18e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project// Copyright (c) 2011 The Chromium Authors. All rights reserved. 28e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project// Use of this source code is governed by a BSD-style license that can be 38e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project// found in the LICENSE file. 48e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 58e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "net/http/http_auth_gssapi_posix.h" 68e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 78e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "base/basictypes.h" 88e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "base/logging.h" 98e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "base/memory/scoped_ptr.h" 108e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "base/native_library.h" 118e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "net/base/net_errors.h" 128e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "net/http/mock_gssapi_library_posix.h" 138e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project#include "testing/gtest/include/gtest/gtest.h" 148e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 158e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectnamespace net { 168e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 178e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectnamespace { 188e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 198e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project// gss_buffer_t helpers. 208e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectvoid ClearBuffer(gss_buffer_t dest) { 218e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (!dest) 228e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project return; 238e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project dest->length = 0; 248e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project delete [] reinterpret_cast<char*>(dest->value); 258e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project dest->value = NULL; 268e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 278e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 288e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectvoid SetBuffer(gss_buffer_t dest, const void* src, size_t length) { 298e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (!dest) 308e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project return; 318e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project ClearBuffer(dest); 328e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (!src) 338e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project return; 348e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project dest->length = length; 358e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (length) { 368e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project dest->value = new char[length]; 378e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project memcpy(dest->value, src, length); 388e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project } 398e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 408e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 418e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectvoid CopyBuffer(gss_buffer_t dest, const gss_buffer_t src) { 428e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (!dest) 438e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project return; 448e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project ClearBuffer(dest); 458e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project if (!src) 468e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project return; 478e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project SetBuffer(dest, src->value, src->length); 488e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 498e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 508e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectconst char kInitialAuthResponse[] = "Mary had a little lamb"; 518e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 528e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Projectvoid EstablishInitialContext(test::MockGSSAPILibrary* library) { 538e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::GssContextMockImpl context_info( 548e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "localhost", // Source name 558e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "example.com", // Target name 568e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 23, // Lifetime 578e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *GSS_C_NT_HOSTBASED_SERVICE, // Mechanism 588e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, // Context flags 598e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1, // Locally initiated 608e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0); // Open 618e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_buffer_desc in_buffer = {0, NULL}; 628e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_buffer_desc out_buffer = {arraysize(kInitialAuthResponse), 638e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project const_cast<char*>(kInitialAuthResponse)}; 648e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project library->ExpectSecurityContext( 658e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "Negotiate", 668e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project GSS_S_CONTINUE_NEEDED, 678e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, 688e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project context_info, 698e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project in_buffer, 708e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project out_buffer); 718e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 728e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 738e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} // namespace 748e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 758e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPIPOSIXTest, GSSAPIStartup) { 768e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // TODO(ahendrickson): Manipulate the libraries and paths to test each of the 778e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // libraries we expect, and also whether or not they have the interface 788e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // functions we want. 798e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project scoped_ptr<GSSAPILibrary> gssapi(new GSSAPISharedLibrary("")); 808e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project DCHECK(gssapi.get()); 818e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project DCHECK(gssapi.get()->Init()); 828e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 838e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 848e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPIPOSIXTest, GSSAPILoadCustomLibrary) { 858e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project scoped_ptr<GSSAPILibrary> gssapi( 868e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project new GSSAPISharedLibrary("/this/library/does/not/exist")); 878e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project DCHECK(!gssapi.get()->Init()); 888e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 898e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 908e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPIPOSIXTest, GSSAPICycle) { 918e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project scoped_ptr<test::MockGSSAPILibrary> mock_library(new test::MockGSSAPILibrary); 928e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project DCHECK(mock_library.get()); 938e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project mock_library->Init(); 948e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project const char kAuthResponse[] = "Mary had a little lamb"; 958e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::GssContextMockImpl context1( 968e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "localhost", // Source name 978e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "example.com", // Target name 988e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 23, // Lifetime 998e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *GSS_C_NT_HOSTBASED_SERVICE, // Mechanism 1008e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, // Context flags 1018e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1, // Locally initiated 1028e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0); // Open 1038e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::GssContextMockImpl context2( 1048e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "localhost", // Source name 1058e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "example.com", // Target name 1068e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 23, // Lifetime 1078e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project *GSS_C_NT_HOSTBASED_SERVICE, // Mechanism 1088e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, // Context flags 1098e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1, // Locally initiated 1108e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1); // Open 1118e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary::SecurityContextQuery queries[] = { 1128e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary::SecurityContextQuery( 1138e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "Negotiate", // Package name 1148e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project GSS_S_CONTINUE_NEEDED, // Major response code 1158e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, // Minor response code 1168e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project context1, // Context 1178e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project NULL, // Expected input token 1188e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project kAuthResponse), // Output token 1198e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary::SecurityContextQuery( 1208e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project "Negotiate", // Package name 1218e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project GSS_S_COMPLETE, // Major response code 1228e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 0, // Minor response code 1238e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project context2, // Context 1248e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project kAuthResponse, // Expected input token 1258e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project kAuthResponse) // Output token 1268e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project }; 1278e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1288e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project for (size_t i = 0; i < arraysize(queries); ++i) { 1298e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project mock_library->ExpectSecurityContext(queries[i].expected_package, 1308e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project queries[i].response_code, 1318e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project queries[i].minor_response_code, 1328e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project queries[i].context_info, 1338e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project queries[i].expected_input_token, 1348e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project queries[i].output_token); 1358e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project } 1368e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1378e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 major_status = 0; 