3 /***************************************************************************
5 * Project ___| | | | _ \| |
7 * | (__| |_| | _ <| |___
8 * \___|\___/|_| \_\_____|
10 * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
12 * This software is licensed as described in the file COPYING, which
13 * you should have received as part of this distribution. The terms
14 * are also available at http://curl.haxx.se/docs/copyright.html.
16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
17 * copies of the Software, and permit persons to whom the Software is
18 * furnished to do so, under the terms of the COPYING file.
20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
21 * KIND, either express or implied.
23 * $Id: http_ntlm.h,v 1.6 2004/01/07 09:19:35 bagder Exp $
24 ***************************************************************************/
27 CURLNTLM_NONE, /* not a ntlm */
28 CURLNTLM_BAD, /* an ntlm, but one we don't like */
29 CURLNTLM_FIRST, /* the first 401-reply we got with NTLM */
30 CURLNTLM_FINE, /* an ntlm we act on */
32 CURLNTLM_LAST /* last entry in this enum, don't use */
35 /* this is for ntlm header input */
36 CURLntlm Curl_input_ntlm(struct connectdata *conn, bool proxy, char *header);
38 /* this is for creating ntlm header output */
39 CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy, bool *ready);
41 void Curl_ntlm_cleanup(struct SessionHandle *data);
44 /* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
46 #define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
47 /* Indicates that Unicode strings are supported for use in security buffer
50 #define NTLMFLAG_NEGOTIATE_OEM (1<<1)
51 /* Indicates that OEM strings are supported for use in security buffer data. */
53 #define NTLMFLAG_REQUEST_TARGET (1<<2)
54 /* Requests that the server's authentication realm be included in the Type 2
58 #define NTLMFLAG_NEGOTIATE_SIGN (1<<4)
59 /* Specifies that authenticated communication between the client and server
60 should carry a digital signature (message integrity). */
62 #define NTLMFLAG_NEGOTIATE_SEAL (1<<5)
63 /* Specifies that authenticated communication between the client and server
64 should be encrypted (message confidentiality). */
66 #define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)
69 #define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)
70 /* Indicates that the LAN Manager session key should be used for signing and
71 sealing authenticated communications. */
73 #define NTLMFLAG_NEGOTIATE_NETWARE (1<<8)
76 #define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)
77 /* Indicates that NTLM authentication is being used. */
82 #define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)
83 /* Sent by the client in the Type 1 message to indicate that a desired
84 authentication realm is included in the message. */
86 #define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)
87 /* Sent by the client in the Type 1 message to indicate that the client
88 workstation's name is included in the message. */
90 #define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)
91 /* Sent by the server to indicate that the server and client are on the same
92 machine. Implies that the client may use a pre-established local security
93 context rather than responding to the challenge. */
95 #define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)
96 /* Indicates that authenticated communication between the client and server
97 should be signed with a "dummy" signature. */
99 #define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)
100 /* Sent by the server in the Type 2 message to indicate that the target
101 authentication realm is a domain. */
103 #define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)
104 /* Sent by the server in the Type 2 message to indicate that the target
105 authentication realm is a server. */
107 #define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)
108 /* Sent by the server in the Type 2 message to indicate that the target
109 authentication realm is a share. Presumably, this is for share-level
110 authentication. Usage is unclear. */
112 #define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)
113 /* Indicates that the NTLM2 signing and sealing scheme should be used for
114 protecting authenticated communications. */
116 #define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)
117 /* unknown purpose */
119 #define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)
120 /* unknown purpose */
122 #define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)
123 /* unknown purpose */
125 #define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)
126 /* Sent by the server in the Type 2 message to indicate that it is including a
127 Target Information block in the message. */
135 #define NTLMFLAG_NEGOTIATE_128 (1<<29)
136 /* Indicates that 128-bit encryption is supported. */
138 #define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)
139 /* unknown purpose */
141 #define NTLMFLAG_NEGOTIATE_56 (1<<31)
142 /* Indicates that 56-bit encryption is supported. */