author Valentin Gosu <valentin.gosu@gmail.com>
Mon, 25 Jan 2021 11:57:19 +0000
changeset 564447 51936308d0d76e38e292fc0b5b6af610b28d26fe
parent 449071 e4712449ba4303cef134ba0b3f1bea13fbd50c4a
permissions -rw-r--r--
Bug 1688205 - Record TRR_NO_ANSWERS when decoding a DoH response works but it contains no answers r=nhnt11 Differential Revision: https://phabricator.services.mozilla.com/D102744

/* vim:set ts=4 sw=2 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef nsAuthSambaNTLM_h__
#define nsAuthSambaNTLM_h__

#include "nsIAuthModule.h"
#include "nsString.h"
#include "nsCOMPtr.h"
#include "prio.h"
#include "prproces.h"
#include "mozilla/Attributes.h"

 * This is an implementation of NTLM authentication that does single-signon
 * by obtaining the user's Unix username, parsing it into DOMAIN\name format,
 * and then asking Samba's ntlm_auth tool to do the authentication for us
 * using the user's password cached in winbindd, if available. If the
 * password is not available then this component fails to instantiate so
 * nsHttpNTLMAuth will fall back to a different NTLM implementation.
 * NOTE: at time of writing, this requires patches to be added to the stock
 * Samba winbindd and ntlm_auth!
class nsAuthSambaNTLM final : public nsIAuthModule {


  // We spawn the ntlm_auth helper from the module constructor, because
  // that lets us fail to instantiate the module if ntlm_auth isn't
  // available, triggering fallback to the built-in NTLM support (which
  // doesn't support single signon, of course)
  nsresult SpawnNTLMAuthHelper();


  void Shutdown();

  uint8_t* mInitialMessage; /* free with free() */
  uint32_t mInitialMessageLen;
  PRProcess* mChildPID;
  PRFileDesc* mFromChildFD;
  PRFileDesc* mToChildFD;

#endif /* nsAuthSambaNTLM_h__ */