CURLcode Curl_input_ntlm(struct connectdata *conn, bool proxy, /* if proxy or not */ const char *header) /* rest of the www-authenticate: header */ { /* point to the correct struct with this */ struct ntlmdata *ntlm; CURLcode result = CURLE_OK; #ifdef USE_NSS result = Curl_nss_force_init(conn->data); if(result) return result; #endif ntlm = proxy ? &conn->proxyntlm : &conn->ntlm; /* skip initial whitespaces */ while(*header && ISSPACE(*header)) header++; if(checkprefix("NTLM", header)) { header += strlen("NTLM"); while(*header && ISSPACE(*header)) header++; if(*header) { result = Curl_ntlm_decode_type2_message(conn->data, header, ntlm); if(CURLE_OK != result) return result; ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */ } else { if(ntlm->state == NTLMSTATE_TYPE3) { infof(conn->data, "NTLM handshake rejected\n"); Curl_http_ntlm_cleanup(conn); ntlm->state = NTLMSTATE_NONE; return CURLE_REMOTE_ACCESS_DENIED; } else if(ntlm->state >= NTLMSTATE_TYPE1) { infof(conn->data, "NTLM handshake failure (internal error)\n"); return CURLE_REMOTE_ACCESS_DENIED; } ntlm->state = NTLMSTATE_TYPE1; /* We should send away a type-1 */ } } return result; }
/* * Curl_sasl_decode_ntlm_type2_message() * * This is used to decode an already encoded NTLM type-2 message. * * Parameters: * * data [in] - Pointer to session handle. * type2msg [in] - Pointer to the base64 encoded type-2 message. * ntlm [in/out] - The ntlm data struct being used and modified. * * Returns CURLE_OK on success. */ CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, const char *type2msg, struct ntlmdata *ntlm) { #ifdef USE_NSS CURLcode result; /* make sure the crypto backend is initialized */ result = Curl_nss_force_init(data); if(result) return result; #endif return Curl_ntlm_decode_type2_message(data, type2msg, ntlm); }
/* * Curl_sasl_create_ntlm_type3_message() * * This is used to generate an already encoded NTLM type-3 message ready for * sending to the recipient. * * Parameters: * * data [in] - Pointer to session handle. * header [in] - Pointer to the base64 encoded type-2 message buffer. * userp [in] - The user name in the format User or Domain\User. * passdwp [in] - The user's password. * ntlm [in/out] - The ntlm data struct being used and modified. * outptr [in/out] - The address where a pointer to newly allocated memory * holding the result will be stored upon completion. * outlen [out] - The length of the output message. * * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, const char *header, const char *userp, const char *passwdp, struct ntlmdata *ntlm, char **outptr, size_t *outlen) { CURLcode result = Curl_ntlm_decode_type2_message(data, header, ntlm); if(!result) result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm, outptr, outlen); return result; }
/* for the NTLM type-2 response (sent in reponse to our type-1 message). */ static CURLcode smtp_state_auth_ntlm_type2msg_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; struct SessionHandle *data = conn->data; char *type3msg = NULL; size_t len = 0; (void)instate; /* no use for this yet */ if(smtpcode != 334) { failf(data, "Access denied: %d", smtpcode); result = CURLE_LOGIN_DENIED; } else { result = Curl_ntlm_decode_type2_message(data, data->state.buffer + 4, &conn->ntlm); if(!result) { result = Curl_ntlm_create_type3_message(conn->data, conn->user, conn->passwd, &conn->ntlm, &type3msg, &len); if(!result) { if(type3msg) { result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg); if(!result) state(conn, SMTP_AUTH); } Curl_safefree(type3msg); } } } return result; }
/* * Curl_sasl_decode_ntlm_type2_message() * * This is used to decode an already encoded NTLM type-2 message. * * Parameters: * * data [in] - Pointer to session handle. * type2msg [in] - Pointer to the base64 encoded type-2 message. * ntlm [in/out] - The ntlm data struct being used and modified. * * Returns CURLE_OK on success. */ CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, const char *type2msg, struct ntlmdata *ntlm) { return Curl_ntlm_decode_type2_message(data, type2msg, ntlm); }