From 3770da1a924ba6868ca5bf2beedc8f7a4c83cd7a Mon Sep 17 00:00:00 2001 From: Andreea Pavel Date: Tue, 30 Oct 2018 21:18:29 +0200 Subject: [PATCH] Backed out 3 changesets (bug 1502774) for causing multiple crashes - bug 1503201 a=backout Backed out changeset 6b821f5b12ae (bug 1502774) Backed out changeset b3bf57d996a7 (bug 1502774) Backed out changeset 32a581482291 (bug 1502774) --HG-- rename : extensions/auth/nsIAuthModule.cpp => extensions/auth/nsAuthFactory.cpp --- extensions/auth/moz.build | 3 +- extensions/auth/nsAuthFactory.cpp | 247 ++++++++++++++++++ extensions/auth/nsAuthSASL.cpp | 8 +- extensions/auth/nsAuthSSPI.h | 2 +- extensions/auth/nsHttpNegotiateAuth.cpp | 45 ++-- extensions/auth/nsHttpNegotiateAuth.h | 6 - extensions/auth/nsIAuthModule.cpp | 65 ----- netwerk/base/nsIAuthModule.idl | 15 +- netwerk/build/moz.build | 1 - netwerk/build/nsNetModule.cpp | 18 +- netwerk/protocol/http/moz.build | 1 - netwerk/protocol/http/nsHttpBasicAuth.cpp | 18 -- netwerk/protocol/http/nsHttpBasicAuth.h | 7 - .../http/nsHttpChannelAuthProvider.cpp | 24 +- netwerk/protocol/http/nsHttpDigestAuth.cpp | 18 -- netwerk/protocol/http/nsHttpDigestAuth.h | 5 - netwerk/protocol/http/nsHttpNTLMAuth.cpp | 28 +- netwerk/protocol/http/nsHttpNTLMAuth.h | 5 - netwerk/protocol/http/nsHttpTransaction.cpp | 23 +- .../protocol/http/nsIHttpAuthenticator.idl | 5 + security/manager/ssl/nsNSSModule.cpp | 5 + security/manager/ssl/nsNTLMAuthModule.h | 10 + 22 files changed, 330 insertions(+), 229 deletions(-) create mode 100644 extensions/auth/nsAuthFactory.cpp delete mode 100644 extensions/auth/nsIAuthModule.cpp diff --git a/extensions/auth/moz.build b/extensions/auth/moz.build index 81b85739ee7b..f421c7a1f3c4 100644 --- a/extensions/auth/moz.build +++ b/extensions/auth/moz.build @@ -5,13 +5,13 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. UNIFIED_SOURCES += [ + 'nsAuthFactory.cpp', 'nsAuthGSSAPI.cpp', ] SOURCES += [ 'nsAuthSASL.cpp', 'nsHttpNegotiateAuth.cpp', # contains constants whose names conflict with constants in other files - 'nsIAuthModule.cpp', # includes windows.h recursively which conflicts with TimeStamp.h ] if CONFIG['OS_ARCH'] == 'WINNT': @@ -26,7 +26,6 @@ else: LOCAL_INCLUDES += [ '/netwerk/dns', # For nsDNSService2.h - '/security/manager/ssl', ] FINAL_LIBRARY = 'xul' diff --git a/extensions/auth/nsAuthFactory.cpp b/extensions/auth/nsAuthFactory.cpp new file mode 100644 index 000000000000..855ba18d6150 --- /dev/null +++ b/extensions/auth/nsAuthFactory.cpp @@ -0,0 +1,247 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/ModuleUtils.h" +#include "nsAuth.h" + +//----------------------------------------------------------------------------- + +#define NS_HTTPNEGOTIATEAUTH_CID \ +{ /* 75c80fd0-accb-432c-af59-ec60668c3990 */ \ + 0x75c80fd0, \ + 0xaccb, \ + 0x432c, \ + {0xaf, 0x59, 0xec, 0x60, 0x66, 0x8c, 0x39, 0x90} \ +} + +#include "nsHttpNegotiateAuth.h" +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNegotiateAuth) +//----------------------------------------------------------------------------- + +#define NS_NEGOTIATEAUTH_CID \ +{ /* 96ec4163-efc8-407a-8735-007fb26be4e8 */ \ + 0x96ec4163, \ + 0xefc8, \ + 0x407a, \ + {0x87, 0x35, 0x00, 0x7f, 0xb2, 0x6b, 0xe4, 0xe8} \ +} +#define NS_GSSAUTH_CID \ +{ /* dc8e21a0-03e4-11da-8cd6-0800200c9a66 */ \ + 0xdc8e21a0, \ + 0x03e4, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} + +#include "nsAuthGSSAPI.h" + +#if defined( USE_SSPI ) +#include "nsAuthSSPI.h" + +static nsresult +nsSysNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +static nsresult +nsKerbSSPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +#define NS_SYSNTLMAUTH_CID \ +{ /* dc195987-6e9a-47bc-b1fd-ab895d398833 */ \ + 0xdc195987, \ + 0x6e9a, \ + 0x47bc, \ + {0xb1, 0xfd, 0xab, 0x89, 0x5d, 0x39, 0x88, 0x33} \ +} + +#define NS_NEGOTIATEAUTHSSPI_CID \ +{ /* 78d3b0c0-0241-11da-8cd6-0800200c9a66 */ \ + 0x78d3b0c0, \ + 0x0241, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} + +#define NS_KERBAUTHSSPI_CID \ +{ /* 8c3a0e20-03e5-11da-8cd6-0800200c9a66 */ \ + 0x8c3a0e20, \ + 0x03e5, \ + 