You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by hu...@apache.org on 2014/01/03 11:17:55 UTC
[22/50] [abbrv] CLOUDSTACK-5344: Updated to allow rdp console to
access hyper-v vm virtual framebuffer.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/48c47101/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NegoFlags.java
----------------------------------------------------------------------
diff --git a/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NegoFlags.java b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NegoFlags.java
new file mode 100755
index 0000000..3208a77
--- /dev/null
+++ b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NegoFlags.java
@@ -0,0 +1,492 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package rdpclient.ntlmssp;
+
+/**
+ * During NTLM authentication, each of the following flags is a possible value
+ * of the NegotiateFlags field of the NEGOTIATE_MESSAGE, CHALLENGE_MESSAGE, and
+ * AUTHENTICATE_MESSAGE, unless otherwise noted. These flags define client or
+ * server NTLM capabilities supported by the sender.
+ *
+ * @see http://msdn.microsoft.com/en-us/library/cc236650.aspx
+ */
+public class NegoFlags {
+
+ /**
+ * 56-bit encryption. If the client sends NTLMSSP_NEGOTIATE_SEAL or
+ * NTLMSSP_NEGOTIATE_SIGN with NTLMSSP_NEGOTIATE_56 to the server in the
+ * NEGOTIATE_MESSAGE, the server MUST return NTLMSSP_NEGOTIATE_56 to the
+ * client in the CHALLENGE_MESSAGE. Otherwise it is ignored. If both
+ * NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 are requested and supported
+ * by the client and server, NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128
+ * will both be returned to the client. Clients and servers that set
+ * NTLMSSP_NEGOTIATE_SEAL SHOULD set NTLMSSP_NEGOTIATE_56 if it is supported.
+ * An alternate name for this field is
+ */
+ public static final int NTLMSSP_NEGOTIATE_56 = 0x80000000;
+
+ /**
+ * Explicit key exchange. This capability SHOULD be used because it improves
+ * security for message integrity or confidentiality. See sections 3.2.5.1.2,
+ * 3.2.5.2.1, and 3.2.5.2.2 for details.
+ */
+ public static final int NTLMSSP_NEGOTIATE_KEY_EXCH = 0x40000000;
+
+ /**
+ * 128-bit session key negotiation. An alternate name for this field is
+ * NTLMSSP_NEGOTIATE_128. If the client sends NTLMSSP_NEGOTIATE_128 to the
+ * server in the NEGOTIATE_MESSAGE, the server MUST return
+ * NTLMSSP_NEGOTIATE_128 to the client in the CHALLENGE_MESSAGE only if the
+ * client sets NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN. Otherwise it
+ * is ignored. If both NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 are
+ * requested and supported by the client and server, NTLMSSP_NEGOTIATE_56 and
+ * NTLMSSP_NEGOTIATE_128 will both be returned to the client. Clients and
+ * servers that set NTLMSSP_NEGOTIATE_SEAL SHOULD set NTLMSSP_NEGOTIATE_128 if
+ * it is supported.
+ */
+ public static final int NTLMSSP_NEGOTIATE_128 = 0x20000000;
+
+ /**
+ * Protocol version number. The data corresponding to this flag is provided in
+ * the Version field of the NEGOTIATE_MESSAGE, the CHALLENGE_MESSAGE, and the
+ * AUTHENTICATE_MESSAGE.
+ */
+ public static final int NTLMSSP_NEGOTIATE_VERSION = 0x02000000;
+
+ /**
+ * TargetInfo fields in the CHALLENGE_MESSAGE (section 2.2.1.2) are populated.
+ */
+ public static final int NTLMSSP_NEGOTIATE_TARGET_INFO = 0x00800000;
+
+ /** LMOWF (section 3.3). */
+ public static final int NTLMSSP_REQUEST_NON_NT_SESSION_KEY = 0x00400000;
+
+ /** An identify level token. */
+ public static final int NTLMSSP_NEGOTIATE_IDENTIFY = 0x00100000;
+
+ /**
+ * NTLM v2 session security. NTLM v2 session security is a misnomer because it
+ * is not NTLM v2. It is NTLM v1 using the extended session security that is
+ * also in NTLM v2. NTLMSSP_NEGOTIATE_LM_KEY and
+ * NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both
+ * NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY and NTLMSSP_NEGOTIATE_LM_KEY are
+ * requested, NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be
+ * returned to the client. NTLM v2 authentication session key generation MUST
+ * be supported by both the client and the DC in order to be used, and
+ * extended session security signing and sealing requires support from the
+ * client and the server in order to be used.
