NS_IMETHODIMP
nsMsgWindow::DisplayHTMLInMessagePane(const nsAString& title, const nsAString& body, bool clearMsgHdr)
{
if (clearMsgHdr && mMsgWindowCommands)
mMsgWindowCommands->ClearMsgPane();
nsString htmlStr;
htmlStr.Append(NS_LITERAL_STRING("<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"></head><body>").get());
htmlStr.Append(body);
htmlStr.Append(NS_LITERAL_STRING("</body></html>").get());
char *encodedHtml = PL_Base64Encode(NS_ConvertUTF16toUTF8(htmlStr).get(), 0, nsnull);
if (!encodedHtml)
return NS_ERROR_OUT_OF_MEMORY;
nsCString dataSpec;
dataSpec = "data:text/html;base64,";
dataSpec += encodedHtml;
PR_FREEIF(encodedHtml);
nsCOMPtr <nsIDocShell> docShell;
GetMessageWindowDocShell(getter_AddRefs(docShell));
NS_ENSURE_TRUE(docShell, NS_ERROR_FAILURE);
nsCOMPtr<nsIWebNavigation> webNav(do_QueryInterface(docShell));
NS_ENSURE_TRUE(webNav, NS_ERROR_FAILURE);
return webNav->LoadURI(NS_ConvertASCIItoUTF16(dataSpec).get(),
nsIWebNavigation::LOAD_FLAGS_NONE,
nsnull, nsnull, nsnull);
}
static int
ExportPublicKey(FILE *outFile, CERTCertificate *cert)
{
char *data;
SECKEYPublicKey *publicKey;
SECItem *item;
if (!cert)
return -1;
publicKey = CERT_ExtractPublicKey(cert);
if (!publicKey)
return -1;
item = SECKEY_EncodeDERSubjectPublicKeyInfo(publicKey);
SECKEY_DestroyPublicKey(publicKey);
if (!item)
return -1;
data = PL_Base64Encode((const char*)item->data, item->len, NULL);
SECITEM_FreeItem(item, PR_TRUE);
if (!data)
return -1;
fputs("pubkey:\n", outFile);
fputs(data, outFile);
fputs("\n", outFile);
PR_Free(data);
return 0;
}
Btoa(JSContext *cx, JSObject *obj, uintN argc, jsval *argv, jsval *rval)
{
JSString *str;
if (!argc)
return JS_TRUE;
str = JS_ValueToString(cx, argv[0]);
if (!str)
return JS_FALSE;
char *bin_data = JS_GetStringBytes(str);
size_t bin_dataLength = JS_GetStringLength(str);
char *base64 = PL_Base64Encode(bin_data, bin_dataLength, nsnull);
if (!base64)
return JS_FALSE;
PRUint32 base64Length = ((bin_dataLength + 2) / 3) * 4;
str = JS_NewStringCopyN(cx, base64, base64Length);
PR_Free(base64);
if (!str)
return JS_FALSE;
*rval = STRING_TO_JSVAL(str);
return JS_TRUE;
}
//----------------------------------------------------------------------------------------
void nsPersistentFileDescriptor::operator = (const nsFileSpec& inSpec)
//----------------------------------------------------------------------------------------
{
#if defined(XP_MAC)
if (inSpec.Error())
return;
AliasHandle aliasH;
OSErr err = NewAlias(nil, inSpec.GetFSSpecPtr(), &aliasH);
if (err != noErr)
return;
PRUint32 bytes = GetHandleSize((Handle) aliasH);
HLock((Handle) aliasH);
char* buf = PL_Base64Encode((const char*)*aliasH, bytes, nsnull);
DisposeHandle((Handle) aliasH);
mDescriptorString = buf;
PR_Free(buf);
#elif defined(XP_MACOSX)
if (inSpec.Error())
return;
FSRef fileRef;
Boolean isDir;
OSErr err = ::FSPathMakeRef((const UInt8*)inSpec.GetCString(), &fileRef, &isDir);
if (err != noErr)
return;
AliasHandle aliasH;
err = ::FSNewAlias(nsnull, &fileRef, &aliasH);
if (err != noErr)
return;
PRUint32 bytes = ::GetHandleSize((Handle) aliasH);
::HLock((Handle)aliasH);
char* buf = PL_Base64Encode((const char*)*aliasH, bytes, nsnull);
::DisposeHandle((Handle) aliasH);
mDescriptorString = buf;
PR_Free(buf);
#else
mDescriptorString = inSpec.GetCString();
#endif // XP_MAC
} // nsPersistentFileDescriptor::operator =
nsresult nsCMSSecureMessage::
encode(const unsigned char *data, PRInt32 dataLen, char **_retval)
{
nsresult rv = NS_OK;
*_retval = PL_Base64Encode((const char *)data, dataLen, NULL);
if (!*_retval) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
loser:
return rv;
}
/**
* Print base64-encoded token to the NSPR Log.
* @param name Description of the token, will be printed in front
* @param token The token to print
* @param tokenLen length of the data in token
*/
static void LogToken(const char *name, const void *token, uint32_t tokenLen)
{
if (!LOG_ENABLED())
return;
char *b64data = PL_Base64Encode((const char *) token, tokenLen, nullptr);
if (b64data)
{
PR_LogPrint("%s: %s\n", name, b64data);
PR_Free(b64data);
}
}
nsresult
nsBase64Encoder::Finish(nsCSubstring& result)
{
char* b64 = PL_Base64Encode(mData.get(), mData.Length(), nsnull);
if (!b64)
return NS_ERROR_OUT_OF_MEMORY;
result.Assign(b64);
PR_Free(b64);
// Free unneeded memory and allow reusing the object
mData.Truncate();
return NS_OK;
}
NS_IMETHODIMP
nsAuthSambaNTLM::GetNextToken(const void *inToken,
PRUint32 inTokenLen,
void **outToken,
PRUint32 *outTokenLen)
{
if (!inToken) {
/* someone wants our initial message */
*outToken = nsMemory::Clone(mInitialMessage, mInitialMessageLen);
if (!*outToken)
return NS_ERROR_OUT_OF_MEMORY;
*outTokenLen = mInitialMessageLen;
return NS_OK;
}
/* inToken must be a type 2 message. Get ntlm_auth to generate our response */
char* encoded = PL_Base64Encode(static_cast<const char*>(inToken), inTokenLen, nullptr);
if (!encoded)
return NS_ERROR_OUT_OF_MEMORY;
nsCString request;
request.AssignLiteral("TT ");
request.Append(encoded);
free(encoded);
request.Append('\n');
if (!WriteString(mToChildFD, request))
return NS_ERROR_FAILURE;
nsCString line;
if (!ReadLine(mFromChildFD, line))
return NS_ERROR_FAILURE;
if (!StringBeginsWith(line, NS_LITERAL_CSTRING("KK "))) {
// Something went wrong. Perhaps no credentials are accessible.
return NS_ERROR_FAILURE;
}
PRUint8* buf = ExtractMessage(line, outTokenLen);
if (!buf)
return NS_ERROR_FAILURE;
// *outToken has to be freed by nsMemory::Free, which may not be free()
*outToken = nsMemory::Clone(buf, *outTokenLen);
if (!*outToken) {
free(buf);
return NS_ERROR_OUT_OF_MEMORY;
}
// We're done. Close our file descriptors now and reap the helper
// process.
Shutdown();
return NS_SUCCESS_AUTH_FINISHED;
}
nsresult nsSecretDecoderRing::
encode(const unsigned char *data, PRInt32 dataLen, char **_retval)
{
nsresult rv = NS_OK;
char *result = PL_Base64Encode((const char *)data, dataLen, NULL);
if (!result) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
*_retval = NS_strdup(result);
PR_DELETE(result);
if (!*_retval) { rv = NS_ERROR_OUT_OF_MEMORY; goto loser; }
loser:
return rv;
}
NS_IMETHODIMP
nsHttpBasicAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
bool isProxyAuth,
const PRUnichar *domain,
const PRUnichar *user,
const PRUnichar *password,
nsISupports **sessionState,
nsISupports **continuationState,
uint32_t *aFlags,
char **creds)
{
LOG(("nsHttpBasicAuth::GenerateCredentials [challenge=%s]\n", challenge));
NS_ENSURE_ARG_POINTER(creds);
*aFlags = 0;
// we only know how to deal with Basic auth for http.
bool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5);
NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED);
// we work with ASCII around here
nsAutoCString userpass;
LossyCopyUTF16toASCII(user, userpass);
userpass.Append(':'); // always send a ':' (see bug 129565)
if (password)
LossyAppendUTF16toASCII(password, userpass);
// plbase64.h provides this worst-case output buffer size calculation.
