1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_ 6 #define NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_ 7 8 #include "build/build_config.h" 9 10 // This contains the portable and the SSPI implementations for NTLM. 11 // We use NTLM_SSPI for Windows, and NTLM_PORTABLE for other platforms. 12 #if defined(OS_WIN) 13 #define NTLM_SSPI 14 #else 15 #define NTLM_PORTABLE 16 #endif 17 18 #if defined(NTLM_SSPI) 19 #define SECURITY_WIN32 1 20 #include <windows.h> 21 #include <security.h> 22 #include "net/http/http_auth_sspi_win.h" 23 #endif 24 25 #include <string> 26 27 #include "base/basictypes.h" 28 #include "base/string16.h" 29 #include "net/http/http_auth_handler.h" 30 31 namespace net { 32 33 // Code for handling HTTP NTLM authentication. 34 class HttpAuthHandlerNTLM : public HttpAuthHandler { 35 public: 36 #if defined(NTLM_PORTABLE) 37 // A function that generates n random bytes in the output buffer. 38 typedef void (*GenerateRandomProc)(uint8* output, size_t n); 39 40 // A function that returns the local host name. Returns an empty string if 41 // the local host name is not available. 42 typedef std::string (*HostNameProc)(); 43 44 // For unit tests to override and restore the GenerateRandom and 45 // GetHostName functions. 46 class ScopedProcSetter { 47 public: ScopedProcSetter(GenerateRandomProc random_proc,HostNameProc host_name_proc)48 ScopedProcSetter(GenerateRandomProc random_proc, 49 HostNameProc host_name_proc) { 50 old_random_proc_ = SetGenerateRandomProc(random_proc); 51 old_host_name_proc_ = SetHostNameProc(host_name_proc); 52 } 53 ~ScopedProcSetter()54 ~ScopedProcSetter() { 55 SetGenerateRandomProc(old_random_proc_); 56 SetHostNameProc(old_host_name_proc_); 57 } 58 59 private: 60 GenerateRandomProc old_random_proc_; 61 HostNameProc old_host_name_proc_; 62 }; 63 #endif 64 65 HttpAuthHandlerNTLM(); 66 67 virtual bool NeedsIdentity(); 68 69 virtual bool IsFinalRound(); 70 71 virtual std::string GenerateCredentials(const std::wstring& username, 72 const std::wstring& password, 73 const HttpRequestInfo* request, 74 const ProxyInfo* proxy); 75 76 protected: Init(std::string::const_iterator challenge_begin,std::string::const_iterator challenge_end)77 virtual bool Init(std::string::const_iterator challenge_begin, 78 std::string::const_iterator challenge_end) { 79 return ParseChallenge(challenge_begin, challenge_end); 80 } 81 82 // This function acquires a credentials handle in the SSPI implementation. 83 // It does nothing in the portable implementation. 84 int InitializeBeforeFirstChallenge(); 85 86 private: 87 ~HttpAuthHandlerNTLM(); 88 89 #if defined(NTLM_PORTABLE) 90 // For unit tests to override the GenerateRandom and GetHostName functions. 91 // Returns the old function. 92 static GenerateRandomProc SetGenerateRandomProc(GenerateRandomProc proc); 93 static HostNameProc SetHostNameProc(HostNameProc proc); 94 #endif 95 96 // Parse the challenge, saving the results into this instance. 97 // Returns true on success. 98 bool ParseChallenge(std::string::const_iterator challenge_begin, 99 std::string::const_iterator challenge_end); 100 101 // Given an input token received from the server, generate the next output 102 // token to be sent to the server. 103 int GetNextToken(const void* in_token, 104 uint32 in_token_len, 105 void** out_token, 106 uint32* out_token_len); 107 108 #if defined(NTLM_SSPI) 109 HttpAuthSSPI auth_sspi_; 110 #endif 111 112 #if defined(NTLM_PORTABLE) 113 static GenerateRandomProc generate_random_proc_; 114 static HostNameProc get_host_name_proc_; 115 #endif 116 117 string16 domain_; 118 string16 username_; 119 string16 password_; 120 121 // The base64-encoded string following "NTLM" in the "WWW-Authenticate" or 122 // "Proxy-Authenticate" response header. 123 std::string auth_data_; 124 }; 125 126 } // namespace net 127 128 #endif // NET_HTTP_HTTP_AUTH_HANDLER_NTLM_H_ 129