home *** CD-ROM | disk | FTP | other *** search

---

/ kermit.columbia.edu / kermit.columbia.edu.tar / kermit.columbia.edu / tmp9 / ckoath.c

< prev

next >

Wrap

C/C++ Source or Header  |  2011-07-19  |  320KB  |  9,628 lines

---

1. /*
2.   C K O A T H . C  --  Authentication for Kermit 95
3.  
4.   Copyright (C) 1998, 2004, Trustees of Columbia University in the City of New
5.   York.
6.  
7.   Author:  Jeffrey E Altman (jaltman@secure-endpoints.com)
8.              Secure Endpoints Inc., New York City
9. */
10.  
11.  
12. #include "ckcdeb.h"
13.  
14. #ifdef CK_AUTHENTICATION
15. #define CKOATH_C
16. #include "ckcker.h"
17. #include "ckuusr.h"
18. #include "ckucmd.h"                             /* For struct keytab */
19. #include "ckcnet.h"
20. #include "ckctel.h"
21.  
22. #ifdef CK_DES
23. #ifdef CK_SSL
24. #ifndef LIBDES
25. #define LIBDES
26. #endif /* LIBDES */
27. #endif /* CK_SSL */
28. #endif /* CK_DES */
29.  
30. #ifdef CRYPT_DLL
31. #ifndef LIBDES
32. #define LIBDES
33. #endif /* LIBDES */
34. #ifdef OS2
35. #ifdef NT
36. #include <windows.h>
37. #define SECURITY_WIN32
38. #include <security.h>
39. #ifndef NTLMSP_NAME_A
40. #define NTLMSP_NAME_A "NTLM"
41. #endif /* NTLMSP_NAME_A */
42. #else /* NT */
43. #define INCL_DOSMODULEMGR
44. #include <os2.h>
45. #endif /* NT */
46. #endif /* OS2 */
47. #endif /* CRYPT_DLL */
48.  
49. #include "ckosyn.h"
50.  
51. #ifdef NT
52. #define KRB5_AUTOCONF__
53. #define NTLM
54. #endif /* NT */
55.  
56. #ifndef CK_KERBEROS
57. #ifdef KRB4
58. #undef KRB4
59. #endif /* KRB4 */
60. #ifdef KRB5
61. #undef KRB5
62. #endif /* KRB5 */
63. #ifdef KRB524
64. #undef KRB524
65. #endif /* KRB524 */
66. #endif /* CK_KERBEROS */
67.  
68. #include <stdlib.h>
69. #include <string.h>
70. #include <stdio.h>
71. #include <time.h>
72. #include <fcntl.h>
73. #include <io.h>
74.  
75. #ifdef KRB5
76. #include "krb5.h"
77. #include "profile.h"
78. #include "com_err.h"
79.  
80. #ifdef KRB5_GET_INIT_CREDS_OPT_TKT_LIFE
81. #define KRB5_HAVE_GET_INIT_CREDS
82. #else
83. #define krb5_free_unparsed_name(con,val) krb5_xfree((char *)(val))
84. #endif
85.  
86. #ifndef KRB5_HAVE_GET_INIT_CREDS
87. #define krb5_free_data_contents(c,v) krb5_xfree((char *)(v)->data)
88. #endif
89. #endif /* KRB5 */
90.  
91. #ifdef KRB4
92. #define  des_cblock Block
93. #define  des_key_schedule Schedule
94. #ifdef NT
95. #define _WINDOWS
96. #include "kerberosIV/krb.h"
97. #else /* NT */
98. #ifdef KRB524
99. #include "kerberosIV/krb.h"
100. _PROTOTYP(const char * krb_get_err_text_entry, (int));
101. #else /* KRB524 */
102. #include "krb.h"
103. #define krb_get_err_text_entry krb_get_err_text
104. #endif /* KRB524 */
105. #endif /* NT */
106. #else /* KRB4 */
107. #ifdef CK_SSL
108. #define  des_cblock Block
109. #define  des_key_schedule Schedule
110. #endif /* CK_SSL */
111. #endif /* KRB4 */
112.  
113. #include "ckuath.h"
114. #ifdef CK_KERBEROS
115. #ifndef KRB5
116. #define NOBLOCKDEF
117. #endif /* KRB5 */
118. #ifdef KRB524
119. #define NOBLOCKDEF
120. #endif /* KRB524 */
121. #endif /* CK_KERBEROS */
122. #include "ckuat2.h"
123.  
124. #ifdef CK_SSL
125. #ifdef LIBDES
126. #ifndef HEADER_DES_H
127. #define HEADER_DES_H
128. #endif /* HEADER_DES_H */
129. #endif /* LIBDES */
130. #include "ck_ssl.h"
131. #endif /* SSL */
132.  
133. #ifdef CK_SRP
134. #include <t_pwd.h>
135. #include <t_client.h>
136. #include <t_server.h>
137. #endif /* CK_SRP */
138.  
139. #ifdef OS2
140. #ifdef CK_ENCRYPTION
141. #define MAP_DES
142. #endif /* CK_ENCRYPTION */
143. #ifdef KRB4
144. #define MAP_KRB4
145. #endif /* KRB4 */
146. #ifdef SRPDLL
147. #define MAP_SRP
148. #endif /* SRPDLL */
149. #ifdef KRB5
150. #define MAP_KRB5
151. #endif /* KRB5 */
152. #ifdef CRYPT_DLL
153. #define MAP_CRYPT
154. #endif /* CRYPT_DLL */
155. #define MAP_NTLM
156. #include "ckoath.h"
157.  
158. extern char tn_msg[], hexbuf[];         /* from ckcnet.c */
159. extern int deblog, debses, tn_deb;
160.  
161. extern int authentication_version;
162. extern int auth_type_user[AUTHTYPLSTSZ];
163. extern int auth_how;
164. extern int auth_crypt;
165. extern int auth_fwd;
166. extern int accept_complete;
167.  
168. #define AUTHTMPBL 2048
169. static char strTmp[AUTHTMPBL+1];
170. extern char szUserNameRequested[UIDBUFLEN+1];    /* for incoming connections */
171. extern char szUserNameAuthenticated[UIDBUFLEN+1];/* for incoming connections */
172. extern char szHostName[UIDBUFLEN+1];
173.  
174. #ifdef CK_ENCRYPTION
175. extern int encrypt_flag;
176. #endif
177.  
178. #ifdef KRB5
179. extern krb5_context k5_context;
180. extern char * krb5_d_principal;         /* Default principal */
181. extern char * krb5_d_instance;          /* Default instance */
182. extern char * krb5_d_realm;             /* Default realm */
183. extern char * krb5_d_cc;                /* Default credentials cache */
184. extern char * krb5_d_srv;               /* Default service name */
185. extern int    krb5_d_lifetime;          /* Default lifetime */
186. extern int    krb5_d_forwardable;
187. extern int    krb5_d_proxiable;
188. extern int    krb5_d_renewable;
189. extern int    krb5_autoget;
190. extern int    krb5_checkaddrs;
191. extern int    krb5_d_getk4;
192. extern int    krb5_d_no_addresses;
193. extern char * krb5_d_addrs[];
194.  
195. extern int    krb5_errno;
196. extern char * krb5_errmsg;
197. #endif /* KRB5 */
198.  
199. #ifdef KRB4
200. extern char * krb4_d_principal;         /* Default principal */
201. extern char * krb4_d_realm;             /* Default realm */
202. extern char * krb4_d_srv;               /* Default service name */
203. extern int    krb4_d_lifetime;          /* Default lifetime */
204. extern int    krb4_d_preauth;
205. extern char * krb4_d_instance;
206. extern int    krb4_autoget;
207. extern int    krb4_checkaddrs;
208. extern char * k4_keytab;
209.  
210. extern int    krb4_errno;
211. extern char * krb4_errmsg;
212. #endif /* KRB4 */
213.  
214. #ifdef CK_KERBEROS
215. #define CHECKADDRS
216. #endif /* CK_KERBEROS */
217.  
218. #ifdef OS2ONLY
219. #ifdef KRB5_CALLCONV
220. #undef KRB5_CALLCONV
221. #define KRB5_CALLCONV  __cdecl
222. #endif
223. #ifdef KRB5_CALLCONV_C
224. #undef KRB5_CALLCONV_C
225. #endif
226. #define KRB5_CALLCONV_C __cdecl
227. #endif
228.  
229. #ifndef KRB5_CALLCONV
230. #define KRB5_CALLCONV __stdcall
231. #endif /* KRB5_CALLCONV */
232. #ifndef KRB5_CALLCONV_C
233. #define KRB5_CALLCONV_C __cdecl
234. #endif /* KRB5_CALLCONV_C */
235.  
236. #ifdef OS2ONLY
237. static char fail[_MAX_PATH];
238. #endif /* OS2ONLY */
239.  
240. int copy_for_net(unsigned char *to, unsigned char *from, int c);
241.  
242. #ifdef SRPDLL
243. /* These functions are located in DLLs which we are not linking to at */
244. /* compile time.  Therefore, we have to redirect them to locally      */
245. /* defined functions which will call the real thing only if they are  */
246. /* available via Run-Time Linking.                                    */
247. /*
248.     From SRP.DLL:
249.        unresolved external symbol _t_clientresponse
250.        unresolved external symbol _t_clientgetkey
251.        unresolved external symbol _t_clientpasswd
252.        unresolved external symbol _t_clientgenexp
253.        unresolved external symbol _t_clientopen
254.        unresolved external symbol _t_clientverify
255. */
256.  
257. static unsigned char * (*p_t_clientresponse)(struct t_client *)=NULL;
258. static unsigned char *
259.  (*p_t_clientgetkey)(struct t_client *, struct t_num *)=NULL;
260. static void (*p_t_clientpasswd)(struct t_client *, char *)=NULL;
261. static struct t_num * (*p_t_clientgenexp)(struct t_client *)=NULL;
262. static struct t_client * (*p_t_clientopen)
263.     (const char *, struct t_num *, struct t_num *, struct t_num *)=NULL;
264. static int (*p_t_clientverify)(struct t_client *, unsigned char *)=NULL;
265.  
266. unsigned char *
267. ck_t_clientresponse(struct t_client * client) {
268.     if ( p_t_clientresponse )
269.         return(p_t_clientresponse(client));
270.     else
271.         return(NULL);
272. }
273.  
274. unsigned char *
275. ck_t_clientgetkey(struct t_client * client, struct t_num * num) {
276.     if ( p_t_clientgetkey )
277.         return(p_t_clientgetkey(client,num));
278.     return(NULL);
279. }
280.  
281. void ck_t_clientpasswd(struct t_client * client, char * pwd) {
282.     if ( p_t_clientpasswd )
283.         p_t_clientpasswd(client,pwd);
284. }
285.  
286. struct t_num *
287. ck_t_clientgenexp(struct t_client * client) {
288.     if ( p_t_clientgenexp )
289.         return(p_t_clientgenexp(client));
290.     else
291.         return(NULL);
292. }
293.  
294. struct t_client *
295. ck_t_clientopen(const char * str, struct t_num * A,
296.                  struct t_num * B, struct t_num * C) {
297.     if ( p_t_clientopen )
298.         return(p_t_clientopen(str,A,B,C));
299.     else
300.         return(NULL);
301. }
302.  
303. int
304. ck_t_clientverify(struct t_client * client, unsigned char * str) {
305.     if ( p_t_clientverify )
306.         return(p_t_clientverify(client,str));
307.     else
308.         return(0);
309. }
310. #endif /* SRPDLL */
311.  
312. #ifdef KRB4
313. /* These functions are located in DLLs which we are not linking to at */
314. /* compile time.  Therefore, we have to redirect them to locally      */
315. /* defined functions which will call the real thing only if they are  */
316. /* available via Run-Time Linking.                                    */
317. /*
318.     From KRB4_32.DLL:
319.        unresolved external symbol __imp__krb_get_err_text@4
320.        unresolved external symbol __imp__krb_get_cred@16
321.        unresolved external symbol __imp__krb_mk_req@20
322.        unresolved external symbol __imp__krb_realmofhost@4
323.        unresolved external symbol __imp__krb_get_phost@4
324.  
325.        unresolved external symbol _des_ecb_encrypt
326.        unresolved external symbol __imp__des_key_sched@8
327.        unresolved external symbol _des_new_random_key
328.        unresolved external symbol _des_set_random_generator_seed
329.  
330.        Note: kerberosiv/krb.h contains a reference to errno which
331.        must be renamed to compile under Windows NT with errno.h
332.  
333.        unresolved external symbol __imp__krb_get_pw_in_tkt@28
334.        unresolved external symbol __imp__krb_get_pw_in_tkt_preauth@28
335.        unresolved external symbol __imp__krb_get_lrealm@8
336.        unresolved external symbol __imp__krb_get_err_text@4
337.        unresolved external symbol __imp__kname_parse@16
338.        unresolved external symbol __imp__dest_tkt
339.  
340.        unresolved external symbol __imp__krb_get_tf_realm@8
341.  
342.        Leash specific (not defined in Kerberos V/KerberosIV
343.        include files
344.          unresolved external symbol _tf_get_cred
345.          unresolved external symbol _tf_get_pinst
346.          unresolved external symbol _tf_get_pname
347.          unresolved external symbol _tf_close
348.          unresolved external symbol _tf_init
349.          unresolved external symbol _tkt_string
350.  
351.          C:\kerberos\leash\KRB4\INCLUDE\KRB.H
352.          int tf_get_pname(char*);
353.          int tf_get_pinst(char*);
354.          int tf_get_cred(CREDENTIALS*);
355.          void tf_close(void);
356.          int tf_init(char *,int);
357.          char * tkt_string(void);
358.          int krb_check_serv(char *);
359.  
360.       Added when we put in server side support:
361.         unresolved external symbol __imp__kuserok@8
362.         unresolved external symbol _krb_kntoln
363.         unresolved external symbol __imp__krb_rd_req@24
364. */
365.  
366.  
367. /* these were all KRB5_CALLCONV */
368.  
369. static const char * (KRB5_CALLCONV * p_krb_get_err_text_entry)(int _errno)=NULL;
370. static int (KRB5_CALLCONV_C * p_krb_get_cred)(char *service, char *instance,
371.                                          char *realm, CREDENTIALS *c)=NULL;
372. static int (KRB5_CALLCONV * p_krb_mk_req)(KTEXT authent, char *service,
373.                                        char *instance, char *realm,
374.                                        KRB4_32 checksum)=NULL;
375. static char * (KRB5_CALLCONV * p_krb_realmofhost)(char *host)=NULL;
376. static char * (KRB5_CALLCONV_C * p_krb_get_phost)(char *alias)=NULL;
377. static int (KRB5_CALLCONV_C * p_krb_get_pw_in_tkt)
378.     (char  *user, char  *instance, char  *realm,
379.       char  *service, char  *sinstance,
380.       int life, char  *password)=NULL;
381. static int (KRB5_CALLCONV_C * p_krb_get_pw_in_tkt_preauth)
382.     (char  *user, char  *instance, char  *realm,
383.                    char  *service, char  *sinstance,
384.                    int life, char  *password)=NULL;
385. static int (KRB5_CALLCONV_C * p_krb_get_lrealm)(char  *realm, int index)=NULL;
386. static const char * (KRB5_CALLCONV * p_krb_get_err_text)(int _errno)=NULL;
387. static int (KRB5_CALLCONV_C * p_kname_parse)(char  *name, char  *inst,
388.                               char  *realm,char  *fullname)=NULL;
389. static int (KRB5_CALLCONV_C * p_dest_tkt)(void)=NULL;
390.  
391. static int (KRB5_CALLCONV_C * p_tf_get_pname)(char*)=NULL;
392. static int (KRB5_CALLCONV_C * p_tf_get_pinst)(char*)=NULL;
393. static int (KRB5_CALLCONV_C * p_tf_get_cred)(CREDENTIALS*)=NULL;
394. static void (KRB5_CALLCONV_C * p_tf_close)(void)=NULL;
395. static int (KRB5_CALLCONV_C * p_tf_init)(char *,int)=NULL;
396. static char * (KRB5_CALLCONV_C * p_tkt_string)(void)=NULL;
397. static int (KRB5_CALLCONV_C * p_krb_get_tf_realm)(char *ticket_file,
398.                                              char *realm)=NULL;
399. static int (KRB5_CALLCONV_C * p_krb_get_tf_fullname)(char *ticket_file,
400.                                      char *name, char *inst,
401.                                        char *realm)=NULL;
402. static int (KRB5_CALLCONV_C * p_krb_check_serv)(char * service)=NULL;
403. static int (KRB5_CALLCONV_C * p_kuserok)(AUTH_DAT *kdata, char *luser)=NULL;
404. static int (KRB5_CALLCONV_C * p_k95_k4_userok)( const char * princ_name,
405.                                 const char * princ_inst,
406.                                 const char * princ_realm,
407.                                 const char * local_realm,
408.                                 const char *luser)=NULL;
409. static int (KRB5_CALLCONV_C * p_krb_kntoln)(AUTH_DAT *kdata, char *luser)=NULL;
410. static int (KRB5_CALLCONV_C * p_k95_k4_princ_to_userid)( const char * princ_name,
411.                                          const char * princ_inst,
412.                                          const char * princ_realm,
413.                                          const char * local_realm,
414.                                          char *luser, int len)=NULL;
415. static int (KRB5_CALLCONV_C * p_krb_rd_req)(KTEXT, char *service, char *inst,
416.                              unsigned KRB4_32 from_addr, AUTH_DAT  *,
417.                              char  *srvtab)=NULL;
418. static int (KRB5_CALLCONV * p_krb_sendauth)(long,int,KTEXT,CHAR *,CHAR *,CHAR *,
419.                          unsigned long,MSG_DAT *,CREDENTIALS *, Key_schedule *,
420.                          struct sockaddr_in *,struct sockaddr_in *, CHAR *)=NULL;
421. static int (KRB5_CALLCONV_C * p_set_krb_debug)(int)=NULL;
422. static int (KRB5_CALLCONV_C * p_set_krb_ap_req_debug)(int)=NULL;
423. static long (KRB5_CALLCONV_C *p_krb_mk_safe)(char * in, char * out,
424.                               unsigned long length,
425.                               C_Block block,
426.                               struct sockaddr_in * sender,
427.                               struct sockaddr_in * receiver)=NULL;
428. static long (KRB5_CALLCONV_C *p_krb_mk_priv)(char * in, char * out,
429.                               unsigned long length,
430.                               Schedule sched,
431.                               C_Block block,
432.                               struct sockaddr_in * sender,
433.                               struct sockaddr_in * receiver)=NULL;
434. static long (KRB5_CALLCONV_C *p_krb_rd_priv)(char * in, unsigned long in_length,
435.                               Schedule sched,
436.                               C_Block block,
437.                               struct sockaddr_in * sender,
438.                               struct sockaddr_in * receiver,
439.                               MSG_DAT * m_data)=NULL;
440. static long (KRB5_CALLCONV_C *p_krb_rd_safe)(char * in, unsigned long in_length,
441.                               C_Block block,
442.                               struct sockaddr_in * sender,
443.                               struct sockaddr_in * receiver,
444.                               MSG_DAT * m_data)=NULL;
445. static int (KRB5_CALLCONV_C *p_krb_in_tkt)(char *, char *, char *)=NULL;
446. static int (KRB5_CALLCONV_C *p_krb_save_credentials)(char *, char *, char *, C_Block, int, int, KTEXT, long)=NULL;
447.  
448. int 
449. ck_krb_in_tkt(char *a, char *b, char *c)
450. {
451.     if ( p_krb_in_tkt )
452.         return(p_krb_in_tkt(a,b,c));
453.     else
454.         return(KFAILURE);
455. }
456.  
457. int 
458. ck_krb_save_credentials(char *a, char *b, char *c, C_Block block, int n, int m, KTEXT k, long l)
459. {
460.     if ( p_krb_save_credentials )
461.         return(p_krb_save_credentials(a,b,c,block,n,m,k,l));
462.     else
463.         return(KFAILURE);
464. }
465.  
466. const char *
467. ck_krb_get_err_text_entry(int _errno)
468. {
469.     if (_errno == -1 )
470.         return("Function not supported by Kerberos installation");
471.     if ( p_krb_get_err_text_entry )
472.         return(p_krb_get_err_text_entry(_errno));
473.     if ( p_krb_get_err_text )
474.         return(p_krb_get_err_text(_errno));
475.     else
476.         return("");
477. }
478.  
479. int
480. ck_krb_get_cred(char *service, char *instance,
481.                  char *realm, LEASH_CREDENTIALS *c)
482. {
483.     if ( p_krb_get_cred )
484.         return(p_krb_get_cred(service,instance,realm,(CREDENTIALS *)c));
485.     else
486.         return(-1);
487. }
488.  
489. int
490. ck_krb_mk_req(KTEXT authent, char *service,
491.                char *instance, char *realm,
492.                KRB4_32 checksum)
493. {
494.     if ( p_krb_mk_req )
495.         return(p_krb_mk_req(authent,service,
496.                              instance,realm,checksum));
497.     else
498.         return(-1);
499. }
500.  
501. char *
502. ck_krb_realmofhost(char *host)
503. {
504.     debug(F110,"ck_krb_realmofhost",host,0);
505.     if ( p_krb_realmofhost )
506.         return(p_krb_realmofhost(host));
507.     else
508.         return("");
509. }
510.  
511. char *
512. ck_krb_get_phost(char *alias)
513. {
514.     if ( p_krb_get_phost )
515.         return(p_krb_get_phost(alias));
516.     else
517.         return("");
518. }
519.  
520. int
521. ck_krb_get_pw_in_tkt( char  *user, char  *instance, char  *realm,
522.                       char  *service, char  *sinstance,
523.                       int life, char  *password)
524. {
525.     if ( p_krb_get_pw_in_tkt )
526.         return(p_krb_get_pw_in_tkt(user,instance,realm,service,
527.                                     sinstance,life,password));
528.     else
529.         return(-1);
530. }
531.  
532. int
533. ck_krb_get_pw_in_tkt_preauth( char  *user, char  *instance, char  *realm,
534.                               char  *service, char  *sinstance,
535.                               int life, char  *password)
536. {
537.     if ( p_krb_get_pw_in_tkt_preauth )
538.         return(p_krb_get_pw_in_tkt_preauth(user,instance,realm,service,
539.                                             sinstance,life,password));
540.     else
541.         return(-1);
542. }
543.  
544. int
545. ck_krb_get_lrealm(char  *realm, int index)
546. {
547.     if ( p_krb_get_lrealm )
548.         return(p_krb_get_lrealm(realm,index));
549.     else
550.         return(-1);
551. }
552.  
553. const char *
554. ck_krb_get_err_text(int _errno)
555. {
556.     if ( p_krb_get_err_text )
557.         return(p_krb_get_err_text(_errno));
558.     if ( p_krb_get_err_text_entry )
559.         return(p_krb_get_err_text_entry(_errno));
560.     else
561.         return("");
562. }
563. int
564. ck_kname_parse(char  *name, char  *inst,
565.                 char  *realm,char  *fullname)
566. {
567.     if ( p_kname_parse )
568.         return(p_kname_parse(name,inst,realm,fullname));
569.     return(-1);
570. }
571.  
572. int
573. ck_dest_tkt(void)
574. {
575.     if ( p_dest_tkt )
576.         return(p_dest_tkt());
577.     else
578.         return(-1);
579. }
580.  
581. int
582. ck_tf_get_pname(char* pname)
583. {
584.     if ( p_tf_get_pname )
585.         return(p_tf_get_pname(pname));
586.     else
587.         return(-1);
588. }
589.  
590. int
591. ck_tf_get_pinst(char* pinst)
592. {
593.     if ( p_tf_get_pinst )
594.         return(p_tf_get_pinst(pinst));
595.     else
596.         return(-1);
597. }
598.  
599. int
600. ck_tf_get_cred(LEASH_CREDENTIALS* cred)
601. {
602.     if ( p_tf_get_cred )
603.         return(p_tf_get_cred((CREDENTIALS *)cred));
604.     else
605.         return(-1);
606. }
607.  
608. void
609. ck_tf_close(void)
610. {
611.     if ( p_tf_close )
612.         p_tf_close();
613. }
614.  
615. int
616. ck_tf_init(char * p,int n)
617. {
618.     if ( p_tf_init )
619.         return(p_tf_init(p,n));
620.     else
621.         return(-1);
622. }
623.  
624. char *
625. ck_tkt_string(void)
626. {
627.     if ( p_tkt_string )
628.         return(p_tkt_string());
629.     else
630.         return("");
631. }
632.  
633. int
634. ck_krb_get_tf_realm(char *ticket_file, char *realm)
635. {
636.     if ( p_krb_get_tf_realm )
637.         return(p_krb_get_tf_realm(ticket_file,realm));
638.     else
639.         return(-1);
640. }
641.  
642. int
643. ck_krb_get_tf_fullname(char *tf, char * name, char * inst, char *realm)
644. {
645.     if ( p_krb_get_tf_fullname )
646.         return(p_krb_get_tf_fullname(tf,name,inst,realm));
647.     else
648.         return(-1);
649. }
650.  
651. int
652. ck_krb_check_serv(char * service)
653. {
654.     if ( p_krb_check_serv )
655.         return(p_krb_check_serv(service));
656.     else
657.         return(-1);
658. }
659.  
660. static char lrealm[REALM_SZ] = "";
661.  
662. int
663. ck_kuserok(AUTH_DAT *kdata, char *luser)
664. {
665.     if ( p_k95_k4_userok ) {
666.         ckstrncpy(lrealm,ck_krb4_getrealm(),REALM_SZ);
667.         return(p_k95_k4_userok(kdata->pname, kdata->pinst, kdata->prealm,
668.                                 lrealm, luser));
669.     }
670.     else if ( p_kuserok )
671.         return(p_kuserok(kdata,luser));
672.     else {
673.         return(stricmp(luser,kdata->pname));
674.     }
675. }
676.  
677. int
678. ck_krb_kntoln(AUTH_DAT *kdata, char *luser)
679. {
680.  
681.     if ( p_k95_k4_princ_to_userid ) {
682.         if (krb_get_lrealm(lrealm,1) == KFAILURE)
683.             lrealm[0] = '\0';
684.          return(p_k95_k4_princ_to_userid(kdata->pname, kdata->pinst,
685.                                           kdata->prealm, lrealm,
686.                                           luser, ANAME_SZ));
687.     }
688.     else if ( p_krb_kntoln )
689.         return(p_krb_kntoln(kdata,luser));
690.     else {
691.  
692.         if (krb_get_lrealm(lrealm,1) == KFAILURE)
693.             return(KFAILURE);
694.  
695.         if (strcmp(kdata->pinst,""))
696.             return(KFAILURE);
697.         if (strcmp(kdata->prealm,lrealm))
698.             return(KFAILURE);
699.         (void) ckstrncpy(luser,kdata->pname,ANAME_SZ);
700.         return(KSUCCESS);
701.     }
702. }
703.  
704. int
705. ck_krb_rd_req(KTEXT authent, char *service, char *inst,
706.                              unsigned int from_addr, AUTH_DAT * adat,
707.                              char *srvtab)
708. {
709.     if ( p_krb_rd_req )
710.         return(p_krb_rd_req(authent, service, inst, from_addr,
711.                              adat, srvtab));
712.     else
713.         return(-1);
714.  
715. }
716.  
717. int
718. ck_krb_sendauth(long opts, int socket, KTEXT ticket, CHAR * service,
719.                  CHAR * hostname, CHAR * realm, unsigned long pid,
720.                  MSG_DAT * msg_dat, LEASH_CREDENTIALS * cred,
721.                  Schedule * sched, struct sockaddr_in * l_addr,
722.                  struct sockaddr_in * r_addr, CHAR * str)
723. {
724.     if ( p_krb_sendauth )
725.         return(p_krb_sendauth(opts,socket,ticket,service,hostname,
726.                                realm,pid, msg_dat, (CREDENTIALS *)cred, sched,
727.                                l_addr, r_addr, str));
728.     else
729.         return(-1);
730. }
731.  
732. int
733. ck_set_krb_debug(int x)
734. {
735.     if ( p_set_krb_debug )
736.         return(p_set_krb_debug(x));
737.     else
738.         return(0);
739. }
740.  
741. int
742. ck_set_krb_ap_req_debug(int x)
743. {
744.     if ( p_set_krb_ap_req_debug )
745.         return(p_set_krb_ap_req_debug(x));
746.     else
747.         return(0);
748. }
749.  
750. long
751. ck_krb_mk_safe(char * in, char * out,
752.                 unsigned long length,
753.                 C_Block block,
754.                 struct sockaddr_in * sender,
755.                 struct sockaddr_in * receiver)
756. {
757.     if ( p_krb_mk_safe )
758.         return(p_krb_mk_safe(in,out,length,block,sender,receiver));
759.     else
760.         return(-1);
761. }
762.  
763. long
764. ck_krb_mk_priv(char * in, char * out,
765.                 unsigned long length,
766.                 Schedule sched,
767.                 C_Block block,
768.                 struct sockaddr_in * sender,
769.                 struct sockaddr_in * receiver)
770. {
771.     if ( p_krb_mk_priv )
772.         return(p_krb_mk_priv(in,out,length,sched,block,sender,receiver));
773.     else
774.         return(-1);
775. }
776.  
777. long
778. ck_krb_rd_priv(char * in, unsigned long in_length,
779.                 Schedule sched,
780.                 C_Block block,
781.                 struct sockaddr_in * sender,
782.                 struct sockaddr_in * receiver,
783.                 MSG_DAT * m_data)
784. {
785.     if ( p_krb_rd_priv )
786.         return(p_krb_rd_priv(in, in_length,sched, block, sender, receiver, m_data));
787.     else
788.         return(-1);
789. }
790.  
791. long
792. ck_krb_rd_safe(char * in, unsigned long in_length,
793.                 C_Block block,
794.                 struct sockaddr_in * sender,
795.                 struct sockaddr_in * receiver,
796.                 MSG_DAT * m_data)
797. {
798.     if ( p_krb_rd_safe )
799.         return(p_krb_rd_safe(in, in_length, block, sender, receiver,m_data));
800.     else
801.         return(-1);
802. }
803. #endif /* KRB4 */
804.  
805. #ifdef KRB5
806. /* These functions are located in DLLs which we are not linking to at */
807. /* compile time.  Therefore, we have to redirect them to locally      */
808. /* defined functions which will call the real thing only if they are  */
809. /* available via Run-Time Linking.                                    */
810. /*
811.     From COMERR32.DLL
812.        unresolved external symbol __imp__com_err
813.        unresolved external symbol __imp__error_message@4
814.  
815.     From KRB5_32.DLL:
816.        unresolved external symbol __imp__krb5_free_creds@8
817.        unresolved external symbol __imp__krb5_copy_keyblock@12
818.        unresolved external symbol __imp__krb5_free_keyblock@8
819.        unresolved external symbol __imp__krb5_auth_con_getlocalsubkey@12
820.        unresolved external symbol __imp__krb5_mk_req_extended@24
821.        unresolved external symbol __imp__krb5_auth_con_setflags@12
822.        unresolved external symbol __imp__krb5_auth_con_init@8
823.        unresolved external symbol __imp__krb5_auth_con_free@8
824.        unresolved external symbol __imp__krb5_get_credentials@20
825.        unresolved external symbol __imp__krb5_free_cred_contents@8
826.        unresolved external symbol __imp__krb5_sname_to_principal@20
827.        unresolved external symbol __imp__krb5_cc_default@8
828.        unresolved external symbol __imp__krb5_free_ap_rep_enc_part@8
829.        unresolved external symbol __imp__krb5_rd_rep@16
830.  
831.        unresolved external symbol __imp__krb5_get_in_tkt_with_keytab@36
832.        unresolved external symbol __imp__krb5_get_in_tkt_with_password@36
833.        unresolved external symbol __imp__krb5_read_password@20
834.        unresolved external symbol __imp__krb5_build_principal_ext
835.        unresolved external symbol __imp__krb5_unparse_name@12
836.        unresolved external symbol __imp__krb5_parse_name@12
837.        unresolved external symbol __imp__krb5_cc_resolve@12
838.        unresolved external symbol __imp__krb5_string_to_timestamp@8
839.        unresolved external symbol __imp__krb5_kt_resolve@12
840.        unresolved external symbol __imp__krb5_string_to_deltat@8
841.        unresolved external symbol __imp__krb5_timeofday@8
842.        unresolved external symbol __imp__krb5_get_credentials_renew@20
843.        unresolved external symbol __imp__krb5_get_credentials_validate@20
844.        unresolved external symbol __imp__krb5_copy_principal@12
845.        unresolved external symbol __imp__krb5_timestamp_to_sfstring@16
846.        unresolved external symbol __imp__krb5_kt_default@8
847.        unresolved external symbol __imp__krb5_free_ticket@8
848.        unresolved external symbol _decode_krb5_ticket
849.  
850.      These were added when Server Side functionality was added:
851.        unresolved external symbol __imp__krb5_auth_con_getremotesubkey@12
852.        unresolved external symbol __imp__krb5_mk_rep@12
853.        unresolved external symbol __imp__krb5_free_authenticator@8
854.        unresolved external symbol __imp__krb5_verify_checksum@28
855.        unresolved external symbol __imp__krb5_auth_con_getkey@12
856.        unresolved external symbol __imp__krb5_auth_con_getauthenticator@12
857.        unresolved external symbol __imp__krb5_rd_req@28
858.        unresolved external symbol _krb5_auth_con_setrcache
859.        unresolved external symbol _krb5_get_server_rcache
860.        unresolved external symbol _krb5_auth_con_getrcache
861.        unresolved external symbol __imp__krb5_free_tgt_creds@8
862.        unresolved external symbol __imp__krb5_rd_cred@20
863.  
864.      These were added for 7.1.198 so we can support hardware preauth
865.      __imp__krb5_get_init_creds_password@36
866.      __imp__krb5_get_init_creds_opt_set_address_list@8
867.      __imp__krb5_get_renewed_creds@20
868.      __imp__krb5_get_validated_creds@20
869.      __imp__krb5_get_init_creds_opt_set_tkt_life@8
870.      __imp__krb5_get_init_creds_opt_set_forwardable@8
871.      __imp__krb5_get_init_creds_opt_set_proxiable@8
872.      __imp__krb5_get_init_creds_opt_set_renew_life@8
873.      __imp__krb5_get_init_creds_opt_init@4
874.  
875.      These were added 7-17-2000
876.  
877.      __imp__krb5_cc_get_principal@12
878.      __imp__krb5_cc_store_cred@12
879.      __imp__krb5_cc_initialize@12
880.      __imp__krb5_cc_destroy@8
881.      __imp__krb5_cc_end_seq_get@12
882.      __imp__krb5_cc_next_cred@16
883.      __imp__krb5_cc_start_seq_get@12
884.      __imp__krb5_cc_get_type
885.      __imp__krb5_cc_get_name@8
886.      __imp__krb5_cc_set_flags@12
887. */
888.  
889.  
890. static void
891. (KRB5_CALLCONV * p_com_err)(const char *, errcode_t, const char *, ...)=NULL;
892. static void (KRB5_CALLCONV * p_com_err_va)
893.   (const char *, errcode_t, const char *, va_list)=NULL;
894. static const char *
895. (KRB5_CALLCONV *p_error_message)(errcode_t)=NULL;
896. static void
897. (KRB5_CALLCONV *p_krb5_free_creds)(krb5_context, krb5_creds*)=NULL;
898. static void
899. (KRB5_CALLCONV *p_krb5_free_data)(krb5_context, krb5_data *)=NULL;
900. static void
901. (KRB5_CALLCONV *p_krb5_free_data_contents)(krb5_context, krb5_data *)=NULL;
902. static krb5_error_code
903. (KRB5_CALLCONV *p_krb5_copy_keyblock)(krb5_context,
904.                          krb5_const krb5_keyblock  *,
905.                          krb5_keyblock  *  *)=NULL;
906. static void
907. (KRB5_CALLCONV *p_krb5_free_keyblock) (krb5_context, krb5_keyblock  *)=NULL;
908. static krb5_error_code
909. (KRB5_CALLCONV *p_krb5_auth_con_getlocalsubkey)(krb5_context,
910.                                                 krb5_auth_context,
911.                                                 krb5_keyblock  *  *)=NULL;
912. static krb5_error_code
913. (KRB5_CALLCONV *p_krb5_mk_req_extended) (krb5_context,
914.                                          krb5_auth_context  *,
915.                                          krb5_const krb5_flags,
916.                                          krb5_data  *,
917.                                          krb5_creds  *,
918.                                          krb5_data  * )=NULL;
919. static krb5_error_code
920. (KRB5_CALLCONV *p_krb5_mk_req)
921.         (krb5_context,
922.                 krb5_auth_context *,
923.                 krb5_const krb5_flags,
924.                 char *,
925.                 char *,
926.                 krb5_data *,
927.                 krb5_ccache,
928.                 krb5_data * )=NULL;
929. static krb5_error_code
930. (KRB5_CALLCONV *p_krb5_auth_con_setflags) (krb5_context,
931.                                            krb5_auth_context,
932.                                            krb5_int32)=NULL;
933. static krb5_error_code
934. (KRB5_CALLCONV *p_krb5_auth_con_init) (krb5_context,
935.                                        krb5_auth_context  *)=NULL;
936. static krb5_error_code
937. (KRB5_CALLCONV *p_krb5_auth_con_free) (krb5_context,
938.                                        krb5_auth_context)=NULL;
939. static krb5_error_code
940. (KRB5_CALLCONV *p_krb5_get_credentials)(krb5_context,
941.                                         krb5_const krb5_flags,
942.                                         krb5_ccache,
943.                                         krb5_creds  *,
944.                                         krb5_creds  *  *)=NULL;
945. static void
946. (KRB5_CALLCONV *p_krb5_free_cred_contents)(krb5_context, krb5_creds  *)=NULL;
947. static krb5_error_code
948. (KRB5_CALLCONV *p_krb5_sname_to_principal)(krb5_context,
949.                                            krb5_const char  *,
950.                                            krb5_const char  *,
951.                                            krb5_int32,
952.                                            krb5_principal  *)=NULL;
953. static krb5_error_code
954. (KRB5_CALLCONV *p_krb5_cc_default)(krb5_context,
955.                                    krb5_ccache  *)=NULL;
956. static void
957. (KRB5_CALLCONV *p_krb5_free_ap_rep_enc_part)(krb5_context,
958.                                              krb5_ap_rep_enc_part  *)=NULL;
959. static krb5_error_code
960. (KRB5_CALLCONV *p_krb5_rd_rep)(krb5_context,
961.                                krb5_auth_context,
962.                                krb5_const krb5_data  *,
963.                                krb5_ap_rep_enc_part  *  *)=NULL;
964. static krb5_error_code
965. (KRB5_CALLCONV *p_krb5_init_context)(krb5_context *)=NULL;
966. static void
967. (KRB5_CALLCONV *p_krb5_free_context)(krb5_context)=NULL;
968. static krb5_error_code
969. (KRB5_CALLCONV *p_krb5_init_ets)(krb5_context)=NULL;
970.  
971. static void
972. (KRB5_CALLCONV *p_krb5_free_principal) P((krb5_context, krb5_principal ))=NULL;
973. static void
974. (KRB5_CALLCONV *p_krb5_free_unparsed_name) P((krb5_context, char *))=NULL;
975. static krb5_error_code
976. (KRB5_CALLCONV *p_krb5_fwd_tgt_creds)P((krb5_context,
977.                                      krb5_auth_context,
978.                                      char  *,
979.                                      krb5_principal,
980.                                      krb5_principal,
981.                                      krb5_ccache,
982.                                      int forwardable,
983.                                      krb5_data  *))=NULL;
984. static krb5_error_code
985. (KRB5_CALLCONV *p_krb5_auth_con_genaddrs)P((krb5_context,
986.                                          krb5_auth_context,
987.                                          int, int))=NULL;
988.  
989. static krb5_error_code
990. (KRB5_CALLCONV *p_krb5_get_host_realm)P((krb5_context,
991.                                     const char *,
992.                                     char ***))=NULL;
993. static krb5_error_code
994. (KRB5_CALLCONV *p_krb5_free_host_realm)P((krb5_context,
995.                                     char **))=NULL;
996. static krb5_error_code
997. (KRB5_CALLCONV *p_krb5_get_in_tkt_with_keytab)P((krb5_context,
998.                 krb5_const krb5_flags,
999.                 krb5_address * krb5_const *,
1000.                 krb5_enctype *,
1001.                 krb5_preauthtype *,
1002.                 krb5_const krb5_keytab,
1003.                 krb5_ccache,
1004.                 krb5_creds *,
1005.                 krb5_kdc_rep ** ))=NULL;
1006.  
1007. static krb5_error_code
1008. (KRB5_CALLCONV *p_krb5_get_in_tkt_with_password)P((krb5_context,
1009.                 krb5_const krb5_flags,
1010.                 krb5_address * krb5_const *,
1011.                 krb5_enctype *,
1012.                 krb5_preauthtype *,
1013.                 krb5_const char *,
1014.                 krb5_ccache,
1015.                 krb5_creds *,
1016.                 krb5_kdc_rep **))=NULL;
1017.  
1018. static krb5_error_code
1019. (KRB5_CALLCONV *p_krb5_read_password)P((krb5_context,
1020.                 const char *,
1021.                 const char *,
1022.                 char *,
1023.                 int * ))=NULL;
1024.  
1025. static krb5_error_code
1026. (KRB5_CALLCONV_C *p_krb5_build_principal_ext)P((krb5_context,
1027.                                  krb5_principal *,
1028.                                  int,
1029.                                  krb5_const char *,
1030.                                  ...))=NULL;
1031.  
1032. static krb5_error_code
1033. (KRB5_CALLCONV *p_krb5_unparse_name)P((krb5_context,
1034.                 krb5_const_principal,
1035.                 char ** ))=NULL;
1036.  
1037. static krb5_error_code
1038. (KRB5_CALLCONV *p_krb5_parse_name)P((krb5_context,
1039.                 krb5_const char *,
1040.                 krb5_principal *))=NULL;
1041.  
1042. static krb5_error_code
1043. (KRB5_CALLCONV *p_krb5_cc_resolve)P((krb5_context,
1044.                 char *,
1045.                 krb5_ccache *))=NULL;
1046.  
1047. static const char *
1048. (KRB5_CALLCONV *p_krb5_cc_default_name)P((krb5_context))=NULL;
1049.  
1050. static krb5_error_code
1051. (KRB5_CALLCONV *p_krb5_string_to_timestamp)P((char *,
1052.                                            krb5_timestamp *))=NULL;
1053.  
1054. static krb5_error_code
1055. (KRB5_CALLCONV *p_krb5_kt_resolve)P((krb5_context,
1056.                 krb5_const char *,
1057.                 krb5_keytab *))=NULL;
1058.  
1059. static krb5_error_code
1060. (KRB5_CALLCONV *p_krb5_string_to_deltat)P((char *, krb5_deltat *))=NULL;
1061.  
1062. static krb5_error_code
1063. (KRB5_CALLCONV *p_krb5_timeofday)P((krb5_context,
1064.                 krb5_int32 *))=NULL;
1065.  
1066. static krb5_error_code
1067. (KRB5_CALLCONV *p_krb5_get_credentials_renew)P((krb5_context,
1068.                 krb5_const krb5_flags,
1069.                 krb5_ccache,
1070.                 krb5_creds *,
1071.                 krb5_creds **))=NULL;
1072.  
1073. static krb5_error_code
1074. (KRB5_CALLCONV *p_krb5_get_credentials_validate)P((krb5_context,
1075.                 krb5_const krb5_flags,
1076.                 krb5_ccache,
1077.                 krb5_creds *,
1078.                 krb5_creds **))=NULL;
1079.  
1080. static krb5_error_code
1081. (KRB5_CALLCONV *p_krb5_copy_principal)P((krb5_context,
1082.                 krb5_const_principal,
1083.                 krb5_principal *))=NULL;
1084.  
1085. static krb5_error_code
1086. (KRB5_CALLCONV *p_krb5_timestamp_to_sfstring)P((krb5_timestamp,
1087.                                              char *,
1088.                                              size_t,
1089.                                              char *))=NULL;
1090.  
1091. static krb5_error_code
1092. (KRB5_CALLCONV *p_krb5_kt_default)P((krb5_context,
1093.                 krb5_keytab *))=NULL;
1094.  
1095. static krb5_error_code
1096. (KRB5_CALLCONV *p_krb5_free_ticket)P((krb5_context, krb5_ticket *))=NULL;
1097.  
1098. static krb5_error_code
1099. (KRB5_CALLCONV_C *p_decode_krb5_ticket)P((const krb5_data *code,
1100.                                      krb5_ticket **rep))=NULL;
1101.  
1102. static krb5_error_code
1103. (KRB5_CALLCONV *p_cygnus_decode_krb5_ticket)P((const krb5_data *code,
1104.                                      krb5_ticket **rep))=NULL;
1105.  
1106. #ifdef CHECKADDRS
1107. static krb5_error_code
1108. (KRB5_CALLCONV *p_krb5_os_localaddr)P((krb5_context con,
1109.                                     krb5_address *** ppp))=NULL;
1110.  
1111. static krb5_boolean
1112. (KRB5_CALLCONV_C  *p_krb5_address_search)P((krb5_context con,
1113.                 krb5_const krb5_address * p,
1114.                 krb5_address * krb5_const * pp))=NULL;
1115.  
1116. static void
1117. (KRB5_CALLCONV * p_krb5_free_addresses)P((krb5_context con,
1118.                                        krb5_address ** pp))=NULL;
1119. #endif /* CHECKADDRS */
1120.  
1121. static krb5_error_code
1122. (KRB5_CALLCONV * p_krb5_auth_con_getremotesubkey)P((krb5_context,
1123.                                                  krb5_auth_context,
1124.                                                  krb5_keyblock **))
1125.                                               = NULL;
1126.  
1127. static krb5_error_code
1128. (KRB5_CALLCONV * p_krb5_mk_rep)P((krb5_context, krb5_auth_context,
1129.                                krb5_data *))=NULL;
1130.  
1131. static krb5_error_code
1132. (KRB5_CALLCONV * p_krb5_free_authenticator)P((krb5_context,
1133.                                            krb5_authenticator *))=NULL;
1134.  
1135. static krb5_error_code
1136. (KRB5_CALLCONV * p_krb5_verify_checksum)
1137. P((krb5_context context,
1138.     krb5_const krb5_cksumtype ctype,
1139.     krb5_const krb5_checksum * cksum,
1140.     krb5_const krb5_pointer in, krb5_const size_t in_length,
1141.     krb5_const krb5_pointer seed, krb5_const size_t seed_length))=NULL;
1142.  
1143. static krb5_error_code
1144. (KRB5_CALLCONV * p_krb5_auth_con_getkey)
1145. P((krb5_context, krb5_auth_context, krb5_keyblock **))=NULL;
1146.  
1147. static krb5_error_code
1148. (KRB5_CALLCONV * p_krb5_auth_con_getauthenticator)
1149. P((krb5_context, krb5_auth_context, krb5_authenticator **))=NULL;
1150.  
1151. static krb5_error_code
1152. (KRB5_CALLCONV * p_krb5_rd_req)
1153. P((krb5_context, krb5_auth_context *, krb5_const krb5_data *,
1154.     krb5_const_principal, krb5_keytab, krb5_flags *,
1155.     krb5_ticket **))=NULL;
1156.  
1157. static krb5_error_code
1158. (KRB5_CALLCONV * p_krb5_auth_con_setrcache)
1159. P((krb5_context, krb5_auth_context, krb5_rcache))=NULL;
1160.  
1161. static krb5_error_code
1162. (KRB5_CALLCONV * p_krb5_get_server_rcache)
1163. P((krb5_context, krb5_const krb5_data *, krb5_rcache *))=NULL;
1164.  
1165. static krb5_error_code
1166. (KRB5_CALLCONV_C * p_krb5_auth_con_getrcache)
1167. P((krb5_context, krb5_auth_context, krb5_rcache *))=NULL;
1168.  
1169. static krb5_error_code
1170. (KRB5_CALLCONV * p_krb5_free_tgt_creds)
1171. P((krb5_context, krb5_creds ** ))=NULL;
1172.  
1173. static krb5_error_code
1174. (KRB5_CALLCONV * p_krb5_rd_cred)
1175. P((krb5_context,krb5_auth_context,krb5_data *, krb5_creds ***,
1176.     krb5_replay_data *))=NULL;
1177.  
1178. static krb5_error_code
1179. (KRB5_CALLCONV * p_krb5_c_enctype_compare)
1180. P((krb5_context, krb5_enctype, krb5_enctype, krb5_boolean *))=NULL;
1181.  
1182. static krb5_error_code
1183. (KRB5_CALLCONV * p_krb5_free_error)
1184. P((krb5_context, krb5_error *))=NULL;
1185.  
1186. static krb5_error_code
1187. (KRB5_CALLCONV * p_krb5_sendauth)
1188. P((krb5_context,
1189.     krb5_auth_context *,
1190.     krb5_pointer,
1191.     char *,
1192.     krb5_principal,
1193.     krb5_principal,
1194.     krb5_flags,
1195.     krb5_data *,
1196.     krb5_creds *,
1197.     krb5_ccache,
1198.     krb5_error **,
1199.     krb5_ap_rep_enc_part **,
1200.     krb5_creds **))=NULL;
1201.  
1202. static krb5_error_code
1203. (KRB5_CALLCONV *p_krb5_process_key)
1204. P((krb5_context, krb5_encrypt_block *, const krb5_keyblock *))=NULL;
1205.  