+ */
+ public static final int NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY = 0x00080000;
+
+ /**
+ * TargetName MUST be a server name. The data corresponding to this flag is
+ * provided by the server in the TargetName field of the CHALLENGE_MESSAGE. If
+ * this bit is set, then NTLMSSP_TARGET_TYPE_DOMAIN MUST NOT be set. This flag
+ * MUST be ignored in the NEGOTIATE_MESSAGE and the AUTHENTICATE_MESSAGE.
+ */
+ public static final int NTLMSSP_TARGET_TYPE_SERVER = 0x00020000;
+
+ /**
+ * TargetName MUST be a domain name. The data corresponding to this flag is
+ * provided by the server in the TargetName field of the CHALLENGE_MESSAGE. If
+ * set, then NTLMSSP_TARGET_TYPE_SERVER MUST NOT be set. This flag MUST be
+ * ignored in the NEGOTIATE_MESSAGE and the AUTHENTICATE_MESSAGE.
+ */
+ public static final int NTLMSSP_TARGET_TYPE_DOMAIN = 0x00010000;
+
+ /**
+ * Signature block on all messages. NTLMSSP_NEGOTIATE_ALWAYS_SIGN MUST be set
+ * in the NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the
+ * client. NTLMSSP_NEGOTIATE_ALWAYS_SIGN is overridden by
+ * NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL, if they are supported.
+ */
+ public static final int NTLMSSP_NEGOTIATE_ALWAYS_SIGN = 0x00008000;
+
+ /**
+ * Workstation field is present. If this flag is not set, the Workstation
+ * field MUST be ignored. If this flag is set, the length field of the
+ * Workstation field specifies whether the workstation name is nonempty or
+ * not.
+ */
+ public static final int NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED = 0x00002000;
+
+ /**
+ * Domain name is provided.
+ *
+ * Sent by the client in the Type 1 message to indicate that the name of the
+ * domain in which the client workstation has membership is included in the
+ * message. This is used by the server to determine whether the client is
+ * eligible for local authentication.
+ */
+ public static final int NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED = 0x00001000;
+
+ /**
+ * Connection SHOULD be anonymous.
+ *
+ * Sent by the client in the Type 3 message to indicate that an anonymous
+ * context has been established. This also affects the response fields (as
+ * detailed in the "Anonymous Response" section).
+ */
+ public static final int NTLMSSP_NEGOTIATE_ANONYMOUS = 0x00000800;
+
+ /**
+ * Usage of the NTLM v1 session security protocol. NTLMSSP_NEGOTIATE_NTLM MUST
+ * be set in the NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to
+ * the client.
+ */
+ public static final int NTLMSSP_NEGOTIATE_NTLM = 0x00000200;
+
+ /**
+ * LAN Manager (LM) session key computation. NTLMSSP_NEGOTIATE_LM_KEY and
+ * NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both
+ * NTLMSSP_NEGOTIATE_LM_KEY and NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are
+ * requested, NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be
+ * returned to the client. NTLM v2 authentication session key generation MUST
+ * be supported by both the client and the DC in order to be used, and
+ * extended session security signing and sealing requires support from the
+ * client and the server to be used.
+ */
+ public static final int NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080;
+
+ /**
+ * Connectionless authentication. If NTLMSSP_NEGOTIATE_DATAGRAM is set, then
+ * NTLMSSP_NEGOTIATE_KEY_EXCH MUST always be set in the AUTHENTICATE_MESSAGE
+ * to the server and the CHALLENGE_MESSAGE to the client.
+ */
+ public static final int NTLMSSP_NEGOTIATE_DATAGRAM = 0x00000040;
+
+ /**
+ * Session key negotiation for message confidentiality. If the client sends
+ * NTLMSSP_NEGOTIATE_SEAL to the server in the NEGOTIATE_MESSAGE, the server
+ * MUST return NTLMSSP_NEGOTIATE_SEAL to the client in the CHALLENGE_MESSAGE.