0x11da, \ + {0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \ +} + +#else + +#define NS_SAMBANTLMAUTH_CID \ +{ /* bc54f001-6eb0-4e32-9f49-7e064d8e70ef */ \ + 0xbc54f001, \ + 0x6eb0, \ + 0x4e32, \ + {0x9f, 0x49, 0x7e, 0x06, 0x4d, 0x8e, 0x70, 0xef} \ +} + +#include "nsAuthSambaNTLM.h" +static nsresult +nsSambaNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + RefPtr auth = new nsAuthSambaNTLM(); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + nsresult rv = auth->SpawnNTLMAuthHelper(); + if (NS_FAILED(rv)) { + // Failure here probably means that cached credentials were not available + return rv; + } + + return auth->QueryInterface(iid, result); +} + +#endif + +static nsresult +nsKerbGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + +static nsresult +nsGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result) +{ + if (outer) + return NS_ERROR_NO_AGGREGATION; + + nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE); + if (!auth) + return NS_ERROR_OUT_OF_MEMORY; + + NS_ADDREF(auth); + nsresult rv = auth->QueryInterface(iid, result); + NS_RELEASE(auth); + return rv; +} + + +#if defined( USE_SSPI ) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSSPI) +#endif + +#define NS_AUTHSASL_CID \ +{ /* 815e42e0-72cc-480f-934b-148e33c228a6 */ \ + 0x815e42e0, \ + 0x72cc, \ + 0x480f, \ + {0x93, 0x4b, 0x14, 0x8e, 0x33, 0xc2, 0x28, 0xa6} \ +} + +#include "nsAuthSASL.h" +NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSASL) + +NS_DEFINE_NAMED_CID(NS_GSSAUTH_CID); +NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTH_CID); +#if defined( USE_SSPI ) +NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTHSSPI_CID); +NS_DEFINE_NAMED_CID(NS_KERBAUTHSSPI_CID); +NS_DEFINE_NAMED_CID(NS_SYSNTLMAUTH_CID); +#else +NS_DEFINE_NAMED_CID(NS_SAMBANTLMAUTH_CID); +#endif +NS_DEFINE_NAMED_CID(NS_HTTPNEGOTIATEAUTH_CID); +NS_DEFINE_NAMED_CID(NS_AUTHSASL_CID); + + +static const mozilla::Module::CIDEntry kAuthCIDs[] = { + { &kNS_GSSAUTH_CID, false, nullptr, nsKerbGSSAPIAuthConstructor }, + { &kNS_NEGOTIATEAUTH_CID, false, nullptr, nsGSSAPIAuthConstructor }, +#if defined( USE_SSPI ) + { &kNS_NEGOTIATEAUTHSSPI_CID, false, nullptr, nsAuthSSPIConstructor }, + { &kNS_KERBAUTHSSPI_CID, false, nullptr, nsKerbSSPIAuthConstructor }, + { &kNS_SYSNTLMAUTH_CID, false, nullptr, nsSysNTLMAuthConstructor }, +#else + { &kNS_SAMBANTLMAUTH_CID, false, nullptr, nsSambaNTLMAuthConstructor }, +#endif + { &kNS_HTTPNEGOTIATEAUTH_CID, false, nullptr, nsHttpNegotiateAuthConstructor }, + { &kNS_AUTHSASL_CID, false, nullptr, nsAuthSASLConstructor }, + { nullptr } +}; + +static const mozilla::Module::ContractIDEntry kAuthContracts[] = { + { NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss", &kNS_GSSAUTH_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss", &kNS_NEGOTIATEAUTH_CID }, +#if defined( USE_SSPI ) + { NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi", &kNS_NEGOTIATEAUTHSSPI_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi", &kNS_KERBAUTHSSPI_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SYSNTLMAUTH_CID }, +#elif !defined(XP_MACOSX) + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SAMBANTLMAUTH_CID }, +#endif + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "negotiate", &kNS_HTTPNEGOTIATEAUTH_CID }, + { NS_AUTH_MODULE_CONTRACTID_PREFIX "sasl-gssapi", &kNS_AUTHSASL_CID }, + { nullptr } +}; + +//----------------------------------------------------------------------------- +mozilla::LazyLogModule gNegotiateLog("negotiateauth"); + +// setup nspr logging ... +static nsresult +InitNegotiateAuth() +{ + return NS_OK; +} + +static void +DestroyNegotiateAuth() +{ + nsAuthGSSAPI::Shutdown(); +} + +static const mozilla::Module kAuthModule = { + mozilla::Module::kVersion, + kAuthCIDs, + kAuthContracts, + nullptr, + nullptr, + InitNegotiateAuth, + DestroyNegotiateAuth +}; + +NSMODULE_DEFN(nsAuthModule) = &kAuthModule; diff --git a/extensions/auth/nsAuthSASL.cpp b/extensions/auth/nsAuthSASL.cpp index 68558b3ee583..943a46e4ecc0 100644 --- a/extensions/auth/nsAuthSASL.cpp +++ b/extensions/auth/nsAuthSASL.cpp @@ -43,17 +43,19 @@ nsAuthSASL::Init(const char *serviceName, serviceFlags |= REQ_MUTUAL_AUTH; // Find out whether we should be trying SSPI or not - const char *authType = "kerb-gss"; + const char *contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss"; nsCOMPtr prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); if (prefs) { bool val; rv = prefs->GetBoolPref(kNegotiateAuthSSPI, &val); if (NS_SUCCEEDED(rv) && val) - authType = "kerb-sspi"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi"; } - MOZ_ALWAYS_TRUE(mInnerModule = nsIAuthModule::CreateInstance(authType)); + mInnerModule = do_CreateInstance(contractID, &rv); + // if we can't create the GSSAPI module, then bail + NS_ENSURE_SUCCESS(rv, rv); mInnerModule->Init(serviceName, serviceFlags, nullptr, nullptr, nullptr); diff --git a/extensions/auth/nsAuthSSPI.h b/extensions/auth/nsAuthSSPI.h index ed762e5abd92..5647b7269e3f 100644 --- a/extensions/auth/nsAuthSSPI.h +++ b/extensions/auth/nsAuthSSPI.h @@ -39,7 +39,7 @@ private: void Reset(); - typedef ::TimeStamp MS_TimeStamp; + typedef TimeStamp MS_TimeStamp; private: nsresult MakeSN(const char *principal, nsCString &result); diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 454e25ba959b..7c24364baef7 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -49,7 +49,6 @@ #include "nsICancelable.h" #include "nsUnicharUtils.h" #include "mozilla/net/HttpAuthUtils.h" -#include "mozilla/ClearOnShutdown.h" using mozilla::Base64Decode; @@ -63,8 +62,6 @@ static const char kNegotiateAuthAllowNonFqdn[] = "network.negotiate-auth.allow-n static const char kNegotiateAuthSSPI[] = "network.auth.use-sspi"; static const char kSSOinPBmode[] = "network.auth.private-browsing-sso"; -mozilla::StaticRefPtr nsHttpNegotiateAuth::gSingleton; - #define kNegotiateLen (sizeof(kNegotiate)-1) #define DEFAULT_THREAD_TIMEOUT_MS 30000 @@ -108,21 +105,6 @@ TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel, bool proxyAuth) return false; } -already_AddRefed -nsHttpNegotiateAuth::GetOrCreate() -{ - nsCOMPtr authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpNegotiateAuth(); - mozilla::ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - NS_IMETHODIMP nsHttpNegotiateAuth::GetAuthFlags(uint32_t *flags) { @@ -154,14 +136,13 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel, nsISupports **continuationState, bool *identityInvalid) { - nsIAuthModule *rawModule = (nsIAuthModule *) *continuationState; + nsIAuthModule *module = (nsIAuthModule *) *continuationState; *identityInvalid = false; - if (rawModule) + if (module) return NS_OK; nsresult rv; - nsCOMPtr module; nsCOMPtr uri; rv = authChannel->GetURI(getter_AddRefs(uri)); @@ -216,25 +197,31 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel, // service.InsertLiteral("HTTP@", 0); - const char *authType; + const char *contractID; if (TestBoolPref(kNegotiateAuthSSPI)) { LOG((" using negotiate-sspi\n")); - authType = "negotiate-sspi"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi"; } else { LOG((" using negotiate-gss\n")); - authType = "negotiate-gss"; + contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss"; } - MOZ_ALWAYS_TRUE(module = nsIAuthModule::CreateInstance(authType)); + rv = CallCreateInstance(contractID, &module); + + if (NS_FAILED(rv)) { + LOG((" Failed to load Negotiate Module \n")); + return rv; + } rv = module->Init(service.get(), req_flags, nullptr, nullptr, nullptr); if (NS_FAILED(rv)) { + NS_RELEASE(module); return rv; } - module.forget(continuationState); + *continuationState = module; return NS_OK; } @@ -395,8 +382,12 @@ class GetNextTokenRunnable final : public mozilla::Runnable nsresult rv; // Use negotiate service to call GenerateCredentials outside of main thread + nsAutoCString contractId; + contractId.