home *** CD-ROM | disk | FTP | other *** search
/ kermit.columbia.edu / kermit.columbia.edu.tar / kermit.columbia.edu / tmp9 / ckoath.c < prev    next >
C/C++ Source or Header  |  2011-07-19  |  320KB  |  9,628 lines

  1. /*
  2.   C K O A T H . C  --  Authentication for Kermit 95
  3.  
  4.   Copyright (C) 1998, 2004, Trustees of Columbia University in the City of New
  5.   York.
  6.  
  7.   Author:  Jeffrey E Altman (jaltman@secure-endpoints.com)
  8.              Secure Endpoints Inc., New York City
  9. */
  10.  
  11.  
  12. #include "ckcdeb.h"
  13.  
  14. #ifdef CK_AUTHENTICATION
  15. #define CKOATH_C
  16. #include "ckcker.h"
  17. #include "ckuusr.h"
  18. #include "ckucmd.h"                             /* For struct keytab */
  19. #include "ckcnet.h"
  20. #include "ckctel.h"
  21.  
  22. #ifdef CK_DES
  23. #ifdef CK_SSL
  24. #ifndef LIBDES
  25. #define LIBDES
  26. #endif /* LIBDES */
  27. #endif /* CK_SSL */
  28. #endif /* CK_DES */
  29.  
  30. #ifdef CRYPT_DLL
  31. #ifndef LIBDES
  32. #define LIBDES
  33. #endif /* LIBDES */
  34. #ifdef OS2
  35. #ifdef NT
  36. #include <windows.h>
  37. #define SECURITY_WIN32
  38. #include <security.h>
  39. #ifndef NTLMSP_NAME_A
  40. #define NTLMSP_NAME_A "NTLM"
  41. #endif /* NTLMSP_NAME_A */
  42. #else /* NT */
  43. #define INCL_DOSMODULEMGR
  44. #include <os2.h>
  45. #endif /* NT */
  46. #endif /* OS2 */
  47. #endif /* CRYPT_DLL */
  48.  
  49. #include "ckosyn.h"
  50.  
  51. #ifdef NT
  52. #define KRB5_AUTOCONF__
  53. #define NTLM
  54. #endif /* NT */
  55.  
  56. #ifndef CK_KERBEROS
  57. #ifdef KRB4
  58. #undef KRB4
  59. #endif /* KRB4 */
  60. #ifdef KRB5
  61. #undef KRB5
  62. #endif /* KRB5 */
  63. #ifdef KRB524
  64. #undef KRB524
  65. #endif /* KRB524 */
  66. #endif /* CK_KERBEROS */
  67.  
  68. #include <stdlib.h>
  69. #include <string.h>
  70. #include <stdio.h>
  71. #include <time.h>
  72. #include <fcntl.h>
  73. #include <io.h>
  74.  
  75. #ifdef KRB5
  76. #include "krb5.h"
  77. #include "profile.h"
  78. #include "com_err.h"
  79.  
  80. #ifdef KRB5_GET_INIT_CREDS_OPT_TKT_LIFE
  81. #define KRB5_HAVE_GET_INIT_CREDS
  82. #else
  83. #define krb5_free_unparsed_name(con,val) krb5_xfree((char *)(val))
  84. #endif
  85.  
  86. #ifndef KRB5_HAVE_GET_INIT_CREDS
  87. #define krb5_free_data_contents(c,v) krb5_xfree((char *)(v)->data)
  88. #endif
  89. #endif /* KRB5 */
  90.  
  91. #ifdef KRB4
  92. #define  des_cblock Block
  93. #define  des_key_schedule Schedule
  94. #ifdef NT
  95. #define _WINDOWS
  96. #include "kerberosIV/krb.h"
  97. #else /* NT */
  98. #ifdef KRB524
  99. #include "kerberosIV/krb.h"
  100. _PROTOTYP(const char * krb_get_err_text_entry, (int));
  101. #else /* KRB524 */
  102. #include "krb.h"
  103. #define krb_get_err_text_entry krb_get_err_text
  104. #endif /* KRB524 */
  105. #endif /* NT */
  106. #else /* KRB4 */
  107. #ifdef CK_SSL
  108. #define  des_cblock Block
  109. #define  des_key_schedule Schedule
  110. #endif /* CK_SSL */
  111. #endif /* KRB4 */
  112.  
