diff options
author | Jens-Heiner Rechtien <hr@openoffice.org> | 2009-09-17 14:41:33 +0000 |
---|---|---|
committer | Jens-Heiner Rechtien <hr@openoffice.org> | 2009-09-17 14:41:33 +0000 |
commit | 49c5701fbbc6a93ca0410719564ee22b5166ee48 (patch) | |
tree | 6dcd8396502f89c91b7ac29c20f1e9c23eaa9520 /ucb/source/ucp | |
parent | c932a23fb013889e14ce5096966221c22ed8f96a (diff) |
CWS-TOOLING: integrate CWS kso32fixes2
2009-09-14 kso #i104767# - 64 bit build breaker
2009-09-14 kso #i14767# - compiler warning
2009-09-08 kso i104767# - Removed obsolete header.
2009-09-08 kso i104767# - Removed obsolete header include.
2009-09-08 kso #i104767# - Fixed build breaker.
2009-09-07 kso #i104767# - merged in dev300 m57.
2009-09-07 kso #i104767# - support for system credentials usage
2009-09-07 kso #i104767# - support for system credentials usage
2009-09-07 kso #i104767# - support for system credentials usage
2009-09-07 kso #i104767# - support for system credentials usage
2009-09-07 kso #i104767# - support for system credentials usage
2009-09-07 Kai Sommerfeld #i104767# - support for system credentials usage
2009-09-07 Kai Sommerfeld #i104767# - support for system credentials usage
2009-09-07 ks93798 #i104767# - adaptions for NTLM SSO
Diffstat (limited to 'ucb/source/ucp')
-rw-r--r-- | ucb/source/ucp/ftp/ftpcontent.cxx | 1 | ||||
-rw-r--r-- | ucb/source/ucp/gio/gio_mount.cxx | 2 | ||||
-rw-r--r-- | ucb/source/ucp/gvfs/content.cxx | 3 | ||||
-rw-r--r-- | ucb/source/ucp/webdav/DAVAuthListener.hxx | 3 | ||||
-rw-r--r-- | ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx | 13 | ||||
-rw-r--r-- | ucb/source/ucp/webdav/DAVResourceAccess.cxx | 60 | ||||
-rw-r--r-- | ucb/source/ucp/webdav/NeonSession.cxx | 255 |
7 files changed, 193 insertions, 144 deletions
diff --git a/ucb/source/ucp/ftp/ftpcontent.cxx b/ucb/source/ucp/ftp/ftpcontent.cxx index c90afa97bf3c..e4533d872275 100644 --- a/ucb/source/ucp/ftp/ftpcontent.cxx +++ b/ucb/source/ucp/ftp/ftpcontent.cxx @@ -322,6 +322,7 @@ Any SAL_CALL FTPContent::execute( aAccount); rtl::Reference<ucbhelper::SimpleAuthenticationRequest> p( new ucbhelper::SimpleAuthenticationRequest( + m_aFTPURL.ident(false, false), m_aFTPURL.host(), // ServerName ucbhelper::SimpleAuthenticationRequest::ENTITY_NA, aRealm, diff --git a/ucb/source/ucp/gio/gio_mount.cxx b/ucb/source/ucp/gio/gio_mount.cxx index b3f562e503fc..2756262ce91d 100644 --- a/ucb/source/ucp/gio/gio_mount.cxx +++ b/ucb/source/ucp/gio/gio_mount.cxx @@ -123,7 +123,7 @@ static void ooo_mount_operation_ask_password (GMountOperation *op, aDomain = rtl::OUString(default_domain, strlen(default_domain), RTL_TEXTENCODING_UTF8); uno::Reference< ucbhelper::SimpleAuthenticationRequest > xRequest - = new ucbhelper::SimpleAuthenticationRequest (aHostName, eDomain, aDomain, eUserName, aUserName, ePassword, aPassword); + = new ucbhelper::SimpleAuthenticationRequest (rtl::OUString() /* FIXME: provide URL here */, aHostName, eDomain, aDomain, eUserName, aUserName, ePassword, aPassword); xIH->handle( xRequest.get() ); diff --git a/ucb/source/ucp/gvfs/content.cxx b/ucb/source/ucp/gvfs/content.cxx index ab00cec0907e..743043c09fc7 100644 --- a/ucb/source/ucp/gvfs/content.cxx +++ b/ucb/source/ucp/gvfs/content.cxx @@ -1609,7 +1609,8 @@ extern "C" { } rtl::Reference< ucbhelper::SimpleAuthenticationRequest > xRequest - = new