src/auths/auth-spa.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/*
 * This file provides the necessary methods for authenticating with
 * Microsoft's Secure Password Authentication.

 * All the code used here was torn by Marc Prud'hommeaux out of the
 * Samba project (by Andrew Tridgell, Jeremy Allison, and others).
 */

/* December 2004: The spa_base64_to_bits() function has no length checking in
it. I have added a check. PH */

/* It seems that some systems have existing but different definitions of some
of the following types. I received a complaint about "int16" causing
compilation problems. So I (PH) have renamed them all, to be on the safe side.

typedef signed short int16;
typedef unsigned short uint16;
typedef unsigned uint32;
typedef unsigned char  uint8;
*/

typedef signed short int16x;
typedef unsigned short uint16x;
typedef unsigned uint32x;
typedef unsigned char  uint8x;

typedef struct
{
       uint16x         len;
       uint16x         maxlen;
       uint32x         offset;
} SPAStrHeader;

typedef struct
{
       char         ident[8];
       uint32x         msgType;
       SPAStrHeader    uDomain;
       uint32x         flags;
       uint8x         challengeData[8];
       uint8x         reserved[8];
       SPAStrHeader    emptyString;
       uint8x         buffer[1024];
       uint32x         bufIndex;
} SPAAuthChallenge;


typedef struct
{
       char         ident[8];
       uint32x         msgType;
       uint32x         flags;
       SPAStrHeader    user;
       SPAStrHeader    domain;
       uint8x         buffer[1024];
       uint32x         bufIndex;
} SPAAuthRequest;

typedef struct
{
       char         ident[8];
       uint32x         msgType;
       SPAStrHeader    lmResponse;
       SPAStrHeader    ntResponse;
       SPAStrHeader    uDomain;
       SPAStrHeader    uUser;
       SPAStrHeader    uWks;
       SPAStrHeader    sessionKey;
       uint32x         flags;
       uint8x         buffer[1024];
       uint32x         bufIndex;
} SPAAuthResponse;

#define spa_request_length(ptr) (((ptr)->buffer - (uint8x*)(ptr)) + (ptr)->bufIndex)

void spa_bits_to_base64 (unsigned char *, const unsigned char *, int);
int spa_base64_to_bits(char *, int, const char *);
void spa_build_auth_response (SPAAuthChallenge *challenge,
       SPAAuthResponse *response, char *user, char *password);
void spa_build_auth_request (SPAAuthRequest *request, char *user,
       char *domain);
extern void spa_smb_encrypt (unsigned char * passwd, unsigned char * c8,
                             unsigned char * p24);
extern void spa_smb_nt_encrypt (unsigned char * passwd, unsigned char * c8,
                                unsigned char * p24);
extern char *unicodeToString(char *p, size_t len);
extern void spa_build_auth_challenge(SPAAuthRequest *, SPAAuthChallenge *);