1/*
2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 *    may be used to endorse or promote products derived from this software
21 *    without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36/* $Id$ */
37
38#ifndef NTLM_NTLM_H
39#define NTLM_NTLM_H
40
41#include <config.h>
42
43#include <stdio.h>
44#include <stdlib.h>
45#include <assert.h>
46#include <string.h>
47#include <errno.h>
48
49#include <roken.h>
50
51#include <gssapi.h>
52#include <gssapi_ntlm.h>
53#include <gssapi_spi.h>
54#include <gssapi_mech.h>
55#include <gssapi_oid.h>
56
57#include <krb5.h>
58#include <heim_threads.h>
59
60#include <kcm.h>
61#include <hex.h>
62
63#include <heimntlm.h>
64
65#define HC_DEPRECATED_CRYPTO
66#include "crypto-headers.h"
67
68typedef struct {
69    char *user;
70    char *domain;
71    int flags;
72#define NTLM_UUID	1
73#define NTLM_ANON_NAME	2
74#define NTLM_DS_UUID	4
75    unsigned char ds_uuid[16];
76    unsigned char uuid[16];
77} ntlm_name_desc, *ntlm_name;
78
79struct ntlm_ctx;
80
81typedef ntlm_name ntlm_cred;
82
83typedef OM_uint32
84(*ntlm_interface_init)(OM_uint32 *, void **);
85
86typedef OM_uint32
87(*ntlm_interface_destroy)(OM_uint32 *, void *);
88
89typedef int
90(*ntlm_interface_probe)(OM_uint32 *, void *, const char *, unsigned int *flags);
91
92typedef OM_uint32
93(*ntlm_interface_type3)(OM_uint32 *, struct ntlm_ctx *, void *, const struct ntlm_type3 *,
94			ntlm_cred, uint32_t *, uint32_t *, struct ntlm_buf *,
95			ntlm_name *, struct ntlm_buf *, struct ntlm_buf *);
96
97typedef OM_uint32
98(*ntlm_interface_targetinfo)(OM_uint32 *,
99			     struct ntlm_ctx *,
100			     void *,
101			     const char *,
102			     const char *,
103			     uint32_t *);
104
105
106typedef void
107(*ntlm_interface_free_buffer)(struct ntlm_buf *);
108
109struct ntlm_server_interface {
110    const char *nsi_name;
111    ntlm_interface_init nsi_init;
112    ntlm_interface_destroy nsi_destroy;
113    ntlm_interface_probe nsi_probe;
114    ntlm_interface_type3 nsi_type3;
115    ntlm_interface_free_buffer nsi_free_buffer;
116    ntlm_interface_targetinfo nsi_ti;
117};
118
119
120struct ntlmv2_key {
121    uint32_t seq;
122    EVP_CIPHER_CTX sealkey;
123    EVP_CIPHER_CTX *signsealkey;
124    unsigned char signkey[16];
125};
126
127extern struct ntlm_server_interface ntlmsspi_kdc_digest;
128extern struct ntlm_server_interface ntlmsspi_dstg_digest;
129extern struct ntlm_server_interface ntlmsspi_netr_digest;
130extern struct ntlm_server_interface ntlmsspi_od_digest;
131
132
133struct ntlm_backend {
134    struct ntlm_server_interface *interface;
135    void *ctx;
136};
137
138
139typedef struct ntlm_ctx {
140    struct ntlm_backend *backends;
141    size_t num_backends;
142    ntlm_cred client;
143
144    unsigned int probe_flags;
145#define NSI_NO_SIGNING 1
146
147    OM_uint32 gssflags;
148    uint32_t kcmflags;
149    uint32_t flags;
150    uint32_t status;
151#define STATUS_OPEN 1
152#define STATUS_CLIENT 2
153#define STATUS_SESSIONKEY 4
154    krb5_data sessionkey;
155    krb5_data type1;
156    krb5_data type2;
157    krb5_data type3;
158
159    uint8_t challenge[8];
160
161    struct ntlm_targetinfo ti;
162    struct ntlm_buf targetinfo;
163
164    gss_name_t srcname;
165    gss_name_t targetname;
166    char *clientsuppliedtargetname;
167
168    char uuid[16];
169    gss_buffer_desc pac;
170
171    union {
172	struct {
173	    struct {
174		uint32_t seq;
175		EVP_CIPHER_CTX key;
176	    } crypto_send, crypto_recv;
177	} v1;
178	struct {
179	    struct ntlmv2_key send, recv;
180	} v2;
181    } u;
182} *ntlm_ctx;
183
184#include <ntlm-private.h>
185
186
187#endif /* NTLM_NTLM_H */
188