// use calloc, since PL_Base64Encode does not null terminate.
*creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1);
if (!*creds)
return NS_ERROR_OUT_OF_MEMORY;
memcpy(*creds, "Basic ", 6);
PL_Base64Encode(userpass.get(), userpass.Length(), *creds + 6);
return NS_OK;
}
static
nsresult
Base64urlEncode(const PRUint8* aBytes,
PRUint32 aNumBytes,
nsCString& _result)
{
// SetLength does not set aside space for NULL termination. PL_Base64Encode
// will not NULL terminate, however, nsCStrings must be NULL terminated. As a
// result, we set the capacity to be one greater than what we need, and the
// length to our desired length.
PRUint32 length = (aNumBytes + 2) / 3 * 4; // +2 due to integer math.
NS_ENSURE_TRUE(_result.SetCapacity(length + 1), NS_ERROR_OUT_OF_MEMORY);
_result.SetLength(length);
(void)PL_Base64Encode(reinterpret_cast<const char*>(aBytes), aNumBytes,
_result.BeginWriting());
// base64url encoding is defined in RFC 4648. It replaces the last two
// alphabet characters of base64 encoding with '-' and '_' respectively.
_result.ReplaceChar('+', '-');
_result.ReplaceChar('/', '_');
return NS_OK;
}
static int do_send_mail(ews_session * session,
const char * content,
int len_content,
char ** pp_err_msg) {
char * encoded_content = PL_Base64Encode(content,
len_content,
nullptr);
ews_msg_item msg_item;
memset(&msg_item, 0, sizeof(ews_msg_item));
msg_item.item.item_type = EWS_Item_Message;
msg_item.item.mime_content = encoded_content;
int ret = ews_send_item(session,
&msg_item,
pp_err_msg);
PR_Free(encoded_content);
return ret;
}
nsresult nsAbManager::AppendProperty(const char *aProperty, const PRUnichar *aValue, nsACString &aResult)
{
NS_ENSURE_ARG_POINTER(aValue);
aResult += aProperty;
// if the string is not safe "as is", base64 encode it
if (IsSafeLDIFString(aValue)) {
aResult.AppendLiteral(": ");
aResult.Append(NS_LossyConvertUTF16toASCII(aValue));
}
else {
char *base64Str = PL_Base64Encode(NS_ConvertUTF16toUTF8(aValue).get(), 0, nsnull);
if (!base64Str)
return NS_ERROR_OUT_OF_MEMORY;
aResult.AppendLiteral(":: ");
aResult.Append(nsDependentCString(base64Str));
PR_Free(base64Str);
}
return NS_OK;
}
NS_IMETHODIMP
nsHttpNTLMAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
bool isProxyAuth,
const PRUnichar *domain,
const PRUnichar *user,
const PRUnichar *pass,
nsISupports **sessionState,
nsISupports **continuationState,
uint32_t *aFlags,
char **creds)
{
LOG(("nsHttpNTLMAuth::GenerateCredentials\n"));
*creds = nullptr;
*aFlags = 0;
// if user or password is empty, ChallengeReceived returned
// identityInvalid = false, that means we are using default user
// credentials; see nsAuthSSPI::Init method for explanation of this
// condition
if (!user || !pass)
*aFlags = USING_INTERNAL_IDENTITY;
nsresult rv;
nsCOMPtr<nsIAuthModule> module = do_QueryInterface(*continuationState, &rv);
NS_ENSURE_SUCCESS(rv, rv);
void *inBuf, *outBuf;
uint32_t inBufLen, outBufLen;
// initial challenge
if (PL_strcasecmp(challenge, "NTLM") == 0) {
// NTLM service name format is 'HTTP@host' for both http and https
nsCOMPtr<nsIURI> uri;
rv = authChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv))
return rv;
nsAutoCString serviceName, host;
rv = uri->GetAsciiHost(host);
if (NS_FAILED(rv))
return rv;
serviceName.AppendLiteral("HTTP@");
serviceName.Append(host);
// initialize auth module
uint32_t reqFlags = nsIAuthModule::REQ_DEFAULT;
if (isProxyAuth)
reqFlags |= nsIAuthModule::REQ_PROXY_AUTH;
rv = module->Init(serviceName.get(), reqFlags, domain, user, pass);
if (NS_FAILED(rv))
return rv;
// This update enables updated Windows machines (Win7 or patched previous
// versions) and Linux machines running Samba (updated for Channel
// Binding), to perform Channel Binding when authenticating using NTLMv2
// and an outer secure channel.