1388e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 minor_status = 0; 1398e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_cred_id_t initiator_cred_handle = NULL; 1408e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_ctx_id_t context_handle = NULL; 1418e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_name_t target_name = NULL; 1428e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_OID mech_type = NULL; 1438e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 req_flags = 0; 1448e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 time_req = 25; 1458e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_channel_bindings_t input_chan_bindings = NULL; 1468e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_buffer_desc input_token = { 0, NULL }; 1478e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_OID actual_mech_type= NULL; 1488e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project gss_buffer_desc output_token = { 0, NULL }; 1498e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 ret_flags = 0; 1508e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project OM_uint32 time_rec = 0; 1518e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project for (size_t i = 0; i < arraysize(queries); ++i) { 1528e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project major_status = mock_library->init_sec_context(&minor_status, 1538e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project initiator_cred_handle, 1548e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &context_handle, 1558e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project target_name, 1568e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project mech_type, 1578e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project req_flags, 1588e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project time_req, 1598e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project input_chan_bindings, 1608e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &input_token, 1618e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &actual_mech_type, 1628e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &output_token, 1638e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &ret_flags, 1648e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &time_rec); 1658e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project CopyBuffer(&input_token, &output_token); 1668e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project ClearBuffer(&output_token); 1678e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project } 1688e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project ClearBuffer(&input_token); 1698e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project major_status = mock_library->delete_sec_context(&minor_status, 1708e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &context_handle, 1718e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project GSS_C_NO_BUFFER); 1728e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 1738e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1748e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPITest, ParseChallenge_FirstRound) { 1758e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // The first round should just consist of an unadorned "Negotiate" header. 1768e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary mock_library; 1778e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", 1788e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project CHROME_GSS_KRB5_MECH_OID_DESC); 1798e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string challenge_text = "Negotiate"; 1808e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), 1818e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project challenge_text.end()); 1828e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, 1838e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&challenge)); 1848e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 1858e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1868e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPITest, ParseChallenge_TwoRounds) { 1878e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // The first round should just have "Negotiate", and the second round should 1888e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // have a valid base64 token associated with it. 1898e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary mock_library; 1908e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", 1918e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project CHROME_GSS_KRB5_MECH_OID_DESC); 1928e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string first_challenge_text = "Negotiate"; 1938e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), 1948e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project first_challenge_text.end()); 1958e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, 1968e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&first_challenge)); 1978e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 1988e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // Generate an auth token and create another thing. 1998e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EstablishInitialContext(&mock_library); 2008e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string auth_token; 2018e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, NULL, 2028e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project L"HTTP/intranet.google.com", 2038e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &auth_token)); 2048e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2058e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string second_challenge_text = "Negotiate Zm9vYmFy"; 2068e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), 2078e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project second_challenge_text.end()); 2088e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, 2098e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&second_challenge)); 2108e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 2118e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2128e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPITest, ParseChallenge_UnexpectedTokenFirstRound) { 2138e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // If the first round challenge has an additional authentication token, it 2148e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // should be treated as an invalid challenge from the server. 2158e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary mock_library; 2168e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", 2178e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project CHROME_GSS_KRB5_MECH_OID_DESC); 2188e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string challenge_text = "Negotiate Zm9vYmFy"; 2198e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), 2208e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project challenge_text.end()); 2218e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, 2228e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&challenge)); 2238e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 2248e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2258e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPITest, ParseChallenge_MissingTokenSecondRound) { 2268e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // If a later-round challenge is simply "Negotiate", it should be treated as 227635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project // an authentication challenge rejection from the server or proxy. 228635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project test::MockGSSAPILibrary mock_library; 229635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", 230635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project CHROME_GSS_KRB5_MECH_OID_DESC); 231635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project std::string first_challenge_text = "Negotiate"; 232635860845790a19bf50bbc51ba8fb66a96dde068The Android Open Source Project HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), 2338e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project first_challenge_text.end()); 2348e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, 2358e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&first_challenge)); 2368e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2378e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EstablishInitialContext(&mock_library); 2388e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string auth_token; 2398e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, NULL, 2408e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project L"HTTP/intranet.google.com", 2418e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &auth_token)); 2428e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string second_challenge_text = "Negotiate"; 2438e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), 2448e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project second_challenge_text.end()); 2458e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, 2468e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&second_challenge)); 2478e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 2488e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2498e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source ProjectTEST(HttpAuthGSSAPITest, ParseChallenge_NonBase64EncodedToken) { 2508e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // If a later-round challenge has an invalid base64 encoded token, it should 2518e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project // be treated as an invalid challenge. 2528e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project test::MockGSSAPILibrary mock_library; 2538e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", 2548e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project CHROME_GSS_KRB5_MECH_OID_DESC); 2558e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string first_challenge_text = "Negotiate"; 2568e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer first_challenge(first_challenge_text.begin(), 2578e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project first_challenge_text.end()); 2588e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, 2598e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&first_challenge)); 2608e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2618e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EstablishInitialContext(&mock_library); 2628e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string auth_token; 2638e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, NULL, 2648e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project L"HTTP/intranet.google.com", 2658e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project &auth_token)); 2668e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project std::string second_challenge_text = "Negotiate =happyjoy="; 2678e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project HttpAuth::ChallengeTokenizer second_challenge(second_challenge_text.begin(), 2688e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project second_challenge_text.end()); 2698e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, 2708e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project auth_gssapi.ParseChallenge(&second_challenge)); 2718e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} 2728e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project 2738e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project} // namespace net 2748e35f3cfc7fba1d1c829dc557ebad6409cbe16a2The Android Open Source Project