  113. #include "ckuath.h"
  114. #ifdef CK_KERBEROS
  115. #ifndef KRB5
  116. #define NOBLOCKDEF
  117. #endif /* KRB5 */
  118. #ifdef KRB524
  119. #define NOBLOCKDEF
  120. #endif /* KRB524 */
  121. #endif /* CK_KERBEROS */
  122. #include "ckuat2.h"
  123.  
  124. #ifdef CK_SSL
  125. #ifdef LIBDES
  126. #ifndef HEADER_DES_H
  127. #define HEADER_DES_H
  128. #endif /* HEADER_DES_H */
  129. #endif /* LIBDES */
  130. #include "ck_ssl.h"
  131. #endif /* SSL */
  132.  
  133. #ifdef CK_SRP
  134. #include <t_pwd.h>
  135. #include <t_client.h>
  136. #include <t_server.h>
  137. #endif /* CK_SRP */
  138.  
  139. #ifdef OS2
  140. #ifdef CK_ENCRYPTION
  141. #define MAP_DES
  142. #endif /* CK_ENCRYPTION */
  143. #ifdef KRB4
  144. #define MAP_KRB4
  145. #endif /* KRB4 */
  146. #ifdef SRPDLL
  147. #define MAP_SRP
  148. #endif /* SRPDLL */
  149. #ifdef KRB5
  150. #define MAP_KRB5
  151. #endif /* KRB5 */
  152. #ifdef CRYPT_DLL
  153. #define MAP_CRYPT
  154. #endif /* CRYPT_DLL */
  155. #define MAP_NTLM
  156. #include "ckoath.h"
  157.  
  158. extern char tn_msg[], hexbuf[];         /* from ckcnet.c */
  159. extern int deblog, debses, tn_deb;
  160.  
  161. extern int authentication_version;
  162. extern int auth_type_user[AUTHTYPLSTSZ];
  163. extern int auth_how;
  164. extern int auth_crypt;
  165. extern int auth_fwd;
  166. extern int accept_complete;
  167.  
  168. #define AUTHTMPBL 2048
  169. static char strTmp[AUTHTMPBL+1];
  170. extern char szUserNameRequested[UIDBUFLEN+1];    /* for incoming connections */
  171. extern char szUserNameAuthenticated[UIDBUFLEN+1];/* for incoming connections */
  172. extern char szHostName[UIDBUFLEN+1];
  173.  
  174. #ifdef CK_ENCRYPTION
  175. extern int encrypt_flag;
  176. #endif
  177.  
  178. #ifdef KRB5
  179. extern krb5_context k5_context;
  180. extern char * krb5_d_principal;         /* Default principal */
  181. extern char * krb5_d_instance;          /* Default instance */
  182. extern char * krb5_d_realm;             /* Default realm */
  183. extern char * krb5_d_cc;                /* Default credentials cache */
  184. extern char * krb5_d_srv;               /* Default service name */
  185. extern int    krb5_d_lifetime;          /* Default lifetime */
  186. extern int    krb5_d_forwardable;
  187. extern int    krb5_d_proxiable;
  188. extern int    krb5_d_renewable;
  189. extern int    krb5_autoget;
  190. extern int    krb5_checkaddrs;
  191. extern int    krb5_d_getk4;
  192. extern int    krb5_d_no_addresses;
  193. extern char * krb5_d_addrs[];
  194.  
  195. extern int    krb5_errno;
  196. extern char * krb5_errmsg;
  197. #endif /* KRB5 */
  198.  
