mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1502774 - Part 2: Remove XPCOM component registrations for auth module classes r=valentin 

Depends on D10025

Differential Revision: https://phabricator.services.mozilla.com/D10026

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Ehsan Akhgari 2018-10-29 14:40:29 +00:00
Родитель 7a780d8462
Коммит acc9a12f81
8 изменённых файлов: 79 добавлений и 228 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
extensions/auth/moz.build
Просмотреть файл

@ -26,6 +26,7 @@ else:
LOCAL_INCLUDES += [
'/netwerk/dns', # For nsDNSService2.h
'/security/manager/ssl',
]
FINAL_LIBRARY = 'xul'

234
extensions/auth/nsAuthFactory.cpp
Просмотреть файл

@ -3,206 +3,76 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "mozilla/ModuleUtils.h"
#include "nsAuth.h"
#include "nsCRT.h"
#include "nsIAuthModule.h"
//-----------------------------------------------------------------------------
#define NS_NEGOTIATEAUTH_CID \
{ /* 96ec4163-efc8-407a-8735-007fb26be4e8 */ \
0x96ec4163, \
0xefc8, \
0x407a, \
{0x87, 0x35, 0x00, 0x7f, 0xb2, 0x6b, 0xe4, 0xe8} \
}
#define NS_GSSAUTH_CID \
{ /* dc8e21a0-03e4-11da-8cd6-0800200c9a66 */ \
0xdc8e21a0, \
0x03e4, \
0x11da, \
{0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \
}
#include "nsAuthGSSAPI.h"
#if defined( USE_SSPI )
#include "nsAuthSSPI.h"
static nsresult
nsSysNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result)
{
if (outer)
return NS_ERROR_NO_AGGREGATION;
nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM);
if (!auth)
return NS_ERROR_OUT_OF_MEMORY;
NS_ADDREF(auth);
nsresult rv = auth->QueryInterface(iid, result);
NS_RELEASE(auth);
return rv;
}
static nsresult
nsKerbSSPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result)
{
if (outer)
return NS_ERROR_NO_AGGREGATION;
nsAuthSSPI *auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS);
if (!auth)
return NS_ERROR_OUT_OF_MEMORY;
NS_ADDREF(auth);
nsresult rv = auth->QueryInterface(iid, result);
NS_RELEASE(auth);
return rv;
}
#define NS_SYSNTLMAUTH_CID \
{ /* dc195987-6e9a-47bc-b1fd-ab895d398833 */ \
0xdc195987, \
0x6e9a, \
0x47bc, \
{0xb1, 0xfd, 0xab, 0x89, 0x5d, 0x39, 0x88, 0x33} \
}
#define NS_NEGOTIATEAUTHSSPI_CID \
{ /* 78d3b0c0-0241-11da-8cd6-0800200c9a66 */ \
0x78d3b0c0, \
0x0241, \
0x11da, \
{0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \
}
#define NS_KERBAUTHSSPI_CID \
{ /* 8c3a0e20-03e5-11da-8cd6-0800200c9a66 */ \
0x8c3a0e20, \
0x03e5, \
0x11da, \
{0x8c, 0xd6, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66} \
}
#else
#define NS_SAMBANTLMAUTH_CID \
{ /* bc54f001-6eb0-4e32-9f49-7e064d8e70ef */ \
0xbc54f001, \
0x6eb0, \
0x4e32, \
{0x9f, 0x49, 0x7e, 0x06, 0x4d, 0x8e, 0x70, 0xef} \
}
#include "nsAuthSambaNTLM.h"
static nsresult
nsSambaNTLMAuthConstructor(nsISupports *outer, REFNSIID iid, void **result)
{
if (outer)
return NS_ERROR_NO_AGGREGATION;
RefPtr<nsAuthSambaNTLM> auth = new nsAuthSambaNTLM();
if (!auth)
return NS_ERROR_OUT_OF_MEMORY;
nsresult rv = auth->SpawnNTLMAuthHelper();
if (NS_FAILED(rv)) {
// Failure here probably means that cached credentials were not available
return rv;
}
return auth->QueryInterface(iid, result);
}
#endif
static nsresult
nsKerbGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result)
{
if (outer)
return NS_ERROR_NO_AGGREGATION;
nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS);
if (!auth)
return NS_ERROR_OUT_OF_MEMORY;
NS_ADDREF(auth);
nsresult rv = auth->QueryInterface(iid, result);
NS_RELEASE(auth);
return rv;
}
static nsresult
nsGSSAPIAuthConstructor(nsISupports *outer, REFNSIID iid, void **result)
{
if (outer)
return NS_ERROR_NO_AGGREGATION;
