summaryrefslogtreecommitdiffstats
path: root/extensions/auth/nsAuthGSSAPI.h
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/auth/nsAuthGSSAPI.h')
-rw-r--r--extensions/auth/nsAuthGSSAPI.h63
1 files changed, 63 insertions, 0 deletions
diff --git a/extensions/auth/nsAuthGSSAPI.h b/extensions/auth/nsAuthGSSAPI.h
new file mode 100644
index 000000000..6c663e935
--- /dev/null
+++ b/extensions/auth/nsAuthGSSAPI.h
@@ -0,0 +1,63 @@
+/* vim:set ts=4 sw=4 et cindent: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nsAuthGSSAPI_h__
+#define nsAuthGSSAPI_h__
+
+#include "nsAuth.h"
+#include "nsIAuthModule.h"
+#include "nsString.h"
+#include "mozilla/Attributes.h"
+
+#define GSS_USE_FUNCTION_POINTERS 1
+
+#include "gssapi.h"
+
+// The nsAuthGSSAPI class provides responses for the GSS-API Negotiate method
+// as specified by Microsoft in draft-brezak-spnego-http-04.txt
+
+/* Some remarks on thread safety ...
+ *
+ * The thread safety of this class depends largely upon the thread safety of
+ * the underlying GSSAPI and Kerberos libraries. This code just loads the
+ * system GSSAPI library, and whilst it avoids loading known bad libraries,
+ * it cannot determine the thread safety of the the code it loads.
+ *
+ * When used with a non-threadsafe library, it is not safe to simultaneously
+ * use multiple instantiations of this class.
+ *
+ * When used with a threadsafe Kerberos library, multiple instantiations of
+ * this class may happily co-exist. Methods may be sequentially called from
+ * multiple threads. The nature of the GSSAPI protocol is such that a correct
+ * implementation will never call methods in parallel, as the results of the
+ * last call are required as input to the next.
+ */
+
+class nsAuthGSSAPI final : public nsIAuthModule
+{
+public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIAUTHMODULE
+
+ explicit nsAuthGSSAPI(pType package);
+
+ static void Shutdown();
+
+private:
+ ~nsAuthGSSAPI() { Reset(); }
+
+ void Reset();
+ gss_OID GetOID() { return mMechOID; }
+
+private:
+ gss_ctx_id_t mCtx;
+ gss_OID mMechOID;
+ nsCString mServiceName;
+ uint32_t mServiceFlags;
+ nsString mUsername;
+ bool mComplete;
+};
+
+#endif /* nsAuthGSSAPI_h__ */