ucbhelper::SimpleAuthenticationRequest (aHostName, eDomain, aDomain, + = new ucbhelper::SimpleAuthenticationRequest (GnomeToOUString(in->uri), + aHostName, eDomain, aDomain, eUserName, aUserName, ePassword, aPassword); diff --git a/ucb/source/ucp/webdav/DAVAuthListener.hxx b/ucb/source/ucp/webdav/DAVAuthListener.hxx index 4744b06f9649..548a4a0a97fa 100644 --- a/ucb/source/ucp/webdav/DAVAuthListener.hxx +++ b/ucb/source/ucp/webdav/DAVAuthListener.hxx @@ -49,7 +49,8 @@ class DAVAuthListener : public salhelper::SimpleReferenceObject const ::rtl::OUString & inHostName, ::rtl::OUString & inoutUserName, ::rtl::OUString & outPassWord, - const sal_Bool & bAllowPersistentStoring) = 0; + sal_Bool bAllowPersistentStoring, + sal_Bool bCanUseSystemCredentials ) = 0; }; } // namespace webdav_ucp diff --git a/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx b/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx index e697773eb198..db06b24b22bc 100644 --- a/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx +++ b/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx @@ -54,9 +54,9 @@ namespace webdav_ucp DAVAuthListener_Impl( const com::sun::star::uno::Reference< - com::sun::star::ucb::XCommandEnvironment>& xEnv ) - : m_xEnv( xEnv - ) + com::sun::star::ucb::XCommandEnvironment>& xEnv, + const ::rtl::OUString & inURL ) + : m_xEnv( xEnv ), m_aURL( inURL ) { } @@ -64,11 +64,14 @@ namespace webdav_ucp const ::rtl::OUString & inHostName, ::rtl::OUString & inoutUserName, ::rtl::OUString & outPassWord, - const sal_Bool & bAllowPersistentStoring); + sal_Bool bAllowPersistentStoring, + sal_Bool bCanUseSystemCredentials ); private: - com::sun::star::uno::Reference< + const com::sun::star::uno::Reference< com::sun::star::ucb::XCommandEnvironment > m_xEnv; + const rtl::OUString m_aURL; + rtl::OUString m_aPrevPassword; rtl::OUString m_aPrevUsername; }; diff --git a/ucb/source/ucp/webdav/DAVResourceAccess.cxx b/ucb/source/ucp/webdav/DAVResourceAccess.cxx index 0def59082476..67f8e5a386f0 100644 --- a/ucb/source/ucp/webdav/DAVResourceAccess.cxx +++ b/ucb/source/ucp/webdav/DAVResourceAccess.cxx @@ -60,7 +60,8 @@ int DAVAuthListener_Impl::authenticate( const ::rtl::OUString & inHostName, ::rtl::OUString & inoutUserName, ::rtl::OUString & outPassWord, - const sal_Bool & bAllowPersistentStoring) + sal_Bool bAllowPersistentStoring, + sal_Bool bCanUseSystemCredentials ) { if ( m_xEnv.is() ) { @@ -77,12 +78,14 @@ int DAVAuthListener_Impl::authenticate( outPassWord = m_aPrevPassword; rtl::Reference< ucbhelper::SimpleAuthenticationRequest > xRequest - = new ucbhelper::SimpleAuthenticationRequest( inHostName, + = new ucbhelper::SimpleAuthenticationRequest( m_aURL, + inHostName, inRealm, inoutUserName, outPassWord, ::rtl::OUString(), - bAllowPersistentStoring); + bAllowPersistentStoring, + bCanUseSystemCredentials ); xIH->handle( xRequest.get() ); rtl::Reference< ucbhelper::InteractionContinuation > xSelection @@ -99,8 +102,23 @@ int DAVAuthListener_Impl::authenticate( ucbhelper::InteractionSupplyAuthentication > & xSupp = xRequest->getAuthenticationSupplier(); - inoutUserName = xSupp->getUserName(); - outPassWord = xSupp->getPassword(); + sal_Bool bUseSystemCredentials = sal_False; + + if ( bCanUseSystemCredentials ) + bUseSystemCredentials = xSupp->getUseSystemCredentials(); + + if ( bUseSystemCredentials ) + { + // This is the (strange) way