ntlmssp

package module
v0.0.0-...-e6ada40 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 17, 2023 License: MIT Imports: 18 Imported by: 0

README

go-ntlmssp

Golang package that provides NTLM/Negotiate authentication over HTTP

GoDoc Build Status

Protocol details from https://msdn.microsoft.com/en-us/library/cc236621.aspx Implementation hints from http://davenport.sourceforge.net/ntlm.html

This package only implements authentication, no key exchange or encryption. It only supports Unicode (UTF16LE) encoding of protocol strings, no OEM encoding. This package implements NTLMv2.

Usage

url, user, password := "http://www.example.com/secrets", "robpike", "pw123"
client := &http.Client{
  Transport: ntlmssp.Negotiator{
    RoundTripper:&http.Transport{},
  },
}

req, _ := http.NewRequest("GET", url, nil)
req.SetBasicAuth(user, password)
res, _ := client.Do(req)

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Documentation

Overview

Package ntlmssp provides NTLM/Negotiate authentication over HTTP

Protocol details from https://msdn.microsoft.com/en-us/library/cc236621.aspx, implementation hints from http://davenport.sourceforge.net/ntlm.html . This package only implements authentication, no key exchange or encryption. It only supports Unicode (UTF16LE) encoding of protocol strings, no OEM encoding. This package implements NTLMv2.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetDomain

func GetDomain(user string) (string, string)

GetDomain : parse domain name from based on slashes in the input

func NewNegotiateMessage

func NewNegotiateMessage(domainName, workstationName string) ([]byte, error)

NewNegotiateMessage creates a new NEGOTIATE message with the flags that this package supports.

func ProcessChallenge

func ProcessChallenge(negotiateMessageData, challengeMessageData []byte, user, password, domain, spn string, channelBinding []byte) ([]byte, error)

ProcessChallenge crafts an AUTHENTICATE message in response to the CHALLENGE message that was received from the server

Types

type AvFlags

type AvFlags uint32
const (
	AvFlagAuthenticationConstrained AvFlags = 0x00000001 // Indicates to the client that the account authentication is constrained.
	AvFlagMICPresent                AvFlags = 0x00000002 // Indicates that the client is providing message integrity in the MIC field (section 2.2.1.3) in the AUTHENTICATE_MESSAGE.<14>
	AvFlagUntrustedSPN              AvFlags = 0x00000004 // Indicates that the client is providing a target SPN generated from an untrusted source.<15>
)

func (*AvFlags) Set

func (f *AvFlags) Set(flag AvFlags)

type AvPairs

type AvPairs map[avID][]byte

func NewAvPairs

func NewAvPairs() AvPairs

type MIC

type MIC [16]byte

type NegotiateFlags

type NegotiateFlags uint32

func (NegotiateFlags) Has

func (field NegotiateFlags) Has(flags NegotiateFlags) bool

func (*NegotiateFlags) Unset

func (field *NegotiateFlags) Unset(flags NegotiateFlags)

type Negotiator

type Negotiator struct{ http.RoundTripper }

Negotiator is a http.Roundtripper decorator that automatically converts basic authentication to NTLM/Negotiate authentication when appropriate.

func (Negotiator) RoundTrip

func (l Negotiator) RoundTrip(req *http.Request) (res *http.Response, err error)

RoundTrip sends the request to the server, handling any authentication re-sends as needed.

type Version

type Version struct {
	ProductMajorVersion uint8
	ProductMinorVersion uint8
	ProductBuild        uint16

	NTLMRevisionCurrent uint8
	// contains filtered or unexported fields
}

Version is a struct representing https://msdn.microsoft.com/en-us/library/cc236654.aspx

func DefaultVersion

func DefaultVersion() Version

DefaultVersion returns a Version with "sensible" defaults (Windows 7)

func EmptyVersion

func EmptyVersion() Version

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL