1*6236dae4SAndroid Build Coastguard Worker #ifndef HEADER_CURL_VAUTH_H 2*6236dae4SAndroid Build Coastguard Worker #define HEADER_CURL_VAUTH_H 3*6236dae4SAndroid Build Coastguard Worker /*************************************************************************** 4*6236dae4SAndroid Build Coastguard Worker * _ _ ____ _ 5*6236dae4SAndroid Build Coastguard Worker * Project ___| | | | _ \| | 6*6236dae4SAndroid Build Coastguard Worker * / __| | | | |_) | | 7*6236dae4SAndroid Build Coastguard Worker * | (__| |_| | _ <| |___ 8*6236dae4SAndroid Build Coastguard Worker * \___|\___/|_| \_\_____| 9*6236dae4SAndroid Build Coastguard Worker * 10*6236dae4SAndroid Build Coastguard Worker * Copyright (C) Steve Holme, <[email protected]>. 11*6236dae4SAndroid Build Coastguard Worker * 12*6236dae4SAndroid Build Coastguard Worker * This software is licensed as described in the file COPYING, which 13*6236dae4SAndroid Build Coastguard Worker * you should have received as part of this distribution. The terms 14*6236dae4SAndroid Build Coastguard Worker * are also available at https://curl.se/docs/copyright.html. 15*6236dae4SAndroid Build Coastguard Worker * 16*6236dae4SAndroid Build Coastguard Worker * You may opt to use, copy, modify, merge, publish, distribute and/or sell 17*6236dae4SAndroid Build Coastguard Worker * copies of the Software, and permit persons to whom the Software is 18*6236dae4SAndroid Build Coastguard Worker * furnished to do so, under the terms of the COPYING file. 19*6236dae4SAndroid Build Coastguard Worker * 20*6236dae4SAndroid Build Coastguard Worker * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 21*6236dae4SAndroid Build Coastguard Worker * KIND, either express or implied. 22*6236dae4SAndroid Build Coastguard Worker * 23*6236dae4SAndroid Build Coastguard Worker * SPDX-License-Identifier: curl 24*6236dae4SAndroid Build Coastguard Worker * 25*6236dae4SAndroid Build Coastguard Worker ***************************************************************************/ 26*6236dae4SAndroid Build Coastguard Worker 27*6236dae4SAndroid Build Coastguard Worker #include <curl/curl.h> 28*6236dae4SAndroid Build Coastguard Worker 29*6236dae4SAndroid Build Coastguard Worker #include "bufref.h" 30*6236dae4SAndroid Build Coastguard Worker 31*6236dae4SAndroid Build Coastguard Worker struct Curl_easy; 32*6236dae4SAndroid Build Coastguard Worker 33*6236dae4SAndroid Build Coastguard Worker #if !defined(CURL_DISABLE_DIGEST_AUTH) 34*6236dae4SAndroid Build Coastguard Worker struct digestdata; 35*6236dae4SAndroid Build Coastguard Worker #endif 36*6236dae4SAndroid Build Coastguard Worker 37*6236dae4SAndroid Build Coastguard Worker #if defined(USE_NTLM) 38*6236dae4SAndroid Build Coastguard Worker struct ntlmdata; 39*6236dae4SAndroid Build Coastguard Worker #endif 40*6236dae4SAndroid Build Coastguard Worker 41*6236dae4SAndroid Build Coastguard Worker #if defined(USE_KERBEROS5) 42*6236dae4SAndroid Build Coastguard Worker struct kerberos5data; 43*6236dae4SAndroid Build Coastguard Worker #endif 44*6236dae4SAndroid Build Coastguard Worker 45*6236dae4SAndroid Build Coastguard Worker #if (defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)) && defined(USE_SPNEGO) 46*6236dae4SAndroid Build Coastguard Worker struct negotiatedata; 47*6236dae4SAndroid Build Coastguard Worker #endif 48*6236dae4SAndroid Build Coastguard Worker 49*6236dae4SAndroid Build Coastguard Worker #if defined(USE_GSASL) 50*6236dae4SAndroid Build Coastguard Worker struct gsasldata; 51*6236dae4SAndroid Build Coastguard Worker #endif 52*6236dae4SAndroid Build Coastguard Worker 53*6236dae4SAndroid Build Coastguard Worker #if defined(USE_WINDOWS_SSPI) 54*6236dae4SAndroid Build Coastguard Worker #define GSS_ERROR(status) ((status) & 0x80000000) 55*6236dae4SAndroid Build Coastguard Worker #endif 56*6236dae4SAndroid Build Coastguard Worker 57*6236dae4SAndroid Build Coastguard Worker /* 58*6236dae4SAndroid Build Coastguard Worker * Curl_auth_allowed_to_host() tells if authentication, cookies or other 59*6236dae4SAndroid Build Coastguard Worker * "sensitive data" can (still) be sent to this host. 60*6236dae4SAndroid Build Coastguard Worker */ 61*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_allowed_to_host(struct Curl_easy *data); 62*6236dae4SAndroid Build Coastguard Worker 63*6236dae4SAndroid Build Coastguard Worker /* This is used to build a SPN string */ 64*6236dae4SAndroid Build Coastguard Worker #if !defined(USE_WINDOWS_SSPI) 65*6236dae4SAndroid Build Coastguard Worker char *Curl_auth_build_spn(const char *service, const char *host, 66*6236dae4SAndroid Build Coastguard Worker const char *realm); 67*6236dae4SAndroid Build Coastguard Worker #else 68*6236dae4SAndroid Build Coastguard Worker TCHAR *Curl_auth_build_spn(const char *service, const char *host, 69*6236dae4SAndroid Build Coastguard Worker const char *realm); 70*6236dae4SAndroid Build Coastguard Worker #endif 71*6236dae4SAndroid Build Coastguard Worker 72*6236dae4SAndroid Build Coastguard Worker /* This is used to test if the user contains a Windows domain name */ 73*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_user_contains_domain(const char *user); 74*6236dae4SAndroid Build Coastguard Worker 75*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a PLAIN cleartext message */ 76*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_plain_message(const char *authzid, 77*6236dae4SAndroid Build Coastguard Worker const char *authcid, 78*6236dae4SAndroid Build Coastguard Worker const char *passwd, 79*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 80*6236dae4SAndroid Build Coastguard Worker 81*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a LOGIN cleartext message */ 82*6236dae4SAndroid Build Coastguard Worker void Curl_auth_create_login_message(const char *value, struct bufref *out); 83*6236dae4SAndroid Build Coastguard Worker 84*6236dae4SAndroid Build Coastguard Worker /* This is used to generate an EXTERNAL cleartext message */ 85*6236dae4SAndroid Build Coastguard Worker void Curl_auth_create_external_message(const char *user, struct bufref *out); 86*6236dae4SAndroid Build Coastguard Worker 87*6236dae4SAndroid Build Coastguard Worker #ifndef CURL_DISABLE_DIGEST_AUTH 88*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a CRAM-MD5 response message */ 89*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_cram_md5_message(const struct bufref *chlg, 90*6236dae4SAndroid Build Coastguard Worker const char *userp, 91*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 92*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 93*6236dae4SAndroid Build Coastguard Worker 94*6236dae4SAndroid Build Coastguard Worker /* This is used to evaluate if DIGEST is supported */ 95*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_is_digest_supported(void); 96*6236dae4SAndroid Build Coastguard Worker 97*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded DIGEST-MD5 response message */ 98*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, 99*6236dae4SAndroid Build Coastguard Worker const struct bufref *chlg, 100*6236dae4SAndroid Build Coastguard Worker const char *userp, 101*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 102*6236dae4SAndroid Build Coastguard Worker const char *service, 103*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 104*6236dae4SAndroid Build Coastguard Worker 105*6236dae4SAndroid Build Coastguard Worker /* This is used to decode an HTTP DIGEST challenge message */ 106*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_decode_digest_http_message(const char *chlg, 107*6236dae4SAndroid Build Coastguard Worker struct digestdata *digest); 108*6236dae4SAndroid Build Coastguard Worker 109*6236dae4SAndroid Build Coastguard Worker /* This is used to generate an HTTP DIGEST response message */ 110*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, 111*6236dae4SAndroid Build Coastguard Worker const char *userp, 112*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 113*6236dae4SAndroid Build Coastguard Worker const unsigned char *request, 114*6236dae4SAndroid Build Coastguard Worker const unsigned char *uri, 115*6236dae4SAndroid Build Coastguard Worker struct digestdata *digest, 116*6236dae4SAndroid Build Coastguard Worker char **outptr, size_t *outlen); 117*6236dae4SAndroid Build Coastguard Worker 118*6236dae4SAndroid Build Coastguard Worker /* This is used to clean up the digest specific data */ 119*6236dae4SAndroid Build Coastguard Worker void Curl_auth_digest_cleanup(struct digestdata *digest); 120*6236dae4SAndroid Build Coastguard Worker #endif /* !CURL_DISABLE_DIGEST_AUTH */ 121*6236dae4SAndroid Build Coastguard Worker 122*6236dae4SAndroid Build Coastguard Worker #ifdef USE_GSASL 123*6236dae4SAndroid Build Coastguard Worker /* This is used to evaluate if MECH is supported by gsasl */ 124*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_gsasl_is_supported(struct Curl_easy *data, 125*6236dae4SAndroid Build Coastguard Worker const char *mech, 126*6236dae4SAndroid Build Coastguard Worker struct gsasldata *gsasl); 127*6236dae4SAndroid Build Coastguard Worker /* This is used to start a gsasl method */ 128*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_gsasl_start(struct Curl_easy *data, 129*6236dae4SAndroid Build Coastguard Worker const char *userp, 130*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 131*6236dae4SAndroid Build Coastguard Worker struct gsasldata *gsasl); 132*6236dae4SAndroid Build Coastguard Worker 133*6236dae4SAndroid Build Coastguard Worker /* This is used to process and generate a new SASL token */ 134*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_gsasl_token(struct Curl_easy *data, 135*6236dae4SAndroid Build Coastguard Worker const struct bufref *chlg, 136*6236dae4SAndroid Build Coastguard Worker struct gsasldata *gsasl, 137*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 138*6236dae4SAndroid Build Coastguard Worker 139*6236dae4SAndroid Build Coastguard Worker /* This is used to clean up the gsasl specific data */ 140*6236dae4SAndroid Build Coastguard Worker void Curl_auth_gsasl_cleanup(struct gsasldata *digest); 141*6236dae4SAndroid Build Coastguard Worker #endif 142*6236dae4SAndroid Build Coastguard Worker 143*6236dae4SAndroid Build Coastguard Worker #if defined(USE_NTLM) 144*6236dae4SAndroid Build Coastguard Worker /* This is used to evaluate if NTLM is supported */ 145*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_is_ntlm_supported(void); 146*6236dae4SAndroid Build Coastguard Worker 147*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded NTLM type-1 message */ 148*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, 149*6236dae4SAndroid Build Coastguard Worker const char *userp, 150*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 151*6236dae4SAndroid Build Coastguard Worker const char *service, 152*6236dae4SAndroid Build Coastguard Worker const char *host, 153*6236dae4SAndroid Build Coastguard Worker struct ntlmdata *ntlm, 154*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 155*6236dae4SAndroid Build Coastguard Worker 156*6236dae4SAndroid Build Coastguard Worker /* This is used to decode a base64 encoded NTLM type-2 message */ 157*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, 158*6236dae4SAndroid Build Coastguard Worker const struct bufref *type2, 159*6236dae4SAndroid Build Coastguard Worker struct ntlmdata *ntlm); 160*6236dae4SAndroid Build Coastguard Worker 161*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded NTLM type-3 message */ 162*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, 163*6236dae4SAndroid Build Coastguard Worker const char *userp, 164*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 165*6236dae4SAndroid Build Coastguard Worker struct ntlmdata *ntlm, 166*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 167*6236dae4SAndroid Build Coastguard Worker 168*6236dae4SAndroid Build Coastguard Worker /* This is used to clean up the NTLM specific data */ 169*6236dae4SAndroid Build Coastguard Worker void Curl_auth_cleanup_ntlm(struct ntlmdata *ntlm); 170*6236dae4SAndroid Build Coastguard Worker #endif /* USE_NTLM */ 171*6236dae4SAndroid Build Coastguard Worker 172*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded OAuth 2.0 message */ 173*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_oauth_bearer_message(const char *user, 174*6236dae4SAndroid Build Coastguard Worker const char *host, 175*6236dae4SAndroid Build Coastguard Worker const long port, 176*6236dae4SAndroid Build Coastguard Worker const char *bearer, 177*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 