1206. static krb5_error_code
1207. (KRB5_CALLCONV * p_krb5_use_enctype)
1208. P((krb5_context, krb5_encrypt_block *, const krb5_enctype))=NULL;
1209.  
1210. static krb5_error_code
1211. (KRB5_CALLCONV * p_krb5_encrypt)
1212. P((krb5_context context,
1213.     krb5_const krb5_pointer inptr,
1214.     krb5_pointer outptr,
1215.     krb5_const size_t size,
1216.     krb5_encrypt_block * eblock,
1217.     krb5_pointer ivec))=NULL;
1218.  
1219. static size_t
1220. (KRB5_CALLCONV * p_krb5_encrypt_size)
1221. P((krb5_const size_t length,
1222.     krb5_enctype crypto))=NULL;
1223.  
1224. static krb5_error_code
1225. (KRB5_CALLCONV * p_krb5_decrypt)
1226. P((krb5_context context,
1227.     krb5_const krb5_pointer inptr,
1228.     krb5_pointer outptr,
1229.     krb5_const size_t size,
1230.     krb5_encrypt_block  * eblock,
1231.     krb5_pointer ivec))=NULL;
1232.  
1233. static krb5_boolean
1234. (KRB5_CALLCONV * p_krb5_kuserok)
1235. P((krb5_context context,krb5_principal princ, const char * p))=NULL;
1236.  
1237. static krb5_error_code
1238. (KRB5_CALLCONV * p_krb5_aname_to_localname)
1239. P((krb5_context context, krb5_const_principal aname, const int lnsize, char *lname))=NULL;
1240.  
1241. static int
1242. (KRB5_CALLCONV_C * p_k95_k5_userok)
1243. P((const char * princ_name, const char * princ_inst, const char * princ_realm,
1244.    const char * local_realm, const char * userid))=NULL;
1245.  
1246. static int
1247. (KRB5_CALLCONV_C * p_k95_k5_principal_to_localname)
1248. P((const char * princ_name, const char * local_realm, char * userid, int len))=NULL;
1249.  
1250. static void
1251. (KRB5_CALLCONV_C * p_krb5_appdefault_boolean)
1252. P((krb5_context,const char *,const krb5_data *,const char *,
1253.      int,int * ))=NULL;
1254. static void
1255. (KRB5_CALLCONV_C * p_krb5_appdefault_string)
1256. P((krb5_context,const char *,const krb5_data *,const char *,
1257.     char ** ))=NULL;
1258.  
1259. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_init)
1260.     P((krb5_get_init_creds_opt *opt))=NULL;
1261.  
1262. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_tkt_life)
1263.     P((krb5_get_init_creds_opt *opt,
1264.                  krb5_deltat tkt_life))=NULL;
1265.  
1266. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_renew_life)
1267.     P((krb5_get_init_creds_opt *opt,
1268.         krb5_deltat renew_life))=NULL;
1269.  
1270. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_forwardable)
1271.     P((krb5_get_init_creds_opt *opt,
1272.         int forwardable))=NULL;
1273.  
1274. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_proxiable)
1275.     P((krb5_get_init_creds_opt *opt,
1276.         int proxiable))=NULL;
1277.  
1278. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_etype_list)
1279.     P((krb5_get_init_creds_opt *opt,
1280.         krb5_enctype *etype_list,
1281.         int etype_list_length))=NULL;
1282.  
1283. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_address_list)
1284.     P((krb5_get_init_creds_opt *opt, krb5_address **addresses))=NULL;
1285.  
1286. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_preauth_list)
1287.     P((krb5_get_init_creds_opt *opt,
1288.         krb5_preauthtype *preauth_list,
1289.         int preauth_list_length))=NULL;
1290.  
1291. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_salt)
1292.     P((krb5_get_init_creds_opt *opt, krb5_data *salt))=NULL;
1293.  
1294. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_init_creds_password)
1295.     P((krb5_context context,
1296.         krb5_creds *creds,
1297.         krb5_principal client,
1298.         char *password,
1299.         krb5_prompter_fct prompter,
1300.         void *data,
1301.         krb5_deltat start_time,
1302.         char *in_tkt_service,
1303.         krb5_get_init_creds_opt *options))=NULL;
1304.  
1305. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_init_creds_keytab)
1306.     P((krb5_context context,
1307.         krb5_creds *creds,
1308.         krb5_principal client,
1309.         krb5_keytab arg_keytab,
1310.         krb5_deltat start_time,
1311.         char *in_tkt_service,
1312.         krb5_get_init_creds_opt *options))=NULL;
1313.  
1314. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_validated_creds)
1315.     P((krb5_context context,
1316.         krb5_creds *creds,
1317.         krb5_principal client,
1318.         krb5_ccache ccache,
1319.         char *in_tkt_service))=NULL;
1320.  
1321. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_renewed_creds)
1322.     P((krb5_context context,
1323.         krb5_creds *creds,
1324.         krb5_principal client,
1325.         krb5_ccache ccache,
1326.         char *in_tkt_service))=NULL;
1327.  
1328. static krb5_error_code (KRB5_CALLCONV * p_krb5_rd_safe)
1329.    P((krb5_context,
1330.        krb5_auth_context,
1331.        krb5_const krb5_data  *,
1332.        krb5_data  *,
1333.        krb5_replay_data  *))=NULL;
1334.  
1335. static krb5_error_code (KRB5_CALLCONV * p_krb5_mk_safe)
1336.     P((krb5_context,
1337.         krb5_auth_context,
1338.         krb5_const krb5_data  *,
1339.         krb5_data  *,
1340.         krb5_replay_data  *))=NULL;
1341.  
1342. static krb5_error_code (KRB5_CALLCONV * p_krb5_rd_priv)
1343.     P((krb5_context,
1344.         krb5_auth_context,
1345.         krb5_const krb5_data  *,
1346.         krb5_data  *,
1347.         krb5_replay_data  *))=NULL;
1348.  
1349. static krb5_error_code (KRB5_CALLCONV * p_krb5_mk_priv)
1350.     P((krb5_context,
1351.         krb5_auth_context,
1352.         krb5_const krb5_data  *,
1353.         krb5_data  *,
1354.         krb5_replay_data  *))=NULL;
1355.  
1356. static krb5_error_code (KRB5_CALLCONV *p_krb5_auth_con_setuseruserkey)
1357.     P((krb5_context,
1358.         krb5_auth_context,
1359.         krb5_keyblock *))=NULL;
1360.  
1361. static krb5_error_code (KRB5_CALLCONV *p_krb5_get_profile)
1362.     P((krb5_context, profile_t *))=NULL;
1363.  
1364. static long (KRB5_CALLCONV *p_profile_get_relation_names)
1365.     P((profile_t profile, const char **names, char ***ret_names))=NULL;
1366.  
1367. static long (KRB5_CALLCONV *p_profile_get_subsection_names)
1368.     P((profile_t profile, const char **names, char ***ret_names))=NULL;
1369.  
1370. static void (KRB5_CALLCONV *p_krb5_free_keyblock_contents)
1371. P((krb5_context, krb5_keyblock FAR *))=NULL;
1372.  
1373. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_encrypt)
1374.     P((krb5_context context, krb5_const krb5_keyblock *key,
1375.         krb5_keyusage usage, krb5_const krb5_data *ivec,
1376.         krb5_const krb5_data *input, krb5_enc_data *output))=NULL;
1377.  
1378. static krb5_error_code (KRB5_CALLCONV *p_krb5_c_decrypt)
1379.     P((krb5_context context, krb5_const krb5_keyblock *key,
1380.         krb5_keyusage usage, krb5_const krb5_data *ivec,
1381.         krb5_const krb5_enc_data *input, krb5_data *output))=NULL;
1382.  
1383. static krb5_error_code (KRB5_CALLCONV *p_krb5_c_block_size)
1384.     P((krb5_context context, krb5_enctype enctype,
1385.         size_t *blocksize))=NULL;
1386.  
1387. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_make_random_key)
1388.     P((krb5_context context, krb5_enctype enctype,
1389.        krb5_keyblock *random_key))=NULL;
1390.  
1391. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_random_seed)
1392.     P((krb5_context context, krb5_data *data))=NULL;
1393.  
1394. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_encrypt_length)
1395.     P((krb5_context context, krb5_enctype enctype,
1396.       size_t inputlen, size_t *length))=NULL;
1397.  
1398. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_default_name)
1399.     P((krb5_context context, char *, int))=NULL;
1400.  
1401. static char * (KRB5_CALLCONV * p_krb5_cc_get_name )
1402.     (krb5_context context, krb5_ccache cache)=NULL;
1403.  
1404. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_gen_new )
1405.     (krb5_context context, krb5_ccache *cache)=NULL;
1406.  
1407. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_initialize)
1408.     (krb5_context context, krb5_ccache cache,
1409.                     krb5_principal principal)=NULL;
1410.  
1411. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_destroy )
1412.     (krb5_context context, krb5_ccache cache)=NULL;
1413.  
1414. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_close )
1415.     (krb5_context context, krb5_ccache cache)=NULL;
1416.  
1417. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_store_cred )
1418.     (krb5_context context, krb5_ccache cache,
1419.                      krb5_creds *creds)=NULL;
1420.  
1421. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_retrieve_cred )
1422.     (krb5_context context, krb5_ccache cache,
1423.       krb5_flags flags, krb5_creds *mcreds,
1424.       krb5_creds *creds)=NULL;
1425.  
1426. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_get_principal )
1427.     (krb5_context context, krb5_ccache cache,
1428.       krb5_principal *principal)=NULL;
1429.  
1430. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_start_seq_get )
1431.     (krb5_context context, krb5_ccache cache,
1432.       krb5_cc_cursor *cursor)=NULL;
1433.  
1434. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_next_cred )
1435.     (krb5_context context, krb5_ccache cache,
1436.       krb5_cc_cursor *cursor, krb5_creds *creds)=NULL;
1437.  
1438. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_end_seq_get )
1439.     (krb5_context context, krb5_ccache cache,
1440.       krb5_cc_cursor *cursor)=NULL;
1441.  
1442. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_remove_cred )
1443.     (krb5_context context, krb5_ccache cache, krb5_flags flags,
1444.       krb5_creds *creds)=NULL;
1445.  
1446. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_set_flags )
1447.     (krb5_context context, krb5_ccache cache, krb5_flags flags)=NULL;
1448.  
1449. static const char * (KRB5_CALLCONV * p_krb5_cc_get_type )
1450.     (krb5_context context, krb5_ccache cache)=NULL;
1451.  
1452. static const char * (KRB5_CALLCONV * p_krb5_kt_get_type )
1453.     (krb5_context context, krb5_keytab)=NULL;
1454.  
1455. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_get_name)
1456.     (krb5_context, krb5_keytab, char *, int)=NULL;
1457.  
1458. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_close)
1459.     (krb5_context, krb5_keytab)=NULL;
1460.  
1461. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_get_entry)
1462.     (krb5_context, krb5_keytab,
1463.                  krb5_principal,
1464.                  krb5_kvno,
1465.                  krb5_enctype,
1466.                  krb5_keytab_entry *)=NULL;
1467.  
1468. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_start_seq_get)
1469.     (krb5_context,
1470.                  krb5_keytab,
1471.                  krb5_kt_cursor *)=NULL;
1472. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_next_entry)
1473.         (krb5_context,
1474.                  krb5_keytab,
1475.                  krb5_keytab_entry *,
1476.                  krb5_kt_cursor *)=NULL;
1477.  
1478. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_end_seq_get)
1479.         (krb5_context,
1480.                  krb5_keytab,
1481.                  krb5_kt_cursor *)=NULL;
1482.  
1483. static krb5_error_code (KRB5_CALLCONV_C * p_krb5_build_principal)
1484.     (krb5_context, krb5_principal *, unsigned int, krb5_const char *, ...)=NULL;
1485.  
1486.  
1487. static int (KRB5_CALLCONV_C *p_krb524_init_ets)(krb5_context context)=NULL;
1488. static int (KRB5_CALLCONV_C *p_krb524_convert_creds_kdc)(krb5_context context, 
1489.                                                          krb5_creds *v5creds,
1490.                                                          CREDENTIALS *v4creds)=NULL;
1491.  
1492. const char *
1493. ck_error_message(errcode_t ec)
1494. {
1495.     if ( ec == 0 )
1496.         return("OK");
1497.     else if ( ec == -1 )
1498.         return("Entry point not found in Dynamic Link Library");
1499.     else if ( p_error_message )
1500.         return(p_error_message(ec));
1501.     else
1502.         return ckitoa(ec);
1503. }
1504.  
1505. void
1506. ck_com_err(const char * s1, errcode_t ec, const char * s2, ...)
1507. {
1508.     va_list ap;
1509.     const char * msg= NULL;
1510.  
1511.     va_start( ap, s2 );
1512.     msg = error_message(ec);
1513.  
1514.     ckmakxmsg(tn_msg,TN_MSG_LEN, (char *)(s1?s1:""), 
1515.                (char *)(s1?" ":""), (char *)msg, (char *)(s2?" ":""), 
1516.                (char *)(s2?s2:""),
1517.                NULL,NULL,NULL,NULL,NULL,NULL,NULL);
1518.     debug(F111,"KERBEROS",tn_msg,ec);
1519.  
1520.     ckmakmsg(tn_msg,TN_MSG_LEN,"?Kerberos 5 error: ",(char *)msg,s2?" ":"",(char *)(s2?s2:""));
1521.     if (tn_deb || debses) tn_debug(tn_msg);
1522.     printf("%s\n",tn_msg);
1523. }
1524.  
1525. void
1526. ck_krb5_free_creds(krb5_context CO, krb5_creds  * CR)
1527. {
1528.     if ( p_krb5_free_creds )
1529.         p_krb5_free_creds(CO,CR);
1530. }
1531.  
1532. void
1533. ck_krb5_free_data(krb5_context CO, krb5_data  * data)
1534. {
1535.     if ( p_krb5_free_data )
1536.         p_krb5_free_data(CO,data);
1537. }
1538.  
1539. void
1540. ck_krb5_free_data_contents(krb5_context CO, krb5_data  * data)
1541. {
1542.     if ( p_krb5_free_data_contents )
1543.         p_krb5_free_data_contents(CO,data);
1544. }
1545.  
1546. krb5_error_code
1547. ck_krb5_copy_keyblock(krb5_context CO,
1548.                        krb5_const krb5_keyblock  * pKB,
1549.                        krb5_keyblock ** ppKB)
1550. {
1551.     if ( p_krb5_copy_keyblock )
1552.         return(p_krb5_copy_keyblock(CO,pKB,ppKB));
1553.     else
1554.         return KRB5KRB_ERR_GENERIC;
1555. }
1556.  
1557. void
1558. ck_krb5_free_keyblock (krb5_context CO, krb5_keyblock  * pKB)
1559. {
1560.     if ( p_krb5_free_keyblock )
1561.         p_krb5_free_keyblock(CO,pKB);
1562.  
1563. }
1564. krb5_error_code
1565. ck_krb5_auth_con_getlocalsubkey(krb5_context CO,
1566.                                  krb5_auth_context ACO,
1567.                                  krb5_keyblock  ** ppKB)
1568. {
1569.     if ( p_krb5_auth_con_getlocalsubkey )
1570.         return(p_krb5_auth_con_getlocalsubkey(CO,ACO,ppKB));
1571.     else
1572.         return KRB5KRB_ERR_GENERIC;
1573.  
1574. }
1575. krb5_error_code
1576. ck_krb5_mk_req_extended (krb5_context CO,
1577.                           krb5_auth_context  * pACO,
1578.                           krb5_const krb5_flags F,
1579.                           krb5_data  * pD1,
1580.                           krb5_creds  * pC,
1581.                           krb5_data  * pD2)
1582. {
1583.     if ( p_krb5_mk_req_extended )
1584.         return(p_krb5_mk_req_extended(CO,pACO,F,pD1,pC,pD2));
1585.     else
1586.         return KRB5KRB_ERR_GENERIC;
1587. }
1588. krb5_error_code
1589. ck_krb5_mk_req(krb5_context CO,
1590.                 krb5_auth_context *pACO,
1591.                 krb5_const krb5_flags F,
1592.                 char * s1,
1593.                 char * s2,
1594.                 krb5_data * pD1,
1595.                 krb5_ccache pC,
1596.                 krb5_data * pD2)
1597. {
1598.     if ( p_krb5_mk_req )
1599.         return(p_krb5_mk_req(CO,pACO,F,s1,s2,pD1,pC,pD2));
1600.     else
1601.         return KRB5KRB_ERR_GENERIC;
1602. }
1603.  
1604. krb5_error_code
1605. ck_krb5_auth_con_setflags (krb5_context CO,
1606.                             krb5_auth_context ACO,
1607.                             krb5_int32 I)
1608. {
1609.     if ( p_krb5_auth_con_setflags )
1610.         return(p_krb5_auth_con_setflags(CO,ACO,I));
1611.     else
1612.         return KRB5KRB_ERR_GENERIC;
1613. }
1614. krb5_error_code
1615. ck_krb5_auth_con_init(krb5_context CO,
1616.                        krb5_auth_context  * pACO)
1617. {
1618.     if ( p_krb5_auth_con_init )
1619.         return(p_krb5_auth_con_init(CO,pACO));
1620.     else
1621.         return KRB5KRB_ERR_GENERIC;
1622. }
1623. krb5_error_code
1624. ck_krb5_auth_con_free (krb5_context CO,
1625.                         krb5_auth_context ACO)
1626. {
1627.     if ( p_krb5_auth_con_free )
1628.         return(p_krb5_auth_con_free(CO,ACO));
1629.     else
1630.         return KRB5KRB_ERR_GENERIC;
1631. }
1632. krb5_error_code
1633. ck_krb5_get_credentials(krb5_context CO,
1634.                          krb5_const krb5_flags F,
1635.                          krb5_ccache CC,
1636.                          krb5_creds  * pCR,
1637.                          krb5_creds  ** ppCR)
1638. {
1639.     if ( p_krb5_get_credentials )
1640.         return(p_krb5_get_credentials(CO,F,CC,pCR,ppCR));
1641.     else
1642.         return KRB5KRB_ERR_GENERIC;
1643. }
1644. void
1645. ck_krb5_free_cred_contents(krb5_context CO, krb5_creds  * pCR)
1646. {
1647.     if ( p_krb5_free_cred_contents )
1648.         p_krb5_free_cred_contents(CO,pCR);
1649. }
1650.  
1651. krb5_error_code
1652. ck_krb5_sname_to_principal(krb5_context CO,
1653.                             krb5_const char  * pC1,
1654.                             krb5_const char  * pC2,
1655.                             krb5_int32 I,
1656.                             krb5_principal  * pPR)
1657. {
1658.     if ( p_krb5_sname_to_principal )
1659.         return(p_krb5_sname_to_principal(CO,pC1,pC2,I,pPR));
1660.     else
1661.         return KRB5KRB_ERR_GENERIC;
1662. }
1663.  
1664. krb5_error_code
1665. ck_krb5_cc_default(krb5_context CO,
1666.                     krb5_ccache  * pCC)
1667. {
1668.     if ( p_krb5_cc_default )
1669.         return(p_krb5_cc_default(CO,pCC));
1670.     else
1671.         return KRB5KRB_ERR_GENERIC;
1672. }
1673.  
1674. void
1675. ck_krb5_free_ap_rep_enc_part(krb5_context CO, krb5_ap_rep_enc_part * pAP)
1676. {
1677.     if ( p_krb5_free_ap_rep_enc_part )
1678.         p_krb5_free_ap_rep_enc_part(CO,pAP);
1679. }
1680.  
1681. krb5_error_code
1682. ck_krb5_rd_rep(krb5_context CO,
1683.                 krb5_auth_context AC,
1684.                 krb5_const krb5_data  * pD,
1685.                 krb5_ap_rep_enc_part  ** ppAP)
1686. {
1687.     if ( p_krb5_rd_rep )
1688.         return(p_krb5_rd_rep(CO,AC,pD,ppAP));
1689.     else
1690.         return KRB5KRB_ERR_GENERIC;
1691. }
1692.  
1693.  
1694. krb5_error_code
1695. ck_krb5_init_context(krb5_context * pCO)
1696. {
1697.     if ( p_krb5_init_context )
1698.         return(p_krb5_init_context(pCO));
1699.     else
1700.         return KRB5KRB_ERR_GENERIC;
1701. }
1702.  
1703. krb5_error_code
1704. ck_krb5_init_ets(krb5_context CO)
1705. {
1706.     if ( p_krb5_init_ets )
1707.         return(p_krb5_init_ets(CO));
1708.     else
1709.         return KRB5KRB_ERR_GENERIC;
1710. }
1711.  
1712. void
1713. ck_krb5_free_context(krb5_context CO)
1714. {
1715.  
1716.     if ( p_krb5_free_context )
1717.         p_krb5_free_context(CO);
1718. }
1719.  
1720. void
1721. ck_krb5_free_principal(krb5_context c, krb5_principal p)
1722. {
1723.     if ( p_krb5_free_principal )
1724.         p_krb5_free_principal(c,p);
1725. }
1726.  
1727. void
1728. ck_krb5_free_unparsed_name(krb5_context c, char * p)
1729. {
1730.     if ( p_krb5_free_unparsed_name )
1731.         p_krb5_free_unparsed_name(c,p);
1732.     else
1733.         free(p);
1734. }
1735.  
1736. krb5_error_code
1737. ck_krb5_fwd_tgt_creds(krb5_context con,
1738.                        krb5_auth_context acon,
1739.                        char  * ptr,
1740.                        krb5_principal prin1,
1741.                        krb5_principal prin2,
1742.                        krb5_ccache cc,
1743.                        int fwd,
1744.                        krb5_data  * data)
1745. {
1746.     if ( p_krb5_fwd_tgt_creds )
1747.         return(p_krb5_fwd_tgt_creds(con,acon,ptr,
1748.                                      prin1,prin2,cc,fwd,data));
1749.     else
1750.         return KRB5KRB_ERR_GENERIC;
1751. }
1752.  
1753. krb5_error_code
1754. ck_krb5_auth_con_genaddrs(krb5_context con,
1755.                            krb5_auth_context acon,
1756.                            int n, int m)
1757. {
1758.     if ( p_krb5_auth_con_genaddrs )
1759.         return(p_krb5_auth_con_genaddrs(con,acon,n,m));
1760.     else
1761.         return KRB5KRB_ERR_GENERIC;
1762. }
1763.  
1764. krb5_error_code
1765. ck_krb5_get_host_realm(krb5_context con,
1766.                         const char * host,
1767.                         char *** realm)
1768. {
1769.     if ( p_krb5_get_host_realm )
1770.         return(p_krb5_get_host_realm(con,host,realm));
1771.     else {
1772.         if ( realm )
1773.             *realm = NULL;
1774.         return KRB5KRB_ERR_GENERIC;
1775.     }
1776. }
1777.  
1778. krb5_error_code
1779. ck_krb5_free_host_realm(krb5_context con,
1780.                         char ** realmlist)
1781. {
1782.     if ( p_krb5_free_host_realm )
1783.         return(p_krb5_free_host_realm(con,realmlist));
1784.     else
1785.         return KRB5KRB_ERR_GENERIC;
1786. }
1787.  
1788. krb5_error_code
1789. ck_krb5_get_in_tkt_with_keytab(krb5_context con,
1790.                 krb5_const krb5_flags flags,
1791.                 krb5_address * krb5_const * addr,
1792.                 krb5_enctype * enc,
1793.                 krb5_preauthtype * preauth,
1794.                 krb5_const krb5_keytab kt,
1795.                 krb5_ccache cc,
1796.                 krb5_creds * creds,
1797.                 krb5_kdc_rep ** rep)
1798. {
1799.     if ( p_krb5_get_in_tkt_with_keytab )
1800.         return(p_krb5_get_in_tkt_with_keytab(con,flags,addr,enc,preauth,
1801.                                               kt,cc,creds,rep));
1802.     else
1803.         return KRB5KRB_ERR_GENERIC;
1804. }
1805.  
1806. krb5_error_code
1807. ck_krb5_get_in_tkt_with_password(krb5_context con,
1808.                 krb5_const krb5_flags flags,
1809.                 krb5_address * krb5_const * addr,
1810.                 krb5_enctype * enc,
1811.                 krb5_preauthtype * preauth,
1812.                 krb5_const char * sz,
1813.                 krb5_ccache cc,
1814.                 krb5_creds * creds,
1815.                 krb5_kdc_rep ** rep)
1816. {
1817.     if ( p_krb5_get_in_tkt_with_password )
1818.         return(p_krb5_get_in_tkt_with_password(con,flags,addr,enc,
1819.                                                 preauth,sz,cc,creds,rep));
1820.     else
1821.         return KRB5KRB_ERR_GENERIC;
1822. }
1823.  
1824. krb5_error_code
1825. ck_krb5_read_password(krb5_context con,
1826.                 const char * sz1,
1827.                 const char * sz2,
1828.                 char * sz3,
1829.                 int * pI)
1830. {
1831.     if ( p_krb5_read_password )
1832.         return(p_krb5_read_password(con,sz1,sz2,sz3,pI));
1833.     else
1834.         return KRB5KRB_ERR_GENERIC;
1835. }
1836.  
1837. /* We can only due this because we know how many parameters */
1838. /* we are going to use in the module.                       */
1839.  
1840. krb5_error_code
1841. ck_krb5_build_principal_ext(krb5_context con,
1842.                              krb5_principal * princ,
1843.                              int n,
1844.                              krb5_const char * sz,
1845.                              int n2,
1846.                              krb5_const char * sz2,
1847.                              int n3,
1848.                              krb5_const char * sz3,
1849.                              ...)
1850. {
1851.     if ( p_krb5_build_principal_ext )
1852.         return(p_krb5_build_principal_ext(con,princ,n,sz,n2,sz2,n3,sz3,0));
1853.     else
1854.         return KRB5KRB_ERR_GENERIC;
1855. }
1856.  
1857. krb5_error_code
1858. ck_krb5_unparse_name(krb5_context con,
1859.                 krb5_const_principal princ,
1860.                 char ** psz)
1861. {
1862.     if ( p_krb5_unparse_name )
1863.         return(p_krb5_unparse_name(con,princ,psz));
1864.     else
1865.         return KRB5KRB_ERR_GENERIC;
1866. }
1867.  
1868. krb5_error_code
1869. ck_krb5_parse_name(krb5_context con,
1870.                 krb5_const char * sz,
1871.                 krb5_principal * princ)
1872.  
1873. {
1874.     if ( p_krb5_parse_name )
1875.         return(p_krb5_parse_name(con,sz,princ));
1876.     else
1877.         return KRB5KRB_ERR_GENERIC;
1878. }
1879.  
1880. krb5_error_code
1881. ck_krb5_cc_resolve(krb5_context con,
1882.                 char * sz,
1883.                 krb5_ccache * cc)
1884. {
1885.     if ( p_krb5_cc_resolve )
1886.         return(p_krb5_cc_resolve(con,sz,cc));
1887.     else
1888.         return KRB5KRB_ERR_GENERIC;
1889. }
1890.  
1891. const char *
1892. ck_krb5_cc_default_name(krb5_context con)
1893. {
1894.     if ( p_krb5_cc_default_name )
1895.         return(p_krb5_cc_default_name(con));
1896.     else
1897.         return NULL;
1898. }
1899.  
1900. krb5_error_code
1901. ck_krb5_string_to_timestamp(char * sz,
1902.                              krb5_timestamp * ts)
1903. {
1904.     if ( p_krb5_string_to_timestamp )
1905.         return(p_krb5_string_to_timestamp(sz,ts));
1906.     else
1907.         return KRB5KRB_ERR_GENERIC;
1908. }
1909.  
1910. krb5_error_code
1911. ck_krb5_kt_resolve(krb5_context con,
1912.                     krb5_const char * sz,
1913.                     krb5_keytab * kt)
1914. {
1915.     if ( p_krb5_kt_resolve )
1916.         return(p_krb5_kt_resolve(con,sz,kt));
1917.     else
1918.         return KRB5KRB_ERR_GENERIC;
1919. }
1920.  
1921. krb5_error_code
1922. ck_krb5_string_to_deltat(char * sz,
1923.                           krb5_deltat * dt)
1924. {
1925.     if ( p_krb5_string_to_deltat )
1926.         return(p_krb5_string_to_deltat(sz,dt));
1927.     else
1928.         return KRB5KRB_ERR_GENERIC;
1929. }
1930.  
1931. krb5_error_code
1932. ck_krb5_timeofday(krb5_context con,
1933.                 krb5_int32 * pN)
1934. {
1935.     if ( p_krb5_timeofday )
1936.         return(p_krb5_timeofday(con,pN));
1937.     else
1938.         return KRB5KRB_ERR_GENERIC;
1939. }
1940.  
1941. krb5_error_code
1942. ck_krb5_get_credentials_renew(krb5_context con,
1943.                 krb5_const krb5_flags flags,
1944.                 krb5_ccache cc,
1945.                 krb5_creds * pCreds,
1946.                 krb5_creds ** ppCreds)
1947. {
1948.     if ( p_krb5_get_credentials_renew )
1949.         return(p_krb5_get_credentials_renew(con,flags,cc,pCreds,ppCreds));
1950.     else
1951.         return KRB5KRB_ERR_GENERIC;
1952. }
1953.  
1954. krb5_error_code
1955. ck_krb5_get_credentials_validate(krb5_context con,
1956.                 krb5_const krb5_flags flags,
1957.                 krb5_ccache cc,
1958.                 krb5_creds * pCreds,
1959.                 krb5_creds ** ppCreds)
1960. {
1961.     if ( p_krb5_get_credentials_validate )
1962.         return(p_krb5_get_credentials_validate(con,flags,cc,pCreds,ppCreds));
1963.     else
1964.         return KRB5KRB_ERR_GENERIC;
1965. }
1966.  
1967. krb5_error_code
1968. ck_krb5_copy_principal(krb5_context con,
1969.                 krb5_const_principal princ,
1970.                 krb5_principal * pPrinc)
1971. {
1972.     if ( p_krb5_copy_principal )
1973.         return(p_krb5_copy_principal(con,princ,pPrinc));
1974.     else
1975.         return KRB5KRB_ERR_GENERIC;
1976. }
1977.  
1978. krb5_error_code
1979. ck_krb5_timestamp_to_sfstring(krb5_timestamp ts,
1980.                                char * sz1,
1981.                                size_t size,
1982.                                char * sz2)
1983. {
1984.     if ( p_krb5_timestamp_to_sfstring )
1985.         return(p_krb5_timestamp_to_sfstring(ts,sz1,size,sz2));
1986.     else
1987.         return KRB5KRB_ERR_GENERIC;
1988. }
1989.  
1990. krb5_error_code
1991. ck_krb5_kt_default(krb5_context con,
1992.                     krb5_keytab * kt)
1993. {
1994.     if ( p_krb5_kt_default )
1995.         return(p_krb5_kt_default(con,kt));
1996.     else
1997.         return KRB5KRB_ERR_GENERIC;
1998. }
1999.  
2000. krb5_error_code
2001. ck_krb5_free_ticket(krb5_context con,
2002.                      krb5_ticket * kt)
2003. {
2004.     if ( p_krb5_free_ticket )
2005.         return(p_krb5_free_ticket(con,kt));
2006.     else
2007.         return KRB5KRB_ERR_GENERIC;
2008. }
2009.  
2010. krb5_error_code
2011. ck_decode_krb5_ticket(const krb5_data *code,
2012.                        krb5_ticket **rep)
2013. {
2014.     if ( p_decode_krb5_ticket )
2015.         return(p_decode_krb5_ticket(code,rep));
2016.     else if ( p_cygnus_decode_krb5_ticket )
2017.         return(p_cygnus_decode_krb5_ticket(code,rep));
2018.     else
2019.         return KRB5KRB_ERR_GENERIC;
2020. }
2021.  
2022. krb5_error_code
2023. ck_krb5_os_localaddr(krb5_context con, krb5_address *** ppp)
2024. {
2025.     if ( p_krb5_os_localaddr )
2026.         return(p_krb5_os_localaddr(con,ppp));
2027.     else
2028.         return KRB5KRB_ERR_GENERIC;
2029. }
2030.  
2031. BOOL
2032. ck_krb5_address_compare(krb5_context context,
2033.                          const krb5_address *addr1,
2034.                          const krb5_address *addr2)
2035. {
2036.     if( addr1->addrtype != addr2->addrtype )
2037.         return(FALSE);
2038.     if( addr1->length != addr2->length )
2039.         return(FALSE);
2040.     if( memcmp((char *)addr1->contents,(char *)addr2->contents, addr1->length))
2041.         return FALSE;
2042.     else
2043.         return TRUE;
2044. }
2045.  
2046. krb5_boolean
2047. ck_krb5_address_search(krb5_context context,
2048.                 krb5_const krb5_address * addr,
2049.                 krb5_address * krb5_const * addrlist)
2050. {
2051.     if ( p_krb5_address_search )
2052.         return(p_krb5_address_search(context,addr,addrlist));
2053.     else {
2054.         if( !addrlist )
2055.             return TRUE;
2056.         for( ; *addrlist ; addrlist++ )
2057.         {
2058.             if( ck_krb5_address_compare(context, addr, *addrlist) )
2059.                 return TRUE;
2060.         }
2061.     }
2062.     return FALSE;
2063. }
2064.  
2065.  
2066. void
2067. ck_krb5_free_addresses(krb5_context con, krb5_address ** pp)
2068. {
2069.     if ( p_krb5_free_addresses )
2070.         p_krb5_free_addresses(con,pp);
2071. }
2072.  
2073. krb5_error_code
2074. ck_krb5_auth_con_getremotesubkey(krb5_context con,
2075.                                   krb5_auth_context acon,
2076.                                   krb5_keyblock ** keyb)
2077. {
2078.     if ( p_krb5_auth_con_getremotesubkey )
2079.         return(p_krb5_auth_con_getremotesubkey(con,acon,keyb));
2080.     else
2081.         return KRB5KRB_ERR_GENERIC;
2082. }
2083.  
2084. krb5_error_code
2085. ck_krb5_mk_rep(krb5_context con, krb5_auth_context auth_con,
2086.                                krb5_data * data)
2087. {
2088.     if ( p_krb5_mk_rep )
2089.         return(p_krb5_mk_rep(con,auth_con, data));
2090.     else
2091.         return KRB5KRB_ERR_GENERIC;
2092. }
2093.  
2094. krb5_error_code
2095. ck_krb5_free_authenticator(krb5_context con, krb5_authenticator * pauth)
2096. {
2097.     if ( p_krb5_free_authenticator )
2098.         return(p_krb5_free_authenticator(con,pauth));
2099.     else
2100.         return KRB5KRB_ERR_GENERIC;
2101. }
2102.  
2103. krb5_error_code
2104. ck_krb5_verify_checksum(krb5_context context,
2105.                          krb5_const krb5_cksumtype ctype,
2106.                          krb5_const krb5_checksum * cksum,
2107.                          krb5_const krb5_pointer in,
2108.                          krb5_const size_t in_length,
2109.                          krb5_const krb5_pointer seed,
2110.                          krb5_const size_t seed_length)
2111. {
2112.     if ( p_krb5_verify_checksum )
2113.         return(p_krb5_verify_checksum(context, ctype, cksum, in,
2114.                                       in_length, seed, seed_length));
2115.     else
2116.         return KRB5KRB_ERR_GENERIC;
2117. }
2118.  
2119. krb5_error_code
2120. ck_krb5_auth_con_getkey(krb5_context con, krb5_auth_context acon,
2121.                          krb5_keyblock ** ppkeyb)
2122. {
2123.     if ( p_krb5_auth_con_getkey )
2124.         return(p_krb5_auth_con_getkey(con,acon,ppkeyb));
2125.     else
2126.         return KRB5KRB_ERR_GENERIC;
2127. }
2128.  
2129. krb5_error_code
2130. ck_krb5_auth_con_getauthenticator(krb5_context con, krb5_auth_context acon,
2131.                                    krb5_authenticator ** ppauth)
2132. {
2133.     if ( p_krb5_auth_con_getauthenticator )
2134.         return(p_krb5_auth_con_getauthenticator(con,acon,ppauth));
2135.     else
2136.         return KRB5KRB_ERR_GENERIC;
2137. }
2138.  
2139. krb5_error_code
2140. ck_krb5_rd_req(krb5_context con, krb5_auth_context * pacon,
2141.                 krb5_const krb5_data * data,
2142.                 krb5_const_principal princ, krb5_keytab keytab,
2143.                 krb5_flags * flags, krb5_ticket ** pptkt)
2144. {
2145.     if ( p_krb5_rd_req )
2146.         return(p_krb5_rd_req(con,pacon,data,princ,keytab,flags,pptkt));
2147.     else
2148.         return KRB5KRB_ERR_GENERIC;
2149. }
2150.  
2151. krb5_error_code
2152. ck_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
2153.                             krb5_rcache rcache)
2154. {
2155.     if ( p_krb5_auth_con_setrcache )
2156.         return(p_krb5_auth_con_setrcache(con,acon,rcache));
2157.     else
2158.         return KRB5KRB_ERR_GENERIC;
2159. }
2160.  
2161. krb5_error_code
2162. ck_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data * data,
2163.                        krb5_rcache * rcache)
2164. {
2165.     if ( p_krb5_get_server_rcache )
2166.         return(p_krb5_get_server_rcache(con,data,rcache));
2167.     else
2168.         return KRB5KRB_ERR_GENERIC;
2169. }
2170.  
2171. krb5_error_code
2172. ck_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
2173.                             krb5_rcache * prcache)
2174. {
2175.     if ( p_krb5_auth_con_getrcache )
2176.         return(p_krb5_auth_con_getrcache(con,acon, prcache));
2177.     else
2178.         return KRB5KRB_ERR_GENERIC;
2179. }
2180.  
2181. krb5_error_code
2182. ck_krb5_free_tgt_creds(krb5_context con, krb5_creds ** ppcreds)
2183. {
2184.     if ( p_krb5_free_tgt_creds )
2185.         return(p_krb5_free_tgt_creds(con,ppcreds));
2186.     else
2187.         return KRB5KRB_ERR_GENERIC;
2188. }
2189.  
2190. krb5_error_code
2191. ck_krb5_rd_cred(krb5_context con, krb5_auth_context acon,
2192.                  krb5_data * data, krb5_creds *** pppcreds,
2193.                  krb5_replay_data * replay_data)
2194. {
2195.     if ( p_krb5_rd_cred )
2196.         return(p_krb5_rd_cred(con,acon,data,pppcreds,replay_data));
2197.     else
2198.         return KRB5KRB_ERR_GENERIC;
2199. }
2200.  
2201. krb5_error_code
2202. ck_krb5_c_enctype_compare(krb5_context con, krb5_enctype e1, krb5_enctype e2,
2203.                            krb5_boolean * pb)
2204. {
2205.     if ( p_krb5_c_enctype_compare )
2206.         return(p_krb5_c_enctype_compare(con, e1,e2, pb));
2207.     else
2208.         return(-1);
2209. }
2210.  
2211. krb5_error_code
2212. ck_krb5_write_message(krb5_context con, krb5_pointer ptr, krb5_data *data)
2213. {
2214.     int fd = *((int *)ptr);
2215.     long msglen;
2216.  
2217.     msglen = htonl(data->length);
2218.     if (net_write(fd,(CHAR *)&msglen,4) != 4) {
2219.         return(-1);
2220.     }
2221.     if ( data->length ) {
2222.         if (net_write(fd,data->data,data->length) != data->length) {
2223.             return(-1);
2224.         }
2225.     }
2226.     return(0);
2227. }
2228.  
2229. krb5_error_code
2230. ck_krb5_read_message( krb5_context context,
2231.                       krb5_pointer ptr,
2232.                       krb5_data * data)
2233. {
2234.     extern int ttyfd;
2235.     int fd = *((int *)ptr);
2236.     long msglen;
2237.     char *p;
2238.     int i, rc;
2239.  
2240.     if (net_read(fd,&msglen,4) < 0)
2241.         return(-1);
2242.  
2243.     data->length = ntohl(msglen);
2244.     if ( data->length ) {
2245.         data->data = malloc(data->length);
2246.  
2247.         i = 0;
2248.         while ( i < data->length ) {
2249.             if ((rc = net_read(fd,&data->data[i],(data->length - i))) < 0)
2250.                 return(-1);
2251.             i += rc;
2252.         }
2253.     }
2254.     return(0);
2255. }
2256.  
2257. krb5_error_code
2258. ck_krb5_free_error(krb5_context con, krb5_error * error)
2259. {
2260.     if ( p_krb5_free_error )
2261.         return(p_krb5_free_error(con,error));
2262.     else
2263.         return(-1);
2264. }
2265.  
2266. krb5_error_code
2267. ck_krb5_sendauth(krb5_context con,
2268.                   krb5_auth_context * auth,
2269.                   krb5_pointer ptr,
2270.                   char * str,
2271.                   krb5_principal princ1,
2272.                   krb5_principal princ2,
2273.                   krb5_flags flags,
2274.                   krb5_data * data,
2275.                   krb5_creds * creds,
2276.                   krb5_ccache cc,
2277.                   krb5_error ** error,
2278.                   krb5_ap_rep_enc_part ** ap_rep,
2279.                   krb5_creds ** pcreds)
2280. {
2281.     if ( p_krb5_sendauth )
2282.         return(p_krb5_sendauth(con,auth,ptr,str,princ1,princ2,flags,
2283.                                 data, creds, cc, error, ap_rep, pcreds));
2284.     else
2285.         return(-1);
2286. }
2287.  
2288.  
2289. krb5_error_code
2290. ck_krb5_process_key(krb5_context con,
2291.                      krb5_encrypt_block * eblock, const krb5_keyblock * kblock)
2292. {
2293.     if ( p_krb5_process_key )
2294.         return(p_krb5_process_key(con,eblock,kblock));
2295.     else
2296.         return(-1);
2297. }
2298.  
2299. krb5_error_code
2300. ck_krb5_use_enctype(krb5_context con, krb5_encrypt_block * eblock,
2301.                      const krb5_enctype etype)
2302. {
2303.     if ( p_krb5_use_enctype )
2304.         return(p_krb5_use_enctype(con,eblock,etype));
2305.     else
2306.         return(-1);
2307. }
2308.  
2309. krb5_error_code
2310. ck_krb5_encrypt(krb5_context context,
2311.                  krb5_const krb5_pointer inptr,
2312.                  krb5_pointer outptr,
2313.                  krb5_const size_t size,
2314.                  krb5_encrypt_block * eblock,
2315.                  krb5_pointer ivec)
2316. {
2317.     if ( p_krb5_encrypt )
2318.         return(p_krb5_encrypt(context,inptr,outptr,size,eblock,ivec));
2319.     else
2320.         return(-1);
2321. }
2322.  
2323. size_t
2324. ck_krb5_encrypt_size(krb5_const size_t length,
2325.                       krb5_enctype crypto)
2326. {
2327.     if ( p_krb5_encrypt_size )
2328.         return(p_krb5_encrypt_size(length,crypto));
2329.     else
2330.         return((size_t)-1);
2331. }
2332.  
2333. krb5_error_code
2334. ck_krb5_decrypt(krb5_context context,
2335.                  krb5_const krb5_pointer inptr,
2336.                  krb5_pointer outptr,
2337.                  krb5_const size_t size,
2338.                  krb5_encrypt_block * eblock,
2339.                  krb5_pointer ivec)
2340. {
2341.     if ( p_krb5_decrypt )
2342.         return(p_krb5_decrypt(context,inptr,outptr,size,eblock,ivec));
2343.     else
2344.         return(-1);
2345. }
2346.  
2347. #ifdef COMMENT
2348. krb5_error_code
2349. ck_k5_princ_to_userid(krb5_context context, krb5_principal princ, char ** userid)
2350. {
2351.     krb5_error_code code = 0;
2352.  
2353.     if ( p_k95_k5_princ_to_userid ) {
2354.         char * princ_name;
2355.         char * princ_inst;
2356.         char * princ_realm;
2357.         char * new_userid;
2358.         int r;
2359.         int len;
2360.         char * data;
2361.  
2362.         /* Principal Name */
2363.         len =  krb5_princ_component(k5_context, princ,0)->length;
2364.         if ( len <= 0 ) {
2365.             len = 0;
2366.             data = "";
2367.         } else
2368.             data = krb5_princ_component(k5_context, princ,0)->data;
2369.         princ_name = (char *) malloc(len + 1);
2370.         if (!princ_name)
2371.             goto exitpoint;
2372.         ckstrncpy(princ_name,data,len+1);
2373.  
2374.         /* Principal Instance */
2375.         len =  krb5_princ_component(k5_context, princ,1)->length;
2376.         if ( len <= 0 ) {
2377.             len = 0;
2378.             data = "";
2379.         } else
2380.             data = krb5_princ_component(k5_context, princ,1)->data;
2381.         princ_inst = (char *) malloc(len + 1);
2382.         if (!princ_inst)
2383.             goto exitpoint;
2384.         ckstrncpy(princ_inst,data,len+1);
2385.  
2386.         /* Principal Realm */
2387.         len =  krb5_princ_realm(k5_context, princ)->length;
2388.         if ( len <= 0 ) {
2389.             len = 0;
2390.             data = "";
2391.         } else
2392.             data = krb5_princ_realm(k5_context, princ)->data;
2393.         princ_realm = (char *) malloc(len + 1);
2394.         if (!princ_realm)
2395.             goto exitpoint;
2396.         ckstrncpy(princ_realm,data,len+1);
2397.  
2398.         new_userid = (char *) malloc(256);
2399.         if ( !new_userid )
2400.             goto exitpoint;
2401.  
2402.         r = p_k95_k5_princ_to_userid(princ_name,princ_inst,princ_realm,
2403.                                       krb5_d_realm ? krb5_d_realm :
2404.                                       ck_krb5_getrealm(krb5_d_cc),
2405.                                       new_userid,256);
2406.         if (r == 0)
2407.             *userid = new_userid;
2408.         else
2409.             free(new_userid);
2410.  
2411.       exitpoint:
2412.         if ( princ_name )
2413.             free(princ_name);
2414.         if ( princ_inst )
2415.             free(princ_inst);
2416.         if ( princ_realm )
2417.             free(princ_realm);
2418.         return(r);
2419.     } else {
2420.         if (code = krb5_unparse_name( k5_context, princ, userid))
2421.             *userid = 0;
2422.     }
2423.     return(code);
2424. }
2425. #endif
2426.  
2427. krb5_boolean
2428. ck_krb5_kuserok(krb5_context context,krb5_principal princ, const char * p)
2429. {
2430.     if ( p_k95_k5_userok ) {
2431.         char * princ_name;
2432.         char * princ_inst;
2433.         char * princ_realm;
2434.         int r;
2435.         int len;
2436.         char * data;
2437.  
2438.         /* Principal Name */
2439.         len =  krb5_princ_component(k5_context, princ,0)->length;
2440.         if ( len <= 0 ) {
2441.             len = 0;
2442.             data = "";
2443.         } else
2444.             data = krb5_princ_component(k5_context, princ,0)->data;
2445.         princ_name = (char *) malloc(len + 1);
2446.         if (!princ_name)
2447.             goto exitpoint;
2448.         ckstrncpy(princ_name,data,len+1);
2449.  
2450.         /* Principal Instance */
2451.         len =  krb5_princ_component(k5_context, princ,1)->length;
2452.         if ( len <= 0 ) {
2453.             len = 0;
2454.             data = "";
2455.         } else
2456.             data = krb5_princ_component(k5_context, princ,1)->data;
2457.         princ_inst = (char *) malloc(len + 1);
2458.         if (!princ_inst)
2459.             goto exitpoint;
2460.         ckstrncpy(princ_inst,data,len+1);
2461.  
2462.         /* Principal Realm */
2463.         len =  krb5_princ_realm(k5_context, princ)->length;
2464.         if ( len <= 0 ) {
2465.             len = 0;
2466.             data = "";
2467.         } else
2468.             data = krb5_princ_realm(k5_context, princ)->data;
2469.         princ_realm = (char *) malloc(len + 1);
2470.         if (!princ_realm)
2471.             goto exitpoint;
2472.         ckstrncpy(princ_realm,data,len+1);
2473.  
2474.         r = p_k95_k5_userok(princ_name,princ_inst,princ_realm,
2475.                              krb5_d_realm ? krb5_d_realm :
2476.                              ck_krb5_getrealm(krb5_d_cc),p);
2477.  
2478.       exitpoint:
2479.         if ( princ_name )
2480.             free(princ_name);
2481.         if ( princ_inst )
2482.             free(princ_inst);
2483.         if ( princ_realm )
2484.             free(princ_realm);
2485.         return(r);
2486.     } else if ( p_krb5_kuserok )
2487.         return(p_krb5_kuserok(context,princ,p));
2488.     else if ( !strncmp(p,
2489.         krb5_princ_component(k5_context,
2490.                              princ,0)->data,
2491.         krb5_princ_component(k5_context,
2492.                              princ,0)->length)
2493.               )
2494.         return(1);
2495.     else
2496.         return(0);
2497. }
2498.  
2499.  
2500. krb5_error_code
2501. ck_krb5_aname_to_localname(krb5_context context, krb5_const_principal aname,
2502.                            const int lnsize, char *lname)
2503. {
2504. #ifdef COMMENT
2505.     if ( p_k95_k5_aname_to_localname ) {
2506.         return(p_k95_k5_aname_to_localname());
2507.     } else
2508. #endif
2509.         if ( p_krb5_aname_to_localname )
2510.         return(p_krb5_aname_to_localname(context,aname,lnsize,lname));
2511.     else {
2512.         char * name = NULL;
2513.         if (krb5_unparse_name( context,
2514.                                aname,
2515.                                &name))
2516.             name = 0;
2517.  