  199. #ifdef KRB4
  200. extern char * krb4_d_principal;         /* Default principal */
  201. extern char * krb4_d_realm;             /* Default realm */
  202. extern char * krb4_d_srv;               /* Default service name */
  203. extern int    krb4_d_lifetime;          /* Default lifetime */
  204. extern int    krb4_d_preauth;
  205. extern char * krb4_d_instance;
  206. extern int    krb4_autoget;
  207. extern int    krb4_checkaddrs;
  208. extern char * k4_keytab;
  209.  
  210. extern int    krb4_errno;
  211. extern char * krb4_errmsg;
  212. #endif /* KRB4 */
  213.  
  214. #ifdef CK_KERBEROS
  215. #define CHECKADDRS
  216. #endif /* CK_KERBEROS */
  217.  
  218. #ifdef OS2ONLY
  219. #ifdef KRB5_CALLCONV
  220. #undef KRB5_CALLCONV
  221. #define KRB5_CALLCONV  __cdecl
  222. #endif
  223. #ifdef KRB5_CALLCONV_C
  224. #undef KRB5_CALLCONV_C
  225. #endif
  226. #define KRB5_CALLCONV_C __cdecl
  227. #endif
  228.  
  229. #ifndef KRB5_CALLCONV
  230. #define KRB5_CALLCONV __stdcall
  231. #endif /* KRB5_CALLCONV */
  232. #ifndef KRB5_CALLCONV_C
  233. #define KRB5_CALLCONV_C __cdecl
  234. #endif /* KRB5_CALLCONV_C */
  235.  
  236. #ifdef OS2ONLY
  237. static char fail[_MAX_PATH];
  238. #endif /* OS2ONLY */
  239.  
  240. int copy_for_net(unsigned char *to, unsigned char *from, int c);
  241.  
  242. #ifdef SRPDLL
  243. /* These functions are located in DLLs which we are not linking to at */
  244. /* compile time.  Therefore, we have to redirect them to locally      */
  245. /* defined functions which will call the real thing only if they are  */
  246. /* available via Run-Time Linking.                                    */
  247. /*
  248.     From SRP.DLL:
  249.        unresolved external symbol _t_clientresponse
  250.        unresolved external symbol _t_clientgetkey
  251.        unresolved external symbol _t_clientpasswd
  252.        unresolved external symbol _t_clientgenexp
  253.        unresolved external symbol _t_clientopen
  254.        unresolved external symbol _t_clientverify
  255. */
  256.  
  257. static unsigned char * (*p_t_clientresponse)(struct t_client *)=NULL;
  258. static unsigned char *
  259.  (*p_t_clientgetkey)(struct t_client *, struct t_num *)=NULL;
  260. static void (*p_t_clientpasswd)(struct t_client *, char *)=NULL;
  261. static struct t_num * (*p_t_clientgenexp)(struct t_client *)=NULL;
  262. static struct t_client * (*p_t_clientopen)
  263.     (const char *, struct t_num *, struct t_num *, struct t_num *)=NULL;
  264. static int (*p_t_clientverify)(struct t_client *, unsigned char *)=NULL;
  265.  
  266. unsigned char *
  267. ck_t_clientresponse(struct t_client * client) {
  268.     if ( p_t_clientresponse )
  269.         return(p_t_clientresponse(client));
  270.     else
  271.         return(NULL);
  272. }
  273.  
  274. unsigned char *
  275. ck_t_clientgetkey(struct t_client * client, struct t_num * num) {
  276.     if ( p_t_clientgetkey )
  277.         return(p_t_clientgetkey(client,num));
  278.     return(NULL);
  279. }
  280.  
  281. void ck_t_clientpasswd(struct t_client * client, char * pwd) {
  282.     if ( p_t_clientpasswd )
  283.         p_t_clientpasswd(client,pwd);
  284. }
  285.  
  286. struct t_num *
  287. ck_t_clientgenexp(struct t_client * client) {
  288.     if ( p_t_clientgenexp )
  289.         return(p_t_clientgenexp(client));
  290.     else
  291.         return(NULL);
  292. }
  293.  
  294. struct t_client *
  295. ck_t_clientopen(const char * str, struct t_num * A,
  296.                  struct t_num * B, struct t_num * C) {
  297.     if ( p_t_clientopen )
  298.         return(p_t_clientopen(str,A,B,C));
  299.     else
  300.         return(NULL);
  301. }
  302.  
