diff options
Diffstat (limited to 'extensions/auth/nsAuthSSPI.h')
-rw-r--r-- | extensions/auth/nsAuthSSPI.h | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/extensions/auth/nsAuthSSPI.h b/extensions/auth/nsAuthSSPI.h new file mode 100644 index 0000000000..96ad6b1cb9 --- /dev/null +++ b/extensions/auth/nsAuthSSPI.h @@ -0,0 +1,60 @@ +/* vim:set ts=4 sw=2 et cindent: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nsAuthSSPI_h__ +#define nsAuthSSPI_h__ + +#include "nsAuth.h" +#include "nsIAuthModule.h" +#include "nsString.h" + +#include <windows.h> + +#define SECURITY_WIN32 1 +#include <ntsecapi.h> +#include <security.h> +#include <rpc.h> + +// The nsNegotiateAuth class provides responses for the GSS-API Negotiate method +// as specified by Microsoft in draft-brezak-spnego-http-04.txt + +// It can also be configured to talk raw NTLM. This implementation of NTLM has +// the advantage of being able to access the user's logon credentials. This +// implementation of NTLM should only be used for single-signon. It should be +// avoided when authenticating over the internet since it may use a lower-grade +// version of password hashing depending on the version of Windows being used. + +class nsAuthSSPI final : public nsIAuthModule { + public: + NS_DECL_ISUPPORTS + NS_DECL_NSIAUTHMODULE + + explicit nsAuthSSPI(pType package = PACKAGE_TYPE_NEGOTIATE); + + private: + ~nsAuthSSPI(); + + void Reset(); + + typedef ::TimeStamp MS_TimeStamp; + + private: + nsresult MakeSN(const nsACString& principal, nsCString& result); + + CredHandle mCred; + CtxtHandle mCtxt; + nsCString mServiceName; + uint32_t mServiceFlags; + uint32_t mMaxTokenLen; + pType mPackage; + nsString mDomain; + nsString mUsername; + nsString mPassword; + bool mIsFirst; + void* mCertDERData; + uint32_t mCertDERLength; +}; + +#endif /* nsAuthSSPI_h__ */ |