nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/extensions/auth/nsAuthSASL.cpp
Gabriele Svelto 69790bc62e Bug 1600545 - Remove useless inclusions of header files generated from IDL files in accessible/, browser/, caps/, chrome/, devtools/, docshell/, editor/, extensions/, gfx/, hal/, image/, intl/, ipc/, js/, layout/, and media/ r=Ehsan 
The inclusions were removed with the following very crude script and the
resulting breakage was fixed up by hand. The manual fixups did either
revert the changes done by the script, replace a generic header with a more
specific one or replace a header with a forward declaration.

find . -name "*.idl" | grep -v web-platform | grep -v third_party | while read path; do
    interfaces=$(grep "^\(class\|interface\).*:.*" "$path" | cut -d' ' -f2)
    if [ -n "$interfaces" ]; then
        if [[ "$interfaces" == *$'\n'* ]]; then
          regexp="\("
          for i in $interfaces; do regexp="$regexp$i\|"; done
          regexp="${regexp%%\\\|}\)"
        else
          regexp="$interfaces"
        fi
        interface=$(basename "$path")
        rg -l "#include.*${interface%%.idl}.h" . | while read path2; do
            hits=$(grep -v "#include.*${interface%%.idl}.h" "$path2" | grep -c "$regexp" )
            if [ $hits -eq 0 ]; then
                echo "Removing ${interface} from ${path2}"
                grep -v "#include.*${interface%%.idl}.h" "$path2" > "$path2".tmp
                mv -f "$path2".tmp "$path2"
            fi
        done
    fi
done

Differential Revision: https://phabricator.services.mozilla.com/D55443

--HG--
extra : moz-landing-system : lando
2019-12-06 09:16:44 +00:00

123 lines
4 KiB
C++
Raw Blame History

/* vim:set ts=4 sw=2 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsComponentManagerUtils.h"
#include "nsNativeCharsetUtils.h"
#include "nsIPrefService.h"
#include "nsServiceManagerUtils.h"
#include "nsAuthSASL.h"
static const char kNegotiateAuthSSPI[] = "network.auth.use-sspi";
nsAuthSASL::nsAuthSASL() { mSASLReady = false; }
void nsAuthSASL::Reset() { mSASLReady = false; }
/* Limitations apply to this class's thread safety. See the header file */
NS_IMPL_ISUPPORTS(nsAuthSASL, nsIAuthModule)
NS_IMETHODIMP
nsAuthSASL::Init(const char* serviceName, uint32_t serviceFlags,
const char16_t* domain, const char16_t* username,
const char16_t* password) {
nsresult rv;
NS_ASSERTION(username, "SASL requires a username");
NS_ASSERTION(!domain && !password, "unexpected credentials");
mUsername = username;
// If we're doing SASL, we should do mutual auth
serviceFlags |= REQ_MUTUAL_AUTH;
// Find out whether we should be trying SSPI or not
const char* authType = "kerb-gss";
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
if (prefs) {
bool val;
rv = prefs->GetBoolPref(kNegotiateAuthSSPI, &val);
if (NS_SUCCEEDED(rv) && val) authType = "kerb-sspi";
}
MOZ_ALWAYS_TRUE(mInnerModule = nsIAuthModule::CreateInstance(authType));
mInnerModule->Init(serviceName, serviceFlags, nullptr, nullptr, nullptr);
return NS_OK;
}
NS_IMETHODIMP
nsAuthSASL::GetNextToken(const void* inToken, uint32_t inTokenLen,
void** outToken, uint32_t* outTokenLen) {
nsresult rv;
void* unwrappedToken;
char* message;
uint32_t unwrappedTokenLen, messageLen;
nsAutoCString userbuf;
if (!mInnerModule) return NS_ERROR_NOT_INITIALIZED;
if (mSASLReady) {
// If the server COMPLETEs with an empty token, Cyrus sends us that token.
// I don't think this is correct, but we need to handle that behaviour.
// Cyrus ignores the contents of our reply token.
if (inTokenLen == 0) {
*outToken = nullptr;
*outTokenLen = 0;
return NS_OK;
}
// We've completed the GSSAPI portion of the handshake, and are
// now ready to do the SASL security layer and authzid negotiation
// Input packet from the server needs to be unwrapped.
rv = mInnerModule->Unwrap(inToken, inTokenLen, &unwrappedToken,
&unwrappedTokenLen);
if (NS_FAILED(rv)) {
Reset();
return rv;
}
// If we were doing security layers then we'd care what the
// server had sent us. We're not, so all we had to do was make
// sure that the signature was correct with the above unwrap()
free(unwrappedToken);
NS_CopyUnicodeToNative(mUsername, userbuf);
messageLen = userbuf.Length() + 4 + 1;
message = (char*)moz_xmalloc(messageLen);
message[0] = 0x01; // No security layer
message[1] = 0x00;
message[2] = 0x00;
message[3] = 0x00; // Maxbuf must be zero if we've got no sec layer
strcpy(message + 4, userbuf.get());
// Userbuf should not be nullptr terminated, so trim the trailing nullptr
// when wrapping the message
rv = mInnerModule->Wrap((void*)message, messageLen - 1, false, outToken,
outTokenLen);
free(message);
Reset(); // All done
return NS_SUCCEEDED(rv) ? NS_SUCCESS_AUTH_FINISHED : rv;
}
rv = mInnerModule->GetNextToken(inToken, inTokenLen, outToken, outTokenLen);
if (rv == NS_SUCCESS_AUTH_FINISHED) {
mSASLReady = true;
rv = NS_OK;
}
return rv;
}
NS_IMETHODIMP
nsAuthSASL::Unwrap(const void* inToken, uint32_t inTokenLen, void** outToken,
uint32_t* outTokenLen) {
return NS_ERROR_NOT_IMPLEMENTED;
}
NS_IMETHODIMP
nsAuthSASL::Wrap(const void* inToken, uint32_t inTokenLen, bool confidential,
void** outToken, uint32_t* outTokenLen) {
return NS_ERROR_NOT_IMPLEMENTED;
}
View git blame Copy permalink