25 #if defined(USE_WINDOWS_SSPI) && defined(USE_NTLM) 50 bool Curl_auth_is_ntlm_supported(
void)
52 PSecPkgInfo SecurityPackage;
53 SECURITY_STATUS status;
56 status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
59 return (status == SEC_E_OK ?
TRUE :
FALSE);
83 struct ntlmdata *ntlm,
84 char **outptr,
size_t *outlen)
86 PSecPkgInfo SecurityPackage;
88 SecBufferDesc type_1_desc;
89 SECURITY_STATUS status;
94 Curl_auth_ntlm_cleanup(ntlm);
97 status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
99 if(status != SEC_E_OK)
102 ntlm->token_max = SecurityPackage->cbMaxToken;
105 s_pSecFn->FreeContextBuffer(SecurityPackage);
108 ntlm->output_token =
malloc(ntlm->token_max);
109 if(!ntlm->output_token)
112 if(userp && *userp) {
116 result = Curl_create_sspi_identity(userp, passwdp, &ntlm->identity);
121 ntlm->p_identity = &ntlm->identity;
125 ntlm->p_identity = NULL;
128 ntlm->credentials =
malloc(
sizeof(CredHandle));
129 if(!ntlm->credentials)
132 memset(ntlm->credentials, 0,
sizeof(CredHandle));
135 status = s_pSecFn->AcquireCredentialsHandle(NULL,
136 (TCHAR *) TEXT(SP_NAME_NTLM),
137 SECPKG_CRED_OUTBOUND, NULL,
138 ntlm->p_identity, NULL, NULL,
139 ntlm->credentials, &expiry);
140 if(status != SEC_E_OK)
144 ntlm->context =
malloc(
sizeof(CtxtHandle));
148 memset(ntlm->context, 0,
sizeof(CtxtHandle));
151 type_1_desc.ulVersion = SECBUFFER_VERSION;
152 type_1_desc.cBuffers = 1;
153 type_1_desc.pBuffers = &type_1_buf;
154 type_1_buf.BufferType = SECBUFFER_TOKEN;
155 type_1_buf.pvBuffer = ntlm->output_token;
159 status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
161 0, 0, SECURITY_NETWORK_DREP,
163 ntlm->context, &type_1_desc,
165 if(status == SEC_I_COMPLETE_NEEDED ||
166 status == SEC_I_COMPLETE_AND_CONTINUE)
167 s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
168 else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED)
173 type_1_buf.cbBuffer, outptr, outlen);
190 const char *type2msg,
191 struct ntlmdata *ntlm)
194 unsigned char *type2 = NULL;
195 size_t type2_len = 0;
197 #if defined(CURL_DISABLE_VERBOSE_STRINGS) 202 if(strlen(type2msg) && *type2msg !=
'=') {
210 infof(data,
"NTLM handshake failure (empty type-2 message)\n");
216 ntlm->input_token = type2;
217 ntlm->input_token_len = type2_len;
244 struct ntlmdata *ntlm,
245 char **outptr,
size_t *outlen)
248 SecBuffer type_2_buf;
249 SecBuffer type_3_buf;
250 SecBufferDesc type_2_desc;
251 SecBufferDesc type_3_desc;
252 SECURITY_STATUS status;
260 type_2_desc.ulVersion = SECBUFFER_VERSION;
261 type_2_desc.cBuffers = 1;
262 type_2_desc.pBuffers = &type_2_buf;
263 type_2_buf.BufferType = SECBUFFER_TOKEN;
264 type_2_buf.pvBuffer = ntlm->input_token;
265 type_2_buf.cbBuffer =
curlx_uztoul(ntlm->input_token_len);
268 type_3_desc.ulVersion = SECBUFFER_VERSION;
269 type_3_desc.cBuffers = 1;
270 type_3_desc.pBuffers = &type_3_buf;
271 type_3_buf.BufferType = SECBUFFER_TOKEN;
272 type_3_buf.pvBuffer = ntlm->output_token;
276 status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
279 0, 0, SECURITY_NETWORK_DREP,
284 if(status != SEC_E_OK) {
285 infof(data,
"NTLM handshake failure (type-3 message): Status=%x\n",
293 type_3_buf.cbBuffer, outptr, outlen);
295 Curl_auth_ntlm_cleanup(ntlm);
310 void Curl_auth_ntlm_cleanup(
struct ntlmdata *ntlm)
314 s_pSecFn->DeleteSecurityContext(ntlm->context);
316 ntlm->context = NULL;
320 if(ntlm->credentials) {
321 s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
322 free(ntlm->credentials);
323 ntlm->credentials = NULL;
327 Curl_sspi_free_identity(ntlm->p_identity);
328 ntlm->p_identity = NULL;
CURLcode Curl_base64_decode(const char *src, unsigned char **outptr, size_t *outlen)
CURLcode Curl_base64_encode(struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen)
UNITTEST_START int result
unsigned long curlx_uztoul(size_t uznum)
#define Curl_safefree(ptr)