Bug 472529, websockets (netwerk patch), r=smaug+biesi

--HG--
rename : netwerk/protocol/http/nsHttpChannel.cpp => netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
rename : netwerk/protocol/http/nsHttpChannel.h => netwerk/protocol/http/nsHttpChannelAuthProvider.h
extra : rebase_source : 4f75d33eb4fc7cdaa1f011f176ef4434bbfe2c25
This commit is contained in:
wfernandom2004@gmail.com 2010-06-17 21:33:42 +03:00
Родитель af2d03d1ec
Коммит 78db44644f
19 изменённых файлов: 2035 добавлений и 1247 удалений

Просмотреть файл

@ -54,7 +54,7 @@
#include "nsAuth.h" #include "nsAuth.h"
#include "nsHttpNegotiateAuth.h" #include "nsHttpNegotiateAuth.h"
#include "nsIHttpChannel.h" #include "nsIHttpAuthenticableChannel.h"
#include "nsIProxiedChannel.h" #include "nsIProxiedChannel.h"
#include "nsIAuthModule.h" #include "nsIAuthModule.h"
#include "nsIServiceManager.h" #include "nsIServiceManager.h"
@ -107,7 +107,7 @@ nsHttpNegotiateAuth::GetAuthFlags(PRUint32 *flags)
// there is no correct way to get the users credentials. // there is no correct way to get the users credentials.
// //
NS_IMETHODIMP NS_IMETHODIMP
nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel, nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
nsISupports **sessionState, nsISupports **sessionState,
@ -123,7 +123,7 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
nsresult rv; nsresult rv;
nsCOMPtr<nsIURI> uri; nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri)); rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv)) if (NS_FAILED(rv))
return rv; return rv;
@ -136,12 +136,8 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
return NS_ERROR_ABORT; return NS_ERROR_ABORT;
} }
nsCOMPtr<nsIProxiedChannel> proxied =
do_QueryInterface(httpChannel);
NS_ENSURE_STATE(proxied);
nsCOMPtr<nsIProxyInfo> proxyInfo; nsCOMPtr<nsIProxyInfo> proxyInfo;
proxied->GetProxyInfo(getter_AddRefs(proxyInfo)); authChannel->GetProxyInfo(getter_AddRefs(proxyInfo));
NS_ENSURE_STATE(proxyInfo); NS_ENSURE_STATE(proxyInfo);
proxyInfo->GetHost(service); proxyInfo->GetHost(service);
@ -213,7 +209,7 @@ NS_IMPL_ISUPPORTS1(nsHttpNegotiateAuth, nsIHttpAuthenticator)
// blob to pass to the server that requested "Negotiate" authentication. // blob to pass to the server that requested "Negotiate" authentication.
// //
NS_IMETHODIMP NS_IMETHODIMP
nsHttpNegotiateAuth::GenerateCredentials(nsIHttpChannel *httpChannel, nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
const PRUnichar *domain, const PRUnichar *domain,

Просмотреть файл

@ -52,7 +52,7 @@ interface nsIURI;
* *
* @status UNDER_REVIEW * @status UNDER_REVIEW
*/ */
[scriptable, uuid(e38ab577-786e-4a7f-936b-7ae4c7d877b2)] [scriptable, uuid(d7ec6237-162e-40f5-a2b4-46ccd5fa83c9)]
interface nsIProtocolProxyService : nsISupports interface nsIProtocolProxyService : nsISupports
{ {
/** /**
@ -71,6 +71,39 @@ interface nsIProtocolProxyService : nsISupports
*/ */
const unsigned long RESOLVE_NON_BLOCKING = 1 << 0; const unsigned long RESOLVE_NON_BLOCKING = 1 << 0;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to prefer the SOCKS proxy
* to HTTP ones.
*/
const unsigned long RESOLVE_PREFER_SOCKS_PROXY = 1 << 1;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to not analyze the uri's
* scheme specific proxy. When this flag is set the main HTTP proxy is the
* preferred one.
*
* NOTE: if RESOLVE_PREFER_SOCKS_PROXY is set then the SOCKS proxy is
* the preferred one.
*
* NOTE: if RESOLVE_PREFER_HTTPS_PROXY is set then the HTTPS proxy
* is the preferred one.
*/
const unsigned long RESOLVE_IGNORE_URI_SCHEME = 1 << 2;
/**
* When the proxy configuration is manual this flag may be passed to the
* resolve and asyncResolve methods to request to prefer the HTTPS proxy
* to the others HTTP ones.
*
* NOTE: RESOLVE_PREFER_SOCKS_PROXY takes precedence over this flag.
*
* NOTE: This flag implies RESOLVE_IGNORE_URI_SCHEME.
*/
const unsigned long RESOLVE_PREFER_HTTPS_PROXY =
(1 << 3) | RESOLVE_IGNORE_URI_SCHEME;
/** /**
* This method returns a nsIProxyInfo instance that identifies a proxy to * This method returns a nsIProxyInfo instance that identifies a proxy to
* be used for loading the given URI. Otherwise, this method returns null * be used for loading the given URI. Otherwise, this method returns null
@ -228,4 +261,19 @@ interface nsIProtocolProxyService : nsISupports
* The nsIProtocolProxyFilter instance to be unregistered. * The nsIProtocolProxyFilter instance to be unregistered.
*/ */
void unregisterFilter(in nsIProtocolProxyFilter aFilter); void unregisterFilter(in nsIProtocolProxyFilter aFilter);
/**
* These values correspond to the possible integer values for the
* network.proxy.type preference.
*/
const unsigned long PROXYCONFIG_DIRECT = 0;
const unsigned long PROXYCONFIG_MANUAL = 1;
const unsigned long PROXYCONFIG_PAC = 2;
const unsigned long PROXYCONFIG_WPAD = 4;
const unsigned long PROXYCONFIG_SYSTEM = 5;
/**
* This attribute specifies the current type of proxy configuration.
*/
readonly attribute unsigned long proxyConfigType;
}; };

