1/* 2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36/* $Id$ */ 37 38#ifndef NTLM_NTLM_H 39#define NTLM_NTLM_H 40 41#include <config.h> 42 43#include <stdio.h> 44#include <stdlib.h> 45#include <assert.h> 46#include <string.h> 47#include <errno.h> 48 49#include <roken.h> 50 51#include <gssapi.h> 52#include <gssapi_ntlm.h> 53#include <gssapi_spi.h> 54#include <gssapi_mech.h> 55#include <gssapi_oid.h> 56 57#include <krb5.h> 58#include <heim_threads.h> 59 60#include <kcm.h> 61#include <hex.h> 62 63#include <heimntlm.h> 64 65#define HC_DEPRECATED_CRYPTO 66#include "crypto-headers.h" 67 68typedef struct { 69 char *user; 70 char *domain; 71 int flags; 72#define NTLM_UUID 1 73#define NTLM_ANON_NAME 2 74#define NTLM_DS_UUID 4 75 unsigned char ds_uuid[16]; 76 unsigned char uuid[16]; 77} ntlm_name_desc, *ntlm_name; 78 79struct ntlm_ctx; 80 81typedef ntlm_name ntlm_cred; 82 83typedef OM_uint32 84(*ntlm_interface_init)(OM_uint32 *, void **); 85 86typedef OM_uint32 87(*ntlm_interface_destroy)(OM_uint32 *, void *); 88 89typedef int 90(*ntlm_interface_probe)(OM_uint32 *, void *, const char *, unsigned int *flags); 91 92typedef OM_uint32 93(*ntlm_interface_type3)(OM_uint32 *, struct ntlm_ctx *, void *, const struct ntlm_type3 *, 94 ntlm_cred, uint32_t *, uint32_t *, struct ntlm_buf *, 95 ntlm_name *, struct ntlm_buf *, struct ntlm_buf *); 96 97typedef OM_uint32 98(*ntlm_interface_targetinfo)(OM_uint32 *, 99 struct ntlm_ctx *, 100 void *, 101 const char *, 102 const char *, 103 uint32_t *); 104 105 106typedef void 107(*ntlm_interface_free_buffer)(struct ntlm_buf *); 108 109struct ntlm_server_interface { 110 const char *nsi_name; 111 ntlm_interface_init nsi_init; 112 ntlm_interface_destroy nsi_destroy; 113 ntlm_interface_probe nsi_probe; 114 ntlm_interface_type3 nsi_type3; 115 ntlm_interface_free_buffer nsi_free_buffer; 116 ntlm_interface_targetinfo nsi_ti; 117}; 118 119 120struct ntlmv2_key { 121 uint32_t seq; 122 EVP_CIPHER_CTX sealkey; 123 EVP_CIPHER_CTX *signsealkey; 124 unsigned char signkey[16]; 125}; 126 127extern struct ntlm_server_interface ntlmsspi_kdc_digest; 128extern struct ntlm_server_interface ntlmsspi_dstg_digest; 129extern struct ntlm_server_interface ntlmsspi_netr_digest; 130extern struct ntlm_server_interface ntlmsspi_od_digest; 131 132 133struct ntlm_backend { 134 struct ntlm_server_interface *interface; 135 void *ctx; 136}; 137 138 139typedef struct ntlm_ctx { 140 struct ntlm_backend *backends; 141 size_t num_backends; 142 ntlm_cred client; 143 144 unsigned int probe_flags; 145#define NSI_NO_SIGNING 1 146 147 OM_uint32 gssflags; 148 uint32_t kcmflags; 149 uint32_t flags; 150 uint32_t status; 151#define STATUS_OPEN 1 152#define STATUS_CLIENT 2 153#define STATUS_SESSIONKEY 4 154 krb5_data sessionkey; 155 krb5_data type1; 156 krb5_data type2; 157 krb5_data type3; 158 159 uint8_t challenge[8]; 160 161 struct ntlm_targetinfo ti; 162 struct ntlm_buf targetinfo; 163 164 gss_name_t srcname; 165 gss_name_t targetname; 166 char *clientsuppliedtargetname; 167 168 char uuid[16]; 169 gss_buffer_desc pac; 170 171 union { 172 struct { 173 struct { 174 uint32_t seq; 175 EVP_CIPHER_CTX key; 176 } crypto_send, crypto_recv; 177 } v1; 178 struct { 179 struct ntlmv2_key send, recv; 180 } v2; 181 } u; 182} *ntlm_ctx; 183 184#include <ntlm-private.h> 185 186 187#endif /* NTLM_NTLM_H */ 188