  303. int
  304. ck_t_clientverify(struct t_client * client, unsigned char * str) {
  305.     if ( p_t_clientverify )
  306.         return(p_t_clientverify(client,str));
  307.     else
  308.         return(0);
  309. }
  310. #endif /* SRPDLL */
  311.  
  312. #ifdef KRB4
  313. /* These functions are located in DLLs which we are not linking to at */
  314. /* compile time.  Therefore, we have to redirect them to locally      */
  315. /* defined functions which will call the real thing only if they are  */
  316. /* available via Run-Time Linking.                                    */
  317. /*
  318.     From KRB4_32.DLL:
  319.        unresolved external symbol __imp__krb_get_err_text@4
  320.        unresolved external symbol __imp__krb_get_cred@16
  321.        unresolved external symbol __imp__krb_mk_req@20
  322.        unresolved external symbol __imp__krb_realmofhost@4
  323.        unresolved external symbol __imp__krb_get_phost@4
  324.  
  325.        unresolved external symbol _des_ecb_encrypt
  326.        unresolved external symbol __imp__des_key_sched@8
  327.        unresolved external symbol _des_new_random_key
  328.        unresolved external symbol _des_set_random_generator_seed
  329.  
  330.        Note: kerberosiv/krb.h contains a reference to errno which
  331.        must be renamed to compile under Windows NT with errno.h
  332.  
  333.        unresolved external symbol __imp__krb_get_pw_in_tkt@28
  334.        unresolved external symbol __imp__krb_get_pw_in_tkt_preauth@28
  335.        unresolved external symbol __imp__krb_get_lrealm@8
  336.        unresolved external symbol __imp__krb_get_err_text@4
  337.        unresolved external symbol __imp__kname_parse@16
  338.        unresolved external symbol __imp__dest_tkt
  339.  
  340.        unresolved external symbol __imp__krb_get_tf_realm@8
  341.  
  342.        Leash specific (not defined in Kerberos V/KerberosIV
  343.        include files
  344.          unresolved external symbol _tf_get_cred
  345.          unresolved external symbol _tf_get_pinst
  346.          unresolved external symbol _tf_get_pname
  347.          unresolved external symbol _tf_close
  348.          unresolved external symbol _tf_init
  349.          unresolved external symbol _tkt_string
  350.  
  351.          C:\kerberos\leash\KRB4\INCLUDE\KRB.H
  352.          int tf_get_pname(char*);
  353.          int tf_get_pinst(char*);
  354.          int tf_get_cred(CREDENTIALS*);
  355.          void tf_close(void);
  356.          int tf_init(char *,int);
  357.          char * tkt_string(void);
  358.          int krb_check_serv(char *);
  359.  
  360.       Added when we put in server side support:
  361.         unresolved external symbol __imp__kuserok@8
  362.         unresolved external symbol _krb_kntoln
  363.         unresolved external symbol __imp__krb_rd_req@24
  364. */
  365.  
  366.  
  367. /* these were all KRB5_CALLCONV */
  368.  
  369. static const char * (KRB5_CALLCONV * p_krb_get_err_text_entry)(int _errno)=NULL;
  370. static int (KRB5_CALLCONV_C * p_krb_get_cred)(char *service, char *instance,
  371.                                          char *realm, CREDENTIALS *c)=NULL;
  372. static int (KRB5_CALLCONV * p_krb_mk_req)(KTEXT authent, char *service,
  373.                                        char *instance, char *realm,
  374.                                        KRB4_32 checksum)=NULL;
  375. static char * (KRB5_CALLCONV * p_krb_realmofhost)(char *host)=NULL;
  376. static char * (KRB5_CALLCONV_C * p_krb_get_phost)(char *alias)=NULL;
  377. static int (KRB5_CALLCONV_C * p_krb_get_pw_in_tkt)
  378.     (char  *user, char  *instance, char  *realm,
  379.       char  *service, char  *sinstance,
  380.       int life, char  *password)=NULL;
  381. static int (KRB5_CALLCONV_C * p_krb_get_pw_in_tkt_preauth)
  382.     (char  *user, char  *instance, char  *realm,
  383.                    char  *service, char  *sinstance,
  384.                    int life, char  *password)=NULL;
  385. static int (KRB5_CALLCONV_C * p_krb_get_lrealm)(char  *realm, int index)=NULL;
  386. static const char * (KRB5_CALLCONV * p_krb_get_err_text)(int _errno)=NULL;
  387. static int (KRB5_CALLCONV_C * p_kname_parse)(char  *name, char  *inst,
  388.                               char  *realm,char  *fullname)=NULL;
  389. static int (KRB5_CALLCONV_C * p_dest_tkt)(void)=NULL;
  390.  