+ * Clients and servers that set NTLMSSP_NEGOTIATE_SEAL SHOULD always set
+ * NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128, if they are supported.
+ */
+ public static final int NTLMSSP_NEGOTIATE_SEAL = 0x00000020;
+
+ /**
+ * Session key negotiation for message signatures. If the client sends
+ * NTLMSSP_NEGOTIATE_SIGN to the server in the NEGOTIATE_MESSAGE, the server
+ * MUST return NTLMSSP_NEGOTIATE_SIGN to the client in the CHALLENGE_MESSAGE.
+ */
+ public static final int NTLMSSP_NEGOTIATE_SIGN = 0x00000010;
+
+ /**
+ * TargetName field of the CHALLENGE_MESSAGE (section 2.2.1.2) MUST be
+ * supplied.
+ */
+ public static final int NTLMSSP_REQUEST_TARGET = 0x00000004;
+
+ /**
+ * OEM character set encoding.
+ *
+ * @see NTLMSSP_NEGOTIATE_UNICODE
+ */
+ public static final int NTLMSSP_NEGOTIATE_OEM = 0x00000002;
+
+ /**
+ * Unicode character set encoding.
+ *
+ * The NTLMSSP_NEGOTIATE_UNICODE(A) and NTLM_NEGOTIATE_OEM(B) bits are
+ * evaluated together as follows:
+ * <ul>
+ * <li>A==1: The choice of character set encoding MUST be Unicode.
+ *
+ * <li>A==0 and B==1: The choice of character set encoding MUST be OEM.
+ *
+ * <li>A==0 and B==0: The protocol MUST return SEC_E_INVALID_TOKEN.
+ * <ul>
+ * */
+ public static final int NTLMSSP_NEGOTIATE_UNICODE = 0x00000001;
+
+ public int value;
+
+ public NegoFlags(int value) {
+ this.value = value;
+ }
+
+ public NegoFlags() {
+ value = 0;
+ }
+
+ @Override
+ public String toString() {
+ return String.format("NegoFlags [value=0x%04x (%s)]", value, flagsToSting());
+ }
+
+ public String flagsToSting() {
+
+ String str = "";
+
+ if (NEGOTIATE_56())
+ str += "NEGOTIATE_56 ";
+ if (NEGOTIATE_KEY_EXCH())
+ str += "NEGOTIATE_KEY_EXCH ";
+ if (NEGOTIATE_128())
+ str += "NEGOTIATE_128 ";
+ if (NEGOTIATE_VERSION())
+ str += "NEGOTIATE_VERSION ";
+ if (NEGOTIATE_TARGET_INFO())
+ str += "NEGOTIATE_TARGET_INFO ";
+ if (REQUEST_NON_NT_SESSION_KEY())
+ str += "REQUEST_NON_NT_SESSION_KEY ";
+ if (NEGOTIATE_IDENTIFY())
+ str += "NEGOTIATE_IDENTIFY ";
+ if (NEGOTIATE_EXTENDED_SESSION_SECURITY())
+ str += "NEGOTIATE_EXTENDED_SESSION_SECURITY ";
+ if (TARGET_TYPE_SERVER())
+ str += "TARGET_TYPE_SERVER ";
+ if (TARGET_TYPE_DOMAIN())
+ str += "TARGET_TYPE_DOMAIN ";
+ if (NEGOTIATE_ALWAYS_SIGN())
+ str += "NEGOTIATE_ALWAYS_SIGN ";
+ if (NEGOTIATE_OEM_WORKSTATION_SUPPLIED())
+ str += "NEGOTIATE_OEM_WORKSTATION_SUPPLIED ";
+ if (NEGOTIATE_OEM_DOMAIN_SUPPLIED())
+ str += "NEGOTIATE_OEM_DOMAIN_SUPPLIED ";
+ if (NEGOTIATE_ANONYMOUS())
+ str += "NEGOTIATE_ANONYMOUS ";
+ if (NEGOTIATE_NTLM())
+ str += "NEGOTIATE_NTLM ";
+ if (NEGOTIATE_LM_KEY())
+ str += "NEGOTIATE_LM_KEY ";
+ if (NEGOTIATE_DATAGRAM())
+ str += "NEGOTIATE_DATAGRAM ";
+ if (NEGOTIATE_SEAL())
+ str += "NEGOTIATE_SEAL ";
+ if (NEGOTIATE_SIGN())
+ str += "NEGOTIATE_SIGN ";
+ if (REQUEST_TARGET())
+ str += "REQUEST_TARGET ";
+ if (NEGOTIATE_OEM())
+ str += "NEGOTIATE_OEM ";
+ if (NEGOTIATE_UNICODE())
+ str += "NEGOTIATE_UNICODE ";
+
+ return str;
+ }
+
+ public boolean NEGOTIATE_56() {
+ return ((value & NTLMSSP_NEGOTIATE_56) != 0);
+ }
+
+ public boolean NEGOTIATE_KEY_EXCH() {
+ return ((value & NTLMSSP_NEGOTIATE_KEY_EXCH) != 0);
+ }
+
+ public boolean NEGOTIATE_128() {
+ return ((value & NTLMSSP_NEGOTIATE_128) != 0);
+ }
+
+ public boolean NEGOTIATE_VERSION() {
+ return ((value & NTLMSSP_NEGOTIATE_VERSION) != 0);