//
// Currently only implemented for Windows, linux support will be landing in
// a separate patch, update this #ifdef accordingly then.
#if defined (XP_WIN) /* || defined (LINUX) */
// We should retrieve the server certificate and compute the CBT,
// but only when we are using the native NTLM implementation and
// not the internal one.
// It is a valid case not having the security info object. This
// occures when we connect an https site through an ntlm proxy.
// After the ssl tunnel has been created, we get here the second
// time and now generate the CBT from now valid security info.
nsCOMPtr<nsIChannel> channel = do_QueryInterface(authChannel, &rv);
if (NS_FAILED(rv))
return rv;
nsCOMPtr<nsISupports> security;
rv = channel->GetSecurityInfo(getter_AddRefs(security));
if (NS_FAILED(rv))
return rv;
nsCOMPtr<nsISSLStatusProvider> statusProvider =
do_QueryInterface(security);
if (mUseNative && statusProvider) {
nsCOMPtr<nsISSLStatus> status;
rv = statusProvider->GetSSLStatus(getter_AddRefs(status));
if (NS_FAILED(rv))
return rv;
nsCOMPtr<nsIX509Cert> cert;
rv = status->GetServerCert(getter_AddRefs(cert));
if (NS_FAILED(rv))
return rv;
uint32_t length;
uint8_t* certArray;
cert->GetRawDER(&length, &certArray);
// If there is a server certificate, we pass it along the
// first time we call GetNextToken().
inBufLen = length;
inBuf = certArray;
} else {
// If there is no server certificate, we don't pass anything.
inBufLen = 0;
inBuf = nullptr;
}
#else // Extended protection update is just for Linux and Windows machines.
inBufLen = 0;
inBuf = nullptr;
#endif
}
else {
// decode challenge; skip past "NTLM " to the start of the base64
// encoded data.
int len = strlen(challenge);
if (len < 6)
return NS_ERROR_UNEXPECTED; // bogus challenge
challenge += 5;
len -= 5;
// strip off any padding (see bug 230351)
while (challenge[len - 1] == '=')
len--;
// decode into the input secbuffer
inBufLen = (len * 3)/4; // sufficient size (see plbase64.h)
inBuf = nsMemory::Alloc(inBufLen);
if (!inBuf)
return NS_ERROR_OUT_OF_MEMORY;
if (PL_Base64Decode(challenge, len, (char *) inBuf) == nullptr) {
nsMemory::Free(inBuf);
return NS_ERROR_UNEXPECTED; // improper base64 encoding
}
}
rv = module->GetNextToken(inBuf, inBufLen, &outBuf, &outBufLen);
if (NS_SUCCEEDED(rv)) {
// base64 encode data in output buffer and prepend "NTLM "
int credsLen = 5 + ((outBufLen + 2)/3)*4;
*creds = (char *) nsMemory::Alloc(credsLen + 1);
if (!*creds)
rv = NS_ERROR_OUT_OF_MEMORY;
else {
memcpy(*creds, "NTLM ", 5);
PL_Base64Encode((char *) outBuf, outBufLen, *creds + 5);
(*creds)[credsLen] = '\0'; // null terminate
}
// OK, we are done with |outBuf|
nsMemory::Free(outBuf);
}
if (inBuf)
nsMemory::Free(inBuf);
return rv;
}
static int
SignFile(FILE *outFile, PRFileDesc *inFile, CERTCertificate *cert)
{
SECItem data2sign;
SECStatus rv;
char *data;
SECKEYPrivateKey *privKey;
SECOidTag algID;
PLArenaPool *arena;
CERTSignedData sd;
SECItem *result;
if (outFile == NULL || inFile == NULL || cert == NULL)
return -1;
/* suck the file in */
if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE,
