1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
-- $Id$
SPNEGO DEFINITIONS ::=
BEGIN
MechType::= OBJECT IDENTIFIER
MechTypeList ::= SEQUENCE OF MechType
ContextFlags ::= BIT STRING {
delegFlag (0),
mutualFlag (1),
replayFlag (2),
sequenceFlag (3),
anonFlag (4),
confFlag (5),
integFlag (6)
}
NegHints ::= SEQUENCE {
hintName [0] GeneralString OPTIONAL,
hintAddress [1] OCTET STRING OPTIONAL
}
NegTokenInit2 ::= SEQUENCE {
mechTypes [0] MechTypeList,
reqFlags [1] ContextFlags OPTIONAL,
mechToken [2] OCTET STRING OPTIONAL,
negHints [3] NegHints OPTIONAL
}
NegTokenInit ::= SEQUENCE {
mechTypes [0] MechTypeList,
reqFlags [1] ContextFlags OPTIONAL,
mechToken [2] OCTET STRING OPTIONAL,
mechListMIC [3] OCTET STRING OPTIONAL,
...
}
NegStateEnum ::= ENUMERATED {
accept-completed(0),
accept-incomplete(1),
reject(2),
request-mic(3)
}
-- NB: negState is not OPTIONAL in the new SPNEGO spec but
-- Windows clients do not always send it
NegTokenResp ::= SEQUENCE {
negState [0] NegStateEnum OPTIONAL,
supportedMech [1] MechType OPTIONAL,
responseToken [2] OCTET STRING OPTIONAL,
mechListMIC [3] OCTET STRING OPTIONAL,
...
}
NegotiationToken ::= CHOICE {
negTokenInit[0] NegTokenInit,
negTokenResp[1] NegTokenResp
}
NegotiationToken2 ::= CHOICE {
negTokenInit[0] NegTokenInit2
}
END
|