1 | #ifndef HEADER_VAUTH_NTLM_H |
2 | #define |
3 | /*************************************************************************** |
4 | * _ _ ____ _ |
5 | * Project ___| | | | _ \| | |
6 | * / __| | | | |_) | | |
7 | * | (__| |_| | _ <| |___ |
8 | * \___|\___/|_| \_\_____| |
9 | * |
10 | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. |
11 | * |
12 | * This software is licensed as described in the file COPYING, which |
13 | * you should have received as part of this distribution. The terms |
14 | * are also available at https://curl.se/docs/copyright.html. |
15 | * |
16 | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
17 | * copies of the Software, and permit persons to whom the Software is |
18 | * furnished to do so, under the terms of the COPYING file. |
19 | * |
20 | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
21 | * KIND, either express or implied. |
22 | * |
23 | * SPDX-License-Identifier: curl |
24 | * |
25 | ***************************************************************************/ |
26 | |
27 | #include "curl_setup.h" |
28 | |
29 | #ifdef USE_NTLM |
30 | |
31 | /* NTLM buffer fixed size, large enough for long user + host + domain */ |
32 | #define NTLM_BUFSIZE 1024 |
33 | |
34 | /* Stuff only required for curl_ntlm_msgs.c */ |
35 | #ifdef BUILDING_CURL_NTLM_MSGS_C |
36 | |
37 | /* Flag bits definitions based on |
38 | https://davenport.sourceforge.net/ntlm.html */ |
39 | |
40 | #define NTLMFLAG_NEGOTIATE_UNICODE (1<<0) |
41 | /* Indicates that Unicode strings are supported for use in security buffer |
42 | data. */ |
43 | |
44 | #define NTLMFLAG_NEGOTIATE_OEM (1<<1) |
45 | /* Indicates that OEM strings are supported for use in security buffer data. */ |
46 | |
47 | #define NTLMFLAG_REQUEST_TARGET (1<<2) |
48 | /* Requests that the server's authentication realm be included in the Type 2 |
49 | message. */ |
50 | |
51 | /* unknown (1<<3) */ |
52 | #define NTLMFLAG_NEGOTIATE_SIGN (1<<4) |
53 | /* Specifies that authenticated communication between the client and server |
54 | should carry a digital signature (message integrity). */ |
55 | |
56 | #define NTLMFLAG_NEGOTIATE_SEAL (1<<5) |
57 | /* Specifies that authenticated communication between the client and server |
58 | should be encrypted (message confidentiality). */ |
59 | |
60 | #define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6) |
61 | /* Indicates that datagram authentication is being used. */ |
62 | |
63 | #define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7) |
64 | /* Indicates that the LAN Manager session key should be used for signing and |
65 | sealing authenticated communications. */ |
66 | |
67 | #define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9) |
68 | /* Indicates that NTLM authentication is being used. */ |
69 | |
70 | /* unknown (1<<10) */ |
71 | |
72 | #define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11) |
73 | /* Sent by the client in the Type 3 message to indicate that an anonymous |
74 | context has been established. This also affects the response fields. */ |
75 | |
76 | #define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12) |
77 | /* Sent by the client in the Type 1 message to indicate that a desired |
78 | authentication realm is included in the message. */ |
79 | |
80 | #define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13) |
81 | /* Sent by the client in the Type 1 message to indicate that the client |
82 | workstation's name is included in the message. */ |
83 | |
84 | #define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14) |
85 | /* Sent by the server to indicate that the server and client are on the same |
86 | machine. Implies that the client may use a pre-established local security |
87 | context rather than responding to the challenge. */ |
88 | |
89 | #define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15) |
90 | /* Indicates that authenticated communication between the client and server |
91 | should be signed with a "dummy" signature. */ |
92 | |
93 | #define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16) |
94 | /* Sent by the server in the Type 2 message to indicate that the target |
95 | authentication realm is a domain. */ |
96 | |
97 | #define NTLMFLAG_TARGET_TYPE_SERVER (1<<17) |
98 | /* Sent by the server in the Type 2 message to indicate that the target |
99 | authentication realm is a server. */ |
100 | |
101 | #define NTLMFLAG_TARGET_TYPE_SHARE (1<<18) |
102 | /* Sent by the server in the Type 2 message to indicate that the target |
103 | authentication realm is a share. Presumably, this is for share-level |
104 | authentication. Usage is unclear. */ |
105 | |
106 | #define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19) |
107 | /* Indicates that the NTLM2 signing and sealing scheme should be used for |
108 | protecting authenticated communications. */ |
109 | |
110 | #define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20) |
111 | /* unknown purpose */ |
112 | |
113 | #define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21) |
114 | /* unknown purpose */ |
115 | |
116 | #define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22) |
117 | /* unknown purpose */ |
118 | |
119 | #define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23) |
120 | /* Sent by the server in the Type 2 message to indicate that it is including a |
121 | Target Information block in the message. */ |
122 | |
123 | /* unknown (1<24) */ |
124 | /* unknown (1<25) */ |
125 | /* unknown (1<26) */ |
126 | /* unknown (1<27) */ |
127 | /* unknown (1<28) */ |
128 | |
129 | #define NTLMFLAG_NEGOTIATE_128 (1<<29) |
130 | /* Indicates that 128-bit encryption is supported. */ |
131 | |
132 | #define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30) |
133 | /* Indicates that the client will provide an encrypted master key in |
134 | the "Session Key" field of the Type 3 message. */ |
135 | |
136 | #define NTLMFLAG_NEGOTIATE_56 (1<<31) |
137 | /* Indicates that 56-bit encryption is supported. */ |
138 | |
139 | #endif /* BUILDING_CURL_NTLM_MSGS_C */ |
140 | |
141 | #endif /* USE_NTLM */ |
142 | |
143 | #endif /* HEADER_VAUTH_NTLM_H */ |
144 | |