PR_FALSE) != SECSuccess)
return -1;
privKey = NULL;
privKey = PK11_FindKeyByAnyCert(cert, NULL);
algID = SEC_GetSignatureAlgorithmOidTag(privKey->keyType, SEC_OID_SHA1);
if (algID == SEC_OID_UNKNOWN)
return -1;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
PORT_Memset(&sd, 0, sizeof(CERTSignedData));
rv = SEC_SignData(&(sd.signature), data2sign.data, data2sign.len, privKey, algID);
if (rv != SECSuccess) {
fprintf (stderr, "Could not sign.\n");
return -1;
}
sd.signature.len = sd.signature.len << 3;
rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
if (rv != SECSuccess) {
fprintf (stderr, "Could not set alg id.\n");
return -1;
}
result = SEC_ASN1EncodeItem(arena, NULL, &sd, CERTSignatureDataTemplate);
SECITEM_FreeItem(&(sd.signature), PR_FALSE);
if (!result) {
fprintf (stderr, "Could not encode.\n");
return -1;
}
data = PL_Base64Encode((const char*)result->data, result->len, NULL);
if (!data)
return -1;
fputs("signature:\n", outFile);
fputs(data, outFile);
fputs("\n", outFile);
ExportPublicKey(outFile, cert);
SECKEY_DestroyPrivateKey(privKey);
PORT_FreeArena(arena, PR_FALSE);
return 0;
}
//
// GenerateCredentials
//
// This routine is responsible for creating the correct authentication
// blob to pass to the server that requested "Negotiate" authentication.
//
NS_IMETHODIMP
nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
const char *challenge,
bool isProxyAuth,
const PRUnichar *domain,
const PRUnichar *username,
const PRUnichar *password,
nsISupports **sessionState,
nsISupports **continuationState,
PRUint32 *flags,
char **creds)
{
// ChallengeReceived must have been called previously.
nsIAuthModule *module = (nsIAuthModule *) *continuationState;
NS_ENSURE_TRUE(module, NS_ERROR_NOT_INITIALIZED);
*flags = USING_INTERNAL_IDENTITY;
LOG(("nsHttpNegotiateAuth::GenerateCredentials() [challenge=%s]\n", challenge));
NS_ASSERTION(creds, "null param");
#ifdef DEBUG
bool isGssapiAuth =
!PL_strncasecmp(challenge, kNegotiate, kNegotiateLen);
NS_ASSERTION(isGssapiAuth, "Unexpected challenge");
#endif
//
// If the "Negotiate:" header had some data associated with it,
// that data should be used as the input to this call. This may
// be a continuation of an earlier call because GSSAPI authentication
// often takes multiple round-trips to complete depending on the
// context flags given. We want to use MUTUAL_AUTHENTICATION which
// generally *does* require multiple round-trips. Don't assume
// auth can be completed in just 1 call.
//
unsigned int len = strlen(challenge);
void *inToken, *outToken;
PRUint32 inTokenLen, outTokenLen;
if (len > kNegotiateLen) {
challenge += kNegotiateLen;
while (*challenge == ' ')
challenge++;
len = strlen(challenge);
// strip off any padding (see bug 230351)
while (challenge[len - 1] == '=')
len--;
inTokenLen = (len * 3)/4;
inToken = malloc(inTokenLen);
if (!inToken)
return (NS_ERROR_OUT_OF_MEMORY);
//
// Decode the response that followed the "Negotiate" token
//
if (PL_Base64Decode(challenge, len, (char *) inToken) == NULL) {
free(inToken);
return(NS_ERROR_UNEXPECTED);
}
}
else {
//
// Initializing, don't use an input token.
