1 /* vim:set ts=4 sw=2 et cindent: */ 2 /* This Source Code Form is subject to the terms of the Mozilla Public 3 * License, v. 2.0. If a copy of the MPL was not distributed with this 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 5 6 #ifndef nsAuthGSSAPI_h__ 7 #define nsAuthGSSAPI_h__ 8 9 #include "nsAuth.h" 10 #include "nsIAuthModule.h" 11 #include "nsString.h" 12 #include "mozilla/Attributes.h" 13 14 #define GSS_USE_FUNCTION_POINTERS 1 15 16 #include "gssapi.h" 17 18 // The nsAuthGSSAPI class provides responses for the GSS-API Negotiate method 19 // as specified by Microsoft in draft-brezak-spnego-http-04.txt 20 21 /* Some remarks on thread safety ... 22 * 23 * The thread safety of this class depends largely upon the thread safety of 24 * the underlying GSSAPI and Kerberos libraries. This code just loads the 25 * system GSSAPI library, and whilst it avoids loading known bad libraries, 26 * it cannot determine the thread safety of the the code it loads. 27 * 28 * When used with a non-threadsafe library, it is not safe to simultaneously 29 * use multiple instantiations of this class. 30 * 31 * When used with a threadsafe Kerberos library, multiple instantiations of 32 * this class may happily co-exist. Methods may be sequentially called from 33 * multiple threads. The nature of the GSSAPI protocol is such that a correct 34 * implementation will never call methods in parallel, as the results of the 35 * last call are required as input to the next. 36 */ 37 38 class nsAuthGSSAPI final : public nsIAuthModule { 39 public: 40 NS_DECL_THREADSAFE_ISUPPORTS 41 NS_DECL_NSIAUTHMODULE 42 43 explicit nsAuthGSSAPI(pType package); 44 45 static void Shutdown(); 46 47 private: ~nsAuthGSSAPI()48 ~nsAuthGSSAPI() { Reset(); } 49 50 void Reset(); GetOID()51 gss_OID GetOID() { return mMechOID; } 52 53 private: 54 gss_ctx_id_t mCtx; 55 gss_OID mMechOID; 56 nsCString mServiceName; 57 uint32_t mServiceFlags; 58 nsString mUsername; 59 bool mComplete; 60 }; 61 62 #endif /* nsAuthGSSAPI_h__ */ 63