2518.         if ( name ) {
2519.             ckstrncpy(lname,name,lnsize);
2520.  
2521.             krb5_free_unparsed_name(context,name);
2522.             return(0);
2523.         }
2524.         else
2525.             return(KRB5_LNAME_NOTRANS);
2526.     }
2527. }
2528.  
2529.  
2530.  
2531. /*
2532. app_name - the name of the application
2533. realm - The realm for this application
2534. optionname - the name of the option
2535. default - the default value if it isn't found.
2536. variable - a pointer to the returned value
2537.  
2538. the way this appears in the configuration file is:
2539.  
2540. [appdefaults]
2541.  
2542.         option = false
2543.  
2544.         REALM = {
2545.                 option = false
2546.                 app_name = {
2547.                         option = true
2548.                 }
2549.         }
2550.  
2551.         app_name = {
2552.                 option = true
2553.         }
2554.  
2555.  
2556. For telnet, the app name I use is "telnet".  The realm is the realm of the
2557. default principal.
2558.  
2559. The options I use in the Unix telnet are:
2560.  
2561.         forward - Forward your credentials if TRUE
2562.         forwardable - Make the credentials on the remote end forwardable if TRUE
2563.         encrypt - Attempt to negotiate encryption if TRUE
2564.         autologin - Attempt to perform AUTHENTICATION option if true
2565.         forceencrypt - Fail if encryption does not succeed
2566.  
2567.   ftp is "ftp" and only 'forward' is defined.
2568.  
2569. */
2570. void
2571. ck_krb5_appdefault_boolean( krb5_context context, const char * app_name,
2572.                             const krb5_data * realm, const char * optionname,
2573.                             int def, int * variable)
2574. {
2575.     if ( p_krb5_appdefault_boolean )
2576.         p_krb5_appdefault_boolean( context,app_name,realm,
2577.                                    optionname,def,variable );
2578.     else
2579.         *variable = def;
2580. }
2581.  
2582. void
2583. ck_krb5_appdefault_string( krb5_context context, const char * app_name,
2584.                            const krb5_data * realm, const char * optionname,
2585.                            char ** value)
2586. {
2587.     if ( p_krb5_appdefault_string )
2588.         p_krb5_appdefault_string( context,app_name,realm,
2589.                                    optionname,value );
2590. }
2591.  
2592. void
2593. ck_krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt)
2594. {
2595.     if ( p_krb5_get_init_creds_opt_init )
2596.         p_krb5_get_init_creds_opt_init(opt);
2597. }
2598.  
2599. void
2600. ck_krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt,
2601.                  krb5_deltat tkt_life)
2602. {
2603.     if ( p_krb5_get_init_creds_opt_set_tkt_life )
2604.         p_krb5_get_init_creds_opt_set_tkt_life(opt,tkt_life);
2605. }
2606.  
2607. void
2608. ck_krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt,
2609.         krb5_deltat renew_life)
2610. {
2611.     if ( p_krb5_get_init_creds_opt_set_renew_life )
2612.         p_krb5_get_init_creds_opt_set_renew_life(opt,renew_life);
2613. }
2614.  
2615. void
2616. ck_krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt,
2617.         int forwardable)
2618. {
2619.     if ( p_krb5_get_init_creds_opt_set_forwardable )
2620.         p_krb5_get_init_creds_opt_set_forwardable(opt,forwardable);
2621. }
2622.  
2623. void
2624. ck_krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt,
2625.         int proxiable)
2626. {
2627.     if ( p_krb5_get_init_creds_opt_set_proxiable )
2628.         p_krb5_get_init_creds_opt_set_proxiable(opt,proxiable);
2629. }
2630.  
2631. void
2632. ck_krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt,
2633.         krb5_enctype *etype_list,
2634.         int etype_list_length)
2635. {
2636.     if ( p_krb5_get_init_creds_opt_set_etype_list)
2637.         p_krb5_get_init_creds_opt_set_etype_list(opt,etype_list,etype_list_length);
2638. }
2639.  
2640. void
2641. ck_krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, krb5_address **addresses)
2642. {
2643.     if ( p_krb5_get_init_creds_opt_set_address_list )
2644.         p_krb5_get_init_creds_opt_set_address_list(opt,addresses);
2645. }
2646.  
2647. void
2648. ck_krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt,
2649.         krb5_preauthtype *preauth_list,
2650.         int preauth_list_length)
2651. {
2652.     if ( p_krb5_get_init_creds_opt_set_preauth_list )
2653.         p_krb5_get_init_creds_opt_set_preauth_list(opt,preauth_list,preauth_list_length);
2654. }
2655.  
2656. void
2657. ck_krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, krb5_data *salt)
2658. {
2659.     if ( p_krb5_get_init_creds_opt_set_salt )
2660.         p_krb5_get_init_creds_opt_set_salt(opt,salt);
2661. }
2662.  
2663. krb5_error_code
2664. ck_krb5_get_init_creds_password(krb5_context context,
2665.         krb5_creds *creds,
2666.         krb5_principal client,
2667.         char *password,
2668.         krb5_prompter_fct prompter,
2669.         void *data,
2670.         krb5_deltat start_time,
2671.         char *in_tkt_service,
2672.         krb5_get_init_creds_opt *options)
2673. {
2674.     if ( p_krb5_get_init_creds_password )
2675.         return(p_krb5_get_init_creds_password(context,creds,client,password,
2676.                                                prompter,data,start_time,
2677.                                                in_tkt_service,options));
2678.     else
2679.      return(-1);
2680. }
2681.  
2682. krb5_error_code
2683. ck_krb5_get_init_creds_keytab(krb5_context context,
2684.         krb5_creds *creds,
2685.         krb5_principal client,
2686.         krb5_keytab arg_keytab,
2687.         krb5_deltat start_time,
2688.         char *in_tkt_service,
2689.         krb5_get_init_creds_opt *options)
2690. {
2691.     if ( p_krb5_get_init_creds_keytab )
2692.         return(p_krb5_get_init_creds_keytab(context,creds,client,
2693.                                              arg_keytab,start_time,
2694.                                              in_tkt_service,options));
2695.     else
2696.         return(-1);
2697. }
2698.  
2699. krb5_error_code
2700. ck_krb5_get_validated_creds(krb5_context context,
2701.         krb5_creds *creds,
2702.         krb5_principal client,
2703.         krb5_ccache ccache,
2704.         char *in_tkt_service)
2705. {
2706.     if ( p_krb5_get_validated_creds )
2707.         return(p_krb5_get_validated_creds(context,creds,client,ccache,in_tkt_service));
2708.     else
2709.         return(-1);
2710. }
2711.  
2712. krb5_error_code
2713. ck_krb5_get_renewed_creds(krb5_context context,
2714.         krb5_creds *creds,
2715.         krb5_principal client,
2716.         krb5_ccache ccache,
2717.         char *in_tkt_service)
2718. {
2719.     if ( p_krb5_get_renewed_creds )
2720.         return(p_krb5_get_renewed_creds(context,creds,client,ccache,in_tkt_service));
2721.     else
2722.         return(-1);
2723. }
2724.  
2725. krb5_error_code
2726. ck_krb5_rd_safe( krb5_context context,
2727.                  krb5_auth_context auth,
2728.                  krb5_const krb5_data  * data1,
2729.                  krb5_data  * data2,
2730.                  krb5_replay_data  * replay)
2731. {
2732.     if ( p_krb5_rd_safe )
2733.         return(p_krb5_rd_safe(context,auth,data1,data2,replay));
2734.     else
2735.         return(-1);
2736.  
2737. }
2738.  
2739. krb5_error_code
2740. ck_krb5_mk_safe( krb5_context context,
2741.                  krb5_auth_context auth,
2742.                  krb5_const krb5_data  * data1,
2743.                  krb5_data  * data2,
2744.                  krb5_replay_data  * replay)
2745. {
2746.     if ( p_krb5_mk_safe )
2747.         return(p_krb5_mk_safe( context, auth, data1, data2, replay));
2748.     else
2749.         return(-1);
2750. }
2751.  
2752. krb5_error_code
2753. ck_krb5_rd_priv( krb5_context context,
2754.                  krb5_auth_context auth,
2755.                  krb5_const krb5_data  * data1,
2756.                  krb5_data  * data2,
2757.                  krb5_replay_data  * replay)
2758. {
2759.     if ( p_krb5_rd_priv )
2760.         return(p_krb5_rd_priv(context,auth,data1,data2,replay));
2761.     else
2762.         return(-1);
2763.  
2764. }
2765.  
2766. krb5_error_code
2767. ck_krb5_mk_priv( krb5_context context,
2768.                  krb5_auth_context auth,
2769.                  krb5_const krb5_data  * data1,
2770.                  krb5_data  * data2,
2771.                  krb5_replay_data  * replay)
2772. {
2773.     if ( p_krb5_mk_priv )
2774.         return(p_krb5_mk_priv( context, auth, data1, data2, replay));
2775.     else
2776.         return(-1);
2777. }
2778.  
2779. krb5_error_code
2780. ck_krb5_auth_con_setuseruserkey( krb5_context context,
2781.                                  krb5_auth_context auth,
2782.                                  krb5_keyblock * key)
2783. {
2784.     if ( p_krb5_auth_con_setuseruserkey )
2785.         return(p_krb5_auth_con_setuseruserkey(context,auth,key));
2786.     else
2787.         return(-1);
2788. }
2789.  
2790. krb5_error_code
2791. ck_krb5_get_profile(krb5_context context, profile_t * profile)
2792. {
2793.     if ( p_krb5_get_profile )
2794.         return(p_krb5_get_profile(context,profile));
2795.     else
2796.         return(-1);
2797. }
2798.  
2799. long
2800. ck_profile_get_relation_names(profile_t profile, const char **names, char ***ret_names)
2801. {
2802.     if ( p_profile_get_relation_names )
2803.         return(p_profile_get_relation_names(profile,names,ret_names));
2804.     else
2805.         return(-1);
2806. }
2807.  
2808. long
2809. ck_profile_get_subsection_names(profile_t profile, const char **names, char ***ret_names)
2810. {
2811.     if ( p_profile_get_subsection_names )
2812.         return(p_profile_get_subsection_names(profile,names,ret_names));
2813.     else
2814.         return(-1);
2815. }
2816.  
2817. void ck_krb5_free_keyblock_contents(krb5_context context, krb5_keyblock * keyblock)
2818. {
2819.     if ( p_krb5_free_keyblock_contents )
2820.         p_krb5_free_keyblock_contents(context,keyblock);
2821. }
2822.  
2823. krb5_error_code ck_krb5_c_encrypt(krb5_context context, krb5_const krb5_keyblock *key,
2824.         krb5_keyusage usage, krb5_const krb5_data *ivec,
2825.         krb5_const krb5_data *input, krb5_enc_data *output)
2826. {
2827.     if ( p_krb5_c_encrypt )
2828.         return(p_krb5_c_encrypt(context,key,usage,ivec,input,output));
2829.     else
2830.         return(-1);
2831. }
2832.  
2833. krb5_error_code ck_krb5_c_decrypt(krb5_context context, krb5_const krb5_keyblock *key,
2834.                                    krb5_keyusage usage, krb5_const krb5_data *ivec,
2835.                                    krb5_const krb5_enc_data *input, krb5_data *output)
2836. {
2837.     if ( p_krb5_c_decrypt )
2838.         return(p_krb5_c_decrypt(context,key,usage,ivec,input,output));
2839.     else
2840.         return(-1);
2841. }
2842.  
2843. krb5_error_code ck_krb5_c_block_size(krb5_context context, krb5_enctype enctype,
2844.                                       size_t *blocksize)
2845. {
2846.     if ( p_krb5_c_block_size )
2847.         return(p_krb5_c_block_size(context,enctype,blocksize));
2848.     else
2849.         return(-1);
2850. }
2851.  
2852. krb5_error_code ck_krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
2853.                                            krb5_keyblock *random_key)
2854. {
2855.     if ( p_krb5_c_make_random_key )
2856.         return(p_krb5_c_make_random_key(context,enctype,random_key));
2857.     else
2858.         return(-1);
2859. }
2860.  
2861. krb5_error_code
2862. ck_krb5_c_random_seed(krb5_context context, krb5_data *data)
2863. {
2864.     if ( p_krb5_c_random_seed )
2865.         return(p_krb5_c_random_seed(context,data));
2866.     else
2867.         return(-1);
2868. }
2869.  
2870. krb5_error_code 
2871. ck_krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype,
2872.                           size_t inputlen, size_t *length)
2873. {
2874.     if ( p_krb5_c_encrypt_length )
2875.         return(p_krb5_c_encrypt_length(context,enctype,inputlen,length));
2876.     else
2877.         return(-1);
2878. }
2879.  
2880. krb5_error_code
2881. ck_krb5_kt_default_name(krb5_context context, char * name, int len)
2882. {
2883.     krb5_error_code code;
2884.     krb5_keytab kt;
2885.  
2886.     if ( p_krb5_kt_default_name ) {
2887.         code = p_krb5_kt_default_name(context,name,len);
2888.         return(code);
2889.     } else {
2890.         code = krb5_kt_default(context,&kt);
2891.         if ( code )
2892.             return(code);
2893.         krb5_kt_get_name(context,kt,name,len);
2894.         krb5_kt_close(context,kt);
2895.         return(0);
2896.     }
2897. }
2898.  
2899. #ifndef krb5_x
2900. #define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
2901. #define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
2902. #endif
2903.  
2904. #ifndef NO_DEF_KRB5_CCACHE
2905. typedef krb5_pointer    krb5_cc_cursor; /* cursor for sequential lookup */
2906.  
2907. typedef struct _krb5_ccache {
2908.     krb5_magic magic;
2909.     struct _krb5_cc_ops FAR *ops;
2910.     krb5_pointer data;
2911. } *krb5_ccache;
2912.  
2913. typedef struct _krb5_cc_ops {
2914.     krb5_magic magic;
2915.     char  *prefix;
2916.     char  * (KRB5_CALLCONV *get_name) (krb5_context, krb5_ccache);
2917.     krb5_error_code (KRB5_CALLCONV *resolve) (krb5_context, krb5_ccache  *,
2918.                                             const char  *);
2919.     krb5_error_code (KRB5_CALLCONV *gen_new) (krb5_context, krb5_ccache  *);
2920.     krb5_error_code (KRB5_CALLCONV *init) (krb5_context, krb5_ccache,
2921.                                             krb5_principal);
2922.     krb5_error_code (KRB5_CALLCONV *destroy) (krb5_context, krb5_ccache);
2923.     krb5_error_code (KRB5_CALLCONV *close) (krb5_context, krb5_ccache);
2924.     krb5_error_code (KRB5_CALLCONV *store) (krb5_context, krb5_ccache,
2925.                                             krb5_creds  *);
2926.     krb5_error_code (KRB5_CALLCONV *retrieve) (krb5_context, krb5_ccache,
2927.                                             krb5_flags, krb5_creds  *,
2928.                                             krb5_creds  *);
2929.     krb5_error_code (KRB5_CALLCONV *get_princ) (krb5_context, krb5_ccache,
2930.                                             krb5_principal  *);
2931.     krb5_error_code (KRB5_CALLCONV *get_first) (krb5_context, krb5_ccache,
2932.                                             krb5_cc_cursor  *);
2933.     krb5_error_code (KRB5_CALLCONV *get_next) (krb5_context, krb5_ccache,
2934.                                             krb5_cc_cursor  *, krb5_creds  *);
2935.     krb5_error_code (KRB5_CALLCONV *end_get) (krb5_context, krb5_ccache,
2936.                                             krb5_cc_cursor  *);
2937.     krb5_error_code (KRB5_CALLCONV *remove_cred) (krb5_context, krb5_ccache,
2938.                                             krb5_flags, krb5_creds  *);
2939.     krb5_error_code (KRB5_CALLCONV *set_flags) (krb5_context, krb5_ccache,
2940.                                             krb5_flags);
2941. } krb5_cc_ops;
2942. #endif /* NO_DEF_KRB5_CCACHE */
2943.  
2944. char * ck_krb5_cc_get_name
2945.     (krb5_context context, krb5_ccache cache)
2946. {
2947.     if ( p_krb5_cc_get_name )
2948.         return(p_krb5_cc_get_name(context,cache));
2949.     else
2950.         return(krb5_xc((cache)->ops->get_name,(context, cache)));
2951. }
2952.  
2953.  
2954. krb5_error_code ck_krb5_cc_gen_new
2955.     (krb5_context context, krb5_ccache *cache)
2956. {
2957.     if ( p_krb5_cc_gen_new )
2958.         return(p_krb5_cc_gen_new(context,cache));
2959.     else
2960.         return(krb5_x ((*cache)->ops->gen_new,(context, cache)));
2961. }
2962.  
2963.  
2964. krb5_error_code ck_krb5_cc_initialize
2965.     (krb5_context context, krb5_ccache cache,
2966.                     krb5_principal principal)
2967. {
2968.     if ( p_krb5_cc_initialize )
2969.         return(p_krb5_cc_initialize(context,cache,principal));
2970.     else
2971.         return(krb5_x ((cache)->ops->init,(context, cache, principal)));
2972. }
2973.  
2974.  
2975. krb5_error_code ck_krb5_cc_destroy
2976.     (krb5_context context, krb5_ccache cache)
2977. {
2978.     if ( p_krb5_cc_destroy )
2979.         return(p_krb5_cc_destroy(context,cache));
2980.     else
2981.         return(krb5_x ((cache)->ops->destroy,(context, cache)));
2982. }
2983.  
2984.  
2985. krb5_error_code ck_krb5_cc_close
2986.     (krb5_context context, krb5_ccache cache)
2987. {
2988.     if ( p_krb5_cc_close )
2989.         return(p_krb5_cc_close(context,cache));
2990.     else
2991.         return(krb5_x ((cache)->ops->close,(context, cache)));
2992. }
2993.  
2994.  
2995. krb5_error_code ck_krb5_cc_store_cred
2996.     (krb5_context context, krb5_ccache cache,
2997.                      krb5_creds *creds)
2998. {
2999.     if ( p_krb5_cc_store_cred )
3000.         return(p_krb5_cc_store_cred(context,cache,creds));
3001.     else
3002.         return(krb5_x ((cache)->ops->store,(context, cache, creds)));
3003. }
3004.  
3005.  
3006. krb5_error_code ck_krb5_cc_retrieve_cred
3007.     (krb5_context context, krb5_ccache cache,
3008.       krb5_flags flags, krb5_creds *mcreds,
3009.       krb5_creds *creds)
3010. {
3011.     if ( p_krb5_cc_retrieve_cred )
3012.         return(p_krb5_cc_retrieve_cred(context,cache,flags,mcreds,creds));
3013.     else
3014.         return(krb5_x ((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)));
3015. }
3016.  
3017.  
3018. krb5_error_code ck_krb5_cc_get_principal
3019.     (krb5_context context, krb5_ccache cache,
3020.       krb5_principal *principal)
3021. {
3022.     if ( p_krb5_cc_get_principal )
3023.         return(p_krb5_cc_get_principal(context,cache,principal));
3024.     else
3025.         return(krb5_x ((cache)->ops->get_princ,(context, cache, principal)));
3026. }
3027.  
3028.  
3029. krb5_error_code ck_krb5_cc_start_seq_get
3030.     (krb5_context context, krb5_ccache cache,
3031.       krb5_cc_cursor *cursor)
3032. {
3033.     if ( p_krb5_cc_start_seq_get )
3034.         return(p_krb5_cc_start_seq_get(context,cache,cursor));
3035.     else
3036.         return(krb5_x ((cache)->ops->get_first,(context, cache, cursor)));
3037. }
3038.  
3039.  
3040. krb5_error_code ck_krb5_cc_next_cred
3041.     (krb5_context context, krb5_ccache cache,
3042.       krb5_cc_cursor *cursor, krb5_creds *creds)
3043. {
3044.     if ( p_krb5_cc_next_cred )
3045.         return(p_krb5_cc_next_cred(context,cache,cursor,creds));
3046.     else
3047.         return(krb5_x ((cache)->ops->get_next,(context, cache, cursor, creds)));
3048. }
3049.  
3050.  
3051. krb5_error_code ck_krb5_cc_end_seq_get
3052.     (krb5_context context, krb5_ccache cache,
3053.       krb5_cc_cursor *cursor)
3054. {
3055.     if ( p_krb5_cc_end_seq_get )
3056.         return(p_krb5_cc_end_seq_get(context,cache,cursor));
3057.     else
3058.         return(krb5_x ((cache)->ops->end_get,(context, cache, cursor)));
3059. }
3060.  
3061.  
3062. krb5_error_code ck_krb5_cc_remove_cred
3063.     (krb5_context context, krb5_ccache cache, krb5_flags flags,
3064.       krb5_creds *creds)
3065. {
3066.     if ( p_krb5_cc_remove_cred )
3067.         return(p_krb5_cc_remove_cred(context,cache,flags,creds));
3068.     else
3069.         return(krb5_x ((cache)->ops->remove_cred,(context, cache,flags, creds)));
3070. }
3071.  
3072.  
3073. krb5_error_code ck_krb5_cc_set_flags
3074.     (krb5_context context, krb5_ccache cache, krb5_flags flags)
3075. {
3076.     if ( p_krb5_cc_set_flags )
3077.         return(p_krb5_cc_set_flags(context,cache,flags));
3078.     else
3079.         return(krb5_x ((cache)->ops->set_flags,(context, cache, flags)));
3080. }
3081.  
3082. const char * ck_krb5_cc_get_type
3083.     (krb5_context context, krb5_ccache cache)
3084. {
3085.     if ( p_krb5_cc_get_type )
3086.         return(p_krb5_cc_get_type(context,cache));
3087.     else
3088.         return(((cache)->ops->prefix));
3089. }
3090.  
3091. #ifndef NO_DEF_KRB5_KT
3092. typedef krb5_pointer krb5_kt_cursor;    /* XXX */
3093.  
3094. typedef struct old_krb5_keytab_entry_st {
3095.     krb5_magic magic;
3096.     krb5_principal principal;   /* principal of this key */
3097.     krb5_timestamp timestamp;   /* time entry written to keytable */
3098.     krb5_kvno vno;              /* key version number */
3099.     krb5_keyblock key;          /* the secret key */
3100. } old_krb5_keytab_entry;
3101.  
3102. typedef struct _old_krb5_kt {
3103.     krb5_magic magic;
3104.     struct _krb5_kt_ops FAR *ops;
3105.     krb5_pointer data;
3106. } *old_krb5_keytab;
3107.  
3108. typedef struct _krb5_kt_ops {
3109.     krb5_magic magic;
3110.     char *prefix;
3111.     /* routines always present */
3112.     krb5_error_code (KRB5_CALLCONV *resolve)
3113.         (krb5_context,
3114.                  krb5_const char *,
3115.                  krb5_keytab *);
3116.     krb5_error_code (KRB5_CALLCONV *get_name)
3117.         (krb5_context,
3118.                  krb5_keytab,
3119.                  char *,
3120.                  int);
3121.     krb5_error_code (KRB5_CALLCONV *close)
3122.         (krb5_context,
3123.                  krb5_keytab);
3124.     krb5_error_code (KRB5_CALLCONV *get)
3125.         (krb5_context,
3126.                  krb5_keytab,
3127.                  krb5_principal,
3128.                  krb5_kvno,
3129.                  krb5_enctype,
3130.                  krb5_keytab_entry *);
3131.     krb5_error_code (KRB5_CALLCONV *start_seq_get)
3132.         (krb5_context,
3133.                  krb5_keytab,
3134.                  krb5_kt_cursor *);
3135.     krb5_error_code (KRB5_CALLCONV *get_next)
3136.         (krb5_context,
3137.                           krb5_keytab,
3138.                           krb5_keytab_entry *,
3139.                           krb5_kt_cursor *);
3140.     krb5_error_code (KRB5_CALLCONV *end_get)
3141.         (krb5_context,
3142.                  krb5_keytab,
3143.                  krb5_kt_cursor *);
3144.     /* routines to be included on extended version (write routines) */
3145.     krb5_error_code (KRB5_CALLCONV *add)
3146.         (krb5_context,
3147.                  krb5_keytab,
3148.                  krb5_keytab_entry *);
3149.     krb5_error_code (KRB5_CALLCONV *remove)
3150.         (krb5_context,
3151.                  krb5_keytab,
3152.                   krb5_keytab_entry *);
3153.  
3154.     /* Handle for serializer */
3155.     void * serializer;
3156. } krb5_kt_ops;
3157. #else
3158. #define old_krb5_keytab krb5_keytab
3159. #endif /* NO_DEF_KRB5_KT */
3160.  
3161. const char * ck_krb5_kt_get_type
3162.      (krb5_context context, krb5_keytab keytab)
3163. {
3164.     if ( p_krb5_kt_get_type )
3165.         return(p_krb5_kt_get_type(context,keytab));
3166.     else
3167.         return(((old_krb5_keytab)keytab)->ops->prefix);
3168. }
3169.  
3170. krb5_error_code ck_krb5_kt_get_name
3171.      (krb5_context context, krb5_keytab keytab, char * name, unsigned int namelen)
3172. {
3173.     if ( p_krb5_kt_get_name )
3174.         return(p_krb5_kt_get_name(context,keytab,name,namelen));
3175.     else
3176.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get_name,(context, keytab,name,namelen)));
3177. }
3178.  
3179. krb5_error_code ck_krb5_kt_close(krb5_context context, krb5_keytab keytab)
3180. {
3181.     if ( p_krb5_kt_close )
3182.         return(p_krb5_kt_close(context,keytab));
3183.     else
3184.         return(krb5_x(((old_krb5_keytab)keytab)->ops->close,(context, keytab)));
3185. }
3186.  
3187. krb5_error_code ck_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
3188.                  krb5_principal princ,
3189.                  krb5_kvno kvno,
3190.                  krb5_enctype enc,
3191.                  krb5_keytab_entry * entry)
3192. {
3193.     if ( p_krb5_kt_get_entry )
3194.         return(p_krb5_kt_get_entry(context,keytab,princ,kvno,enc,entry));
3195.     else
3196.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get,(context, keytab, princ, kvno, enc, entry)));
3197. }
3198.  
3199. krb5_error_code ck_krb5_kt_start_seq_get(krb5_context context,
3200.                  krb5_keytab keytab,
3201.                  krb5_kt_cursor * cursor)
3202. {
3203.     if ( p_krb5_kt_start_seq_get )
3204.         return(p_krb5_kt_start_seq_get(context,keytab,cursor));
3205.     else
3206.         return(krb5_x(((old_krb5_keytab)keytab)->ops->start_seq_get,(context, keytab, cursor)));
3207. }
3208. krb5_error_code ck_krb5_kt_next_entry(krb5_context context,
3209.                  krb5_keytab keytab,
3210.                  krb5_keytab_entry * entry,
3211.                  krb5_kt_cursor * cursor)
3212. {
3213.     if ( p_krb5_kt_next_entry )
3214.         return(p_krb5_kt_next_entry(context,keytab,entry,cursor) );
3215.     else
3216.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get_next,(context, keytab, entry, cursor)));
3217. }
3218.  
3219. krb5_error_code ck_krb5_kt_end_seq_get(krb5_context context,
3220.                  krb5_keytab keytab,
3221.                  krb5_kt_cursor * cursor)
3222. {
3223.     if ( p_krb5_kt_end_seq_get )
3224.         return(p_krb5_kt_end_seq_get(context,keytab,cursor));
3225.     else
3226.         return(krb5_x(((old_krb5_keytab)keytab)->ops->end_get,(context, keytab, cursor)));
3227. }
3228.  
3229. krb5_error_code ck_krb5_build_principal(krb5_context context,
3230.           krb5_principal * princ, unsigned int len, krb5_const char * data1,
3231.           krb5_const char * data2, krb5_const char * data3, krb5_const char *data4)
3232. {
3233.     if ( p_krb5_build_principal )
3234.         return(p_krb5_build_principal(context,princ,len,data1,data2,data3,data4));
3235.     else
3236.         return(-1);
3237. }
3238.  
3239. int 
3240. ck_krb524_init_ets(krb5_context context)
3241. {
3242.     if ( p_krb524_init_ets )
3243.         return(p_krb524_init_ets(context));
3244.     else
3245.         return(-1);
3246. }
3247.  
3248. int
3249. ck_krb524_convert_creds_kdc(krb5_context context,
3250.                              krb5_creds *v5creds,
3251.                              LEASH_CREDENTIALS *v4creds)
3252. {
3253.     if ( p_krb524_convert_creds_kdc )
3254.         return(p_krb524_convert_creds_kdc(context,v5creds,(CREDENTIALS *)v4creds));
3255.     else
3256.         return(-1);
3257. }
3258. #endif /* KRB5 */
3259.  
3260. #ifdef CK_DES
3261. /* These functions are located in DLLs which we are not linking to at */
3262. /* compile time.  Therefore, we have to redirect them to locally      */
3263. /* defined functions which will call the real thing only if they are  */
3264. /* available via Run-Time Linking.                                    */
3265. /*
3266.    From KRB5_32.DLL:
3267.        unresolved external symbol __imp__des_ecb_encrypt@16
3268.        unresolved external symbol __imp__des_new_random_key@4
3269.        unresolved external symbol __imp__des_key_sched@8
3270.        unresolved external symbol __imp__des_set_random_generator_seed@4
3271.  
3272. */
3273.  
3274. static int
3275. (KRB5_CALLCONV *p_des_new_random_key) P((Block))=NULL;
3276. static void
3277. (KRB5_CALLCONV *p_des_set_random_generator_seed) P((Block))=NULL;
3278. static int
3279. (KRB5_CALLCONV *p_des_key_sched) P((Block, Schedule))=NULL;
3280. static void
3281. (KRB5_CALLCONV *p_des_ecb_encrypt) P((Block, Block, Schedule, int))=NULL;
3282. static void
3283. (KRB5_CALLCONV *p_des_pcbc_encrypt)
3284. P((Block, Block, long, Schedule, Block, int))=NULL;
3285. static int
3286. (KRB5_CALLCONV *p_des_string_to_key) P((char *, Block))=NULL;
3287. static void
3288. (KRB5_CALLCONV *p_des_fixup_key_parity) P((Block))=NULL;
3289.  
3290. /* these were KRB5_CALLCONV */
3291. static int
3292. (KRB5_CALLCONV_C  *p_k4_des_new_random_key) P((Block))=NULL;
3293. static void
3294. (KRB5_CALLCONV_C  *p_k4_des_set_random_generator_seed) P((Block))=NULL;
3295. static int
3296. (KRB5_CALLCONV_C  *p_k4_des_key_sched) P((Block, Schedule))=NULL;
3297. static void
3298. (KRB5_CALLCONV_C  *p_k4_des_ecb_encrypt) P((Block, Block, Schedule, int))=NULL;
3299. static void
3300. (KRB5_CALLCONV_C  *p_k4_des_pcbc_encrypt) P((Block, Block, long, Schedule, Block, int))=NULL;
3301. static int
3302. (KRB5_CALLCONV_C  *p_k4_des_string_to_key) P((char *, Block))=NULL;
3303. static void
3304. (KRB5_CALLCONV_C  *p_k4_des_fixup_key_parity) P((Block))=NULL;
3305.  
3306. #ifdef LIBDES
3307. #ifdef CRYPT_DLL
3308. int   (*libdes_random_key)(Block)=NULL;
3309. void  (*libdes_random_seed)(Block)=NULL;
3310. int   (*libdes_key_sched)(Block, Schedule)=NULL;
3311. void  (*libdes_ecb_encrypt)(Block, Block, Schedule, int)=NULL;
3312. int   (*libdes_string_to_key)(char *, Block)=NULL;
3313. int   (*libdes_fixup_key_parity)(Block)=NULL;
3314. int   (*libdes_pcbc_encrypt)(Block, Block, long, Schedule, Block, int)=NULL;
3315. #else /* CRYPT_DLL */
3316. int   libdes_random_key(Block);
3317. void  libdes_random_seed(Block);
3318. int   libdes_key_sched(Block, Schedule);
3319. void  libdes_ecb_encrypt(Block, Block, Schedule, int);
3320. int   libdes_string_to_key(char *, Block);
3321. int   libdes_fixup_key_parity(Block);
3322. int   libdes_pcbc_encrypt(Block, Block, long, Schedule, Block, int);
3323. #endif /* CRYPT_DLL */
3324. #endif /* LIBDES */
3325.  
3326. int
3327. ck_des_new_random_key(Block B)
3328. {
3329.     int rc=0;
3330. #ifdef LIBDES
3331. #ifdef CRYPT_DLL
3332.     if ( libdes_random_key ) {
3333.         rc = libdes_random_key(B);
3334.         return(rc);
3335.     }
3336.     else
3337.         return(-1);
3338. #else /* CRYPT_DLL */
3339.     rc = libdes_random_key(B);
3340.     return(rc);
3341. #endif /* CRYPT_DLL */
3342. #endif /* LIBDES */
3343.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3344.         if ( p_des_new_random_key == NULL )
3345.             return(-1);
3346.         else {
3347.             rc = p_des_new_random_key(B);
3348.             return(rc);
3349.         }
3350.     }
3351.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3352.         if ( p_k4_des_new_random_key == NULL )
3353.             return(-1);
3354.         else {
3355.             rc = p_k4_des_new_random_key(B);
3356.             return(rc);
3357.         }
3358.     }
3359.     return(-1);
3360. }
3361. void
3362. ck_des_set_random_generator_seed(Block B)
3363. {
3364. #ifdef LIBDES
3365. #ifdef CRYPT_DLL
3366.     if ( libdes_random_seed ) {
3367.         libdes_random_seed(B);
3368.         return;
3369.     }
3370. #else /* CRYPT_DLL */
3371.     libdes_random_seed(B);
3372.     return;
3373. #endif /* CRYPT_DLL */
3374. #endif /* LIBDES */
3375.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3376.         if ( p_des_set_random_generator_seed )
3377.             p_des_set_random_generator_seed(B);
3378.     }
3379.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3380.         if ( p_k4_des_set_random_generator_seed )
3381.             p_k4_des_set_random_generator_seed(B);
3382.     }
3383. }
3384. int
3385. ck_des_key_sched(Block B, Schedule S)
3386. {
3387. #ifdef LIBDES
3388. #ifdef CRYPT_DLL
3389.     if ( libdes_key_sched ) {
3390.         return libdes_key_sched(B,S);
3391.     }
3392.     else
3393.         return(-3);
3394. #else /* CRYPT_DLL */
3395.     return libdes_key_sched(B,S);
3396. #endif /* CRYPT_DLL */
3397. #endif /* LIBDES */
3398.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3399.         if ( p_des_key_sched )
3400.             return p_des_key_sched(B,S);
3401.         else
3402.             return(-3);
3403.     }
3404.     else if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3405.         if ( p_k4_des_key_sched )
3406.             return p_k4_des_key_sched(B,S);
3407.         else
3408.             return(-3);
3409.     }
3410.     return(-3);
3411. }
3412.  
3413. int
3414. ck_k4_des_key_sched(Block B, Schedule S)
3415. {
3416.     if ( p_k4_des_key_sched )
3417.         return p_k4_des_key_sched(B,S);
3418.     else
3419.         return(-3);
3420. }
3421.  
3422. void
3423. ck_des_ecb_encrypt(Block B1, Block B2, Schedule S, int I)
3424. {
3425.     if ( I ) {      /* Encrypting */
3426.         hexdump("des_ecb_encrypt() encrypting",B1,sizeof(Block));
3427.     } else {        /* Decrypting */
3428.         hexdump("des_ecb_encrypt() decrypting",B1,sizeof(Block));
3429.     }
3430.  
3431. #ifdef LIBDES
3432. #ifdef CRYPT_DLL
3433.     if ( libdes_ecb_encrypt ) {
3434.         libdes_ecb_encrypt(B1,B2,S,I);
3435.         goto exit_des_ecb_encrypt;
3436.     }
3437. #else /* CRYPT_DLL */
3438.     libdes_ecb_encrypt(B1,B2,S,I);
3439.     goto exit_des_ecb_encrypt;
3440. #endif /* CRYPT_DLL */
3441. #endif /* LIBDES */
3442.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3443.         if ( p_des_ecb_encrypt )
3444.             p_des_ecb_encrypt(B1,B2,S,I);
3445.     }
3446.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3447.         if ( p_k4_des_ecb_encrypt )
3448.             p_k4_des_ecb_encrypt(B1,B2,S,I);
3449.     }
3450.   exit_des_ecb_encrypt:
3451.     hexdump("des_ecb_encrypt() B1",B1,sizeof(Block));
3452.     hexdump("des_ecb_encrypt() B2",B2,sizeof(Block));
3453. }
3454.  
3455. int
3456. ck_des_string_to_key(char * p, Block B)
3457. {
3458. #ifdef LIBDES
3459. #ifdef CRYPT_DLL
3460.     if ( libdes_string_to_key )
3461.         return(libdes_string_to_key(p,B));
3462.     else
3463.         return(0);
3464. #else /* CRYPT_DLL */
3465.     return(libdes_string_to_key(p,B));
3466. #endif /* CRYPT_DLL */
3467. #endif /* LIBDES */
3468.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3469.         if ( p_des_string_to_key )
3470.             return(p_des_string_to_key(p,B));
3471.         else
3472.             return(-1);
3473.     }
3474.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3475.         if ( p_k4_des_string_to_key )
3476.             return(p_k4_des_string_to_key(p,B));
3477.         else
3478.             return(-1);
3479.     }
3480. }
3481.  
3482. void
3483. ck_des_fixup_key_parity(Block B)
3484. {
3485. #ifdef LIBDES
3486. #ifdef CRYPT_DLL
3487.     if ( libdes_fixup_key_parity ) {
3488.         libdes_fixup_key_parity(B);
3489.         return;
3490.     }
3491. #else /* CRYPT_DLL */
3492.     libdes_fixup_key_parity(B);
3493.     return;
3494. #endif /* CRYPT_DLL */
3495. #endif /* LIBDES */
3496.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3497.         if ( p_des_fixup_key_parity )
3498.             p_des_fixup_key_parity(B);
3499.     }
3500.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3501.         if ( p_k4_des_fixup_key_parity )
3502.             p_k4_des_fixup_key_parity(B);
3503.     }
3504. }
3505.  
3506. void
3507. ck_des_pcbc_encrypt(Block input, Block output, long length,
3508.                     Schedule schedule, Block ivec, int enc)
3509. {
3510. #ifdef LIBDES
3511. #ifdef CRYPT_DLL
3512.     if ( libdes_pcbc_encrypt ) {
3513.         libdes_pcbc_encrypt(input,output,length,schedule,ivec,enc);
3514.         return;
3515.     }
3516. #else /* CRYPT_DLL */
3517.     libdes_pcbc_encrypt(input,output,length,schedule,ivec,enc);
3518.     return;
3519. #endif /* CRYPT_DLL */
3520. #endif /* LIBDES */
3521.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
3522.         if ( p_des_pcbc_encrypt ) {
3523.             p_des_pcbc_encrypt(input,output,length,schedule,ivec,enc);
3524.             return;
3525.         }
3526.     }
3527.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
3528.         if ( p_k4_des_pcbc_encrypt ) {
3529.             p_k4_des_pcbc_encrypt(input,output,length,schedule,ivec,enc);
3530.             return;
3531.         }
3532.     }
3533. }
3534. #endif /* CK_DES */
3535.  
3536. #ifdef CRYPT_DLL
3537. static int  (*p_crypt_dll_init)(struct _crypt_dll_init *)=NULL;
3538. static int  (*p_encrypt_parse)(unsigned char *, int)=NULL;
3539. static void (*p_encrypt_init)(kstream,int)=NULL;
3540. static int  (*p_encrypt_session_key)(Session_Key *, int)=NULL;
3541. static int  (*p_encrypt_dont_support)(int)=NULL;
3542. static void (*p_encrypt_send_request_start)(void)=NULL;
3543. static int  (*p_encrypt_request_start)(void)=NULL;
3544. static int  (*p_encrypt_send_request_end)(void)=NULL;
3545. static void (*p_encrypt_send_end)(void)=NULL;
3546. static void (*p_encrypt_send_support)(void)=NULL;
3547. static int  (*p_encrypt_is_encrypting)(void)=NULL;
3548. static int  (*p_encrypt_is_decrypting)(void)=NULL;
3549. static int  (*p_get_crypt_table)(struct keytab ** pTable, int * pN)=NULL;
3550. static int  (*p_des_is_weak_key)(Block)=NULL;
3551. static char * (*p_crypt_dll_version)()=NULL;
3552.  
3553. int
3554. ck_encrypt_parse(unsigned char * s, int n)
3555. {
3556.     if ( p_encrypt_parse )
3557.         return(p_encrypt_parse(s,n));
3558.     else
3559.         return(0);
3560. }
3561.  
3562. void
3563. ck_encrypt_init(kstream ks, int type)
3564. {
3565.     if ( p_encrypt_init )
3566.         p_encrypt_init(ks,type);
3567. }
3568.  
3569. int
3570. ck_encrypt_dont_support(int type)
3571. {
3572.     if ( p_encrypt_dont_support )
3573.         return p_encrypt_dont_support(type);
3574.     return(0);
3575. }
3576.  
3577. int
3578. ck_encrypt_session_key(Session_Key * key, int n)
3579. {
3580.     if ( p_encrypt_session_key )
3581.         return p_encrypt_session_key(key,n);
3582.     return(0);
3583. }
3584.  
3585. void
3586. ck_encrypt_send_support(void)
3587. {
3588.     if ( p_encrypt_send_support )
3589.         p_encrypt_send_support();
3590. }
3591.  
3592. void
3593. ck_encrypt_send_request_start(void)
3594. {
3595.     if ( p_encrypt_send_request_start )
3596.         p_encrypt_send_request_start();
3597. }
3598.  
3599. void
3600. ck_encrypt_request_start(void)
3601. {
3602.     if ( p_encrypt_request_start )
3603.         p_encrypt_request_start();
3604. }
3605.  
3606. void
3607. ck_encrypt_send_request_end(void)
3608. {
3609.     if ( p_encrypt_send_request_end )
3610.         p_encrypt_send_request_end();
3611. }
3612.  
3613. void
3614. ck_encrypt_send_end(void)
3615. {
3616.     if ( p_encrypt_send_end )
3617.         p_encrypt_send_end();
3618. }
3619.  
3620. int
3621. ck_encrypt_is_encrypting(void)
3622. {
3623.     if ( p_encrypt_is_encrypting )
3624.         return(p_encrypt_is_encrypting());
3625.     else
3626.         return(0);
3627. }
3628.  
3629. int
3630. ck_encrypt_is_decrypting(void)
3631. {
3632.     if ( p_encrypt_is_decrypting )
3633.         return(p_encrypt_is_decrypting());
3634.     else
3635.         return(0);
3636. }
3637.  
3638. int
3639. ck_get_crypt_table(struct keytab ** pTable, int * pN)
3640. {
3641.     if (p_get_crypt_table) {
3642.         return(p_get_crypt_table(pTable,pN));
3643.     } else {
3644.         int i = 0;
3645.         if (*pTable) {
3646.             for (i = 0; i < *pN; i++)
3647.               free((*pTable)[i].kwd);
3648.             free (*pTable);
3649.         }
3650.         *pTable = NULL;
3651.         *pN = 0;
3652.  
3653.         *pTable = malloc( sizeof(struct keytab) * 2);
3654.         if (!(*pTable))
3655.           return(0);
3656.         (*pTable)[0].kwd = strdup("automatic");
3657.         (*pTable)[0].kwval = ENCTYPE_ANY;
3658.         (*pTable)[0].flgs = 0;
3659.         (*pTable)[1].kwd = strdup("none");
3660.         (*pTable)[1].kwval = -1;
3661.         (*pTable)[1].flgs = 0;
3662.         (*pN) = 2;
3663.         return(2);
3664.     }
3665. }
3666.  
3667. int
3668. ck_des_is_weak_key(Block B)
3669. {
3670.     if ( p_des_is_weak_key )
3671.         return(p_des_is_weak_key(B));
3672.     else
3673.         return(0);      /* assume it is not */
3674. }
3675.  
3676. void
3677. crypt_install_funcs(char * name, void * func)
3678. {
3679. #ifdef NT
3680.     if ( !strcmp(name,"encrypt_parse") )
3681.         (FARPROC) p_encrypt_parse = (FARPROC) func;
3682.     else if ( !strcmp(name,"encrypt_init") )
3683.         (FARPROC) p_encrypt_init = (FARPROC) func;
3684.     else if ( !strcmp(name,"encrypt_session_key") )
3685.         (FARPROC) p_encrypt_session_key = (FARPROC) func;
3686.     else if ( !strcmp(name,"encrypt_dont_support") )
3687.         (FARPROC) p_encrypt_dont_support = (FARPROC) func;
3688.     else if ( !strcmp(name,"encrypt_send_request_start") )
3689.         (FARPROC) p_encrypt_send_request_start = (FARPROC) func;
3690.     else if ( !strcmp(name,"encrypt_request_start") )
3691.         (FARPROC) p_encrypt_request_start = (FARPROC) func;
3692.     else if ( !strcmp(name,"encrypt_send_request_end") )
3693.         (FARPROC) p_encrypt_send_request_end = (FARPROC) func;
3694.     else if ( !strcmp(name, "encrypt_send_end") )
3695.         (FARPROC) p_encrypt_send_end = (FARPROC) func;
3696.     else if ( !strcmp(name,"encrypt_send_support") )
3697.         (FARPROC) p_encrypt_send_support = (FARPROC) func;
3698.     else if ( !strcmp(name,"encrypt_is_encrypting") )
3699.         (FARPROC) p_encrypt_is_encrypting = (FARPROC) func;
3700.     else if ( !strcmp(name,"encrypt_is_decrypting") )
3701.         (FARPROC) p_encrypt_is_decrypting = (FARPROC) func;
3702.     else if ( !strcmp(name,"get_crypt_table") )
3703.         (FARPROC) p_get_crypt_table = (FARPROC) func;
3704.     else if ( !strcmp(name,"des_is_weak_key") )
3705.         (FARPROC) p_des_is_weak_key = (FARPROC) func;
3706.     else if ( !strcmp(name,"libdes_random_key") )
3707.         (FARPROC) libdes_random_key = (FARPROC) func;
3708.     else if ( !strcmp(name,"libdes_random_seed") )
3709.         (FARPROC) libdes_random_seed = (FARPROC) func;
3710.     else if ( !strcmp(name,"libdes_key_sched") )
3711.         (FARPROC) libdes_key_sched = (FARPROC) func;
3712.     else if ( !strcmp(name,"libdes_ecb_encrypt") )
3713.         (FARPROC) libdes_ecb_encrypt = (FARPROC) func;
3714.     else if ( !strcmp(name,"libdes_string_to_key") )
3715.         (FARPROC) libdes_string_to_key = (FARPROC) func;
3716.     else if ( !strcmp(name,"libdes_fixup_key_parity") )
3717.         (FARPROC) libdes_fixup_key_parity = (FARPROC) func;
3718.     else if ( !strcmp(name,"libdes_pcbc_encrypt") )
3719.         (FARPROC) libdes_pcbc_encrypt = (FARPROC) func;
3720.     else if ( !strcmp(name,"crypt_dll_version") )
3721.         (FARPROC) p_crypt_dll_version = (FARPROC) func;
3722. #else /* NT */
3723.     if ( !strcmp(name,"encrypt_parse") )
3724.         p_encrypt_parse = (PFN*) func;
3725.     else if ( !strcmp(name,"encrypt_init") )
3726.         p_encrypt_init = (PFN*) func;
3727.     else if ( !strcmp(name,"encrypt_session_key") )
3728.         p_encrypt_session_key = (PFN*) func;
3729.     else if ( !strcmp(name,"encrypt_dont_support") )
3730.         p_encrypt_dont_support = (PFN*) func;
3731.     else if ( !strcmp(name,"encrypt_send_request_start") )
3732.         p_encrypt_send_request_start = (PFN*) func;
3733.     else if ( !strcmp(name,"encrypt_request_start") )
3734.         p_encrypt_request_start = (PFN*) func;
3735.     else if ( !strcmp(name,"encrypt_send_request_end") )
3736.         p_encrypt_send_request_end = (PFN*) func;
3737.     else if ( !strcmp(name, "encrypt_send_end") )
3738.         p_encrypt_send_end = (PFN*) func;
3739.     else if ( !strcmp(name,"encrypt_send_support") )
3740.         p_encrypt_send_support = (PFN*) func;
3741.     else if ( !strcmp(name,"encrypt_is_encrypting") )
3742.         p_encrypt_is_encrypting = (PFN*) func;
3743.     else if ( !strcmp(name,"encrypt_is_decrypting") )
3744.         p_encrypt_is_decrypting = (PFN*) func;
3745.     else if ( !strcmp(name,"get_crypt_table") )
3746.         p_get_crypt_table = (PFN*) func;
3747.     else if ( !strcmp(name,"des_is_weak_key") )
3748.         p_des_is_weak_key = (PFN*) func;
3749.     else if ( !strcmp(name,"libdes_random_key") )
3750.         libdes_random_key = (PFN*) func;
3751.     else if ( !strcmp(name,"libdes_random_seed") )
3752.         libdes_random_seed = (PFN*) func;
3753.     else if ( !strcmp(name,"libdes_key_sched") )
3754.         libdes_key_sched = (PFN*) func;
3755.     else if ( !strcmp(name,"libdes_ecb_encrypt") )
3756.         libdes_ecb_encrypt = (PFN*) func;
3757.     else if ( !strcmp(name,"libdes_string_to_key") )
3758.         libdes_string_to_key = (PFN*) func;
3759.     else if ( !strcmp(name,"libdes_fixup_key_parity") )
3760.         libdes_fixup_key_parity = (PFN*) func;
3761.     else if ( !strcmp(name,"libdes_pcbc_encrypt") )
3762.         libdes_pcbc_encrypt = (PFN*) func;
3763.     else if ( !strcmp(name,"crypt_dll_version") )
3764.         p_crypt_dll_version = (PFN*) func;
3765. #endif /* NT */
3766. }
3767.  
