| 1 | #ifndef HEADER_VAUTH_NTLM_H
|
|---|
| 2 | #define HEADER_VAUTH_NTLM_H
|
|---|
| 3 | /***************************************************************************
|
|---|
| 4 | * _ _ ____ _
|
|---|
| 5 | * Project ___| | | | _ \| |
|
|---|
| 6 | * / __| | | | |_) | |
|
|---|
| 7 | * | (__| |_| | _ <| |___
|
|---|
| 8 | * \___|\___/|_| \_\_____|
|
|---|
| 9 | *
|
|---|
| 10 | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|---|
| 11 | *
|
|---|
| 12 | * This software is licensed as described in the file COPYING, which
|
|---|
| 13 | * you should have received as part of this distribution. The terms
|
|---|
| 14 | * are also available at https://curl.se/docs/copyright.html.
|
|---|
| 15 | *
|
|---|
| 16 | * You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|---|
| 17 | * copies of the Software, and permit persons to whom the Software is
|
|---|
| 18 | * furnished to do so, under the terms of the COPYING file.
|
|---|
| 19 | *
|
|---|
| 20 | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|---|
| 21 | * KIND, either express or implied.
|
|---|
| 22 | *
|
|---|
| 23 | * SPDX-License-Identifier: curl
|
|---|
| 24 | *
|
|---|
| 25 | ***************************************************************************/
|
|---|
| 26 |
|
|---|
| 27 | #include "curl_setup.h"
|
|---|
| 28 |
|
|---|
| 29 | #ifdef USE_NTLM
|
|---|
| 30 |
|
|---|
| 31 | /* NTLM buffer fixed size, large enough for long user + host + domain */
|
|---|
| 32 | #define NTLM_BUFSIZE 1024
|
|---|
| 33 |
|
|---|
| 34 | /* Stuff only required for curl_ntlm_msgs.c */
|
|---|
| 35 | #ifdef BUILDING_CURL_NTLM_MSGS_C
|
|---|
| 36 |
|
|---|
| 37 | /* Flag bits definitions based on
|
|---|
| 38 | https://davenport.sourceforge.net/ntlm.html */
|
|---|
| 39 |
|
|---|
| 40 | #define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
|
|---|
| 41 | /* Indicates that Unicode strings are supported for use in security buffer
|
|---|
| 42 | data. */
|
|---|
| 43 |
|
|---|
| 44 | #define NTLMFLAG_NEGOTIATE_OEM (1<<1)
|
|---|
| 45 | /* Indicates that OEM strings are supported for use in security buffer data. */
|
|---|
| 46 |
|
|---|
| 47 | #define NTLMFLAG_REQUEST_TARGET (1<<2)
|
|---|
| 48 | /* Requests that the server's authentication realm be included in the Type 2
|
|---|
| 49 | message. */
|
|---|
| 50 |
|
|---|
| 51 | /* unknown (1<<3) */
|
|---|
| 52 | #define NTLMFLAG_NEGOTIATE_SIGN (1<<4)
|
|---|
| 53 | /* Specifies that authenticated communication between the client and server
|
|---|
| 54 | should carry a digital signature (message integrity). */
|
|---|
| 55 |
|
|---|
| 56 | #define NTLMFLAG_NEGOTIATE_SEAL (1<<5)
|
|---|
| 57 | /* Specifies that authenticated communication between the client and server
|
|---|
| 58 | should be encrypted (message confidentiality). */
|
|---|
| 59 |
|
|---|
| 60 | #define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)
|
|---|
| 61 | /* Indicates that datagram authentication is being used. */
|
|---|
| 62 |
|
|---|
| 63 | #define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)
|
|---|
| 64 | /* Indicates that the LAN Manager session key should be used for signing and
|
|---|
| 65 | sealing authenticated communications. */
|
|---|
| 66 |
|
|---|
| 67 | #define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)
|
|---|
| 68 | /* Indicates that NTLM authentication is being used. */
|
|---|
| 69 |
|
|---|
| 70 | /* unknown (1<<10) */
|
|---|
| 71 |
|
|---|
| 72 | #define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11)
|
|---|
| 73 | /* Sent by the client in the Type 3 message to indicate that an anonymous
|
|---|
| 74 | context has been established. This also affects the response fields. */
