1 #ifndef HEADER_CURL_VAUTH_H 2 #define HEADER_CURL_VAUTH_H 3 /*************************************************************************** 4 * _ _ ____ _ 5 * Project ___| | | | _ \| | 6 * / __| | | | |_) | | 7 * | (__| |_| | _ <| |___ 8 * \___|\___/|_| \_\_____| 9 * 10 * Copyright (C) 2014 - 2019, Steve Holme, <steve_holme@hotmail.com>. 11 * 12 * This software is licensed as described in the file COPYING, which 13 * you should have received as part of this distribution. The terms 14 * are also available at https://curl.haxx.se/docs/copyright.html. 15 * 16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 17 * copies of the Software, and permit persons to whom the Software is 18 * furnished to do so, under the terms of the COPYING file. 19 * 20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 21 * KIND, either express or implied. 22 * 23 ***************************************************************************/ 24 25 #include <curl/curl.h> 26 27 struct Curl_easy; 28 29 #if !defined(CURL_DISABLE_CRYPTO_AUTH) 30 struct digestdata; 31 #endif 32 33 #if defined(USE_NTLM) 34 struct ntlmdata; 35 #endif 36 37 #if defined(USE_KERBEROS5) 38 struct kerberos5data; 39 #endif 40 41 #if (defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)) && defined(USE_SPNEGO) 42 struct negotiatedata; 43 #endif 44 45 #if defined(USE_WINDOWS_SSPI) 46 #define GSS_ERROR(status) ((status) & 0x80000000) 47 #endif 48 49 /* This is used to build a SPN string */ 50 #if !defined(USE_WINDOWS_SSPI) 51 char *Curl_auth_build_spn(const char *service, const char *host, 52 const char *realm); 53 #else 54 TCHAR *Curl_auth_build_spn(const char *service, const char *host, 55 const char *realm); 56 #endif 57 58 /* This is used to test if the user contains a Windows domain name */ 59 bool Curl_auth_user_contains_domain(const char *user); 60 61 /* This is used to generate a base64 encoded PLAIN cleartext message */ 62 CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, 63 const char *authzid, 64 const char *authcid, 65 const char *passwd, 66 char **outptr, size_t *outlen); 67 68 /* This is used to generate a base64 encoded LOGIN cleartext message */ 69 CURLcode Curl_auth_create_login_message(struct Curl_easy *data, 70 const char *valuep, char **outptr, 71 size_t *outlen); 72 73 /* This is used to generate a base64 encoded EXTERNAL cleartext message */ 74 CURLcode Curl_auth_create_external_message(struct Curl_easy *data, 75 const char *user, char **outptr, 76 size_t *outlen); 77 78 #if !defined(CURL_DISABLE_CRYPTO_AUTH) 79 /* This is used to decode a CRAM-MD5 challenge message */ 80 CURLcode Curl_auth_decode_cram_md5_message(const char *chlg64, char **outptr, 81 size_t *outlen); 82 83 /* This is used to generate a CRAM-MD5 response message */ 84 CURLcode Curl_auth_create_cram_md5_message(struct Curl_easy *data, 85 const char *chlg, 86 const char *userp, 87 const char *passwdp, 88 char **outptr, size_t *outlen); 89 90 /* This is used to evaluate if DIGEST is supported */ 91 bool Curl_auth_is_digest_supported(void); 92 93 /* This is used to generate a base64 encoded DIGEST-MD5 response message */ 94 CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, 95 const char *chlg64, 96 const char *userp, 97 const char *passwdp, 98 const char *service, 99 char **outptr, size_t *outlen); 100 101 /* This is used to decode a HTTP DIGEST challenge message */ 102 CURLcode Curl_auth_decode_digest_http_message(const char *chlg, 103 struct digestdata *digest); 104 105 /* This is used to generate a HTTP DIGEST response message */ 106 CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, 107 const char *userp, 108 const char *passwdp, 