From 52ac479764e85296a6a6100d143104d78c51aa8b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 30 Jan 2012 22:42:39 +1100 Subject: auth: Move the rest of the source4 gensec_ntlmssp code to the top level The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher --- auth/ntlmssp/ntlmssp_private.h | 79 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) (limited to 'auth/ntlmssp/ntlmssp_private.h') diff --git a/auth/ntlmssp/ntlmssp_private.h b/auth/ntlmssp/ntlmssp_private.h index fc74428288..431626c34d 100644 --- a/auth/ntlmssp/ntlmssp_private.h +++ b/auth/ntlmssp/ntlmssp_private.h @@ -22,6 +22,8 @@ #include "../lib/crypto/arcfour.h" +struct auth_session_info; + struct ntlmssp_crypt_direction { uint32_t seq_num; uint8_t sign_key[16]; @@ -55,3 +57,80 @@ NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX *out_mem_ctx, const DATA_BLOB request, DATA_BLOB *reply); +/* The following definitions come from auth/ntlmssp/ntlmssp_client.c */ + + +/** + * Next state function for the Initial packet + * + * @param ntlmssp_state NTLMSSP State + * @param out_mem_ctx The DATA_BLOB *out will be allocated on this context + * @param in A NULL data blob (input ignored) + * @param out The initial negotiate request to the server, as an talloc()ed DATA_BLOB, on out_mem_ctx + * @return Errors or NT_STATUS_OK. + */ +NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + DATA_BLOB in, DATA_BLOB *out) ; + +/** + * Next state function for the Challenge Packet. Generate an auth packet. + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The server challnege, as a DATA_BLOB. reply.data must be NULL + * @param out The next request (auth packet) to the server, as an allocated DATA_BLOB, on the out_mem_ctx context + * @return Errors or NT_STATUS_OK. + */ +NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out) ; +NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security); + +/* The following definitions come from auth/ntlmssp/ntlmssp_server.c */ + + +/** + * Next state function for the Negotiate packet (GENSEC wrapper) + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The request, as a DATA_BLOB. reply.data must be NULL + * @param out The reply, as an allocated DATA_BLOB, caller to free. + * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required. + */ +NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB request, DATA_BLOB *reply); + +/** + * Next state function for the Authenticate packet (GENSEC wrapper) + * + * @param gensec_security GENSEC state + * @param out_mem_ctx Memory context for *out + * @param in The request, as a DATA_BLOB. reply.data must be NULL + * @param out The reply, as an allocated DATA_BLOB, caller to free. + * @return Errors or NT_STATUS_OK if authentication sucessful + */ +NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security, + TALLOC_CTX *out_mem_ctx, + const DATA_BLOB in, DATA_BLOB *out); + +/** + * Return the credentials of a logged on user, including session keys + * etc. + * + * Only valid after a successful authentication + * + * May only be called once per authentication. + * + */ +NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + struct auth_session_info **session_info) ; + +/** + * Start NTLMSSP on the server side + * + */ +NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security); -- cgit