+ }
+
+ public boolean NEGOTIATE_TARGET_INFO() {
+ return ((value & NTLMSSP_NEGOTIATE_TARGET_INFO) != 0);
+ }
+
+ public boolean REQUEST_NON_NT_SESSION_KEY() {
+ return ((value & NTLMSSP_REQUEST_NON_NT_SESSION_KEY) != 0);
+ }
+
+ public boolean NEGOTIATE_IDENTIFY() {
+ return ((value & NTLMSSP_NEGOTIATE_IDENTIFY) != 0);
+ }
+
+ public boolean NEGOTIATE_EXTENDED_SESSION_SECURITY() {
+ return ((value & NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY) != 0);
+ }
+
+ public boolean TARGET_TYPE_SERVER() {
+ return ((value & NTLMSSP_TARGET_TYPE_SERVER) != 0);
+ }
+
+ public boolean TARGET_TYPE_DOMAIN() {
+ return ((value & NTLMSSP_TARGET_TYPE_DOMAIN) != 0);
+ }
+
+ public boolean NEGOTIATE_ALWAYS_SIGN() {
+ return ((value & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) != 0);
+ }
+
+ public boolean NEGOTIATE_OEM_WORKSTATION_SUPPLIED() {
+ return ((value & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) != 0);
+ }
+
+ public boolean NEGOTIATE_OEM_DOMAIN_SUPPLIED() {
+ return ((value & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) != 0);
+ }
+
+ public boolean NEGOTIATE_ANONYMOUS() {
+ return ((value & NTLMSSP_NEGOTIATE_ANONYMOUS) != 0);
+ }
+
+ public boolean NEGOTIATE_NTLM() {
+ return ((value & NTLMSSP_NEGOTIATE_NTLM) != 0);
+ }
+
+ public boolean NEGOTIATE_LM_KEY() {
+ return ((value & NTLMSSP_NEGOTIATE_LM_KEY) != 0);
+ }
+
+ public boolean NEGOTIATE_DATAGRAM() {
+ return ((value & NTLMSSP_NEGOTIATE_DATAGRAM) != 0);
+ }
+
+ public boolean NEGOTIATE_SEAL() {
+ return ((value & NTLMSSP_NEGOTIATE_SEAL) != 0);
+ }
+
+ public boolean NEGOTIATE_SIGN() {
+ return ((value & NTLMSSP_NEGOTIATE_SIGN) != 0);
+ }
+
+ public boolean REQUEST_TARGET() {
+ return ((value & NTLMSSP_REQUEST_TARGET) != 0);
+ }
+
+ public boolean NEGOTIATE_OEM() {
+ return ((value & NTLMSSP_NEGOTIATE_OEM) != 0);
+ }
+
+ public boolean NEGOTIATE_UNICODE() {
+ return ((value & NTLMSSP_NEGOTIATE_UNICODE) != 0);
+ }
+
+ public NegoFlags set_NEGOTIATE_56() {
+ value |= NTLMSSP_NEGOTIATE_56;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_KEY_EXCH() {
+ value |= NTLMSSP_NEGOTIATE_KEY_EXCH;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_128() {
+ value |= NTLMSSP_NEGOTIATE_128;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_VERSION() {
+ value |= NTLMSSP_NEGOTIATE_VERSION;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_TARGET_INFO() {
+ value |= NTLMSSP_NEGOTIATE_TARGET_INFO;
+ return this;
+ }
+
+ public NegoFlags set_REQUEST_NON_NT_SESSION_KEY() {
+ value |= NTLMSSP_REQUEST_NON_NT_SESSION_KEY;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_IDENTIFY() {
+ value |= NTLMSSP_NEGOTIATE_IDENTIFY;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_EXTENDED_SESSION_SECURITY() {
+ value |= NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY;
+ return this;
+ }
+
+ public NegoFlags set_TARGET_TYPE_SERVER() {
+ value |= NTLMSSP_TARGET_TYPE_SERVER;
+ return this;
+ }
+
+ public NegoFlags set_TARGET_TYPE_DOMAIN() {
+ value |= NTLMSSP_TARGET_TYPE_DOMAIN;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_ALWAYS_SIGN() {
+ value |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_OEM_WORKSTATION_SUPPLIED() {
+ value |= NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_OEM_DOMAIN_SUPPLIED() {
+ value |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_ANONYMOUS() {