3768. char *
3769. ck_crypt_dll_version()
3770. {
3771.     if ( p_crypt_dll_version )
3772.         return(p_crypt_dll_version());
3773.     else
3774.         return("Encryption provided via external DLL");
3775. }
3776.  
3777. #define encrypt_parse                 ck_encrypt_parse
3778. #define encrypt_init                  ck_encrypt_init
3779. #define encrypt_session_key           ck_encrypt_session_key
3780. #define encrypt_dont_support          ck_encrypt_dont_support
3781. #define encrypt_send_support          ck_encrypt_send_support
3782. #define encrypt_send_end              ck_encrypt_send_end
3783. #define encrypt_send_request_end      ck_encrypt_send_request_end
3784. #define encrypt_send_request_start    ck_encrypt_send_request_start
3785. #define encrypt_request_start         ck_encrypt_request_start
3786. #define encrypt_is_encrypting         ck_encrypt_is_encrypting
3787. #define encrypt_is_decrypting         ck_encrypt_is_decrypting
3788.  
3789. #ifdef NT
3790. HINSTANCE hCRYPT = NULL;
3791. #else /* NT */
3792. HMODULE hCRYPT = 0;
3793. #endif /* NT */
3794.  
3795. static void
3796. ck_crypt_dll_loaddll_eh(void)
3797. {
3798.     if ( hCRYPT ) {
3799. #ifdef NT
3800.         FreeLibrary(hCRYPT);
3801.         hCRYPT = NULL;
3802. #else /* NT */
3803.         DosFreeModule(hCRYPT);
3804.         hCRYPT = 0;
3805. #endif /* NT */
3806.     }
3807.     p_crypt_dll_init=NULL;
3808.     p_encrypt_parse=NULL;
3809.     p_encrypt_init=NULL;
3810.     p_encrypt_session_key=NULL;
3811.     p_encrypt_dont_support=NULL;
3812.     p_encrypt_send_support=NULL;
3813.     p_encrypt_send_request_start=NULL;
3814.     p_encrypt_request_start=NULL;
3815.     p_encrypt_send_request_end=NULL;
3816.     p_encrypt_send_end=NULL;
3817.     p_encrypt_is_encrypting=NULL;
3818.     p_encrypt_is_decrypting=NULL;
3819.     p_get_crypt_table = NULL;
3820.     p_des_is_weak_key = NULL;
3821.  
3822.     libdes_random_key=NULL;
3823.     libdes_random_seed=NULL;
3824.     libdes_key_sched=NULL;
3825.     libdes_ecb_encrypt=NULL;
3826.     libdes_string_to_key=NULL;
3827.     libdes_fixup_key_parity=NULL;
3828.     libdes_pcbc_encrypt=NULL;
3829.  
3830.     p_crypt_dll_version=NULL;
3831.  
3832.     encrypt_flag = 0;
3833. }
3834.  
3835. static int crypt_dll_loaded=0;
3836.  
3837. int
3838. ck_crypt_loaddll( void )
3839. {
3840.     ULONG rc = 0 ;
3841.     struct _crypt_dll_init init;
3842.     extern unsigned long startflags;
3843.     int load_error = 0, len;
3844. #ifdef OS2ONLY
3845.     CHAR *exe_path;
3846.     CHAR path[256];
3847.     CHAR * dllname = "K2CRYPT";
3848. #endif /* OS2ONLY */
3849.  
3850.     if ( crypt_dll_loaded )
3851.         return(1);
3852.  
3853.     if ( startflags & 8 )       /* do not load if we are not supposed to */
3854.         return(0);
3855.  
3856. #ifdef NT
3857.     hCRYPT = LoadLibrary("K95CRYPT");
3858.     if ( !hCRYPT ) {
3859.         rc = GetLastError() ;
3860.         debug(F101, "K95 Crypt LoadLibrary failed","",rc) ;
3861.         return(0);
3862.     } else {
3863.         if (((FARPROC) p_crypt_dll_init =
3864.               GetProcAddress( hCRYPT, "crypt_dll_init" )) == NULL )
3865.         {
3866.             rc = GetLastError() ;
3867.             debug(F111,"K95 Crypt GetProcAddress failed","crypt_dll_init",rc);
3868.             load_error = 1;
3869.         }
3870.         if ( load_error ) {
3871.             ck_crypt_dll_loaddll_eh();
3872.             return 0;
3873.         }
3874.     }
3875. #else /* NT */
3876.     exe_path = GetLoadPath();
3877.     len = get_dir_len(exe_path);
3878.     if ( len + strlen(dllname) + 4 > sizeof(path) )
3879.         return(0);
3880.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
3881.     rc = DosLoadModule(fail, sizeof(fail), path, &hCRYPT);
3882.     if (rc) {
3883.         debug(F111, "K95 Crypt LoadLibrary failed",fail,rc) ;
3884.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hCRYPT);
3885.     }
3886.     if ( rc ) {
3887.         debug(F111, "K95 Crypt LoadLibrary failed",fail,rc) ;
3888.         return(0);
3889.     } else {
3890.         debug(F111, "K95 Crypt LoadLibrary success",fail,rc) ;
3891.         if (rc = DosQueryProcAddr(hCRYPT,0,"crypt_dll_init",(PFN*)&p_crypt_dll_init))
3892.         {
3893.             debug(F111,"K95 Crypt GetProcAddress failed","crypt_dll_init",rc);
3894.             load_error = 1;
3895.             ck_crypt_dll_loaddll_eh();
3896.             return 0;
3897.         }
3898.     }
3899. #endif /* NT */
3900.  
3901.     init.version = 6;
3902.     /* Version 1 */
3903.     init.p_ttol = ttol;
3904. #ifndef NODEBUG
3905.     init.p_dodebug = dodebug;
3906.     init.p_dohexdump = dohexdump;
3907. #else /* NODEBUG */
3908.     init.p_dodebug = NULL;
3909.     init.p_dohexdump = NULL;
3910. #endif /* NODEBUG */
3911.     init.p_tn_debug = tn_debug;
3912.     init.p_vscrnprintf = Vscrnprintf;
3913.     /* Version 2 */
3914. #ifdef KRB5
3915.     init.p_k5_context = &k5_context;
3916. #else /* KRB5 */
3917.     init.p_k5_context = NULL;
3918. #endif /* KRB5 */
3919.     /* Version 3 */
3920.     init.p_install_funcs = crypt_install_funcs;
3921.     /* Version 5 */
3922.     init.p_reqtelmutex = RequestTelnetMutex;
3923.     init.p_reltelmutex = ReleaseTelnetMutex;
3924.     /* Version 6 - adds p_encrypt_dont_support */
3925.  
3926.     if (!p_crypt_dll_init) {
3927.         debug(F110,"K95 Crypt initialization failed",
3928.               "p_crypt_dll_init is NULL",0);
3929.         ck_crypt_dll_loaddll_eh();
3930.         return(0);
3931.     }
3932.  
3933.     debug(F100,"Calling p_crypt_dll_init()","",0);
3934.     if ( !p_crypt_dll_init(&init) ) {
3935.         debug(F110,"K95 Crypt initialization failed",
3936.               "error in crypt init",0);
3937.         ck_crypt_dll_loaddll_eh();
3938.         return(0);
3939.     }
3940.  
3941.     if ( p_crypt_dll_init==NULL ||
3942.          p_encrypt_parse==NULL ||
3943.          p_encrypt_init==NULL ||
3944.          p_encrypt_session_key==NULL ||
3945.          p_encrypt_dont_support==NULL ||
3946.          p_encrypt_send_support==NULL ||
3947.          p_encrypt_send_request_start==NULL ||
3948.          p_encrypt_request_start==NULL ||
3949.          p_encrypt_send_request_end==NULL ||
3950.          p_encrypt_send_end==NULL ||
3951.          p_encrypt_is_encrypting==NULL ||
3952.          p_encrypt_is_decrypting==NULL ||
3953.          p_get_crypt_table==NULL ||
3954.          p_des_is_weak_key==NULL ||
3955.  
3956.          libdes_random_key==NULL ||
3957.          libdes_random_seed==NULL ||
3958.          libdes_key_sched==NULL ||
3959.          libdes_ecb_encrypt==NULL ||
3960.          libdes_string_to_key==NULL ||
3961.          libdes_fixup_key_parity==NULL ||
3962.          libdes_pcbc_encrypt==NULL
3963.          /* p_crypt_dll_version is an optional function */
3964.          )
3965.     {
3966.         debug(F110,"K95 Crypt initialization failed",
3967.                "not all functions loaded",0);
3968.         ck_crypt_dll_loaddll_eh();
3969.         return(0);
3970.     }
3971.  
3972.     encrypt_flag = 1;
3973.     crypt_dll_loaded = 1;
3974.     if ( deblog )
3975.         printf("Encryption DLL Loaded\n");
3976.     return(1);
3977. }
3978.  
3979. int
3980. ck_crypt_unloaddll( void )
3981. {
3982.     if ( !crypt_dll_loaded )
3983.         return(1);
3984.  
3985.     /* unload dlls */
3986.     ck_crypt_dll_loaddll_eh();
3987.  
3988.     /* success */
3989.     crypt_dll_loaded = 0;
3990.     return(1);
3991. }
3992. #endif /* CRYPT_DLL */
3993.  
3994. static int security_dll_loaded = 0;
3995.  
3996. #ifdef NTLM
3997. #ifdef NT
3998. /* Where did I get these? */
3999. #define NTLMSSP_REQUEST_INIT_RESPONSE       0x100000    /* get back session keys  */
4000. #define NTLMSSP_REQUEST_ACCEPT_RESPONSE     0x200000    /* get back session key, LUID */
4001. #define NTLMSSP_REQUEST_NON_NT_SESSION_KEY  0x400000    /* request non-nt session keys */
4002.  
4003. HINSTANCE hSSPI = NULL;
4004. #else /* NT */
4005. NTLM is not supported on non-windows platforms
4006. #endif /* NT */
4007.  
4008. static int sspi_dll_loaded = 0;
4009. static PSecurityFunctionTable (*p_SSPI_InitSecurityInterface)(void)=NULL;
4010. static PSecurityFunctionTable p_SSPI_Func = NULL;
4011. CredHandle hNTLMCred = { 0, 0 };
4012. static TimeStamp  NTLMTimeStampCred;
4013. static CtxtHandle hNTLMContext;
4014. int    haveNTLMContext = 0;
4015. static SecBufferDesc NTLMSecBufDesc;
4016. SecBuffer     NTLMSecBuf[1];
4017. static UCHAR      NTLMBuffer[1024];
4018. static UCHAR      NTLMBuffer2[1024];
4019. static SecBufferDesc NTLMInSecBufDesc;
4020. static SecBuffer     NTLMInSecBuf;
4021. static UCHAR      NTLMInBuffer[512];
4022. static ULONG      NTLMContextAttrib;
4023. static TimeStamp  NTLMTimeStampContext;
4024. static SECURITY_STATUS ss = SEC_E_OK;
4025. static PBYTE ntlm_pClientBuf = NULL;
4026. static PBYTE ntlm_pServerBuf = NULL;
4027. static DWORD ntlm_cbMaxToken = 0;
4028.  
4029.  
4030. static void
4031. ck_sspi_loaddll_eh( void )
4032. {
4033.     if ( hSSPI ) {
4034.         FreeLibrary(hSSPI);
4035.         hSSPI = NULL;
4036.     }
4037.  
4038.     p_SSPI_InitSecurityInterface = NULL;
4039.     p_SSPI_Func = NULL;
4040. }
4041.  
4042. static int
4043. ck_ntlm_unloaddll( void )
4044. {
4045.     if ( !sspi_dll_loaded )
4046.         return(1);
4047.  
4048.     /* unload dlls */
4049.     ck_sspi_loaddll_eh();
4050.  
4051.     /* success */
4052.     sspi_dll_loaded = 0;
4053.     return(1);
4054. }
4055.  
4056. const char *
4057. sspi_errstr(SECURITY_STATUS ss)
4058. {
4059.     switch ( ss ) {
4060.     case SEC_E_OK:
4061.         return("OK");
4062.     case SEC_E_INSUFFICIENT_MEMORY:
4063.         return("Not enough memory is available to complete this request");
4064.     case SEC_E_INVALID_HANDLE:
4065.         return("The handle specified is invalid");
4066.     case SEC_E_UNSUPPORTED_FUNCTION:
4067.         return("The function requested is not supported");
4068.     case SEC_E_TARGET_UNKNOWN:
4069.         return("The specified target is unknown or unreachable");
4070.     case SEC_E_INTERNAL_ERROR:
4071.         return("The Local Security Authority cannot be contacted");
4072.     case SEC_E_SECPKG_NOT_FOUND:
4073.         return("The requested security package does not exist");
4074.     case SEC_E_NOT_OWNER:
4075.         return("The caller is not the owner of the desired credentials");
4076.     case SEC_E_CANNOT_INSTALL:
4077.         return("The security pakage failed to initialize, and cannot be installed");
4078.     case SEC_E_INVALID_TOKEN:
4079.         return("The token supplied to the function is invalid");
4080.     case SEC_E_CANNOT_PACK:
4081.         return("The security package is not ablle to marshall the logon buffer so the logon attempt has failed");
4082.     case SEC_E_QOP_NOT_SUPPORTED:
4083.         return("The per-message Quality of Protection is not supported by the security package");
4084.     case SEC_E_NO_IMPERSONATION:
4085.         return("The security context does not allow impersonation of the client");
4086.     case SEC_E_LOGON_DENIED:
4087.         return("The logon attempt failed");
4088.     case SEC_E_UNKNOWN_CREDENTIALS:
4089.         return("The credentials supplied to the package were not recognized");
4090.     case SEC_E_NO_CREDENTIALS:
4091.         return("No credentials are available in the security package");
4092.     case SEC_E_MESSAGE_ALTERED:
4093.         return("The message supplied for verification has been altered");
4094.     case SEC_E_OUT_OF_SEQUENCE:
4095.         return("The message supplied for verification is out of sequence");
4096.     case SEC_E_NO_AUTHENTICATING_AUTHORITY:
4097.         return("No authority could be contacted for authentication");
4098.     case SEC_I_CONTINUE_NEEDED:
4099.         return("The function completed successfully, but must be called again to complete the context");
4100.     case SEC_I_COMPLETE_NEEDED:
4101.         return("The function completed successfully, but CompleteToken must be called");
4102.     case SEC_I_COMPLETE_AND_CONTINUE:
4103.         return("The function completed successfully, but both CompleteToken and this function must be called again");
4104.     case SEC_I_LOCAL_LOGON:
4105.         return("The logon was completed, but no network authority was available.  The logon was made using locally known information");
4106.     case SEC_E_BAD_PKGID:
4107.         return("The requested security package does not exist");
4108.     case SEC_E_CONTEXT_EXPIRED:
4109.         return("The context has expired and can no longer be used");
4110.     case SEC_E_INCOMPLETE_MESSAGE:
4111.         return("The supplied message is incomplete.  The signature was not verified");
4112.     case SEC_E_INCOMPLETE_CREDENTIALS:
4113.         return("The credentials supplied were not complete, and could not be verified.  The context could not be initialized");
4114.     case SEC_E_BUFFER_TOO_SMALL:
4115.         return("The buffers supplied to the function were too small");
4116.     case SEC_I_INCOMPLETE_CREDENTIALS:
4117.         return("The credentials supplied were not complete, and could not be verified.  Additional information can be returned from the context");
4118.     case SEC_I_RENEGOTIATE:
4119.         return("The context data must be renegotiated with the user");
4120.     case SEC_E_WRONG_PRINCIPAL:
4121.         return("The context data must be renegotiated with the peer");
4122.     default:
4123.         return("Unknown security error");
4124.     }
4125. }
4126.  
4127. int
4128. ck_sspi_loaddll( void )
4129. {
4130.     ULONG rc = 0 ;
4131.     ULONG Packages;              /* receives the number of packages */
4132.     PSecPkgInfo pPackageInfo;    /* receives array of information   */
4133.     SECURITY_STATUS ss = SEC_E_NOT_SUPPORTED;
4134.     int ntlm_found = 0;
4135.     int load_error = 0;
4136.  
4137.  
4138.     if ( isWin95() )
4139.         hSSPI = LoadLibrary("SECUR32");
4140.     else
4141.         hSSPI = LoadLibrary("SECURITY") ;
4142.  
4143.     if ( !hSSPI ) {
4144.         rc = GetLastError() ;
4145.         debug(F101, "NTLM LoadLibrary failed","",rc) ;
4146.         return(0);
4147.     }
4148.  
4149.     /* when we define UNICODE we must load the Unicode version of this function */
4150.  
4151.     if (((FARPROC) p_SSPI_InitSecurityInterface =
4152.           GetProcAddress( hSSPI, "InitSecurityInterfaceA" )) == NULL )
4153.     {
4154.         rc = GetLastError() ;
4155.         debug(F111, "NTLM GetProcAddress failed",
4156.                "InitSecurityInterfaceA",rc) ;
4157.         load_error = 1;
4158.     } else {
4159.         p_SSPI_Func = p_SSPI_InitSecurityInterface();
4160.     }
4161.  
4162.     if ( !p_SSPI_Func )
4163.     {
4164.         rc = GetLastError() ;
4165.         debug(F101, "NTLM InitSecurityInterface() failed","",rc) ;
4166.         load_error = 1;
4167.     } else {
4168.         ss = p_SSPI_Func->EnumerateSecurityPackages(&Packages,
4169.                                             &pPackageInfo);
4170.     }
4171.  
4172.     if ( ss != SEC_E_OK )
4173.     {
4174.         debug(F101, "NTLM EnumerateSecurityPackages() failed",
4175.                sspi_errstr(ss),ss) ;
4176.         load_error = 1;
4177.     } else {
4178.         debug(F101,"Microsoft Security Providers","",Packages);
4179.         for (;Packages--;) {
4180.             debug(F111,pPackageInfo[Packages].Name,
4181.                    pPackageInfo[Packages].Comment,
4182.                    Packages);
4183.             if ( !strcmp(NTLMSP_NAME_A,pPackageInfo[Packages].Name) ) {
4184.                 ntlm_found = 1;
4185.                 ntlm_cbMaxToken = pPackageInfo[Packages].cbMaxToken;
4186.             }
4187.         }
4188.         p_SSPI_Func->FreeContextBuffer(pPackageInfo);
4189.     }
4190.  
4191.     if ( !ntlm_found || load_error ) {
4192.         debug(F100, "NTLM not installed","",0) ;
4193.         ck_sspi_loaddll_eh();
4194.         return 0;
4195.     }
4196.  
4197.     if ( deblog ) {
4198.         if ( hSSPI )
4199.             printf("NTLM available\n");
4200.     }
4201.     return(1);
4202.  
4203. }
4204.  
4205. int
4206. ck_ntlm_is_valid(int query_user) {
4207.     extern int sstelnet;
4208.     extern char szUserName[];
4209.     extern char pwbuf[];
4210.     extern int  pwflg, pwcrypt;
4211.  
4212.     SEC_WINNT_AUTH_IDENTITY AuthIdentity;
4213.     char prompt[128];
4214.     char domain[128]="",name[128]="",pwd[128]="", *p;
4215.     char localuser[128]="";
4216.     DWORD dw;
4217.     int len;
4218.  
4219.     if ( !p_SSPI_Func || (isWin95() && sstelnet) )
4220.         return(0);
4221.  
4222.     p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
4223.  
4224.     if (!sstelnet) {
4225.         len = strlen(localuser);
4226.         dw = sizeof(localuser)-len;
4227.         GetUserName(&localuser[len],&dw);
4228.  
4229.         len = strlen(szUserName);
4230.         if (len > 0 && query_user) {
4231.             p = szUserName + len - 1;
4232.             while ( p > szUserName ) {
4233.                 if ( *p == '\\' || *p == '/' ) {
4234.                     char q;
4235.                     /* we found a domain */
4236.                     ckstrncpy(name,p+1,sizeof(name));
4237.                     q = *p;
4238.                     *p = '\0';
4239.                     ckstrncpy(domain,szUserName,sizeof(domain));
4240.                     *p = q;
4241.                 }
4242.                 p--;
4243.             }
4244.  
4245.             if (!name[0])
4246.                 ckstrncpy(name,szUserName,sizeof(name));
4247.  
4248.             if (pwbuf[0] && pwflg) {
4249.                 ckstrncpy(pwd,pwbuf,sizeof(pwd));
4250. #ifdef OS2
4251.                 if ( pwcrypt )
4252.                     ck_encrypt((char *)pwd);
4253. #endif /* OS2 */
4254.                 if (!domain[0])
4255.                     strcpy(domain,".");
4256.             } else {
4257. #ifdef KUI
4258.                 struct txtbox tb[3];
4259.                 int ok;
4260.  
4261.                 tb[0].t_buf = domain;
4262.                 tb[0].t_len = sizeof(domain);
4263.                 tb[0].t_lbl = "Domain: ";
4264.                 tb[0].t_dflt = domain;
4265.                 tb[0].t_echo = 1;
4266.                 tb[1].t_buf = name;
4267.                 tb[1].t_len = sizeof(name);
4268.                 tb[1].t_lbl = "Username: ";
4269.                 tb[1].t_dflt = name;
4270.                 tb[1].t_echo = 1;
4271.                 tb[2].t_buf = pwd;
4272.                 tb[2].t_len = sizeof(pwd);
4273.                 tb[2].t_lbl = "Passphrase: ";
4274.                 tb[2].t_dflt = NULL;
4275.                 tb[2].t_echo = 2;
4276.  
4277.                 ok = uq_mtxt("NTLM Authentication Required\n",
4278.                               NULL, 3, tb);
4279.  
4280. #else /* KUI */
4281.                 if (!domain[0]) {
4282.                     ckmakmsg(prompt,sizeof(prompt),name,"'s NTLM Domain: ",NULL,NULL);
4283.                     readtext(prompt,domain,sizeof(domain));
4284.                 }
4285.  
4286.                 if (domain[0]) {
4287.                     ckmakmsg(prompt,sizeof(prompt),domain,"\\",name,"'s NTLM password: ");
4288.                 } else {
4289.                     ckmakmsg(prompt,sizeof(prompt),name,"'s NTLM password: ",NULL,NULL);
4290.                     strcpy(domain,".");
4291.                 }
4292.                 readpass(prompt,pwd,sizeof(pwd));
4293. #endif /* KUI */
4294.             }
4295.  
4296.             ZeroMemory( &AuthIdentity, sizeof(AuthIdentity) );
4297.             AuthIdentity.Domain = domain;
4298.             AuthIdentity.DomainLength = lstrlen(domain);
4299.             AuthIdentity.User = name;
4300.             AuthIdentity.UserLength = lstrlen(name);
4301.             AuthIdentity.Password = pwd;
4302.             AuthIdentity.PasswordLength = lstrlen(pwd);
4303.             AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
4304.         }
4305.     }
4306.  
4307.     ss = p_SSPI_Func->
4308.         AcquireCredentialsHandle( NULL,
4309.                                   NTLMSP_NAME_A,
4310.                                   sstelnet?
4311.                                     SECPKG_CRED_INBOUND:
4312.                                     SECPKG_CRED_OUTBOUND,
4313.                                   NULL,
4314.                                   (!sstelnet && query_user && szUserName[0]) ?
4315.                                   &AuthIdentity : NULL,
4316.                                   NULL,
4317.                                   NULL,
4318.                                   (PCredHandle) &hNTLMCred,
4319.                                   &NTLMTimeStampCred);
4320.     debug(F111,"ck_ntlm_is_valid AcquireCredentialsHandle",sspi_errstr(ss),ss);
4321.     return(ss == SEC_E_OK);
4322. }
4323.  
4324. void
4325. ntlm_reject(int how) {
4326.     unsigned char buf[12];
4327.  
4328.     sprintf(buf, "%c%c%c%c%c%c%c%c%c",
4329.              IAC, SB, TELOPT_AUTHENTICATION,
4330.              TELQUAL_IS,
4331.              authentication_version,
4332.              how,
4333.              NTLM_REJECT, IAC, SE);
4334.     if (deblog || tn_deb || debses) {
4335.         int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
4336.         ckmakxmsg(tn_msg,TN_MSG_LEN,
4337.                   "TELNET SENT SB ", TELOPT(TELOPT_AUTHENTICATION),
4338.                    " IS ", AUTHTYPE_NAME(authentication_version),
4339.                    " ", AUTHMODE_NAME(mode),
4340.                    " NTLM_REJECT IAC SE",
4341.                    NULL,NULL,NULL,NULL,NULL
4342.                    );
4343.         debug(F100,tn_msg,"",0);
4344.         if (tn_deb || debses) tn_debug(tn_msg);
4345.     }
4346. #ifdef OS2
4347.     RequestTelnetMutex( SEM_INDEFINITE_WAIT );
4348. #endif
4349.     ttol((char *)buf, 9);
4350. #ifdef OS2
4351.     ReleaseTelnetMutex();
4352. #endif
4353. }
4354.  
4355. int
4356. ntlm_auth_send() {
4357.     DWORD context_requirements = 0;
4358.  
4359.     if ( !p_SSPI_Func ) {
4360.         debug(F110,"ntlm_auth_send() failed","NTLM not installed",0);
4361.         return(-1);
4362.     }
4363.  
4364.     //
4365.     // Set up the Buffer Descriptor
4366.     //
4367.     NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
4368.     NTLMSecBufDesc.cBuffers = 1;
4369.     NTLMSecBufDesc.pBuffers = NTLMSecBuf;
4370.  
4371.     NTLMSecBuf[0].cbBuffer = 1024;
4372.     NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
4373.     NTLMSecBuf[0].pvBuffer = NTLMBuffer;
4374.  
4375.     p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
4376.     memset(&hNTLMContext,0,sizeof(hNTLMContext));
4377.     memset(&NTLMContextAttrib,0,sizeof(NTLMContextAttrib));
4378.     memset(&NTLMTimeStampContext,0,sizeof(NTLMTimeStampContext));
4379.  
4380.     if ( !isWin95() ) {
4381.         context_requirements =
4382. #ifdef COMMENT
4383.             ISC_REQ_USE_DCE_STYLE |
4384.             ISC_REQ_DELEGATE |
4385.             ISC_REQ_MUTUAL_AUTH |
4386.             ISC_REQ_REPLAY_DETECT |
4387.             ISC_REQ_SEQUENCE_DETECT |
4388.             ISC_REQ_CONFIDENTIALITY |
4389.             ISC_REQ_CONNECTION |
4390.             ISC_REQ_USE_SESSION_KEY |
4391.             ISC_REQ_EXTENDED_ERROR |
4392.             NTLMSSP_REQUEST_INIT_RESPONSE |
4393.             NTLMSSP_REQUEST_ACCEPT_RESPONSE |
4394.             NTLMSSP_REQUEST_NON_NT_SESSION_KEY,
4395. #else
4396.             ISC_REQ_USE_DCE_STYLE |
4397.             ISC_REQ_DELEGATE |
4398.             ISC_REQ_MUTUAL_AUTH |
4399.             ISC_REQ_REPLAY_DETECT |
4400.             ISC_REQ_SEQUENCE_DETECT |
4401.             ISC_REQ_CONFIDENTIALITY |
4402.             ISC_REQ_CONNECTION |
4403.             ISC_REQ_USE_SESSION_KEY |
4404.             ISC_REQ_EXTENDED_ERROR
4405. #endif
4406.                 ;
4407.     }
4408.  
4409.     ss = p_SSPI_Func->InitializeSecurityContext(&hNTLMCred,
4410.                 0,
4411.                 NULL,
4412.                 context_requirements,
4413.                 0,
4414.                 SECURITY_NETWORK_DREP,
4415.                 0,
4416.                 0,
4417.                 &hNTLMContext,
4418.                 &NTLMSecBufDesc,
4419.                 &NTLMContextAttrib,
4420.                 &NTLMTimeStampContext);
4421.     debug(F111,"ntlm_auth_send() InitializeSecurityContext",
4422.            sspi_errstr(ss),ss);
4423.  
4424.     hexdump("ntlm_auth_send() InitializeSecurityContext Context Requirements",
4425.            &context_requirements,sizeof(context_requirements));
4426.     hexdump("ntlm_auth_send() InitializeSecurityContext Context Attributes",
4427.            &NTLMContextAttrib,sizeof(NTLMContextAttrib));
4428.  
4429.     switch ( ss ) {
4430.     case SEC_E_OK:
4431.     case SEC_I_CONTINUE_NEEDED:
4432.     case SEC_I_COMPLETE_AND_CONTINUE:
4433.         break;
4434.     default:
4435.         printf("ISC: %s\n",sspi_errstr(ss));
4436.         debug(F111,"ntlm_auth_send() failed",
4437.                sspi_errstr(ss),ss);
4438.         return(-1);
4439.     }
4440.  
4441.     debug(F111,"ntlm_auth_send sending","NTLMSecBuf[0].cbBuffer",
4442.            NTLMSecBuf[0].cbBuffer);
4443.     debug(F111,"ntlm_auth_send sending","NTLMSecBuf[0].BufferType",
4444.            NTLMSecBuf[0].BufferType);
4445.     hexdump("ntlm_auth_send sending NTLMSecBuf[0].pvBuffer",
4446.              NTLMSecBuf[0].pvBuffer,
4447.              NTLMSecBuf[0].cbBuffer);
4448.  
4449.     /* The rest of the work is continued in auth_send() */
4450.     return(0);
4451. }
4452.  
4453. int
4454. #ifdef CK_ANSIC
4455. ntlm_reply(int how, unsigned char *data, int cnt)
4456. #else
4457. ntlm_reply(how,data,cnt) int how; unsigned char *data; int cnt;
4458. #endif
4459. {
4460.     DWORD context_requirements = 0;
4461.     unsigned char buf[512], *p;
4462.     int length = 0, iaccnt = 0, i;
4463.  
4464.     data += 4;                          /* Point to status byte */
4465.     cnt  -= 4;
4466.  
4467.     if(cnt < 8  && ss != SEC_E_OK) {
4468.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
4469.         p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
4470.  
4471.         ntlm_reject(how);
4472.         auth_finished(AUTH_REJECT);
4473.         return(AUTH_FAILURE);
4474.     }
4475.  
4476.     if ( !isWin95() ) {
4477.         context_requirements =
4478. #ifdef COMMENT
4479.                 ISC_REQ_USE_DCE_STYLE |
4480.                 ISC_REQ_DELEGATE |
4481.                 ISC_REQ_MUTUAL_AUTH |
4482.                 ISC_REQ_REPLAY_DETECT |
4483.                 ISC_REQ_SEQUENCE_DETECT |
4484.                 ISC_REQ_CONFIDENTIALITY |
4485.                 ISC_REQ_CONNECTION |
4486.                 ISC_REQ_USE_SESSION_KEY |
4487.                 ISC_REQ_EXTENDED_ERROR |
4488.                 NTLMSSP_REQUEST_INIT_RESPONSE |
4489.                 NTLMSSP_REQUEST_ACCEPT_RESPONSE |
4490.                 NTLMSSP_REQUEST_NON_NT_SESSION_KEY
4491. #else
4492.                 ISC_REQ_USE_DCE_STYLE |
4493.                 ISC_REQ_DELEGATE |
4494.                 ISC_REQ_MUTUAL_AUTH |
4495.                 ISC_REQ_REPLAY_DETECT |
4496.                 ISC_REQ_SEQUENCE_DETECT |
4497.                 ISC_REQ_CONFIDENTIALITY |
4498.                 ISC_REQ_CONNECTION |
4499.                 ISC_REQ_USE_SESSION_KEY |
4500.                 ISC_REQ_EXTENDED_ERROR
4501. #endif
4502.                     ;
4503.     }
4504.  
4505.     cnt--;
4506.     switch(*data++) {
4507.     case 1:     /* CONTINUE */
4508.         memcpy(buf,data,cnt);
4509.         p = buf;
4510.  
4511.         NTLMInSecBufDesc.ulVersion = SECBUFFER_VERSION;
4512.         NTLMInSecBufDesc.cBuffers = 1;
4513.         NTLMInSecBufDesc.pBuffers = &NTLMInSecBuf;
4514.  
4515.         p = (unsigned char *)&NTLMInSecBuf.cbBuffer;
4516.         p[0] = *data++;
4517.         p[1] = *data++;
4518.         p[2] = *data++;
4519.         p[3] = *data++;
4520.  
4521.         p = (unsigned char *)&NTLMInSecBuf.BufferType;
4522.         p[0] = *data++;
4523.         p[1] = *data++;
4524.         p[2] = *data++;
4525.         p[3] = *data++;
4526.  
4527.         NTLMInSecBuf.pvBuffer = data;
4528.  
4529.         NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
4530.         NTLMSecBufDesc.cBuffers = 1;
4531.         NTLMSecBufDesc.pBuffers = NTLMSecBuf;
4532.  
4533.         NTLMSecBuf[0].cbBuffer = 1024;
4534.         NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
4535.         NTLMSecBuf[0].pvBuffer = NTLMBuffer;
4536.  
4537.         debug(F111,"ntlm_reply received","NTLMInSecBuf.cbBuffer",
4538.                NTLMSecBuf[0].cbBuffer);
4539.         debug(F111,"ntlm_reply received","NTLMInSecBuf.BufferType",
4540.                NTLMSecBuf[0].BufferType);
4541.         hexdump("ntlm_reply received NTLMInSecBuf[0].pvBuffer",
4542.                  NTLMInSecBuf.pvBuffer,
4543.                  NTLMInSecBuf.cbBuffer);
4544.  
4545.  
4546.         ss = p_SSPI_Func->InitializeSecurityContext(0,
4547.                 &hNTLMContext,
4548.                 0,
4549.                 context_requirements,
4550.                 0,
4551.                 SECURITY_NETWORK_DREP,
4552.                 &NTLMInSecBufDesc,
4553.                 0,
4554.                 &hNTLMContext,
4555.                 &NTLMSecBufDesc,
4556.                 &NTLMContextAttrib,
4557.                 &NTLMTimeStampContext);
4558.         debug(F111,"ntlm_reply InitializeSecurityContext",sspi_errstr(ss),ss);
4559.  
4560.         hexdump("ntlm_reply() InitializeSecurityContext Context Requirements",
4561.                  &context_requirements,sizeof(context_requirements));
4562.         hexdump("ntlm_reply() InitializeSecurityContext Context Attributes",
4563.                  &NTLMContextAttrib,sizeof(NTLMContextAttrib));
4564.  
4565.  
4566.         switch ( ss ) {
4567.         case SEC_E_OK:
4568.         case SEC_I_CONTINUE_NEEDED:
4569.         case SEC_I_COMPLETE_AND_CONTINUE:
4570.             break;
4571.         default:
4572.             debug(F111,"ntlm_auth_reply() failed",sspi_errstr(ss),ss);
4573.             p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
4574.             p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
4575.  
4576.             ntlm_reject(how);
4577.             auth_finished(AUTH_REJECT);
4578.             return(AUTH_FAILURE);
4579.         }
4580.  
4581.         sprintf(buf, "%c%c%c%c%c%c%c",
4582.                  IAC, SB, TELOPT_AUTHENTICATION,
4583.                  TELQUAL_IS,
4584.                  authentication_version,
4585.                  how,
4586.                  NTLM_RESPONSE);                        /* safe */
4587.  
4588.         debug(F111,"ntlm_reply sending","NTLMSecBuf[0].cbBuffer",
4589.                NTLMSecBuf[0].cbBuffer);
4590.         debug(F111,"ntlm_reply sending","NTLMSecBuf[0].BufferType",
4591.                NTLMSecBuf[0].BufferType);
4592.         hexdump("ntlm_reply sending NTLMSecBuf[0].pvBuffer",
4593.                  NTLMSecBuf[0].pvBuffer,
4594.                  NTLMSecBuf[0].cbBuffer);
4595.  
4596.         for ( i=0 ; i<NTLMSecBuf[0].cbBuffer ; i++ ) {
4597.             if ( ((char *)NTLMSecBuf[0].pvBuffer)[i] == IAC )
4598.                 iaccnt++;
4599.         }
4600.  
4601.         if ( NTLMSecBuf[0].cbBuffer + 2 * sizeof(ULONG) + 10 + iaccnt <
4602.              sizeof(buf) ) {
4603.             length = copy_for_net(&buf[7], (char *) &NTLMSecBuf[0],
4604.                                    2*sizeof(ULONG));
4605.             length += copy_for_net(&buf[7+length], NTLMSecBuf[0].pvBuffer,
4606.                                     NTLMSecBuf[0].cbBuffer);
4607.         }
4608.         sprintf(&buf[7+length], "%c%c", IAC, SE);       /* safe */
4609.  
4610.         if (deblog || tn_deb || debses) {
4611.             int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
4612.             ckmakxmsg(tn_msg,TN_MSG_LEN,"TELNET SENT SB ",
4613.                        TELOPT(TELOPT_AUTHENTICATION)," IS ",
4614.                        AUTHTYPE_NAME(authentication_version)," ",
4615.                        AUTHMODE_NAME(mode), " NTLM_RESPONSE ",
4616.                        NULL,NULL,NULL,NULL,NULL );
4617.             tn_hex(tn_msg,TN_MSG_LEN,&buf[7],length);
4618.             ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
4619.             debug(F100,tn_msg,"",0);
4620.             if (tn_deb || debses) tn_debug(tn_msg);
4621.         }
4622. #ifdef OS2
4623.         RequestTelnetMutex( SEM_INDEFINITE_WAIT );
4624. #endif
4625.         ttol((char *)buf, length+9);
4626. #ifdef OS2
4627.         ReleaseTelnetMutex();
4628. #endif
4629.         break;
4630.     case NTLM_ACCEPT:     /* ACCEPT */
4631.         auth_finished(AUTH_VALID);
4632.         accept_complete = 1;
4633.         return AUTH_SUCCESS;
4634.     case NTLM_REJECT:     /* REJECT */
4635.         if (cnt > 0) {
4636.             data[cnt] = '\0';
4637.             ckmakmsg(strTmp,sizeof(strTmp),"NTLM refuses authentication (",
4638.                      data,")\r\n",NULL);
4639.         } else {
4640.             sprintf(strTmp,"NTLM refuses authentication\r\n");
4641.         }
4642.         printf("NTLM authentication failed!\r\n%s\r\n",strTmp);
4643.  
4644.     default:
4645.         auth_finished(AUTH_REJECT);
4646.         accept_complete = 1;
4647.         return AUTH_FAILURE;
4648.         break;
4649.     }
4650.  
4651. #ifdef COMMENT
4652.     if ( ss == SEC_E_OK ) {
4653.  
4654.         SecPkgContext_Sizes sizes;
4655.         SecPkgContext_Names names;
4656.         SecPkgContext_Lifespan lifespan;
4657.         SecPkgContext_DceInfo dce;
4658.         SecPkgContext_StreamSizes stream;
4659.         SecPkgContext_Authority authority;
4660.         SecPkgContext_KeyInfo keyinfo;
4661.         SecPkgContext_ProtoInfo proto;
4662.         SecPkgContext_PasswordExpiry pwd;
4663.         SecPkgContext_SessionKey skey;
4664.         SecPkgContext_PackageInfo pkginf;
4665.  
4666.         /* The Server has now authenticated the Client's User */
4667.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SIZES,&sizes);
4668.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_SIZES",sspi_errstr(ss),ss);
4669.  
4670.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_NAMES,&names);
4671.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_NAMES",sspi_errstr(ss),ss);
4672.  
4673.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_LIFESPAN,&lifespan);
4674.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_LIFESPAN",sspi_errstr(ss),ss);
4675.  
4676.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_DCE_INFO,&dce);
4677.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_DCE_INFO",sspi_errstr(ss),ss);
4678.  
4679.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_STREAM_SIZES,&stream);
4680.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_STREAM_SIZES",sspi_errstr(ss),ss);
4681.  
4682.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_KEY_INFO,&keyinfo);
4683.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_KEY_INFO",sspi_errstr(ss),ss);
4684.  
4685.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_AUTHORITY,&authority);
4686.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_AUTHORITY",sspi_errstr(ss),ss);
4687.  
4688.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PROTO_INFO,&proto);
4689.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PROTO_INFO",sspi_errstr(ss),ss);
4690.  
4691.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PASSWORD_EXPIRY,&pwd);
4692.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PASSWORD_EXPIRY",sspi_errstr(ss),ss);
4693.  
4694.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SESSION_KEY,&skey);
4695.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_SESSION_KEY",sspi_errstr(ss),ss);
4696.  
4697.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PACKAGE_INFO,&pkginf);
4698.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PACKAGE_INFO",sspi_errstr(ss),ss);
4699.         ss = SEC_E_OK;
4700.     }
4701. #endif /* COMMENT */
4702.  
4703.     return AUTH_SUCCESS;
4704. }
4705.  
4706. int
4707. ntlm_impersonate()
4708. {
4709.     if ( p_SSPI_Func ) {
4710.         ss = p_SSPI_Func->ImpersonateSecurityContext( &hNTLMContext );
4711.         debug(F111,"ntlm_impersonate() ImpersonateSecurityContext","ss",ss);
4712.         return(ss == SEC_E_OK);
4713.     }
4714.     return(0);
4715. }
4716.  
4717. int
4718. ntlm_revert()
4719. {
4720.     if ( p_SSPI_Func ) {
4721.         ss = p_SSPI_Func->RevertSecurityContext( &hNTLMContext );
4722.         debug(F111,"ntlm_revert() RevertSecurityContext","ss",ss);
4723.         return(ss == SEC_E_OK);
4724.     }
4725.     return(0);
4726. }
4727.  
4728. int
4729. #ifdef CK_ANSIC
4730. ntlm_is(unsigned char *data, int cnt)
4731. #else
4732. ntlm_is(data,cnt) unsigned char *data; int cnt;
4733. #endif
4734. {
4735.     DWORD context_requirements = 0;
4736.     unsigned char buf[512], *p;
4737.     int length = 0;
4738.     int round = -1;
4739.     int i, iaccnt = 0;
4740.  
4741.     data += 4;                          /* Point to status byte */
4742.     cnt  -= 4;
4743.  
4744.     if (cnt < 8) {
4745.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
4746.         p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
4747.         ntlm_reject(auth_how);
4748.         auth_finished(AUTH_REJECT);
4749.         return(AUTH_FAILURE);
4750.     }
4751.  
4752.     cnt--;
4753.     round = *data++;
4754.     debug(F111,"ntlm_is","round",round);
4755.     switch(round) {
4756.     case 0:
4757.     case 2:
4758.         NTLMInSecBufDesc.ulVersion = 0;
4759.         NTLMInSecBufDesc.cBuffers = 1;
4760.         NTLMInSecBufDesc.pBuffers = &NTLMInSecBuf;
4761.  
4762.         p = (unsigned char *)&NTLMInSecBuf.cbBuffer;
4763.         p[0] = *data++;
4764.         p[1] = *data++;
4765.         p[2] = *data++;
4766.         p[3] = *data++;
4767.         cnt -= 4;
4768.         debug(F111,"ntlm_is","NTLMInSecBuf.cbBuffer",NTLMInSecBuf.cbBuffer);
4769.  
4770.         p = (unsigned char *)&NTLMInSecBuf.BufferType;
4771.         p[0] = *data++;
4772.         p[1] = *data++;
4773.         p[2] = *data++;
4774.         p[3] = *data++;
4775.         cnt -= 4;
4776.         debug(F111,"ntlm_is","NTLMInSecBuf.BufferType",NTLMInSecBuf.BufferType);
4777.  
4778.         hexdump("ntlm_is received NTLMInSecBuf.pvBuffer",data,cnt);
4779.         NTLMInSecBuf.pvBuffer = data;
4780.  
4781.         NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
4782.         NTLMSecBufDesc.cBuffers = 1;
4783.         NTLMSecBufDesc.pBuffers = NTLMSecBuf;
4784.  
4785.         NTLMSecBuf[0].cbBuffer = 1024;
4786.         NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
4787.         NTLMSecBuf[0].pvBuffer = NTLMBuffer;
4788.  
4789.         if ( !isWin95() ) {
4790.             context_requirements =
4791. #ifdef COMMENT
4792.                                    ASC_REQ_USE_DCE_STYLE |
4793.                                    ASC_REQ_DELEGATE |
4794.                                    ASC_REQ_MUTUAL_AUTH |
4795.                                    ASC_REQ_REPLAY_DETECT |
4796.                                    ASC_REQ_SEQUENCE_DETECT |
4797.                                    ASC_REQ_CONFIDENTIALITY |
4798.                                    ASC_REQ_CONNECTION |
4799.                                    ASC_REQ_USE_SESSION_KEY |
4800.                                    ASC_REQ_EXTENDED_ERROR |
4801.                                    NTLMSSP_REQUEST_INIT_RESPONSE |
4802.                                    NTLMSSP_REQUEST_ACCEPT_RESPONSE |
4803.                                    NTLMSSP_REQUEST_NON_NT_SESSION_KEY
4804. #else
4805.                                    ASC_REQ_USE_DCE_STYLE |
4806.                                    ASC_REQ_MUTUAL_AUTH |
4807.                                    ASC_REQ_DELEGATE |
4808.                                    ASC_REQ_SEQUENCE_DETECT |
4809.                                    ASC_REQ_CONFIDENTIALITY |
4810.                                    ASC_REQ_CONNECTION |
4811.                                    ASC_REQ_USE_SESSION_KEY |
4812.                                    ASC_REQ_EXTENDED_ERROR
4813. #endif
4814.                                        ;
4815.         }
4816.  
4817.         ss = p_SSPI_Func->
4818.             AcceptSecurityContext(
4819. #ifdef COMMENT
4820.                                    round == 0 ? &hNTLMCred : 0,
4821. #else COMMENT
4822.                                    &hNTLMCred,
4823. #endif /* COMMENT */
4824.                                    round == 2 ? &hNTLMContext : 0,
4825.                                    &NTLMInSecBufDesc,
4826.                                    context_requirements,
4827.                                    SECURITY_NETWORK_DREP,
4828.                                    &hNTLMContext,
4829.                                    &NTLMSecBufDesc,
4830.                                    &NTLMContextAttrib,
4831.                                    &NTLMTimeStampContext);
4832.  
4833.         hexdump("ntlm_is() AcceptSecurityContext Context Requirements",
4834.                  &context_requirements,sizeof(context_requirements));
4835.         hexdump("ntlm_is() AcceptSecurityContext Context Attributes",
4836.                  &NTLMContextAttrib,sizeof(NTLMContextAttrib));
4837.  
4838.         debug(F111,"ntlm_is AcceptSecurityContext",sspi_errstr(ss),ss);
4839.         switch ( ss ) {
4840.         case SEC_I_CONTINUE_NEEDED:
4841.         case SEC_I_COMPLETE_AND_CONTINUE:
4842.             sprintf(buf, "%c%c%c%c%c%c%c",
4843.                      IAC, SB, TELOPT_AUTHENTICATION,
4844.                      TELQUAL_REPLY,
4845.                      authentication_version,
4846.                      auth_how,
4847.                      NTLM_CHALLENGE);                   /* safe */
4848.  
4849.             for ( i=0 ; i<NTLMSecBuf[0].cbBuffer ; i++ ) {
4850.                 if ( ((char *)NTLMSecBuf[0].pvBuffer)[i] == IAC )
4851.                     iaccnt++;
4852.             }
4853.             if ( NTLMSecBuf[0].cbBuffer + 2*sizeof(ULONG) + iaccnt + 10 <
4854.                  sizeof(buf)) {
4855.                 debug(F111,"ntlm_is sending","NTLMSecBuf[0].cbBuffer",
4856.                          NTLMSecBuf[0].cbBuffer);
4857.                 debug(F111,"ntlm_is sending","NTLMSecBuf[0].BufferType",
4858.                          NTLMSecBuf[0].BufferType);
4859.                 length = copy_for_net(&buf[7], (char *) &NTLMSecBuf[0],
4860.                                        2*sizeof(ULONG));
4861.                 hexdump("ntlm_is sending NTLMSecBuf[0].pvBuffer",NTLMSecBuf[0].pvBuffer,
4862.                                         NTLMSecBuf[0].cbBuffer);
4863.                 length += copy_for_net(&buf[7+length], NTLMSecBuf[0].pvBuffer,
4864.                                         NTLMSecBuf[0].cbBuffer);
4865.             }
4866.             break;
4867.         case SEC_E_OK:
4868.             ss = p_SSPI_Func->ImpersonateSecurityContext( &hNTLMContext );
4869.             debug(F111,"ntlm_is ImpersonateSecurityContext",sspi_errstr(ss),ss);
4870.             if ( ss == SEC_E_OK ) {
4871.                 sprintf(buf, "%c%c%c%c%c%c%c",
4872.                          IAC, SB, TELOPT_AUTHENTICATION,
4873.                          TELQUAL_REPLY,
4874.                          authentication_version,
4875.                          auth_how,
4876.                          NTLM_ACCEPT);                  /* safe */
4877.  
