projects / moonshot-firefox.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add MSVC project and solution files
[moonshot-firefox.git] / nsHttpMoonshot.cpp
diff --git a/nsHttpMoonshot.cpp b/nsHttpMoonshot.cpp
index f377fb7..a09a0ce 100644 (file)
--- a/nsHttpMoonshot.cpp
+++ b/nsHttpMoonshot.cpp
@@ -35,6 +35,7 @@
 #define FORCE_PR_LOG 1
 
 #include <stdlib.h>
+#include "nsAutoRef.h"
 #include "nsCOMPtr.h"
 #include "nsIHttpChannel.h"
 #include "nsIServiceManager.h"
@@ -69,6 +70,14 @@
 #endif
 #endif
 
+NS_SPECIALIZE_TEMPLATE
+class nsAutoRefTraits<nsMoonshotSessionState> : public nsPointerRefTraits<nsMoonshotSessionState>
+{
+public:
+   static void Release(nsMoonshotSessionState *ptr) { ptr->Release(); }
+   static void AddRef(nsMoonshotSessionState *ptr) { ptr->AddRef(); }
+};
+
 static gss_OID_desc gss_krb5_mech_oid_desc =
 {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"};
 
@@ -164,22 +173,10 @@ nsHttpMoonshot::ChallengeReceived(nsIHttpChannel *httpChannel,
                                    PRBool *identityInvalid)
 {
     nsMoonshotSessionState *session = (nsMoonshotSessionState *) *sessionState;
-
-    //
-    // Use this opportunity to instantiate the session object
-    // that gets used later when we generate the credentials.
-    //
-    if (!session) {
-       session = new nsMoonshotSessionState();
-       if (!session)
-               return(NS_ERROR_OUT_OF_MEMORY);
-       NS_ADDREF(*sessionState = session);
-       *identityInvalid = PR_TRUE;
-       LOG(("nsHttpMoonshot::A new session context established\n"));
-    } else {
-       LOG(("nsHttpMoonshot::Still using context from previous request\n"));
-        *identityInvalid = PR_FALSE;
-    }
+    if (session==NULL)
+        session = (nsMoonshotSessionState *) *continuationState;
+    *identityInvalid =
+       ((session==NULL) || (session->gss_state == GSS_CTX_EMPTY)) ? PR_TRUE : PR_FALSE;
 
     return NS_OK;
 }
@@ -279,9 +276,9 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
    gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
    gss_buffer_t  in_token_ptr = GSS_C_NO_BUFFER;
    gss_name_t server;
-   nsMoonshotSessionState *session = (nsMoonshotSessionState *) *sessionState;
-   gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
-
+   nsCountedRef<nsMoonshotSessionState> session(static_cast<nsMoonshotSessionState *>(*sessionState));
+   if (!session)
+       session = static_cast<nsMoonshotSessionState *>(*continuationState);
 
    nsCOMPtr<nsIURI> uri;
    nsresult rv;
@@ -340,6 +337,16 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
       return NS_ERROR_FAILURE;
    }
 
+   // Create session state if none added yet.
+   if (!session) {
+      session = new nsMoonshotSessionState();
+      if (!session)
+         return(NS_ERROR_OUT_OF_MEMORY);
+      LOG(("nsHttpMoonshot::A new session context established\n"));
+   } else {
+      LOG(("nsHttpMoonshot::Still using context from previous request\n"));
+   }
+
    //
    // If the "Negotiate:" header had some data associated with it,
    // that data should be used as the input to this call.  This may
@@ -408,14 +415,21 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
         //}
    }
 
-   /* HACK */
+   if (session->gss_cred == GSS_C_NO_CREDENTIAL)
    {
        OM_uint32 maj_stat, min_stat;
        gss_buffer_desc tmp_token;
        gss_name_t gss_username = GSS_C_NO_NAME;
        gss_OID_set_desc mechs, *mechsp = GSS_C_NO_OID_SET;
+       const char *p, *u;
+
+       u = strdup(NS_LossyConvertUTF16toASCII(username).get());
+       p = strdup(NS_LossyConvertUTF16toASCII(password).get());
 
-       tmp_token.value = (void *) "steve@local";
+       LOG(("Acquiring credentials for user '%s' using password '%s'\n",
+                                u, p));
+
+       tmp_token.value = (void *) u;
        tmp_token.length = strlen((const char *)tmp_token.value);
        maj_stat = gss_import_name(&min_stat, &tmp_token,
                                   GSS_C_NT_USER_NAME,
@@ -431,21 +445,24 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
        mechs.count = 1;
        mechsp = &mechs;
 