Просмотреть файл

@ -286,6 +286,9 @@ proxy_GetBoolPref(nsIPrefBranch *aPrefBranch,
//---------------------------------------------------------------------------- //----------------------------------------------------------------------------
static const PRInt32 PROXYCONFIG_DIRECT4X = 3;
static const PRInt32 PROXYCONFIG_COUNT = 6;
NS_IMPL_ADDREF(nsProtocolProxyService) NS_IMPL_ADDREF(nsProtocolProxyService)
NS_IMPL_RELEASE(nsProtocolProxyService) NS_IMPL_RELEASE(nsProtocolProxyService)
NS_IMPL_QUERY_INTERFACE3_CI(nsProtocolProxyService, NS_IMPL_QUERY_INTERFACE3_CI(nsProtocolProxyService,
@ -298,7 +301,7 @@ NS_IMPL_CI_INTERFACE_GETTER2(nsProtocolProxyService,
nsProtocolProxyService::nsProtocolProxyService() nsProtocolProxyService::nsProtocolProxyService()
: mFilters(nsnull) : mFilters(nsnull)
, mProxyConfig(eProxyConfig_Direct) , mProxyConfig(PROXYCONFIG_DIRECT)
, mHTTPProxyPort(-1) , mHTTPProxyPort(-1)
, mFTPProxyPort(-1) , mFTPProxyPort(-1)
, mHTTPSProxyPort(-1) , mHTTPSProxyPort(-1)
@ -386,26 +389,26 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
rv = prefBranch->GetIntPref(PROXY_PREF("type"), &type); rv = prefBranch->GetIntPref(PROXY_PREF("type"), &type);
if (NS_SUCCEEDED(rv)) { if (NS_SUCCEEDED(rv)) {
// bug 115720 - for ns4.x backwards compatability // bug 115720 - for ns4.x backwards compatability
if (type == eProxyConfig_Direct4x) { if (type == PROXYCONFIG_DIRECT4X) {
type = eProxyConfig_Direct; type = PROXYCONFIG_DIRECT;
// Reset the type so that the dialog looks correct, and we // Reset the type so that the dialog looks correct, and we
// don't have to handle this case everywhere else // don't have to handle this case everywhere else
// I'm paranoid about a loop of some sort - only do this // I'm paranoid about a loop of some sort - only do this
// if we're enumerating all prefs, and ignore any error // if we're enumerating all prefs, and ignore any error
if (!pref) if (!pref)
prefBranch->SetIntPref(PROXY_PREF("type"), type); prefBranch->SetIntPref(PROXY_PREF("type"), type);
} else if (type >= eProxyConfig_Last) { } else if (type >= PROXYCONFIG_COUNT) {
LOG(("unknown proxy type: %lu; assuming direct\n", type)); LOG(("unknown proxy type: %lu; assuming direct\n", type));
type = eProxyConfig_Direct; type = PROXYCONFIG_DIRECT;
} }
mProxyConfig = static_cast<ProxyConfig>(type); mProxyConfig = type;
reloadPAC = PR_TRUE; reloadPAC = PR_TRUE;
} }
if (mProxyConfig == eProxyConfig_System) { if (mProxyConfig == PROXYCONFIG_SYSTEM) {
mSystemProxySettings = do_GetService(NS_SYSTEMPROXYSETTINGS_CONTRACTID); mSystemProxySettings = do_GetService(NS_SYSTEMPROXYSETTINGS_CONTRACTID);
if (!mSystemProxySettings) if (!mSystemProxySettings)
mProxyConfig = eProxyConfig_Direct; mProxyConfig = PROXYCONFIG_DIRECT;
} else { } else {
mSystemProxySettings = nsnull; mSystemProxySettings = nsnull;
} }
@ -462,8 +465,8 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
// We're done if not using something that could give us a PAC URL // We're done if not using something that could give us a PAC URL
// (PAC, WPAD or System) // (PAC, WPAD or System)
if (mProxyConfig != eProxyConfig_PAC && mProxyConfig != eProxyConfig_WPAD && if (mProxyConfig != PROXYCONFIG_PAC && mProxyConfig != PROXYCONFIG_WPAD &&
mProxyConfig != eProxyConfig_System) mProxyConfig != PROXYCONFIG_SYSTEM)
return; return;
// OK, we need to reload the PAC file if: // OK, we need to reload the PAC file if:
@ -475,10 +478,10 @@ nsProtocolProxyService::PrefsChanged(nsIPrefBranch *prefBranch,
if (reloadPAC) { if (reloadPAC) {
tempString.Truncate(); tempString.Truncate();
if (mProxyConfig == eProxyConfig_PAC) { if (mProxyConfig == PROXYCONFIG_PAC) {
prefBranch->GetCharPref(PROXY_PREF("autoconfig_url"), prefBranch->GetCharPref(PROXY_PREF("autoconfig_url"),
getter_Copies(tempString)); getter_Copies(tempString));
} else if (mProxyConfig == eProxyConfig_WPAD) { } else if (mProxyConfig == PROXYCONFIG_WPAD) {
// We diverge from the WPAD spec here in that we don't walk the // We diverge from the WPAD spec here in that we don't walk the
// hosts's FQDN, stripping components until we hit a TLD. Doing so // hosts's FQDN, stripping components until we hit a TLD. Doing so
// is dangerous in the face of an incomplete list of TLDs, and TLDs // is dangerous in the face of an incomplete list of TLDs, and TLDs
@ -814,9 +817,9 @@ nsProtocolProxyService::ReloadPAC()
return NS_OK; return NS_OK;
nsXPIDLCString pacSpec; nsXPIDLCString pacSpec;
if (type == eProxyConfig_PAC) if (type == PROXYCONFIG_PAC)
prefs->GetCharPref(PROXY_PREF("autoconfig_url"), getter_Copies(pacSpec)); prefs->GetCharPref(PROXY_PREF("autoconfig_url"), getter_Copies(pacSpec));
else if (type == eProxyConfig_WPAD) else if (type == PROXYCONFIG_WPAD)
pacSpec.AssignLiteral(WPAD_URL); pacSpec.AssignLiteral(WPAD_URL);
if (!pacSpec.IsEmpty()) if (!pacSpec.IsEmpty())
@ -835,7 +838,7 @@ nsProtocolProxyService::Resolve(nsIURI *uri, PRUint32 flags,
return rv; return rv;
PRBool usePAC; PRBool usePAC;
rv = Resolve_Internal(uri, info, &usePAC, result); rv = Resolve_Internal(uri, info, flags, &usePAC, result);
if (NS_FAILED(rv)) if (NS_FAILED(rv))
return rv; return rv;
@ -884,7 +887,7 @@ nsProtocolProxyService::AsyncResolve(nsIURI *uri, PRUint32 flags,
PRBool usePAC; PRBool usePAC;
nsCOMPtr<nsIProxyInfo> pi; nsCOMPtr<nsIProxyInfo> pi;
rv = Resolve_Internal(uri, info, &usePAC, getter_AddRefs(pi)); rv = Resolve_Internal(uri, info, flags, &usePAC, getter_AddRefs(pi));
if (NS_FAILED(rv)) if (NS_FAILED(rv))
return rv; return rv;
@ -946,8 +949,8 @@ nsProtocolProxyService::GetFailoverForProxy(nsIProxyInfo *aProxy,
{ {
// We only support failover when a PAC file is configured, either // We only support failover when a PAC file is configured, either
// directly or via system settings // directly or via system settings
if (mProxyConfig != eProxyConfig_PAC && mProxyConfig != eProxyConfig_WPAD && if (mProxyConfig != PROXYCONFIG_PAC && mProxyConfig != PROXYCONFIG_WPAD &&
mProxyConfig != eProxyConfig_System) mProxyConfig != PROXYCONFIG_SYSTEM)
return NS_ERROR_NOT_AVAILABLE; return NS_ERROR_NOT_AVAILABLE;
// Verify that |aProxy| is one of our nsProxyInfo objects. // Verify that |aProxy| is one of our nsProxyInfo objects.
@ -1033,6 +1036,14 @@ nsProtocolProxyService::UnregisterFilter(nsIProtocolProxyFilter *filter)
// No need to throw an exception in this case. // No need to throw an exception in this case.
return NS_OK; return NS_OK;
} }
NS_IMETHODIMP
nsProtocolProxyService::GetProxyConfigType(PRUint32* aProxyConfigType)
{
*aProxyConfigType = mProxyConfig;
return NS_OK;
}
void void
nsProtocolProxyService::LoadHostFilters(const char *filters) nsProtocolProxyService::LoadHostFilters(const char *filters)
{ {
@ -1220,6 +1231,7 @@ nsProtocolProxyService::NewProxyInfo_Internal(const char *aType,
nsresult nsresult
nsProtocolProxyService::Resolve_Internal(nsIURI *uri, nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
const nsProtocolInfo &info, const nsProtocolInfo &info,
PRUint32 flags,
PRBool *usePAC, PRBool *usePAC,
nsIProxyInfo **result) nsIProxyInfo **result)
{ {
@ -1254,14 +1266,14 @@ nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
// if proxies are enabled and this host:port combo is supposed to use a // if proxies are enabled and this host:port combo is supposed to use a
// proxy, check for a proxy. // proxy, check for a proxy.
if (mProxyConfig == eProxyConfig_Direct || if (mProxyConfig == PROXYCONFIG_DIRECT ||
(mProxyConfig == eProxyConfig_Manual && (mProxyConfig == PROXYCONFIG_MANUAL &&
!CanUseProxy(uri, info.defaultPort))) !CanUseProxy(uri, info.defaultPort)))
return NS_OK; return NS_OK;
// Proxy auto config magic... // Proxy auto config magic...
if (mProxyConfig == eProxyConfig_PAC || mProxyConfig == eProxyConfig_WPAD || if (mProxyConfig == PROXYCONFIG_PAC || mProxyConfig == PROXYCONFIG_WPAD ||
mProxyConfig == eProxyConfig_System) { mProxyConfig == PROXYCONFIG_SYSTEM) {
// Do not query PAC now. // Do not query PAC now.
*usePAC = PR_TRUE; *usePAC = PR_TRUE;
return NS_OK; return NS_OK;
@ -1274,19 +1286,39 @@ nsProtocolProxyService::Resolve_Internal(nsIURI *uri,
PRUint32 proxyFlags = 0; PRUint32 proxyFlags = 0;
if (!mHTTPProxyHost.IsEmpty() && mHTTPProxyPort > 0 && if ((flags & RESOLVE_PREFER_SOCKS_PROXY) &&
info.scheme.EqualsLiteral("http")) { !mSOCKSProxyHost.IsEmpty() && mSOCKSProxyPort > 0) {
host = &mSOCKSProxyHost;
if (mSOCKSProxyVersion == 4)
type = kProxyType_SOCKS4;
else
type = kProxyType_SOCKS;
port = mSOCKSProxyPort;
if (mSOCKSProxyRemoteDNS)
proxyFlags |= nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST;
}
else if ((flags & RESOLVE_PREFER_HTTPS_PROXY) &&
!mHTTPSProxyHost.IsEmpty() && mHTTPSProxyPort > 0) {
host = &mHTTPSProxyHost;
type = kProxyType_HTTP;
port = mHTTPSProxyPort;
}
else if (!mHTTPProxyHost.IsEmpty() && mHTTPProxyPort > 0 &&
((flags & RESOLVE_IGNORE_URI_SCHEME) ||
info.scheme.EqualsLiteral("http"))) {
host = &mHTTPProxyHost; host = &mHTTPProxyHost;
type = kProxyType_HTTP; type = kProxyType_HTTP;
port = mHTTPProxyPort; port = mHTTPProxyPort;
} }
else if (!mHTTPSProxyHost.IsEmpty() && mHTTPSProxyPort > 0 && else if (!mHTTPSProxyHost.IsEmpty() && mHTTPSProxyPort > 0 &&
!(flags & RESOLVE_IGNORE_URI_SCHEME) &&
info.scheme.EqualsLiteral("https")) { info.scheme.EqualsLiteral("https")) {
host = &mHTTPSProxyHost; host = &mHTTPSProxyHost;
type = kProxyType_HTTP; type = kProxyType_HTTP;
port = mHTTPSProxyPort; port = mHTTPSProxyPort;
} }
else if (!mFTPProxyHost.IsEmpty() && mFTPProxyPort > 0 && else if (!mFTPProxyHost.IsEmpty() && mFTPProxyPort > 0 &&
!(flags & RESOLVE_IGNORE_URI_SCHEME) &&
info.scheme.EqualsLiteral("ftp")) { info.scheme.EqualsLiteral("ftp")) {
host = &mFTPProxyHost; host = &mFTPProxyHost;
type = kProxyType_HTTP; type = kProxyType_HTTP;

