/*
* Curl_sasl_create_ntlm_type1_message()
*
* This is used to generate an already encoded NTLM type-1 message ready for
* sending to the recipient.
*
* Note: This is a simple wrapper of the NTLM function which means that any
* SASL based protocols don't have to include the NTLM functions directly.
*
* Parameters:
*
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen)
{
return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr, outlen);
}
/*
* This is for creating ntlm header output
*/
CURLcode Curl_output_ntlm(struct connectdata *conn,
bool proxy)
{
char *base64 = NULL;
size_t len = 0;
CURLcode error;
/* point to the address of the pointer that holds the string to send to the
server, which is for a plain host or for a HTTP proxy */
char **allocuserpwd;
/* point to the name and password for this */
const char *userp;
const char *passwdp;
/* point to the correct struct with this */
struct ntlmdata *ntlm;
struct auth *authp;
DEBUGASSERT(conn);
DEBUGASSERT(conn->data);
#ifdef USE_NSS
if(CURLE_OK != Curl_nss_force_init(conn->data))
return CURLE_OUT_OF_MEMORY;
#endif
if(proxy) {
allocuserpwd = &conn->allocptr.proxyuserpwd;
userp = conn->proxyuser;
passwdp = conn->proxypasswd;
ntlm = &conn->proxyntlm;
authp = &conn->data->state.authproxy;
}
else {
allocuserpwd = &conn->allocptr.userpwd;
userp = conn->user;
passwdp = conn->passwd;
ntlm = &conn->ntlm;
authp = &conn->data->state.authhost;
}
authp->done = FALSE;
/* not set means empty */
if(!userp)
userp = "";
if(!passwdp)
passwdp = "";
#ifdef USE_WINDOWS_SSPI
if(s_hSecDll == NULL) {
/* not thread safe and leaks - use curl_global_init() to avoid */
CURLcode err = Curl_sspi_global_init();
if(s_hSecDll == NULL)
return err;
}
#endif
switch(ntlm->state) {
case NTLMSTATE_TYPE1:
default: /* for the weird cases we (re)start here */
/* Create a type-1 message */
error = Curl_ntlm_create_type1_message(userp, passwdp, ntlm, &base64,
&len);
if(error)
return error;
if(base64) {
Curl_safefree(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd));
}
break;
case NTLMSTATE_TYPE2:
/* We already received the type-2 message, create a type-3 message */
error = Curl_ntlm_create_type3_message(conn->data, userp, passwdp,
ntlm, &base64, &len);
if(error)
return error;
if(base64) {
Curl_safefree(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
ntlm->state = NTLMSTATE_TYPE3; /* we send a type-3 */
authp->done = TRUE;
}
break;
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
* don't send a header in future requests */
Curl_safefree(*allocuserpwd);
authp->done = TRUE;
break;
}
return CURLE_OK;
}
static CURLcode smtp_auth_ntlm_type1_message(struct connectdata *conn,
char **outptr, size_t *outlen)
{
return Curl_ntlm_create_type1_message(conn->user, conn->passwd,
&conn->ntlm, outptr, outlen);
}