4878.                 ss = p_SSPI_Func->RevertSecurityContext( &hNTLMContext );
4879.                 debug(F111,"ntlm_is RevertSecurityContext",sspi_errstr(ss),ss);
4880.                 break;
4881.             }
4882.             /* If there was an error Impersonating, fall through */
4883.         default:
4884.             printf("?NTLM Accept failed: %s\r\n",sspi_errstr(ss));
4885.             p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
4886.             p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
4887.             length = strlen(sspi_errstr(ss));
4888.             if ( length + 10 >= sizeof(buf) )
4889.                 length = 0;
4890.             sprintf(buf, "%c%c%c%c%c%c%c%s",
4891.                      IAC, SB, TELOPT_AUTHENTICATION,
4892.                      TELQUAL_REPLY,
4893.                      authentication_version,
4894.                      auth_how,
4895.                      NTLM_REJECT,
4896.                      (length ? sspi_errstr(ss) : ""));  /* safe */
4897.         }
4898.         sprintf(&buf[7+length], "%c%c", IAC, SE);       /* safe */
4899.  
4900.         if (deblog || tn_deb || debses) {
4901.             int i;
4902.             int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
4903.             char * s = NULL;
4904.  
4905.             switch (buf[6]) {
4906.             case NTLM_CHALLENGE:
4907.                 s = "NTLM_CHALLENGE";
4908.                 break;
4909.             case NTLM_ACCEPT:
4910.                 s = "NTLM_ACCEPT";
4911.                 break;
4912.             case NTLM_REJECT:
4913.                 s = "NTLM_REJECT";
4914.                 break;
4915.             }
4916.             ckmakxmsg(tn_msg,TN_MSG_LEN,
4917.                       "TELNET SENT SB ", TELOPT(TELOPT_AUTHENTICATION),
4918.                        " REPLY ", AUTHTYPE_NAME(authentication_version),
4919.                        " ", AUTHMODE_NAME(mode),
4920.                        " ", s," ",
4921.                        NULL,NULL,NULL);
4922.             tn_hex(tn_msg,TN_MSG_LEN,&buf[7],length);
4923.             ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
4924.             debug(F100,tn_msg,"",0);
4925.             if (tn_deb || debses) tn_debug(tn_msg);
4926.         }
4927. #ifdef OS2
4928.         RequestTelnetMutex( SEM_INDEFINITE_WAIT );
4929. #endif
4930.         ttol((char *)buf, length+9);
4931. #ifdef OS2
4932.         ReleaseTelnetMutex();
4933. #endif
4934.     }
4935.  
4936.     switch (buf[6]) {
4937.     case NTLM_ACCEPT: {
4938.         char * p;
4939.         SecPkgContext_Sizes sizes;
4940.         SecPkgContext_Names names;
4941.         SecPkgContext_Lifespan lifespan;
4942.         SecPkgContext_DceInfo dce;
4943.         SecPkgContext_StreamSizes stream;
4944.         SecPkgContext_Authority authority;
4945.         SecPkgContext_KeyInfo keyinfo;
4946.         SecPkgContext_ProtoInfo proto;
4947.         SecPkgContext_PasswordExpiry pwd;
4948.         SecPkgContext_SessionKey skey;
4949.         SecPkgContext_PackageInfo pkginf;
4950. #ifdef IKSD
4951.         extern CHAR * pReferenceDomainName;
4952.         extern int inserver;
4953. #endif /* IKSD */
4954.  
4955.         /* The Server has now authenticated the Client's User */
4956.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SIZES,&sizes);
4957.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_NAMES,&names);
4958.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_LIFESPAN,&lifespan);
4959.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_DCE_INFO,&dce);
4960.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_STREAM_SIZES,&stream);
4961.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_KEY_INFO,&keyinfo);
4962.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_AUTHORITY,&authority);
4963.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PROTO_INFO,&proto);
4964.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PASSWORD_EXPIRY,&pwd);
4965.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SESSION_KEY,&skey);
4966.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PACKAGE_INFO,&pkginf);
4967.  
4968. #ifdef IKSD
4969.         /* Format of sUserName is HOST\user or DOMAIN\user */
4970.         if ( !inserver ) {
4971.             p = names.sUserName + strlen(names.sUserName);
4972.             while ( p != names.sUserName ) {
4973.                 if ( *p == '\\' ) {
4974.                     *p = '\0';
4975.                     makestr(&pReferenceDomainName,names.sUserName);
4976.                     *p = '\\';
4977.                     p++;
4978.                     break;
4979.                 }
4980.                 p--;
4981.             }
4982.         } else
4983. #endif /* IKSD */
4984.         {
4985.             /* Let the Reference Domain Name be extracted by zvuser() */
4986.             /* if we are running as IKSD */
4987.             p = names.sUserName;
4988.         }
4989.         ckstrncpy(szUserNameRequested,p,UIDBUFLEN);
4990.         cklower(szUserNameRequested);
4991.         ckstrncpy(szUserNameAuthenticated,names.sUserName,UIDBUFLEN);
4992.  
4993.         auth_finished(AUTH_VALID);
4994.         accept_complete = 1;
4995.         return AUTH_SUCCESS;
4996.     }
4997.     case NTLM_REJECT:
4998.         auth_finished(AUTH_REJECT);
4999.         return(AUTH_FAILURE);
5000.     case NTLM_CHALLENGE:
5001.         return AUTH_SUCCESS;
5002.     }
5003.     return AUTH_FAILURE;
5004. }
5005.  
5006. /* The following code is used to implement the SSPLogonUser() function */
5007.  
5008. // structure storing the state of the authentication sequence
5009. //
5010. int SSPLogonError = SEC_E_OK;
5011.  
5012. typedef struct _AUTH_SEQ {
5013.     BOOL _fNewConversation;
5014.     CredHandle _hcred;
5015.     BOOL _fHaveCredHandle;
5016.     BOOL _fHaveCtxtHandle;
5017.     struct _SecHandle  _hctxt;
5018. } AUTH_SEQ, *PAUTH_SEQ;
5019.  
5020.  
5021. typedef struct _node_tag  {
5022.     DWORD dwKey;
5023.     PVOID *pData;
5024.     struct _node_tag *pNext;
5025. } NODE, *PNODE;
5026.  
5027. static NODE Head = {(DWORD)-1, NULL, NULL};
5028.  
5029. BOOL GetEntry (DWORD dwKey, PVOID *ppData)
5030. {
5031.     PNODE pCurrent;
5032.  
5033.     pCurrent = Head.pNext;
5034.     while (NULL != pCurrent) {
5035.         if (dwKey == pCurrent->dwKey)  {
5036.             *ppData = pCurrent->pData;
5037.             return(TRUE);
5038.         }
5039.         pCurrent = pCurrent->pNext;
5040.     }
5041.  
5042.     return(FALSE);
5043. }
5044.  
5045. BOOL AddEntry (DWORD dwKey, PVOID pData)
5046. {
5047.     PNODE pTemp;
5048.  
5049.     pTemp = (PNODE) malloc (sizeof (NODE));
5050.     if (NULL == pTemp)  {
5051.         return(FALSE);
5052.     }
5053.  
5054.     pTemp->dwKey = dwKey;
5055.     pTemp->pData = pData;
5056.     pTemp->pNext = Head.pNext;
5057.     Head.pNext = pTemp;
5058.  
5059.     return(TRUE);
5060. }
5061.  
5062. BOOL DeleteEntry (DWORD dwKey, PVOID *ppData)
5063. {
5064.     PNODE pCurrent, pTemp;
5065.  
5066.     pTemp = &Head;
5067.     pCurrent = Head.pNext;
5068.  
5069.     while (NULL != pCurrent) {
5070.         if (dwKey == pCurrent->dwKey)  {
5071.             pTemp->pNext = pCurrent->pNext;
5072.             *ppData = pCurrent->pData;
5073.             free (pCurrent);
5074.             return(TRUE);
5075.         }
5076.         else {
5077.             pTemp = pCurrent;
5078.             pCurrent = pCurrent->pNext;
5079.         }
5080.     }
5081.  
5082.     return(FALSE);
5083. }
5084.  
5085. BOOL InitSession (DWORD dwKey)
5086. /*++
5087.  
5088.  Routine Description:
5089.  
5090.     Initializes the context associated with a key and adds it to the
5091.         collection.
5092.  
5093.  Return Value:
5094.  
5095.     Returns TRUE is successful; otherwise FALSE is returned.
5096.  
5097. --*/
5098. {
5099.     PAUTH_SEQ pAS;
5100.  
5101.     pAS = (PAUTH_SEQ) malloc (sizeof (AUTH_SEQ));
5102.     if (NULL == pAS)
5103.         return(FALSE);
5104.  
5105.     pAS->_fNewConversation = TRUE;
5106.     pAS->_fHaveCredHandle = FALSE;
5107.     pAS->_fHaveCtxtHandle = FALSE;
5108.  
5109.     if (!AddEntry (dwKey, (PVOID)pAS))  {
5110.         free (pAS);
5111.         return(FALSE);
5112.     }
5113.  
5114.     return(TRUE);
5115. }
5116.  
5117. BOOL TermSession (DWORD dwKey)
5118. /*++
5119.  
5120.  Routine Description:
5121.  
5122.     Releases the resources associated with a key and removes it from
5123.         the collection.
5124.  
5125.  Return Value:
5126.  
5127.     Returns TRUE is successful; otherwise FALSE is returned.
5128.  
5129. --*/
5130. {
5131.     PAUTH_SEQ pAS;
5132.  
5133.     if (!DeleteEntry (dwKey, (LPVOID*)&pAS))
5134.         return(FALSE);
5135.  
5136.     if (pAS->_fHaveCtxtHandle) {
5137.         SSPLogonError = p_SSPI_Func->DeleteSecurityContext (&pAS->_hctxt);
5138.         debug(F111,"TermSession DeleteSecurityContext",
5139.                sspi_errstr(SSPLogonError),SSPLogonError);
5140.     }
5141.  
5142.     if (pAS->_fHaveCredHandle) {
5143.         SSPLogonError = p_SSPI_Func->FreeCredentialHandle (&pAS->_hcred);
5144.         debug(F111,"TermSession FreeCredentials Handle",
5145.                sspi_errstr(SSPLogonError),SSPLogonError);
5146.     }
5147.  
5148.     free (pAS);
5149.     return(TRUE);
5150. }
5151.  
5152. BOOL GenClientContext ( DWORD dwKey,
5153.                         SEC_WINNT_AUTH_IDENTITY *pAuthIdentity,
5154.                         BYTE *pIn,
5155.                         DWORD cbIn,
5156.                         BYTE *pOut,
5157.                         DWORD *pcbOut,
5158.                         BOOL *pfDone)
5159. /*++
5160.  
5161.  Routine Description:
5162.  
5163.     Optionally takes an input buffer coming from the server and returns
5164.         a buffer of information to send back to the server.  Also returns
5165.         an indication of whether or not the context is complete.
5166.  
5167.  Return Value:
5168.  
5169.     Returns TRUE is successful; otherwise FALSE is returned.
5170.  
5171. --*/
5172. {
5173.     SECURITY_STATUS     ss;
5174.     TimeStamp           Lifetime;
5175.     SecBufferDesc       OutBuffDesc;
5176.     SecBuffer           OutSecBuff;
5177.     SecBufferDesc       InBuffDesc;
5178.     SecBuffer           InSecBuff;
5179.     ULONG               ContextAttributes;
5180.     PAUTH_SEQ           pAS;
5181.  
5182.     // Lookup pAS based on Key
5183.     //
5184.     if (!GetEntry (dwKey, (PVOID*) &pAS)) {
5185.         debug(F110,"GenClientContext","GetEntry failed",0);
5186.         return(FALSE);
5187.     }
5188.  
5189.     if (pAS->_fNewConversation)  {
5190.         ss = p_SSPI_Func->AcquireCredentialsHandle (NULL,       // principal
5191.                                                      NTLMSP_NAME_A,
5192.                                                      SECPKG_CRED_OUTBOUND,
5193.                                                      NULL,      // LOGON id
5194.                                                      pAuthIdentity, // auth data
5195.                                                      NULL,      // get key fn
5196.                                                      NULL,      // get key arg
5197.                                                      &pAS->_hcred,
5198.                                                      &Lifetime
5199.                                                      );
5200.         debug(F111,"GenClientContext AcquireCredentialsHandle",sspi_errstr(ss),ss);
5201.         if (ss >= 0)
5202.             pAS->_fHaveCredHandle = TRUE;
5203.         else {
5204.             SSPLogonError = ss;
5205.             return(FALSE);
5206.         }
5207.     }
5208.  
5209.     // prepare output buffer
5210.     //
5211.     OutBuffDesc.ulVersion = 0;
5212.     OutBuffDesc.cBuffers = 1;
5213.     OutBuffDesc.pBuffers = &OutSecBuff;
5214.  
5215.     OutSecBuff.cbBuffer = *pcbOut;
5216.     OutSecBuff.BufferType = SECBUFFER_TOKEN;
5217.     OutSecBuff.pvBuffer = pOut;
5218.  
5219.     // prepare input buffer
5220.     //
5221.     if (!pAS->_fNewConversation)  {
5222.         InBuffDesc.ulVersion = 0;
5223.         InBuffDesc.cBuffers = 1;
5224.         InBuffDesc.pBuffers = &InSecBuff;
5225.  
5226.         InSecBuff.cbBuffer = cbIn;
5227.         InSecBuff.BufferType = SECBUFFER_TOKEN;
5228.         InSecBuff.pvBuffer = pIn;
5229.     }
5230.  
5231.     ss = p_SSPI_Func->InitializeSecurityContext ( &pAS->_hcred,
5232.                                                   pAS->_fNewConversation ? NULL : &pAS->_hctxt,
5233.                                                   NULL,
5234.                                                   0,    // context requirements
5235.                                                   0,    // reserved1
5236.                                                   SECURITY_NATIVE_DREP,
5237.                                                   pAS->_fNewConversation ? NULL : &InBuffDesc,
5238.                                                   0,    // reserved2
5239.                                                   &pAS->_hctxt,
5240.                                                   &OutBuffDesc,
5241.                                                   &ContextAttributes,
5242.                                                   &Lifetime
5243.                                                   );
5244.     if ( pAS->_fNewConversation )
5245.         debug(F111,"GenClientContext InitializeSecurityContext (new conversation)",sspi_errstr(ss),ss);
5246.     else
5247.         debug(F111,"GenClientContext InitializeSecurityContext (old conversation)",sspi_errstr(ss),ss);
5248.  
5249.     if (ss < 0)  {
5250.         SSPLogonError = ss;
5251.         return FALSE;
5252.     }
5253.  
5254.     pAS->_fHaveCtxtHandle = TRUE;
5255.  
5256.     // Complete token -- if applicable
5257.     //
5258.     if ((SEC_I_COMPLETE_NEEDED == ss) || (SEC_I_COMPLETE_AND_CONTINUE == ss))  {
5259.         if (p_SSPI_Func->CompleteAuthToken) {
5260.             ss = p_SSPI_Func->CompleteAuthToken (&pAS->_hctxt, &OutBuffDesc);
5261.             debug(F111,"GenClientContext CompleteAuthToken",sspi_errstr(ss),ss);
5262.             if (ss < 0)  {
5263.                 SSPLogonError = ss;
5264.                 return FALSE;
5265.             }
5266.         }
5267.         else {
5268.             SSPLogonError = SEC_E_UNSUPPORTED_FUNCTION;
5269.             debug(F110,"GenClientContext CompleteAuthToken missing","Logon not supported",0);
5270.             return FALSE;
5271.         }
5272.     }
5273.  
5274.     *pcbOut = OutSecBuff.cbBuffer;
5275.  
5276.     if (pAS->_fNewConversation)
5277.         pAS->_fNewConversation = FALSE;
5278.  
5279.     *pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
5280.                  (SEC_I_COMPLETE_AND_CONTINUE == ss));
5281.  
5282.     SSPLogonError = SEC_E_OK;
5283.     return TRUE;
5284. }
5285.  
5286. BOOL GenServerContext ( DWORD dwKey,
5287.                         BYTE *pIn,
5288.                         DWORD cbIn,
5289.                         BYTE *pOut,
5290.                         DWORD *pcbOut,
5291.                         BOOL *pfDone,
5292.                         CtxtHandle * phContext)
5293. /*++
5294.  
5295.  Routine Description:
5296.  
5297.     Takes an input buffer coming from the client and returns a buffer
5298.         to be sent to the client.  Also returns an indication of whether or
5299.         not the context is complete.
5300.  
5301.  Return Value:
5302.  
5303.     Returns TRUE is successful; otherwise FALSE is returned.
5304.  
5305. --*/
5306. {
5307.     SECURITY_STATUS     ss;
5308.     TimeStamp           Lifetime;
5309.     SecBufferDesc       OutBuffDesc;
5310.     SecBuffer           OutSecBuff;
5311.     SecBufferDesc       InBuffDesc;
5312.     SecBuffer           InSecBuff;
5313.     ULONG               ContextAttributes;
5314.     PAUTH_SEQ           pAS;
5315.  
5316.     // Lookup pAS based on Key
5317.     //
5318.     if (!GetEntry (dwKey, (PVOID*) &pAS)) {
5319.         SSPLogonError = SEC_E_INVALID_HANDLE;
5320.         debug(F110,"GenServerContext","GetEntry failed",0);
5321.         return(FALSE);
5322.     }
5323.  
5324.     if (pAS->_fNewConversation)  {
5325.         ss = p_SSPI_Func->AcquireCredentialsHandle ( NULL,      // principal
5326.                                                      NTLMSP_NAME_A,
5327.                                                      SECPKG_CRED_INBOUND,
5328.                                                      NULL,      // LOGON id
5329.                                                      NULL,      // auth data
5330.                                                      NULL,      // get key fn
5331.                                                      NULL,      // get key arg
5332.                                                      &pAS->_hcred,
5333.                                                      &Lifetime
5334.                                                      );
5335.         debug(F111,"GenServerContext AcquireCredentialsHandle()",
5336.                sspi_errstr(ss),ss);
5337.         if (ss >= 0)
5338.             pAS->_fHaveCredHandle = TRUE;
5339.         else {
5340.             SSPLogonError = ss;
5341.             return(FALSE);
5342.         }
5343.     }
5344.  
5345.     // prepare output buffer
5346.     //
5347.     OutBuffDesc.ulVersion = 0;
5348.     OutBuffDesc.cBuffers = 1;
5349.     OutBuffDesc.pBuffers = &OutSecBuff;
5350.  
5351.     OutSecBuff.cbBuffer = *pcbOut;
5352.     OutSecBuff.BufferType = SECBUFFER_TOKEN;
5353.     OutSecBuff.pvBuffer = pOut;
5354.  
5355.     // prepare input buffer
5356.     //
5357.     InBuffDesc.ulVersion = 0;
5358.     InBuffDesc.cBuffers = 1;
5359.     InBuffDesc.pBuffers = &InSecBuff;
5360.  
5361.     InSecBuff.cbBuffer = cbIn;
5362.     InSecBuff.BufferType = SECBUFFER_TOKEN;
5363.     InSecBuff.pvBuffer = pIn;
5364.  
5365.     ss = p_SSPI_Func->AcceptSecurityContext ( &pAS->_hcred,
5366.                                               pAS->_fNewConversation ? NULL : &pAS->_hctxt,
5367.                                               &InBuffDesc,
5368.                                               0,        // context requirements
5369.                                               SECURITY_NATIVE_DREP,
5370.                                               &pAS->_hctxt,
5371.                                               &OutBuffDesc,
5372.                                               &ContextAttributes,
5373.                                               &Lifetime
5374.                                               );
5375.     if ( pAS->_fNewConversation )
5376.         debug(F111,"GenServerContext AcceptSecurityContext() (new conversation)",
5377.                sspi_errstr(ss),ss);
5378.     else
5379.         debug(F111,"GenServerContext AcceptSecurityContext() (old conversation)",
5380.                sspi_errstr(ss),ss);
5381.     if (ss < 0)  {
5382.         SSPLogonError = ss;
5383.         return FALSE;
5384.     }
5385.  
5386.     pAS->_fHaveCtxtHandle = TRUE;
5387.  
5388.     // Complete token -- if applicable
5389.     //
5390.     if ((SEC_I_COMPLETE_NEEDED == ss) || (SEC_I_COMPLETE_AND_CONTINUE == ss))  {
5391.         if (p_SSPI_Func->CompleteAuthToken) {
5392.             ss = p_SSPI_Func->CompleteAuthToken (&pAS->_hctxt, &OutBuffDesc);
5393.             debug(F111,"GenServerContext CompleteAuthToken()",
5394.                    sspi_errstr(ss),ss);
5395.             if (ss < 0)  {
5396.                 SSPLogonError = ss;
5397.                 return FALSE;
5398.             }
5399.         }
5400.         else {
5401.             SSPLogonError = SEC_E_UNSUPPORTED_FUNCTION;
5402.             debug(F110,"GenServerContext CompleteAuthToken missing",
5403.                    "Logon Not Supported",0);
5404.             return FALSE;
5405.         }
5406.     }
5407.  
5408.     *pcbOut = OutSecBuff.cbBuffer;
5409.  
5410.     if (pAS->_fNewConversation)
5411.         pAS->_fNewConversation = FALSE;
5412.  
5413.     *pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
5414.                  (SEC_I_COMPLETE_AND_CONTINUE == ss));
5415.  
5416.     if (*pfDone && phContext) {
5417.         haveNTLMContext = 1;
5418.         memcpy(phContext,&pAS->_hctxt,sizeof(CtxtHandle));
5419.         ZeroMemory(&pAS->_hctxt,sizeof(CtxtHandle));
5420.         pAS->_fHaveCtxtHandle = FALSE;
5421.     }
5422.     SSPLogonError = SEC_E_OK;
5423.     return TRUE;
5424. }
5425.  
5426. void
5427. ntlm_logout() {
5428.     if ( haveNTLMContext ) {
5429.         p_SSPI_Func->RevertSecurityContext(&hNTLMContext);
5430.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
5431.     }
5432.     haveNTLMContext = 0;
5433.     SSPLogonError = SEC_E_OK;
5434. }
5435.  
5436. BOOL
5437. SSPLogonUser( LPTSTR DomainName,
5438.               LPTSTR UserName,
5439.               LPTSTR Password )
5440. {
5441.  
5442.     BOOL done = FALSE;
5443.     DWORD cbOut, cbIn;
5444.     char szUser[80];
5445.     DWORD cbUser = 80;
5446.     SEC_WINNT_AUTH_IDENTITY AuthIdentity;
5447.  
5448.     if ( !p_SSPI_Func ) {
5449.         SSPLogonError = SEC_E_SECPKG_NOT_FOUND;
5450.         debug(F110,"SSPLogonUser","NTLM SSPI not installed",0);
5451.         return(FALSE);
5452.     }
5453.  
5454.     if(!InitSession(0)) {
5455.         debug(F110,"SSPLogonUser","unable to Init Session 0",0);
5456.         SSPLogonError = SEC_E_INTERNAL_ERROR;
5457.         return(FALSE);
5458.     }
5459.  
5460.     if(!InitSession(1)) {
5461.         debug(F110,"SSPLogonUser","unable to Init Session 1",0);
5462.         SSPLogonError = SEC_E_INTERNAL_ERROR;
5463.         return(FALSE);
5464.     }
5465.  
5466.     ntlm_pClientBuf = (PBYTE) malloc(ntlm_cbMaxToken);
5467.     ntlm_pServerBuf = (PBYTE) malloc(ntlm_cbMaxToken);
5468.  
5469.     if ( haveNTLMContext ) {
5470.         SSPLogonError = p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
5471.         debug(F110,"SSPLogonUser DeleteSecurityContext",sspi_errstr(SSPLogonError),SSPLogonError);
5472.     }
5473.  
5474.     ZeroMemory( &hNTLMContext,sizeof(hNTLMContext));
5475.     ZeroMemory( &AuthIdentity, sizeof(AuthIdentity) );
5476.  
5477.     if ( DomainName != NULL )
5478.     {
5479.         AuthIdentity.Domain = DomainName;
5480.         AuthIdentity.DomainLength = lstrlen(DomainName);
5481.     }
5482.  
5483.     if ( UserName != NULL )
5484.     {
5485.         AuthIdentity.User = UserName;
5486.         AuthIdentity.UserLength = lstrlen(UserName);
5487.     }
5488.  
5489.     if ( Password != NULL )
5490.     {
5491.         AuthIdentity.Password = Password;
5492.         AuthIdentity.PasswordLength = lstrlen(Password);
5493.     }
5494.  
5495. #ifdef UNICODE
5496.     AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
5497. #else
5498.     AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
5499. #endif
5500.  
5501.     //
5502.     // Prepare client message (negotiate).
5503.     //
5504.     cbOut = ntlm_cbMaxToken;
5505.     if (!GenClientContext (0,
5506.                             &AuthIdentity,
5507.                             NULL,
5508.                             0,
5509.                             ntlm_pClientBuf,
5510.                             &cbOut,
5511.                             &done))
5512.     {
5513.         debug(F111,"SSPLogonUser","GenClientContext failed (negotiate)",
5514.                SSPLogonError);
5515.         return(FALSE);
5516.      }
5517.  
5518.     cbIn = cbOut;
5519.     //
5520.     // Prepare server message (challenge).
5521.     //
5522.     cbOut = ntlm_cbMaxToken;
5523.     if (!GenServerContext (1,
5524.                             ntlm_pClientBuf,
5525.                             cbIn,
5526.                             ntlm_pServerBuf,
5527.                             &cbOut,
5528.                             &done,
5529.                             NULL))
5530.     {
5531.     //
5532.     // Most likely failure: AcceptServerContext fails with
5533.     // SEC_E_LOGON_DENIED in the case of bad username or password
5534.     //
5535.     // Unexpected Result: Logon will succeed if you pass in a bad
5536.     // username and the guest account is enabled in the specified
5537.     // domain.
5538.     //
5539.         debug(F111,"SSPLogonUser","GenServerContext failed (challenge)",
5540.                SSPLogonError);
5541.         return(FALSE);
5542.     }
5543.  
5544.     cbIn = cbOut;
5545.     //
5546.     // Prepare client message (authenticate).
5547.     //
5548.     cbOut = ntlm_cbMaxToken;
5549.     if (!GenClientContext (0,
5550.                             &AuthIdentity,
5551.                             ntlm_pServerBuf,
5552.                             cbIn,
5553.                             ntlm_pClientBuf,
5554.                              &cbOut,
5555.                             &done))
5556.     {
5557.         debug(F111,"SSPLogonUser","GenClientContext failed (authenticate)",
5558.                SSPLogonError);
5559.         return(FALSE);
5560.     }
5561.  
5562.     cbIn = cbOut;
5563.     //
5564.     // Prepare server message (authentication).
5565.     //
5566.     cbOut = ntlm_cbMaxToken;
5567.     if (!GenServerContext (1,
5568.                             ntlm_pClientBuf,
5569.                             cbIn,
5570.                             ntlm_pServerBuf,
5571.                              &cbOut,
5572.                             &done,
5573.                             &hNTLMContext))
5574.     {
5575.         debug(F111,"SSPLogonUser","GenServerContext failed (authentication)",
5576.                SSPLogonError);
5577.         return(FALSE);
5578.     }
5579.  
5580.     TermSession(0);
5581.     TermSession(1);
5582.  
5583.     free(ntlm_pClientBuf);
5584.     free(ntlm_pServerBuf);
5585.  
5586.     SSPLogonError = SEC_E_OK;
5587.     return(TRUE);
5588. }
5589. #endif /* NTLM */
5590.  
5591. #ifdef NT
5592. HINSTANCE hKRB5_32 = NULL;
5593. HINSTANCE hKRB4_32 = NULL;
5594. HINSTANCE hCOMERR32 = NULL;
5595. HINSTANCE hPROFILE = NULL;
5596. HINSTANCE hKRB42UID = NULL;
5597. HINSTANCE hKRB52UID = NULL;
5598. HINSTANCE hGSSAPI = NULL;
5599. HINSTANCE hKRB524 = NULL;
5600. #else /* NT */
5601. HMODULE hKRB5_32 = NULL;
5602. HMODULE hKRB4_32 = NULL;
5603. HMODULE hCOMERR32 = NULL;
5604. HMODULE hPROFILE = NULL;
5605. HMODULE hKRB42UID = NULL;
5606. HMODULE hKRB52UID = NULL;
5607. HMODULE hGSSAPI = NULL;
5608. HMODULE hEMX = NULL;
5609. #endif /* NT */
5610. static int cygnus = 0;
5611.  
5612. static void
5613. ck_krb4_loaddll_eh( void )
5614. {
5615.     if ( hKRB4_32 ) {
5616. #ifdef NT
5617.         FreeLibrary(hKRB4_32);
5618.         hKRB4_32 = NULL;
5619. #else /* NT */
5620.         DosFreeModule(hKRB4_32);
5621.         hKRB4_32 = 0;
5622. #endif  /* NT */
5623.     }
5624.     if ( hKRB42UID ) {
5625. #ifdef NT
5626.         FreeLibrary(hKRB42UID);
5627.         hKRB42UID = NULL;
5628. #else /* NT */
5629.         DosFreeModule(hKRB42UID);
5630.         hKRB42UID = 0;
5631. #endif  /* NT */
5632.     }
5633.  
5634. #ifdef KRB4
5635.     p_krb_get_err_text_entry         = NULL;
5636.     p_krb_get_cred                   = NULL;
5637.     p_krb_mk_req                     = NULL;
5638.     p_krb_realmofhost                = NULL;
5639.     p_krb_get_phost                  = NULL;
5640.     p_k4_des_new_random_key             = NULL;
5641.     p_k4_des_set_random_generator_seed  = NULL;
5642.     p_k4_des_key_sched                  = NULL;
5643.     p_k4_des_ecb_encrypt                = NULL;
5644.     p_k4_des_pcbc_encrypt               = NULL;
5645.     p_k4_des_string_to_key            = NULL;
5646.     p_k4_des_fixup_key_parity         = NULL;
5647.     p_krb_get_pw_in_tkt               = NULL;
5648.     p_krb_get_pw_in_tkt_preauth       = NULL;
5649.     p_krb_get_lrealm                  = NULL;
5650.     p_krb_get_err_text                = NULL;
5651.     p_kname_parse                     = NULL;
5652.     p_dest_tkt                        = NULL;
5653.     p_krb_get_tf_realm                = NULL;
5654.     p_krb_get_tf_fullname             = NULL;
5655.     p_tf_get_pname                    = NULL;
5656.     p_tf_get_pinst                    = NULL;
5657.     p_tf_get_cred                     = NULL;
5658.     p_tf_close                        = NULL;
5659.     p_tf_init                         = NULL;
5660.     p_tkt_string                      = NULL;
5661.     p_krb_check_serv                  = NULL;
5662.     p_kuserok                         = NULL;
5663.     p_krb_kntoln                      = NULL;
5664.     p_krb_rd_req                      = NULL;
5665.     p_krb_sendauth                    = NULL;
5666.     p_set_krb_debug                   = NULL;
5667.     p_set_krb_ap_req_debug            = NULL;
5668.     p_krb_mk_safe      = NULL;
5669.     p_krb_mk_priv      = NULL;
5670.     p_krb_rd_priv      = NULL;
5671.     p_krb_rd_safe      = NULL;
5672.     p_krb_in_tkt       = NULL;
5673.     p_krb_save_credentials = NULL;
5674.  
5675.     p_k95_k4_princ_to_userid = NULL;
5676.     p_k95_k4_userok = NULL;
5677. #endif /* KRB4 */
5678. }
5679.  
5680. static void
5681. ck_krb5_loaddll_eh( void )
5682. {
5683. #ifdef OS2ONLY
5684.     if ( hEMX ) {
5685.         DosFreeModule(hEMX);
5686.         hEMX = 0;
5687.     }
5688. #endif /* OS2 */
5689.     if ( hPROFILE ) {
5690. #ifdef NT
5691.         FreeLibrary(hPROFILE);
5692.         hPROFILE = NULL;
5693. #else /* NT */
5694.         DosFreeModule(hPROFILE);
5695.         hPROFILE = 0;
5696. #endif  /* NT */
5697.     }
5698.     if ( hKRB5_32 ) {
5699. #ifdef NT
5700.         FreeLibrary(hKRB5_32);
5701.         hKRB5_32 = NULL;
5702. #else /* NT */
5703.         DosFreeModule(hKRB5_32);
5704.         hKRB5_32 = 0;
5705. #endif  /* NT */
5706.     }
5707.     if ( hCOMERR32 ) {
5708. #ifdef NT
5709.         FreeLibrary(hCOMERR32);
5710.         hCOMERR32 = NULL;
5711. #else /* NT */
5712.         DosFreeModule(hCOMERR32);
5713.         hCOMERR32 = 0;
5714. #endif /* NT */
5715.     }
5716. #ifdef NT
5717.     if ( hKRB524 ) {
5718.         FreeLibrary(hKRB524);
5719.         hKRB524 = NULL;
5720.     }
5721. #endif /* NT */
5722.  
5723.     if ( hKRB52UID ) {
5724. #ifdef NT
5725.         FreeLibrary(hKRB52UID);
5726.         hKRB52UID = NULL;
5727. #else /* NT */
5728.         DosFreeModule(hKRB52UID);
5729.         hKRB52UID = 0;
5730. #endif  /* NT */
5731.     }
5732.  
5733.     cygnus = 0;
5734. #ifdef KRB5
5735.     p_com_err                        = NULL;
5736.     p_com_err_va                     = NULL;
5737.     p_error_message                  = NULL;
5738.     p_krb5_free_creds                = NULL;
5739.     p_krb5_free_data                 = NULL;
5740.     p_krb5_free_data_contents        = NULL;
5741.     p_krb5_copy_keyblock             = NULL;
5742.     p_krb5_free_keyblock             = NULL;
5743.     p_krb5_auth_con_getlocalsubkey   = NULL;
5744.     p_krb5_mk_req_extended           = NULL;
5745.     p_krb5_mk_req                    = NULL;
5746.     p_krb5_auth_con_setflags         = NULL;
5747.     p_krb5_auth_con_init             = NULL;
5748.     p_krb5_auth_con_free             = NULL;
5749.     p_krb5_get_credentials           = NULL;
5750.     p_krb5_free_cred_contents        = NULL;
5751.     p_krb5_sname_to_principal        = NULL;
5752.     p_krb5_cc_default                = NULL;
5753.     p_krb5_free_ap_rep_enc_part      = NULL;
5754.     p_krb5_rd_rep                    = NULL;
5755.     p_krb5_init_context              = NULL;
5756.     p_krb5_init_ets                  = NULL;
5757.     p_krb5_free_context              = NULL;
5758.     p_krb5_free_principal            = NULL;
5759.     p_krb5_free_unparsed_name        = NULL;
5760.     p_krb5_fwd_tgt_creds             = NULL;
5761.     p_krb5_auth_con_genaddrs         = NULL;
5762.     p_des_new_random_key             = NULL;
5763.     p_des_set_random_generator_seed  = NULL;
5764.     p_des_key_sched                  = NULL;
5765.     p_des_ecb_encrypt                = NULL;
5766.     p_des_pcbc_encrypt               = NULL;
5767.     p_des_string_to_key              = NULL;
5768.     p_des_fixup_key_parity           = NULL;
5769.  
5770.     p_krb5_get_host_realm            = NULL;
5771.     p_krb5_free_host_realm           = NULL;
5772.     p_krb5_get_in_tkt_with_keytab    = NULL;
5773.     p_krb5_get_in_tkt_with_password  = NULL;
5774.     p_krb5_read_password             = NULL;
5775.     p_krb5_build_principal_ext       = NULL;
5776.     p_krb5_unparse_name              = NULL;
5777.     p_krb5_parse_name                = NULL;
5778.     p_krb5_cc_resolve                = NULL;
5779.     p_krb5_cc_default_name           = NULL;
5780.     p_krb5_string_to_timestamp       = NULL;
5781.     p_krb5_kt_resolve                = NULL;
5782.     p_krb5_string_to_deltat          = NULL;
5783.     p_krb5_timeofday                 = NULL;
5784.     p_krb5_get_credentials_renew     = NULL;
5785.     p_krb5_get_credentials_validate  = NULL;
5786.     p_krb5_copy_principal            = NULL;
5787.     p_krb5_timestamp_to_sfstring     = NULL;
5788.     p_krb5_kt_default                = NULL;
5789.     p_krb5_free_ticket               = NULL;
5790.     p_decode_krb5_ticket             = NULL;
5791.     p_cygnus_decode_krb5_ticket      = NULL;
5792.  
5793. #ifdef CHECKADDRS
5794.     p_krb5_os_localaddr              = NULL;
5795.     p_krb5_address_search            = NULL;
5796.     p_krb5_free_addresses            = NULL;
5797. #endif /* CHECKADDRS */
5798.  
5799.     p_krb5_auth_con_getremotesubkey  = NULL;
5800.     p_krb5_mk_rep                    = NULL;
5801.     p_krb5_free_authenticator        = NULL;
5802.     p_krb5_verify_checksum           = NULL;
5803.     p_krb5_auth_con_getkey           = NULL;
5804.     p_krb5_auth_con_getauthenticator = NULL;
5805.     p_krb5_rd_req                    = NULL;
5806.     p_krb5_auth_con_setrcache        = NULL;
5807.     p_krb5_get_server_rcache         = NULL;
5808.     p_krb5_auth_con_getrcache        = NULL;
5809.     p_krb5_free_tgt_creds            = NULL;
5810.     p_krb5_rd_cred                   = NULL;
5811.  
5812.     p_krb5_c_enctype_compare         = NULL;
5813.     p_krb5_free_error                = NULL;
5814.     p_krb5_sendauth                  = NULL;
5815.     p_krb5_process_key               = NULL;
5816.     p_krb5_use_enctype               = NULL;
5817.     p_krb5_encrypt                   = NULL;
5818.     p_krb5_encrypt_size              = NULL;
5819.     p_krb5_decrypt                   = NULL;
5820.     p_krb5_kuserok                   = NULL;
5821.     p_krb5_appdefault_boolean        = NULL;
5822.     p_krb5_appdefault_string         = NULL;
5823.  
5824.     p_krb5_get_init_creds_password             = NULL;
5825.     p_krb5_get_init_creds_opt_set_address_list = NULL;
5826.     p_krb5_get_renewed_creds                   = NULL;
5827.     p_krb5_get_validated_creds                 = NULL;
5828.     p_krb5_get_init_creds_opt_set_tkt_life     = NULL;
5829.     p_krb5_get_init_creds_opt_set_forwardable  = NULL;
5830.     p_krb5_get_init_creds_opt_set_proxiable    = NULL;
5831.     p_krb5_get_init_creds_opt_set_renew_life   = NULL;
5832.     p_krb5_get_init_creds_opt_init             = NULL;
5833.     p_krb5_get_init_creds_opt_set_etype_list   = NULL;
5834.     p_krb5_get_init_creds_opt_set_preauth_list = NULL;
5835.     p_krb5_get_init_creds_opt_set_salt         = NULL;
5836.  
5837.     p_krb5_rd_safe                  = NULL;
5838.     p_krb5_mk_safe                  = NULL;
5839.     p_krb5_rd_priv                  = NULL;
5840.     p_krb5_mk_priv                  = NULL;
5841.     p_krb5_auth_con_setuseruserkey  = NULL;
5842.     p_krb5_get_profile              = NULL;
5843.  
5844.     p_profile_get_subsection_names = NULL;
5845.     p_profile_get_relation_names   = NULL;
5846.  
5847.     p_k95_k5_principal_to_localname = NULL;
5848.     p_k95_k5_userok = NULL;
5849.  
5850.     p_krb5_free_keyblock_contents = NULL;
5851.     p_krb5_c_encrypt = NULL;
5852.     p_krb5_c_decrypt = NULL;
5853.     p_krb5_c_make_random_key = NULL;
5854.     p_krb5_c_random_seed = NULL;
5855.     p_krb5_c_encrypt_length = NULL;
5856.     p_krb5_c_block_size = NULL;
5857.     p_krb5_kt_default_name = NULL;
5858.  
5859.     p_krb5_cc_get_principal   = NULL;
5860.     p_krb5_cc_store_cred      = NULL;
5861.     p_krb5_cc_initialize      = NULL;
5862.     p_krb5_cc_destroy         = NULL;
5863.     p_krb5_cc_end_seq_get     = NULL;
5864.     p_krb5_cc_next_cred       = NULL;
5865.     p_krb5_cc_start_seq_get   = NULL;
5866.     p_krb5_cc_get_type        = NULL;
5867.     p_krb5_cc_get_name        = NULL;
5868.     p_krb5_cc_set_flags       = NULL;
5869.     p_krb5_cc_close           = NULL;
5870.  
5871.     p_krb5_kt_get_type        = NULL;
5872.     p_krb5_kt_get_name        = NULL;
5873.     p_krb5_kt_close           = NULL;
5874.     p_krb5_kt_get_entry       = NULL;
5875.     p_krb5_kt_start_seq_get   = NULL;
5876.     p_krb5_kt_next_entry      = NULL;
5877.     p_krb5_kt_end_seq_get     = NULL;
5878.     p_krb5_build_principal    = NULL;
5879.  
5880.     p_krb524_init_ets         = NULL;
5881.     p_krb524_convert_creds_kdc = NULL;
5882. #endif /* KRB5 */
5883. }
5884.  
5885. int
5886. ck_krb4_loaddll( void )
5887. {
5888. #ifdef KRB4
5889.     ULONG rc = 0 ;
5890.     int load_error = 0, len;
5891. #ifdef OS2ONLY
5892.     CHAR *exe_path;
5893.     CHAR path[256];
5894.     CHAR * dllname = "KRB4_32";
5895. #endif /* OS2ONLY */
5896.  
5897. #ifdef NT
5898.     HINSTANCE hLEASH;
5899.  
5900.     if ( !(hKRB4_32 = LoadLibrary("KRBV4W32")) ) {
5901.         rc = GetLastError() ;
5902.         debug(F111, "Kerberos LoadLibrary failed","KRBV4W32",rc) ;
5903.         ck_krb4_loaddll_eh();
5904.     }
5905.     if ( !hKRB4_32 &&
5906.          !(hKRB4_32 = LoadLibrary("KRB4_32"))) {
5907.         rc = GetLastError() ;
5908.         debug(F111, "Kerberos LoadLibrary failed","KRB4_32",rc) ;
5909.         ck_krb4_loaddll_eh();
5910.     }
5911.     if (hKRB4_32) {
5912.         debug(F100,"Kerberos IV support provided by MIT Leash","",0);
5913.         if (((FARPROC) p_krb_get_err_text_entry =
5914.               GetProcAddress( hKRB4_32, "get_krb_err_txt_entry" )) == NULL )
5915.         {
5916.             rc = GetLastError() ;
5917.             debug(F111,
5918.                   "Kerberos GetProcAddress failed","get_krb_err_txt_entry",rc);
5919.             load_error = 1;
5920.         }
5921.         if (((FARPROC) p_krb_get_cred =
5922.               GetProcAddress( hKRB4_32, "krb_get_cred" )) == NULL )
5923.         {
5924.             rc = GetLastError() ;
5925.             debug(F111, "Kerberos GetProcAddress failed","krb_get_cred",rc) ;
5926.             load_error = 1;
5927.         }
5928.         if (((FARPROC) p_krb_mk_req =
5929.               GetProcAddress( hKRB4_32, "krb_mk_req" )) == NULL )
5930.         {
5931.             rc = GetLastError() ;
5932.             debug(F111, "Kerberos GetProcAddress failed","krb_mk_req",rc) ;
5933.             load_error = 1;
5934.         }
5935.         if (((FARPROC) p_krb_realmofhost =
5936.               GetProcAddress( hKRB4_32, "krb_realmofhost" )) == NULL )
5937.         {
5938.             rc = GetLastError() ;
5939.             debug(F111,"Kerberos GetProcAddress failed","krb_realmofhost",rc);
5940.             load_error = 1;
5941.         }
5942.         if (((FARPROC) p_krb_get_phost =
5943.               GetProcAddress( hKRB4_32, "krb_get_phost" )) == NULL )
5944.         {
5945.             rc = GetLastError() ;
5946.             debug(F111, "Kerberos GetProcAddress failed","krb_get_phost",rc) ;
5947.             load_error = 1;
5948.         }
5949.  
5950.         /* The DES functions are not required.  But if we do not have */
5951.         /* them and do not have the CRYPT DLL we will not be able to  */
5952.         /* perform mutual authentication.                             */
5953.         if (((FARPROC) p_k4_des_ecb_encrypt =
5954.               GetProcAddress( hKRB4_32, "des_ecb_encrypt" )) == NULL )
5955.         {
5956.             rc = GetLastError() ;
5957.             debug(F111,"Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
5958.         }
5959.         if (((FARPROC) p_k4_des_pcbc_encrypt =
5960.               GetProcAddress( hKRB4_32, "des_pcbc_encrypt" )) == NULL )
5961.         {
5962.             rc = GetLastError() ;
5963.             debug(F111,"Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
5964.         }
5965.         if (((FARPROC) p_k4_des_new_random_key =
5966.               GetProcAddress( hKRB4_32, "des_new_random_key" )) == NULL )
5967.         {
5968.             rc = GetLastError() ;
5969.             debug(F111,
5970.                   "Kerberos GetProcAddress failed","des_new_random_key",rc) ;
5971.         }
5972.         if (((FARPROC) p_k4_des_key_sched =
5973.               GetProcAddress( hKRB4_32, "des_key_sched" )) == NULL )
5974.         {
5975.             rc = GetLastError() ;
5976.             debug(F111, "Kerberos GetProcAddress failed","des_key_sched",rc) ;
5977.         }
5978.         if (((FARPROC) p_k4_des_set_random_generator_seed =
5979.              GetProcAddress(hKRB4_32,"des_set_random_generator_seed")) == NULL)
5980.         {
5981.             rc = GetLastError() ;
5982.             debug(F111, "Kerberos GetProcAddress failed",
5983.                    "des_set_random_generator_seed",rc) ;
5984.         }
5985.  