nsAuthGSSAPI *auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE);
if (!auth)
return NS_ERROR_OUT_OF_MEMORY;
NS_ADDREF(auth);
nsresult rv = auth->QueryInterface(iid, result);
NS_RELEASE(auth);
return rv;
}
#if defined( USE_SSPI )
NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSSPI)
#endif
#define NS_AUTHSASL_CID \
{ /* 815e42e0-72cc-480f-934b-148e33c228a6 */ \
0x815e42e0, \
0x72cc, \
0x480f, \
{0x93, 0x4b, 0x14, 0x8e, 0x33, 0xc2, 0x28, 0xa6} \
}
#include "nsAuthSASL.h"
NS_GENERIC_FACTORY_CONSTRUCTOR(nsAuthSASL)
NS_DEFINE_NAMED_CID(NS_GSSAUTH_CID);
NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTH_CID);
#if defined( USE_SSPI )
NS_DEFINE_NAMED_CID(NS_NEGOTIATEAUTHSSPI_CID);
NS_DEFINE_NAMED_CID(NS_KERBAUTHSSPI_CID);
NS_DEFINE_NAMED_CID(NS_SYSNTLMAUTH_CID);
#else
NS_DEFINE_NAMED_CID(NS_SAMBANTLMAUTH_CID);
#endif
NS_DEFINE_NAMED_CID(NS_AUTHSASL_CID);
#include "nsNTLMAuthModule.h"
#include "nsNSSComponent.h"
static const mozilla::Module::CIDEntry kAuthCIDs[] = {
{ &kNS_GSSAUTH_CID, false, nullptr, nsKerbGSSAPIAuthConstructor },
{ &kNS_NEGOTIATEAUTH_CID, false, nullptr, nsGSSAPIAuthConstructor },
#if defined( USE_SSPI )
{ &kNS_NEGOTIATEAUTHSSPI_CID, false, nullptr, nsAuthSSPIConstructor },
{ &kNS_KERBAUTHSSPI_CID, false, nullptr, nsKerbSSPIAuthConstructor },
{ &kNS_SYSNTLMAUTH_CID, false, nullptr, nsSysNTLMAuthConstructor },
#else
{ &kNS_SAMBANTLMAUTH_CID, false, nullptr, nsSambaNTLMAuthConstructor },
#endif
{ &kNS_AUTHSASL_CID, false, nullptr, nsAuthSASLConstructor },
{ nullptr }
};
static const mozilla::Module::ContractIDEntry kAuthContracts[] = {
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss", &kNS_GSSAUTH_CID },
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss", &kNS_NEGOTIATEAUTH_CID },
#if defined( USE_SSPI )
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi", &kNS_NEGOTIATEAUTHSSPI_CID },
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi", &kNS_KERBAUTHSSPI_CID },
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SYSNTLMAUTH_CID },
#elif !defined(XP_MACOSX)
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm", &kNS_SAMBANTLMAUTH_CID },
#endif
{ NS_AUTH_MODULE_CONTRACTID_PREFIX "sasl-gssapi", &kNS_AUTHSASL_CID },
{ nullptr }
};
// static
already_AddRefed<nsIAuthModule>
nsIAuthModule::CreateInstance(const char* aType)
{
nsCOMPtr<nsIAuthModule> auth;
if (!nsCRT::strcmp(aType, "kerb-gss")) {
auth = new nsAuthGSSAPI(PACKAGE_TYPE_KERBEROS);
} else if (!nsCRT::strcmp(aType, "negotiate-gss")) {
auth = new nsAuthGSSAPI(PACKAGE_TYPE_NEGOTIATE);
#if defined( USE_SSPI )
} else if (!nsCRT::strcmp(aType, "negotiate-sspi")) {
auth = new nsAuthSSPI();
} else if (!nsCRT::strcmp(aType, "kerb-sspi")) {
auth = new nsAuthSSPI(PACKAGE_TYPE_KERBEROS);
} else if (!nsCRT::strcmp(aType, "sys-ntlm")) {
auth = new nsAuthSSPI(PACKAGE_TYPE_NTLM);
#elif !defined(XP_MACOSX)
} else if (!nsCRT::strcmp(aType, "sys-ntlm")) {
RefPtr<nsAuthSambaNTLM> sambaAuth = new nsAuthSambaNTLM();
nsresult rv = sambaAuth->SpawnNTLMAuthHelper();
if (NS_FAILED(rv)) {
// Failure here probably means that cached credentials were not available
return nullptr;
}
auth = sambaAuth.forget();
#endif
} else if (!nsCRT::strcmp(aType, "sasl-gssapi")) {
auth = new nsAuthSASL();
} else if (!nsCRT::strcmp(aType, "ntlm") &&
XRE_IsParentProcess() &&
EnsureNSSInitializedChromeOrContent()) {
RefPtr<nsNTLMAuthModule> ntlmAuth = new nsNTLMAuthModule();
nsresult rv = ntlmAuth->InitTest();
if (NS_FAILED(rv)) {
return nullptr;
}
auth = ntlmAuth.forget();
} else {
return nullptr;
}
return auth.forget();
}
//-----------------------------------------------------------------------------
mozilla::LazyLogModule gNegotiateLog("negotiateauth");