Просмотреть файл

@ -220,6 +220,8 @@ protected:
* The URI to test. * The URI to test.
* @param info * @param info
* Information about the URI's protocol. * Information about the URI's protocol.
* @param flags
* The flags passed to either the resolve or the asyncResolve method.
* @param usePAC * @param usePAC
* If this flag is set upon return, then PAC should be queried to * If this flag is set upon return, then PAC should be queried to
* resolve the proxy info. * resolve the proxy info.
@ -228,6 +230,7 @@ protected:
*/ */
NS_HIDDEN_(nsresult) Resolve_Internal(nsIURI *uri, NS_HIDDEN_(nsresult) Resolve_Internal(nsIURI *uri,
const nsProtocolInfo &info, const nsProtocolInfo &info,
PRUint32 flags,
PRBool *usePAC, PRBool *usePAC,
nsIProxyInfo **result); nsIProxyInfo **result);
@ -306,17 +309,6 @@ public:
PRUint32 host_len; PRUint32 host_len;
}; };
// These values correspond to the integer network.proxy.type preference
enum ProxyConfig {
eProxyConfig_Direct,
eProxyConfig_Manual,
eProxyConfig_PAC,
eProxyConfig_Direct4x,
eProxyConfig_WPAD,
eProxyConfig_System, // use system proxy settings if available, otherwise DIRECT
eProxyConfig_Last
};
protected: protected:
// simplified array of filters defined by this struct // simplified array of filters defined by this struct
@ -357,7 +349,7 @@ protected:
// of FilterLink objects. // of FilterLink objects.
FilterLink *mFilters; FilterLink *mFilters;
ProxyConfig mProxyConfig; PRUint32 mProxyConfig;
nsCString mHTTPProxyHost; nsCString mHTTPProxyHost;
PRInt32 mHTTPProxyPort; PRInt32 mHTTPProxyPort;

Просмотреть файл

@ -556,6 +556,18 @@
{0x9f, 0xd4, 0xe0, 0x65, 0xe8, 0x55, 0x68, 0xf4} \ {0x9f, 0xd4, 0xe0, 0x65, 0xe8, 0x55, 0x68, 0xf4} \
} }
#define NS_HTTPCHANNELAUTHPROVIDER_CLASSNAME \
"nsHttpChannelAuthProvider"
#define NS_HTTPCHANNELAUTHPROVIDER_CONTRACTID \
"@mozilla.org/network/http-channel-auth-provider;1"
#define NS_HTTPCHANNELAUTHPROVIDER_CID \
{ /* 02f5a8d8-4ef3-48b1-b527-8a643056abbd */ \
0x02f5a8d8, \
0x4ef3, \
0x48b1, \
{0xb5, 0x27, 0x8a, 0x64, 0x30, 0x56, 0xab, 0xbd} \
}
#define NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME \ #define NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME \
"nsHttpActivityDistributor" "nsHttpActivityDistributor"
#define NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID \ #define NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID \

Просмотреть файл

@ -228,6 +228,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFtpProtocolHandler, Init)
#undef LOG #undef LOG
#undef LOG_ENABLED #undef LOG_ENABLED
#include "nsHttpAuthManager.h" #include "nsHttpAuthManager.h"
#include "nsHttpChannelAuthProvider.h"
#include "nsHttpBasicAuth.h" #include "nsHttpBasicAuth.h"
#include "nsHttpDigestAuth.h" #include "nsHttpDigestAuth.h"
#include "nsHttpNTLMAuth.h" #include "nsHttpNTLMAuth.h"
@ -238,6 +239,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNTLMAuth)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpHandler, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpHandler, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpChannelAuthProvider)
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpActivityDistributor, Init) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpActivityDistributor, Init)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth) NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth)
NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth) NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth)
@ -976,6 +978,11 @@ static const nsModuleComponentInfo gNetModuleInfo[] = {
NS_HTTPAUTHMANAGER_CONTRACTID, NS_HTTPAUTHMANAGER_CONTRACTID,
nsHttpAuthManagerConstructor }, nsHttpAuthManagerConstructor },
{ NS_HTTPCHANNELAUTHPROVIDER_CLASSNAME,
NS_HTTPCHANNELAUTHPROVIDER_CID,
NS_HTTPCHANNELAUTHPROVIDER_CONTRACTID,
nsHttpChannelAuthProviderConstructor },
{ NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME, { NS_HTTPACTIVITYDISTRIBUTOR_CLASSNAME,
NS_HTTPACTIVITYDISTRIBUTOR_CID, NS_HTTPACTIVITYDISTRIBUTOR_CID,
NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID, NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID,

Просмотреть файл

@ -51,7 +51,7 @@
#include "nsNetCID.h" #include "nsNetCID.h"
#include "nsNetError.h" #include "nsNetError.h"
#include "nsDNSPrefetch.h" #include "nsDNSPrefetch.h"
#include "nsProtocolProxyService.h" #include "nsIProtocolProxyService.h"
#include "prsystem.h" #include "prsystem.h"
#include "prnetdb.h" #include "prnetdb.h"
#include "prmon.h" #include "prmon.h"
@ -333,7 +333,7 @@ nsDNSService::Init()
PRBool enableIDN = PR_TRUE; PRBool enableIDN = PR_TRUE;
PRBool disableIPv6 = PR_FALSE; PRBool disableIPv6 = PR_FALSE;
PRBool disablePrefetch = PR_FALSE; PRBool disablePrefetch = PR_FALSE;
int proxyType = nsProtocolProxyService::eProxyConfig_Direct; int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT;
nsAdoptingCString ipv4OnlyDomains; nsAdoptingCString ipv4OnlyDomains;
@ -395,7 +395,7 @@ nsDNSService::Init()
mDisableIPv6 = disableIPv6; mDisableIPv6 = disableIPv6;
// Disable prefetching either by explicit preference or if a manual proxy is configured // Disable prefetching either by explicit preference or if a manual proxy is configured
mDisablePrefetch = disablePrefetch || (proxyType == nsProtocolProxyService::eProxyConfig_Manual); mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL);
} }
nsDNSPrefetch::Initialize(this); nsDNSPrefetch::Initialize(this);

Просмотреть файл

@ -63,6 +63,8 @@ XPIDLSRCS = \
nsIHttpChannelInternal.idl \ nsIHttpChannelInternal.idl \
nsIHttpEventSink.idl \ nsIHttpEventSink.idl \
nsIHttpProtocolHandler.idl \ nsIHttpProtocolHandler.idl \
nsIHttpChannelAuthProvider.idl \
nsIHttpAuthenticableChannel.idl \
$(NULL) $(NULL)
CPPSRCS = \ CPPSRCS = \
@ -84,6 +86,7 @@ CPPSRCS = \
nsHttpChannel.cpp \ nsHttpChannel.cpp \
nsHttpPipeline.cpp \ nsHttpPipeline.cpp \
nsHttpActivityDistributor.cpp \ nsHttpActivityDistributor.cpp \
nsHttpChannelAuthProvider.cpp \
$(NULL) $(NULL)
LOCAL_INCLUDES = \ LOCAL_INCLUDES = \

Просмотреть файл

@ -70,7 +70,7 @@ NS_IMPL_ISUPPORTS1(nsHttpBasicAuth, nsIHttpAuthenticator)
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
NS_IMETHODIMP NS_IMETHODIMP
nsHttpBasicAuth::ChallengeReceived(nsIHttpChannel *httpChannel, nsHttpBasicAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
nsISupports **sessionState, nsISupports **sessionState,
@ -84,7 +84,7 @@ nsHttpBasicAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
} }
NS_IMETHODIMP NS_IMETHODIMP
nsHttpBasicAuth::GenerateCredentials(nsIHttpChannel *httpChannel, nsHttpBasicAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
const PRUnichar *domain, const PRUnichar *domain,

Разница между файлами не показана из-за своего большого размера Загрузить разницу

