blob: 96ad6b1cb903c1cfad7eceb002948f444a14bbec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
/* vim:set ts=4 sw=2 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsAuthSSPI_h__
#define nsAuthSSPI_h__
#include "nsAuth.h"
#include "nsIAuthModule.h"
#include "nsString.h"
#include <windows.h>
#define SECURITY_WIN32 1
#include <ntsecapi.h>
#include <security.h>
#include <rpc.h>
// The nsNegotiateAuth class provides responses for the GSS-API Negotiate method
// as specified by Microsoft in draft-brezak-spnego-http-04.txt
// It can also be configured to talk raw NTLM. This implementation of NTLM has
// the advantage of being able to access the user's logon credentials. This
// implementation of NTLM should only be used for single-signon. It should be
// avoided when authenticating over the internet since it may use a lower-grade
// version of password hashing depending on the version of Windows being used.
class nsAuthSSPI final : public nsIAuthModule {
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIAUTHMODULE
explicit nsAuthSSPI(pType package = PACKAGE_TYPE_NEGOTIATE);
private:
~nsAuthSSPI();
void Reset();
typedef ::TimeStamp MS_TimeStamp;
private:
nsresult MakeSN(const nsACString& principal, nsCString& result);
CredHandle mCred;
CtxtHandle mCtxt;
nsCString mServiceName;
uint32_t mServiceFlags;
uint32_t mMaxTokenLen;
pType mPackage;
nsString mDomain;
nsString mUsername;
nsString mPassword;
bool mIsFirst;
void* mCertDERData;
uint32_t mCertDERLength;
};
#endif /* nsAuthSSPI_h__ */
|