2
0

curl_ntlm_msgs.h 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185
  1. #ifndef HEADER_CURL_NTLM_MSGS_H
  2. #define HEADER_CURL_NTLM_MSGS_H
  3. /***************************************************************************
  4. * _ _ ____ _
  5. * Project ___| | | | _ \| |
  6. * / __| | | | |_) | |
  7. * | (__| |_| | _ <| |___
  8. * \___|\___/|_| \_\_____|
  9. *
  10. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  11. *
  12. * This software is licensed as described in the file COPYING, which
  13. * you should have received as part of this distribution. The terms
  14. * are also available at http://curl.haxx.se/docs/copyright.html.
  15. *
  16. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  17. * copies of the Software, and permit persons to whom the Software is
  18. * furnished to do so, under the terms of the COPYING file.
  19. *
  20. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  21. * KIND, either express or implied.
  22. *
  23. ***************************************************************************/
  24. #include "curl_setup.h"
  25. #ifdef USE_NTLM
  26. /* This is to generate a base64 encoded NTLM type-1 message */
  27. CURLcode Curl_ntlm_create_type1_message(const char *userp,
  28. const char *passwdp,
  29. struct ntlmdata *ntlm,
  30. char **outptr,
  31. size_t *outlen);
  32. /* This is to generate a base64 encoded NTLM type-3 message */
  33. CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
  34. const char *userp,
  35. const char *passwdp,
  36. struct ntlmdata *ntlm,
  37. char **outptr,
  38. size_t *outlen);
  39. /* This is to decode a NTLM type-2 message */
  40. CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
  41. const char* header,
  42. struct ntlmdata* ntlm);
  43. /* This is to decode target info received in NTLM type-2 message */
  44. CURLcode Curl_ntlm_decode_type2_target(struct SessionHandle *data,
  45. unsigned char* buffer,
  46. size_t size,
  47. struct ntlmdata* ntlm);
  48. /* This is to clean up the ntlm data structure */
  49. #ifdef USE_WINDOWS_SSPI
  50. void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
  51. #else
  52. #define Curl_ntlm_sspi_cleanup(x)
  53. #endif
  54. /* NTLM buffer fixed size, large enough for long user + host + domain */
  55. #define NTLM_BUFSIZE 1024
  56. /* Stuff only required for curl_ntlm_msgs.c */
  57. #ifdef BUILDING_CURL_NTLM_MSGS_C
  58. /* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
  59. #define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
  60. /* Indicates that Unicode strings are supported for use in security buffer
  61. data. */
  62. #define NTLMFLAG_NEGOTIATE_OEM (1<<1)
  63. /* Indicates that OEM strings are supported for use in security buffer data. */
  64. #define NTLMFLAG_REQUEST_TARGET (1<<2)
  65. /* Requests that the server's authentication realm be included in the Type 2
  66. message. */
  67. /* unknown (1<<3) */
  68. #define NTLMFLAG_NEGOTIATE_SIGN (1<<4)
  69. /* Specifies that authenticated communication between the client and server
  70. should carry a digital signature (message integrity). */
  71. #define NTLMFLAG_NEGOTIATE_SEAL (1<<5)
  72. /* Specifies that authenticated communication between the client and server
  73. should be encrypted (message confidentiality). */
  74. #define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)
  75. /* Indicates that datagram authentication is being used. */
  76. #define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)
  77. /* Indicates that the LAN Manager session key should be used for signing and
  78. sealing authenticated communications. */
  79. #define NTLMFLAG_NEGOTIATE_NETWARE (1<<8)
  80. /* unknown purpose */
  81. #define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)
  82. /* Indicates that NTLM authentication is being used. */
  83. /* unknown (1<<10) */
  84. #define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11)
  85. /* Sent by the client in the Type 3 message to indicate that an anonymous
  86. context has been established. This also affects the response fields. */
  87. #define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)
  88. /* Sent by the client in the Type 1 message to indicate that a desired
  89. authentication realm is included in the message. */
  90. #define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)
  91. /* Sent by the client in the Type 1 message to indicate that the client
  92. workstation's name is included in the message. */
  93. #define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)
  94. /* Sent by the server to indicate that the server and client are on the same
  95. machine. Implies that the client may use a pre-established local security
  96. context rather than responding to the challenge. */
  97. #define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)
  98. /* Indicates that authenticated communication between the client and server
  99. should be signed with a "dummy" signature. */
  100. #define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)
  101. /* Sent by the server in the Type 2 message to indicate that the target
  102. authentication realm is a domain. */
  103. #define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)
  104. /* Sent by the server in the Type 2 message to indicate that the target
  105. authentication realm is a server. */
  106. #define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)
  107. /* Sent by the server in the Type 2 message to indicate that the target
  108. authentication realm is a share. Presumably, this is for share-level
  109. authentication. Usage is unclear. */
  110. #define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)
  111. /* Indicates that the NTLM2 signing and sealing scheme should be used for
  112. protecting authenticated communications. */
  113. #define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)
  114. /* unknown purpose */
  115. #define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)
  116. /* unknown purpose */
  117. #define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)
  118. /* unknown purpose */
  119. #define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)
  120. /* Sent by the server in the Type 2 message to indicate that it is including a
  121. Target Information block in the message. */
  122. /* unknown (1<24) */
  123. /* unknown (1<25) */
  124. /* unknown (1<26) */
  125. /* unknown (1<27) */
  126. /* unknown (1<28) */
  127. #define NTLMFLAG_NEGOTIATE_128 (1<<29)
  128. /* Indicates that 128-bit encryption is supported. */
  129. #define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)
  130. /* Indicates that the client will provide an encrypted master key in
  131. the "Session Key" field of the Type 3 message. */
  132. #define NTLMFLAG_NEGOTIATE_56 (1<<31)
  133. /* Indicates that 56-bit encryption is supported. */
  134. #ifdef UNICODE
  135. # define SECFLAG_WINNT_AUTH_IDENTITY \
  136. (unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
  137. #else
  138. # define SECFLAG_WINNT_AUTH_IDENTITY \
  139. (unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
  140. #endif
  141. #endif /* BUILDING_CURL_NTLM_MSGS_C */
  142. #endif /* USE_NTLM */
  143. #endif /* HEADER_CURL_NTLM_MSGS_H */