  391. static int (KRB5_CALLCONV_C * p_tf_get_pname)(char*)=NULL;
  392. static int (KRB5_CALLCONV_C * p_tf_get_pinst)(char*)=NULL;
  393. static int (KRB5_CALLCONV_C * p_tf_get_cred)(CREDENTIALS*)=NULL;
  394. static void (KRB5_CALLCONV_C * p_tf_close)(void)=NULL;
  395. static int (KRB5_CALLCONV_C * p_tf_init)(char *,int)=NULL;
  396. static char * (KRB5_CALLCONV_C * p_tkt_string)(void)=NULL;
  397. static int (KRB5_CALLCONV_C * p_krb_get_tf_realm)(char *ticket_file,
  398.                                              char *realm)=NULL;
  399. static int (KRB5_CALLCONV_C * p_krb_get_tf_fullname)(char *ticket_file,
  400.                                      char *name, char *inst,
  401.                                        char *realm)=NULL;
  402. static int (KRB5_CALLCONV_C * p_krb_check_serv)(char * service)=NULL;
  403. static int (KRB5_CALLCONV_C * p_kuserok)(AUTH_DAT *kdata, char *luser)=NULL;
  404. static int (KRB5_CALLCONV_C * p_k95_k4_userok)( const char * princ_name,
  405.                                 const char * princ_inst,
  406.                                 const char * princ_realm,
  407.                                 const char * local_realm,
  408.                                 const char *luser)=NULL;
  409. static int (KRB5_CALLCONV_C * p_krb_kntoln)(AUTH_DAT *kdata, char *luser)=NULL;
  410. static int (KRB5_CALLCONV_C * p_k95_k4_princ_to_userid)( const char * princ_name,
  411.                                          const char * princ_inst,
  412.                                          const char * princ_realm,
  413.                                          const char * local_realm,
  414.                                          char *luser, int len)=NULL;
  415. static int (KRB5_CALLCONV_C * p_krb_rd_req)(KTEXT, char *service, char *inst,
  416.                              unsigned KRB4_32 from_addr, AUTH_DAT  *,
  417.                              char  *srvtab)=NULL;
  418. static int (KRB5_CALLCONV * p_krb_sendauth)(long,int,KTEXT,CHAR *,CHAR *,CHAR *,
  419.                          unsigned long,MSG_DAT *,CREDENTIALS *, Key_schedule *,
  420.                          struct sockaddr_in *,struct sockaddr_in *, CHAR *)=NULL;
  421. static int (KRB5_CALLCONV_C * p_set_krb_debug)(int)=NULL;
  422. static int (KRB5_CALLCONV_C * p_set_krb_ap_req_debug)(int)=NULL;
  423. static long (KRB5_CALLCONV_C *p_krb_mk_safe)(char * in, char * out,
  424.                               unsigned long length,
  425.                               C_Block block,
  426.                               struct sockaddr_in * sender,
  427.                               struct sockaddr_in * receiver)=NULL;
  428. static long (KRB5_CALLCONV_C *p_krb_mk_priv)(char * in, char * out,
  429.                               unsigned long length,
  430.                               Schedule sched,
  431.                               C_Block block,
  432.                               struct sockaddr_in * sender,
  433.                               struct sockaddr_in * receiver)=NULL;
  434. static long (KRB5_CALLCONV_C *p_krb_rd_priv)(char * in, unsigned long in_length,
  435.                               Schedule sched,
  436.                               C_Block block,
  437.                               struct sockaddr_in * sender,
  438.                               struct sockaddr_in * receiver,
  439.                               MSG_DAT * m_data)=NULL;
  440. static long (KRB5_CALLCONV_C *p_krb_rd_safe)(char * in, unsigned long in_length,
  441.                               C_Block block,
  442.                               struct sockaddr_in * sender,
  443.                               struct sockaddr_in * receiver,
  444.                               MSG_DAT * m_data)=NULL;
  445. static int (KRB5_CALLCONV_C *p_krb_in_tkt)(char *, char *, char *)=NULL;
  446. static int (KRB5_CALLCONV_C *p_krb_save_credentials)(char *, char *, char *, C_Block, int, int, KTEXT, long)=NULL;
  447.  