Просмотреть файл

@ -43,7 +43,6 @@
#include "nsHttpTransaction.h" #include "nsHttpTransaction.h"
#include "nsHttpRequestHead.h" #include "nsHttpRequestHead.h"
#include "nsHttpAuthCache.h"
#include "nsHashPropertyBag.h" #include "nsHashPropertyBag.h"
#include "nsInputStreamPump.h" #include "nsInputStreamPump.h"
#include "nsThreadUtils.h" #include "nsThreadUtils.h"
@ -83,13 +82,12 @@
#include "nsISupportsPriority.h" #include "nsISupportsPriority.h"
#include "nsIProtocolProxyCallback.h" #include "nsIProtocolProxyCallback.h"
#include "nsICancelable.h" #include "nsICancelable.h"
#include "nsIProxiedChannel.h" #include "nsIHttpAuthenticableChannel.h"
#include "nsITraceableChannel.h" #include "nsITraceableChannel.h"
#include "nsIAuthPromptCallback.h" #include "nsIHttpChannelAuthProvider.h"
class nsHttpResponseHead; class nsHttpResponseHead;
class nsAHttpConnection; class nsAHttpConnection;
class nsIHttpAuthenticator;
class nsProxyInfo; class nsProxyInfo;
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
@ -109,10 +107,9 @@ class nsHttpChannel : public nsHashPropertyBag
, public nsIResumableChannel , public nsIResumableChannel
, public nsISupportsPriority , public nsISupportsPriority
, public nsIProtocolProxyCallback , public nsIProtocolProxyCallback
, public nsIProxiedChannel , public nsIHttpAuthenticableChannel
, public nsITraceableChannel , public nsITraceableChannel
, public nsIApplicationCacheChannel , public nsIApplicationCacheChannel
, public nsIAuthPromptCallback
{ {
public: public:
NS_DECL_ISUPPORTS_INHERITED NS_DECL_ISUPPORTS_INHERITED
@ -135,7 +132,19 @@ public:
NS_DECL_NSITRACEABLECHANNEL NS_DECL_NSITRACEABLECHANNEL
NS_DECL_NSIAPPLICATIONCACHECONTAINER NS_DECL_NSIAPPLICATIONCACHECONTAINER
NS_DECL_NSIAPPLICATIONCACHECHANNEL NS_DECL_NSIAPPLICATIONCACHECHANNEL
NS_DECL_NSIAUTHPROMPTCALLBACK
// nsIHttpAuthenticableChannel. We can't use
// NS_DECL_NSIHTTPAUTHENTICABLECHANNEL because it duplicates cancel() and
// others.
NS_IMETHOD GetIsSSL(PRBool *aIsSSL);
NS_IMETHOD GetProxyMethodIsConnect(PRBool *aProxyMethodIsConnect);
NS_IMETHOD GetServerResponseHeader(nsACString & aServerResponseHeader);
NS_IMETHOD GetProxyChallenges(nsACString & aChallenges);
NS_IMETHOD GetWWWChallenges(nsACString & aChallenges);
NS_IMETHOD SetProxyCredentials(const nsACString & aCredentials);
NS_IMETHOD SetWWWCredentials(const nsACString & aCredentials);
NS_IMETHOD OnAuthAvailable();
NS_IMETHOD OnAuthCancelled(PRBool userCancel);
nsHttpChannel(); nsHttpChannel();
virtual ~nsHttpChannel(); virtual ~nsHttpChannel();
@ -180,7 +189,6 @@ private:
nsresult ProcessRedirection(PRUint32 httpStatus); nsresult ProcessRedirection(PRUint32 httpStatus);
PRBool ShouldSSLProxyResponseContinue(PRUint32 httpStatus); PRBool ShouldSSLProxyResponseContinue(PRUint32 httpStatus);
nsresult ProcessFailedSSLConnect(PRUint32 httpStatus); nsresult ProcessFailedSSLConnect(PRUint32 httpStatus);
nsresult ProcessAuthentication(PRUint32 httpStatus);
nsresult ProcessFallback(PRBool *fallingBack); nsresult ProcessFallback(PRBool *fallingBack);
PRBool ResponseWouldVary(); PRBool ResponseWouldVary();
@ -226,41 +234,8 @@ private:
nsresult ProcessPartialContent(); nsresult ProcessPartialContent();
nsresult OnDoneReadingPartialCacheEntry(PRBool *streamDone); nsresult OnDoneReadingPartialCacheEntry(PRBool *streamDone);
// auth specific methods
nsresult PrepareForAuthentication(PRBool proxyAuth);
nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, PRBool proxyAuth, const char *scheme, const char *host, PRInt32 port, const char *dir, const char *realm, const char *challenge, const nsHttpAuthIdentity &ident, nsCOMPtr<nsISupports> &session, char **result);
nsresult GetAuthenticator(const char *challenge, nsCString &scheme, nsIHttpAuthenticator **auth);
void ParseRealm(const char *challenge, nsACString &realm);
void GetIdentityFromURI(PRUint32 authFlags, nsHttpAuthIdentity&);
/**
* Following three methods return NS_ERROR_IN_PROGRESS when
* nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
* the user's decision will be gathered in a callback and is not an actual
* error.
*/
nsresult GetCredentials(const char *challenges, PRBool proxyAuth, nsAFlatCString &creds);
nsresult GetCredentialsForChallenge(const char *challenge, const char *scheme, PRBool proxyAuth, nsIHttpAuthenticator *auth, nsAFlatCString &creds);
nsresult PromptForIdentity(PRUint32 level, PRBool proxyAuth, const char *realm, const char *authType, PRUint32 authFlags, nsHttpAuthIdentity &);
PRBool ConfirmAuth(const nsString &bundleKey, PRBool doYesNoPrompt);
void CheckForSuperfluousAuth();
void SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header, const char *scheme, const char *host, PRInt32 port, const char *path, nsHttpAuthIdentity &ident);
void AddAuthorizationHeaders();
nsresult GetCurrentPath(nsACString &);
/**
* Return all information needed to build authorization information,
* all paramters except proxyAuth are out parameters. proxyAuth specifies
* with what authorization we work (WWW or proxy).
*/
nsresult GetAuthorizationMembers(PRBool proxyAuth, nsCSubstring& scheme, const char*& host, PRInt32& port, nsCSubstring& path, nsHttpAuthIdentity*& ident, nsISupports**& continuationState);
nsresult DoAuthRetry(nsAHttpConnection *); nsresult DoAuthRetry(nsAHttpConnection *);
PRBool MustValidateBasedOnQueryUrl(); PRBool MustValidateBasedOnQueryUrl();
/**
* Method called to resume suspended transaction after we got credentials
* from the user. Called from OnAuthAvailable callback or OnAuthCancelled
* when credentials for next challenge were obtained synchronously.
*/
nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
private: private:
nsCOMPtr<nsIURI> mOriginalURI; nsCOMPtr<nsIURI> mOriginalURI;
@ -311,25 +286,7 @@ private:
nsCOMPtr<nsIApplicationCache> mApplicationCache; nsCOMPtr<nsIApplicationCache> mApplicationCache;
// auth specific data // auth specific data
nsISupports *mProxyAuthContinuationState; nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider;
nsCString mProxyAuthType;
nsISupports *mAuthContinuationState;
nsCString mAuthType;
nsHttpAuthIdentity mIdent;
nsHttpAuthIdentity mProxyIdent;
// Reference to the prompt wating in prompt queue. The channel is
// responsible to call its cancel method when user in any way cancels
// this request.
nsCOMPtr<nsICancelable> mAsyncPromptAuthCancelable;
// Saved in GetCredentials when prompt is asynchronous, the first challenge
// we obtained from the server with 401/407 response, will be processed in
// OnAuthAvailable callback.
nsCString mCurrentChallenge;
// Saved in GetCredentials when prompt is asynchronous, remaning challenges
// we have to process when user cancels the auth dialog for the current
// challenge.
nsCString mRemainingChallenges;
// Resumable channel specific data // Resumable channel specific data
nsCString mEntityID; nsCString mEntityID;
@ -367,12 +324,6 @@ private:
PRUint32 mTransactionReplaced : 1; PRUint32 mTransactionReplaced : 1;
PRUint32 mUploadStreamHasHeaders : 1; PRUint32 mUploadStreamHasHeaders : 1;
PRUint32 mAuthRetryPending : 1; PRUint32 mAuthRetryPending : 1;
// True when we need to authenticate to proxy, i.e. when we get 407
// response. Used in OnAuthAvailable and OnAuthCancelled callbacks.
PRUint32 mProxyAuth : 1;
PRUint32 mTriedProxyAuth : 1;
PRUint32 mTriedHostAuth : 1;
PRUint32 mSuppressDefensiveAuth : 1;
PRUint32 mResuming : 1; PRUint32 mResuming : 1;
PRUint32 mInitedCacheEntry : 1; PRUint32 mInitedCacheEntry : 1;
PRUint32 mCacheForOfflineUse : 1; PRUint32 mCacheForOfflineUse : 1;

