search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:rpc_server: Initialize array
[Samba.git] / auth / ntlmssp / ntlmssp_private.h
blob7b939b80ae2117393774c20fda2cb9dab321b9ce
1 /*
2 * Unix SMB/CIFS implementation.
3 * Version 3.0
4 * NTLMSSP Signing routines
5 * Copyright (C) Andrew Bartlett 2003-2005
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 /* For structures internal to the NTLMSSP implementation that should not be exposed */
22
23 #include <gnutls/gnutls.h>
24 #include <gnutls/crypto.h>
25
26 struct auth_session_info;
27
28 struct ntlmssp_crypt_direction {
29 uint32_t seq_num;
30 uint8_t sign_key[16];
31 gnutls_cipher_hd_t seal_state;
32 };
33
34 union ntlmssp_crypt_state {
35 /* NTLM */
36 struct ntlmssp_crypt_direction ntlm;
37
38 /* NTLM2 */
39 struct {
40 struct ntlmssp_crypt_direction sending;
41 struct ntlmssp_crypt_direction receiving;
42 } ntlm2;
43 };
44
45 struct gensec_ntlmssp_context {
46 /* For GENSEC users */
47 void *server_returned_info;
48
49 /* used by both client and server implementation */
50 struct ntlmssp_state *ntlmssp_state;
51 };
52
53 /* The following definitions come from auth/ntlmssp_util.c */
54
55 void debug_ntlmssp_flags(uint32_t neg_flags);
56 NTSTATUS ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state,
57 uint32_t neg_flags, const char *name);
58 const DATA_BLOB ntlmssp_version_blob(void);
59 NTSTATUS ntlmssp_hash_channel_bindings(struct gensec_security *gensec_security,
60 uint8_t cb_hash[16]);
61
62 /* The following definitions come from auth/ntlmssp_server.c */
63
64 const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state,
65 uint32_t neg_flags, uint32_t *chal_flags);
66 NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
67 TALLOC_CTX *out_mem_ctx,
68 const DATA_BLOB in, DATA_BLOB *out);
69 NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
70 TALLOC_CTX *out_mem_ctx,
71 const DATA_BLOB request, DATA_BLOB *reply);
72 /* The following definitions come from auth/ntlmssp/ntlmssp_client.c */
73
74
75 /**
76 * Next state function for the Initial packet
77 *
78 * @param ntlmssp_state NTLMSSP State
79 * @param out_mem_ctx The DATA_BLOB *out will be allocated on this context
80 * @param in A NULL data blob (input ignored)
81 * @param out The initial negotiate request to the server, as an talloc()ed DATA_BLOB, on out_mem_ctx
82 * @return Errors or NT_STATUS_OK.
83 */
84 NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security,
85 TALLOC_CTX *out_mem_ctx,
86 DATA_BLOB in, DATA_BLOB *out) ;
87
88 NTSTATUS gensec_ntlmssp_resume_ccache(struct gensec_security *gensec_security,
89 TALLOC_CTX *out_mem_ctx,
90 DATA_BLOB in, DATA_BLOB *out);
91
92 /**
93 * Next state function for the Challenge Packet. Generate an auth packet.
94 *
95 * @param gensec_security GENSEC state
96 * @param out_mem_ctx Memory context for *out
97 * @param in The server challnege, as a DATA_BLOB. reply.data must be NULL
98 * @param out The next request (auth packet) to the server, as an allocated DATA_BLOB, on the out_mem_ctx context
99 * @return Errors or NT_STATUS_OK.
100 */
101 NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
102 TALLOC_CTX *out_mem_ctx,
103 const DATA_BLOB in, DATA_BLOB *out) ;
104 NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security);
105 NTSTATUS gensec_ntlmssp_resume_ccache_start(struct gensec_security *gensec_security);
106
107 /* The following definitions come from auth/ntlmssp/gensec_ntlmssp_server.c */
108
109
110 /**
111 * Next state function for the Negotiate packet (GENSEC wrapper)
112 *
113 * @param gensec_security GENSEC state
114 * @param out_mem_ctx Memory context for *out
115 * @param in The request, as a DATA_BLOB. reply.data must be NULL
116 * @param out The reply, as an allocated DATA_BLOB, caller to free.
117 * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required.
118 */
119 NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security,
120 TALLOC_CTX *out_mem_ctx,
121 const DATA_BLOB request, DATA_BLOB *reply);
122
123 struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
124 struct tevent_context *ev,
125 struct gensec_security *gensec_security,
126 const DATA_BLOB in);
127 NTSTATUS ntlmssp_server_auth_recv(struct tevent_req *req,
128 TALLOC_CTX *out_mem_ctx,
129 DATA_BLOB *out);
130
131
132 /**
133 * Start NTLMSSP on the server side
134 *
135 */
136 NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security);
137
138 /**
139 * Return the credentials of a logged on user, including session keys
140 * etc.
141 *
142 * Only valid after a successful authentication
143 *
144 * May only be called once per authentication.
145 *
146 */
147 NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
148 TALLOC_CTX *mem_ctx,
149 struct auth_session_info **session_info) ;
150
151 /* The following definitions come from auth/ntlmssp/gensec_ntlmssp.c */
152
153 NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
154 TALLOC_CTX *sig_mem_ctx,
155 const uint8_t *data, size_t length,
156 const uint8_t *whole_pdu, size_t pdu_length,
157 DATA_BLOB *sig);
158 NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
159 const uint8_t *data, size_t length,
160 const uint8_t *whole_pdu, size_t pdu_length,
161 const DATA_BLOB *sig);
162 NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
163 TALLOC_CTX *sig_mem_ctx,
164 uint8_t *data, size_t length,
165 const uint8_t *whole_pdu, size_t pdu_length,
166 DATA_BLOB *sig);
167 NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
168 uint8_t *data, size_t length,
169 const uint8_t *whole_pdu, size_t pdu_length,
170 const DATA_BLOB *sig);
171 size_t gensec_ntlmssp_sig_size(struct gensec_security *gensec_security, size_t data_size) ;
172 NTSTATUS gensec_ntlmssp_wrap(struct gensec_security *gensec_security,
173 TALLOC_CTX *out_mem_ctx,
174 const DATA_BLOB *in,
175 DATA_BLOB *out);
176 NTSTATUS gensec_ntlmssp_unwrap(struct gensec_security *gensec_security,
177 TALLOC_CTX *out_mem_ctx,
178 const DATA_BLOB *in,
179 DATA_BLOB *out);
180
181 /**
182 * Return the NTLMSSP master session key
183 *
184 * @param ntlmssp_state NTLMSSP State
185 */
186 NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
187 const DATA_BLOB *first_packet);
188 bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
189 uint32_t feature);
190 NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
191 TALLOC_CTX *mem_ctx,
192 DATA_BLOB *session_key);
193 NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security);
194
Samba GIT mirror