1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Copyright 2013 Nexenta Systems, Inc.  All rights reserved.
27 */
28
29#ifndef _NTLMSSP_H
30#define	_NTLMSSP_H
31
32/*
33 * NT LanMan Security Support Package (NTLMSSP)
34 * Negotiation flags, etc.
35 *
36 * Reference: [MS-NLMP] NT LAN Manager (NTLM)
37 *   Authentication Protocol Specification
38 * http://msdn.microsoft.com/en-us/library/cc236621(PROT.10).aspx
39 */
40
41#ifdef __cplusplus
42extern "C" {
43#endif
44
45/*
46 * NTLMSSP Message Types
47 * [MS-NLMP] sec. 2.2.1
48 */
49#define	NTLMSSP_MSGTYPE_NEGOTIATE	1
50#define	NTLMSSP_MSGTYPE_CHALLENGE	2
51#define	NTLMSSP_MSGTYPE_AUTHENTICATE	3
52
53/*
54 * NTLMSSP Negotiate Flags
55 * [MS-NLMP] sec. 2.2.2.5
56 */
57#define	NTLMSSP_NEGOTIATE_UNICODE			0x00000001
58#define	NTLMSSP_NEGOTIATE_OEM				0x00000002
59#define	NTLMSSP_REQUEST_TARGET				0x00000004
60/*	reserved 					0x00000008 */
61#define	NTLMSSP_NEGOTIATE_SIGN				0x00000010
62#define	NTLMSSP_NEGOTIATE_SEAL				0x00000020
63#define	NTLMSSP_NEGOTIATE_DATAGRAM			0x00000040
64#define	NTLMSSP_NEGOTIATE_LM_KEY			0x00000080
65/*	reserved (netware)				0x00000100 */
66#define	NTLMSSP_NEGOTIATE_NTLM				0x00000200
67#define	NTLMSSP_NEGOTIATE_NT_ONLY			0x00000400
68#define	NTLMSSP_NEGOTIATE_NULL_SESSION			0x00000800
69#define	NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED		0x00001000
70#define	NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED	0x00002000
71/*	reserved (local caller)				0x00004000 */
72#define	NTLMSSP_NEGOTIATE_ALWAYS_SIGN			0x00008000
73#define	NTLMSSP_TARGET_TYPE_DOMAIN			0x00010000
74#define	NTLMSSP_TARGET_TYPE_SERVER			0x00020000
75#define	NTLMSSP_TARGET_TYPE_SHARE			0x00040000
76#define	NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY	0x00080000
77#define	NTLMSSP_NEGOTIATE_IDENTIFY			0x00100000
78/*	reserved					0x00200000 */
79#define	NTLMSSP_REQUEST_NON_NT_SESSION_KEY		0x00400000
80#define	NTLMSSP_NEGOTIATE_TARGET_INFO			0x00800000
81/*	reserved					0x01000000 */
82#define	NTLMSSP_NEGOTIATE_VERSION			0x02000000
83/*	reserved					0x04000000 */
84/*	reserved					0x08000000 */
85/*	reserved					0x10000000 */
86#define	NTLMSSP_NEGOTIATE_128				0x20000000
87#define	NTLMSSP_NEGOTIATE_KEY_EXCH			0x40000000
88#define	NTLMSSP_NEGOTIATE_56				0x80000000
89
90/*
91 * NTLMSSP AV_PAIR types
92 * [MS-NLMP] sec. 2.2.2.1
93 *
94 * The names are all LE-Unicode.
95 */
96typedef enum ntlmssp_AvId {
97	MsvAvEOL = 0,		/* End Of List */
98	MsvAvNbComputerName,	/* server's NetBIOS name */
99	MsvAvNbDomainName,	/* server's NetBIOS domain */
100	MsvAvDnsComputerName,	/* server's DNS name */
101	MsvAvDnsDomainName,	/* server's DNS domain */
102	MsvAvDnsTreeName,	/* server's Forest name */
103	MsvAvFlags,		/* 32-bit (LE) flags */
104	MsvAvTimestamp,		/* 64-bit time, [MS-DTYP] sec. 2.3.1 */
105	MsvAvRestrictions,	/* struct, [MS-NLMP] sec. 2.2.2.2 */
106	MsvAvTargetName,	/* SPN of the server */
107	MsvChannelBindings,	/* MD5 hash of GSS challen bindings */
108} ntlmssp_AvId_t;
109
110#ifdef __cplusplus
111}
112#endif
113
114#endif /* _NTLMSSP_H */
115