Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / net / http / http_auth_gssapi_posix.h
blob58f17a6cfc9171d8fa0e9c957d9ce6ebb6c55a79
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
8 #include <string>
10 #include "base/gtest_prod_util.h"
11 #include "base/native_library.h"
12 #include "net/base/net_export.h"
13 #include "net/http/http_auth.h"
15 #if defined(OS_MACOSX) && defined(MAC_OS_X_VERSION_10_9) && \
16 MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_9
17 // Including gssapi.h directly is deprecated in the 10.9 SDK.
18 #include <GSS/gssapi.h>
19 #elif defined(OS_FREEBSD)
20 #include <gssapi/gssapi.h>
21 #else
22 #include <gssapi.h>
23 #endif
25 namespace net {
27 class HttpAuthChallengeTokenizer;
29 // Mechanism OID for GSSAPI. We always use SPNEGO.
30 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_SPNEGO_MECH_OID_DESC;
32 // GSSAPILibrary is introduced so unit tests can mock the calls to the GSSAPI
33 // library. The default implementation attempts to load one of the standard
34 // GSSAPI library implementations, then simply passes the arguments on to
35 // that implementation.
36 class NET_EXPORT_PRIVATE GSSAPILibrary {
37 public:
38 virtual ~GSSAPILibrary() {}
40 // Initializes the library, including any necessary dynamic libraries.
41 // This is done separately from construction (which happens at startup time)
42 // in order to delay work until the class is actually needed.
43 virtual bool Init() = 0;
45 // These methods match the ones in the GSSAPI library.
46 virtual OM_uint32 import_name(
47 OM_uint32* minor_status,
48 const gss_buffer_t input_name_buffer,
49 const gss_OID input_name_type,
50 gss_name_t* output_name) = 0;
51 virtual OM_uint32 release_name(
52 OM_uint32* minor_status,
53 gss_name_t* input_name) = 0;
54 virtual OM_uint32 release_buffer(
55 OM_uint32* minor_status,
56 gss_buffer_t buffer) = 0;
57 virtual OM_uint32 display_name(
58 OM_uint32* minor_status,
59 const gss_name_t input_name,
60 gss_buffer_t output_name_buffer,
61 gss_OID* output_name_type) = 0;
62 virtual OM_uint32 display_status(
63 OM_uint32* minor_status,
64 OM_uint32 status_value,
65 int status_type,
66 const gss_OID mech_type,
67 OM_uint32* message_contex,
68 gss_buffer_t status_string) = 0;
69 virtual OM_uint32 init_sec_context(
70 OM_uint32* minor_status,
71 const gss_cred_id_t initiator_cred_handle,
72 gss_ctx_id_t* context_handle,
73 const gss_name_t target_name,
74 const gss_OID mech_type,
75 OM_uint32 req_flags,
76 OM_uint32 time_req,
77 const gss_channel_bindings_t input_chan_bindings,
78 const gss_buffer_t input_token,
79 gss_OID* actual_mech_type,
80 gss_buffer_t output_token,
81 OM_uint32* ret_flags,
82 OM_uint32* time_rec) = 0;
83 virtual OM_uint32 wrap_size_limit(
84 OM_uint32* minor_status,
85 const gss_ctx_id_t context_handle,
86 int conf_req_flag,
87 gss_qop_t qop_req,
88 OM_uint32 req_output_size,
89 OM_uint32* max_input_size) = 0;
90 virtual OM_uint32 delete_sec_context(
91 OM_uint32* minor_status,
92 gss_ctx_id_t* context_handle,
93 gss_buffer_t output_token) = 0;
94 virtual OM_uint32 inquire_context(
95 OM_uint32* minor_status,
96 const gss_ctx_id_t context_handle,
97 gss_name_t* src_name,
98 gss_name_t* targ_name,
99 OM_uint32* lifetime_rec,
100 gss_OID* mech_type,
101 OM_uint32* ctx_flags,
102 int* locally_initiated,
103 int* open) = 0;
106 // GSSAPISharedLibrary class is defined here so that unit tests can access it.
107 class NET_EXPORT_PRIVATE GSSAPISharedLibrary : public GSSAPILibrary {
108 public:
109 // If |gssapi_library_name| is empty, hard-coded default library names are
110 // used.
