| author | Narcis Beleuzu <nbeleuzu@mozilla.com> |
| Mon, 29 Oct 2018 17:01:21 +0200 | |
| changeset 443343 | af20bba72e84ae85bcf3bdbb65f4bcdb1e8c1dc5 |
| parent 443342 | 814e566c6878c80c6077d409914ec6bd5bd2c017 |
| child 443344 | c7d1909cd2aed3392f0e9ab82e9847701a2a75e8 |
| push id | 71906 |
| push user | nbeleuzu@mozilla.com |
| push date | Mon, 29 Oct 2018 15:01:41 +0000 |
| treeherder | autoland@af20bba72e84 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| bugs | 1502774 |
| milestone | 65.0a1 |
| backs out | a1f9c46668550d18322337e43b361e48a28694dd 07648e9d8400ee9b0c5ac84c76d8c2f7de94db83 b403c3c786eebc231f1069612a1c820440b798fe |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/extensions/auth/moz.build +++ b/extensions/auth/moz.build @@ -1,17 +1,17 @@ # -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- # vim: set filetype=python: # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. UNIFIED_SOURCES += [ + 'nsAuthFactory.cpp', 'nsAuthGSSAPI.cpp', - 'nsIAuthModule.cpp', ] SOURCES += [ 'nsAuthSASL.cpp', 'nsHttpNegotiateAuth.cpp', # contains constants whose names conflict with constants in other files ] if CONFIG['OS_ARCH'] == 'WINNT': @@ -21,16 +21,15 @@ if CONFIG['OS_ARCH'] == 'WINNT': DEFINES['USE_SSPI'] = True else: UNIFIED_SOURCES += [ 'nsAuthSambaNTLM.cpp', ] LOCAL_INCLUDES += [ '/netwerk/dns', # For nsDNSService2.h - '/security/manager/ssl', ] FINAL_LIBRARY = 'xul' with Files('**'): BUG_COMPONENT = ('Core', 'Networking')
rename from extensions/auth/nsIAuthModule.cpp rename to extensions/auth/nsAuthFactory.cpp --- a/extensions/auth/nsIAuthModule.cpp +++ b/extensions/auth/nsAuthFactory.cpp @@ -1,66 +1,247 @@ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "nsCRT.h" -#include "nsIAuthModule.h" +#include "mozilla/ModuleUtils.h" +#include "nsAuth.h" + +//----------------------------------------------------------------------------- + +#define NS_HTTPNEGOTIATEAUTH_CID \ +{ /* 75c80fd0-accb-432c-af59-ec60668c3990 */ \ + 0x75c80fd0, \ + 0xaccb, \ + 0x432c, \ + {0xaf, 0x59, 0xec, 0x60, 0x66, 0x8c, 0x39, 0x90} \ +} + +#include "nsHttpNegotiateAuth.h" +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNegotiateAuth) +//----------------------------------------------------------------------------- + +#define NS_NEGOTIATEAUTH_CID \ +{ /* 96ec4163-efc8-407a-8735-007fb26be4e8 */ \ + 0x96ec4163, \ + 0xefc8, \ + 0x407a, \ + {0x87, 0x35, 0x00, 0x7f, 0xb2, 0x6b, 0xe4, 0xe8} \ +} +#define NS_GSSAUTH_CID \ +{ /* dc8e21a0-03e4-11da-8cd6-0800200c9a66 */ \ + 0xdc8e21a0, \ + 0x03e4, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} #include "nsAuthGSSAPI.h" + #if defined( USE_SSPI ) #include "nsAuthSSPI.h" -#else -#include "nsAuthSambaNTLM.h" -#endif -#include "nsAuthSASL.h" -#include "nsNTLMAuthModule.h" -#include "nsNSSComponent.h" + +static nsresult +nsSysNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; -// static -already_AddRefed<nsIAuthModule> -nsIAuthModule::CreateInstance(const char* aType) + nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +static nsresult +nsKerbSSPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) { - nsCOMPtr<nsIAuthModule> auth; - if (!nsCRT::strcmp(aType, "kerb-gss")) { - auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS); - } else if (!nsCRT::strcmp(aType, "negotiate-gss")) { - auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE); -#if defined( USE_SSPI ) - } else if (!nsCRT::strcmp(aType, "negotiate-sspi")) { - auth = new nsAuthSSPI(); - } else if (!nsCRT::strcmp(aType, "kerb-sspi")) { - auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS); - } else if (!nsCRT::strcmp(aType, "sys-ntlm")) { - auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM); -#elif !defined(XP_MACOSX) - } else if (!nsCRT::strcmp(aType, "sys-ntlm")) { - RefPtr<nsAuthSambaNTLM> sambaAuth = new nsAuthSambaNTLM(); + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +#define NS_SYSNTLMAUTH_CID \ +{ /* dc195987-6e9a-47bc-b1fd-ab895d398833 */ \ + 0xdc195987, \ + 0x6e9a, \ + 0x47bc, \ + {0xb1, 0xfd, 0xab, 0x89, 0x5d, 0x39, 0x88, 0x33} \ +} + +#define NS_NEGOTIATEAUTHSSPI_CID \ +{ /* 78d3b0c0-0241-11da-8cd6-0800200c9a66 */ \ + 0x78d3b0c0, \ + 0x0241, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} - nsresult rv = sambaAuth->SpawnNTLMAuthHelper(); - if (NS_FAILED(rv)) { - // Failure here probably means that cached credentials were not available - return nullptr; - } +#define NS_KERBAUTHSSPI_CID \ +{ /* 8c3a0e20-03e5-11da-8cd6-0800200c9a66 */ \ + 0x8c3a0e20, \ + 0x03e5, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} + +#else - auth = sambaAuth.forget(); -#endif - } else if (!nsCRT::strcmp(aType, "sasl-gssapi")) { - auth = new nsAuthSASL(); - } else if (!nsCRT::strcmp(aType, "ntlm") && - XRE_IsParentProcess() && - EnsureNSSInitializedChromeOrContent()) { - RefPtr<nsNTLMAuthModule> ntlmAuth = new nsNTLMAuthModule(); +#define NS_SAMBANTLMAUTH_CID \ +{ /* bc54f001-6eb0-4e32-9f49-7e064d8e70ef */ \ + 0xbc54f001, \ + 0x6eb0, \ + 0x4e32, \ + {0x9f, 0x49, 0x7e, 0x06, 0x4d, 0x8e, 0x70, 0xef} \ +} - nsresult rv = ntlmAuth->InitTest(); - if (NS_FAILED(rv)) { - return nullptr; - } +#include "nsAuthSambaNTLM.h" +static nsresult +nsSambaNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; - auth = ntlmAuth.forget(); - } else { - return nullptr; + RefPtr<nsAuthSambaNTLM> auth = new nsAuthSambaNTLM(); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + nsresult rv = auth->SpawnNTLMAuthHelper(); + if (NS_FAILED(rv)) { + // Failure here probably means that cached credentials were not available + return rv; } - return auth.forget(); + return auth->QueryInterface(iid, result); +} + +#endif + +static nsresult +nsKerbGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +static nsresult +nsGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + + +#if defined( USE_SSPI ) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSSPI) +#endif + +#define NS_AUTHSASL_CID \ +{ /* 815e42e0-72cc-480f-934b-148e33c228a6 */ \ + 0x815e42e0, \ + 0x72cc, \ + 0x480f, \ + {0x93, 0x4b, 0x14, 0x8e, 0x33, 0xc2, 0x28, 0xa6} \ } +#include "nsAuthSASL.h" +NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSASL) + +NS_DEFINE_NAMED_CID(NS_GSSAUTH_CID); +NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTH_CID); +#if defined( USE_SSPI ) +NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTHSSPI_CID); +NS_DEFINE_NAMED_CID(NS_KERBAUTHSSPI_CID); +NS_DEFINE_NAMED_CID(NS_SYSNTLMAUTH_CID); +#else +NS_DEFINE_NAMED_CID(NS_SAMBANTLMAUTH_CID); +#endif +NS_DEFINE_NAMED_CID(NS_HTTPNEGOTIATEAUTH_CID); +NS_DEFINE_NAMED_CID(NS_AUTHSASL_CID); + + +static const mozilla::Module::CIDEntry kAuthCIDs[] = { + { &kNS_GSSAUTH_CID, false, nullptr, nsKerbGSSAPIAuthConstructor }, + { &kNS_NEGOTIATEAUTH_CID, false, nullptr, nsGSSAPIAuthConstructor }, +#if defined( USE_SSPI ) + { &kNS_NEGOTIATEAUTHSSPI_CID, false, nullptr, nsAuthSSPIConstructor }, + { &kNS_KERBAUTHSSPI_CID, false, nullptr, nsKerbSSPIAuthConstructor }, + { &kNS_SYSNTLMAUTH_CID, false, nullptr, nsSysNTLMAuthConstructor }, +#else + { &kNS_SAMBANTLMAUTH_CID, false, nullptr, nsSambaNTLMAuthConstructor }, +#endif + { &kNS_HTTPNEGOTIATEAUTH_CID, false, nullptr, nsHttpNegotiateAuthConstructor }, + { &kNS_AUTHSASL_CID, false, nullptr, nsAuthSASLConstructor }, + { nullptr } +}; + +static const mozilla::Module::ContractIDEntry kAuthContracts[] = { + { NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss", &kNS_GSSAUTH_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss", &kNS_NEGOTIATEAUTH_CID }, +#if defined( USE_SSPI ) + { NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi", &kNS_NEGOTIATEAUTHSSPI_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi", &kNS_KERBAUTHSSPI_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SYSNTLMAUTH_CID }, +#elif !defined(XP_MACOSX) + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SAMBANTLMAUTH_CID }, +#endif + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "negotiate", &kNS_HTTPNEGOTIATEAUTH_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sasl-gssapi", &kNS_AUTHSASL_CID }, + { nullptr } +}; + +//----------------------------------------------------------------------------- mozilla::LazyLogModule gNegotiateLog("negotiateauth"); + +// setup nspr logging ... +static nsresult +InitNegotiateAuth() +{ + return NS_OK; +} + +static void +DestroyNegotiateAuth() +{ + nsAuthGSSAPI::Shutdown(); +} + +static const mozilla::Module kAuthModule = { + mozilla::Module::kVersion, + kAuthCIDs, + kAuthContracts, + nullptr, + nullptr, + InitNegotiateAuth, + DestroyNegotiateAuth +}; + +NSMODULE_DEFN(nsAuthModule) = &kAuthModule;
--- a/extensions/auth/nsAuthSASL.cpp +++ b/extensions/auth/nsAuthSASL.cpp @@ -38,27 +38,29 @@ nsAuthSASL::Init(const char *serviceName NS_ASSERTION(!domain && !password, "unexpected credentials"); mUsername = username; // If we're doing SASL, we should do mutual auth serviceFlags |= REQ_MUTUAL_AUTH; // Find out whether we should be trying SSPI or not - const char *authType = "kerb-gss"; + const char *contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss"; nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); if (prefs) { bool val; rv = prefs->GetBoolPref(kNegotiateAuthSSPI, &val); if (NS_SUCCEEDED(rv) && val) - authType = "kerb-sspi"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi"; } - MOZ_ALWAYS_TRUE(mInnerModule = nsIAuthModule::CreateInstance(authType)); + mInnerModule = do_CreateInstance(contractID, &rv); + // if we can't create the GSSAPI module, then bail + NS_ENSURE_SUCCESS(rv, rv); mInnerModule->Init(serviceName, serviceFlags, nullptr, nullptr, nullptr); return NS_OK; } NS_IMETHODIMP nsAuthSASL::GetNextToken(const void *inToken,
--- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -44,32 +44,29 @@ #include "nsIChannel.h" #include "nsNetUtil.h" #include "nsThreadUtils.h" #include "nsIHttpAuthenticatorCallback.h" #include "mozilla/Mutex.h" #include "nsICancelable.h" #include "nsUnicharUtils.h" #include "mozilla/net/HttpAuthUtils.h" -#include "mozilla/ClearOnShutdown.h" using mozilla::Base64Decode; //----------------------------------------------------------------------------- static const char kNegotiate[] = "Negotiate"; static const char kNegotiateAuthTrustedURIs[] = "network.negotiate-auth.trusted-uris"; static const char kNegotiateAuthDelegationURIs[] = "network.negotiate-auth.delegation-uris"; static const char kNegotiateAuthAllowProxies[] = "network.negotiate-auth.allow-proxies"; static const char kNegotiateAuthAllowNonFqdn[] = "network.negotiate-auth.allow-non-fqdn"; static const char kNegotiateAuthSSPI[] = "network.auth.use-sspi"; static const char kSSOinPBmode[] = "network.auth.private-browsing-sso"; -mozilla::StaticRefPtr<nsHttpNegotiateAuth> nsHttpNegotiateAuth::gSingleton; - #define kNegotiateLen (sizeof(kNegotiate)-1) #define DEFAULT_THREAD_TIMEOUT_MS 30000 //----------------------------------------------------------------------------- // Return false when the channel comes from a Private browsing window. static bool TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel, bool proxyAuth) @@ -103,31 +100,16 @@ TestNotInPBMode(nsIHttpAuthenticableChan dontRememberHistory) { return true; } } return false; } -already_AddRefed<nsIHttpAuthenticator> -nsHttpNegotiateAuth::GetOrCreate() -{ - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpNegotiateAuth(); - mozilla::ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - NS_IMETHODIMP nsHttpNegotiateAuth::GetAuthFlags(uint32_t *flags) { // // Negotiate Auth creds should not be reused across multiple requests. // Only perform the negotiation when it is explicitly requested by the // server. Thus, do *NOT* use the "REUSABLE_CREDENTIALS" flag here. // @@ -149,24 +131,23 @@ nsHttpNegotiateAuth::GetAuthFlags(uint32 NS_IMETHODIMP nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel, const char *challenge, bool isProxyAuth, nsISupports **sessionState, nsISupports **continuationState, bool *identityInvalid) { - nsIAuthModule *rawModule = (nsIAuthModule *) *continuationState; + nsIAuthModule *module = (nsIAuthModule *) *continuationState; *identityInvalid = false; - if (rawModule) + if (module) return NS_OK; nsresult rv; - nsCOMPtr<nsIAuthModule> module; nsCOMPtr<nsIURI> uri; rv = authChannel->GetURI(getter_AddRefs(uri)); if (NS_FAILED(rv)) return rv; uint32_t req_flags = nsIAuthModule::REQ_DEFAULT; nsAutoCString service; @@ -211,36 +192,41 @@ nsHttpNegotiateAuth::ChallengeReceived(n // construct the proper service name for passing to "gss_import_name". // // TODO: Possibly make this a configurable service name for use // with non-standard servers that use stuff like "khttp/f.q.d.n" // instead. // service.InsertLiteral("HTTP@", 0); - const char *authType; + const char *contractID; if (TestBoolPref(kNegotiateAuthSSPI)) { LOG((" using negotiate-sspi\n")); - authType = "negotiate-sspi"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi"; } else { LOG((" using negotiate-gss\n")); - authType = "negotiate-gss"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss"; } - MOZ_ALWAYS_TRUE(module = nsIAuthModule::CreateInstance(authType)); - - rv = module->Init(service.get(), req_flags, nullptr, nullptr, nullptr); + rv = CallCreateInstance(contractID, &module); if (NS_FAILED(rv)) { LOG((" Failed to load Negotiate Module \n")); return rv; } - module.forget(continuationState); + rv = module->Init(service.get(), req_flags, nullptr, nullptr, nullptr); + + if (NS_FAILED(rv)) { + NS_RELEASE(module); + return rv; + } + + *continuationState = module; return NS_OK; } NS_IMPL_ISUPPORTS(nsHttpNegotiateAuth, nsIHttpAuthenticator) namespace { // @@ -391,18 +377,22 @@ class GetNextTokenRunnable final : publi mContinuationState.forget()); } NS_IMETHODIMP ObtainCredentialsAndFlags(char **aCreds, uint32_t *aFlags) { nsresult rv; // Use negotiate service to call GenerateCredentials outside of main thread + nsAutoCString contractId; + contractId.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractId.AppendLiteral("negotiate"); nsCOMPtr<nsIHttpAuthenticator> authenticator = - new nsHttpNegotiateAuth(); + do_GetService(contractId.get(), &rv); + NS_ENSURE_SUCCESS(rv, rv); nsISupports *sessionState = mSessionState; nsISupports *continuationState = mContinuationState; // The continuationState is for the sake of completeness propagated // to the caller (despite it is not changed in any GenerateCredentials // implementation). // // The only implementation that use sessionState is the
--- a/extensions/auth/nsHttpNegotiateAuth.h +++ b/extensions/auth/nsHttpNegotiateAuth.h @@ -5,37 +5,31 @@ #ifndef nsHttpNegotiateAuth_h__ #define nsHttpNegotiateAuth_h__ #include "nsIHttpAuthenticator.h" #include "nsIURI.h" #include "mozilla/Attributes.h" #include "mozilla/LazyIdleThread.h" -#include "mozilla/StaticPtr.h" // The nsHttpNegotiateAuth class provides responses for the GSS-API Negotiate method // as specified by Microsoft in draft-brezak-spnego-http-04.txt class nsHttpNegotiateAuth final : public nsIHttpAuthenticator { public: NS_DECL_THREADSAFE_ISUPPORTS NS_DECL_NSIHTTPAUTHENTICATOR - static already_AddRefed<nsIHttpAuthenticator> GetOrCreate(); - private: ~nsHttpNegotiateAuth() {} // returns the value of the given boolean pref bool TestBoolPref(const char *pref); // tests if the host part of an uri is fully qualified bool TestNonFqdn(nsIURI *uri); // Thread for GenerateCredentialsAsync RefPtr<mozilla::LazyIdleThread> mNegotiateThread; - - // Singleton pointer - static mozilla::StaticRefPtr<nsHttpNegotiateAuth> gSingleton; }; #endif /* nsHttpNegotiateAuth_h__ */
