-auth-scheme properties only the first time that a challenge for that scheme is seen (such as maximum token length for the SSPI implementation of NTLM). Finally, it may make unit tests easier to generate since the factory can be easily mocked. BUG=34795 TEST=New unit test for HttpAuthHandlerDispatchFactory. Review URL: http://codereview.chromium.org/582007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39065 0039d316-1c4b-4281-b951-d872f2087c98
* Added WWW-Authenticate Negotate support using shared HttpAuthSspi.cbentzel@chromium.org2010-01-211-0/+3
| | | | | | | | | BUG=29862 TEST=None Review URL: http://codereview.chromium.org/551015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@36785 0039d316-1c4b-4281-b951-d872f2087c98
* We should pass the service principal name (SPN) of thewtc@chromium.org2009-09-181-3/+5
| | | | | | | | | | | | | | | | format "HTTP/host:port" as the third argument (pszTargetName) to InitializeSecurityContext. This requires adding a host_and_port parameter to some methods. Remove obsolete (and incorrect) logging code in HttpNetworkTransaction::PrepareForAuthRestart(). R=eroman BUG=18009 TEST=none Review URL: http://codereview.chromium.org/206022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@26588 0039d316-1c4b-4281-b951-d872f2087c98
* Fix for bug 9608. adding check that tokenized header is valid.ace@google.com2009-04-021-1/+5
| | | | | | Review URL: http://codereview.chromium.org/60008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@13050 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the NTLM authentication scheme by portingwtc@chromium.org2009-02-281-8/+25
| | | | | | | | | | Mozilla's implementation. R=darin,eroman BUG=6567,6824 Review URL: http://codereview.chromium.org/28144 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10667 0039d316-1c4b-4281-b951-d872f2087c98
* - Add preemptive authorization (new http stack only)ericroman@google.com2008-11-081-18/+20
| | | | | | | | | | | | - Check for auth identity in URL (new http stack only) - Move auth cache logic out of url request job, and hide it in the url request ftp job and http transaction classes. Note: Somehow the original codereview thread got corrupted so it was recreated. The real review comments should be under (http://codereview.chromium.org/6481) Review URL: http://codereview.chromium.org/8231 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5064 0039d316-1c4b-4281-b951-d872f2087c98
* Initial stab at http authentication (basic + digest) in new http stack.ericroman@google.com2008-09-271-0/+147
General design: - class HttpAuth -- utility class for http-auth logic. - class HttpAuth::ChallengeTokenizer -- parsing of www-Authenticate headers. - class HttpAuthHandler -- base class for authentication schemes (inspired by nsIHttpAuthenticator) - class HttpAuthHandlerBasic : HttpAuthHandler -- logic for basic auth. - class HttpAuthHandlerDigest : HttpAuthHandler -- logic for digest auth. - The auth integration in HttpNetworkTransaction mimics that of HttpTransactionWinHttp: + HttpNetworkTransaction::ApplyAuth() -- set the authorization headers. + HttpNetworkTransaction::PopulateAuthChallenge() -- process the challenges. BUG=2346 Review URL: http://codereview.chromium.org/4063 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2658 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-01 01:36:13 +0000