178*6236dae4SAndroid Build Coastguard Worker 179*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded XOAuth 2.0 message */ 180*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_xoauth_bearer_message(const char *user, 181*6236dae4SAndroid Build Coastguard Worker const char *bearer, 182*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 183*6236dae4SAndroid Build Coastguard Worker 184*6236dae4SAndroid Build Coastguard Worker #if defined(USE_KERBEROS5) 185*6236dae4SAndroid Build Coastguard Worker /* This is used to evaluate if GSSAPI (Kerberos V5) is supported */ 186*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_is_gssapi_supported(void); 187*6236dae4SAndroid Build Coastguard Worker 188*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded GSSAPI (Kerberos V5) user token 189*6236dae4SAndroid Build Coastguard Worker message */ 190*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, 191*6236dae4SAndroid Build Coastguard Worker const char *userp, 192*6236dae4SAndroid Build Coastguard Worker const char *passwdp, 193*6236dae4SAndroid Build Coastguard Worker const char *service, 194*6236dae4SAndroid Build Coastguard Worker const char *host, 195*6236dae4SAndroid Build Coastguard Worker const bool mutual, 196*6236dae4SAndroid Build Coastguard Worker const struct bufref *chlg, 197*6236dae4SAndroid Build Coastguard Worker struct kerberos5data *krb5, 198*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 199*6236dae4SAndroid Build Coastguard Worker 200*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded GSSAPI (Kerberos V5) security 201*6236dae4SAndroid Build Coastguard Worker token message */ 202*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, 203*6236dae4SAndroid Build Coastguard Worker const char *authzid, 204*6236dae4SAndroid Build Coastguard Worker const struct bufref *chlg, 205*6236dae4SAndroid Build Coastguard Worker struct kerberos5data *krb5, 206*6236dae4SAndroid Build Coastguard Worker struct bufref *out); 207*6236dae4SAndroid Build Coastguard Worker 208*6236dae4SAndroid Build Coastguard Worker /* This is used to clean up the GSSAPI specific data */ 209*6236dae4SAndroid Build Coastguard Worker void Curl_auth_cleanup_gssapi(struct kerberos5data *krb5); 210*6236dae4SAndroid Build Coastguard Worker #endif /* USE_KERBEROS5 */ 211*6236dae4SAndroid Build Coastguard Worker 212*6236dae4SAndroid Build Coastguard Worker #if defined(USE_SPNEGO) 213*6236dae4SAndroid Build Coastguard Worker /* This is used to evaluate if SPNEGO (Negotiate) is supported */ 214*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_is_spnego_supported(void); 215*6236dae4SAndroid Build Coastguard Worker 216*6236dae4SAndroid Build Coastguard Worker /* This is used to decode a base64 encoded SPNEGO (Negotiate) challenge 217*6236dae4SAndroid Build Coastguard Worker message */ 218*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, 219*6236dae4SAndroid Build Coastguard Worker const char *user, 220*6236dae4SAndroid Build Coastguard Worker const char *password, 221*6236dae4SAndroid Build Coastguard Worker const char *service, 222*6236dae4SAndroid Build Coastguard Worker const char *host, 223*6236dae4SAndroid Build Coastguard Worker const char *chlg64, 224*6236dae4SAndroid Build Coastguard Worker struct negotiatedata *nego); 225*6236dae4SAndroid Build Coastguard Worker 226*6236dae4SAndroid Build Coastguard Worker /* This is used to generate a base64 encoded SPNEGO (Negotiate) response 227*6236dae4SAndroid Build Coastguard Worker message */ 228*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_spnego_message(struct negotiatedata *nego, 229*6236dae4SAndroid Build Coastguard Worker char **outptr, size_t *outlen); 230*6236dae4SAndroid Build Coastguard Worker 231*6236dae4SAndroid Build Coastguard Worker /* This is used to clean up the SPNEGO specific data */ 232*6236dae4SAndroid Build Coastguard Worker void Curl_auth_cleanup_spnego(struct negotiatedata *nego); 233*6236dae4SAndroid Build Coastguard Worker 234*6236dae4SAndroid Build Coastguard Worker #endif /* USE_SPNEGO */ 235*6236dae4SAndroid Build Coastguard Worker 236*6236dae4SAndroid Build Coastguard Worker #endif /* HEADER_CURL_VAUTH_H */ 237