1
#ifndef HEADER_CURL_NTLM_MSGS_H
2
#define HEADER_CURL_NTLM_MSGS_H
3
/***************************************************************************
5
* Project ___| | | | _ \| |
7
* | (__| |_| | _ <| |___
8
* \___|\___/|_| \_\_____|
10
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
12
* This software is licensed as described in the file COPYING, which
13
* you should have received as part of this distribution. The terms
14
* are also available at http://curl.haxx.se/docs/copyright.html.
16
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
17
* copies of the Software, and permit persons to whom the Software is
18
* furnished to do so, under the terms of the COPYING file.
20
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
21
* KIND, either express or implied.
23
***************************************************************************/
29
/* This is to generate a base64 encoded NTLM type-1 message */
30
CURLcode Curl_ntlm_create_type1_message(const char *userp,
32
struct ntlmdata *ntlm,
35
/* This is to generate a base64 encoded NTLM type-3 message */
36
CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
39
struct ntlmdata *ntlm,
42
/* This is to decode a NTLM type-2 message */
43
CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
45
struct ntlmdata* ntlm);
47
/* This is to clean up the ntlm data structure */
48
#ifdef USE_WINDOWS_SSPI
49
void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
52
/* NTLM buffer fixed size, large enough for long user + host + domain */
53
#define NTLM_BUFSIZE 1024
55
/* Stuff only required for curl_ntlm_msgs.c */
56
#ifdef BUILDING_CURL_NTLM_MSGS_C
58
/* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
60
#define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
61
/* Indicates that Unicode strings are supported for use in security buffer
64
#define NTLMFLAG_NEGOTIATE_OEM (1<<1)
65
/* Indicates that OEM strings are supported for use in security buffer data. */
67
#define NTLMFLAG_REQUEST_TARGET (1<<2)
68
/* Requests that the server's authentication realm be included in the Type 2
72
#define NTLMFLAG_NEGOTIATE_SIGN (1<<4)
73
/* Specifies that authenticated communication between the client and server
74
should carry a digital signature (message integrity). */
76
#define NTLMFLAG_NEGOTIATE_SEAL (1<<5)
77
/* Specifies that authenticated communication between the client and server
78
should be encrypted (message confidentiality). */
80
#define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)
81
/* Indicates that datagram authentication is being used. */
83
#define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)
84
/* Indicates that the LAN Manager session key should be used for signing and
85
sealing authenticated communications. */
87
#define NTLMFLAG_NEGOTIATE_NETWARE (1<<8)
90
#define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)
91
/* Indicates that NTLM authentication is being used. */
95
#define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11)
96
/* Sent by the client in the Type 3 message to indicate that an anonymous
97
context has been established. This also affects the response fields. */
99
#define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)
100
/* Sent by the client in the Type 1 message to indicate that a desired
101
authentication realm is included in the message. */
103
#define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)
104
/* Sent by the client in the Type 1 message to indicate that the client
105
workstation's name is included in the message. */
107
#define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)
108
/* Sent by the server to indicate that the server and client are on the same
109
machine. Implies that the client may use a pre-established local security
110
context rather than responding to the challenge. */
112
#define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)
113
/* Indicates that authenticated communication between the client and server
114
should be signed with a "dummy" signature. */
116
#define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)
117
/* Sent by the server in the Type 2 message to indicate that the target
118
authentication realm is a domain. */
120
#define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)
121
/* Sent by the server in the Type 2 message to indicate that the target
122
authentication realm is a server. */
124
#define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)
125
/* Sent by the server in the Type 2 message to indicate that the target
126
authentication realm is a share. Presumably, this is for share-level
127
authentication. Usage is unclear. */
129
#define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)
130
/* Indicates that the NTLM2 signing and sealing scheme should be used for
131
protecting authenticated communications. */
133
#define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)
134
/* unknown purpose */
136
#define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)
137
/* unknown purpose */
139
#define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)
140
/* unknown purpose */
142
#define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)
143
/* Sent by the server in the Type 2 message to indicate that it is including a
144
Target Information block in the message. */
152
#define NTLMFLAG_NEGOTIATE_128 (1<<29)
153
/* Indicates that 128-bit encryption is supported. */
155
#define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)
156
/* Indicates that the client will provide an encrypted master key in
157
the "Session Key" field of the Type 3 message. */
159
#define NTLMFLAG_NEGOTIATE_56 (1<<31)
160
/* Indicates that 56-bit encryption is supported. */
162
#endif /* BUILDING_CURL_NTLM_MSGS_C */
164
#endif /* USE_NTLM */
166
#endif /* HEADER_CURL_NTLM_MSGS_H */