to tell neon to use + // system credentials. + inoutUserName = rtl::OUString(); + outPassWord = rtl::OUString(); + } + else + { + inoutUserName = xSupp->getUserName(); + outPassWord = xSupp->getPassword(); + } // #102871# - Remember username and password. m_aPrevUsername = inoutUserName; @@ -186,7 +204,7 @@ void DAVResourceAccess::OPTIONS( rCapabilities, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv) ); } catch ( DAVException & e ) @@ -231,7 +249,7 @@ void DAVResourceAccess::PROPFIND( rResources, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -273,7 +291,7 @@ void DAVResourceAccess::PROPFIND( rResInfo, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ) ; } catch ( DAVException & e ) @@ -313,7 +331,7 @@ void DAVResourceAccess::PROPPATCH( rValues, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -353,7 +371,7 @@ void DAVResourceAccess::HEAD( rResource, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -391,7 +409,7 @@ uno::Reference< io::XInputStream > DAVResourceAccess::GET( xStream = m_xSession->GET( getRequestURI(), DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -432,7 +450,7 @@ void DAVResourceAccess::GET( rStream, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -474,7 +492,7 @@ uno::Reference< io::XInputStream > DAVResourceAccess::GET( rResource, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -519,7 +537,7 @@ void DAVResourceAccess::GET( rResource, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -601,7 +619,7 @@ void DAVResourceAccess::PUT( xSeekableStream, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -655,7 +673,7 @@ uno::Reference< io::XInputStream > DAVResourceAccess::POST( xSeekableStream, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -719,7 +737,7 @@ void DAVResourceAccess::POST( rOutputStream, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -762,7 +780,7 @@ void DAVResourceAccess::MKCOL( m_xSession->MKCOL( getRequestURI(), DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) @@ -802,7 +820,7 @@ void DAVResourceAccess::COPY( rDestinationURI, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ), bOverwrite ); } @@ -843,7 +861,7 @@ void DAVResourceAccess::MOVE( rDestinationURI, DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ), bOverwrite ); } @@ -882,7 +900,7 @@ void DAVResourceAccess::DESTROY( m_xSession->DESTROY( getRequestURI(), DAVRequestEnvironment( getRequestURI(), - new DAVAuthListener_Impl( xEnv ), + new DAVAuthListener_Impl( xEnv, m_aURL ), aHeaders, xEnv ) ); } catch ( DAVException & e ) diff --git a/ucb/source/ucp/webdav/NeonSession.cxx b/ucb/source/ucp/webdav/NeonSession.cxx index f1028f0dc535..b455ffebbb9b 100644 --- a/ucb/source/ucp/webdav/NeonSession.cxx +++ b/ucb/source/ucp/webdav/NeonSession.cxx @@ -41,8 +41,9 @@ #include <ne_locks.h> #include <ne_ssl.h> #include "libxml/parser.h" -#include <rtl/ustrbuf.hxx> +#include "rtl/ustrbuf.hxx" #include "comphelper/sequence.hxx" +#include "ucbhelper/simplecertificatevalidationrequest.hxx" #include "DAVAuthListener.hxx" #include "NeonTypes.hxx" @@ -51,12 +52,9 @@ #include "NeonPropFindRequest.hxx" #include "NeonHeadRequest.hxx" #include "NeonUri.hxx" -#ifndef _LINKSEQUENCE_HXX_ #include "LinkSequence.hxx" -#endif - -#include <com/sun/star/xml/crypto/XSEInitializer.hpp> #include "UCBDeadPropertyValue.hxx" + #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> #include <com/sun/star/security/XCertificate.hpp> #include <com/sun/star/security/CertificateValidity.hpp> @@ -64,18 +62,10 @@ #include <com/sun/star/security/CertificateContainer.hpp> #include <com/sun/star/security/XCertificateContainer.hpp> #include <com/sun/star/task/XMasterPasswordHandling.hpp> - - -#ifndef _SIMPLECERTIFICATIONVALIDATIONREQUEST_HXX_ -#include "ucbhelper/simplecertificatevalidationrequest.hxx" -#endif - -#include <cppuhelper/bootstrap.hxx> - +#include <com/sun/star/xml/crypto/XSEInitializer.hpp> using namespace com::sun::star; using namespace webdav_ucp; -using namespace com::sun::star::security; #define SEINITIALIZER_COMPONENT "com.sun.star.xml.crypto.SEInitializer" @@ -258,6 +248,9 @@ extern "C" void NeonSession_ResponseBlockWriter( void * inUserData, // ------------------------------------------------------------------- extern "C" int NeonSession_NeonAuth( void * inUserData, +#ifdef NE_FEATURE_SSPI + const char * inAuthProtocol, +#endif const char * inRealm, int attempt, char * inoutUserName, @@ -274,8 +267,6 @@ extern "C" int NeonSession_NeonAuth( void * inUserData, * cancel the request. (if non-zero, username and password are * ignored.) */ - - #if 0 // Give'em only a limited mumber of retries.. if ( attempt > 9 ) @@ -333,18 +324,41 @@ extern "C" int NeonSession_NeonAuth( void * inUserData, //thePassWord = rtl::OUString::createFromAscii( inoutPassWord ); } - //i97003 (tkr): Ask XMasterPasswordHandling if we should store the credentials persistently and give this information to the SimpleAuthenticationRequest - uno::Reference< ::com::sun::star::task::XMasterPasswordHandling > xMasterPasswordHandling = - uno::Reference< ::com::sun::star::task::XMasterPasswordHandling >( - theSession->getMSF().get()->createInstance( rtl::OUString::createFromAscii( "com.sun.star.task.PasswordContainer" )), uno::UNO_QUERY ); - // - + bool bCanUseSystemCreds = false; + +#ifdef NE_FEATURE_SSPI + bCanUseSystemCreds = (attempt == 0) && // avoid endless loops + ne_has_support( NE_FEATURE_SSPI ) && // Windows-only feature. + ( ne_strcasecmp( inAuthProtocol, "NTLM" ) == 0 ) || + ( ne_strcasecmp( inAuthProtocol, "Negotiate" ) == 0 ); +#endif + + // #i97003# (tkr): Ask XMasterPasswordHandling if we should store the + // credentials persistently and give this information to the auth listener + uno::Reference< task::XMasterPasswordHandling > xMasterPasswordHandling; + try + { + xMasterPasswordHandling = + uno::Reference< task::XMasterPasswordHandling >( + theSession->getMSF()->createInstance( + rtl::OUString::createFromAscii( + "com.sun.star.task.PasswordContainer" )), + uno::UNO_QUERY ); + } + catch ( uno::Exception const & ) + { + } int theRetVal = pListener->authenticate( rtl::OUString::createFromAscii( inRealm ), theSession->getHostName(), theUserName, thePassWord, - xMasterPasswordHandling.is() ? xMasterPasswordHandling->isPersistentStoringAllowed() : sal_False); + xMasterPasswordHandling.is() + ? xMasterPasswordHandling-> + isPersistentStoringAllowed() + : sal_False, + bCanUseSystemCreds); rtl::OString aUser( rtl::OUStringToOString( theUserName, RTL_TEXTENCODING_UTF8 ) ); @@ -371,7 +385,6 @@ extern "C" int NeonSession_NeonAuth( void * inUserData, rtl::OUStringToOString( thePassWord, RTL_TEXTENCODING_UTF8 ) ); return theRetVal; - } // ------------------------------------------------------------------- @@ -381,128 +394,144 @@ namespace { // Helper function ::rtl::OUString GetHostnamePart( const ::rtl::OUString& _rRawString ) { - ::rtl::OUString sPart; - ::rtl::OUString sPartId = ::rtl::OUString::createFromAscii( "CN=" ); - sal_Int32 nContStart = _rRawString.indexOf( sPartId ); - if ( nContStart != -1 ) - { - nContStart = nContStart + sPartId.getLength(); - sal_Int32 nContEnd = _rRawString.indexOf( sal_Unicode( ',' ), nContStart ); - sPart = _rRawString.copy( nContStart, nContEnd - nContStart ); - } - return sPart; + ::rtl::OUString sPart; + ::rtl::OUString sPartId = ::rtl::OUString::createFromAscii( "CN=" ); + sal_Int32 nContStart = _rRawString.indexOf( sPartId ); + if ( nContStart != -1 ) + { + nContStart = nContStart + sPartId.getLength(); + sal_Int32 nContEnd + = _rRawString.indexOf( sal_Unicode( ',' ), nContStart ); + sPart = _rRawString.copy( nContStart, nContEnd - nContStart ); + } + return sPart; } } + // ------------------------------------------------------------------- extern "C" int NeonSession_CertificationNotify( void *userdata, int failures, const ne_ssl_certificate *cert ) { - OSL_ASSERT(cert); - NeonSession * pSession = static_cast< NeonSession * >( userdata ); - uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnv; - uno::Reference< ::com::sun::star::security::XCertificateContainer > xCertificateContainer; - + OSL_ASSERT( cert ); - xCertificateContainer = uno::Reference< ::com::sun::star::security::XCertificateContainer >( - pSession->getMSF().get()->createInstance( rtl::OUString::createFromAscii( "com.sun.star.security.CertificateContainer" )), uno::UNO_QUERY ); + NeonSession * pSession = static_cast< NeonSession * >( userdata ); + uno::Reference< security::XCertificateContainer > xCertificateContainer; + try + { + xCertificateContainer + = uno::Reference< security::XCertificateContainer >( + pSession->getMSF()->createInstance( + rtl::OUString::createFromAscii( + "com.sun.star.security.CertificateContainer" ) ), + uno::UNO_QUERY ); + } + catch ( uno::Exception const & ) + { + } - // YD if xmlsecurity is not built (os2), we cannot continue. - if (!xCertificateContainer.is()) + if ( !xCertificateContainer.is() ) return 1; - char * dn; - failures = 0; - dn = ne_ssl_readable_dname( ne_ssl_cert_subject( cert ) ); - + char * dn = ne_ssl_readable_dname( ne_ssl_cert_subject( cert ) ); rtl::OUString cert_subject( dn, strlen( dn ), RTL_TEXTENCODING_UTF8, 0 ); free( dn ); - CertificateContainerStatus certificateContainer; - certificateContainer = xCertificateContainer.get()->hasCertificate( pSession->getHostName(), cert_subject ); + security::CertificateContainerStatus certificateContainer( + xCertificateContainer->hasCertificate( + pSession->getHostName(), cert_subject ) ); + + if ( certificateContainer != security::CertificateContainerStatus_NOCERT ) + return + certificateContainer == security::CertificateContainerStatus_TRUSTED + ? 