The Tor Browser: extensions/auth/nsAuthSambaNTLM.cpp@b8a032363ba2 (annotated)

extensions/auth/nsAuthSambaNTLM.cpp@b8a032363ba2 (annotated)

extensions/auth/nsAuthSambaNTLM.cpp

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* vim:set ts=4 sw=4 et cindent: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "nsAuth.h"
 #include "nsAuthSambaNTLM.h"
 #include "prenv.h"
 #include "plbase64.h"
 #include "prerror.h"
 #include "mozilla/Telemetry.h"
 #include <stdlib.h>
 nsAuthSambaNTLM::nsAuthSambaNTLM()
     : mInitialMessage(nullptr), mChildPID(nullptr), mFromChildFD(nullptr),
       mToChildFD(nullptr)
 {
 }
 nsAuthSambaNTLM::~nsAuthSambaNTLM()
 {
     // ntlm_auth reads from stdin regularly so closing our file handles
     // should cause it to exit.
     Shutdown();
     free(mInitialMessage);
 }
 void
 nsAuthSambaNTLM::Shutdown()
 {
     if (mFromChildFD) {
         PR_Close(mFromChildFD);
         mFromChildFD = nullptr;
     }
     if (mToChildFD) {
         PR_Close(mToChildFD);
         mToChildFD = nullptr;
     }
     if (mChildPID) {
         int32_t exitCode;
         PR_WaitProcess(mChildPID, &exitCode);
         mChildPID = nullptr;
     }
 }
 NS_IMPL_ISUPPORTS(nsAuthSambaNTLM, nsIAuthModule)
 static bool
 SpawnIOChild(char* const* aArgs, PRProcess** aPID,
              PRFileDesc** aFromChildFD, PRFileDesc** aToChildFD)
 {
     PRFileDesc* toChildPipeRead;
     PRFileDesc* toChildPipeWrite;
     if (PR_CreatePipe(&toChildPipeRead, &toChildPipeWrite) != PR_SUCCESS)
         return false;
     PR_SetFDInheritable(toChildPipeRead, true);
     PR_SetFDInheritable(toChildPipeWrite, false);
     PRFileDesc* fromChildPipeRead;
     PRFileDesc* fromChildPipeWrite;
     if (PR_CreatePipe(&fromChildPipeRead, &fromChildPipeWrite) != PR_SUCCESS) {
         PR_Close(toChildPipeRead);
         PR_Close(toChildPipeWrite);
         return false;
     }
     PR_SetFDInheritable(fromChildPipeRead, false);
     PR_SetFDInheritable(fromChildPipeWrite, true);
     PRProcessAttr* attr = PR_NewProcessAttr();
     if (!attr) {
         PR_Close(fromChildPipeRead);
         PR_Close(fromChildPipeWrite);
         PR_Close(toChildPipeRead);
         PR_Close(toChildPipeWrite);
         return false;
     }
     PR_ProcessAttrSetStdioRedirect(attr, PR_StandardInput, toChildPipeRead);
     PR_ProcessAttrSetStdioRedirect(attr, PR_StandardOutput, fromChildPipeWrite);
     PRProcess* process = PR_CreateProcess(aArgs[0], aArgs, nullptr, attr);
     PR_DestroyProcessAttr(attr);
     PR_Close(fromChildPipeWrite);
     PR_Close(toChildPipeRead);
     if (!process) {
         LOG(("ntlm_auth exec failure [%d]", PR_GetError()));
         PR_Close(fromChildPipeRead);
         PR_Close(toChildPipeWrite);
         return false;
     }
     *aPID = process;
     *aFromChildFD = fromChildPipeRead;
     *aToChildFD = toChildPipeWrite;
     return true;
 }
 static bool WriteString(PRFileDesc* aFD, const nsACString& aString)
 {
     int32_t length = aString.Length();
     const char* s = aString.BeginReading();
     LOG(("Writing to ntlm_auth: %s", s));
     while (length > 0) {
         int result = PR_Write(aFD, s, length);
         if (result <= 0)
             return false;
         s += result;
         length -= result;
     }
     return true;
 }
 static bool ReadLine(PRFileDesc* aFD, nsACString& aString)
 {
     // ntlm_auth is defined to only send one line in response to each of our
     // input lines. So this simple unbuffered strategy works as long as we
     // read the response immediately after sending one request.
     aString.Truncate();
     for (;;) {
         char buf[1024];
         int result = PR_Read(aFD, buf, sizeof(buf));
         if (result <= 0)
             return false;
         aString.Append(buf, result);
         if (buf[result - 1] == '\n') {
             LOG(("Read from ntlm_auth: %s", nsPromiseFlatCString(aString).get()));
             return true;
         }
     }
 }
 /**
  * Returns a heap-allocated array of PRUint8s, and stores the length in aLen.
  * Returns nullptr if there's an error of any kind.
  */
 static uint8_t* ExtractMessage(const nsACString& aLine, uint32_t* aLen)
 {
     // ntlm_auth sends blobs to us as base64-encoded strings after the "xx "
     // preamble on the response line.
     int32_t length = aLine.Length();
     // The caller should verify there is a valid "xx " prefix and the line
     // is terminated with a \n
     NS_ASSERTION(length >= 4, "Line too short...");
     const char* line = aLine.BeginReading();
     const char* s = line + 3;
     length -= 4; // lose first 3 chars plus trailing \n
     NS_ASSERTION(s[length] == '\n', "aLine not newline-terminated");
     if (length & 3) {
         // The base64 encoded block must be multiple of 4. If not, something
