extensions/auth/nsAuthSambaNTLM.h

   1 /* vim:set ts=4 sw=2 et cindent: */
   2 /* This Source Code Form is subject to the terms of the Mozilla Public
   3  * License, v. 2.0. If a copy of the MPL was not distributed with this
   4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   5
   6 #ifndef nsAuthSambaNTLM_h__
   7 #define nsAuthSambaNTLM_h__
   8
   9 #include "nsIAuthModule.h"
  10 #include "nsString.h"
  11 #include "nsCOMPtr.h"
  12 #include "prio.h"
  13 #include "prproces.h"
  14 #include "mozilla/Attributes.h"
  15
  16 /**
  17  * This is an implementation of NTLM authentication that does single-signon
  18  * by obtaining the user's Unix username, parsing it into DOMAIN\name format,
  19  * and then asking Samba's ntlm_auth tool to do the authentication for us
  20  * using the user's password cached in winbindd, if available. If the
  21  * password is not available then this component fails to instantiate so
  22  * nsHttpNTLMAuth will fall back to a different NTLM implementation.
  23  * NOTE: at time of writing, this requires patches to be added to the stock
  24  * Samba winbindd and ntlm_auth!
  25  */
  26 class nsAuthSambaNTLM final : public nsIAuthModule {
  27  public:
  28   NS_DECL_ISUPPORTS
  29   NS_DECL_NSIAUTHMODULE
  30
  31   nsAuthSambaNTLM();
  32
  33   // We spawn the ntlm_auth helper from the module constructor, because
  34   // that lets us fail to instantiate the module if ntlm_auth isn't
  35   // available, triggering fallback to the built-in NTLM support (which
  36   // doesn't support single signon, of course)
  37   nsresult SpawnNTLMAuthHelper();
  38
  39  private:
  40   ~nsAuthSambaNTLM();
  41
  42   void Shutdown();
  43
  44   uint8_t* mInitialMessage; /* free with free() */
  45   uint32_t mInitialMessageLen{};
  46   PRProcess* mChildPID;
  47   PRFileDesc* mFromChildFD;
  48   PRFileDesc* mToChildFD;
  49 };
  50
  51 #endif /* nsAuthSambaNTLM_h__ */