5986.         if (((FARPROC) p_krb_get_pw_in_tkt =
5987.               GetProcAddress( hKRB4_32, "krb_get_pw_in_tkt" )) == NULL )
5988.         {
5989.             rc = GetLastError() ;
5990.             debug(F111, "Kerberos GetProcAddress failed",
5991.                    "krb_get_pw_in_tkt",rc) ;
5992.             load_error = 1;
5993.         }
5994.         /* Not supported in Leash */
5995.         if (((FARPROC) p_krb_get_pw_in_tkt_preauth =
5996.              GetProcAddress( hKRB4_32, "krb_get_pw_in_tkt_preauth" )) == NULL )
5997.         {
5998.             rc = GetLastError() ;
5999.             debug(F111, "Kerberos GetProcAddress failed",
6000.                    "krb_get_pw_in_tkt_preauth",rc) ;
6001.         }
6002.         if (((FARPROC) p_krb_get_lrealm =
6003.               GetProcAddress( hKRB4_32, "krb_get_lrealm" )) == NULL )
6004.         {
6005.             rc = GetLastError() ;
6006.             debug(F111, "Kerberos GetProcAddress failed",
6007.                    "krb_get_lrealm",rc) ;
6008.             load_error = 1;
6009.         }
6010.         if (((FARPROC) p_krb_get_err_text =
6011.               GetProcAddress( hKRB4_32, "krb_get_err_text" )) == NULL )
6012.         {
6013.             rc = GetLastError() ;
6014.             debug(F111, "Kerberos GetProcAddress failed",
6015.                    "krb_get_err_text",rc) ;
6016.         }
6017.         if (((FARPROC) p_kname_parse =
6018.               GetProcAddress( hKRB4_32, "kname_parse" )) == NULL )
6019.         {
6020.             rc = GetLastError() ;
6021.             debug(F111, "Kerberos GetProcAddress failed",
6022.                    "kname_parse",rc) ;
6023.             load_error = 1;
6024.         }
6025.         if (((FARPROC) p_dest_tkt =
6026.               GetProcAddress( hKRB4_32, "dest_tkt" )) == NULL )
6027.         {
6028.             rc = GetLastError() ;
6029.             debug(F111, "Kerberos GetProcAddress failed",
6030.                    "dest_tkt",rc) ;
6031.             load_error = 1;
6032.         }
6033.         if (((FARPROC) p_krb_get_tf_realm =
6034.               GetProcAddress( hKRB4_32, "krb_get_tf_realm" )) == NULL )
6035.         {
6036.             rc = GetLastError() ;
6037.             debug(F111, "Kerberos GetProcAddress failed",
6038.                    "krb_get_tf_realm",rc) ;
6039.             load_error = 1;
6040.         }
6041.         if (((FARPROC) p_krb_get_tf_fullname =
6042.               GetProcAddress( hKRB4_32, "krb_get_tf_fullname" )) == NULL )
6043.         {
6044.             rc = GetLastError() ;
6045.             debug(F111, "Kerberos GetProcAddress failed",
6046.                    "krb_get_tf_fullname",rc) ;
6047.             load_error = 1;
6048.         }
6049.         if (((FARPROC) p_tf_get_pname =
6050.               GetProcAddress( hKRB4_32, "tf_get_pname" )) == NULL )
6051.         {
6052.             rc = GetLastError() ;
6053.             debug(F111, "Kerberos GetProcAddress failed",
6054.                    "tf_get_pname",rc) ;
6055.             load_error = 1;
6056.         }
6057.         if (((FARPROC) p_tf_get_pinst =
6058.               GetProcAddress( hKRB4_32, "tf_get_pinst" )) == NULL )
6059.         {
6060.             rc = GetLastError() ;
6061.             debug(F111, "Kerberos GetProcAddress failed",
6062.                    "tf_get_pinst",rc) ;
6063.             load_error = 1;
6064.         }
6065.         if (((FARPROC) p_tf_get_cred =
6066.               GetProcAddress( hKRB4_32, "tf_get_cred" )) == NULL )
6067.         {
6068.             rc = GetLastError() ;
6069.             debug(F111, "Kerberos GetProcAddress failed",
6070.                    "tf_get_cred",rc) ;
6071.             load_error = 1;
6072.         }
6073.         if (((FARPROC) p_tf_close =
6074.               GetProcAddress( hKRB4_32, "tf_close" )) == NULL )
6075.         {
6076.             rc = GetLastError() ;
6077.             debug(F111, "Kerberos GetProcAddress failed",
6078.                    "tf_close",rc) ;
6079.             load_error = 1;
6080.         }
6081.         if (((FARPROC) p_tf_init =
6082.               GetProcAddress( hKRB4_32, "tf_init" )) == NULL )
6083.         {
6084.             rc = GetLastError() ;
6085.             debug(F111, "Kerberos GetProcAddress failed",
6086.                    "tf_init",rc) ;
6087.             load_error = 1;
6088.         }
6089.         if (((FARPROC) p_tkt_string =
6090.               GetProcAddress( hKRB4_32, "tkt_string" )) == NULL )
6091.         {
6092.             rc = GetLastError() ;
6093.             debug(F111, "Kerberos GetProcAddress failed",
6094.                    "tkt_string",rc) ;
6095.             load_error = 1;
6096.         }
6097.         if (((FARPROC) p_krb_check_serv =
6098.               GetProcAddress( hKRB4_32, "krb_check_serv" )) == NULL )
6099.         {
6100.             rc = GetLastError() ;
6101.             debug(F111, "Kerberos GetProcAddress failed",
6102.                    "krb_check_serv",rc) ;
6103.             load_error = 1;
6104.         }
6105.         if (((FARPROC) p_kuserok =
6106.               GetProcAddress( hKRB4_32, "kuserok" )) == NULL )
6107.         {
6108.             rc = GetLastError() ;
6109.             debug(F111, "Kerberos GetProcAddress failed",
6110.                    "kuserok",rc) ;
6111.         }
6112.         if (((FARPROC) p_krb_kntoln =
6113.               GetProcAddress( hKRB4_32, "krb_kntoln" )) == NULL )
6114.         {
6115.             rc = GetLastError() ;
6116.             debug(F111, "Kerberos GetProcAddress failed",
6117.                    "krb_kntoln",rc) ;
6118.         }
6119.         if (((FARPROC) p_krb_rd_req =
6120.               GetProcAddress( hKRB4_32, "krb_rd_req" )) == NULL )
6121.         {
6122.             rc = GetLastError() ;
6123.             debug(F111, "Kerberos GetProcAddress failed",
6124.                    "krb_rd_req",rc) ;
6125.         }
6126.         if (((FARPROC) p_krb_sendauth =
6127.               GetProcAddress( hKRB4_32, "krb_sendauth" )) == NULL )
6128.         {
6129.             rc = GetLastError() ;
6130.             debug(F111, "Kerberos GetProcAddress failed",
6131.                    "krb_sendauth",rc) ;
6132.             load_error = 1;
6133.         }
6134.         if (((FARPROC) p_set_krb_debug =
6135.               GetProcAddress( hKRB4_32, "set_krb_debug" )) == NULL )
6136.         {
6137.             rc = GetLastError() ;
6138.             debug(F111, "Kerberos GetProcAddress failed",
6139.                    "set_krb_debug",rc) ;
6140.         }
6141.         if (((FARPROC) p_set_krb_ap_req_debug =
6142.               GetProcAddress( hKRB4_32, "set_krb_ap_req_debug" )) == NULL )
6143.         {
6144.             rc = GetLastError() ;
6145.             debug(F111, "Kerberos GetProcAddress failed",
6146.                    "set_krb_ap_req_debug",rc) ;
6147.         }
6148.         if (((FARPROC) p_krb_mk_safe =
6149.               GetProcAddress( hKRB4_32, "krb_mk_safe" )) == NULL )
6150.         {
6151.             rc = GetLastError() ;
6152.             debug(F111, "Kerberos GetProcAddress failed",
6153.                    "krb_mk_safe",rc) ;
6154.             load_error = 1;
6155.         }
6156.         if (((FARPROC) p_krb_mk_priv =
6157.               GetProcAddress( hKRB4_32, "krb_mk_priv" )) == NULL )
6158.         {
6159.             rc = GetLastError() ;
6160.             debug(F111, "Kerberos GetProcAddress failed",
6161.                    "krb_mk_priv",rc) ;
6162.             load_error = 1;
6163.         }
6164.         if (((FARPROC) p_krb_rd_priv =
6165.               GetProcAddress( hKRB4_32, "krb_rd_priv" )) == NULL )
6166.         {
6167.             rc = GetLastError() ;
6168.             debug(F111, "Kerberos GetProcAddress failed",
6169.                    "krb_rd_priv",rc) ;
6170.             load_error = 1;
6171.         }
6172.         if (((FARPROC) p_krb_rd_safe =
6173.               GetProcAddress( hKRB4_32, "krb_rd_safe" )) == NULL )
6174.         {
6175.             rc = GetLastError() ;
6176.             debug(F111, "Kerberos GetProcAddress failed",
6177.                    "krb_rd_safe",rc) ;
6178.             load_error = 1;
6179.         }
6180.         if (((FARPROC) p_krb_in_tkt =
6181.               GetProcAddress( hKRB4_32, "krb_in_tkt" )) == NULL )
6182.         {
6183.             rc = GetLastError() ;
6184.             debug(F111, "Kerberos GetProcAddress failed",
6185.                    "krb_in_tkt",rc) ;
6186.             load_error = 1;
6187.         }
6188.         if (((FARPROC) p_krb_save_credentials =
6189.               GetProcAddress( hKRB4_32, "krb_save_credentials" )) == NULL )
6190.         {
6191.             rc = GetLastError() ;
6192.             debug(F111, "Kerberos GetProcAddress failed",
6193.                    "krb_save_credentials",rc) ;
6194.             load_error = 1;
6195.         }
6196.  
6197.         if ( load_error ) {
6198.             ck_krb4_loaddll_eh();
6199.             return 0;
6200.         }
6201.     }
6202. #else /* NT */
6203.     exe_path = GetLoadPath();
6204.     len = get_dir_len(exe_path);
6205.     if ( len + strlen(dllname) + 4 > sizeof(path) )
6206.         return(0);
6207.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
6208.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB4_32);
6209.     if (rc) {
6210.         debug(F111, "Kerberos IV LoadLibrary failed",fail,rc) ;
6211.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB4_32);
6212.     }
6213.  
6214.     if (rc) {
6215.         debug(F111, "Kerberos IV LoadLibrary failed",fail,rc) ;
6216.         ck_krb4_loaddll_eh();
6217.     } else {
6218.         debug(F100,"Kerberos IV support provided by MIT","",0);
6219.         if (rc = DosQueryProcAddr(hKRB4_32,0,"get_krb_err_txt_entry",
6220.                                    (PFN*)&p_krb_get_err_text_entry))
6221.         {
6222.             debug(F111,"Kerberos GetProcAddress failed","get_krb_err_txt_entry",rc);
6223.             load_error = 1;
6224.         }
6225.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_cred",
6226.                                    (PFN*)&p_krb_get_cred))
6227.         {
6228.             debug(F111,"Kerberos GetProcAddress failed","krb_get_cred",rc);
6229.             load_error = 1;
6230.         }
6231.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_req",
6232.                                    (PFN*)&p_krb_mk_req))
6233.         {
6234.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_req",rc);
6235.             load_error = 1;
6236.         }
6237.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_realmofhost",
6238.                                    (PFN*)&p_krb_realmofhost))
6239.         {
6240.             debug(F111,"Kerberos GetProcAddress failed","krb_realmofhost",rc);
6241.             load_error = 1;
6242.         }
6243.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_phost",
6244.                                    (PFN*)&p_krb_get_phost))
6245.         {
6246.             debug(F111,"Kerberos GetProcAddress failed","krb_get_phost",rc);
6247.             load_error = 1;
6248.         }
6249.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_ecb_encrypt",
6250.                                    (PFN*)&p_k4_des_ecb_encrypt))
6251.         {
6252.             debug(F111,"Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
6253.         }
6254.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_pcbc_encrypt",
6255.                                    (PFN*)&p_k4_des_pcbc_encrypt))
6256.         {
6257.             debug(F111,"Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
6258.         }
6259.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_new_random_key",
6260.                                    (PFN*)&p_k4_des_new_random_key))
6261.         {
6262.             debug(F111,"Kerberos GetProcAddress failed","des_new_random_key",rc);
6263.         }
6264.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_key_sched",
6265.                                    (PFN*)&p_k4_des_key_sched))
6266.         {
6267.             debug(F111,"Kerberos GetProcAddress failed","des_key_sched",rc);
6268.         }
6269.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_set_random_generator_seed",
6270.                                    (PFN*)&p_k4_des_set_random_generator_seed))
6271.         {
6272.             debug(F111,"Kerberos GetProcAddress failed","des_set_random_generator_seed",rc);
6273.         }
6274.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_pw_in_tkt",
6275.                                    (PFN*)&p_krb_get_pw_in_tkt))
6276.         {
6277.             debug(F111,"Kerberos GetProcAddress failed","krb_get_pw_in_tkt",rc);
6278.             load_error = 1;
6279.         }
6280.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_pw_in_tkt_preauth",
6281.                                    (PFN*)&p_krb_get_pw_in_tkt_preauth))
6282.         {
6283.             debug(F111,"Kerberos GetProcAddress failed","krb_get_pw_in_tkt_preauth",rc);
6284.         }
6285.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_lrealm",
6286.                                    (PFN*)&p_krb_get_lrealm))
6287.         {
6288.             debug(F111,"Kerberos GetProcAddress failed","krb_get_lrealm",rc);
6289.             load_error = 1;
6290.         }
6291.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_err_text",
6292.                                    (PFN*)&p_krb_get_err_text))
6293.         {
6294.             debug(F111,"Kerberos GetProcAddress failed","krb_get_err_text",rc);
6295.         }
6296.         if (rc = DosQueryProcAddr(hKRB4_32,0,"kname_parse",
6297.                                    (PFN*)&p_kname_parse))
6298.         {
6299.             debug(F111,"Kerberos GetProcAddress failed","kname_parse",rc);
6300.             load_error = 1;
6301.         }
6302.         if (rc = DosQueryProcAddr(hKRB4_32,0,"dest_tkt",
6303.                                    (PFN*)&p_dest_tkt))
6304.         {
6305.             debug(F111,"Kerberos GetProcAddress failed","dest_tkt",rc);
6306.             load_error = 1;
6307.         }
6308.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_tf_realm",
6309.                                    (PFN*)&p_krb_get_tf_realm))
6310.         {
6311.             debug(F111,"Kerberos GetProcAddress failed","krb_get_tf_realm",rc);
6312.             load_error = 1;
6313.         }
6314.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_tf_fullname",
6315.                                    (PFN*)&p_krb_get_tf_fullname))
6316.         {
6317.             debug(F111,"Kerberos GetProcAddress failed","krb_get_tf_fullname",rc);
6318.             load_error = 1;
6319.         }
6320.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_pname",
6321.                                    (PFN*)&p_tf_get_pname))
6322.         {
6323.             debug(F111,"Kerberos GetProcAddress failed","tf_get_pname",rc);
6324.             load_error = 1;
6325.         }
6326.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_pinst",
6327.                                    (PFN*)&p_tf_get_pinst))
6328.         {
6329.             debug(F111,"Kerberos GetProcAddress failed","tf_get_pinst",rc);
6330.             load_error = 1;
6331.         }
6332.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_cred",
6333.                                    (PFN*)&p_tf_get_cred))
6334.         {
6335.             debug(F111,"Kerberos GetProcAddress failed","tf_get_cred",rc);
6336.             load_error = 1;
6337.         }
6338.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_close",
6339.                                    (PFN*)&p_tf_close))
6340.         {
6341.             debug(F111,"Kerberos GetProcAddress failed","tf_close",rc);
6342.             load_error = 1;
6343.         }
6344.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_init",
6345.                                    (PFN*)&p_tf_init))
6346.         {
6347.             debug(F111,"Kerberos GetProcAddress failed","tf_init",rc);
6348.             load_error = 1;
6349.         }
6350.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tkt_string",
6351.                                    (PFN*)&p_tkt_string))
6352.         {
6353.             debug(F111,"Kerberos GetProcAddress failed","tkt_string",rc);
6354.             load_error = 1;
6355.         }
6356.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_check_serv",
6357.                                    (PFN*)&p_krb_check_serv))
6358.         {
6359.             debug(F111,"Kerberos GetProcAddress failed","krb_check_serv",rc);
6360.             load_error = 1;
6361.         }
6362.         if (rc = DosQueryProcAddr(hKRB4_32,0,"kuserok",
6363.                                    (PFN*)&p_kuserok))
6364.         {
6365.             debug(F111,"Kerberos GetProcAddress failed","kuserok",rc);
6366.         }
6367.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_kntoln",
6368.                                    (PFN*)&p_krb_kntoln))
6369.         {
6370.             debug(F111,"Kerberos GetProcAddress failed","krb_kntoln",rc);
6371.         }
6372.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_req",
6373.                                    (PFN*)&p_krb_rd_req))
6374.         {
6375.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_req",rc);
6376.         }
6377.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_sendauth",
6378.                                    (PFN*)&p_krb_sendauth))
6379.         {
6380.             debug(F111,"Kerberos GetProcAddress failed","krb_sendauth",rc);
6381.             load_error = 1;
6382.         }
6383.         if (rc = DosQueryProcAddr(hKRB4_32,0,"set_krb_debug",
6384.                                    (PFN*)&p_set_krb_debug))
6385.         {
6386.             debug(F111,"Kerberos GetProcAddress failed","set_krb_debug",rc);
6387.         }
6388.         if (rc = DosQueryProcAddr(hKRB4_32,0,"set_krb_ap_req_debug",
6389.                                    (PFN*)&p_set_krb_ap_req_debug))
6390.         {
6391.             debug(F111,"Kerberos GetProcAddress failed","set_krb_ap_req_debug",rc);
6392.         }
6393.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_safe",
6394.                                    (PFN*)&p_krb_mk_safe))
6395.         {
6396.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_safe",rc);
6397.             load_error = 1;
6398.         }
6399.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_priv",
6400.                                    (PFN*)&p_krb_mk_priv))
6401.         {
6402.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_priv",rc);
6403.             load_error = 1;
6404.         }
6405.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_priv",
6406.                                    (PFN*)&p_krb_rd_priv))
6407.         {
6408.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_priv",rc);
6409.             load_error = 1;
6410.         }
6411.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_safe",
6412.                                    (PFN*)&p_krb_rd_safe))
6413.         {
6414.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_safe",rc);
6415.             load_error = 1;
6416.         }
6417.         if ( load_error ) {
6418.             ck_krb4_loaddll_eh();
6419.             return 0;
6420.         }
6421.     }
6422. #endif /* NT */
6423.  
6424.     if ( deblog ) {
6425.         if ( hKRB4_32 )
6426.             printf("MIT Kerberos 4 available\n");
6427.     }
6428.  
6429.     /* Attempt to load a krb4_principal_to_userid() function */
6430. #ifdef NT
6431.     hKRB42UID = LoadLibrary("KRB42UID");
6432.     if ( hKRB42UID ) {
6433.         if (((FARPROC) p_k95_k4_princ_to_userid =
6434.               GetProcAddress( hKRB42UID, "krb4_principal_to_userid" )) == NULL )
6435.         {
6436.             rc = GetLastError() ;
6437.             debug(F111,"KRB42UID GetProcAddress failed","krb4_principal_to_userid",rc);
6438.         }
6439.         if (((FARPROC) p_k95_k4_userok =
6440.               GetProcAddress( hKRB42UID, "krb4_userok" )) == NULL )
6441.         {
6442.             rc = GetLastError() ;
6443.             debug(F111,"KRB42UID GetProcAddress failed","krb4_userok",rc);
6444.         }
6445.     }
6446. #else /* NT */
6447.     dllname = "KRB42UID";
6448.     len = get_dir_len(exe_path);
6449.     if ( len + strlen(dllname) + 4 > sizeof(path) )
6450.         return(0);
6451.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
6452.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB42UID);
6453.     if (rc) {
6454.         debug(F111, "KRB42UID LoadLibrary failed",fail,rc) ;
6455.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB42UID);
6456.     }
6457.     if ( rc ) {
6458.         debug(F111, "KRB42UID LoadLibrary failed",fail,rc) ;
6459.     } else {
6460.         debug(F111, "KRB42UID LoadLibrary success",fail,rc) ;
6461.         if (rc = DosQueryProcAddr( hKRB42UID, 0, "krb4_principal_to_userid",
6462.                                   (PFN*) &p_k95_k4_princ_to_userid))
6463.         {
6464.             debug(F111,"KRB42UID GetProcAddress failed",
6465.                   "krb4_principal_to_userid",rc);
6466.         }
6467.         if (rc = DosQueryProcAddr( hKRB42UID, 0, "krb4_userok",
6468.                                   (PFN*) &p_k95_k4_userok))
6469.         {
6470.             debug(F111,"KRB42UID GetProcAddress failed",
6471.                   "krb4_userok",rc);
6472.         }
6473.     }
6474.  
6475.  
6476.     /* Initialize Kerberos 4 ticket options based upon MIT Leash selections */
6477.     hLEASH = LoadLibrary("LEASHW32");
6478.     if ( hLEASH )
6479.     {
6480.         DWORD (* pLeash_get_default_lifetime)(void);
6481.  
6482.         (FARPROC) pLeash_get_default_lifetime =
6483.             GetProcAddress(hLEASH, "Leash_get_default_lifetime");
6484.  
6485.         if ( pLeash_get_default_lifetime )
6486.         krb4_d_lifetime = pLeash_get_default_lifetime();
6487.         FreeLibrary("LEASHW32");
6488.     }
6489. #endif /* NT */
6490.     return(1);
6491. #else /* KRB4 */
6492.     return(0);
6493. #endif /* KRB4 */
6494. }
6495.  
6496. int
6497. ck_krb5_loaddll( void )
6498. {
6499. #ifdef KRB5
6500.     ULONG rc = 0 ;
6501.     int load_error = 0, len;
6502. #ifdef OS2ONLY
6503.     CHAR *exe_path;
6504.     CHAR path[256];
6505.     CHAR * dllname = "KRB5_32";
6506.     static void (_System * p_emx_init)(void)=NULL;
6507. #endif /* OS2ONLY */
6508.  
6509. #ifdef NT
6510.     HINSTANCE hLEASH = NULL;
6511.     
6512.     hKRB5_32 = LoadLibrary("KRB5_32") ;
6513.     if ( !hKRB5_32 ) {
6514.         /* Try Cygnus Solutions version */
6515.         hKRB5_32 = LoadLibrary("LIBKRB5");
6516.         cygnus = 1;
6517.     }
6518.     if ( !hKRB5_32 )
6519.     {
6520.         rc = GetLastError() ;
6521.         debug(F111, "Kerberos LoadLibrary failed","KRB5_32",rc) ;
6522.     }
6523.  
6524.     hKRB524 = LoadLibrary("KRB524") ;
6525.     if ( !hKRB524 )
6526.     {
6527.         rc = GetLastError() ;
6528.         debug(F111, "Kerberos LoadLibrary failed","KRB524",rc) ;
6529.     } else {
6530.         if (((FARPROC) p_krb524_init_ets =
6531.               GetProcAddress( hKRB524, "krb524_init_ets" )) == NULL )
6532.         {
6533.             rc = GetLastError() ;
6534.             debug(F111, "Kerberos GetProcAddress failed",
6535.                    "krb524_init_ets",rc);
6536.         }
6537.         if (((FARPROC) p_krb524_convert_creds_kdc =
6538.               GetProcAddress( hKRB524, "krb524_convert_creds_kdc" )) == NULL )
6539.         {
6540.             rc = GetLastError() ;
6541.             debug(F111, "Kerberos GetProcAddress failed",
6542.                    "krb524_convert_creds_kdc",rc);
6543.         }
6544.     }
6545.  
6546.     if ( hKRB5_32 != NULL ) {
6547.     if ( cygnus ) {
6548.         debug(F100,"Kerberos V support provided by Cygnus Solutions","",0);
6549.         if (((FARPROC) p_com_err =
6550.               GetProcAddress( hKRB5_32, "com_err" )) == NULL )
6551.         {
6552.             rc = GetLastError() ;
6553.             debug(F111, "Kerberos GetProcAddress failed","com_err",rc) ;
6554.             load_error = 1;
6555.         }
6556. #ifdef COMMENT
6557.         /* Cygnus Solutions does not have this function in their DLL */
6558.         if (((FARPROC) p_com_err_va =
6559.               GetProcAddress( hKRB5_32, "com_err_va" )) == NULL )
6560.         {
6561.             rc = GetLastError() ;
6562.             debug(F111, "Kerberos GetProcAddress failed","com_err_va",rc) ;
6563.             load_error = 1;
6564.         }
6565. #endif /* COMMENT */
6566.         if (((FARPROC) p_error_message =
6567.               GetProcAddress( hKRB5_32, "error_message" )) == NULL )
6568.         {
6569.             rc = GetLastError() ;
6570.             debug(F111, "Kerberos GetProcAddress failed","error_message",rc) ;
6571.             load_error = 1;
6572.         }
6573.         if (((FARPROC) p_krb5_init_ets =
6574.               GetProcAddress( hKRB5_32, "krb5_init_ets" )) == NULL )
6575.         {
6576.             rc = GetLastError() ;
6577.             debug(F111, "Kerberos GetProcAddress failed","krb5_init_ets",rc) ;
6578.             /* krb5_init_ets is a private function as of 1.2.5 */
6579.         }
6580.         if (((FARPROC) p_cygnus_decode_krb5_ticket=
6581.               GetProcAddress( hKRB5_32, "decode_krb5_ticket" )) == NULL )
6582.         {
6583.             rc = GetLastError() ;
6584.             debug(F111, "Kerberos GetProcAddress failed",
6585.                    "decode_krb5_ticket",rc) ;
6586.             load_error = 1;
6587.         }
6588.     }
6589.     else {
6590.         debug(F100,"Kerberos V support provided by MIT","",0);
6591.         hCOMERR32 = LoadLibrary("COMERR32") ;
6592.         if ( !hCOMERR32 )
6593.         {
6594.             rc = GetLastError() ;
6595.             debug(F111, "Kerberos LoadLibrary failed","COMERR32",rc) ;
6596.             load_error = 1;
6597.         }
6598.         if (((FARPROC) p_com_err =
6599.               GetProcAddress( hCOMERR32, "com_err" )) == NULL )
6600.         {
6601.             rc = GetLastError() ;
6602.             debug(F111, "Kerberos GetProcAddress failed","com_err",rc) ;
6603.             load_error = 1;
6604.         }
6605.         if (((FARPROC) p_com_err_va =
6606.               GetProcAddress( hCOMERR32, "com_err_va" )) == NULL )
6607.         {
6608.             rc = GetLastError() ;
6609.             debug(F111, "Kerberos GetProcAddress failed","com_err_va",rc) ;
6610.             load_error = 1;
6611.         }
6612.         if (((FARPROC) p_error_message =
6613.               GetProcAddress( hCOMERR32, "error_message" )) == NULL )
6614.         {
6615.             rc = GetLastError() ;
6616.             debug(F111, "Kerberos GetProcAddress failed","error_message",rc) ;
6617.             load_error = 1;
6618.         }
6619.         if (((FARPROC) p_decode_krb5_ticket =
6620.               GetProcAddress( hKRB5_32, "decode_krb5_ticket" )) == NULL )
6621.         {
6622.             rc = GetLastError() ;
6623.             debug(F111, "Kerberos GetProcAddress failed",
6624.                    "decode_krb5_ticket",rc) ;
6625.             if (((FARPROC) p_cygnus_decode_krb5_ticket =
6626.                   GetProcAddress( hKRB5_32, "krb5_decode_ticket" )) == NULL )
6627.             {
6628.                 rc = GetLastError() ;
6629.                 debug(F111, "Kerberos GetProcAddress failed",
6630.                        "krb5_decode_ticket",rc) ;
6631.                 load_error = 1;
6632.             }
6633.         }
6634.         if (((FARPROC) p_krb5_mk_rep =
6635.               GetProcAddress( hKRB5_32, "krb5_mk_rep" )) == NULL )
6636.         {
6637.             rc = GetLastError() ;
6638.             debug(F111, "Kerberos GetProcAddress failed",
6639.                    "krb5_mk_rep",rc) ;
6640.             load_error = 1;
6641.         }
6642.         if (((FARPROC) p_krb5_free_authenticator=
6643.               GetProcAddress( hKRB5_32, "krb5_free_authenticator" )) == NULL )
6644.         {
6645.             rc = GetLastError() ;
6646.             debug(F111, "Kerberos GetProcAddress failed",
6647.                    "krb5_free_authenticator",rc) ;
6648.             load_error = 1;
6649.         }
6650.         if (((FARPROC) p_krb5_verify_checksum=
6651.               GetProcAddress( hKRB5_32, "krb5_verify_checksum" )) == NULL )
6652.         {
6653.             rc = GetLastError() ;
6654.             debug(F111, "Kerberos GetProcAddress failed",
6655.                    "krb5_verify_checksum",rc) ;
6656.             load_error = 1;
6657.         }
6658.         if (((FARPROC) p_krb5_rd_req=
6659.               GetProcAddress( hKRB5_32, "krb5_rd_req" )) == NULL )
6660.         {
6661.             rc = GetLastError() ;
6662.             debug(F111, "Kerberos GetProcAddress failed",
6663.                    "krb5_rd_req",rc) ;
6664.             load_error = 1;
6665.         }
6666.     }
6667.  
6668.     if (((FARPROC) p_krb5_free_creds =
6669.           GetProcAddress( hKRB5_32, "krb5_free_creds" )) == NULL )
6670.     {
6671.         rc = GetLastError() ;
6672.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_creds",rc) ;
6673.         load_error = 1;
6674.     }
6675.     if (((FARPROC) p_krb5_free_data =
6676.           GetProcAddress( hKRB5_32, "krb5_free_data" )) == NULL )
6677.     {
6678.         rc = GetLastError() ;
6679.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_data",rc) ;
6680.         load_error = 1;
6681.     }
6682.     if (((FARPROC) p_krb5_free_data_contents =
6683.           GetProcAddress( hKRB5_32, "krb5_free_data_contents" )) == NULL )
6684.     {
6685.         rc = GetLastError() ;
6686.         debug(F111, "Kerberos GetProcAddress failed",
6687.                "krb5_free_data_contents",rc) ;
6688.         load_error = 1;
6689.     }
6690.     if (((FARPROC) p_krb5_copy_keyblock =
6691.           GetProcAddress( hKRB5_32, "krb5_copy_keyblock" )) == NULL )
6692.     {
6693.         rc = GetLastError() ;
6694.         debug(F111, "Kerberos GetProcAddress failed","krb5_copy_keyblock",rc) ;
6695.         load_error = 1;
6696.     }
6697.     if (((FARPROC) p_krb5_free_keyblock =
6698.           GetProcAddress( hKRB5_32, "krb5_free_keyblock" )) == NULL )
6699.     {
6700.         rc = GetLastError() ;
6701.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_keyblock",rc) ;
6702.         load_error = 1;
6703.     }
6704.     if (((FARPROC) p_krb5_auth_con_getlocalsubkey =
6705.           GetProcAddress( hKRB5_32, "krb5_auth_con_getlocalsubkey" )) == NULL )
6706.     {
6707.         rc = GetLastError() ;
6708.         debug(F111, "Kerberos GetProcAddress failed",
6709.                "krb5_auth_con_getlocalsubkey",rc) ;
6710.         load_error = 1;
6711.     }
6712.     if (((FARPROC) p_krb5_mk_req_extended =
6713.           GetProcAddress( hKRB5_32, "krb5_mk_req_extended" )) == NULL )
6714.     {
6715.         rc = GetLastError() ;
6716.         debug(F111,"Kerberos GetProcAddress failed","krb5_mk_req_extended",rc);
6717.         load_error = 1;
6718.     }
6719.     if (((FARPROC) p_krb5_mk_req =
6720.           GetProcAddress( hKRB5_32, "krb5_mk_req" )) == NULL )
6721.     {
6722.         rc = GetLastError() ;
6723.         debug(F111,"Kerberos GetProcAddress failed","krb5_mk_req",rc);
6724.         load_error = 1;
6725.     }
6726.     if (((FARPROC) p_krb5_auth_con_setflags =
6727.       GetProcAddress( hKRB5_32, "krb5_auth_con_setflags" )) == NULL )
6728.     {
6729.         rc = GetLastError() ;
6730.         debug(F111, "Kerberos GetProcAddress failed",
6731.                "krb5_auth_con_setflags",rc) ;
6732.         load_error = 1;
6733.     }
6734.     if (((FARPROC) p_krb5_auth_con_init =
6735.           GetProcAddress( hKRB5_32, "krb5_auth_con_init" )) == NULL )
6736.     {
6737.         rc = GetLastError() ;
6738.         debug(F111, "Kerberos GetProcAddress failed","krb5_auth_con_init",rc) ;
6739.         load_error = 1;
6740.     }
6741.     if (((FARPROC) p_krb5_auth_con_free =
6742.           GetProcAddress( hKRB5_32, "krb5_auth_con_free" )) == NULL )
6743.     {
6744.         rc = GetLastError() ;
6745.         debug(F111, "Kerberos GetProcAddress failed","krb5_auth_con_free",rc) ;
6746.         load_error = 1;
6747.     }
6748.     if (((FARPROC) p_krb5_get_credentials =
6749.           GetProcAddress( hKRB5_32, "krb5_get_credentials" )) == NULL )
6750.     {
6751.         rc = GetLastError() ;
6752.         debug(F111,"Kerberos GetProcAddress failed","krb5_get_credentials",rc);
6753.         load_error = 1;
6754.     }
6755.     if (((FARPROC) p_krb5_free_cred_contents =
6756.           GetProcAddress( hKRB5_32, "krb5_free_cred_contents" )) == NULL )
6757.     {
6758.         rc = GetLastError() ;
6759.         debug(F111,
6760.               "Kerberos GetProcAddress failed","krb5_free_cred_contents",rc);
6761.         load_error = 1;
6762.     }
6763.     if (((FARPROC) p_krb5_sname_to_principal =
6764.           GetProcAddress( hKRB5_32, "krb5_sname_to_principal" )) == NULL )
6765.     {
6766.         rc = GetLastError() ;
6767.         debug(F111,
6768.               "Kerberos GetProcAddress failed","krb5_sname_to_principal",rc);
6769.         load_error = 1;
6770.     }
6771.     if (((FARPROC) p_krb5_cc_default =
6772.           GetProcAddress( hKRB5_32, "krb5_cc_default" )) == NULL )
6773.     {
6774.         rc = GetLastError() ;
6775.         debug(F111, "Kerberos GetProcAddress failed","krb5_cc_default",rc) ;
6776.         load_error = 1;
6777.     }
6778.     if (((FARPROC) p_krb5_free_ap_rep_enc_part =
6779.       GetProcAddress( hKRB5_32, "krb5_free_ap_rep_enc_part" )) == NULL )
6780.     {
6781.         rc = GetLastError() ;
6782.         debug(F111, "Kerberos GetProcAddress failed",
6783.                "krb5_free_ap_rep_enc_part",rc) ;
6784.         load_error = 1;
6785.     }
6786.     if (((FARPROC) p_krb5_rd_rep =
6787.           GetProcAddress( hKRB5_32, "krb5_rd_rep" )) == NULL )
6788.     {
6789.         rc = GetLastError() ;
6790.         debug(F111, "Kerberos GetProcAddress failed","krb5_rd_rep",rc) ;
6791.         load_error = 1;
6792.     }
6793.     if (((FARPROC) p_krb5_init_context =
6794.           GetProcAddress( hKRB5_32, "krb5_init_context" )) == NULL )
6795.     {
6796.         rc = GetLastError() ;
6797.         debug(F111, "Kerberos GetProcAddress failed","krb5_init_context",rc) ;
6798.         load_error = 1;
6799.     }
6800.     if (((FARPROC) p_krb5_free_context =
6801.           GetProcAddress( hKRB5_32, "krb5_free_context" )) == NULL )
6802.     {
6803.         rc = GetLastError() ;
6804.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_context",rc) ;
6805.         load_error = 1;
6806.     }
6807.  
6808.     if (((FARPROC) p_krb5_free_principal =
6809.           GetProcAddress( hKRB5_32, "krb5_free_principal" )) == NULL )
6810.     {
6811.         rc = GetLastError() ;
6812.         debug(F111, "Kerberos GetProcAddress failed",
6813.                "krb5_free_principal",rc) ;
6814.         load_error = 1;
6815.     }
6816.     if (((FARPROC) p_krb5_free_unparsed_name =
6817.           GetProcAddress( hKRB5_32, "krb5_free_unparsed_name" )) == NULL )
6818.     {
6819.         rc = GetLastError() ;
6820.         debug(F111, "Kerberos GetProcAddress failed",
6821.                "krb5_free_unparsed_name",rc) ;
6822. #ifdef COMMENT
6823.         load_error = 1;
6824. #endif /* COMMENT */
6825.     }
6826.     if (((FARPROC) p_krb5_fwd_tgt_creds =
6827.           GetProcAddress( hKRB5_32, "krb5_fwd_tgt_creds" )) == NULL )
6828.     {
6829.         rc = GetLastError() ;
6830.         debug(F111, "Kerberos GetProcAddress failed",
6831.                "krb5_fwd_tgt_creds",rc) ;
6832.         load_error = 1;
6833.     }
6834.     if (((FARPROC) p_krb5_auth_con_genaddrs =
6835.           GetProcAddress( hKRB5_32, "krb5_auth_con_genaddrs" )) == NULL )
6836.     {
6837.         rc = GetLastError() ;
6838.         debug(F111, "Kerberos GetProcAddress failed",
6839.                "krb5_auth_con_genaddrs",rc) ;
6840.         load_error = 1;
6841.     }
6842.  
6843.         /* The DES functions are not required.  But if we do not have */
6844.         /* them and do not have the CRYPT DLL we will not be able to  */
6845.         /* perform mutual authentication.                             */
6846.         if (((FARPROC) p_des_ecb_encrypt =
6847.               GetProcAddress( hKRB5_32, "des_ecb_encrypt" )) == NULL )
6848.         {
6849.             rc = GetLastError() ;
6850.             debug(F111, "Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
6851.         }
6852.         if (((FARPROC) p_des_pcbc_encrypt =
6853.               GetProcAddress( hKRB5_32, "des_pcbc_encrypt" )) == NULL )
6854.         {
6855.             rc = GetLastError() ;
6856.             debug(F111, "Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
6857.         }
6858.         if (((FARPROC) p_des_new_random_key =
6859.           GetProcAddress( hKRB5_32, "des_new_random_key" )) == NULL )
6860.         {
6861.             rc = GetLastError() ;
6862.             debug(F111, "Kerberos GetProcAddress failed","des_new_random_key",rc) ;
6863.         }
6864.         if (((FARPROC) p_des_key_sched =
6865.               GetProcAddress( hKRB5_32, "des_key_sched" )) == NULL )
6866.         {
6867.             rc = GetLastError() ;
6868.             debug(F111, "Kerberos GetProcAddress failed","des_key_sched",rc) ;
6869.         }
6870.         if (((FARPROC) p_des_set_random_generator_seed =
6871.               GetProcAddress(hKRB5_32, "des_set_random_generator_seed" )) == NULL )
6872.         {
6873.             rc = GetLastError() ;
6874.             debug(F111, "Kerberos GetProcAddress failed",
6875.                    "des_set_random_generator_seed",rc) ;
6876.         }
6877.  
6878.         if (((FARPROC) p_krb5_get_host_realm=
6879.               GetProcAddress(hKRB5_32,"krb5_get_host_realm")) == NULL)
6880.         {
6881.             rc = GetLastError() ;
6882.             debug(F111, "Kerberos GetProcAddress failed",
6883.                    "krb5_get_host_realm",rc) ;
6884.             load_error = 1;
6885.         }
6886.         if (((FARPROC) p_krb5_free_host_realm=
6887.               GetProcAddress(hKRB5_32,"krb5_free_host_realm")) == NULL)
6888.         {
6889.             rc = GetLastError() ;
6890.             debug(F111, "Kerberos GetProcAddress failed",
6891.                    "krb5_free_host_realm",rc) ;
6892.             load_error = 1;
6893.         }
6894.         if (((FARPROC) p_krb5_get_in_tkt_with_keytab=
6895.               GetProcAddress(hKRB5_32,"krb5_get_in_tkt_with_keytab")) == NULL)
6896.         {
6897.             rc = GetLastError() ;
6898.             debug(F111, "Kerberos GetProcAddress failed",
6899.                    "krb5_get_in_tkt_with_keytab",rc) ;
6900.             load_error = 1;
6901.         }
6902.         if (((FARPROC) p_krb5_get_in_tkt_with_password=
6903.              GetProcAddress(hKRB5_32,"krb5_get_in_tkt_with_password")) == NULL)
6904.         {
6905.             rc = GetLastError() ;
6906.             debug(F111, "Kerberos GetProcAddress failed",
6907.                    "krb5_get_in_tkt_with_password",rc) ;
6908.             load_error = 1;
6909.         }
6910.         if (((FARPROC) p_krb5_read_password=
6911.               GetProcAddress( hKRB5_32, "krb5_read_password" )) == NULL )
6912.         {
6913.             rc = GetLastError() ;
6914.             debug(F111, "Kerberos GetProcAddress failed",
6915.                    "krb5_read_password",rc) ;
6916.             load_error = 1;
6917.         }
6918.         if (((FARPROC) p_krb5_build_principal_ext=
6919.               GetProcAddress( hKRB5_32, "krb5_build_principal_ext" )) == NULL )
6920.         {
6921.             rc = GetLastError() ;
6922.             debug(F111, "Kerberos GetProcAddress failed",
6923.                    "krb5_build_principal_ext",rc) ;
6924.             load_error = 1;
6925.         }
6926.         if (((FARPROC) p_krb5_unparse_name=
6927.               GetProcAddress( hKRB5_32, "krb5_unparse_name" )) == NULL )
6928.         {
6929.             rc = GetLastError() ;
6930.             debug(F111, "Kerberos GetProcAddress failed",
6931.                    "krb5_unparse_name",rc) ;
6932.             load_error = 1;
6933.         }
6934.         if (((FARPROC) p_krb5_parse_name=
6935.               GetProcAddress( hKRB5_32, "krb5_parse_name" )) == NULL )
6936.         {
6937.             rc = GetLastError() ;
6938.             debug(F111, "Kerberos GetProcAddress failed",
6939.                    "krb5_parse_name",rc) ;
6940.             load_error = 1;
6941.         }
6942.         if (((FARPROC) p_krb5_cc_resolve=
6943.               GetProcAddress( hKRB5_32, "krb5_cc_resolve" )) == NULL )
6944.         {
6945.             rc = GetLastError() ;
6946.             debug(F111, "Kerberos GetProcAddress failed",
6947.                    "krb5_cc_resolve",rc) ;
6948.             load_error = 1;
6949.         }
6950.         if (((FARPROC) p_krb5_cc_default_name=
6951.               GetProcAddress( hKRB5_32, "krb5_cc_default_name" )) == NULL )
6952.         {
6953.             rc = GetLastError() ;
6954.             debug(F111, "Kerberos GetProcAddress failed",
6955.                    "krb5_cc_default_name",rc) ;
6956.         }
6957.         if (((FARPROC) p_krb5_string_to_timestamp=
6958.               GetProcAddress( hKRB5_32, "krb5_string_to_timestamp" )) == NULL )
6959.         {
6960.             rc = GetLastError() ;
6961.             debug(F111, "Kerberos GetProcAddress failed",
6962.                    "krb5_string_to_timestamp",rc) ;
6963.             load_error = 1;
6964.         }
6965.         if (((FARPROC) p_krb5_kt_resolve=
6966.               GetProcAddress( hKRB5_32, "krb5_kt_resolve" )) == NULL )
6967.         {
6968.             rc = GetLastError() ;
6969.             debug(F111, "Kerberos GetProcAddress failed",
6970.                    "krb5_kt_resolve",rc) ;
6971.             load_error = 1;
6972.         }
6973.         if (((FARPROC) p_krb5_string_to_deltat=
6974.               GetProcAddress( hKRB5_32, "krb5_string_to_deltat" )) == NULL )
6975.         {
6976.             rc = GetLastError() ;
6977.             debug(F111, "Kerberos GetProcAddress failed",
6978.                    "krb5_string_to_deltat",rc) ;
6979.             load_error = 1;
6980.         }
6981.         if (((FARPROC) p_krb5_timeofday=
6982.               GetProcAddress( hKRB5_32, "krb5_timeofday" )) == NULL )
6983.         {
6984.             rc = GetLastError() ;
6985.             debug(F111, "Kerberos GetProcAddress failed",
6986.                    "krb5_timeofday",rc) ;
6987.             load_error = 1;
6988.         }
6989.         if (((FARPROC) p_krb5_get_credentials_renew=
6990.              GetProcAddress(hKRB5_32, "krb5_get_credentials_renew" )) == NULL)
6991.         {
6992.             rc = GetLastError() ;
6993.             debug(F111, "Kerberos GetProcAddress failed",
6994.                    "krb5_get_credentials_renew",rc) ;
6995.             load_error = 1;
6996.         }
6997.         if (((FARPROC) p_krb5_get_credentials_validate=
6998.              GetProcAddress(hKRB5_32,"krb5_get_credentials_validate")) == NULL)
6999.         {
7000.             rc = GetLastError() ;
7001.             debug(F111, "Kerberos GetProcAddress failed",
7002.                    "krb5_get_credentials_validate",rc) ;
7003.             load_error = 1;
7004.         }
7005.         if (((FARPROC) p_krb5_copy_principal=
7006.               GetProcAddress( hKRB5_32, "krb5_copy_principal" )) == NULL )
7007.         {
7008.             rc = GetLastError() ;
7009.             debug(F111, "Kerberos GetProcAddress failed",
7010.                    "krb5_copy_principal",rc) ;
7011.             load_error = 1;
7012.         }
7013.         if (((FARPROC) p_krb5_timestamp_to_sfstring=
7014.               GetProcAddress(hKRB5_32,"krb5_timestamp_to_sfstring" )) == NULL)
7015.         {
7016.             rc = GetLastError() ;
7017.             debug(F111, "Kerberos GetProcAddress failed",
7018.                    "krb5_timestamp_to_sfstring",rc) ;
7019.             load_error = 1;
7020.         }
7021.         if (((FARPROC) p_krb5_kt_default=
7022.               GetProcAddress( hKRB5_32, "krb5_kt_default" )) == NULL )
7023.         {
7024.             rc = GetLastError() ;
7025.             debug(F111, "Kerberos GetProcAddress failed",
7026.                    "krb5_kt_default",rc) ;
7027.             load_error = 1;
7028.         }
7029.         if (((FARPROC) p_krb5_free_ticket=
7030.               GetProcAddress( hKRB5_32, "krb5_free_ticket" )) == NULL )
7031.         {
7032.             rc = GetLastError() ;
7033.             debug(F111, "Kerberos GetProcAddress failed",
7034.                    "krb5_free_ticket",rc) ;
7035.             load_error = 1;
7036.         }
7037.  
7038. #ifdef CHECKADDRS
7039.         if (((FARPROC) p_krb5_os_localaddr=
7040.               GetProcAddress( hKRB5_32, "krb5_os_localaddr" )) == NULL )
7041.         {
7042.             rc = GetLastError() ;
7043.             debug(F111, "Kerberos GetProcAddress failed",
7044.                    "krb5_os_localaddr",rc) ;
7045.             load_error = 1;
7046.         }
7047.         if (((FARPROC) p_krb5_address_search=
7048.               GetProcAddress( hKRB5_32, "krb5_address_search" )) == NULL )
7049.         {
7050.             rc = GetLastError() ;
7051.             debug(F111, "Kerberos GetProcAddress failed",
7052.                    "krb5_address_search",rc) ;
7053.  
7054.             /* This is not a fatal error since we expect that most builds */
7055.             /* of krb5 dll will have an error in the export list that     */
7056.             /* prevents this function from being found.  Therefore a      */
7057.             /* built in version is used if it is missing                  */
7058.         }
7059.         if (((FARPROC) p_krb5_free_addresses=
7060.               GetProcAddress( hKRB5_32, "krb5_free_addresses" )) == NULL )
7061.         {
7062.             rc = GetLastError() ;
7063.             debug(F111, "Kerberos GetProcAddress failed",
7064.                    "krb5_free_addresses",rc) ;
7065.             load_error = 1;
7066.         }
7067.  
7068. #endif /* CHECKADDRS */
7069.         if (((FARPROC) p_krb5_auth_con_getremotesubkey=
7070.               GetProcAddress( hKRB5_32, "krb5_auth_con_getremotesubkey" )) == NULL )
7071.         {
7072.             rc = GetLastError() ;
7073.             debug(F111, "Kerberos GetProcAddress failed",
7074.                    "krb5_auth_con_getremotesubkey",rc) ;
7075.             load_error = 1;
7076.         }
7077.         if (((FARPROC) p_krb5_auth_con_getkey=
7078.               GetProcAddress( hKRB5_32, "krb5_auth_con_getkey" )) == NULL )
7079.         {
7080.             rc = GetLastError() ;
7081.             debug(F111, "Kerberos GetProcAddress failed",
7082.                    "krb5_auth_con_getkey",rc) ;
7083.             load_error = 1;
7084.         }
7085.         if (((FARPROC) p_krb5_auth_con_getauthenticator=
7086.               GetProcAddress( hKRB5_32, "krb5_auth_con_getauthenticator" )) == NULL )
7087.         {
7088.             rc = GetLastError() ;
7089.             debug(F111, "Kerberos GetProcAddress failed",
7090.                    "krb5_auth_con_getauthenticator",rc) ;
7091.             load_error = 1;
7092.         }
7093.         if (((FARPROC) p_krb5_auth_con_setrcache=
7094.               GetProcAddress( hKRB5_32, "krb5_auth_con_setrcache" )) == NULL )
7095.         {
7096.             rc = GetLastError() ;
7097.             debug(F111, "Kerberos GetProcAddress failed",
7098.                    "krb5_auth_con_setrcache",rc) ;
7099.         }
7100.         if (((FARPROC) p_krb5_get_server_rcache=
7101.               GetProcAddress( hKRB5_32, "krb5_get_server_rcache" )) == NULL )
7102.         {
7103.             rc = GetLastError() ;
7104.             debug(F111, "Kerberos GetProcAddress failed",
7105.                    "krb5_get_server_rcache",rc) ;
7106.         }
7107.         if (((FARPROC) p_krb5_auth_con_getrcache=
7108.               GetProcAddress( hKRB5_32, "krb5_auth_con_getrcache" )) == NULL )
7109.         {
7110.             rc = GetLastError() ;
7111.             debug(F111, "Kerberos GetProcAddress failed",
7112.                    "krb5_auth_con_getrcache",rc) ;
7113.         }
7114.         if (((FARPROC) p_krb5_free_tgt_creds=
7115.               GetProcAddress( hKRB5_32, "krb5_free_tgt_creds" )) == NULL )
7116.         {
7117.             rc = GetLastError() ;
7118.             debug(F111, "Kerberos GetProcAddress failed",
7119.                    "krb5_free_tgt_creds",rc) ;
7120.         }
7121.         if (((FARPROC) p_krb5_rd_cred=
7122.               GetProcAddress( hKRB5_32, "krb5_rd_cred" )) == NULL )
7123.         {
7124.             rc = GetLastError() ;
7125.             debug(F111, "Kerberos GetProcAddress failed",
7126.                    "krb5_rd_cred",rc) ;
7127.         }
7128.  
7129.         if (((FARPROC) p_krb5_c_enctype_compare=
7130.               GetProcAddress( hKRB5_32, "krb5_c_enctype_compare" )) == NULL )
7131.         {
7132.             rc = GetLastError() ;
7133.             debug(F111, "Kerberos GetProcAddress failed",
7134.                    "krb5_c_enctype_compare",rc) ;
7135.         }
7136.         if (((FARPROC) p_krb5_free_error=
7137.               GetProcAddress( hKRB5_32, "krb5_free_error" )) == NULL )
7138.         {
7139.             rc = GetLastError() ;
7140.             debug(F111, "Kerberos GetProcAddress failed",
7141.                    "krb5_free_error",rc) ;
7142.         }
7143.         if (((FARPROC) p_krb5_sendauth=
7144.               GetProcAddress( hKRB5_32, "krb5_sendauth" )) == NULL )
7145.         {
7146.             rc = GetLastError() ;
7147.             debug(F111, "Kerberos GetProcAddress failed",
7148.                    "krb5_sendauth",rc) ;
7149.         }
7150.         if (((FARPROC) p_krb5_process_key=
7151.               GetProcAddress( hKRB5_32, "krb5_process_key" )) == NULL )
7152.         {
7153.             rc = GetLastError() ;
7154.             debug(F111, "Kerberos GetProcAddress failed",
7155.                    "krb5_process_key",rc) ;
7156.         }
7157.         if (((FARPROC) p_krb5_use_enctype=
7158.               GetProcAddress( hKRB5_32, "krb5_use_enctype" )) == NULL )
7159.         {
7160.             rc = GetLastError() ;
7161.             debug(F111, "Kerberos GetProcAddress failed",
7162.                    "krb5_use_enctype",rc) ;
7163.         }
7164.         if (((FARPROC) p_krb5_encrypt=
7165.               GetProcAddress( hKRB5_32, "krb5_encrypt" )) == NULL )
7166.         {
7167.             rc = GetLastError() ;
7168.             debug(F111, "Kerberos GetProcAddress failed",
7169.                    "krb5_encrypt",rc) ;
7170.         }
7171.         if (((FARPROC) p_krb5_decrypt=
7172.               GetProcAddress( hKRB5_32, "krb5_decrypt" )) == NULL )
7173.         {
7174.             rc = GetLastError() ;
7175.             debug(F111, "Kerberos GetProcAddress failed",
7176.                    "krb5_decrypt",rc) ;
7177.         }
7178.         if (((FARPROC) p_krb5_encrypt_size=
7179.               GetProcAddress( hKRB5_32, "krb5_encrypt_size" )) == NULL )
7180.         {
7181.             rc = GetLastError() ;
7182.             debug(F111, "Kerberos GetProcAddress failed",
7183.                    "krb5_encrypt_size",rc) ;
7184.         }
7185.         if (((FARPROC) p_krb5_kuserok=
7186.               GetProcAddress( hKRB5_32, "krb5_kuserok" )) == NULL )
7187.         {
7188.             rc = GetLastError() ;
7189.             debug(F111, "Kerberos GetProcAddress failed",
7190.                    "krb5_kuserok",rc) ;
7191.         }
7192.         if (((FARPROC) p_krb5_appdefault_boolean =
7193.               GetProcAddress( hKRB5_32, "krb5_appdefault_boolean" )) == NULL )
7194.         {
7195.             rc = GetLastError() ;
7196.             debug(F111, "Kerberos GetProcAddress failed",
7197.                    "krb5_appdefault_boolean",rc) ;
7198.             /* NRL only */
7199.         }
7200.         if (((FARPROC) p_krb5_appdefault_string =
7201.               GetProcAddress( hKRB5_32, "krb5_appdefault_string" )) == NULL )
7202.         {
7203.             rc = GetLastError() ;
7204.             debug(F111, "Kerberos GetProcAddress failed",
7205.                    "krb5_appdefault_string",rc) ;
7206.             /* NRL only */
7207.         }
7208.         if (((FARPROC) p_krb5_get_renewed_creds =
7209.               GetProcAddress( hKRB5_32, "krb5_get_renewed_creds" )) == NULL )
7210.         {
7211.             rc = GetLastError() ;
7212.             debug(F111, "Kerberos GetProcAddress failed",
7213.                    "krb5_get_renewed_creds",rc) ;
7214.             /* Not in NRL or NT-ALPHA-2 */
7215.         }
7216.         if (((FARPROC) p_krb5_get_validated_creds =
7217.               GetProcAddress( hKRB5_32, "krb5_get_validated_creds" )) == NULL )
7218.         {
7219.             rc = GetLastError() ;
7220.             debug(F111, "Kerberos GetProcAddress failed",
7221.                    "krb5_get_validated_creds",rc) ;
7222.             /* Not in NRL or NT-ALPHA-2 */
7223.         }
7224.         if (((FARPROC) p_krb5_get_init_creds_password =
7225.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_password" )) == NULL )
7226.         {
7227.             rc = GetLastError() ;
7228.             debug(F111, "Kerberos GetProcAddress failed",
7229.                    "krb5_get_init_creds_password",rc) ;
7230.             /* Not in NT-ALPHA-2 */
7231.         }
7232.         if (((FARPROC) p_krb5_get_init_creds_opt_set_address_list =
7233.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_address_list" )) == NULL )
7234.         {
7235.             rc = GetLastError() ;
7236.             debug(F111, "Kerberos GetProcAddress failed",
7237.                    "krb5_get_init_creds_opt_set_address_list",rc) ;
7238.             /* Not in NT-ALPHA-2 */
7239.         }
7240.         if (((FARPROC) p_krb5_get_init_creds_opt_set_tkt_life =
7241.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_tkt_life" )) == NULL )
7242.         {
7243.             rc = GetLastError() ;
7244.             debug(F111, "Kerberos GetProcAddress failed",
7245.                    "krb5_get_init_creds_opt_set_tkt_life",rc) ;
7246.             /* Not in NT-ALPHA-2 */
7247.         }
7248.         if (((FARPROC) p_krb5_get_init_creds_opt_set_forwardable =
7249.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_forwardable" )) == NULL )
7250.         {
7251.             rc = GetLastError() ;
7252.             debug(F111, "Kerberos GetProcAddress failed",
7253.                    "krb5_get_init_creds_opt_set_forwardable",rc) ;
7254.             /* Not in NT-ALPHA-2 */
7255.         }
7256.         if (((FARPROC) p_krb5_get_init_creds_opt_set_proxiable =
7257.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_proxiable" )) == NULL )
7258.         {
7259.             rc = GetLastError() ;
7260.             debug(F111, "Kerberos GetProcAddress failed",
7261.                    "krb5_get_init_creds_opt_set_proxiable",rc) ;
7262.             /* Not in NT-ALPHA-2 */
7263.         }
7264.         if (((FARPROC) p_krb5_get_init_creds_opt_set_renew_life =
7265.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_renew_life" )) == NULL )
7266.         {
7267.             rc = GetLastError() ;
7268.             debug(F111, "Kerberos GetProcAddress failed",
7269.                    "krb5_get_init_creds_opt_set_renew_life",rc) ;
7270.             /* Not in NT-ALPHA-2 */
7271.         }
7272.         if (((FARPROC) p_krb5_get_init_creds_opt_init =
7273.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_init" )) == NULL )
7274.         {
7275.             rc = GetLastError() ;
7276.             debug(F111, "Kerberos GetProcAddress failed",
7277.                    "krb5_get_init_creds_opt_init",rc) ;
7278.             /* Not in NT-ALPHA-2 */
7279.         }
7280.         if (((FARPROC) p_krb5_get_init_creds_opt_set_etype_list =
7281.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_etype_list" )) == NULL )
7282.         {
7283.             rc = GetLastError() ;
7284.             debug(F111, "Kerberos GetProcAddress failed",
7285.                    "krb5_get_init_creds_opt_set_etype_list",rc) ;
7286.             /* Not in NT-ALPHA-2 */
7287.         }
7288.         if (((FARPROC) p_krb5_get_init_creds_opt_set_preauth_list =
7289.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_preauth_list" )) == NULL )
7290.         {
7291.             rc = GetLastError() ;
7292.             debug(F111, "Kerberos GetProcAddress failed",
7293.                    "krb5_get_init_creds_opt_set_preauth_list",rc) ;
7294.             /* Not in NT-ALPHA-2 */
7295.         }
7296.         if (((FARPROC) p_krb5_get_init_creds_opt_set_salt =
7297.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_salt" )) == NULL )
7298.         {
7299.             rc = GetLastError() ;
7300.             debug(F111, "Kerberos GetProcAddress failed",
7301.                    "krb5_get_init_creds_opt_set_salt",rc) ;
7302.             /* Not in NT-ALPHA-2 */
7303.         }
7304.  
7305.         if (((FARPROC) p_krb5_rd_safe =
7306.               GetProcAddress( hKRB5_32, "krb5_rd_safe" )) == NULL )
7307.         {
7308.             rc = GetLastError() ;
7309.             debug(F111, "Kerberos GetProcAddress failed",
7310.                    "krb5_rd_safe",rc) ;
7311.             load_error = 1;
7312.         }
7313.         if (((FARPROC) p_krb5_mk_safe =
7314.               GetProcAddress( hKRB5_32, "krb5_mk_safe" )) == NULL )
7315.         {
7316.             rc = GetLastError() ;
7317.             debug(F111, "Kerberos GetProcAddress failed",
7318.                    "krb5_mk_safe",rc) ;
7319.             load_error = 1;
7320.         }
7321.         if (((FARPROC) p_krb5_rd_priv =
7322.               GetProcAddress( hKRB5_32, "krb5_rd_priv" )) == NULL )
7323.         {
7324.             rc = GetLastError() ;
7325.             debug(F111, "Kerberos GetProcAddress failed",
7326.                    "krb5_rd_priv",rc) ;
7327.             load_error = 1;
7328.         }
7329.         if (((FARPROC) p_krb5_mk_priv =
7330.               GetProcAddress( hKRB5_32, "krb5_mk_priv" )) == NULL )
7331.         {
7332.             rc = GetLastError() ;
7333.             debug(F111, "Kerberos GetProcAddress failed",
7334.                    "krb5_mk_priv",rc) ;
7335.             load_error = 1;
7336.         }
7337.         if (((FARPROC) p_krb5_auth_con_setuseruserkey =
7338.               GetProcAddress( hKRB5_32, "krb5_auth_con_setuseruserkey" )) == NULL )
7339.         {
7340.             rc = GetLastError() ;
7341.             debug(F111, "Kerberos GetProcAddress failed",
7342.                    "krb5_auth_con_setuseruserkey",rc) ;
7343.             load_error = 1;
7344.         }
7345.         if (((FARPROC) p_krb5_get_profile =
7346.               GetProcAddress( hKRB5_32, "krb5_get_profile" )) == NULL )
7347.         {
7348.             rc = GetLastError() ;
7349.             debug(F111, "Kerberos GetProcAddress failed",
7350.                    "krb5_get_profile",rc) ;
7351.         }
7352.  
7353.         if (((FARPROC) p_krb5_free_keyblock_contents =
7354.               GetProcAddress( hKRB5_32, "krb5_free_keyblock_contents" )) == NULL )
7355.         {
7356.             rc = GetLastError() ;
7357.             debug(F111, "Kerberos GetProcAddress failed",
7358.                    "krb5_free_keyblock_contents",rc) ;
7359.         }
7360.         if (((FARPROC) p_krb5_c_encrypt =
7361.               GetProcAddress( hKRB5_32, "krb5_c_encrypt" )) == NULL )
7362.         {
7363.             rc = GetLastError() ;
7364.             debug(F111, "Kerberos GetProcAddress failed",
7365.                    "krb5_c_encrypt",rc) ;
7366.         }
7367.         if (((FARPROC) p_krb5_c_decrypt =
7368.               GetProcAddress( hKRB5_32, "krb5_c_decrypt" )) == NULL )
7369.         {
7370.             rc = GetLastError() ;
7371.             debug(F111, "Kerberos GetProcAddress failed",
7372.                    "krb5_c_decrypt",rc) ;
7373.         }
7374.         if (((FARPROC) p_krb5_c_make_random_key =
7375.               GetProcAddress( hKRB5_32, "krb5_c_make_random_key" )) == NULL )
7376.         {
7377.             rc = GetLastError() ;
7378.             debug(F111, "Kerberos GetProcAddress failed",
7379.                    "krb5_c_make_random_key",rc) ;
7380.         }
7381.         if (((FARPROC) p_krb5_c_random_seed =
7382.               GetProcAddress( hKRB5_32, "krb5_c_random_seed" )) == NULL )
7383.         {
7384.             rc = GetLastError() ;
7385.             debug(F111, "Kerberos GetProcAddress failed",
7386.                    "krb5_c_random_seed",rc) ;
7387.         }
7388.         if (((FARPROC) p_krb5_c_block_size =
7389.               GetProcAddress( hKRB5_32, "krb5_c_block_size" )) == NULL )
7390.         {
7391.             rc = GetLastError() ;
7392.             debug(F111, "Kerberos GetProcAddress failed",
7393.                    "krb5_c_block_size",rc) ;
7394.         }
7395.         if (((FARPROC) p_krb5_c_encrypt_length =
7396.               GetProcAddress( hKRB5_32, "krb5_c_encrypt_length" )) == NULL )
7397.         {
7398.             rc = GetLastError() ;
7399.             debug(F111, "Kerberos GetProcAddress failed",
7400.                    "krb5_c_encrypt_length",rc) ;
7401.         }
7402.         if (((FARPROC) p_krb5_kt_default_name =
7403.               GetProcAddress( hKRB5_32, "krb5_kt_default_name" )) == NULL )
7404.         {
7405.             rc = GetLastError() ;
7406.             debug(F111, "Kerberos GetProcAddress failed",
7407.                    "krb5_kt_default_name",rc);
7408.         }
7409.  
7410.         if (((FARPROC) p_krb5_cc_get_principal =
7411.               GetProcAddress( hKRB5_32, "krb5_cc_get_principal" )) == NULL )
7412.         {
7413.             rc = GetLastError() ;
7414.             debug(F111, "Kerberos GetProcAddress failed",
7415.                    "krb5_cc_get_principal",rc);
7416.         }
7417.         if (((FARPROC) p_krb5_cc_store_cred =
7418.               GetProcAddress( hKRB5_32, "krb5_cc_store_cred" )) == NULL )
7419.         {
7420.             rc = GetLastError() ;
7421.             debug(F111, "Kerberos GetProcAddress failed",
7422.                    "krb5_cc_store_cred",rc);
7423.         }
7424.         if (((FARPROC) p_krb5_cc_initialize =
7425.               GetProcAddress( hKRB5_32, "krb5_cc_initialize" )) == NULL )
7426.         {
7427.             rc = GetLastError() ;
7428.             debug(F111, "Kerberos GetProcAddress failed",
7429.                    "krb5_cc_initialize",rc);
7430.         }
7431.         if (((FARPROC) p_krb5_cc_destroy =
7432.               GetProcAddress( hKRB5_32, "krb5_cc_destroy" )) == NULL )
7433.         {
7434.             rc = GetLastError() ;
7435.             debug(F111, "Kerberos GetProcAddress failed",
7436.                    "krb5_cc_destroy",rc);
7437.         }
7438.         if (((FARPROC) p_krb5_cc_end_seq_get =
7439.               GetProcAddress( hKRB5_32, "krb5_cc_end_seq_get" )) == NULL )
7440.         {
7441.             rc = GetLastError() ;
7442.             debug(F111, "Kerberos GetProcAddress failed",
7443.                    "krb5_cc_end_seq_get",rc);
7444.         }
7445.         if (((FARPROC) p_krb5_cc_next_cred =
7446.               GetProcAddress( hKRB5_32, "krb5_cc_next_cred" )) == NULL )
7447.         {
7448.             rc = GetLastError() ;
7449.             debug(F111, "Kerberos GetProcAddress failed",
7450.                    "krb5_cc_next_cred",rc);
7451.         }
7452.         if (((FARPROC) p_krb5_cc_start_seq_get =
7453.               GetProcAddress( hKRB5_32, "krb5_cc_start_seq_get" )) == NULL )
7454.         {
7455.             rc = GetLastError() ;
7456.             debug(F111, "Kerberos GetProcAddress failed",
7457.                    "krb5_cc_start_seq_get",rc);
7458.         }
7459.         if (((FARPROC) p_krb5_cc_get_type =
7460.               GetProcAddress( hKRB5_32, "krb5_cc_get_type" )) == NULL )
7461.         {
7462.             rc = GetLastError() ;
7463.             debug(F111, "Kerberos GetProcAddress failed",
7464.                    "krb5_cc_get_type",rc);
7465.         }
7466.         if (((FARPROC) p_krb5_cc_get_name =
7467.               GetProcAddress( hKRB5_32, "krb5_cc_get_name" )) == NULL )
7468.         {
7469.             rc = GetLastError() ;
7470.             debug(F111, "Kerberos GetProcAddress failed",
7471.                    "krb5_cc_get_name",rc);
7472.         }
7473.         if (((FARPROC) p_krb5_cc_set_flags =
7474.               GetProcAddress( hKRB5_32, "krb5_cc_set_flags" )) == NULL )
7475.         {
7476.             rc = GetLastError() ;
7477.             debug(F111, "Kerberos GetProcAddress failed",
7478.                    "krb5_cc_set_flags",rc);
7479.         }
7480.         if (((FARPROC) p_krb5_cc_close =
7481.               GetProcAddress( hKRB5_32, "krb5_cc_close" )) == NULL )
7482.         {
7483.             rc = GetLastError() ;
7484.             debug(F111, "Kerberos GetProcAddress failed",
7485.                    "krb5_cc_close",rc);
7486.         }
7487.  
7488.         if (((FARPROC) p_krb5_kt_get_type =
7489.               GetProcAddress( hKRB5_32, "krb5_kt_get_type" )) == NULL )
7490.         {
7491.             rc = GetLastError() ;
7492.             debug(F111, "Kerberos GetProcAddress failed",
7493.                    "krb5_kt_get_type",rc);
7494.         }
7495.         if (((FARPROC) p_krb5_kt_get_name =
7496.               GetProcAddress( hKRB5_32, "krb5_kt_get_name" )) == NULL )
7497.         {
7498.             rc = GetLastError() ;
7499.             debug(F111, "Kerberos GetProcAddress failed",
7500.                    "krb5_kt_get_name",rc);
7501.         }
7502.         if (((FARPROC) p_krb5_kt_close =
7503.               GetProcAddress( hKRB5_32, "krb5_kt_close" )) == NULL )
7504.         {
7505.             rc = GetLastError() ;
7506.             debug(F111, "Kerberos GetProcAddress failed",
7507.                    "krb5_kt_close",rc);
7508.         }
7509.         if (((FARPROC) p_krb5_kt_get_entry =
7510.               GetProcAddress( hKRB5_32, "krb5_kt_get_entry" )) == NULL )
7511.         {
7512.             rc = GetLastError() ;
7513.             debug(F111, "Kerberos GetProcAddress failed",
7514.                    "krb5_kt_get_entry",rc);
7515.         }
7516.         if (((FARPROC) p_krb5_kt_start_seq_get =
7517.               GetProcAddress( hKRB5_32, "krb5_kt_start_seq_get" )) == NULL )
7518.         {
7519.             rc = GetLastError() ;
7520.             debug(F111, "Kerberos GetProcAddress failed",
7521.                    "krb5_kt_start_seq_get",rc);
7522.         }
7523.         if (((FARPROC) p_krb5_kt_next_entry =
7524.               GetProcAddress( hKRB5_32, "krb5_kt_next_entry" )) == NULL )
7525.         {
7526.             rc = GetLastError() ;
7527.             debug(F111, "Kerberos GetProcAddress failed",
7528.                    "krb5_kt_next_entry",rc);
7529.         }
7530.         if (((FARPROC) p_krb5_kt_end_seq_get =
7531.               GetProcAddress( hKRB5_32, "krb5_kt_end_seq_get" )) == NULL )
7532.         {
7533.             rc = GetLastError() ;
7534.             debug(F111, "Kerberos GetProcAddress failed",
7535.                    "krb5_kt_end_seq_get",rc);
7536.         }
7537.         if (((FARPROC) p_krb5_build_principal =
7538.               GetProcAddress( hKRB5_32, "krb5_build_principal" )) == NULL )
7539.         {
7540.             rc = GetLastError() ;
7541.             debug(F111, "Kerberos GetProcAddress failed",
7542.                    "krb5_build_principal",rc);
7543.         }
7544.  
7545.         if ( load_error ) {
7546.             ck_krb5_loaddll_eh();
7547.             return 0;
7548.         }
7549.     }
7550.  
7551.     hPROFILE = LoadLibrary("XPPROF32") ;
7552.     if ( hPROFILE ) {
7553.         if (((FARPROC) p_profile_get_relation_names =
7554.               GetProcAddress( hPROFILE, "profile_get_relation_names" )) == NULL )
7555.         {
7556.             rc = GetLastError() ;
7557.             debug(F111, "Kerberos GetProcAddress failed",
7558.                    "profile_get_relation_names",rc) ;
7559.         }
7560.         if (((FARPROC) p_profile_get_subsection_names =
7561.               GetProcAddress( hPROFILE, "profile_get_subsection_names" )) == NULL )
7562.         {
7563.             rc = GetLastError() ;
7564.             debug(F111, "Kerberos GetProcAddress failed",
7565.                    "profile_get_subsection_names",rc) ;
7566.         }
7567.     }
7568. #else /* NT */
7569.     exe_path = GetLoadPath();
7570.     len = get_dir_len(exe_path);
7571.     if ( len + strlen("KRB5_32") + 4 > sizeof(path) )
7572.         return(0);
7573.     sprintf(path, "%.*s%s.DLL", len, exe_path,"KRB5_32");         /* safe */
7574.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB5_32);
7575.     if (rc) {
7576.         debug(F111, "Kerberos V LoadLibrary failed",fail,rc) ;
7577.         rc = DosLoadModule(fail, sizeof(fail), "KRB5_32", &hKRB5_32);
7578.     }
7579.     if (rc) {
7580.         debug(F111, "Kerberos V LoadLibrary failed",fail,rc) ;
7581.     } else {
7582.         exe_path = GetLoadPath();
7583.         len = get_dir_len(exe_path);
7584.         if ( len + strlen("COMERR32") + 4 > sizeof(path) )
7585.             return(0);
7586.         sprintf(path, "%.*s%s.DLL", len, exe_path,"COMERR32");         /* safe */
7587.         rc = DosLoadModule(fail, sizeof(fail), path, &hCOMERR32);
7588.         if (rc) {
7589.             debug(F111, "Kerberos V Common Error LoadLibrary failed",fail,rc) ;
7590.             rc = DosLoadModule(fail, sizeof(fail), "COMERR32", &hCOMERR32);
7591.         }
7592.         if (rc) {
7593.             debug(F111, "Kerberos V Common Error LoadLibrary failed",fail,rc) ;
7594.         } else {
7595.             exe_path = GetLoadPath();
7596.             len = get_dir_len(exe_path);
7597.             if ( len + strlen("EMX") + 4 > sizeof(path) )
7598.                 return(0);
7599.             sprintf(path, "%.*s%s.DLL", len, exe_path,"EMX");         /* safe */
7600.             rc = DosLoadModule(fail, sizeof(fail), path, &hEMX);
7601.             if (rc) {
7602.                 debug(F111, "EMX LoadLibrary failed",fail,rc) ;
7603.                 rc = DosLoadModule(fail, sizeof(fail), "EMX", &hEMX);
7604.             }
7605.  
7606.             if (rc) {
7607.                 debug(F111, "EMX LoadLibrary failed",fail,rc) ;
7608.             } else {
7609.                 if (rc = DosQueryProcAddr(hEMX,0,"emx_init",
7610.                                           (PFN*)&p_emx_init))
7611.                 {
7612.                     debug(F111,"EMX GetProcAddress failed","emx_init",rc);
7613.                 } else {
7614.                     debug(F100,"calling EMX init routines","",0);
7615.                     p_emx_init();
7616.                 }
7617.             }
7618.         }
7619.     }
7620.     if (rc) {
7621.         ck_krb5_loaddll_eh();
7622.     } else {
7623.         debug(F100,"Kerberos V support provided by MIT","",0);
7624.         if (rc = DosQueryProcAddr(hCOMERR32,0,"com_err",
7625.                                    (PFN*)&p_com_err))
7626.         {
7627.             debug(F111,"Kerberos V GetProcAddress failed","com_err",rc);
7628.             load_error = 1;
7629.         }
7630.         if (rc = DosQueryProcAddr(hCOMERR32,0,"com_err_va",
7631.                                    (PFN*)&p_com_err_va))
7632.         {
7633.             debug(F111,"Kerberos V GetProcAddress failed","com_err_va",rc);
7634.             load_error = 1;
7635.         }
7636.         if (rc = DosQueryProcAddr(hCOMERR32,0,"error_message",
7637.                                    (PFN*)&p_error_message))
7638.         {
7639.             debug(F111,"Kerberos V GetProcAddress failed","error_message",rc);
7640.             load_error = 1;
7641.         }
7642.         if (rc = DosQueryProcAddr(hKRB5_32,0,"decode_krb5_ticket",
7643.                                    (PFN*)&p_decode_krb5_ticket))
7644.         {
7645.             debug(F111,"Kerberos V GetProcAddress failed","decode_krb5_ticket",rc);
7646.             load_error = 1;
7647.         }
7648.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_decode_ticket",
7649.                                    (PFN*)&p_cygnus_decode_krb5_ticket))
7650.         {
7651.             debug(F111,"Kerberos V GetProcAddress failed","krb5_decode_ticket",rc);
7652.             load_error = 1;
7653.         }
7654.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_rep",
7655.                                    (PFN*)&p_krb5_mk_rep))
7656.         {
7657.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_rep",rc);
7658.             load_error = 1;
7659.         }
7660.  
7661.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_rep",
7662.                                    (PFN*)&p_krb5_mk_rep))
7663.         {
7664.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_rep",rc);
7665.             load_error = 1;
7666.         }
7667.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_authenticator",
7668.                                    (PFN*)&p_krb5_free_authenticator))
7669.         {
7670.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_authenticator",rc);
7671.             load_error = 1;
7672.         }
7673.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_verify_checksum",
7674.                                    (PFN*)&p_krb5_verify_checksum))
7675.         {
7676.             debug(F111,"Kerberos V GetProcAddress failed","krb5_verify_checksum",rc);
7677.             load_error = 1;
7678.         }
7679.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_req",
7680.                                    (PFN*)&p_krb5_rd_req))
7681.         {
7682.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_req",rc);
7683.             load_error = 1;
7684.         }
7685.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_creds",
7686.                                    (PFN*)&p_krb5_free_creds))
7687.         {
7688.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_creds",rc);
7689.             load_error = 1;
7690.         }
7691.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_data",
7692.                                    (PFN*)&p_krb5_free_data))
7693.         {
7694.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_data",rc);
7695.             load_error = 1;
7696.         }
7697.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_data_contents",
7698.                                    (PFN*)&p_krb5_free_data_contents))
7699.         {
7700.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_data_contents",rc);
7701.             load_error = 1;
7702.         }
7703.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_copy_keyblock",
7704.                                    (PFN*)&p_krb5_copy_keyblock))
7705.         {
7706.             debug(F111,"Kerberos V GetProcAddress failed","krb5_copy_keyblock",rc);
7707.             load_error = 1;
7708.         }
7709.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_keyblock",
7710.                                    (PFN*)&p_krb5_free_keyblock))
7711.         {
7712.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_keyblock",rc);
7713.             load_error = 1;
7714.         }
7715.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getlocalsubkey",
7716.                                    (PFN*)&p_krb5_auth_con_getlocalsubkey))
7717.         {
7718.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getlocalsubkey",rc);
7719.             load_error = 1;
7720.         }
7721.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_req_extended",
7722.                                    (PFN*)&p_krb5_mk_req_extended))
7723.         {
7724.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_req_extended",rc);
7725.             load_error = 1;
7726.         }
7727.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_req",
7728.                                    (PFN*)&p_krb5_mk_req))
7729.         {
7730.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_req",rc);
7731.             load_error = 1;
7732.         }
7733.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setflags",
7734.                                    (PFN*)&p_krb5_auth_con_setflags))
7735.         {
7736.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setflags",rc);
7737.             load_error = 1;
7738.         }
7739.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_init",
7740.                                    (PFN*)&p_krb5_auth_con_init))
7741.         {
7742.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_init",rc);
7743.             load_error = 1;
7744.         }
7745.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_free",
7746.                                    (PFN*)&p_krb5_auth_con_free))
7747.         {
7748.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_free",rc);
7749.             load_error = 1;
7750.         }
7751.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials",
7752.                                    (PFN*)&p_krb5_get_credentials))
7753.         {
7754.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials",rc);
7755.             load_error = 1;
7756.         }
7757.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_cred_contents",
7758.                                    (PFN*)&p_krb5_free_cred_contents))
7759.         {
7760.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_cred_contents",rc);
7761.             load_error = 1;
7762.         }
7763.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_sname_to_principal",
7764.                                    (PFN*)&p_krb5_sname_to_principal))
7765.         {
7766.             debug(F111,"Kerberos V GetProcAddress failed","krb5_sname_to_principal",rc);
7767.             load_error = 1;
7768.         }
7769.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_default",
7770.                                    (PFN*)&p_krb5_cc_default))
7771.         {
7772.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_default",rc);
7773.             load_error = 1;
7774.         }
7775.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_ap_rep_enc_part",
7776.                                    (PFN*)&p_krb5_free_ap_rep_enc_part))
7777.         {
7778.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_ap_rep_enc_part",rc);
7779.             load_error = 1;
7780.         }
7781.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_rep",
7782.                                    (PFN*)&p_krb5_rd_rep))
7783.         {
7784.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_rep",rc);
7785.             load_error = 1;
7786.         }
7787.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_init_context",
7788.                                    (PFN*)&p_krb5_init_context))
7789.         {
7790.             debug(F111,"Kerberos V GetProcAddress failed","krb5_init_context",rc);
7791.             load_error = 1;
7792.         }
7793.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_context",
7794.                                    (PFN*)&p_krb5_free_context))
7795.         {
7796.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_context",rc);
7797.             load_error = 1;
7798.         }
7799.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_principal",
7800.                                    (PFN*)&p_krb5_free_principal))
7801.         {
7802.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_principal",rc);
7803.             load_error = 1;
7804.         }
7805.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_unparsed_name",
7806.                                    (PFN*)&p_krb5_free_unparsed_name))
7807.         {
7808.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_unparsed_name",rc);
7809.         }
7810.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_fwd_tgt_creds",
7811.                                    (PFN*)&p_krb5_fwd_tgt_creds))
7812.         {
7813.             debug(F111,"Kerberos V GetProcAddress failed","krb5_fwd_tgt_creds",rc);
7814.             load_error = 1;
7815.         }
7816.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_genaddrs",
7817.                                    (PFN*)&p_krb5_auth_con_genaddrs))
7818.         {
7819.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_genaddrs",rc);
7820.             load_error = 1;
7821.         }
7822.         /* The DES functions are not required.  But if we do not have */
7823.         /* them and do not have the CRYPT DLL we will not be able to  */
7824.         /* perform mutual authentication.                             */
7825.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_ecb_encrypt",
7826.                                    (PFN*)&p_des_ecb_encrypt))
7827.         {
7828.             debug(F111,"Kerberos V GetProcAddress failed","des_ecb_encrypt",rc);
7829.         }
7830.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_pcbc_encrypt",
7831.                                    (PFN*)&p_des_pcbc_encrypt))
7832.         {
7833.             debug(F111,"Kerberos V GetProcAddress failed","des_pcbc_encrypt",rc);
7834.         }
7835.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_new_random_key",
7836.                                    (PFN*)&p_des_new_random_key))
7837.         {
7838.             debug(F111,"Kerberos V GetProcAddress failed","des_new_random_key",rc);
7839.         }
7840.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_key_sched",
7841.                                    (PFN*)&p_des_key_sched))
7842.         {
7843.             debug(F111,"Kerberos V GetProcAddress failed","des_key_sched",rc);
7844.         }
7845.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_set_random_generator_seed",
7846.                                    (PFN*)&p_des_set_random_generator_seed))
7847.         {
7848.             debug(F111,"Kerberos V GetProcAddress failed","des_set_random_generator_seed",rc);
7849.         }
7850.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_host_realm",
7851.                                    (PFN*)&p_krb5_get_host_realm))
7852.         {
7853.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_host_realm",rc);
7854.             load_error = 1;
7855.         }
7856.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_host_realm",
7857.                                    (PFN*)&p_krb5_free_host_realm))
7858.         {
7859.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_host_realm",rc);
7860.             load_error = 1;
7861.         }
7862.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_in_tkt_with_keytab",
7863.                                    (PFN*)&p_krb5_get_in_tkt_with_keytab))
7864.         {
7865.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_in_tkt_with_keytab",rc);
7866.             load_error = 1;
7867.         }
7868.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_in_tkt_with_password",
7869.                                    (PFN*)&p_krb5_get_in_tkt_with_password))
7870.         {
7871.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_in_tkt_with_password",rc);
7872.             load_error = 1;
7873.         }
7874.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_read_password",
7875.                                    (PFN*)&p_krb5_read_password))
7876.         {
7877.             debug(F111,"Kerberos V GetProcAddress failed","krb5_read_password",rc);
7878.             load_error = 1;
7879.         }
7880.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_build_principal_ext",
7881.                                    (PFN*)&p_krb5_build_principal_ext))
7882.         {
7883.             debug(F111,"Kerberos V GetProcAddress failed","krb5_build_principal_ext",rc);
7884.             load_error = 1;
7885.         }
7886.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_unparse_name",
7887.                                    (PFN*)&p_krb5_unparse_name))
7888.         {
7889.             debug(F111,"Kerberos V GetProcAddress failed","krb5_unparse_name",rc);
7890.             load_error = 1;
7891.         }
7892.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_parse_name",
7893.                                    (PFN*)&p_krb5_parse_name))
7894.         {
7895.             debug(F111,"Kerberos V GetProcAddress failed","krb5_parse_name",rc);
7896.             load_error = 1;
7897.         }
7898.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_resolve",
7899.                                    (PFN*)&p_krb5_cc_resolve))
7900.         {
7901.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_resolve",rc);
7902.             load_error = 1;
7903.         }
7904.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_default_name",
7905.                                    (PFN*)&p_krb5_cc_default_name))
7906.         {
7907.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_default_name",rc);
7908.         }
7909.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_string_to_timestamp",
7910.                                    (PFN*)&p_krb5_string_to_timestamp))
7911.         {
7912.             debug(F111,"Kerberos V GetProcAddress failed","krb5_string_to_timestamp",rc);
7913.             load_error = 1;
7914.         }
7915.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_resolve",
7916.                                    (PFN*)&p_krb5_kt_resolve))
7917.         {
7918.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_resolve",rc);
7919.             load_error = 1;
7920.         }
7921.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_string_to_deltat",
7922.                                    (PFN*)&p_krb5_string_to_deltat))
7923.         {
7924.             debug(F111,"Kerberos V GetProcAddress failed","krb5_string_to_deltat",rc);
7925.             load_error = 1;
7926.         }
7927.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_timeofday",
7928.                                    (PFN*)&p_krb5_timeofday))
7929.         {
7930.             debug(F111,"Kerberos V GetProcAddress failed","krb5_timeofday",rc);
7931.             load_error = 1;
7932.         }
7933.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials_renew",
7934.                                    (PFN*)&p_krb5_get_credentials_renew))
7935.         {
7936.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials_renew",rc);
7937.             load_error = 1;
7938.         }
7939.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials_validate",
7940.                                    (PFN*)&p_krb5_get_credentials_validate))
7941.         {
7942.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials_validate",rc);
7943.             load_error = 1;
7944.         }
7945.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_copy_principal",
7946.                                    (PFN*)&p_krb5_copy_principal))
7947.         {
7948.             debug(F111,"Kerberos V GetProcAddress failed","krb5_copy_principal",rc);
7949.             load_error = 1;
7950.         }
7951.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_timestamp_to_sfstring",
7952.                                    (PFN*)&p_krb5_timestamp_to_sfstring))
7953.         {
7954.             debug(F111,"Kerberos V GetProcAddress failed","krb5_timestamp_to_sfstring",rc);
7955.             load_error = 1;
7956.         }
7957.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_default",
7958.                                    (PFN*)&p_krb5_kt_default))
7959.         {
7960.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_default",rc);
7961.             load_error = 1;
7962.         }
7963.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_ticket",
7964.                                    (PFN*)&p_krb5_free_ticket))
7965.         {
7966.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_ticket",rc);
7967.             load_error = 1;
7968.         }
7969. #ifdef CHECKADDRS
7970.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_os_localaddr",
7971.                                    (PFN*)&p_krb5_os_localaddr))
7972.         {
7973.             debug(F111,"Kerberos V GetProcAddress failed","krb5_os_localaddr",rc);
7974.             load_error = 1;
7975.         }
7976.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_address_search",
7977.                                    (PFN*)&p_krb5_address_search))
7978.         {
7979.             debug(F111,"Kerberos V GetProcAddress failed","krb5_address_search",rc);
7980.             /* This is not a fatal error since we expect that most builds */
7981.             /* of krb5 dll will have an error in the export list that     */
7982.             /* prevents this function from being found.  Therefore a      */
7983.             /* built in version is used if it is missing                  */
7984.         }
7985.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_addresses",
7986.                                    (PFN*)&p_krb5_free_addresses))
7987.         {
7988.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_addresses",rc);
7989.             load_error = 1;
7990.         }
7991. #endif /* CHECKADDRS */
7992.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getremotesubkey",
7993.                                    (PFN*)&p_krb5_auth_con_getremotesubkey))
7994.         {
7995.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getremotesubkey",rc);
7996.             load_error = 1;
7997.         }
7998.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getkey",
7999.                                    (PFN*)&p_krb5_auth_con_getkey))
8000.         {
8001.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getkey",rc);
8002.             load_error = 1;
8003.         }
8004.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getauthenticator",
8005.                                    (PFN*)&p_krb5_auth_con_getauthenticator))
8006.         {
8007.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getauthenticator",rc);
8008.             load_error = 1;
8009.         }
8010.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setrcache",
8011.                                    (PFN*)&p_krb5_auth_con_setrcache))
8012.         {
8013.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setrcache",rc);
8014.         }
8015.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_server_rcache",
8016.                                    (PFN*)&p_krb5_get_server_rcache))
8017.         {
8018.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_server_rcache",rc);
8019.         }
8020.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getrcache",
8021.                                    (PFN*)&p_krb5_auth_con_getrcache))
8022.         {
8023.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getrcache",rc);
8024.         }
8025.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_tgt_creds",
8026.                                    (PFN*)&p_krb5_free_tgt_creds))
8027.         {
8028.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_tgt_creds",rc);
8029.         }
8030.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_cred",
8031.                                    (PFN*)&p_krb5_rd_cred))
8032.         {
8033.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_cred",rc);
8034.         }
8035.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_enctype_compare",
8036.                                    (PFN*)&p_krb5_c_enctype_compare))
8037.         {
8038.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_enctype_compare",rc);
8039.         }
8040.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_error",
8041.                                    (PFN*)&p_krb5_free_error))
8042.         {
8043.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_error",rc);
8044.         }
8045.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_sendauth",
8046.                                    (PFN*)&p_krb5_sendauth))
8047.         {
8048.             debug(F111,"Kerberos V GetProcAddress failed","krb5_sendauth",rc);
8049.         }
8050.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_process_key",
8051.                                    (PFN*)&p_krb5_process_key))
8052.         {
8053.             debug(F111,"Kerberos V GetProcAddress failed","krb5_process_key",rc);
8054.         }
8055.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_use_enctype",
8056.                                    (PFN*)&p_krb5_use_enctype))
8057.         {
8058.             debug(F111,"Kerberos V GetProcAddress failed","krb5_use_enctype",rc);
8059.         }
8060.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_encrypt",
8061.                                    (PFN*)&p_krb5_encrypt))
8062.         {
8063.             debug(F111,"Kerberos V GetProcAddress failed","krb5_encrypt",rc);
8064.         }
8065.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_decrypt",
8066.                                    (PFN*)&p_krb5_decrypt))
8067.         {
8068.             debug(F111,"Kerberos V GetProcAddress failed","krb5_decrypt",rc);
8069.         }
8070.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_encrypt_size",
8071.                                    (PFN*)&p_krb5_encrypt_size))
8072.         {
8073.             debug(F111,"Kerberos V GetProcAddress failed","krb5_encrypt_size",rc);
8074.         }
8075.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kuserok",
8076.                                    (PFN*)&p_krb5_kuserok))
8077.         {
8078.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kuserok",rc);
8079.         }
8080.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_appdefault_boolean",
8081.                                    (PFN*)&p_krb5_appdefault_boolean))
8082.         {
8083.             debug(F111,"Kerberos V GetProcAddress failed","krb5_appdefault_boolean",rc);
8084.         }
8085.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_appdefault_string",
8086.                                    (PFN*)&p_krb5_appdefault_string))
8087.         {
8088.             debug(F111,"Kerberos V GetProcAddress failed","krb5_appdefault_string",rc);
8089.         }
8090.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_renewed_creds",
8091.                                    (PFN*)&p_krb5_get_renewed_creds))
8092.         {
8093.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_renewed_creds",rc);
8094.         }
8095.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_validated_creds",
8096.                                    (PFN*)&p_krb5_get_validated_creds))
8097.         {
8098.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_validated_creds",rc);
8099.         }
8100.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_password",
8101.                                    (PFN*)&p_krb5_get_init_creds_password))
8102.         {
8103.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_password",rc);
8104.         }
8105.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_address_list",
8106.                                    (PFN*)&p_krb5_get_init_creds_opt_set_address_list))
8107.         {
8108.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_address_list",rc);
8109.         }
8110.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_tkt_life",
8111.                                    (PFN*)&p_krb5_get_init_creds_opt_set_tkt_life))
8112.         {
8113.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_tkt_life",rc);
8114.         }
8115.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_forwardable",
8116.                                    (PFN*)&p_krb5_get_init_creds_opt_set_forwardable))
8117.         {
8118.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_forwardable",rc);
8119.         }
8120.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_proxiable",
8121.                                    (PFN*)&p_krb5_get_init_creds_opt_set_proxiable))
8122.         {
8123.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_proxiable",rc);
8124.         }
8125.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_renew_life",
8126.                                    (PFN*)&p_krb5_get_init_creds_opt_set_renew_life))
8127.         {
8128.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_renew_life",rc);
8129.         }
8130.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_init",
8131.                                    (PFN*)&p_krb5_get_init_creds_opt_init))
8132.         {
8133.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_init",rc);
8134.         }
8135.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_etype_list",
8136.                                    (PFN*)&p_krb5_get_init_creds_opt_set_etype_list))
8137.         {
8138.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_etype_list",rc);
8139.         }
8140.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_preauth_list",
8141.                                    (PFN*)&p_krb5_get_init_creds_opt_set_preauth_list))
8142.         {
8143.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_preauth_list",rc);
8144.         }
8145.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_salt",
8146.                                    (PFN*)&p_krb5_get_init_creds_opt_set_salt))
8147.         {
8148.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_salt",rc);
8149.         }
8150.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_safe",
8151.                                    (PFN*)&p_krb5_rd_safe))
8152.         {
8153.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_safe",rc);
8154.             load_error = 1;
8155.         }
8156.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_safe",
8157.                                    (PFN*)&p_krb5_mk_safe))
8158.         {
8159.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_safe",rc);
8160.             load_error = 1;
8161.         }
8162.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_priv",
8163.                                    (PFN*)&p_krb5_rd_priv))
8164.         {
8165.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_priv",rc);
8166.             load_error = 1;
8167.         }
8168.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_priv",
8169.                                    (PFN*)&p_krb5_mk_priv))
8170.         {
8171.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_priv",rc);
8172.             load_error = 1;
8173.         }
8174.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setuseruserkey",
8175.                                    (PFN*)&p_krb5_auth_con_setuseruserkey))
8176.         {
8177.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setuseruserkey",rc);
8178.             load_error = 1;
8179.         }
8180.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_profile",
8181.                                    (PFN*)&p_krb5_get_profile))
8182.         {
8183.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_profile",rc);
8184.         }
8185.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_keyblock_contents",
8186.                                    (PFN*)&p_krb5_free_keyblock_contents))
8187.         {
8188.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_keyblock_contents",rc);
8189.         }
8190.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_encrypt",
8191.                                    (PFN*)&p_krb5_c_encrypt))
8192.         {
8193.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_encrypt",rc);
8194.         }
8195.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_decrypt",
8196.                                    (PFN*)&p_krb5_c_decrypt))
8197.         {
8198.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_decrypt",rc);
8199.         }
8200.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_make_random_key",
8201.                                    (PFN*)&p_krb5_c_make_random_key))
8202.         {
8203.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_make_random_key",rc);
8204.         }
8205.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_random_seed",
8206.                                    (PFN*)&p_krb5_c_random_seed))
8207.         {
8208.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_random_seed",rc);
8209.         }
8210.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_block_size",
8211.                                    (PFN*)&p_krb5_c_block_size))
8212.         {
8213.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_block_size",rc);
8214.         }
8215.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_encrypt_length",
8216.                                    (PFN*)&p_krb5_c_encrypt_length))
8217.         {
8218.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_encrypt_length",rc);
8219.         }
8220.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_default_name",
8221.                                    (PFN*)&p_krb5_kt_default_name))
8222.         {
8223.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_default_name",rc);
8224.         }
8225.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_principal",
8226.                                    (PFN*)&p_krb5_cc_get_principal))
8227.         {
8228.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_principal",rc);
8229.         }
8230.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_store_cred",
8231.                                    (PFN*)&p_krb5_cc_store_cred))
8232.         {
8233.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_store_cred",rc);
8234.         }
8235.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_initialize",
8236.                                    (PFN*)&p_krb5_cc_initialize))
8237.         {
8238.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_initialize",rc);
8239.         }
8240.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_destroy",
8241.                                    (PFN*)&p_krb5_cc_destroy))
8242.         {
8243.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_destroy",rc);
8244.         }
8245.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_end_seq_get",
8246.                                    (PFN*)&p_krb5_cc_end_seq_get))
8247.         {
8248.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_end_seq_get",rc);
8249.         }
8250.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_next_cred",
8251.                                    (PFN*)&p_krb5_cc_next_cred))
8252.         {
8253.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_next_cred",rc);
8254.         }
8255.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_start_seq_get",
8256.                                    (PFN*)&p_krb5_cc_start_seq_get))
8257.         {
8258.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_start_seq_get",rc);
8259.         }
8260.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_type",
8261.                                    (PFN*)&p_krb5_cc_get_type))
8262.         {
8263.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_type",rc);
8264.         }
8265.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_name",
8266.                                    (PFN*)&p_krb5_cc_get_name))
8267.         {
8268.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_name",rc);
8269.         }
8270.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_set_flags",
8271.                                    (PFN*)&p_krb5_cc_set_flags))
8272.         {
8273.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_set_flags",rc);
8274.         }
8275.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_close",
8276.                                    (PFN*)&p_krb5_cc_close))
8277.         {
8278.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_close",rc);
8279.         }
8280.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_type",
8281.                                    (PFN*)&p_krb5_kt_get_type))
8282.         {
8283.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_type",rc);
8284.         }
8285.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_name",
8286.                                    (PFN*)&p_krb5_kt_get_name))
8287.         {
8288.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_name",rc);
8289.         }
8290.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_close",
8291.                                    (PFN*)&p_krb5_kt_close))
8292.         {
8293.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_close",rc);
8294.         }
8295.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_entry",
8296.                                    (PFN*)&p_krb5_kt_get_entry))
8297.         {
8298.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_entry",rc);
8299.         }
8300.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_start_seq_get",
8301.                                    (PFN*)&p_krb5_kt_start_seq_get))
8302.         {
8303.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_start_seq_get",rc);
8304.         }
8305.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_next_entry",
8306.                                    (PFN*)&p_krb5_kt_next_entry))
8307.         {
8308.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_next_entry",rc);
8309.         }
8310.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_end_seq_get",
8311.                                    (PFN*)&p_krb5_kt_end_seq_get))
8312.         {
8313.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_end_seq_get",rc);
8314.         }
8315.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_build_principal",
8316.                                    (PFN*)&p_krb5_build_principal))
8317.         {
8318.             debug(F111,"Kerberos V GetProcAddress failed","krb5_build_principal",rc);
8319.         }
8320.     }
8321.  
8322.     exe_path = GetLoadPath();
8323.     len = get_dir_len(exe_path);
8324.     if ( len + strlen("XPPROF32") + 4 > sizeof(path) )
8325.         return(0);
8326.     sprintf(path, "%.*s%s.DLL", len, exe_path,"XPPROF32");         /* safe */
8327.     rc = DosLoadModule(fail, sizeof(fail), path, &hPROFILE);
8328.     if (rc) {
8329.         debug(F111, "Kerberos V Profile LoadLibrary failed",fail,rc) ;
8330.         rc = DosLoadModule(fail, sizeof(fail), "XPPROF32", &hPROFILE);
8331.     }
8332.  
8333.     if ( rc ) {
8334.         debug(F111, "Kerberos V Profile LoadLibrary failed",fail,rc) ;
8335.     } else {
8336.         if (rc = DosQueryProcAddr(hPROFILE,0,"profile_get_relation_names",
8337.                                    (PFN*)&p_profile_get_relation_names))
8338.         {
8339.             debug(F111,"Kerberos V GetProcAddress failed","profile_get_relation_names",rc);
8340.         }
8341.         if (rc = DosQueryProcAddr(hPROFILE,0,"profile_get_subsection_names",
8342.                                    (PFN*)&p_profile_get_subsection_names))
8343.         {
8344.             debug(F111,"Kerberos V GetProcAddress failed","profile_get_subsection_names",rc);
8345.         }
8346.     }
8347. #endif /* NT */
8348.  
8349.     if ( deblog ) {
8350.         if ( hKRB5_32 ) {
8351.             if ( cygnus )
8352.                 printf("Cygnus Kerberos 5 available\n");
8353.             else
8354.                 printf("MIT Kerberos 5 available\n");
8355.         }
8356.         if ( hKRB524 )
8357.             printf("MIT Kerberos 524 available\n");
8358.     }
8359.  
8360.     /* Attempt to load a krb5_principal_to_userid() function */
8361. #ifdef NT
8362.     hKRB52UID = LoadLibrary("KRB52UID");
8363.     if ( hKRB52UID ) {
8364.         if (((FARPROC) p_k95_k5_principal_to_localname =
8365.               GetProcAddress( hKRB52UID, "krb5_principal_to_localname" )) == NULL )
8366.         {
8367.             rc = GetLastError() ;
8368.             debug(F111,"KRB52UID GetProcAddress failed",
8369.                    "krb5_principal_to_localname",rc);
8370.         }
8371.         if (((FARPROC) p_k95_k5_userok =
8372.               GetProcAddress( hKRB52UID, "krb5_kuserok" )) == NULL )
8373.         {
8374.             rc = GetLastError() ;
8375.             debug(F111,"KRB52UID GetProcAddress failed","krb5_kuserok",rc);
8376.         }
8377.     }
8378.  