+ value |= NTLMSSP_NEGOTIATE_ANONYMOUS;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_NTLM() {
+ value |= NTLMSSP_NEGOTIATE_NTLM;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_LM_KEY() {
+ value |= NTLMSSP_NEGOTIATE_LM_KEY;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_DATAGRAM() {
+ value |= NTLMSSP_NEGOTIATE_DATAGRAM;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_SEAL() {
+ value |= NTLMSSP_NEGOTIATE_SEAL;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_SIGN() {
+ value |= NTLMSSP_NEGOTIATE_SIGN;
+ return this;
+ }
+
+ public NegoFlags set_REQUEST_TARGET() {
+ value |= NTLMSSP_REQUEST_TARGET;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_OEM() {
+ value |= NTLMSSP_NEGOTIATE_OEM;
+ return this;
+ }
+
+ public NegoFlags set_NEGOTIATE_UNICODE() {
+ value |= NTLMSSP_NEGOTIATE_UNICODE;
+ return this;
+ }
+
+ /**
+ * Example.
+ */
+
+ public static void main(String args[]) {
+
+ NegoFlags flags = new NegoFlags(0xe20882b7);
+ System.out.println("Negotiation flags: " + flags);
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/48c47101/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmCompute.java
----------------------------------------------------------------------
diff --git a/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmCompute.java b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmCompute.java
new file mode 100755
index 0000000..e75c73c
--- /dev/null
+++ b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmCompute.java
@@ -0,0 +1,24 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package rdpclient.ntlmssp;
+
+public class NtlmCompute {
+
+ public void compute_ntlm_v2_hash() {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/48c47101/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmConstants.java
----------------------------------------------------------------------
diff --git a/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmConstants.java b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmConstants.java
new file mode 100755
index 0000000..a823aac
--- /dev/null
+++ b/services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/NtlmConstants.java
@@ -0,0 +1,157 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package rdpclient.ntlmssp;
+
+public interface NtlmConstants {
+
+ /**
+ * Attribute type: Indicates that this is the last AV_PAIR in the list. AvLen
+ * MUST be 0. This type of information MUST be present in the AV pair list.
+ */
+ public final static int MSV_AV_EOL = 0x0000;
+
+ /**
+ * Attribute type: The server's NetBIOS computer name. The name MUST be in
+ * Unicode, and is not null-terminated. This type of information MUST be
+ * present in the AV_pair list.
+ */
+ public final static int MSV_AV_NETBIOS_COMPUTER_NAME = 0x0001;
+
+ /**
+ * Attribute type: The server's NetBIOS domain name. The name MUST be in
+ * Unicode, and is not null-terminated. This type of information MUST be
+ * present in the AV_pair list.
+ */
+ public final static int MSV_AV_NETBIOS_DOMAIN_NAME = 0x0002;
+
+ /**
+ * Attribute type: The fully qualified domain name (FQDN (1)) of the computer.
+ * The name MUST be in Unicode, and is not null-terminated.
+ */
+ public final static int MSV_AV_DNS_COMPUTER_NAME = 0x0003;
+
+ /**
+ * Attribute type: The FQDN of the domain. The name MUST be in Unicode, and is
+ * not null-terminated.
