Documentation ¶
Overview ¶
Package ntlm provides access to the Microsoft NTLM SSP Package.
Index ¶
- Variables
- func AcquireCurrentUserCredentials() (*sspi.Credentials, error)
- func AcquireServerCredentials() (*sspi.Credentials, error)
- func AcquireUserCredentials(domain, username, password string) (*sspi.Credentials, error)
- type ClientContext
- type ServerContext
- func (c *ServerContext) Expiry() time.Time
- func (c *ServerContext) ImpersonateUser() error
- func (c *ServerContext) Release() error
- func (c *ServerContext) RevertToSelf() error
- func (c *ServerContext) Sizes() (uint32, uint32, uint32, uint32, error)
- func (c *ServerContext) Update(authenticate []byte) error
Constants ¶
This section is empty.
Variables ¶
var PackageInfo *sspi.PackageInfo
PackageInfo contains NTLM SSP package description.
Functions ¶
func AcquireCurrentUserCredentials ¶
func AcquireCurrentUserCredentials() (*sspi.Credentials, error)
AcquireCurrentUserCredentials acquires credentials of currently logged on user. These will be used by the client to authenticate itself to the server. It will also be used by the server to impersonate the user.
func AcquireServerCredentials ¶
func AcquireServerCredentials() (*sspi.Credentials, error)
AcquireServerCredentials acquires server credentials that will be used to authenticate client.
func AcquireUserCredentials ¶
func AcquireUserCredentials(domain, username, password string) (*sspi.Credentials, error)
AcquireUserCredentials acquires credentials of user described by domain, username and password. These will be used by the client to authenticate itself to the server. It will also be used by the server to impersonate the user.
Types ¶
type ClientContext ¶
type ClientContext struct {
// contains filtered or unexported fields
}
ClientContext is used by the client to manage all steps of NTLM negotiation.
func NewClientContext ¶
func NewClientContext(cred *sspi.Credentials) (*ClientContext, []byte, error)
NewClientContext creates new client context. It uses client credentials cred generated by AcquireCurrentUserCredentials or AcquireUserCredentials and, if successful, outputs negotiate message. Negotiate message needs to be sent to the server to start NTLM negotiation sequence.
func (*ClientContext) Expiry ¶
func (c *ClientContext) Expiry() time.Time
Expiry returns c expiry time.
func (*ClientContext) Release ¶
func (c *ClientContext) Release() error
Release free up resources associated with client context c.
type ServerContext ¶
type ServerContext struct {
// contains filtered or unexported fields
}
ServerContext is used by the server to manage all steps of NTLM negotiation. Once authentication is completed the context can be used to impersonate client.
func NewServerContext ¶
func NewServerContext(cred *sspi.Credentials, negotiate []byte) (*ServerContext, []byte, error)
NewServerContext creates new server context. It uses server credentials created by AcquireServerCredentials and client negotiate message and, if successful, outputs challenge message. Challenge message needs to be sent to the client to continue NTLM negotiation sequence.
func (*ServerContext) Expiry ¶
func (c *ServerContext) Expiry() time.Time
Expiry returns c expiry time.
func (*ServerContext) ImpersonateUser ¶
func (c *ServerContext) ImpersonateUser() error
ImpersonateUser changes current OS thread user. New user is the user as specified by client credentials.
func (*ServerContext) Release ¶
func (c *ServerContext) Release() error
Release free up resources associated with server context c.
func (*ServerContext) RevertToSelf ¶
func (c *ServerContext) RevertToSelf() error
RevertToSelf stops impersonation. It changes current OS thread user to what it was before ImpersonateUser was executed.
func (*ServerContext) Sizes ¶
Sizes queries the server context for the sizes used in per-message functions. It returns the maximum token size used in authentication exchanges, the maximum signature size, the preferred integral size of messages, the size of any security trailer, and any error.
func (*ServerContext) Update ¶
func (c *ServerContext) Update(authenticate []byte) error
Update completes server part of NTLM negotiation c. It uses authenticate message received from the client.