-       tmp_token.value = (void *)"testing";
-       tmp_token.length = strlen((const char*)tmp_token.value);
+       tmp_token.value = (void *) p;
+       tmp_token.length = strlen(p);//strlen((const char*)tmp_token.value);
        maj_stat = gss_acquire_cred_with_password(&min_stat,
                                                  gss_username, &tmp_token, 0,
                                                  mechsp, GSS_C_INITIATE,
-                                                 &cred, NULL, NULL);
+                                                 &session->gss_cred, NULL, NULL);
        if (GSS_ERROR(maj_stat)) {
            LogGssError(maj_stat, min_stat, "gss_acquire_cred_with_password()");
            session->Reset();
            return NS_ERROR_FAILURE;
        }
+
+       LOG(("Acquired credential for user '%s' using password '%s'\n",
+            u, p));
    }
 
    major_status = gss_init_sec_context(&minor_status,
-                                   cred,
+                                   session->gss_cred,
                                    &session->gss_ctx,
                                    server,
                                    GetOID(),
@@ -461,7 +478,7 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
    if (GSS_ERROR(major_status)) {
       LogGssError(major_status, minor_status, "gss_init_sec_context() failed");
       (void) gss_release_name(&minor_status, &server);
-      gss_release_cred(&minor_status, &cred);
+//      gss_release_cred(&minor_status, &cred);
       session->Reset();
       if (input_token.length > 0 && input_token.value != NULL)
              (void) gss_release_buffer(&minor_status, &input_token);
@@ -475,6 +492,13 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
        // TEST
        // session->Reset();
        session->gss_state = GSS_CTX_ESTABLISHED;
+      if (*sessionState != session)
+      {
+         NS_ADDREF(*sessionState = session);
+         // clean up continuation state
+         if (*continuationState)
+            NS_RELEASE(*continuationState);
+      }
        LOG(("GSS Auth done"));
    } else if (major_status == GSS_S_CONTINUE_NEEDED) {
        //
@@ -487,6 +511,11 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
        //
        // TEST
        session->gss_state = GSS_CTX_IN_PROGRESS;
+      if (*continuationState != session)
+      {
+          // Assert continuationState==NULL
+          NS_ADDREF(*continuationState = session);
+      }
        LOG(("GSS Auth continuing"));
    } 
 
@@ -497,7 +526,7 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
    if (output_token.length == 0) {
       LOG(("No GSS output token to send, exiting"));
       (void) gss_release_name(&minor_status, &server);
-      gss_release_cred(&minor_status, &cred);
+//      gss_release_cred(&minor_status, &cred);
       return NS_ERROR_FAILURE;
    }
 
@@ -512,19 +541,19 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
    if (!encoded_token) {
       (void) gss_release_buffer(&minor_status, &output_token);
       (void) gss_release_name(&minor_status, &server);
-      gss_release_cred(&minor_status, &cred);
+//      gss_release_cred(&minor_status, &cred);
       return NS_ERROR_OUT_OF_MEMORY;
    }
 
    LOG(("Sending a token of length %d\n", output_token.length));
 
    // allocate a buffer sizeof("Negotiate" + " " + b64output_token + "\0")
-   *creds = (char *) malloc (strlen(NEGOTIATE_AUTH) + 1 + strlen(encoded_token) + 1);
+   *creds = (char *) PR_Malloc (strlen(NEGOTIATE_AUTH) + 1 + strlen(encoded_token) + 1);
    if (!(*creds)) {
       PR_Free(encoded_token);
       (void) gss_release_buffer(&minor_status, &output_token);
       (void) gss_release_name(&minor_status, &server);
-      gss_release_cred(&minor_status, &cred);
+//      gss_release_cred(&minor_status, &cred);
       return NS_ERROR_OUT_OF_MEMORY;
    }
 
@@ -533,7 +562,7 @@ nsHttpMoonshot::GenerateCredentials_1_9_2(nsIHttpChannel *httpChannel,
 
    (void) gss_release_buffer(&minor_status, &output_token);
    (void) gss_release_name(&minor_status, &server);
-      gss_release_cred(&minor_status, &cred);
+//      gss_release_cred(&minor_status, &cred);
 
    LOG(("returning the call"));
 
Unnamed repository; edit this file 'description' to name the repository.