+ */
+ public final static int MSV_AV_DNS_DOMAIN_NAME = 0x0004;
+
+ /**
+ * Attribute type: The FQDN of the forest. The name MUST be in Unicode, and is
+ * not null-terminated.
+ */
+ public final static int MSV_AV_DNS_TREE_NAME = 0x0005;
+
+ /**
+ * Attribute type: A 32-bit value indicating server or client configuration.
+ *
+ * <li>0x00000001: indicates to the client that the account authentication is
+ * constrained.
+ *
+ * <li>0x00000002: indicates that the client is providing message integrity in
+ * the MIC field (section 2.2.1.3) in the AUTHENTICATE_MESSAGE.
+ *
+ * <li>0x00000004: indicates that the client is providing a target SPN
+ * generated from an untrusted source.
+ **/
+ public final static int MSV_AV_FLAGS = 0x0006;
+
+ public static final int MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK = 0x00000002;
+
+ /**
+ * Attribute type: A FILETIME structure ([MS-DTYP] section 2.3.3) in
+ * little-endian byte order that contains the server local time.
+ */
+ public final static int MSV_AV_TIMESTAMP = 0x0007;
+
+ /**
+ * Attribute type: A Single_Host_Data (section 2.2.2.2) structure. The Value
+ * field contains a platform-specific blob, as well as a MachineID created at
+ * computer startup to identify the calling machine.<15>
+ */
+ public final static int MSV_AV_SINGLE_HOST = 0x0008;
+
+ /**
+ * Attribute type: The SPN of the target server. The name MUST be in Unicode
+ * and is not null-terminated.<16>
+ */
+ public final static int MSV_AV_TARGET_NAME = 0x0009;
+
+ /**
+ * Attribute type: A channel bindings hash. The Value field contains an MD5
+ * hash ([RFC4121] section 4.1.1.2) of a gss_channel_bindings_struct
+ * ([RFC2744] section 3.11). An all-zero value of the hash is used to indicate
+ * absence of channel bindings.
+ */
+ public final static int MSV_AV_CHANNEL_BINDINGS = 0x000A;
+
+ /**
+ * Signature of NTLMSSP blob.
+ */
+ public static final String NTLMSSP = "NTLMSSP";
+
+ public static final String GSS_RDP_SERVICE_NAME = "TERMSRV";
+
+ /**
+ * NTLM message type: NEGOTIATE.
+ */
+ public static final int NEGOTIATE = 0x00000001;
+
+ /**
+ * NTLM message type: CHALLENGE.
+ */
+ public static final int CHALLENGE = 0x00000002;
+
+ /**
+ * NTLM message type: NTLMSSP_AUTH.
+ */
+ public static final int NTLMSSP_AUTH = 0x00000003;
+
+ public static final String OID_SPNEGO = "1.3.6.1.5.5.2";
+
+ public static final String OID_KERBEROS5 = "1.2.840.113554.1.2.2";
+ public static final String OID_MSKERBEROS5 = "1.2.840.48018.1.2.2";
+
+ public static final String OID_KRB5USERTOUSER = "1.2.840.113554.1.2.2.3";
+
+ public static final String OID_NTLMSSP = "1.3.6.1.4.1.311.2.2.10";
+
+ /**
+ * Magic constant used in calculation of Lan Manager response.
+ */
+ public static final String LM_MAGIC = "KGS!@#$%";
+
+ /**
+ * Magic constant used in generation of client signing key.
+ */
+ public static final String CLIENT_SIGN_MAGIC = "session key to client-to-server signing key magic constant";
+
+ /**
+ * Magic constant used in generation of client sealing key.
+ */
+ public static final String CLIENT_SEAL_MAGIC = "session key to client-to-server sealing key magic constant";
+
+ public static final String SERVER_SIGN_MAGIC = "session key to server-to-client signing key magic constant";
+ public static final String SERVER_SEAL_MAGIC = "session key to server-to-client sealing key magic constant";
+
+ /**
+ * In Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008,
+ * Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows
+ * 8.1, and Windows Server 2012 R2, the maximum lifetime of challenge is 36 hours.
+ */
+ public static final int CHALLENGE_MAX_LIFETIME = 36 * 60 * 60;
+}