0 + : 1; - if( certificateContainer != CertificateContainerStatus_NOCERT ) + uno::Reference< xml::crypto::XSEInitializer > xSEInitializer; + try + { + xSEInitializer = uno::Reference< xml::crypto::XSEInitializer >( + pSession->getMSF()->createInstance( + rtl::OUString::createFromAscii( SEINITIALIZER_COMPONENT ) ), + uno::UNO_QUERY ); + } + catch ( uno::Exception const & ) { - if( certificateContainer == CertificateContainerStatus_TRUSTED ) - return 0; - else - return 1; } - rtl::OUString sSEInitializer; - ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XSEInitializer > mxSEInitializer; - ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XXMLSecurityContext > mxSecurityContext; - - sSEInitializer = rtl::OUString::createFromAscii( SEINITIALIZER_COMPONENT ); - mxSEInitializer = uno::Reference< com::sun::star::xml::crypto::XSEInitializer > ( - pSession->getMSF().get()->createInstance( sSEInitializer ), uno::UNO_QUERY ); - - if ( mxSEInitializer.is() ) - mxSecurityContext = mxSEInitializer->createSecurityContext( rtl::OUString::createFromAscii( "" ) ); + if ( !xSEInitializer.is() ) + return 1; - xSecurityEnv = mxSecurityContext->getSecurityEnvironment(); + uno::Reference< xml::crypto::XXMLSecurityContext > xSecurityContext( + xSEInitializer->createSecurityContext( rtl::OUString() ) ); + uno::Reference< xml::crypto::XSecurityEnvironment > xSecurityEnv( + xSecurityContext->getSecurityEnvironment() ); //The end entity certificate char * eeCertB64 = ne_ssl_cert_export( cert ); - ::rtl::OString sEECertB64( eeCertB64 ); + rtl::OString sEECertB64( eeCertB64 ); - uno::Reference< com::sun::star::security::XCertificate> xEECert = + uno::Reference< com::sun::star::security::XCertificate > xEECert( xSecurityEnv->createCertificateFromAscii( - ::rtl::OStringToOUString( sEECertB64, RTL_TEXTENCODING_ASCII_US ) ); + rtl::OStringToOUString( sEECertB64, RTL_TEXTENCODING_ASCII_US ) ) ); - free(eeCertB64); - eeCertB64 = NULL; + ne_free( eeCertB64 ); + eeCertB64 = 0; - std::vector<uno::Reference<com::sun::star::security::XCertificate> > vecCerts; + std::vector< uno::Reference< security::XCertificate > > vecCerts; const ne_ssl_certificate * issuerCert = cert; do { //get the intermediate certificate //the returned value is const ! Therfore it does not need to be freed //with ne_ssl_cert_free, which takes a non-const argument - issuerCert = ne_ssl_cert_signedby(issuerCert); - if (NULL == issuerCert) + issuerCert = ne_ssl_cert_signedby( issuerCert ); + if ( NULL == issuerCert ) break; - char * imCertB64 = ne_ssl_cert_export(issuerCert); - ::rtl::OString sInterMediateCertB64(imCertB64); - free(imCertB64); - uno::Reference< com::sun::star::security::XCertificate> xImCert = + char * imCertB64 = ne_ssl_cert_export( issuerCert ); + rtl::OString sInterMediateCertB64( imCertB64 ); + ne_free( imCertB64 ); + + uno::Reference< security::XCertificate> xImCert( xSecurityEnv->createCertificateFromAscii( - ::rtl::OStringToOUString( sInterMediateCertB64, RTL_TEXTENCODING_ASCII_US ) ); - if (xImCert.is()) - vecCerts.push_back(xImCert); - }while (1); + rtl::OStringToOUString( + sInterMediateCertB64, RTL_TEXTENCODING_ASCII_US ) ) ); + if ( xImCert.is() ) + vecCerts.push_back( xImCert ); + } + while ( 1 ); sal_Int64 certValidity = xSecurityEnv->verifyCertificate( xEECert, - ::comphelper::containerToSequence(vecCerts) ); + ::comphelper::containerToSequence( vecCerts ) ); - - if ( pSession->isDomainMatch( GetHostnamePart( xEECert.get()->getSubjectName())) ) + if ( pSession->isDomainMatch( + GetHostnamePart( xEECert.get()->getSubjectName() ) ) ) { - //if host name matched with certificate then look if the certificate was ok - if( certValidity == ::security::CertificateValidity::VALID ) + // if host name matched with certificate then look if the + // certificate