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractId.AppendLiteral("negotiate"); nsCOMPtr authenticator = - new nsHttpNegotiateAuth(); + do_GetService(contractId.get(), &rv); + NS_ENSURE_SUCCESS(rv, rv); nsISupports *sessionState = mSessionState; nsISupports *continuationState = mContinuationState; diff --git a/extensions/auth/nsHttpNegotiateAuth.h b/extensions/auth/nsHttpNegotiateAuth.h index c1c8682a4ed7..aa76b5617e0f 100644 --- a/extensions/auth/nsHttpNegotiateAuth.h +++ b/extensions/auth/nsHttpNegotiateAuth.h @@ -10,7 +10,6 @@ #include "nsIURI.h" #include "mozilla/Attributes.h" #include "mozilla/LazyIdleThread.h" -#include "mozilla/StaticPtr.h" // The nsHttpNegotiateAuth class provides responses for the GSS-API Negotiate method // as specified by Microsoft in draft-brezak-spnego-http-04.txt @@ -21,8 +20,6 @@ public: NS_DECL_THREADSAFE_ISUPPORTS NS_DECL_NSIHTTPAUTHENTICATOR - static already_AddRefed GetOrCreate(); - private: ~nsHttpNegotiateAuth() {} @@ -34,8 +31,5 @@ private: // Thread for GenerateCredentialsAsync RefPtr mNegotiateThread; - - // Singleton pointer - static mozilla::StaticRefPtr gSingleton; }; #endif /* nsHttpNegotiateAuth_h__ */ diff --git a/extensions/auth/nsIAuthModule.cpp b/extensions/auth/nsIAuthModule.cpp deleted file mode 100644 index d0ddf121848e..000000000000 --- a/extensions/auth/nsIAuthModule.cpp +++ /dev/null @@ -1,65 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsIAuthModule.h" -#if defined( USE_SSPI ) -#include "nsAuthSSPI.h" -#else -#include "nsAuthSambaNTLM.h" -#endif -#include "nsCRT.h" -#include "nsAuthGSSAPI.h" -#include "nsAuthSASL.h" -#include "nsNTLMAuthModule.h" -#include "nsNSSComponent.h" - -// static -already_AddRefed -nsIAuthModule::CreateInstance(const char* aType) -{ - nsCOMPtr auth; - if (!nsCRT::strcmp(aType, "kerb-gss")) { - auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS); - } else if (!nsCRT::strcmp(aType, "negotiate-gss")) { - auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE); -#if defined( USE_SSPI ) - } else if (!nsCRT::strcmp(aType, "negotiate-sspi")) { - auth = new nsAuthSSPI(); - } else if (!nsCRT::strcmp(aType, "kerb-sspi")) { - auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS); - } else if (!nsCRT::strcmp(aType, "sys-ntlm")) { - auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM); -#elif !defined(XP_MACOSX) - } else if (!nsCRT::strcmp(aType, "sys-ntlm")) { - RefPtr sambaAuth = new nsAuthSambaNTLM(); - - nsresult rv = sambaAuth->SpawnNTLMAuthHelper(); - if (NS_FAILED(rv)) { - // Failure here probably means that cached credentials were not available - return nullptr; - } - - auth = sambaAuth.forget(); -#endif - } else if (!nsCRT::strcmp(aType, "sasl-gssapi")) { - auth = new nsAuthSASL(); - } else if (!nsCRT::strcmp(aType, "ntlm") && - XRE_IsParentProcess() && - EnsureNSSInitializedChromeOrContent()) { - RefPtr ntlmAuth = new nsNTLMAuthModule(); - - nsresult rv = ntlmAuth->InitTest(); - if (NS_FAILED(rv)) { - return nullptr; - } - - auth = ntlmAuth.forget(); - } else { - return nullptr; - } - - return auth.forget(); -} - -mozilla::LazyLogModule gNegotiateLog("negotiateauth"); diff --git a/netwerk/base/nsIAuthModule.idl b/netwerk/base/nsIAuthModule.idl index 51f8f14e3acc..8a446cb219ab 100644 --- a/netwerk/base/nsIAuthModule.idl +++ b/netwerk/base/nsIAuthModule.idl @@ -133,14 +133,13 @@ interface nsIAuthModule : nsISupports in unsigned long aInTokenLength, out voidPtr aOutToken, out unsigned long aOutTokenLength); +}; %{C++ - /** - * Create a new instance of an auth module. - * - * @param aType - * The type of the auth module to be constructed. - */ - static already_AddRefed CreateInstance(const char* aType); +/** + * nsIAuthModule implementations are registered under the following contract + * ID prefix: + */ +#define NS_AUTH_MODULE_CONTRACTID_PREFIX \ + "@mozilla.org/network/auth-module;1?name=" %} -}; diff --git a/netwerk/build/moz.build b/netwerk/build/moz.build index 592a81ebad10..215348159747 100644 --- a/netwerk/build/moz.build +++ b/netwerk/build/moz.build @@ -17,7 +17,6 @@ include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ - '/extensions/auth', '/netwerk/base', '/netwerk/cache', '/netwerk/dns', diff --git a/netwerk/build/nsNetModule.cpp b/netwerk/build/nsNetModule.cpp index acc894e6e9b8..baa123f66a45 100644 --- a/netwerk/build/nsNetModule.cpp +++ b/netwerk/build/nsNetModule.cpp @@ -39,7 +39,6 @@ #include "mozilla/net/BackgroundChannelRegistrar.h" #include "mozilla/net/NeckoChild.h" #include "RedirectChannelRegistrar.h" -#include "nsAuthGSSAPI.h" #include "nsNetCID.h" @@ -234,16 +233,22 @@ NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFtpProtocolHandler, Init) #undef LOG #undef LOG_ENABLED #include "nsHttpAuthManager.h" +#include "nsHttpBasicAuth.h" +#include "nsHttpDigestAuth.h" +#include "nsHttpNTLMAuth.h" #include "nsHttpActivityDistributor.h" #include "ThrottleQueue.h" #undef LOG #undef LOG_ENABLED namespace mozilla { namespace net { +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNTLMAuth) NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsHttpHandler, nsHttpHandler::GetInstance) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init) NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpActivityDistributor) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth) +NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth) NS_GENERIC_FACTORY_CONSTRUCTOR(ThrottleQueue) } // namespace net } // namespace mozilla @@ -621,8 +626,6 @@ static void nsNetShutdown() mozilla::net::BackgroundChannelRegistrar::Shutdown(); - nsAuthGSSAPI::Shutdown(); - delete gNetSniffers; gNetSniffers = nullptr; delete gDataSniffers; @@ -681,6 +684,9 @@ NS_DEFINE_NAMED_CID(NS_MIMEHEADERPARAM_CID); NS_DEFINE_NAMED_CID(NS_FILEPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_HTTPPROTOCOLHANDLER_CID); NS_DEFINE_NAMED_CID(NS_HTTPSPROTOCOLHANDLER_CID); +NS_DEFINE_NAMED_CID(NS_HTTPBASICAUTH_CID); +NS_DEFINE_NAMED_CID(NS_HTTPDIGESTAUTH_CID); +NS_DEFINE_NAMED_CID(NS_HTTPNTLMAUTH_CID); NS_DEFINE_NAMED_CID(NS_HTTPAUTHMANAGER_CID); NS_DEFINE_NAMED_CID(NS_HTTPACTIVITYDISTRIBUTOR_CID); NS_DEFINE_NAMED_CID(NS_THROTTLEQUEUE_CID); @@ -785,6 +791,9 @@ static const mozilla::Module::CIDEntry kNeckoCIDs[] = { { &kNS_FILEPROTOCOLHANDLER_CID, false, nullptr, nsFileProtocolHandlerConstructor }, { &kNS_HTTPPROTOCOLHANDLER_CID, false, nullptr, mozilla::net::nsHttpHandlerConstructor }, { &kNS_HTTPSPROTOCOLHANDLER_CID, false, nullptr, mozilla::net::nsHttpsHandlerConstructor }, + { &kNS_HTTPBASICAUTH_CID, false, nullptr, mozilla::net::nsHttpBasicAuthConstructor }, + { &kNS_HTTPDIGESTAUTH_CID, false, nullptr, mozilla::net::nsHttpDigestAuthConstructor }, + { &kNS_HTTPNTLMAUTH_CID, false, nullptr, mozilla::net::nsHttpNTLMAuthConstructor }, { &kNS_HTTPAUTHMANAGER_CID, false, nullptr, mozilla::net::nsHttpAuthManagerConstructor }, { &kNS_HTTPACTIVITYDISTRIBUTOR_CID, false, nullptr, mozilla::net::nsHttpActivityDistributorConstructor }, { &kNS_THROTTLEQUEUE_CID, false, nullptr, mozilla::net::ThrottleQueueConstructor }, @@ -896,6 +905,9 @@ static const mozilla::Module::ContractIDEntry kNeckoContracts[] = { { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "file", &kNS_FILEPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "http", &kNS_HTTPPROTOCOLHANDLER_CID }, { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "https", &kNS_HTTPSPROTOCOLHANDLER_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "basic", &kNS_HTTPBASICAUTH_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "digest", &kNS_HTTPDIGESTAUTH_CID }, + { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "ntlm", &kNS_HTTPNTLMAUTH_CID }, { NS_HTTPAUTHMANAGER_CONTRACTID, &kNS_HTTPAUTHMANAGER_CID }, { NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID, &kNS_HTTPACTIVITYDISTRIBUTOR_CID }, { NS_THROTTLEQUEUE_CONTRACTID, &kNS_THROTTLEQUEUE_CID }, diff --git a/netwerk/protocol/http/moz.build b/netwerk/protocol/http/moz.build index 4f180ce48cb8..942d1350ebc6 100644 --- a/netwerk/protocol/http/moz.build +++ b/netwerk/protocol/http/moz.build @@ -133,7 +133,6 @@ FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ '/dom/base', - '/extensions/auth', '/netwerk/base', '/netwerk/cookie', ] diff --git a/netwerk/protocol/http/nsHttpBasicAuth.cpp b/netwerk/protocol/http/nsHttpBasicAuth.cpp index ce76d1fc9f8e..cc75b48a75ec 100644 --- a/netwerk/protocol/http/nsHttpBasicAuth.cpp +++ b/netwerk/protocol/http/nsHttpBasicAuth.cpp @@ -10,28 +10,10 @@ #include "plstr.h" #include "nsString.h" #include "mozilla/Base64.h" -#include "mozilla/ClearOnShutdown.h" namespace mozilla { namespace net { -StaticRefPtr nsHttpBasicAuth::gSingleton; - -already_AddRefed -nsHttpBasicAuth::GetOrCreate() -{ - nsCOMPtr authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpBasicAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - //----------------------------------------------------------------------------- // nsHttpBasicAuth::nsISupports //----------------------------------------------------------------------------- diff --git a/netwerk/protocol/http/nsHttpBasicAuth.h b/netwerk/protocol/http/nsHttpBasicAuth.h index c41ffb8206ef..f5dcc1f0044a 100644 --- a/netwerk/protocol/http/nsHttpBasicAuth.h +++ b/netwerk/protocol/http/nsHttpBasicAuth.h @@ -7,8 +7,6 @@ #define nsBasicAuth_h__ #include "nsIHttpAuthenticator.h" -#include "mozilla/RefPtr.h" -#include "mozilla/StaticPtr.h" namespace mozilla { namespace net { @@ -24,13 +22,8 @@ public: NS_DECL_NSIHTTPAUTHENTICATOR nsHttpBasicAuth() = default; - - static already_AddRefed GetOrCreate(); - private: virtual ~nsHttpBasicAuth() = default; - - static StaticRefPtr gSingleton; }; } // namespace net diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp index 07272ee560b7..31df7c6e81ae 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ -25,10 +25,6 @@ #include "nsIHttpAuthenticableChannel.h" #include "nsIURI.h" #include "nsContentUtils.h" -#include "nsHttpBasicAuth.h" -#include "nsHttpDigestAuth.h" -#include "nsHttpNegotiateAuth.h" -#include "nsHttpNTLMAuth.h" #include "nsServiceManagerUtils.h" #include "nsILoadContext.h" #include "nsIURL.h" @@ -1099,23 +1095,11 @@ nsHttpChannelAuthProvider::GetAuthenticator(const char *challenge, // normalize to lowercase ToLowerCase(authType); - nsCOMPtr authenticator; - if (authType.EqualsLiteral("negotiate")) { - authenticator = nsHttpNegotiateAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("basic")) { - authenticator = nsHttpBasicAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("digest")) { - authenticator = nsHttpDigestAuth::GetOrCreate(); - } else if (authType.EqualsLiteral("ntlm")) { - authenticator = nsHttpNTLMAuth::GetOrCreate(); - } else { - return NS_ERROR_SERVICE_NOT_FOUND; - } + nsAutoCString contractid; + contractid.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractid.Append(authType); - MOZ_ASSERT(authenticator); - authenticator.forget(auth); - - return NS_OK; + return CallGetService(contractid.get(), auth); } void diff --git a/netwerk/protocol/http/nsHttpDigestAuth.cpp b/netwerk/protocol/http/nsHttpDigestAuth.cpp index 5f4cafef5c4a..5bc6b041cd6f 100644 --- a/netwerk/protocol/http/nsHttpDigestAuth.cpp +++ b/netwerk/protocol/http/nsHttpDigestAuth.cpp @@ -7,7 +7,6 @@ // HttpLog.h should generally be included first #include "HttpLog.h" -#include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" #include "mozilla/Unused.h" @@ -26,23 +25,6 @@ namespace mozilla { namespace net { -StaticRefPtr nsHttpDigestAuth::gSingleton; - -already_AddRefed -nsHttpDigestAuth::GetOrCreate() -{ - nsCOMPtr authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpDigestAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - //----------------------------------------------------------------------------- // nsHttpDigestAuth::nsISupports //----------------------------------------------------------------------------- diff --git a/netwerk/protocol/http/nsHttpDigestAuth.h b/netwerk/protocol/http/nsHttpDigestAuth.h index 0732633015ed..9c7f7dfa3a47 100644 --- a/netwerk/protocol/http/nsHttpDigestAuth.h +++ b/netwerk/protocol/http/nsHttpDigestAuth.h @@ -11,7 +11,6 @@ #include "nsStringFwd.h" #include "nsCOMPtr.h" #include "mozilla/Attributes.h" -#include "mozilla/StaticPtr.h" class nsICryptoHash; @@ -39,8 +38,6 @@ class nsHttpDigestAuth final : public nsIHttpAuthenticator nsHttpDigestAuth() = default; - static already_AddRefed GetOrCreate(); - protected: ~nsHttpDigestAuth() = default; @@ -90,8 +87,6 @@ class nsHttpDigestAuth final : public nsIHttpAuthenticator protected: nsCOMPtr mVerifier; char mHashBuf[DIGEST_LENGTH]; - - static StaticRefPtr gSingleton; }; } // namespace net diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 2c690a65ec1b..467beb297eb9 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -35,7 +35,6 @@ #include "nsIChannel.h" #include "nsUnicharUtils.h" #include "mozilla/net/HttpAuthUtils.h" -#include "mozilla/ClearOnShutdown.h" namespace mozilla { namespace net { @@ -46,8 +45,6 @@ static const char kTrustedURIs[] = "network.automatic-ntlm-auth.trusted-uris"; static const char kForceGeneric[] = "network.auth.force-generic-ntlm"; static const char kSSOinPBmode[] = "network.auth.private-browsing-sso"; -StaticRefPtr nsHttpNTLMAuth::gSingleton; - static bool IsNonFqdn(nsIURI *uri) { @@ -147,21 +144,6 @@ NS_IMPL_ISUPPORTS0(nsNTLMSessionState) //----------------------------------------------------------------------------- -already_AddRefed -nsHttpNTLMAuth::GetOrCreate() -{ - nsCOMPtr authenticator; - if (gSingleton) { - authenticator = gSingleton; - } else { - gSingleton = new nsHttpNTLMAuth(); - ClearOnShutdown(&gSingleton); - authenticator = gSingleton; - } - - return authenticator.forget(); -} - NS_IMPL_ISUPPORTS(nsHttpNTLMAuth, nsIHttpAuthenticator) NS_IMETHODIMP @@ -186,7 +168,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, // If native NTLM auth apis are available and enabled through prefs, // try to use them. if (PL_strcasecmp(challenge, "NTLM") == 0) { - nsCOMPtr module; + nsCOMPtr module; // Check to see if we should default to our generic NTLM auth module // through UseGenericNTLM. (We use native auth by default if the @@ -201,7 +183,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, // Try logging in with the user's default credentials. If // successful, |identityInvalid| is false, which will trigger // a default credentials attempt once we return. - module = nsIAuthModule::CreateInstance("sys-ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm"); } #ifdef XP_WIN else { @@ -210,7 +192,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, // Note, for servers that use LMv1 a weak hash of the user's password // will be sent. We rely on windows internal apis to decide whether // we should support this older, less secure version of the protocol. - module = nsIAuthModule::CreateInstance("sys-ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm"); *identityInvalid = true; } #endif // XP_WIN @@ -238,7 +220,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, // Use our internal NTLM implementation. Note, this is less secure, // see bug 520607 for details. LOG(("Trying to fall back on internal ntlm auth.\n")); - module = nsIAuthModule::CreateInstance("ntlm"); + module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm"); mUseNative = false; @@ -254,7 +236,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel, // A non-null continuation state implies that we failed to authenticate. // Blow away the old authentication state, and use the new one. - module.forget(continuationState); + module.swap(*continuationState); } return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.h b/netwerk/protocol/http/nsHttpNTLMAuth.h index ee4b2d63b622..c24b57f4f889 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.h +++ b/netwerk/protocol/http/nsHttpNTLMAuth.h @@ -6,7 +6,6 @@ #define nsHttpNTLMAuth_h__ #include "nsIHttpAuthenticator.h" -#include "mozilla/StaticPtr.h" namespace mozilla { namespace net { @@ -18,16 +17,12 @@ public: nsHttpNTLMAuth() : mUseNative(false) {} - static already_AddRefed GetOrCreate(); - private: virtual ~nsHttpNTLMAuth() = default; // This flag indicates whether we are using the native NTLM implementation // or the internal one. bool mUseNative; - - static StaticRefPtr gSingleton; }; } // namespace net diff --git a/netwerk/protocol/http/nsHttpTransaction.cpp b/netwerk/protocol/http/nsHttpTransaction.cpp index dd3b155a14d6..a6144b7d74dd 100644 --- a/netwerk/protocol/http/nsHttpTransaction.cpp +++ b/netwerk/protocol/http/nsHttpTransaction.cpp @@ -9,15 +9,11 @@ #include "base/basictypes.h" -#include "nsHttpBasicAuth.h" -#include "nsHttpChunkedDecoder.h" -#include "nsHttpDigestAuth.h" #include "nsHttpHandler.h" -#include "nsHttpNegotiateAuth.h" -#include "nsHttpNTLMAuth.h" +#include "nsHttpTransaction.h" #include "nsHttpRequestHead.h" #include "nsHttpResponseHead.h" -#include "nsHttpTransaction.h" +#include "nsHttpChunkedDecoder.h" #include "nsTransportUtils.h" #include "nsNetCID.h" #include "nsNetUtil.h" @@ -2026,17 +2022,12 @@ nsHttpTransaction::CheckForStickyAuthSchemeAt(nsHttpAtom const& header) while (p.ReadWord(schema)) { ToLowerCase(schema); + nsAutoCString contractid; + contractid.AssignLiteral(NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX); + contractid.Append(schema); + // using a new instance because of thread safety of auth modules refcnt - nsCOMPtr authenticator; - if (schema.EqualsLiteral("negotiate")) { - authenticator = new nsHttpNegotiateAuth(); - } else if (schema.EqualsLiteral("basic")) { - authenticator = new nsHttpBasicAuth(); - } else if (schema.EqualsLiteral("digest")) { - authenticator = new nsHttpDigestAuth(); - } else if (schema.EqualsLiteral("ntlm")) { - authenticator = new nsHttpNTLMAuth(); - } + nsCOMPtr authenticator(do_CreateInstance(contractid.get())); if (authenticator) { uint32_t flags; nsresult rv = authenticator->GetAuthFlags(&flags); diff --git a/netwerk/protocol/http/nsIHttpAuthenticator.idl b/netwerk/protocol/http/nsIHttpAuthenticator.idl index a4bcb9ddc0fd..b07beb9e0d1b 100644 --- a/netwerk/protocol/http/nsIHttpAuthenticator.idl +++ b/netwerk/protocol/http/nsIHttpAuthenticator.idl @@ -219,3 +219,8 @@ interface nsIHttpAuthenticator : nsISupports */ const unsigned long IDENTITY_ENCRYPTED = (1<<12); }; + +%{C++ +#define NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX \ + "@mozilla.org/network/http-authenticator;1?scheme=" +%} diff --git a/security/manager/ssl/nsNSSModule.cpp b/security/manager/ssl/nsNSSModule.cpp index 9dd71ce9506a..d0453c8b1be4 100644 --- a/security/manager/ssl/nsNSSModule.cpp +++ b/security/manager/ssl/nsNSSModule.cpp @@ -23,6 +23,7 @@ #include "nsNSSCertificateDB.h" #include "nsNSSComponent.h" #include "nsNSSVersion.h" +#include "nsNTLMAuthModule.h" #include "nsNetCID.h" #include "nsPK11TokenDB.h" #include "nsPKCS11Slot.h" @@ -143,6 +144,7 @@ NS_DEFINE_NAMED_CID(NS_CERTTREE_CID); #endif NS_DEFINE_NAMED_CID(NS_CRYPTO_HASH_CID); NS_DEFINE_NAMED_CID(NS_CRYPTO_HMAC_CID); +NS_DEFINE_NAMED_CID(NS_NTLMAUTHMODULE_CID); NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECT_CID); NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECTFACTORY_CID); NS_DEFINE_NAMED_CID(NS_CONTENTSIGNATUREVERIFIER_CID); @@ -181,6 +183,8 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = { Constructor }, { &kNS_CRYPTO_HMAC_CID, false, nullptr, Constructor }, + { &kNS_NTLMAUTHMODULE_CID, false, nullptr, + Constructor }, { &kNS_KEYMODULEOBJECT_CID, false, nullptr, Constructor }, { &kNS_KEYMODULEOBJECTFACTORY_CID, false, nullptr, @@ -235,6 +239,7 @@ static const mozilla::Module::ContractIDEntry kNSSContracts[] = { { NS_CRYPTO_HASH_CONTRACTID, &kNS_CRYPTO_HASH_CID }, { NS_CRYPTO_HMAC_CONTRACTID, &kNS_CRYPTO_HMAC_CID }, { "@mozilla.org/uriloader/psm-external-content-listener;1", &kNS_PSMCONTENTLISTEN_CID }, + { NS_NTLMAUTHMODULE_CONTRACTID, &kNS_NTLMAUTHMODULE_CID }, { NS_KEYMODULEOBJECT_CONTRACTID, &kNS_KEYMODULEOBJECT_CID }, { NS_KEYMODULEOBJECTFACTORY_CONTRACTID, &kNS_KEYMODULEOBJECTFACTORY_CID }, { NS_CONTENTSIGNATUREVERIFIER_CONTRACTID, &kNS_CONTENTSIGNATUREVERIFIER_CID }, diff --git a/security/manager/ssl/nsNTLMAuthModule.h b/security/manager/ssl/nsNTLMAuthModule.h index 97531d9b014b..0b0bfa505959 100644 --- a/security/manager/ssl/nsNTLMAuthModule.h +++ b/security/manager/ssl/nsNTLMAuthModule.h @@ -31,4 +31,14 @@ private: bool mNTLMNegotiateSent; }; +#define NS_NTLMAUTHMODULE_CONTRACTID \ + NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm" +#define NS_NTLMAUTHMODULE_CID \ +{ /* a4e5888f-4fe4-4632-8e7e-745196ea7c70 */ \ + 0xa4e5888f, \ + 0x4fe4, \ + 0x4632, \ + {0x8e, 0x7e, 0x74, 0x51, 0x96, 0xea, 0x7c, 0x70} \ +} + #endif // nsNTLMAuthModule_h__