8379.     /* Initialize Kerberos 5 ticket options based upon MIT Leash selections */
8380.     hLEASH = LoadLibrary("LEASHW32");
8381.     if ( hLEASH )
8382.     {
8383.         DWORD (* pLeash_get_default_lifetime)(void);
8384.         DWORD (* pLeash_get_default_forwardable)(void);
8385.         DWORD (* pLeash_get_default_proxiable)(void);
8386.         DWORD (* pLeash_get_default_renewable)(void);
8387.         DWORD (* pLeash_get_default_renew_till)(void);
8388.         DWORD (* pLeash_get_default_noaddresses)(void);
8389.         DWORD (* pLeash_get_default_publicip)(void);
8390.         DWORD (* pLeash_get_default_use_krb4)(void);
8391.  
8392.         (FARPROC) pLeash_get_default_lifetime =
8393.             GetProcAddress(hLEASH, "Leash_get_default_lifetime");
8394.         (FARPROC) pLeash_get_default_forwardable =
8395.             GetProcAddress(hLEASH, "Leash_get_default_forwardable");
8396.         (FARPROC) pLeash_get_default_proxiable =
8397.             GetProcAddress(hLEASH, "Leash_get_default_proxiable");
8398.         (FARPROC) pLeash_get_default_renewable =
8399.             GetProcAddress(hLEASH, "Leash_get_default_renewable");
8400.         (FARPROC) pLeash_get_default_renew_till =
8401.             GetProcAddress(hLEASH, "Leash_get_default_renew_till");
8402.         (FARPROC) pLeash_get_default_noaddresses =
8403.             GetProcAddress(hLEASH, "Leash_get_default_noaddresses");
8404.         (FARPROC) pLeash_get_default_publicip =
8405.             GetProcAddress(hLEASH, "Leash_get_default_publicip");
8406.         (FARPROC) pLeash_get_default_use_krb4 =
8407.             GetProcAddress(hLEASH, "Leash_get_default_use_krb4");
8408.  
8409.         if ( pLeash_get_default_lifetime )
8410.             krb5_d_lifetime =    pLeash_get_default_lifetime();
8411.         if ( pLeash_get_default_forwardable )
8412.             krb5_d_forwardable = pLeash_get_default_forwardable();
8413.         if ( pLeash_get_default_proxiable )
8414.             krb5_d_proxiable   = pLeash_get_default_proxiable();
8415.         if ( pLeash_get_default_renewable && pLeash_get_default_renew_till)
8416.             krb5_d_renewable   = pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0;
8417.         if ( pLeash_get_default_noaddresses )
8418.             krb5_d_no_addresses = pLeash_get_default_noaddresses();
8419.         if ( pLeash_get_default_publicip && pLeash_get_default_publicip() )
8420.         {
8421.             DWORD dwValue = pLeash_get_default_publicip();
8422.             int i;
8423.             char buf[17];
8424.             for ( i = 0;
8425.                   i < KRB5_NUM_OF_ADDRS && krb5_d_addrs[i];
8426.                   i++) {
8427.                 if (krb5_d_addrs[i])
8428.                     free(krb5_d_addrs[i]);
8429.                 krb5_d_addrs[i] = NULL;
8430.             }
8431.  
8432.             sprintf(buf,"%d.%d.%d.%d",
8433.                      (dwValue&0xFF000000)>>24,
8434.                      (dwValue&0x00FF0000)>>16,
8435.                      (dwValue&0x0000FF00)>>8,
8436.                      (dwValue&0x000000FF));
8437.             makestr(&krb5_d_addrs[0],buf);
8438.         }
8439.         if ( pLeash_get_default_use_krb4 )
8440.             krb5_d_getk4 = pLeash_get_default_use_krb4();
8441.         FreeLibrary(hLEASH);
8442.     }
8443. #else /* NT */
8444.     dllname = "KRB52UID";
8445.     len = get_dir_len(exe_path);
8446.     if ( len + strlen(dllname) + 4 > sizeof(path) )
8447.         return(0);
8448.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);
8449.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB52UID);
8450.     if (rc) {
8451.         debug(F111, "KRB52UID LoadLibrary failed",fail,rc) ;
8452.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB52UID);
8453.     }
8454.     if ( rc ) {
8455.         debug(F111, "KRB52UID LoadLibrary failed",fail,rc) ;
8456.     } else {
8457.         if (rc = DosQueryProcAddr( hKRB52UID, 0, "krb5_principal_to_userid",
8458.                                   (PFN*) &p_k95_k5_principal_to_localname))
8459.         {
8460.             debug(F111,"KRB52UID GetProcAddress failed",
8461.                   "krb5_principal_to_userid",rc);
8462.         }
8463.         if (rc = DosQueryProcAddr( hKRB52UID, 0, "krb5_userok",
8464.                                   (PFN*) &p_k95_k5_userok))
8465.         {
8466.             debug(F111,"KRB52UID GetProcAddress failed",
8467.                   "krb5_userok",rc);
8468.         }
8469.     }
8470. #endif /* NT */
8471.  
8472.     return(1);
8473. #else /* KRB5 */
8474.     return(0);
8475. #endif /* KRB5 */
8476. }
8477.  
8478. #ifdef CK_SRP
8479. #ifdef SRPDLL
8480. static HINSTANCE hSRP = NULL;
8481. static int srp_dll_loaded = 0;
8482. #endif /* SRPDLL */
8483.  
8484. static int
8485. ck_srp_loaddll( void )
8486. {
8487. #ifdef SRPDLL
8488.     ULONG rc = 0 ;
8489.     int load_error = 0;
8490. #ifdef NT
8491.     hSRP = LoadLibrary("SRP");
8492.     if ( !hSRP ) {
8493.         rc = GetLastError() ;
8494.         debug(F111, "SRP LoadLibrary failed","SRP",rc) ;
8495.     } else {
8496.         if (((FARPROC) p_t_clientresponse =
8497.               GetProcAddress( hSRP, "t_clientresponse" )) == NULL )
8498.         {
8499.             rc = GetLastError() ;
8500.             debug(F111, "SRP GetProcAddress failed","t_clientresponse",rc) ;
8501.             load_error = 1;
8502.         }
8503.         if (((FARPROC) p_t_clientgetkey =
8504.               GetProcAddress( hSRP, "t_clientgetkey" )) == NULL )
8505.         {
8506.             rc = GetLastError() ;
8507.             debug(F111, "SRP GetProcAddress failed","t_clientgetkey",rc) ;
8508.             load_error = 1;
8509.         }
8510.         if (((FARPROC) p_t_clientpasswd =
8511.               GetProcAddress( hSRP, "t_clientpasswd" )) == NULL )
8512.         {                                                                      x2
8513.             rc = GetLastError() ;
8514.             debug(F111, "SRP GetProcAddress failed","t_clientpasswd",rc) ;
8515.             load_error = 1;
8516.         }
8517.         if (((FARPROC) p_t_clientgenexp =
8518.               GetProcAddress( hSRP, "t_clientgenexp" )) == NULL )
8519.         {
8520.             rc = GetLastError() ;
8521.             debug(F111, "SRP GetProcAddress failed","t_clientgenexp",rc) ;
8522.             load_error = 1;
8523.         }
8524.         if (((FARPROC) p_t_clientopen =
8525.               GetProcAddress( hSRP, "t_clientopen" )) == NULL )
8526.         {
8527.             rc = GetLastError() ;
8528.             debug(F111, "SRP GetProcAddress failed","t_clientopen",rc) ;
8529.             load_error = 1;
8530.         }
8531.         if (((FARPROC) p_t_clientverify =
8532.               GetProcAddress( hSRP, "t_clientverify" )) == NULL )
8533.         {
8534.             rc = GetLastError() ;
8535.             debug(F111, "SRP GetProcAddress failed","t_clientverify",rc) ;
8536.             load_error = 1;
8537.         }
8538.  
8539.         if ( load_error ) {
8540.             ck_srp_loaddll_eh();
8541.             return 0;
8542.         }
8543.         if ( deblog )
8544.             printf("SRP available\n");
8545.     }
8546. #else /* NT */
8547.     Not yet implemented
8548. #endif /* NT */
8549. #else /* SRPDLL */
8550.     if ( deblog )
8551.         printf("SRP available\n");
8552. #endif /* SRPDLL */
8553.     return(1);
8554. }
8555.  
8556. #ifdef SRPDLL
8557. static void
8558. ck_srp_loaddll_eh( void )
8559. {
8560.     if ( hSRP ) {
8561. #ifdef NT
8562.         FreeLibrary(hSRP);
8563.         hSRP = NULL;
8564. #else /* NT */
8565.         DosFreeModule(hSRP);
8566.         hSRP = 0;
8567. #endif /* NT */
8568.     }
8569. #ifdef SRP
8570.     p_t_clientresponse=NULL;
8571.     p_t_clientgetkey=NULL;
8572.     p_t_clientpasswd=NULL;
8573.     p_t_clientgenexp=NULL;
8574.     p_t_clientopen=NULL;
8575.     p_t_clientverify=NULL;
8576. #endif /* SRP */
8577. }
8578. #endif /* SRPDLL */
8579.  
8580. int
8581. ck_srp_unloaddll( void )
8582. {
8583. #ifdef SRPDLL
8584.     if ( !srp_dll_loaded )
8585.         return(1);
8586.  
8587.     /* unload dlls */
8588.     ck_srp_dll_loaddll_eh();
8589.  
8590.     /* success */
8591.     srp_dll_loaded = 0;
8592. #endif /* SRPDLL */
8593.     return(1);
8594. }
8595.  
8596. #include <krypto.h>
8597.  
8598. static struct _cipher_desc * (*p_cipher_getdescbyid)(unsigned char id)=NULL;
8599. static unsigned char * (*p_cipher_getlist)()=NULL;
8600. static struct _cipher_desc * (*p_cipher_getdescbyname)(char * name)=NULL;
8601. static struct _hash_desc * (*p_hash_getdescbyid)(unsigned char id)=NULL;
8602. static unsigned char * (*p_hash_getlist)()=NULL;
8603. static struct _hash_desc * (*p_hash_getdescbyname)(char * name)=NULL;
8604. static void (*p_krypto_delete)(krypto_context * cc)=NULL;
8605. static krypto_context * (*p_krypto_new)( unsigned cid, unsigned hid,
8606.                                          unsigned char *key, unsigned keylen,
8607.                                          unsigned char *iv, unsigned ivlen,
8608.                                          unsigned char *seq, unsigned state)=NULL;
8609. static int (*p_hash_supported)(unsigned char * a, unsigned char b)=NULL;
8610. static int (*p_cipher_supported)(unsigned char *a, unsigned char b)=NULL;
8611. static int (*p_krypto_msg_safe)(krypto_context *cc, unsigned char *in,
8612.                                  unsigned char * out, int len)=NULL;
8613. static int (*p_krypto_msg_priv)(krypto_context *cc, unsigned char *in,
8614.                                  unsigned char * out, int len)=NULL;
8615.  
8616. struct _cipher_desc *
8617. ck_cipher_getdescbyid(unsigned char id)
8618. {
8619.     if ( p_cipher_getdescbyid )
8620.         return(p_cipher_getdescbyid(id));
8621.     else
8622.         return(NULL);
8623. }
8624.  
8625. unsigned char *
8626. ck_cipher_getlist()
8627. {
8628.     if ( p_cipher_getlist )
8629.         return(p_cipher_getlist());
8630.     else
8631.         return(NULL);
8632. }
8633.  
8634. struct _cipher_desc *
8635. ck_cipher_getdescbyname(char * name)
8636. {
8637.     if ( p_cipher_getdescbyname )
8638.         return(p_cipher_getdescbyname(name));
8639.     else
8640.         return(NULL);
8641. }
8642.  
8643. struct _hash_desc *
8644. ck_hash_getdescbyid(unsigned char id)
8645. {
8646.     if ( p_hash_getdescbyid )
8647.         return(p_hash_getdescbyid(id));
8648.     return(NULL);
8649. }
8650.  
8651. unsigned char *
8652. ck_hash_getlist()
8653. {
8654.     if ( p_hash_getlist )
8655.         return(p_hash_getlist());
8656.     else
8657.         return(NULL);
8658. }
8659.  
8660. struct _hash_desc *
8661. ck_hash_getdescbyname(char * name)
8662. {
8663.     if ( p_hash_getdescbyname )
8664.         return(p_hash_getdescbyname(name));
8665.     else
8666.         return(NULL);
8667. }
8668.  
8669. void
8670. ck_krypto_delete(krypto_context * cc)
8671. {
8672.     if ( p_krypto_delete && cc)
8673.         p_krypto_delete(cc);
8674. }
8675.  
8676. krypto_context *
8677. ck_krypto_new( unsigned cid, unsigned hid,
8678.                unsigned char *key, unsigned keylen,
8679.                unsigned char *iv, unsigned ivlen,
8680.                unsigned char *seq, unsigned state)
8681. {
8682.     if ( p_krypto_new )
8683.         return(p_krypto_new(cid, hid, key, keylen, iv, ivlen, seq, state));
8684.     else
8685.         return(NULL);
8686. }
8687.  
8688. int
8689. ck_hash_supported(unsigned char * a, unsigned char b)
8690. {
8691.     if ( p_hash_supported )
8692.         return(p_hash_supported(a,b));
8693.     else
8694.         return(0);
8695. }
8696.  
8697. int
8698. ck_cipher_supported(unsigned char *a, unsigned char b)
8699. {
8700.     if ( p_cipher_supported )
8701.         return(p_cipher_supported(a,b));
8702.     else
8703.         return(0);
8704. }
8705.  
8706. int
8707. ck_krypto_msg_safe(krypto_context *cc, unsigned char *in,
8708.                     unsigned char * out, int len)
8709. {
8710.     if ( p_krypto_msg_safe )
8711.         return(p_krypto_msg_safe(cc,in,out,len));
8712.     else
8713.         return(-1);
8714. }
8715.  
8716. int
8717. ck_krypto_msg_priv(krypto_context *cc, unsigned char *in,
8718.                     unsigned char * out, int len)
8719. {
8720.     if ( p_krypto_msg_priv )
8721.         return(p_krypto_msg_priv(cc,in,out,len));
8722.     else
8723.         return(-1);
8724. }
8725.  
8726. static int krypto_loaded=0;
8727. #ifdef NT
8728. HINSTANCE hLIBKRYPTO = NULL;
8729. #else
8730. HMODULE hLIBKRYPTO = 0;
8731. #endif /* NT */
8732.  
8733. static void
8734. load_krypto_eh()
8735. {
8736.     if ( hLIBKRYPTO ) {
8737. #ifdef NT
8738.         FreeLibrary(hLIBKRYPTO);
8739.         hLIBKRYPTO = NULL;
8740. #else
8741.         DosFreeModule(hLIBKRYPTO);
8742.         hLIBKRYPTO = 0;
8743. #endif /* NT */
8744.     }
8745.  
8746.     p_cipher_getdescbyid   = NULL;
8747.     p_cipher_getlist       = NULL;
8748.     p_cipher_getdescbyname = NULL;
8749.     p_hash_getdescbyid     = NULL;
8750.     p_hash_getlist         = NULL;
8751.     p_hash_getdescbyname   = NULL;
8752.     p_krypto_delete        = NULL;
8753.     p_krypto_new           = NULL;
8754.     p_hash_supported       = NULL;
8755.     p_cipher_supported     = NULL;
8756.     p_krypto_msg_safe      = NULL;
8757.     p_krypto_msg_priv      = NULL;
8758.  
8759.     krypto_loaded = 0;
8760. }
8761.  
8762.  
8763. static int
8764. ck_krypto_loaddll()
8765. {
8766.     ULONG rc = 0;
8767.     int load_error = 0;
8768.  
8769. #ifdef OS2ONLY
8770.     CHAR *exe_path;
8771.     CHAR path[256];
8772.     CHAR * dllname = "KRYPTO";
8773. #endif /* OS2ONLY */
8774.  
8775.     if ( krypto_loaded )
8776.         return(1);
8777.  
8778. #ifdef NT
8779.     hLIBKRYPTO = LoadLibrary("KRYPTO");
8780.     if ( !hLIBKRYPTO )
8781.         return(0);
8782.  
8783.     if (((FARPROC) p_cipher_getdescbyid =
8784.           GetProcAddress( hLIBKRYPTO, "cipher_getdescbyid" )) == NULL )
8785.     {
8786.         rc = GetLastError() ;
8787.         load_error = 1;
8788.     }
8789.     if (((FARPROC) p_cipher_getlist =
8790.           GetProcAddress( hLIBKRYPTO, "cipher_getlist" )) == NULL )
8791.     {
8792.         rc = GetLastError() ;
8793.         load_error = 1;
8794.     }
8795.     if (((FARPROC) p_cipher_getdescbyname =
8796.           GetProcAddress( hLIBKRYPTO, "cipher_getdescbyname" )) == NULL )
8797.     {
8798.         rc = GetLastError() ;
8799.         load_error = 1;
8800.     }
8801.     if (((FARPROC) p_hash_getdescbyid =
8802.           GetProcAddress( hLIBKRYPTO, "hash_getdescbyid" )) == NULL )
8803.     {
8804.         rc = GetLastError() ;
8805.         load_error = 1;
8806.     }
8807.     if (((FARPROC) p_hash_getlist =
8808.           GetProcAddress( hLIBKRYPTO, "hash_getlist" )) == NULL )
8809.     {
8810.         rc = GetLastError() ;
8811.         load_error = 1;
8812.     }
8813.     if (((FARPROC) p_hash_getdescbyname =
8814.           GetProcAddress( hLIBKRYPTO, "hash_getdescbyname" )) == NULL )
8815.     {
8816.         rc = GetLastError() ;
8817.         load_error = 1;
8818.     }
8819.     if (((FARPROC) p_krypto_delete =
8820.           GetProcAddress( hLIBKRYPTO, "krypto_delete" )) == NULL )
8821.     {
8822.         rc = GetLastError() ;
8823.         load_error = 1;
8824.     }
8825.     if (((FARPROC) p_krypto_new =
8826.           GetProcAddress( hLIBKRYPTO, "krypto_new" )) == NULL )
8827.     {
8828.         rc = GetLastError() ;
8829.         load_error = 1;
8830.     }
8831.     if (((FARPROC) p_hash_supported =
8832.           GetProcAddress( hLIBKRYPTO, "hash_supported" )) == NULL )
8833.     {
8834.         rc = GetLastError() ;
8835.         load_error = 1;
8836.     }
8837.     if (((FARPROC) p_cipher_supported =
8838.           GetProcAddress( hLIBKRYPTO, "cipher_supported" )) == NULL )
8839.     {
8840.         rc = GetLastError() ;
8841.         load_error = 1;
8842.     }
8843.     if (((FARPROC) p_krypto_msg_safe =
8844.           GetProcAddress( hLIBKRYPTO, "krypto_msg_safe" )) == NULL )
8845.     {
8846.         rc = GetLastError() ;
8847.         load_error = 1;
8848.     }
8849.     if (((FARPROC) p_krypto_msg_priv =
8850.           GetProcAddress( hLIBKRYPTO, "krypto_msg_priv" )) == NULL )
8851.     {
8852.         rc = GetLastError() ;
8853.         load_error = 1;
8854.     }
8855.     if ( load_error ) {
8856.         load_krypto_eh();
8857.         return 0;
8858.     }
8859.     krypto_loaded = 1;
8860. #else /* NT */
8861.     return(0);
8862. #endif /* NT */
8863.     return(1);
8864. }
8865.  
8866. static int
8867. ck_krypto_unloaddll()
8868. {
8869.     if ( !krypto_loaded )
8870.         return(1);
8871.  
8872.     load_krypto_eh();
8873.     return(1);
8874. }
8875.  
8876. int krypto_avail()
8877. {
8878.     return krypto_loaded;
8879. }
8880. #else
8881. int krypto_avail()
8882. {
8883.     return 0;
8884. }
8885. #endif /* CK_SRP */
8886.  
8887. #ifdef KRB5
8888. #include <gssapi/gssapi.h>
8889. #include <gssapi/gssapi_generic.h>
8890.  
8891. static unsigned long (KRB5_CALLCONV * p_gss_release_buffer)
8892.     ( unsigned long *, gss_buffer_t )= NULL;
8893. static unsigned long (KRB5_CALLCONV * p_gss_seal)(unsigned long *, gss_ctx_id_t, int, int,
8894.                            gss_buffer_t, int *, gss_buffer_t )= NULL;
8895. static unsigned long (KRB5_CALLCONV * p_gss_unseal)(unsigned long *,
8896.                                                 gss_ctx_id_t, gss_buffer_t,
8897.                                                 gss_buffer_t, int *, int * )= NULL;
8898. static unsigned long (KRB5_CALLCONV * p_gss_release_name)(unsigned long *,
8899.                                                       gss_name_t *)= NULL;
8900. static unsigned long (KRB5_CALLCONV * p_gss_init_sec_context)
8901.     (unsigned long *, gss_cred_id_t,
8902.       gss_ctx_id_t *, gss_name_t,
8903.       gss_OID, OM_uint32, OM_uint32,
8904.       gss_channel_bindings_t,
8905.       gss_buffer_t, gss_OID *,
8906.       gss_buffer_t,
8907.       unsigned long *,
8908.       unsigned long * )= NULL;
8909. static unsigned long (KRB5_CALLCONV * p_gss_import_name)(unsigned long *,
8910.                                                      gss_buffer_t, gss_OID,
8911.                                                      gss_name_t * )= NULL;
8912. static unsigned long (KRB5_CALLCONV * p_gss_display_status)(unsigned long *,
8913.                                                         unsigned long,
8914.                                                         int, gss_OID,
8915.                                                         unsigned long *,
8916.                                                         gss_buffer_t)= NULL;
8917. static unsigned long (KRB5_CALLCONV * p_gss_indicate_mechs)
8918.     (OM_uint32 * minor_status, gss_OID_set * mech_set)= NULL;
8919.  
8920.  
8921. OM_uint32 (KRB5_CALLCONV * p_gss_verify_mic)
8922. (OM_uint32 *,           /* minor_status */
8923.             gss_ctx_id_t,               /* context_handle */
8924.             gss_buffer_t,               /* message_buffer */
8925.             gss_buffer_t,               /* message_token */
8926.             gss_qop_t *                 /* qop_state */
8927.            )=NULL;
8928.  
8929. OM_uint32 (KRB5_CALLCONV * p_gss_release_cred)
8930. (OM_uint32 *,           /* minor_status */
8931.             gss_cred_id_t *             /* cred_handle */
8932.            )=NULL;
8933.  
8934. OM_uint32 (KRB5_CALLCONV * p_gss_delete_sec_context)
8935. (OM_uint32 *,           /* minor_status */
8936.             gss_ctx_id_t *,             /* context_handle */
8937.             gss_buffer_t                /* output_token */
8938.            )=NULL;
8939.  
8940. OM_uint32 (KRB5_CALLCONV * p_gss_accept_sec_context)
8941. (OM_uint32 *,           /* minor_status */
8942.             gss_ctx_id_t *,             /* context_handle */
8943.             gss_cred_id_t,              /* acceptor_cred_handle */
8944.             gss_buffer_t,               /* input_token_buffer */
8945.             gss_channel_bindings_t,     /* input_chan_bindings */
8946.             gss_name_t *,               /* src_name */
8947.             gss_OID *,          /* mech_type */
8948.             gss_buffer_t,               /* output_token */
8949.             OM_uint32 *,                /* ret_flags */
8950.             OM_uint32 *,                /* time_rec */
8951.             gss_cred_id_t *             /* delegated_cred_handle */
8952.            )=NULL;
8953.  
8954. OM_uint32 (KRB5_CALLCONV * p_gss_acquire_cred)
8955. (OM_uint32 *,           /* minor_status */
8956.             gss_name_t,                 /* desired_name */
8957.             OM_uint32,                  /* time_req */
8958.             gss_OID_set,                /* desired_mechs */
8959.             gss_cred_usage_t,           /* cred_usage */
8960.             gss_cred_id_t *,    /* output_cred_handle */
8961.             gss_OID_set *,              /* actual_mechs */
8962.             OM_uint32 *         /* time_rec */
8963.            )=NULL;
8964.  
8965. OM_uint32 (KRB5_CALLCONV * p_gss_get_mic)
8966. (OM_uint32 *,           /* minor_status */
8967.             gss_ctx_id_t,               /* context_handle */
8968.             gss_qop_t,                  /* qop_req */
8969.             gss_buffer_t,               /* message_buffer */
8970.             gss_buffer_t                /* message_token */
8971.            )=NULL;
8972.  
8973. OM_uint32 (KRB5_CALLCONV * p_gss_display_name)
8974. (OM_uint32 *,           /* minor_status */
8975.             gss_name_t,                 /* input_name */
8976.             gss_buffer_t,               /* output_name_buffer */
8977.             gss_OID *           /* output_name_type */
8978.            )=NULL;
8979.  
8980. OM_uint32 (KRB5_CALLCONV * p_gss_test_oid_set_member)
8981. (OM_uint32 *,           /* minor_status */
8982.             gss_OID,                    /* member */
8983.             gss_OID_set,                /* set */
8984.             int *                       /* present */
8985.            )=NULL;
8986.  
8987. OM_uint32 (KRB5_CALLCONV * p_gss_add_oid_set_member)
8988. (OM_uint32 *,           /* minor_status */
8989.             gss_OID,                    /* member_oid */
8990.             gss_OID_set *               /* oid_set */
8991.            )=NULL;
8992.  
8993. OM_uint32 (KRB5_CALLCONV * p_gss_create_empty_oid_set)
8994. (OM_uint32 *,           /* minor_status */
8995.             gss_OID_set *               /* oid_set */
8996.            )=NULL;
8997.  
8998. OM_uint32 (KRB5_CALLCONV * p_gss_release_oid_set)
8999. (OM_uint32 *,           /* minor_status */
9000.             gss_OID_set *               /* set */
9001.            )=NULL;
9002.  
9003.  
9004. unsigned long
9005. ck_gss_release_buffer( unsigned long * c, gss_buffer_t b)
9006. {
9007.     if ( p_gss_release_buffer )
9008.         return(p_gss_release_buffer(c,b));
9009.     else
9010.         return(GSS_S_UNAVAILABLE);
9011. }
9012.  
9013. unsigned long
9014. ck_gss_seal(unsigned long * a, gss_ctx_id_t b, int c, int d,
9015.              gss_buffer_t e, int * f, gss_buffer_t g)
9016. {
9017.     if ( p_gss_seal )
9018.         return(p_gss_seal(a,b,c,d,e,f,g));
9019.     else
9020.         return(GSS_S_UNAVAILABLE);
9021. }
9022.  
9023. unsigned long
9024. ck_gss_unseal(unsigned long * a, gss_ctx_id_t b, gss_buffer_t c,
9025.                           gss_buffer_t d, int * e, int * f )
9026. {
9027.     if ( p_gss_unseal )
9028.         return(p_gss_unseal(a,b,c,d,e,f));
9029.     else
9030.         return(GSS_S_UNAVAILABLE);
9031. }
9032.  
9033. unsigned long
9034. ck_gss_release_name(unsigned long * a, gss_name_t * b)
9035. {
9036.     if ( p_gss_release_name )
9037.         return(p_gss_release_name(a,b));
9038.     else
9039.         return(GSS_S_UNAVAILABLE);
9040. }
9041.  
9042. unsigned long
9043. ck_gss_init_sec_context(unsigned long * a, gss_cred_id_t b,
9044.                                        gss_ctx_id_t * c, gss_name_t d,
9045.                                        gss_OID e, OM_uint32 f, OM_uint32 g,
9046.                                        gss_channel_bindings_t h,
9047.                                        gss_buffer_t i, gss_OID * j,
9048.                                        gss_buffer_t k,
9049.                                        unsigned long * l,
9050.                                        unsigned long * m)
9051. {
9052.     if ( p_gss_init_sec_context )
9053.         return(p_gss_init_sec_context(a,b,c,d,e,f,g,h,i,j,k,l,m));
9054.     else
9055.         return(GSS_S_UNAVAILABLE);
9056. }
9057.  
9058. unsigned long
9059. ck_gss_import_name(unsigned long * a, gss_buffer_t b, gss_OID c,
9060.                                   gss_name_t * d)
9061. {
9062.     if ( p_gss_import_name )
9063.         return(p_gss_import_name(a,b,c,d));
9064.     else
9065.         return(GSS_S_UNAVAILABLE);
9066. }
9067.  
9068. unsigned long
9069. ck_gss_display_status(unsigned long * a, unsigned long b,
9070.                                      int c, gss_OID d, unsigned long * e,
9071.                                      gss_buffer_t f )
9072. {
9073.     if ( p_gss_display_status )
9074.         return(p_gss_display_status(a,b,c,d,e,f));
9075.     else
9076.         return(GSS_S_UNAVAILABLE);
9077. }
9078.  
9079. unsigned long
9080. ck_gss_indicate_mechs(OM_uint32 * minor_status, gss_OID_set * mech_set)
9081. {
9082.     if ( p_gss_indicate_mechs )
9083.         return(p_gss_indicate_mechs(minor_status,mech_set));
9084.     else
9085.         return(GSS_S_UNAVAILABLE);
9086. }
9087.  
9088.  
9089. OM_uint32
9090. ck_gss_verify_mic(OM_uint32 * status,           /* minor_status */
9091.             gss_ctx_id_t context,               /* context_handle */
9092.             gss_buffer_t buf,               /* message_buffer */
9093.             gss_buffer_t tok,               /* message_token */
9094.             gss_qop_t *  qop               /* qop_state */
9095.            )
9096. {
9097.     if ( p_gss_verify_mic )
9098.         return(p_gss_verify_mic(status,context,buf,tok,qop));
9099.     else
9100.         return(GSS_S_UNAVAILABLE);
9101. }
9102.  
9103. OM_uint32
9104. ck_gss_release_cred(OM_uint32 * status,           /* minor_status */
9105.             gss_cred_id_t * cred             /* cred_handle */
9106.            )
9107. {
9108.     if ( p_gss_release_cred )
9109.         return(p_gss_release_cred(status,cred));
9110.     else
9111.         return(GSS_S_UNAVAILABLE);
9112. }
9113.  
9114. OM_uint32
9115. ck_gss_delete_sec_context(OM_uint32 * status,           /* minor_status */
9116.             gss_ctx_id_t * context,             /* context_handle */
9117.             gss_buffer_t   tok             /* output_token */
9118.            )
9119. {
9120.     if ( p_gss_delete_sec_context )
9121.         return(p_gss_delete_sec_context(status,context,tok));
9122.     else
9123.         return(GSS_S_UNAVAILABLE);
9124. }
9125.  
9126. OM_uint32
9127. ck_gss_accept_sec_context(OM_uint32 * status,           /* minor_status */
9128.             gss_ctx_id_t * context,             /* context_handle */
9129.             gss_cred_id_t  acceptor,              /* acceptor_cred_handle */
9130.             gss_buffer_t   buf,               /* input_token_buffer */
9131.             gss_channel_bindings_t binding,     /* input_chan_bindings */
9132.             gss_name_t * name,               /* src_name */
9133.             gss_OID * type,          /* mech_type */
9134.             gss_buffer_t out,               /* output_token */
9135.             OM_uint32 * ret,                /* ret_flags */
9136.             OM_uint32 * time,                /* time_rec */
9137.             gss_cred_id_t * delcred             /* delegated_cred_handle */
9138.            )
9139. {
9140.     if ( p_gss_accept_sec_context )
9141.         return(p_gss_accept_sec_context(status,context,acceptor,buf,binding,
9142.                                          name, type, out, ret, time, delcred));
9143.     else
9144.         return(GSS_S_UNAVAILABLE);
9145. }
9146.  
9147. OM_uint32
9148. ck_gss_acquire_cred(OM_uint32 * status,           /* minor_status */
9149.             gss_name_t name,                 /* desired_name */
9150.             OM_uint32 timereq,                  /* time_req */
9151.             gss_OID_set dmechs,                /* desired_mechs */
9152.             gss_cred_usage_t usage,           /* cred_usage */
9153.             gss_cred_id_t * outcred,    /* output_cred_handle */
9154.             gss_OID_set * amechs,              /* actual_mechs */
9155.             OM_uint32 *   timerec      /* time_rec */
9156.            )
9157. {
9158.     if ( p_gss_acquire_cred )
9159.         return(p_gss_acquire_cred(status,name,timereq,dmechs,usage,outcred,amechs,timerec));
9160.     else
9161.         return(GSS_S_UNAVAILABLE);
9162. }
9163.  
9164. OM_uint32
9165. ck_gss_get_mic(OM_uint32 * status,           /* minor_status */
9166.             gss_ctx_id_t context,               /* context_handle */
9167.             gss_qop_t qop,                  /* qop_req */
9168.             gss_buffer_t buf,               /* message_buffer */
9169.             gss_buffer_t tok               /* message_token */
9170.            )
9171. {
9172.     if ( p_gss_get_mic )
9173.         return(p_gss_get_mic(status,context,qop,buf,tok));
9174.     else
9175.         return(GSS_S_UNAVAILABLE);
9176. }
9177.  
9178. OM_uint32
9179. ck_gss_display_name(OM_uint32 * status,           /* minor_status */
9180.             gss_name_t      inname,                 /* input_name */
9181.             gss_buffer_t    outname,               /* output_name_buffer */
9182.             gss_OID *       outtype              /* output_name_type */
9183.            )
9184. {
9185.     if ( p_gss_display_name )
9186.         return(p_gss_display_name(status,inname,outname,outtype));
9187.     else
9188.         return(GSS_S_UNAVAILABLE);
9189. }
9190.  
9191. OM_uint32
9192. ck_gss_test_oid_set_member(OM_uint32 * status,           /* minor_status */
9193.             gss_OID member,                    /* member */
9194.             gss_OID_set set,                /* set */
9195.             int * present                      /* present */
9196.            )
9197. {
9198.     if ( p_gss_test_oid_set_member )
9199.         return(p_gss_test_oid_set_member(status,member,set,present));
9200.     else
9201.         return(GSS_S_UNAVAILABLE);
9202. }
9203.  
9204. OM_uint32
9205. ck_gss_add_oid_set_member(OM_uint32 * status,           /* minor_status */
9206.             gss_OID member,                    /* member_oid */
9207.             gss_OID_set * set              /* oid_set */
9208.            )
9209. {
9210.     if ( p_gss_add_oid_set_member )
9211.         return(p_gss_add_oid_set_member(status,member,set));
9212.     else
9213.         return(GSS_S_UNAVAILABLE);
9214. }
9215.  
9216. OM_uint32
9217. ck_gss_create_empty_oid_set(OM_uint32 * status,           /* minor_status */
9218.             gss_OID_set * set              /* oid_set */
9219.            )
9220. {
9221.     if ( p_gss_create_empty_oid_set )
9222.         return(p_gss_create_empty_oid_set(status,set));
9223.     else
9224.         return(GSS_S_UNAVAILABLE);
9225. }
9226.  
9227. OM_uint32
9228. ck_gss_release_oid_set(OM_uint32 * status,           /* minor_status */
9229.             gss_OID_set *  set             /* set */
9230.            )
9231. {
9232.     if ( p_gss_release_oid_set )
9233.         return(p_gss_release_oid_set(status,set));
9234.     else
9235.         return(GSS_S_UNAVAILABLE);
9236. }
9237.  
9238.  
9239. static int gssapi_loaded = 0;
9240.  
9241. static void
9242. load_gssapi_eh()
9243. {
9244.     if ( hGSSAPI) {
9245. #ifdef NT
9246.         FreeLibrary(hGSSAPI);
9247.         hGSSAPI = NULL;
9248. #else
9249.         DosFreeModule(hGSSAPI);
9250.         hGSSAPI = 0;
9251. #endif /* NT */
9252.     }
9253.  
9254.     p_gss_release_buffer = NULL;
9255.     p_gss_seal = NULL;
9256.     p_gss_unseal = NULL;
9257.     p_gss_release_name = NULL;
9258.     p_gss_init_sec_context = NULL;
9259.     p_gss_display_status = NULL;
9260.     p_gss_indicate_mechs = NULL;
9261.  
9262.     p_gss_verify_mic             = NULL;
9263.     p_gss_test_oid_set_member    = NULL;
9264.     p_gss_add_oid_set_member     = NULL;
9265.     p_gss_create_empty_oid_set   = NULL;
9266.     p_gss_release_cred           = NULL;
9267.     p_gss_delete_sec_context     = NULL;
9268.     p_gss_accept_sec_context     = NULL;
9269.     p_gss_release_oid_set        = NULL;
9270.     p_gss_acquire_cred           = NULL;
9271.     p_gss_display_name           = NULL;
9272.     p_gss_get_mic                = NULL;
9273.  
9274.     gssapi_loaded = 0;
9275. }
9276.  
9277. int
9278. ck_gssapi_loaddll()
9279. {
9280.     ULONG rc = 0;
9281.     int load_error = 0;
9282.     gss_OID_set mech_set=NULL;
9283.     OM_uint32 minor_status=0;
9284.  
9285. #ifdef OS2ONLY
9286.     CHAR *exe_path;
9287.     CHAR path[256];
9288.     CHAR * dllname = "GSSAPI32";
9289.     int len;
9290. #endif /* OS2ONLY */
9291.  
9292.     if ( gssapi_loaded )
9293.         return(1);
9294.  
9295. #ifdef NT
9296.     hGSSAPI = LoadLibrary("GSSKRB5");
9297.     if ( !hGSSAPI )
9298.         hGSSAPI = LoadLibrary("GSSAPI32");
9299.     if ( !hGSSAPI )
9300.         return(0);
9301.  
9302.     if (((FARPROC) p_gss_release_buffer =
9303.           GetProcAddress( hGSSAPI, "gss_release_buffer" )) == NULL )
9304.     {
9305.         load_error = 1;
9306.     }
9307.     if (((FARPROC) p_gss_seal =
9308.           GetProcAddress( hGSSAPI, "gss_seal" )) == NULL )
9309.     {
9310.         load_error = 1;
9311.     }
9312.     if (((FARPROC) p_gss_unseal =
9313.           GetProcAddress( hGSSAPI, "gss_unseal" )) == NULL )
9314.     {
9315.         load_error = 1;
9316.     }
9317.     if (((FARPROC) p_gss_release_name =
9318.           GetProcAddress( hGSSAPI, "gss_release_name" )) == NULL )
9319.     {
9320.         load_error = 1;
9321.     }
9322.     if (((FARPROC) p_gss_init_sec_context =
9323.           GetProcAddress( hGSSAPI, "gss_init_sec_context" )) == NULL )
9324.     {
9325.         load_error = 1;
9326.     }
9327.     if (((FARPROC) p_gss_import_name =
9328.           GetProcAddress( hGSSAPI, "gss_import_name" )) == NULL )
9329.     {
9330.         load_error = 1;
9331.     }
9332.     if (((FARPROC) p_gss_display_status =
9333.           GetProcAddress( hGSSAPI, "gss_display_status" )) == NULL )
9334.     {
9335.         load_error = 1;
9336.     }
9337.     if (((FARPROC) p_gss_indicate_mechs =
9338.           GetProcAddress( hGSSAPI, "gss_indicate_mechs" )) == NULL )
9339.     {
9340.         load_error = 1;
9341.     }
9342.     if (((FARPROC) p_gss_verify_mic =
9343.           GetProcAddress( hGSSAPI, "gss_verify_mic" )) == NULL )
9344.     {
9345.         load_error = 1;
9346.     }
9347.     if (((FARPROC) p_gss_test_oid_set_member =
9348.           GetProcAddress( hGSSAPI, "gss_test_oid_set_member" )) == NULL )
9349.     {
9350.         load_error = 1;
9351.     }
9352.     if (((FARPROC) p_gss_add_oid_set_member =
9353.           GetProcAddress( hGSSAPI, "gss_add_oid_set_member" )) == NULL )
9354.     {
9355.         load_error = 1;
9356.     }
9357.     if (((FARPROC) p_gss_create_empty_oid_set =
9358.           GetProcAddress( hGSSAPI, "gss_create_empty_oid_set" )) == NULL )
9359.     {
9360.         load_error = 1;
9361.     }
9362.     if (((FARPROC) p_gss_release_cred =
9363.           GetProcAddress( hGSSAPI, "gss_release_cred" )) == NULL )
9364.     {
9365.         load_error = 1;
9366.     }
9367.     if (((FARPROC) p_gss_delete_sec_context =
9368.           GetProcAddress( hGSSAPI, "gss_delete_sec_context" )) == NULL )
9369.     {
9370.         load_error = 1;
9371.     }
9372.     if (((FARPROC) p_gss_accept_sec_context =
9373.           GetProcAddress( hGSSAPI, "gss_accept_sec_context" )) == NULL )
9374.     {
9375.         load_error = 1;
9376.     }
9377.     if (((FARPROC) p_gss_release_oid_set =
9378.           GetProcAddress( hGSSAPI, "gss_release_oid_set" )) == NULL )
9379.     {
9380.         load_error = 1;
9381.     }
9382.     if (((FARPROC) p_gss_acquire_cred =
9383.           GetProcAddress( hGSSAPI, "gss_acquire_cred" )) == NULL )
9384.     {
9385.         load_error = 1;
9386.     }
9387.     if (((FARPROC) p_gss_display_name =
9388.           GetProcAddress( hGSSAPI, "gss_display_name" )) == NULL )
9389.     {
9390.         load_error = 1;
9391.     }
9392.     if (((FARPROC) p_gss_get_mic =
9393.           GetProcAddress( hGSSAPI, "gss_get_mic" )) == NULL )
9394.     {
9395.         load_error = 1;
9396.     }
9397. #else /* NT */
9398.     exe_path = GetLoadPath();
9399.     len = get_dir_len(exe_path);
9400.     if ( len + strlen(dllname) + 4 > sizeof(path) )
9401.         return(0);
9402.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
9403.     rc = DosLoadModule(fail, sizeof(fail), path, &hGSSAPI);
9404.     if (rc) {
9405.         debug(F111, "GSSAPI LoadLibrary failed",fail,rc) ;
9406.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hGSSAPI);
9407.     }
9408.  
9409.     if (rc) {
9410.         debug(F111, "GSSAPI LoadLibrary failed",fail,rc) ;
9411.         return(0);
9412.     }
9413.  
9414.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_release_buffer",
9415.                               (PFN*)&p_gss_release_buffer))
9416.     {
9417.         debug(F111,"GSSAPI GetProcAddress failed","gss_release_buffer",rc);
9418.         load_error = 1;
9419.     }
9420.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_seal",
9421.                               (PFN*)&p_gss_seal))
9422.     {
9423.         debug(F111,"GSSAPI GetProcAddress failed","gss_seal",rc);
9424.         load_error = 1;
9425.     }
9426.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_unseal",
9427.                               (PFN*)&p_gss_unseal))
9428.     {
9429.         debug(F111,"GSSAPI GetProcAddress failed","gss_unseal",rc);
9430.         load_error = 1;
9431.     }
9432.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_release_name",
9433.                               (PFN*)&p_gss_release_name))
9434.     {
9435.         debug(F111,"GSSAPI GetProcAddress failed","gss_release_name",rc);
9436.         load_error = 1;
9437.     }
9438.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_init_sec_context",
9439.                               (PFN*)&p_gss_init_sec_context))
9440.     {
9441.         debug(F111,"GSSAPI GetProcAddress failed","gss_init_sec_context",rc);
9442.         load_error = 1;
9443.     }
9444.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_import_name",
9445.                               (PFN*)&p_gss_import_name))
9446.     {
9447.         debug(F111,"GSSAPI GetProcAddress failed","gss_import_name",rc);
9448.         load_error = 1;
9449.     }
9450.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_display_status",
9451.                               (PFN*)&p_gss_display_status))
9452.     {
9453.         debug(F111,"GSSAPI GetProcAddress failed","gss_display_status",rc);
9454.         load_error = 1;
9455.     }
9456.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_indicate_mechs",
9457.                               (PFN*)&p_gss_indicate_mechs))
9458.     {
9459.         debug(F111,"GSSAPI GetProcAddress failed","gss_indicate_mechs",rc);
9460.         load_error = 1;
9461.     }
9462. #endif /* NT */
9463.  
9464.     if ( load_error ) {
9465.         load_gssapi_eh();
9466.         return 0;
9467.     }
9468.     gssapi_loaded = 1;
9469.     return(1);
9470. }
9471.  
9472. int
9473. ck_gssapi_unloaddll()
9474. {
9475.     if ( !gssapi_loaded )
9476.         return(1);
9477.  
9478.     load_gssapi_eh();
9479.     return(1);
9480. }
9481.  
9482. int gssapi_avail() {
9483.     return gssapi_loaded;
9484. }
9485. #else /* GSSAPI */
9486. int ck_gssapi_unloaddll() { return 0; }
9487. int gssapi_avail() { return 0; }
9488. #endif /* GSSAPI */
9489.  
9490. int
9491. ck_security_loaddll( void )
9492. {
9493.     ULONG rc = 0 ;
9494.     extern unsigned long startflags;
9495.  
9496.     if ( security_dll_loaded )
9497.         return(1);
9498.  
9499.     if ( startflags & 8 )       /* do not load if we are not supposed to */
9500.         return(0);
9501.  
9502.     /* Cygnus Solutions builds the libraries differently from MIT */
9503.     /* Cygnus combines KRB5_32 and COMERR32 into a single DLL     */
9504.     /* called LIBKRB5.                                            */
9505.  
9506.     /* load dlls */
9507. #ifdef CRYPT_DLL
9508.     ck_crypt_loaddll();
9509. #endif /* CRYPT_DLL */
9510.  
9511. #ifdef NTLM
9512.     ck_sspi_loaddll();
9513. #endif /* NTLM */
9514.  
9515. #ifdef CK_SRP
9516.     if (ck_srp_loaddll() && hCRYPT)
9517.         ck_krypto_loaddll();
9518. #endif /* CK_SRP */
9519.  
9520. #ifdef CK_KERBEROS
9521. #ifdef KRB5
9522.     ck_krb5_loaddll();
9523.     ck_gssapi_loaddll();
9524. #endif /* KRB5 */
9525. #ifdef KRB4
9526.     ck_krb4_loaddll();
9527. #endif /* KRB4 */
9528. #endif /* CK_KERBEROS */
9529.  
9530. #ifdef CK_SSL
9531.     ck_crypto_loaddll();
9532.     ck_ssl_loaddll();
9533. #endif /* CK_SSL */
9534.  
9535. #ifdef ZLIB
9536.     ck_zlib_loaddll();
9537. #endif /* ZLIB */
9538.  
9539.     /* success */
9540.     security_dll_loaded = 1;
9541.     return(1);
9542. }
9543.  
9544. int
9545. ck_security_unloaddll( void )
9546. {
9547.     if ( !security_dll_loaded )
9548.         return(1);
9549.  
9550.     /* unload dlls */
9551.     ck_krb4_loaddll_eh();
9552.     ck_gssapi_unloaddll();
9553.     ck_krb5_loaddll_eh();
9554.  
9555. #ifdef CK_SSL
9556.     ck_ssl_unloaddll();
9557.     ck_crypto_unloaddll();
9558. #endif /* CK_SSL */
9559.  
9560. #ifdef ZLIB
9561.     ck_zlib_unloaddll();
9562. #endif /* ZLIB */
9563.  
9564. #ifdef CRYPT_DLL
9565.     ck_crypt_unloaddll();
9566. #endif /* CRYPT_DLL */
9567.  
9568. #ifdef NTLM
9569.     ck_ntlm_unloaddll();
9570. #endif /* NTLM */
9571.  
9572. #ifdef CK_SRP
9573.     ck_srp_unloaddll();
9574.     ck_krypto_unloaddll();
9575. #endif /* CK_SRP */
9576.  
9577.     /* success */
9578.     security_dll_loaded = 0;
9579.     return(1);
9580. }
9581.  
9582. #ifdef KRB5
9583. int
9584. is_NRL_KRB5()
9585. {
9586.     return !cygnus && p_decode_krb5_ticket && p_des_set_random_generator_seed &&
9587.         p_krb5_appdefault_boolean && p_krb5_appdefault_string &&
9588.         !p_krb5_free_unparsed_name && !p_krb5_auth_con_getrcache &&
9589.         !p_krb5_c_enctype_compare  && !p_krb5_kuserok &&
9590.         !p_krb5_get_renewed_creds && !p_krb5_get_validated_creds;
9591. }
9592.  
9593. int
9594. has_NEW_KRB5_CRYPTO()
9595. {
9596.     return(p_krb5_c_encrypt && p_krb5_c_decrypt && p_krb5_c_make_random_key &&
9597.             p_krb5_c_random_seed && p_krb5_c_block_size && p_krb5_c_encrypt_length);
9598. }
9599. #endif /* KRB5 */
9600. #endif /* End OS2 DLL Function Pointers */
9601.  
9602.  
9603. #ifdef COMMENT
9604. Undocumented function:
9605.  
9606. From: "Maxim S. Shatskih" <maxim__s@mtu-net.ru>
9607. Looks like calling NtCreateToken from your service running under
9608. LocalSystem is the only way.
9609. The function is completely undocumented - looks like it accepts parameters
9610. like user's SID, all groups SID's (to which this user belongs) and all
9611. privilige
9612. IDs - which this user posesses.
9613. Calling the function will bypass NT security & log the specified user on
9614. without
9615. any password validation (you are free to use your own instead of NTs
9616. standard) & audit trail. In fact, this means that you implement your own LSA
9617. :-)
9618.  
9619.  
9620. // untested
9621. HCRYPTPROV hProvider = 0;
9622. BYTE randomBytes[128];
9623. CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
9624. CryptGenRandom(hProvider, sizeof(randomBytes), randomBytes);
9625.  
9626. #endif /* COMMENT */
9627. #endif /* CK_AUTHENTICATION */
9628.