111 explicit GSSAPISharedLibrary(const std::string& gssapi_library_name);
112 ~GSSAPISharedLibrary() override;
114 // GSSAPILibrary methods:
115 bool Init() override;
116 OM_uint32 import_name(OM_uint32* minor_status,
117 const gss_buffer_t input_name_buffer,
118 const gss_OID input_name_type,
119 gss_name_t* output_name) override;
120 OM_uint32 release_name(OM_uint32* minor_status,
121 gss_name_t* input_name) override;
122 OM_uint32 release_buffer(OM_uint32* minor_status,
123 gss_buffer_t buffer) override;
124 OM_uint32 display_name(OM_uint32* minor_status,
125 const gss_name_t input_name,
126 gss_buffer_t output_name_buffer,
127 gss_OID* output_name_type) override;
128 OM_uint32 display_status(OM_uint32* minor_status,
129 OM_uint32 status_value,
130 int status_type,
131 const gss_OID mech_type,
132 OM_uint32* message_contex,
133 gss_buffer_t status_string) override;
134 OM_uint32 init_sec_context(OM_uint32* minor_status,
135 const gss_cred_id_t initiator_cred_handle,
136 gss_ctx_id_t* context_handle,
137 const gss_name_t target_name,
138 const gss_OID mech_type,
139 OM_uint32 req_flags,
140 OM_uint32 time_req,
141 const gss_channel_bindings_t input_chan_bindings,
142 const gss_buffer_t input_token,
143 gss_OID* actual_mech_type,
144 gss_buffer_t output_token,
145 OM_uint32* ret_flags,
146 OM_uint32* time_rec) override;
147 OM_uint32 wrap_size_limit(OM_uint32* minor_status,
148 const gss_ctx_id_t context_handle,
149 int conf_req_flag,
150 gss_qop_t qop_req,
151 OM_uint32 req_output_size,
152 OM_uint32* max_input_size) override;
153 OM_uint32 delete_sec_context(OM_uint32* minor_status,
154 gss_ctx_id_t* context_handle,
155 gss_buffer_t output_token) override;
156 OM_uint32 inquire_context(OM_uint32* minor_status,
157 const gss_ctx_id_t context_handle,
158 gss_name_t* src_name,
159 gss_name_t* targ_name,
160 OM_uint32* lifetime_rec,
161 gss_OID* mech_type,
162 OM_uint32* ctx_flags,
163 int* locally_initiated,
164 int* open) override;
166 private:
167 typedef decltype(&gss_import_name) gss_import_name_type;
168 typedef decltype(&gss_release_name) gss_release_name_type;
169 typedef decltype(&gss_release_buffer) gss_release_buffer_type;
170 typedef decltype(&gss_display_name) gss_display_name_type;
171 typedef decltype(&gss_display_status) gss_display_status_type;
172 typedef decltype(&gss_init_sec_context) gss_init_sec_context_type;
173 typedef decltype(&gss_wrap_size_limit) gss_wrap_size_limit_type;
174 typedef decltype(&gss_delete_sec_context) gss_delete_sec_context_type;
175 typedef decltype(&gss_inquire_context) gss_inquire_context_type;
177 FRIEND_TEST_ALL_PREFIXES(HttpAuthGSSAPIPOSIXTest, GSSAPIStartup);
179 bool InitImpl();
180 // Finds a usable dynamic library for GSSAPI and loads it. The criteria are:
181 // 1. The library must exist.
182 // 2. The library must export the functions we need.
183 base::NativeLibrary LoadSharedLibrary();
184 bool BindMethods(base::NativeLibrary lib);
186 bool initialized_;
188 std::string gssapi_library_name_;
189 // Need some way to invalidate the library.
190 base::NativeLibrary gssapi_library_;
192 // Function pointers
193 gss_import_name_type import_name_;
194 gss_release_name_type release_name_;
195 gss_release_buffer_type release_buffer_;
196 gss_display_name_type display_name_;
197 gss_display_status_type display_status_;
198 gss_init_sec_context_type init_sec_context_;
199 gss_wrap_size_limit_type wrap_size_limit_;
200 gss_delete_sec_context_type delete_sec_context_;
201 gss_inquire_context_type inquire_context_;
204 // ScopedSecurityContext releases a gss_ctx_id_t when it goes out of
205 // scope.
206 class ScopedSecurityContext {
207 public:
208 explicit ScopedSecurityContext(GSSAPILibrary* gssapi_lib);
209 ~ScopedSecurityContext();
211 gss_ctx_id_t get() const { return security_context_; }
212 gss_ctx_id_t* receive() { return &security_context_; }
214 private:
215 gss_ctx_id_t security_context_;
216 GSSAPILibrary* gssapi_lib_;
218 DISALLOW_COPY_AND_ASSIGN(ScopedSecurityContext);
222 // TODO(ahendrickson): Share code with HttpAuthSSPI.
223 class NET_EXPORT_PRIVATE HttpAuthGSSAPI {
224 public:
225 HttpAuthGSSAPI(GSSAPILibrary* library,
226 const std::string& scheme,
227 const gss_OID gss_oid);
228 ~HttpAuthGSSAPI();
230 bool Init();
232 bool NeedsIdentity() const;
234 bool AllowsExplicitCredentials() const;
236 HttpAuth::AuthorizationResult ParseChallenge(
237 HttpAuthChallengeTokenizer* tok);
239 // Generates an authentication token.
240 // The return value is an error code. If it's not |OK|, the value of
241 // |*auth_token| is unspecified.
242 // |spn| is the Service Principal Name of the server that the token is
243 // being generated for.
244 // If this is the first round of a multiple round scheme, credentials are
245 // obtained using |*credentials|. If |credentials| is NULL, the default
246 // credentials are used instead.
247 int GenerateAuthToken(const AuthCredentials* credentials,
248 const std::string& spn,
249 std::string* auth_token);
251 // Delegation is allowed on the Kerberos ticket. This allows certain servers
252 // to act as the user, such as an IIS server retrieiving data from a
253 // Kerberized MSSQL server.
254 void Delegate();
256 private:
257 int GetNextSecurityToken(const std::string& spn,
258 gss_buffer_t in_token,
259 gss_buffer_t out_token);
261 std::string scheme_;
262 gss_OID gss_oid_;
263 GSSAPILibrary* library_;
264 std::string decoded_server_auth_token_;
265 ScopedSecurityContext scoped_sec_context_;
266 bool can_delegate_;
269 } // namespace net
271 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_