--- a/netwerk/base/nsIAuthModule.idl +++ b/netwerk/base/nsIAuthModule.idl @@ -128,19 +128,18 @@ interface nsIAuthModule : nsISupports * * Unwrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying * authentication mechanism does not support security layers. */ void unwrap([const] in voidPtr aInToken, in unsigned long aInTokenLength, out voidPtr aOutToken, out unsigned long aOutTokenLength); +}; %{C++ - /** - * Create a new instance of an auth module. - * - * @param aType - * The type of the auth module to be constructed. - */ - static already_AddRefed<nsIAuthModule> CreateInstance(const char* aType); +/** + * nsIAuthModule implementations are registered under the following contract + * ID prefix: + */ +#define NS_AUTH_MODULE_CONTRACTID_PREFIX \ + "@mozilla.org/network/auth-module;1?name=" %} -};
--- a/netwerk/build/moz.build +++ b/netwerk/build/moz.build @@ -12,17 +12,16 @@ SOURCES += [ 'nsNetModule.cpp', ] include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ - '/extensions/auth', '/netwerk/base', '/netwerk/cache', '/netwerk/dns', '/netwerk/mime', '/netwerk/protocol/about', '/netwerk/protocol/data', '/netwerk/protocol/file', '/netwerk/protocol/ftp',
--- a/netwerk/build/nsNetModule.cpp +++ b/netwerk/build/nsNetModule.cpp @@ -34,17 +34,16 @@ #include "nsXULAppAPI.h" #include "nsCategoryCache.h" #include "nsIContentSniffer.h" #include "Predictor.h" #include "nsIThreadPool.h" #include "mozilla/net/BackgroundChannelRegistrar.h" #include "mozilla/net/NeckoChild.h" #include "RedirectChannelRegistrar.h" -#include "nsAuthGSSAPI.h" #include "nsNetCID.h" #if defined(XP_MACOSX) || defined(XP_WIN) || defined(XP_LINUX) #define BUILD_NETWORK_INFO_SERVICE 1 #endif typedef nsCategoryCache<nsIContentSniffer> ContentSnifferCache; @@ -229,26 +228,32 @@ NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFi NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFtpProtocolHandler, Init) // http/https #include "nsHttpHandler.h" #include "Http2Compression.h" #undef LOG #undef LOG_ENABLED #include "nsHttpAuthManager.h" +#include "nsHttpBasicAuth.h" +#include "nsHttpDigestAuth.h" +#include "nsHttpNTLMAuth.h" #include "nsHttpActivityDistributor.h" #include "ThrottleQueue.h" #undef LOG #undef LOG_ENABLED namespace mozilla { namespace net { +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNTLMAuth) NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsHttpHandler, nsHttpHandler::GetInstance) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init) NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpActivityDistributor) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth) NS_GENERIC_FACTORY_CONSTRUCTOR(ThrottleQueue) } // namespace net } // namespace mozilla #include "mozilla/net/Dashboard.h" namespace mozilla { namespace net { NS_GENERIC_FACTORY_CONSTRUCTOR(Dashboard) @@ -616,18 +621,16 @@ static void nsNetShutdown() mozilla::net::WebSocketChannel::Shutdown(); mozilla::net::Http2CompressionCleanup(); mozilla::net::RedirectChannelRegistrar::Shutdown(); mozilla::net::BackgroundChannelRegistrar::Shutdown(); - nsAuthGSSAPI::Shutdown(); - delete gNetSniffers; gNetSniffers = nullptr; delete gDataSniffers; gDataSniffers = nullptr; } NS_DEFINE_NAMED_CID(NS_IOSERVICE_CID); NS_DEFINE_NAMED_CID(NS_STREAMTRANSPORTSERVICE_CID); @@ -676,16 +679,19 @@ NS_DEFINE_NAMED_CID(NS_MULTIMIXEDCONVERT NS_DEFINE_NAMED_CID(NS_UNKNOWNDECODER_CID); NS_DEFINE_NAMED_CID(NS_BINARYDETECTOR_CID); NS_DEFINE_NAMED_CID(NS_HTTPCOMPRESSCONVERTER_CID); NS_DEFINE_NAMED_CID(MOZITXTTOHTMLCONV_CID); NS_DEFINE_NAMED_CID(NS_MIMEHEADERPARAM_CID); NS_DEFINE_NAMED_CID(NS_FILEPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_HTTPPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_HTTPSPROTOCOLHANDLER_CID); +NS_DEFINE_NAMED_CID(NS_HTTPBASICAUTH_CID); +NS_DEFINE_NAMED_CID(NS_HTTPDIGESTAUTH_CID); +NS_DEFINE_NAMED_CID(NS_HTTPNTLMAUTH_CID); NS_DEFINE_NAMED_CID(NS_HTTPAUTHMANAGER_CID); NS_DEFINE_NAMED_CID(NS_HTTPACTIVITYDISTRIBUTOR_CID); NS_DEFINE_NAMED_CID(NS_THROTTLEQUEUE_CID); NS_DEFINE_NAMED_CID(NS_FTPPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_RESPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_EXTENSIONPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_SUBSTITUTINGURL_CID); NS_DEFINE_NAMED_CID(NS_SUBSTITUTINGURLMUTATOR_CID); @@ -780,16 +786,19 @@ static const mozilla::Module::CIDEntry k { &kNS_UNKNOWNDECODER_CID, false, nullptr, CreateNewUnknownDecoderFactory }, { &kNS_BINARYDETECTOR_CID, false, nullptr, CreateNewBinaryDetectorFactory }, { &kNS_HTTPCOMPRESSCONVERTER_CID, false, nullptr, CreateNewHTTPCompressConvFactory }, { &kMOZITXTTOHTMLCONV_CID, false, nullptr, CreateNewTXTToHTMLConvFactory }, { &kNS_MIMEHEADERPARAM_CID, false, nullptr, nsMIMEHeaderParamImplConstructor }, { &kNS_FILEPROTOCOLHANDLER_CID, false, nullptr, nsFileProtocolHandlerConstructor }, { &kNS_HTTPPROTOCOLHANDLER_CID, false, nullptr, mozilla::net::nsHttpHandlerConstructor }, { &kNS_HTTPSPROTOCOLHANDLER_CID, false, nullptr, mozilla::net::nsHttpsHandlerConstructor }, + { &kNS_HTTPBASICAUTH_CID, false, nullptr, mozilla::net::nsHttpBasicAuthConstructor }, + { &kNS_HTTPDIGESTAUTH_CID, false, nullptr, mozilla::net::nsHttpDigestAuthConstructor }, + { &kNS_HTTPNTLMAUTH_CID, false, nullptr, mozilla::net::nsHttpNTLMAuthConstructor }, { &kNS_HTTPAUTHMANAGER_CID, false, nullptr, mozilla::net::nsHttpAuthManagerConstructor }, { &kNS_HTTPACTIVITYDISTRIBUTOR_CID, false, nullptr, mozilla::net::nsHttpActivityDistributorConstructor }, { &kNS_THROTTLEQUEUE_CID, false, nullptr, mozilla::net::ThrottleQueueConstructor }, { &kNS_FTPPROTOCOLHANDLER_CID, false, nullptr, nsFtpProtocolHandlerConstructor }, { &kNS_RESPROTOCOLHANDLER_CID, false, nullptr, nsResProtocolHandlerConstructor }, { &kNS_EXTENSIONPROTOCOLHANDLER_CID, false, nullptr, mozilla::ExtensionProtocolHandlerConstructor }, { &kNS_SUBSTITUTINGURL_CID, false, nullptr, mozilla::SubstitutingURLMutatorConstructor }, // do_CreateInstance returns mutator { &kNS_SUBSTITUTINGURLMUTATOR_CID, false, nullptr, mozilla::SubstitutingURLMutatorConstructor }, @@ -891,16 +900,19 @@ static const mozilla::Module::ContractID { NS_ISTREAMCONVERTER_KEY COMPRESS_TO_UNCOMPRESSED, &kNS_HTTPCOMPRESSCONVERTER_CID }, { NS_ISTREAMCONVERTER_KEY XCOMPRESS_TO_UNCOMPRESSED, &kNS_HTTPCOMPRESSCONVERTER_CID }, { NS_ISTREAMCONVERTER_KEY DEFLATE_TO_UNCOMPRESSED, &kNS_HTTPCOMPRESSCONVERTER_CID }, { MOZ_TXTTOHTMLCONV_CONTRACTID, &kMOZITXTTOHTMLCONV_CID }, { NS_MIMEHEADERPARAM_CONTRACTID, &kNS_MIMEHEADERPARAM_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "file", &kNS_FILEPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "http", &kNS_HTTPPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "https", &kNS_HTTPSPROTOCOLHANDLER_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "basic", &kNS_HTTPBASICAUTH_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "digest", &kNS_HTTPDIGESTAUTH_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "ntlm", &kNS_HTTPNTLMAUTH_CID }, { NS_HTTPAUTHMANAGER_CONTRACTID, &kNS_HTTPAUTHMANAGER_CID }, { NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID, &kNS_HTTPACTIVITYDISTRIBUTOR_CID }, { NS_THROTTLEQUEUE_CONTRACTID, &kNS_THROTTLEQUEUE_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "ftp", &kNS_FTPPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "resource", &kNS_RESPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "moz-extension", &kNS_EXTENSIONPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "about", &kNS_ABOUTPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "moz-safe-about", &kNS_SAFEABOUTPROTOCOLHANDLER_CID },
--- a/netwerk/protocol/http/moz.build +++ b/netwerk/protocol/http/moz.build @@ -128,17 +128,16 @@ EXTRA_JS_MODULES += [ ] include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ '/dom/base', - '/extensions/auth', '/netwerk/base', '/netwerk/cookie', ] EXTRA_COMPONENTS += [ 'UAOverridesBootstrapper.js', 'UAOverridesBootstrapper.manifest', 'WellKnownOpportunisticUtils.js',
--- a/netwerk/protocol/http/nsHttpBasicAuth.cpp +++ b/netwerk/protocol/http/nsHttpBasicAuth.cpp @@ -5,38 +5,20 @@ // HttpLog.h should generally be included first #include "HttpLog.h" #include "nsHttpBasicAuth.h" #include "plstr.h" #include "nsString.h" #include "mozilla/Base64.h" -#include "mozilla/ClearOnShutdown.h" namespace mozilla { namespace net { -StaticRefPtr<nsHttpBasicAuth> nsHttpBasicAuth::gSingleton; - -already_AddRefed<nsIHttpAuthenticator> -nsHttpBasicAuth::GetOrCreate() -{ - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpBasicAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - //----------------------------------------------------------------------------- // nsHttpBasicAuth::nsISupports //----------------------------------------------------------------------------- NS_IMPL_ISUPPORTS(nsHttpBasicAuth, nsIHttpAuthenticator) //----------------------------------------------------------------------------- // nsHttpBasicAuth::nsIHttpAuthenticator
--- a/netwerk/protocol/http/nsHttpBasicAuth.h +++ b/netwerk/protocol/http/nsHttpBasicAuth.h @@ -2,38 +2,31 @@ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef nsBasicAuth_h__ #define nsBasicAuth_h__ #include "nsIHttpAuthenticator.h" -#include "mozilla/RefPtr.h" -#include "mozilla/StaticPtr.h" namespace mozilla { namespace net { //----------------------------------------------------------------------------- // The nsHttpBasicAuth class produces HTTP Basic-auth responses for a username/ // (optional)password pair, BASE64("user:pass"). //----------------------------------------------------------------------------- class nsHttpBasicAuth : public nsIHttpAuthenticator { public: NS_DECL_ISUPPORTS NS_DECL_NSIHTTPAUTHENTICATOR nsHttpBasicAuth() = default; - - static already_AddRefed<nsIHttpAuthenticator> GetOrCreate(); - private: virtual ~nsHttpBasicAuth() = default; - - static StaticRefPtr<nsHttpBasicAuth> gSingleton; }; } // namespace net } // namespace mozilla #endif // !nsHttpBasicAuth_h__
--- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ -20,20 +20,16 @@ #include "nsEscape.h" #include "nsAuthInformationHolder.h" #include "nsIStringBundle.h" #include "nsIPrompt.h" #include "netCore.h" #include "nsIHttpAuthenticableChannel.h" #include "nsIURI.h" #include "nsContentUtils.h" -#include "nsHttpBasicAuth.h" -#include "nsHttpDigestAuth.h" -#include "nsHttpNegotiateAuth.h" -#include "nsHttpNTLMAuth.h" #include "nsServiceManagerUtils.h" #include "nsILoadContext.h" #include "nsIURL.h" #include "mozilla/StaticPrefs.h" #include "mozilla/Telemetry.h" #include "nsIProxiedChannel.h" #include "nsIProxyInfo.h" @@ -1094,33 +1090,21 @@ nsHttpChannelAuthProvider::GetAuthentica LOG(("nsHttpChannelAuthProvider::GetAuthenticator [this=%p channel=%p]\n", this, mAuthChannel)); GetAuthType(challenge, authType); // normalize to lowercase ToLowerCase(authType); - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (authType.EqualsLiteral("negotiate")) { - authenticator = nsHttpNegotiateAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("basic")) { - authenticator = nsHttpBasicAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("digest")) { - authenticator = nsHttpDigestAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("ntlm")) { - authenticator = nsHttpNTLMAuth::GetOrCreate(); - } else { - return NS_ERROR_SERVICE_NOT_FOUND; - } + nsAutoCString contractid; + contractid.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractid.Append(authType); - MOZ_ASSERT(authenticator); - authenticator.forget(auth); - - return NS_OK; + return CallGetService(contractid.get(), auth); } void nsHttpChannelAuthProvider::GetIdentityFromURI(uint32_t authFlags, nsHttpAuthIdentity &ident) { LOG(("nsHttpChannelAuthProvider::GetIdentityFromURI [this=%p channel=%p]\n", this, mAuthChannel));
--- a/netwerk/protocol/http/nsHttpDigestAuth.cpp +++ b/netwerk/protocol/http/nsHttpDigestAuth.cpp @@ -2,17 +2,16 @@ * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ // HttpLog.h should generally be included first #include "HttpLog.h" -#include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" #include "mozilla/Unused.h" #include "nsHttp.h" #include "nsHttpDigestAuth.h" #include "nsIHttpAuthenticableChannel.h" #include "nsISupportsPrimitives.h" #include "nsIURI.h" @@ -21,33 +20,16 @@ #include "nsNetCID.h" #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" namespace mozilla { namespace net { -StaticRefPtr<nsHttpDigestAuth> nsHttpDigestAuth::gSingleton; - -already_AddRefed<nsIHttpAuthenticator> -nsHttpDigestAuth::GetOrCreate() -{ - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpDigestAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - //----------------------------------------------------------------------------- // nsHttpDigestAuth::nsISupports //----------------------------------------------------------------------------- NS_IMPL_ISUPPORTS(nsHttpDigestAuth, nsIHttpAuthenticator) //----------------------------------------------------------------------------- // nsHttpDigestAuth <protected>
--- a/netwerk/protocol/http/nsHttpDigestAuth.h +++ b/netwerk/protocol/http/nsHttpDigestAuth.h @@ -6,17 +6,16 @@ #ifndef nsDigestAuth_h__ #define nsDigestAuth_h__ #include "nsIHttpAuthenticator.h" #include "nsStringFwd.h" #include "nsCOMPtr.h" #include "mozilla/Attributes.h" -#include "mozilla/StaticPtr.h" class nsICryptoHash; namespace mozilla { namespace net { #define ALGO_SPECIFIED 0x01 #define ALGO_MD5 0x02 #define ALGO_MD5_SESS 0x04 @@ -34,18 +33,16 @@ namespace mozilla { namespace net { class nsHttpDigestAuth final : public nsIHttpAuthenticator { public: NS_DECL_ISUPPORTS NS_DECL_NSIHTTPAUTHENTICATOR nsHttpDigestAuth() = default; - static already_AddRefed<nsIHttpAuthenticator> GetOrCreate(); - protected: ~nsHttpDigestAuth() = default; MOZ_MUST_USE nsresult ExpandToHex(const char * digest, char * result); MOZ_MUST_USE nsresult CalculateResponse(const char * ha1_digest, const char * ha2_digest, const nsCString& nonce, @@ -85,16 +82,14 @@ class nsHttpDigestAuth final : public ns // append the quoted version of value to aHeaderLine MOZ_MUST_USE nsresult AppendQuotedString(const nsACString & value, nsACString & aHeaderLine); protected: nsCOMPtr<nsICryptoHash> mVerifier; char mHashBuf[DIGEST_LENGTH]; - - static StaticRefPtr<nsHttpDigestAuth> gSingleton; }; } // namespace net } // namespace mozilla #endif // nsHttpDigestAuth_h__
--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -30,29 +30,26 @@ #include "mozilla/CheckedInt.h" #include "mozilla/Tokenizer.h" #include "mozilla/UniquePtr.h" #include "mozilla/Unused.h" #include "nsNetUtil.h" #include "nsIChannel.h" #include "nsUnicharUtils.h" #include "mozilla/net/HttpAuthUtils.h" -#include "mozilla/ClearOnShutdown.h" namespace mozilla { namespace net { static const char kAllowProxies[] = "network.automatic-ntlm-auth.allow-proxies"; static const char kAllowNonFqdn[] = "network.automatic-ntlm-auth.allow-non-fqdn"; static const char kTrustedURIs[] = "network.automatic-ntlm-auth.trusted-uris"; static const char kForceGeneric[] = "network.auth.force-generic-ntlm"; static const char kSSOinPBmode[] = "network.auth.private-browsing-sso"; -StaticRefPtr<nsHttpNTLMAuth> nsHttpNTLMAuth::gSingleton; - static bool IsNonFqdn(nsIURI *uri) { nsAutoCString host; PRNetAddr addr; if (NS_FAILED(uri->GetAsciiHost(host))) return false; @@ -142,31 +139,16 @@ class nsNTLMSessionState final : public ~nsNTLMSessionState() = default; public: NS_DECL_ISUPPORTS }; NS_IMPL_ISUPPORTS0(nsNTLMSessionState) //----------------------------------------------------------------------------- -already_AddRefed<nsIHttpAuthenticator> -nsHttpNTLMAuth::GetOrCreate() -{ - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpNTLMAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - NS_IMPL_ISUPPORTS(nsHttpNTLMAuth, nsIHttpAuthenticator) NS_IMETHODIMP nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, const char *challenge, bool isProxyAuth, nsISupports **sessionState, nsISupports **continuationState, @@ -181,41 +163,41 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHtt // NOTE: we don't define any session state, but we do use the pointer. *identityInvalid = false; // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them. if (PL_strcasecmp(challenge, "NTLM") == 0) { - nsCOMPtr<nsIAuthModule> module; + nsCOMPtr<nsISupports> module; // Check to see if we should default to our generic NTLM auth module // through UseGenericNTLM. (We use native auth by default if the // system provides it.) If *sessionState is non-null, we failed to // instantiate a native NTLM module the last time, so skip trying again. bool forceGeneric = ForceGenericNTLM(); if (!forceGeneric && !*sessionState) { // Check for approved default credentials hosts and proxies. If // *continuationState is non-null, the last authentication attempt // failed so skip default credential use. if (!*continuationState && CanUseDefaultCredentials(channel, isProxyAuth)) { // Try logging in with the user's default credentials. If // successful, |identityInvalid| is false, which will trigger // a default credentials attempt once we return. - module = nsIAuthModule::CreateInstance("sys-ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm"); } #ifdef XP_WIN else { // Try to use native NTLM and prompt the user for their domain, // username, and password. (only supported by windows nsAuthSSPI module.) // Note, for servers that use LMv1 a weak hash of the user's password // will be sent. We rely on windows internal apis to decide whether // we should support this older, less secure version of the protocol. - module = nsIAuthModule::CreateInstance("sys-ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm"); *identityInvalid = true; } #endif // XP_WIN if (!module) LOG(("Native sys-ntlm auth module not found.\n")); } #ifdef XP_WIN @@ -233,33 +215,33 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHtt if (!*sessionState) return NS_ERROR_OUT_OF_MEMORY; NS_ADDREF(*sessionState); } // Use our internal NTLM implementation. Note, this is less secure, // see bug 520607 for details. LOG(("Trying to fall back on internal ntlm auth.\n")); - module = nsIAuthModule::CreateInstance("ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm"); mUseNative = false; // Prompt user for domain, username, and password. *identityInvalid = true; } // If this fails, then it means that we cannot do NTLM auth. if (!module) { LOG(("No ntlm auth modules available.\n")); return NS_ERROR_UNEXPECTED; } // A non-null continuation state implies that we failed to authenticate. // Blow away the old authentication state, and use the new one. - module.forget(continuationState); + module.swap(*continuationState); } return NS_OK; } NS_IMETHODIMP nsHttpNTLMAuth::GenerateCredentialsAsync(nsIHttpAuthenticableChannel *authChannel, nsIHttpAuthenticatorCallback* aCallback, const char *challenge,
--- a/netwerk/protocol/http/nsHttpNTLMAuth.h +++ b/netwerk/protocol/http/nsHttpNTLMAuth.h @@ -1,36 +1,31 @@ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef nsHttpNTLMAuth_h__ #define nsHttpNTLMAuth_h__ #include "nsIHttpAuthenticator.h" -#include "mozilla/StaticPtr.h" namespace mozilla { namespace net { class nsHttpNTLMAuth : public nsIHttpAuthenticator { public: NS_DECL_ISUPPORTS NS_DECL_NSIHTTPAUTHENTICATOR nsHttpNTLMAuth() : mUseNative(false) {} - static already_AddRefed<nsIHttpAuthenticator> GetOrCreate(); - private: virtual ~nsHttpNTLMAuth() = default; // This flag indicates whether we are using the native NTLM implementation // or the internal one. bool mUseNative; - - static StaticRefPtr<nsHttpNTLMAuth> gSingleton; }; } // namespace net } // namespace mozilla #endif // !nsHttpNTLMAuth_h__
--- a/netwerk/protocol/http/nsHttpTransaction.cpp +++ b/netwerk/protocol/http/nsHttpTransaction.cpp @@ -4,25 +4,21 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ // HttpLog.h should generally be included first #include "HttpLog.h" #include "base/basictypes.h" -#include "nsHttpBasicAuth.h" -#include "nsHttpChunkedDecoder.h" -#include "nsHttpDigestAuth.h" #include "nsHttpHandler.h" -#include "nsHttpNegotiateAuth.h" -#include "nsHttpNTLMAuth.h" +#include "nsHttpTransaction.h" #include "nsHttpRequestHead.h" #include "nsHttpResponseHead.h" -#include "nsHttpTransaction.h" +#include "nsHttpChunkedDecoder.h" #include "nsTransportUtils.h" #include "nsNetCID.h" #include "nsNetUtil.h" #include "nsIChannel.h" #include "nsIPipe.h" #include "nsCRT.h" #include "mozilla/Tokenizer.h" #include "TCPFastOpenLayer.h" @@ -2021,27 +2017,22 @@ nsHttpTransaction::CheckForStickyAuthSch return; } Tokenizer p(auth); nsAutoCString schema; while (p.ReadWord(schema)) { ToLowerCase(schema); + nsAutoCString contractid; + contractid.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractid.Append(schema); + // using a new instance because of thread safety of auth modules refcnt - nsCOMPtr<nsIHttpAuthenticator> authenticator; - if (schema.EqualsLiteral("negotiate")) { - authenticator = new nsHttpNegotiateAuth(); - } else if (schema.EqualsLiteral("basic")) { - authenticator = new nsHttpBasicAuth(); - } else if (schema.EqualsLiteral("digest")) { - authenticator = new nsHttpDigestAuth(); - } else if (schema.EqualsLiteral("ntlm")) { - authenticator = new nsHttpNTLMAuth(); - } + nsCOMPtr<nsIHttpAuthenticator> authenticator(do_CreateInstance(contractid.get())); if (authenticator) { uint32_t flags; nsresult rv = authenticator->GetAuthFlags(&flags); if (NS_SUCCEEDED(rv) && (flags & nsIHttpAuthenticator::CONNECTION_BASED)) { LOG((" connection made sticky, found %s auth shema", schema.get())); // This is enough to make this transaction keep it's current connection, // prevents the connection from being released back to the pool. mCaps |= NS_HTTP_STICKY_CONNECTION;