//
inToken = nullptr;
inTokenLen = 0;
}
nsresult rv = module->GetNextToken(inToken, inTokenLen, &outToken, &outTokenLen);
free(inToken);
if (NS_FAILED(rv))
return rv;
if (outTokenLen == 0) {
LOG((" No output token to send, exiting"));
return NS_ERROR_FAILURE;
}
//
// base64 encode the output token.
//
char *encoded_token = PL_Base64Encode((char *)outToken, outTokenLen, nullptr);
nsMemory::Free(outToken);
if (!encoded_token)
return NS_ERROR_OUT_OF_MEMORY;
LOG((" Sending a token of length %d\n", outTokenLen));
// allocate a buffer sizeof("Negotiate" + " " + b64output_token + "\0")
*creds = (char *) nsMemory::Alloc(kNegotiateLen + 1 + strlen(encoded_token) + 1);
if (NS_UNLIKELY(!*creds))
rv = NS_ERROR_OUT_OF_MEMORY;
else
sprintf(*creds, "%s %s", kNegotiate, encoded_token);
PR_Free(encoded_token);
return rv;
}
NS_IMETHODIMP
nsHttpNTLMAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
const char *challenge,
PRBool isProxyAuth,
const PRUnichar *domain,
const PRUnichar *user,
const PRUnichar *pass,
nsISupports **sessionState,
nsISupports **continuationState,
PRUint32 *aFlags,
char **creds)
{
LOG(("nsHttpNTLMAuth::GenerateCredentials\n"));
*creds = nsnull;
*aFlags = 0;
// if user or password is empty, ChallengeReceived returned
// identityInvalid = PR_FALSE, that means we are using default user
// credentials; see nsAuthSSPI::Init method for explanation of this
// condition
if (!user || !pass)
*aFlags = USING_INTERNAL_IDENTITY;
nsresult rv;
nsCOMPtr<nsIAuthModule> module = do_QueryInterface(*continuationState, &rv);
NS_ENSURE_SUCCESS(rv, rv);
void *inBuf, *outBuf;
PRUint32 inBufLen, outBufLen;
// initial challenge
if (PL_strcasecmp(challenge, "NTLM") == 0) {
// NTLM service name format is 'HTTP@host' for both http and https
nsCOMPtr<nsIURI> uri;
rv = httpChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv))
return rv;
nsCAutoString serviceName, host;
rv = uri->GetAsciiHost(host);
if (NS_FAILED(rv))
return rv;
serviceName.AppendLiteral("HTTP@");
serviceName.Append(host);
// initialize auth module
rv = module->Init(serviceName.get(), nsIAuthModule::REQ_DEFAULT, domain, user, pass);
if (NS_FAILED(rv))
return rv;
inBufLen = 0;
inBuf = nsnull;
}
else {
// decode challenge; skip past "NTLM " to the start of the base64
// encoded data.
int len = strlen(challenge);
if (len < 6)
return NS_ERROR_UNEXPECTED; // bogus challenge
challenge += 5;
len -= 5;
// strip off any padding (see bug 230351)
while (challenge[len - 1] == '=')
len--;
// decode into the input secbuffer
inBufLen = (len * 3)/4; // sufficient size (see plbase64.h)
inBuf = nsMemory::Alloc(inBufLen);
if (!inBuf)
return NS_ERROR_OUT_OF_MEMORY;
if (PL_Base64Decode(challenge, len, (char *) inBuf) == nsnull) {
nsMemory::Free(inBuf);
return NS_ERROR_UNEXPECTED; // improper base64 encoding
}
}
rv = module->GetNextToken(inBuf, inBufLen, &outBuf, &outBufLen);
if (NS_SUCCEEDED(rv)) {
// base64 encode data in output buffer and prepend "NTLM "
int credsLen = 5 + ((outBufLen + 2)/3)*4;
*creds = (char *) nsMemory::Alloc(credsLen + 1);
if (!*creds)
rv = NS_ERROR_OUT_OF_MEMORY;
else {
memcpy(*creds, "NTLM ", 5);
PL_Base64Encode((char *) outBuf, outBufLen, *creds + 5);
(*creds)[credsLen] = '\0'; // null terminate
}
// OK, we are done with |outBuf|
nsMemory::Free(outBuf);
}
if (inBuf)
nsMemory::Free(inBuf);
return rv;
}