Разница между файлами не показана из-за своего большого размера Загрузить разницу

Просмотреть файл

@ -0,0 +1,169 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* vim:set et cin ts=4 sw=4 sts=4: */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Mozilla.
*
* The Initial Developer of the Original Code is
* Netscape Communications.
* Portions created by the Initial Developer are Copyright (C) 2001
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Darin Fisher <darin@netscape.com> (original author)
* Christian Biesinger <cbiesinger@web.de>
* Wellington Fernando de Macedo <wfernandom2004@gmail.com>
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#ifndef nsHttpChannelAuthProvider_h__
#define nsHttpChannelAuthProvider_h__
#include "nsIHttpChannelAuthProvider.h"
#include "nsIAuthPromptCallback.h"
#include "nsString.h"
#include "nsCOMPtr.h"
#include "nsIHttpAuthenticableChannel.h"
#include "nsIURI.h"
#include "nsHttpAuthCache.h"
#include "nsProxyInfo.h"
class nsIHttpAuthenticator;
class nsHttpChannelAuthProvider : public nsIHttpChannelAuthProvider
, public nsIAuthPromptCallback
{
public:
NS_DECL_ISUPPORTS
NS_DECL_NSICANCELABLE
NS_DECL_NSIHTTPCHANNELAUTHPROVIDER
NS_DECL_NSIAUTHPROMPTCALLBACK
nsHttpChannelAuthProvider();
virtual ~nsHttpChannelAuthProvider();
private:
const char *ProxyHost() const
{ return mProxyInfo ? mProxyInfo->Host().get() : nsnull; }
PRInt32 ProxyPort() const
{ return mProxyInfo ? mProxyInfo->Port() : -1; }
const char *Host() const { return mHost.get(); }
PRInt32 Port() const { return mPort; }
PRBool UsingSSL() const { return mUsingSSL; }
PRBool UsingHttpProxy() const
{ return !!(mProxyInfo && !nsCRT::strcmp(mProxyInfo->Type(), "http")); }
nsresult PrepareForAuthentication(PRBool proxyAuth);
nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, PRBool proxyAuth,
const char *scheme, const char *host,
PRInt32 port, const char *dir,
const char *realm, const char *challenge,
const nsHttpAuthIdentity &ident,
nsCOMPtr<nsISupports> &session, char **result);
nsresult GetAuthenticator(const char *challenge, nsCString &scheme,
nsIHttpAuthenticator **auth);
void ParseRealm(const char *challenge, nsACString &realm);
void GetIdentityFromURI(PRUint32 authFlags, nsHttpAuthIdentity&);
/**
* Following three methods return NS_ERROR_IN_PROGRESS when
* nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
* the user's decision will be gathered in a callback and is not an actual
* error.
*/
nsresult GetCredentials(const char *challenges, PRBool proxyAuth,
nsAFlatCString &creds);
nsresult GetCredentialsForChallenge(const char *challenge,
const char *scheme, PRBool proxyAuth,
nsIHttpAuthenticator *auth,
nsAFlatCString &creds);
nsresult PromptForIdentity(PRUint32 level, PRBool proxyAuth,
const char *realm, const char *authType,
PRUint32 authFlags, nsHttpAuthIdentity &);
PRBool ConfirmAuth(const nsString &bundleKey, PRBool doYesNoPrompt);
void SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header,
const char *scheme, const char *host,
PRInt32 port, const char *path,
nsHttpAuthIdentity &ident);
nsresult GetCurrentPath(nsACString &);
/**
* Return all information needed to build authorization information,
* all parameters except proxyAuth are out parameters. proxyAuth specifies
* with what authorization we work (WWW or proxy).
*/
nsresult GetAuthorizationMembers(PRBool proxyAuth, nsCSubstring& scheme,
const char*& host, PRInt32& port,
nsCSubstring& path,
nsHttpAuthIdentity*& ident,
nsISupports**& continuationState);
/**
* Method called to resume suspended transaction after we got credentials
* from the user. Called from OnAuthAvailable callback or OnAuthCancelled
* when credentials for next challenge were obtained synchronously.
*/
nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
private:
nsIHttpAuthenticableChannel *mAuthChannel; // weak ref
nsCOMPtr<nsIURI> mURI;
nsCOMPtr<nsProxyInfo> mProxyInfo;
nsCString mHost;
PRInt32 mPort;
PRBool mUsingSSL;
nsISupports *mProxyAuthContinuationState;
nsCString mProxyAuthType;
nsISupports *mAuthContinuationState;
nsCString mAuthType;
nsHttpAuthIdentity mIdent;
nsHttpAuthIdentity mProxyIdent;
// Reference to the prompt wating in prompt queue. The channel is
// responsible to call its cancel method when user in any way cancels
// this request.
nsCOMPtr<nsICancelable> mAsyncPromptAuthCancelable;
// Saved in GetCredentials when prompt is asynchronous, the first challenge
// we obtained from the server with 401/407 response, will be processed in
// OnAuthAvailable callback.
nsCString mCurrentChallenge;
// Saved in GetCredentials when prompt is asynchronous, remaning challenges
// we have to process when user cancels the auth dialog for the current
// challenge.
nsCString mRemainingChallenges;
// True when we need to authenticate to proxy, i.e. when we get 407
// response. Used in OnAuthAvailable and OnAuthCancelled callbacks.
PRUint32 mProxyAuth : 1;
PRUint32 mTriedProxyAuth : 1;
PRUint32 mTriedHostAuth : 1;
PRUint32 mSuppressDefensiveAuth : 1;
};
#endif // nsHttpChannelAuthProvider_h__