8
extensions/auth/nsAuthSASL.cpp
Просмотреть файл

@ -43,19 +43,17 @@ nsAuthSASL::Init(const char *serviceName,
serviceFlags |= REQ_MUTUAL_AUTH;
// Find out whether we should be trying SSPI or not
const char *contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-gss";
const char *authType = "kerb-gss";
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
if (prefs) {
bool val;
rv = prefs->GetBoolPref(kNegotiateAuthSSPI, &val);
if (NS_SUCCEEDED(rv) && val)
contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "kerb-sspi";
authType = "kerb-sspi";
}
mInnerModule = do_CreateInstance(contractID, &rv);
// if we can't create the GSSAPI module, then bail
NS_ENSURE_SUCCESS(rv, rv);
MOZ_ALWAYS_TRUE(mInnerModule = nsIAuthModule::CreateInstance(authType));
mInnerModule->Init(serviceName, serviceFlags, nullptr, nullptr, nullptr);

24
extensions/auth/nsHttpNegotiateAuth.cpp
Просмотреть файл

@ -154,13 +154,14 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
nsISupports **continuationState,
bool *identityInvalid)
{
nsIAuthModule *module = (nsIAuthModule *) *continuationState;
nsIAuthModule *rawModule = (nsIAuthModule *) *continuationState;
*identityInvalid = false;
if (module)
if (rawModule)
return NS_OK;
nsresult rv;
nsCOMPtr<nsIAuthModule> module;
nsCOMPtr<nsIURI> uri;
rv = authChannel->GetURI(getter_AddRefs(uri));
@ -215,31 +216,26 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
//
service.InsertLiteral("HTTP@", 0);
const char *contractID;
const char *authType;
if (TestBoolPref(kNegotiateAuthSSPI)) {
LOG((" using negotiate-sspi\n"));
contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-sspi";
authType = "negotiate-sspi";
}
else {
LOG((" using negotiate-gss\n"));
contractID = NS_AUTH_MODULE_CONTRACTID_PREFIX "negotiate-gss";
authType = "negotiate-gss";
}
rv = CallCreateInstance(contractID, &module);
MOZ_ALWAYS_TRUE(module = nsIAuthModule::CreateInstance(authType));
rv = module->Init(service.get(), req_flags, nullptr, nullptr, nullptr);
if (NS_FAILED(rv)) {
LOG((" Failed to load Negotiate Module \n"));
return rv;
}
rv = module->Init(service.get(), req_flags, nullptr, nullptr, nullptr);
if (NS_FAILED(rv)) {
NS_RELEASE(module);
return rv;
}
*continuationState = module;
module.forget(continuationState);
return NS_OK;
}

15
netwerk/base/nsIAuthModule.idl
Просмотреть файл

@ -133,13 +133,14 @@ interface nsIAuthModule : nsISupports
in unsigned long aInTokenLength,
out voidPtr aOutToken,
out unsigned long aOutTokenLength);
};
%{C++
/**
* nsIAuthModule implementations are registered under the following contract
* ID prefix:
*/
#define NS_AUTH_MODULE_CONTRACTID_PREFIX \
"@mozilla.org/network/auth-module;1?name="
/**
* Create a new instance of an auth module.
*
* @param aType
* The type of the auth module to be constructed.
*/
static already_AddRefed<nsIAuthModule> CreateInstance(const char* aType);
%}
};