was ok + if( certValidity == security::CertificateValidity::VALID ) return 0; } - const uno::Reference< ucb::XCommandEnvironment > xEnv = - pSession->getRequestEnvironment().m_xEnv.get(); - + const uno::Reference< ucb::XCommandEnvironment > xEnv( + pSession->getRequestEnvironment().m_xEnv ); if ( xEnv.is() ) { - failures = static_cast<int>(certValidity); + failures = static_cast< int >( certValidity ); - uno::Reference< task::XInteractionHandler > xIH - = xEnv->getInteractionHandler(); + uno::Reference< task::XInteractionHandler > xIH( + xEnv->getInteractionHandler() ); if ( xIH.is() ) { - rtl::Reference< ucbhelper::SimpleCertificateValidationRequest > xRequest - = new ucbhelper::SimpleCertificateValidationRequest((sal_Int32)failures, xEECert, pSession->getHostName() ); + rtl::Reference< ucbhelper::SimpleCertificateValidationRequest > + xRequest( new ucbhelper::SimpleCertificateValidationRequest( + (sal_Int32)failures, xEECert, pSession->getHostName() ) ); xIH->handle( xRequest.get() ); rtl::Reference< ucbhelper::InteractionContinuation > xSelection @@ -510,31 +539,34 @@ extern "C" int NeonSession_CertificationNotify( void *userdata, if ( xSelection.is() ) { - uno::Reference< task::XInteractionApprove > xApprove( + uno::Reference< task::XInteractionApprove > xApprove( xSelection.get(), uno::UNO_QUERY ); - if ( xApprove.is() ) + if ( xApprove.is() ) { - xCertificateContainer->addCertificate(pSession->getHostName(), cert_subject, sal_True ); + xCertificateContainer->addCertificate( + pSession->getHostName(), cert_subject, sal_True ); return 0; - } else { - // Dont trust Cert - xCertificateContainer->addCertificate(pSession->getHostName(), cert_subject, sal_False ); + } + else + { + // Don't trust cert + xCertificateContainer->addCertificate( + pSession->getHostName(), cert_subject, sal_False ); return 1; } - } - } else + } + else { - // Dont trust Cert - xCertificateContainer->addCertificate(pSession->getHostName(), cert_subject, sal_False ); + // Don't trust cert + xCertificateContainer->addCertificate( + pSession->getHostName(), cert_subject, sal_False ); return 1; } - - } - return 1; } + // ------------------------------------------------------------------- extern "C" void NeonSession_PreSendRequest( ne_request * req, void * userdata, @@ -604,9 +636,10 @@ extern "C" void NeonSession_PreSendRequest( ne_request * req, ++it1; } - } } +} // namespace + // ------------------------------------------------------------------- // Constructor // ------------------------------------------------------------------- @@ -755,7 +788,6 @@ void NeonSession::Init() // ne_buffer *header); ne_hook_pre_send( m_pHttpSession, NeonSession_PreSendRequest, this ); - #if 0 /* Hook called after the request is sent. May return: * NE_OK everything is okay @@ -802,15 +834,8 @@ void NeonSession::Init() ne_redirect_register( m_pHttpSession ); // authentication callbacks. - - // Note: Calling ne_set_[server|proxy]_auth more than once per - // m_pHttpSession instance sometimes(?) crashes Neon! ( last - // checked: 0.22.0) - //ne_set_server_auth( m_pHttpSession, NeonSession_NeonAuth, this ); ne_add_server_auth( m_pHttpSession, NE_AUTH_ALL, NeonSession_NeonAuth, this ); - //ne_set_proxy_auth ( m_pHttpSession, NeonSession_NeonAuth, this ); ne_add_proxy_auth ( m_pHttpSession, NE_AUTH_ALL, NeonSession_NeonAuth, this ); - } } |