Просмотреть файл

@ -42,7 +42,7 @@
#include <stdlib.h> #include <stdlib.h>
#include "nsHttp.h" #include "nsHttp.h"
#include "nsHttpDigestAuth.h" #include "nsHttpDigestAuth.h"
#include "nsIHttpChannel.h" #include "nsIHttpAuthenticableChannel.h"
#include "nsIServiceManager.h" #include "nsIServiceManager.h"
#include "nsXPCOM.h" #include "nsXPCOM.h"
#include "nsISupportsPrimitives.h" #include "nsISupportsPrimitives.h"
@ -109,23 +109,19 @@ nsHttpDigestAuth::MD5Hash(const char *buf, PRUint32 len)
} }
nsresult nsresult
nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel, nsHttpDigestAuth::GetMethodAndPath(nsIHttpAuthenticableChannel *authChannel,
PRBool isProxyAuth, PRBool isProxyAuth,
nsCString &httpMethod, nsCString &httpMethod,
nsCString &path) nsCString &path)
{ {
nsresult rv; nsresult rv;
nsCOMPtr<nsIURI> uri; nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri)); rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_SUCCEEDED(rv)) { if (NS_SUCCEEDED(rv)) {
PRBool isSecure; PRBool proxyMethodIsConnect;
rv = uri->SchemeIs("https", &isSecure); rv = authChannel->GetProxyMethodIsConnect(&proxyMethodIsConnect);
if (NS_SUCCEEDED(rv)) { if (NS_SUCCEEDED(rv)) {
// if (proxyMethodIsConnect && isProxyAuth) {
// if we are being called in response to a 407, and if the protocol
// is HTTPS, then we are really using a CONNECT method.
//
if (isSecure && isProxyAuth) {
httpMethod.AssignLiteral("CONNECT"); httpMethod.AssignLiteral("CONNECT");
// //
// generate hostname:port string. (unfortunately uri->GetHostPort // generate hostname:port string. (unfortunately uri->GetHostPort
@ -141,7 +137,7 @@ nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel,
} }
} }
else { else {
rv = httpChannel->GetRequestMethod(httpMethod); rv = authChannel->GetRequestMethod(httpMethod);
rv |= uri->GetPath(path); rv |= uri->GetPath(path);
if (NS_SUCCEEDED(rv)) { if (NS_SUCCEEDED(rv)) {
// //
@ -171,7 +167,7 @@ nsHttpDigestAuth::GetMethodAndPath(nsIHttpChannel *httpChannel,
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
NS_IMETHODIMP NS_IMETHODIMP
nsHttpDigestAuth::ChallengeReceived(nsIHttpChannel *httpChannel, nsHttpDigestAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
nsISupports **sessionState, nsISupports **sessionState,
@ -197,7 +193,7 @@ nsHttpDigestAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
} }
NS_IMETHODIMP NS_IMETHODIMP
nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel, nsHttpDigestAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
const PRUnichar *userdomain, const PRUnichar *userdomain,
@ -222,7 +218,7 @@ nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
PRBool requireExtraQuotes = PR_FALSE; PRBool requireExtraQuotes = PR_FALSE;
{ {
nsCAutoString serverVal; nsCAutoString serverVal;
httpChannel->GetResponseHeader(NS_LITERAL_CSTRING("Server"), serverVal); authChannel->GetServerResponseHeader(serverVal);
if (!serverVal.IsEmpty()) { if (!serverVal.IsEmpty()) {
requireExtraQuotes = !PL_strncasecmp(serverVal.get(), "Microsoft-IIS", 13); requireExtraQuotes = !PL_strncasecmp(serverVal.get(), "Microsoft-IIS", 13);
} }
@ -231,7 +227,7 @@ nsHttpDigestAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
nsresult rv; nsresult rv;
nsCAutoString httpMethod; nsCAutoString httpMethod;
nsCAutoString path; nsCAutoString path;
rv = GetMethodAndPath(httpChannel, isProxyAuth, httpMethod, path); rv = GetMethodAndPath(authChannel, isProxyAuth, httpMethod, path);
if (NS_FAILED(rv)) return rv; if (NS_FAILED(rv)) return rv;
nsCAutoString realm, domain, nonce, opaque; nsCAutoString realm, domain, nonce, opaque;

Просмотреть файл

@ -107,7 +107,8 @@ class nsHttpDigestAuth : public nsIHttpAuthenticator
// result is in mHashBuf // result is in mHashBuf
nsresult MD5Hash(const char *buf, PRUint32 len); nsresult MD5Hash(const char *buf, PRUint32 len);
nsresult GetMethodAndPath(nsIHttpChannel *, PRBool, nsCString &, nsCString &); nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
PRBool, nsCString &, nsCString &);
// append the quoted version of value to aHeaderLine // append the quoted version of value to aHeaderLine
nsresult AppendQuotedString(const nsACString & value, nsresult AppendQuotedString(const nsACString & value,

Просмотреть файл

@ -50,7 +50,7 @@
#include "nsIPrefBranch.h" #include "nsIPrefBranch.h"
#include "nsIPrefService.h" #include "nsIPrefService.h"
#include "nsIServiceManager.h" #include "nsIServiceManager.h"
#include "nsIHttpChannel.h" #include "nsIHttpAuthenticableChannel.h"
#include "nsIURI.h" #include "nsIURI.h"
static const char kAllowProxies[] = "network.automatic-ntlm-auth.allow-proxies"; static const char kAllowProxies[] = "network.automatic-ntlm-auth.allow-proxies";
@ -189,7 +189,8 @@ ForceGenericNTLM()
// Check to see if we should use default credentials for this host or proxy. // Check to see if we should use default credentials for this host or proxy.
static PRBool static PRBool
CanUseDefaultCredentials(nsIHttpChannel *channel, PRBool isProxyAuth) CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
PRBool isProxyAuth)
{ {
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
if (!prefs) if (!prefs)
@ -224,7 +225,7 @@ NS_IMPL_ISUPPORTS0(nsNTLMSessionState)
NS_IMPL_ISUPPORTS1(nsHttpNTLMAuth, nsIHttpAuthenticator) NS_IMPL_ISUPPORTS1(nsHttpNTLMAuth, nsIHttpAuthenticator)
NS_IMETHODIMP NS_IMETHODIMP
nsHttpNTLMAuth::ChallengeReceived(nsIHttpChannel *channel, nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
nsISupports **sessionState, nsISupports **sessionState,
@ -316,7 +317,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpChannel *channel,
} }
NS_IMETHODIMP NS_IMETHODIMP
nsHttpNTLMAuth::GenerateCredentials(nsIHttpChannel *httpChannel, nsHttpNTLMAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge, const char *challenge,
PRBool isProxyAuth, PRBool isProxyAuth,
const PRUnichar *domain, const PRUnichar *domain,
@ -351,7 +352,7 @@ nsHttpNTLMAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
if (PL_strcasecmp(challenge, "NTLM") == 0) { if (PL_strcasecmp(challenge, "NTLM") == 0) {
// NTLM service name format is 'HTTP@host' for both http and https // NTLM service name format is 'HTTP@host' for both http and https
nsCOMPtr<nsIURI> uri; nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri)); rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv)) if (NS_FAILED(rv))
return rv; return rv;
nsCAutoString serviceName, host; nsCAutoString serviceName, host;