|
|---|
| 75 |
|
|---|
| 76 | #define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)
|
|---|
| 77 | /* Sent by the client in the Type 1 message to indicate that a desired
|
|---|
| 78 | authentication realm is included in the message. */
|
|---|
| 79 |
|
|---|
| 80 | #define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)
|
|---|
| 81 | /* Sent by the client in the Type 1 message to indicate that the client
|
|---|
| 82 | workstation's name is included in the message. */
|
|---|
| 83 |
|
|---|
| 84 | #define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)
|
|---|
| 85 | /* Sent by the server to indicate that the server and client are on the same
|
|---|
| 86 | machine. Implies that the client may use a pre-established local security
|
|---|
| 87 | context rather than responding to the challenge. */
|
|---|
| 88 |
|
|---|
| 89 | #define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)
|
|---|
| 90 | /* Indicates that authenticated communication between the client and server
|
|---|
| 91 | should be signed with a "dummy" signature. */
|
|---|
| 92 |
|
|---|
| 93 | #define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)
|
|---|
| 94 | /* Sent by the server in the Type 2 message to indicate that the target
|
|---|
| 95 | authentication realm is a domain. */
|
|---|
| 96 |
|
|---|
| 97 | #define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)
|
|---|
| 98 | /* Sent by the server in the Type 2 message to indicate that the target
|
|---|
| 99 | authentication realm is a server. */
|
|---|
| 100 |
|
|---|
| 101 | #define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)
|
|---|
| 102 | /* Sent by the server in the Type 2 message to indicate that the target
|
|---|
| 103 | authentication realm is a share. Presumably, this is for share-level
|
|---|
| 104 | authentication. Usage is unclear. */
|
|---|
| 105 |
|
|---|
| 106 | #define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)
|
|---|
| 107 | /* Indicates that the NTLM2 signing and sealing scheme should be used for
|
|---|
| 108 | protecting authenticated communications. */
|
|---|
| 109 |
|
|---|
| 110 | #define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)
|
|---|
| 111 | /* unknown purpose */
|
|---|
| 112 |
|
|---|
| 113 | #define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)
|
|---|
| 114 | /* unknown purpose */
|
|---|
| 115 |
|
|---|
| 116 | #define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)
|
|---|
| 117 | /* unknown purpose */
|
|---|
| 118 |
|
|---|
| 119 | #define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)
|
|---|
| 120 | /* Sent by the server in the Type 2 message to indicate that it is including a
|
|---|
| 121 | Target Information block in the message. */
|
|---|
| 122 |
|
|---|
| 123 | /* unknown (1<24) */
|
|---|
| 124 | /* unknown (1<25) */
|
|---|
| 125 | /* unknown (1<26) */
|
|---|
| 126 | /* unknown (1<27) */
|
|---|
| 127 | /* unknown (1<28) */
|
|---|
| 128 |
|
|---|
| 129 | #define NTLMFLAG_NEGOTIATE_128 (1<<29)
|
|---|
| 130 | /* Indicates that 128-bit encryption is supported. */
|
|---|
| 131 |
|
|---|
| 132 | #define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)
|
|---|
| 133 | /* Indicates that the client will provide an encrypted master key in
|
|---|
| 134 | the "Session Key" field of the Type 3 message. */
|
|---|
| 135 |
|
|---|
| 136 | #define NTLMFLAG_NEGOTIATE_56 (1<<31)
|
|---|
| 137 | /* Indicates that 56-bit encryption is supported. */
|
|---|
| 138 |
|
|---|
| 139 | #endif /* BUILDING_CURL_NTLM_MSGS_C */
|
|---|
| 140 |
|
|---|
| 141 | #endif /* USE_NTLM */
|
|---|
| 142 |
|
|---|
| 143 | #endif /* HEADER_VAUTH_NTLM_H */
|
|---|
