||Also define _GSSAPI_H_ as that is what the Kerberos 5 code defines and
what header files on some systems look for.
||types of packages
||OpenBSD doesn't register inter-library dependencies in basesystem
libs therefor we need to load all the libraries gssapi depends on,
in the correct order and with LD_GLOBAL for GSSAPI auth to work
||Some remarks on thread safety ...
The thread safety of this class depends largely upon the thread safety of
the underlying GSSAPI and Kerberos libraries. This code just loads the
system GSSAPI library, and whilst it avoids loading known bad libraries,
it cannot determine the thread safety of the the code it loads.
When used with a non-threadsafe library, it is not safe to simultaneously
use multiple instantiations of this class.
When used with a threadsafe Kerberos library, multiple instantiations of
this class may happily co-exist. Methods may be sequentially called from
multiple threads. The nature of the GSSAPI protocol is such that a correct
implementation will never call methods in parallel, as the results of the
last call are required as input to the next.
||Returns a heap-allocated array of PRUint8s, and stores the length in aLen.
Returns nullptr if there's an error of any kind.
||This is an implementation of NTLM authentication that does single-signon
by obtaining the user's Unix username, parsing it into DOMAIN\name format,
and then asking Samba's ntlm_auth tool to do the authentication for us
using the user's password cached in winbindd, if available. If the
password is not available then this component fails to instantiate so
nsHttpNTLMAuth will fall back to a different NTLM implementation.
NOTE: at time of writing, this requires patches to be added to the stock
Samba winbindd and ntlm_auth!
||Limitations apply to this class's thread safety. See the header file
||This class is implemented using the nsAuthGSSAPI class, and the same
thread safety constraints which are documented in nsAuthGSSAPI.h
apply to this class