Просмотреть файл

@ -0,0 +1,141 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Mozilla.
*
* The Initial Developer of the Original Code is
* Wellington Fernando de Macedo.
* Portions created by the Initial Developer are Copyright (C) 2009
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Wellington Fernando de Macedo <wfernandom2004@gmail.com> (original author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsIProxiedChannel.idl"
#include "nsIChannel.idl"
interface nsILoadGroup;
interface nsIURI;
interface nsIInterfaceRequestor;
[scriptable, uuid(701093ac-5c7f-429c-99e3-423b041fccb4)]
interface nsIHttpAuthenticableChannel : nsIProxiedChannel
{
/**
* If the channel being authenticated is using SSL.
*/
readonly attribute boolean isSSL;
/**
* Returns if the proxy HTTP method used is CONNECT. If no proxy is being
* used it must return PR_FALSE.
*/
readonly attribute boolean proxyMethodIsConnect;
/**
* Cancels the current request. See nsIRequest.
*/
void cancel(in nsresult aStatus);
/**
* The load flags of this request. See nsIRequest.
*/
readonly attribute nsLoadFlags loadFlags;
/**
* The URI corresponding to the channel. See nsIChannel.
*/
readonly attribute nsIURI URI;
/**
* The load group of this request. It is here for querying its
* notificationCallbacks. See nsIRequest.
*/
readonly attribute nsILoadGroup loadGroup;
/**
* The notification callbacks for the channel. See nsIChannel.
*/
readonly attribute nsIInterfaceRequestor notificationCallbacks;
/**
* The HTTP request method. See nsIHttpChannel.
*/
readonly attribute ACString requestMethod;
/**
* The "Server" response header.
* Return NS_ERROR_NOT_AVAILABLE if not available.
*/
readonly attribute ACString serverResponseHeader;
/**
* The Proxy-Authenticate response header.
*/
readonly attribute ACString proxyChallenges;
/**
* The WWW-Authenticate response header.
*/
readonly attribute ACString WWWChallenges;
/**
* Sets the Proxy-Authorization request header. An empty string
* will clear it.
*/
void setProxyCredentials(in ACString credentials);
/**
* Sets the Authorization request header. An empty string
* will clear it.
*/
void setWWWCredentials(in ACString credentials);
/**
* Called when authentication information is ready and has been set on this
* object using setWWWCredentials/setProxyCredentials. Implementations can
* continue with the request and send the given information to the server.
*
* It is called asynchronously from
* nsIHttpChannelAuthProvider::processAuthentication if that method returns
* NS_ERROR_IN_PROGRESS.
*
* @note Any exceptions thrown from this method should be ignored.
*/
void onAuthAvailable();
/**
* Notifies that the prompt was cancelled. It is called asynchronously
* from nsIHttpChannelAuthProvider::processAuthentication if that method
* returns NS_ERROR_IN_PROGRESS.
*
* @param userCancel
* If the user was cancelled has cancelled the authentication prompt.
*/
void onAuthCancelled(in boolean userCancel);
};

Просмотреть файл

@ -38,7 +38,7 @@
#include "nsISupports.idl" #include "nsISupports.idl"
interface nsIHttpChannel; interface nsIHttpAuthenticableChannel;
/** /**
* nsIHttpAuthenticator * nsIHttpAuthenticator
@ -51,7 +51,7 @@ interface nsIHttpChannel;
* where <auth-scheme> is the lower-cased value of the authentication scheme * where <auth-scheme> is the lower-cased value of the authentication scheme
* found in the server challenge per the rules of RFC 2617. * found in the server challenge per the rules of RFC 2617.
*/ */
[scriptable, uuid(36402c9d-c280-4860-b4b0-2e7eb35b0aaf)] [scriptable, uuid(16784db0-fcb1-4352-b0c9-6a3a67e3cf79)]
interface nsIHttpAuthenticator : nsISupports interface nsIHttpAuthenticator : nsISupports
{ {
/** /**
@ -78,12 +78,12 @@ interface nsIHttpAuthenticator : nsISupports
* return value indicating whether or not to prompt the user for a * return value indicating whether or not to prompt the user for a
* revised identity. * revised identity.
*/ */
void challengeReceived(in nsIHttpChannel aChannel, void challengeReceived(in nsIHttpAuthenticableChannel aChannel,
in string aChallenge, in string aChallenge,
in boolean aProxyAuth, in boolean aProxyAuth,
inout nsISupports aSessionState, inout nsISupports aSessionState,
inout nsISupports aContinuationState, inout nsISupports aContinuationState,
out boolean aInvalidatesIdentity); out boolean aInvalidatesIdentity);
/** /**
* Called to generate the authentication credentials for a particular * Called to generate the authentication credentials for a particular
@ -121,15 +121,15 @@ interface nsIHttpAuthenticator : nsISupports
* @param aFlags * @param aFlags
* authenticator may return one of the generate flags bellow. * authenticator may return one of the generate flags bellow.
*/ */
string generateCredentials(in nsIHttpChannel aChannel, string generateCredentials(in nsIHttpAuthenticableChannel aChannel,
in string aChallenge, in string aChallenge,
in boolean aProxyAuth, in boolean aProxyAuth,
in wstring aDomain, in wstring aDomain,
in wstring aUser, in wstring aUser,
in wstring aPassword, in wstring aPassword,
inout nsISupports aSessionState, inout nsISupports aSessionState,
inout nsISupports aContinuationState, inout nsISupports aContinuationState,
out unsigned long aFlags); out unsigned long aFlags);
/** /**
* Generate flags * Generate flags

Просмотреть файл

@ -0,0 +1,108 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set sw=2 ts=8 et tw=80 : */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is mozilla.org code.
*
* The Initial Developer of the Original Code is
* Wellington Fernando de Macedo.
* Portions created by the Initial Developer are Copyright (C) 2009
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Wellington Fernando de Macedo <wfernandom2004@gmail.com> (original author)
*
* Alternatively, the contents of this file may be used under the terms of
* either of the GNU General Public License Version 2 or later (the "GPL"),
* or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsICancelable.idl"
interface nsIHttpChannel;
interface nsIHttpAuthenticableChannel;
/**
* nsIHttpChannelAuthProvider
*
* This interface is intended for providing authentication for http-style
* channels, like nsIHttpChannel and nsIWebSocket, which implement the
* nsIHttpAuthenticableChannel interface.
*
* When requesting pages AddAuthorizationHeaders MUST be called
* in order to get the http cached headers credentials. When the request is
* unsuccessful because of receiving either a 401 or 407 http response code
* ProcessAuthentication MUST be called and the page MUST be requested again
* with the new credentials that the user has provided. After a successful
* request, checkForSuperfluousAuth MAY be called, and disconnect MUST be
* called.
*/
[scriptable, uuid(c68f3def-c7c8-4ee8-861c-eef49a48b702)]
interface nsIHttpChannelAuthProvider : nsICancelable
{
/**
* Initializes the http authentication support for the channel.
* Implementations must hold a weak reference of the channel.
*/
void init(in nsIHttpAuthenticableChannel channel);
/**
* Upon receipt of a server challenge, this function is called to determine
* the credentials to send.
*
* @param httpStatus
* the http status received.
* @param sslConnectFailed
* if the last ssl tunnel connection attempt was or not successful.
* @param callback
* the callback to be called when it returns NS_ERROR_IN_PROGRESS.
* The implementation must hold a weak reference.
*
* @returns NS_OK if the credentials were got and set successfully.
* NS_ERROR_IN_PROGRESS if the credentials are going to be asked to
* the user. The channel reference must be
* alive until the feedback from
* nsIHttpAuthenticableChannel's methods or
* until disconnect be called.
*/
void processAuthentication(in unsigned long httpStatus,
in boolean sslConnectFailed);
/**
* Add credentials from the http auth cache.
*/
void addAuthorizationHeaders();
/**
* Check if an unnecessary(and maybe malicious) url authentication has been
* provided.
*/
void checkForSuperfluousAuth();
/**
* Cancel pending user auth prompts and release the callback and channel
* weak references.
*/
void disconnect(in nsresult status);
};