--- a/netwerk/protocol/http/nsIHttpAuthenticator.idl +++ b/netwerk/protocol/http/nsIHttpAuthenticator.idl @@ -214,8 +214,13 @@ interface nsIHttpAuthenticator : nsISupp const unsigned long IDENTITY_INCLUDES_DOMAIN = (1<<11); /** * This flag indicates that the identity will be sent encrypted. It does * not make sense to combine this flag with IDENTITY_IGNORED. */ const unsigned long IDENTITY_ENCRYPTED = (1<<12); }; + +%{C++ +#define NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX \ + "@mozilla.org/network/http-authenticator;1?scheme=" +%}
--- a/security/manager/ssl/nsNSSModule.cpp +++ b/security/manager/ssl/nsNSSModule.cpp @@ -18,16 +18,17 @@ #include "nsCryptoHash.h" #include "nsICategoryManager.h" #include "nsKeyModule.h" #include "nsKeygenHandler.h" #include "nsNSSCertificate.h" #include "nsNSSCertificateDB.h" #include "nsNSSComponent.h" #include "nsNSSVersion.h" +#include "nsNTLMAuthModule.h" #include "nsNetCID.h" #include "nsPK11TokenDB.h" #include "nsPKCS11Slot.h" #include "nsRandomGenerator.h" #include "nsSecureBrowserUIImpl.h" #include "nsSiteSecurityService.h" #include "nsXULAppAPI.h" #include "OSKeyStore.h" @@ -138,16 +139,17 @@ NS_DEFINE_NAMED_CID(NS_X509CERT_CID); NS_DEFINE_NAMED_CID(NS_X509CERTDB_CID); NS_DEFINE_NAMED_CID(NS_X509CERTLIST_CID); NS_DEFINE_NAMED_CID(NS_FORMPROCESSOR_CID); #ifdef MOZ_XUL NS_DEFINE_NAMED_CID(NS_CERTTREE_CID); #endif NS_DEFINE_NAMED_CID(NS_CRYPTO_HASH_CID); NS_DEFINE_NAMED_CID(NS_CRYPTO_HMAC_CID); +NS_DEFINE_NAMED_CID(NS_NTLMAUTHMODULE_CID); NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECT_CID); NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECTFACTORY_CID); NS_DEFINE_NAMED_CID(NS_CONTENTSIGNATUREVERIFIER_CID); NS_DEFINE_NAMED_CID(NS_CERTOVERRIDE_CID); NS_DEFINE_NAMED_CID(NS_RANDOMGENERATOR_CID); NS_DEFINE_NAMED_CID(TRANSPORTSECURITYINFO_CID); NS_DEFINE_NAMED_CID(NS_NSSERRORSSERVICE_CID); NS_DEFINE_NAMED_CID(NS_NSSVERSION_CID); @@ -176,16 +178,18 @@ static const mozilla::Module::CIDEntry k { &kNS_FORMPROCESSOR_CID, false, nullptr, nsKeygenFormProcessor::Create }, #ifdef MOZ_XUL { &kNS_CERTTREE_CID, false, nullptr, Constructor<nsCertTree> }, #endif { &kNS_CRYPTO_HASH_CID, false, nullptr, Constructor<nsCryptoHash, nullptr, ProcessRestriction::AnyProcess> }, { &kNS_CRYPTO_HMAC_CID, false, nullptr, Constructor<nsCryptoHMAC, nullptr, ProcessRestriction::AnyProcess> }, + { &kNS_NTLMAUTHMODULE_CID, false, nullptr, + Constructor<nsNTLMAuthModule, &nsNTLMAuthModule::InitTest> }, { &kNS_KEYMODULEOBJECT_CID, false, nullptr, Constructor<nsKeyObject, nullptr, ProcessRestriction::AnyProcess> }, { &kNS_KEYMODULEOBJECTFACTORY_CID, false, nullptr, Constructor<nsKeyObjectFactory, nullptr, ProcessRestriction::AnyProcess> }, { &kNS_CONTENTSIGNATUREVERIFIER_CID, false, nullptr, Constructor<ContentSignatureVerifier> }, { &kNS_CERTOVERRIDE_CID, false, nullptr, Constructor<nsCertOverrideService, &nsCertOverrideService::Init, @@ -230,16 +234,17 @@ static const mozilla::Module::ContractID { NS_X509CERTLIST_CONTRACTID, &kNS_X509CERTLIST_CID }, { NS_FORMPROCESSOR_CONTRACTID, &kNS_FORMPROCESSOR_CID }, #ifdef MOZ_XUL { NS_CERTTREE_CONTRACTID, &kNS_CERTTREE_CID }, #endif { NS_CRYPTO_HASH_CONTRACTID, &kNS_CRYPTO_HASH_CID }, { NS_CRYPTO_HMAC_CONTRACTID, &kNS_CRYPTO_HMAC_CID }, { "@mozilla.org/uriloader/psm-external-content-listener;1", &kNS_PSMCONTENTLISTEN_CID }, + { NS_NTLMAUTHMODULE_CONTRACTID, &kNS_NTLMAUTHMODULE_CID }, { NS_KEYMODULEOBJECT_CONTRACTID, &kNS_KEYMODULEOBJECT_CID }, { NS_KEYMODULEOBJECTFACTORY_CONTRACTID, &kNS_KEYMODULEOBJECTFACTORY_CID }, { NS_CONTENTSIGNATUREVERIFIER_CONTRACTID, &kNS_CONTENTSIGNATUREVERIFIER_CID }, { NS_CERTOVERRIDE_CONTRACTID, &kNS_CERTOVERRIDE_CID }, { NS_RANDOMGENERATOR_CONTRACTID, &kNS_RANDOMGENERATOR_CID }, { NS_SECURE_BROWSER_UI_CONTRACTID, &kNS_SECURE_BROWSER_UI_CID }, { NS_SSSERVICE_CONTRACTID, &kNS_SITE_SECURITY_SERVICE_CID }, { NS_CERTBLOCKLIST_CONTRACTID, &kNS_CERT_BLOCKLIST_CID },
--- a/security/manager/ssl/nsNTLMAuthModule.h +++ b/security/manager/ssl/nsNTLMAuthModule.h @@ -26,9 +26,19 @@ protected: private: nsString mDomain; nsString mUsername; nsString mPassword; bool mNTLMNegotiateSent; }; +#define NS_NTLMAUTHMODULE_CONTRACTID \ + NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm" +#define NS_NTLMAUTHMODULE_CID \ +{ /* a4e5888f-4fe4-4632-8e7e-745196ea7c70 */ \ + 0xa4e5888f, \ + 0x4fe4, \ + 0x4632, \ + {0x8e, 0x7e, 0x74, 0x51, 0x96, 0xea, 0x7c, 0x70} \ +} + #endif // nsNTLMAuthModule_h__