         // screwed up.
         NS_WARNING("Base64 encoded block should be a multiple of 4 chars");
         return nullptr;
     }
     // Calculate the exact length. I wonder why there isn't a function for this
     // in plbase64.
     int32_t numEquals;
     for (numEquals = 0; numEquals < length; ++numEquals) {
         if (s[length - 1 - numEquals] != '=')
             break;
     }
     *aLen = (length/4)*3 - numEquals;
     return reinterpret_cast<uint8_t*>(PL_Base64Decode(s, length, nullptr));
 }
 nsresult
 nsAuthSambaNTLM::SpawnNTLMAuthHelper()
 {
     const char* username = PR_GetEnv("USER");
     if (!username)
         return NS_ERROR_FAILURE;
     const char* const args[] = {
         "ntlm_auth",
         "--helper-protocol", "ntlmssp-client-1",
         "--use-cached-creds",
         "--username", username,
         nullptr
     };
     bool isOK = SpawnIOChild(const_cast<char* const*>(args), &mChildPID, &mFromChildFD, &mToChildFD);
     if (!isOK)
         return NS_ERROR_FAILURE;
     if (!WriteString(mToChildFD, NS_LITERAL_CSTRING("YR\n")))
         return NS_ERROR_FAILURE;
     nsCString line;
     if (!ReadLine(mFromChildFD, line))
         return NS_ERROR_FAILURE;
     if (!StringBeginsWith(line, NS_LITERAL_CSTRING("YR "))) {
         // Something went wrong. Perhaps no credentials are accessible.
         return NS_ERROR_FAILURE;
     }
     // It gave us an initial client-to-server request packet. Save that
     // because we'll need it later.
     mInitialMessage = ExtractMessage(line, &mInitialMessageLen);
     if (!mInitialMessage)
         return NS_ERROR_FAILURE;
     return NS_OK;
 }
 NS_IMETHODIMP
 nsAuthSambaNTLM::Init(const char *serviceName,
                       uint32_t    serviceFlags,
                       const char16_t *domain,
                       const char16_t *username,
                       const char16_t *password)
 {
     NS_ASSERTION(!username && !domain && !password, "unexpected credentials");
     static bool sTelemetrySent = false;
     if (!sTelemetrySent) {
         mozilla::Telemetry::Accumulate(
             mozilla::Telemetry::NTLM_MODULE_USED_2,
             serviceFlags & nsIAuthModule::REQ_PROXY_AUTH
                 ? NTLM_MODULE_SAMBA_AUTH_PROXY
                 : NTLM_MODULE_SAMBA_AUTH_DIRECT);
         sTelemetrySent = true;
     }
     return NS_OK;
 }
 NS_IMETHODIMP
 nsAuthSambaNTLM::GetNextToken(const void *inToken,
                               uint32_t    inTokenLen,
                               void      **outToken,
                               uint32_t   *outTokenLen)
 {
     if (!inToken) {
         /* someone wants our initial message */
         *outToken = nsMemory::Clone(mInitialMessage, mInitialMessageLen);
         if (!*outToken)
             return NS_ERROR_OUT_OF_MEMORY;
         *outTokenLen = mInitialMessageLen;
         return NS_OK;
     }
     /* inToken must be a type 2 message. Get ntlm_auth to generate our response */
     char* encoded = PL_Base64Encode(static_cast<const char*>(inToken), inTokenLen, nullptr);
     if (!encoded)
         return NS_ERROR_OUT_OF_MEMORY;
     nsCString request;
     request.AssignLiteral("TT ");
     request.Append(encoded);
     free(encoded);
     request.Append('\n');
     if (!WriteString(mToChildFD, request))
         return NS_ERROR_FAILURE;
     nsCString line;
     if (!ReadLine(mFromChildFD, line))
         return NS_ERROR_FAILURE;
     if (!StringBeginsWith(line, NS_LITERAL_CSTRING("KK "))) {
         // Something went wrong. Perhaps no credentials are accessible.
         return NS_ERROR_FAILURE;
     }
     uint8_t* buf = ExtractMessage(line, outTokenLen);
     if (!buf)
         return NS_ERROR_FAILURE;
     // *outToken has to be freed by nsMemory::Free, which may not be free()
     *outToken = nsMemory::Clone(buf, *outTokenLen);
     if (!*outToken) {
         free(buf);
         return NS_ERROR_OUT_OF_MEMORY;
     }
     // We're done. Close our file descriptors now and reap the helper
     // process.
     Shutdown();
     return NS_SUCCESS_AUTH_FINISHED;
 }
 NS_IMETHODIMP
 nsAuthSambaNTLM::Unwrap(const void *inToken,
                         uint32_t    inTokenLen,
                         void      **outToken,
                         uint32_t   *outTokenLen)
 {
     return NS_ERROR_NOT_IMPLEMENTED;
 }
 NS_IMETHODIMP
 nsAuthSambaNTLM::Wrap(const void *inToken,
                       uint32_t    inTokenLen,
                       bool        confidential,
                       void      **outToken,
                       uint32_t   *outTokenLen)
 {
     return NS_ERROR_NOT_IMPLEMENTED;
 }

The Tor Browser / annotate

extensions/auth/nsAuthSambaNTLM.cpp@b8a032363ba2 (annotated)

extensions/auth/nsAuthSambaNTLM.cpp