1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
#define NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
#include "build/build_config.h"
// This contains the portable and the SSPI implementations for NTLM.
// We use NTLM_SSPI for Windows, and NTLM_PORTABLE for other platforms.
#if defined(OS_WIN)
#define NTLM_SSPI
#else
#define NTLM_PORTABLE
#endif
#if defined(NTLM_SSPI)
#define SECURITY_WIN32 1
#include <windows.h>
#include <security.h>
#endif
#include <string>
#include "base/basictypes.h"
#include "base/string16.h"
#include "net/http/http_auth_handler.h"
namespace net {
// Code for handling HTTP NTLM authentication.
class HttpAuthHandlerNTLM : public HttpAuthHandler {
public:
#if defined(NTLM_PORTABLE)
// A function that generates n random bytes in the output buffer.
typedef void (*GenerateRandomProc)(uint8* output, size_t n);
// A function that returns the local host name. Returns an empty string if
// the local host name is not available.
typedef std::string (*HostNameProc)();
// For unit tests to override and restore the GenerateRandom and
// GetHostName functions.
class ScopedProcSetter {
public:
ScopedProcSetter(GenerateRandomProc random_proc,
HostNameProc host_name_proc) {
old_random_proc_ = SetGenerateRandomProc(random_proc);
old_host_name_proc_ = SetHostNameProc(host_name_proc);
}
~ScopedProcSetter() {
SetGenerateRandomProc(old_random_proc_);
SetHostNameProc(old_host_name_proc_);
}
private:
GenerateRandomProc old_random_proc_;
HostNameProc old_host_name_proc_;
};
#endif
HttpAuthHandlerNTLM();
virtual bool NeedsIdentity();
virtual bool IsFinalRound();
virtual std::string GenerateCredentials(const std::wstring& username,
const std::wstring& password,
const HttpRequestInfo* request,
const ProxyInfo* proxy);
protected:
virtual bool Init(std::string::const_iterator challenge_begin,
std::string::const_iterator challenge_end) {
return ParseChallenge(challenge_begin, challenge_end);
}
// This function acquires a credentials handle in the SSPI implementation.
// It does nothing in the portable implementation.
int InitializeBeforeFirstChallenge();
private:
~HttpAuthHandlerNTLM();
#if defined(NTLM_PORTABLE)
// For unit tests to override the GenerateRandom and GetHostName functions.
// Returns the old function.
static GenerateRandomProc SetGenerateRandomProc(GenerateRandomProc proc);
static HostNameProc SetHostNameProc(HostNameProc proc);
#endif
// Parse the challenge, saving the results into this instance.
// Returns true on success.
bool ParseChallenge(std::string::const_iterator challenge_begin,
std::string::const_iterator challenge_end);
// Given an input token received from the server, generate the next output
// token to be sent to the server.
int GetNextToken(const void* in_token,
uint32 in_token_len,
void** out_token,
uint32* out_token_len);
#if defined(NTLM_SSPI)
void ResetSecurityContext();
#endif
#if defined(NTLM_PORTABLE)
static GenerateRandomProc generate_random_proc_;
static HostNameProc get_host_name_proc_;
#endif
string16 domain_;
string16 username_;
string16 password_;
// The base64-encoded string following "NTLM" in the "WWW-Authenticate" or
// "Proxy-Authenticate" response header.
std::string auth_data_;
#if defined(NTLM_SSPI)
ULONG max_token_len_;
CredHandle cred_;
CtxtHandle ctxt_;
#endif
};
} // namespace net
#endif // NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_
|