10
netwerk/protocol/http/nsHttpNTLMAuth.cpp
Просмотреть файл

@ -186,7 +186,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
// If native NTLM auth apis are available and enabled through prefs,
// try to use them.
if (PL_strcasecmp(challenge, "NTLM") == 0) {
nsCOMPtr<nsISupports> module;
nsCOMPtr<nsIAuthModule> module;
// Check to see if we should default to our generic NTLM auth module
// through UseGenericNTLM. (We use native auth by default if the
@ -201,7 +201,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
// Try logging in with the user's default credentials. If
// successful, |identityInvalid| is false, which will trigger
// a default credentials attempt once we return.
module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm");
module = nsIAuthModule::CreateInstance("sys-ntlm");
}
#ifdef XP_WIN
else {
@ -210,7 +210,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
// Note, for servers that use LMv1 a weak hash of the user's password
// will be sent. We rely on windows internal apis to decide whether
// we should support this older, less secure version of the protocol.
module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "sys-ntlm");
module = nsIAuthModule::CreateInstance("sys-ntlm");
*identityInvalid = true;
}
#endif // XP_WIN
@ -238,7 +238,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
// Use our internal NTLM implementation. Note, this is less secure,
// see bug 520607 for details.
LOG(("Trying to fall back on internal ntlm auth.\n"));
module = do_CreateInstance(NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm");
module = nsIAuthModule::CreateInstance("ntlm");
mUseNative = false;
@ -254,7 +254,7 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel *channel,
// A non-null continuation state implies that we failed to authenticate.
// Blow away the old authentication state, and use the new one.
module.swap(*continuationState);
module.forget(continuationState);
}
return NS_OK;
}

5
security/manager/ssl/nsNSSModule.cpp
Просмотреть файл

@ -23,7 +23,6 @@
#include "nsNSSCertificateDB.h"
#include "nsNSSComponent.h"
#include "nsNSSVersion.h"
#include "nsNTLMAuthModule.h"
#include "nsNetCID.h"
#include "nsPK11TokenDB.h"
#include "nsPKCS11Slot.h"
@ -144,7 +143,6 @@ NS_DEFINE_NAMED_CID(NS_CERTTREE_CID);
#endif
NS_DEFINE_NAMED_CID(NS_CRYPTO_HASH_CID);
NS_DEFINE_NAMED_CID(NS_CRYPTO_HMAC_CID);
NS_DEFINE_NAMED_CID(NS_NTLMAUTHMODULE_CID);
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECT_CID);
NS_DEFINE_NAMED_CID(NS_KEYMODULEOBJECTFACTORY_CID);
NS_DEFINE_NAMED_CID(NS_CONTENTSIGNATUREVERIFIER_CID);
@ -183,8 +181,6 @@ static const mozilla::Module::CIDEntry kNSSCIDs[] = {
Constructor<nsCryptoHash, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_CRYPTO_HMAC_CID, false, nullptr,
Constructor<nsCryptoHMAC, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_NTLMAUTHMODULE_CID, false, nullptr,
Constructor<nsNTLMAuthModule, &nsNTLMAuthModule::InitTest> },
{ &kNS_KEYMODULEOBJECT_CID, false, nullptr,
Constructor<nsKeyObject, nullptr, ProcessRestriction::AnyProcess> },
{ &kNS_KEYMODULEOBJECTFACTORY_CID, false, nullptr,
@ -239,7 +235,6 @@ static const mozilla::Module::ContractIDEntry kNSSContracts[] = {
{ NS_CRYPTO_HASH_CONTRACTID, &kNS_CRYPTO_HASH_CID },
{ NS_CRYPTO_HMAC_CONTRACTID, &kNS_CRYPTO_HMAC_CID },
{ "@mozilla.org/uriloader/psm-external-content-listener;1", &kNS_PSMCONTENTLISTEN_CID },
{ NS_NTLMAUTHMODULE_CONTRACTID, &kNS_NTLMAUTHMODULE_CID },
{ NS_KEYMODULEOBJECT_CONTRACTID, &kNS_KEYMODULEOBJECT_CID },
{ NS_KEYMODULEOBJECTFACTORY_CONTRACTID, &kNS_KEYMODULEOBJECTFACTORY_CID },
{ NS_CONTENTSIGNATUREVERIFIER_CONTRACTID, &kNS_CONTENTSIGNATUREVERIFIER_CID },

10
security/manager/ssl/nsNTLMAuthModule.h
Просмотреть файл

@ -31,14 +31,4 @@ private:
bool mNTLMNegotiateSent;
};
#define NS_NTLMAUTHMODULE_CONTRACTID \
NS_AUTH_MODULE_CONTRACTID_PREFIX "ntlm"
#define NS_NTLMAUTHMODULE_CID \
{ /* a4e5888f-4fe4-4632-8e7e-745196ea7c70 */ \
0xa4e5888f, \
0x4fe4, \
0x4632, \
{0x8e, 0x7e, 0x74, 0x51, 0x96, 0xea, 0x7c, 0x70} \
}
#endif // nsNTLMAuthModule_h__