109 const unsigned char *request, 110 const unsigned char *uri, 111 struct digestdata *digest, 112 char **outptr, size_t *outlen); 113 114 /* This is used to clean up the digest specific data */ 115 void Curl_auth_digest_cleanup(struct digestdata *digest); 116 #endif /* !CURL_DISABLE_CRYPTO_AUTH */ 117 118 #if defined(USE_NTLM) 119 /* This is used to evaluate if NTLM is supported */ 120 bool Curl_auth_is_ntlm_supported(void); 121 122 /* This is used to generate a base64 encoded NTLM type-1 message */ 123 CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, 124 const char *userp, 125 const char *passwdp, 126 const char *service, 127 const char *host, 128 struct ntlmdata *ntlm, 129 char **outptr, 130 size_t *outlen); 131 132 /* This is used to decode a base64 encoded NTLM type-2 message */ 133 CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, 134 const char *type2msg, 135 struct ntlmdata *ntlm); 136 137 /* This is used to generate a base64 encoded NTLM type-3 message */ 138 CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, 139 const char *userp, 140 const char *passwdp, 141 struct ntlmdata *ntlm, 142 char **outptr, size_t *outlen); 143 144 /* This is used to clean up the NTLM specific data */ 145 void Curl_auth_cleanup_ntlm(struct ntlmdata *ntlm); 146 #endif /* USE_NTLM */ 147 148 /* This is used to generate a base64 encoded OAuth 2.0 message */ 149 CURLcode Curl_auth_create_oauth_bearer_message(struct Curl_easy *data, 150 const char *user, 151 const char *host, 152 const long port, 153 const char *bearer, 154 char **outptr, size_t *outlen); 155 156 /* This is used to generate a base64 encoded XOAuth 2.0 message */ 157 CURLcode Curl_auth_create_xoauth_bearer_message(struct Curl_easy *data, 158 const char *user, 159 const char *bearer, 160 char **outptr, size_t *outlen); 161 162 #if defined(USE_KERBEROS5) 163 /* This is used to evaluate if GSSAPI (Kerberos V5) is supported */ 164 bool Curl_auth_is_gssapi_supported(void); 165 166 /* This is used to generate a base64 encoded GSSAPI (Kerberos V5) user token 167 message */ 168 CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, 169 const char *userp, 170 const char *passwdp, 171 const char *service, 172 const char *host, 173 const bool mutual, 174 const char *chlg64, 175 struct kerberos5data *krb5, 176 char **outptr, size_t *outlen); 177 178 /* This is used to generate a base64 encoded GSSAPI (Kerberos V5) security 179 token message */ 180 CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, 181 const char *input, 182 struct kerberos5data *krb5, 183 char **outptr, 184 size_t *outlen); 185 186 /* This is used to clean up the GSSAPI specific data */ 187 void Curl_auth_cleanup_gssapi(struct kerberos5data *krb5); 188 #endif /* USE_KERBEROS5 */ 189 190 #if defined(USE_SPNEGO) 191 /* This is used to evaluate if SPNEGO (Negotiate) is supported */ 192 bool Curl_auth_is_spnego_supported(void); 193 194 /* This is used to decode a base64 encoded SPNEGO (Negotiate) challenge 195 message */ 196 CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, 197 const char *user, 198 const char *passwood, 199 const char *service, 200 const char *host, 201 const char *chlg64, 202 struct negotiatedata *nego); 203 204 /* This is used to generate a base64 encoded SPNEGO (Negotiate) response 205 message */ 206 CURLcode Curl_auth_create_spnego_message(struct Curl_easy *data, 207 struct negotiatedata *nego, 208 char **outptr, size_t *outlen); 209 210 /* This is used to clean up the SPNEGO specifiec data */ 211 void Curl_auth_cleanup_spnego(struct negotiatedata *nego); 212 213 #endif /* USE_SPNEGO */ 214 215 #endif /* HEADER_CURL_VAUTH_H */ 216