  448. int 
  449. ck_krb_in_tkt(char *a, char *b, char *c)
  450. {
  451.     if ( p_krb_in_tkt )
  452.         return(p_krb_in_tkt(a,b,c));
  453.     else
  454.         return(KFAILURE);
  455. }
  456.  
  457. int 
  458. ck_krb_save_credentials(char *a, char *b, char *c, C_Block block, int n, int m, KTEXT k, long l)
  459. {
  460.     if ( p_krb_save_credentials )
  461.         return(p_krb_save_credentials(a,b,c,block,n,m,k,l));
  462.     else
  463.         return(KFAILURE);
  464. }
  465.  
  466. const char *
  467. ck_krb_get_err_text_entry(int _errno)
  468. {
  469.     if (_errno == -1 )
  470.         return("Function not supported by Kerberos installation");
  471.     if ( p_krb_get_err_text_entry )
  472.         return(p_krb_get_err_text_entry(_errno));
  473.     if ( p_krb_get_err_text )
  474.         return(p_krb_get_err_text(_errno));
  475.     else
  476.         return("");
  477. }
  478.  
  479. int
  480. ck_krb_get_cred(char *service, char *instance,
  481.                  char *realm, LEASH_CREDENTIALS *c)
  482. {
  483.     if ( p_krb_get_cred )
  484.         return(p_krb_get_cred(service,instance,realm,(CREDENTIALS *)c));
  485.     else
  486.         return(-1);
  487. }
  488.  
  489. int
  490. ck_krb_mk_req(KTEXT authent, char *service,
  491.                char *instance, char *realm,
  492.                KRB4_32 checksum)
  493. {
  494.     if ( p_krb_mk_req )
  495.         return(p_krb_mk_req(authent,service,
  496.                              instance,realm,checksum));
  497.     else
  498.         return(-1);
  499. }
  500.  
  501. char *
  502. ck_krb_realmofhost(char *host)
  503. {
  504.     debug(F110,"ck_krb_realmofhost",host,0);
  505.     if ( p_krb_realmofhost )
  506.         return(p_krb_realmofhost(host));
  507.     else
  508.         return("");
  509. }
  510.  
  511. char *
  512. ck_krb_get_phost(char *alias)
  513. {
  514.     if ( p_krb_get_phost )
  515.         return(p_krb_get_phost(alias));
  516.     else
  517.         return("");
  518. }
  519.  
  520. int
  521. ck_krb_get_pw_in_tkt( char  *user, char  *instance, char  *realm,
  522.                       char  *service, char  *sinstance,
  523.                       int life, char  *password)
  524. {
  525.     if ( p_krb_get_pw_in_tkt )
  526.         return(p_krb_get_pw_in_tkt(user,instance,realm,service,
  527.                                     sinstance,life,password));
  528.     else
  529.         return(-1);
  530. }
  531.  
  532. int
  533. ck_krb_get_pw_in_tkt_preauth( char  *user, char  *instance, char  *realm,
  534.                               char  *service, char  *sinstance,
  535.                               int life, char  *password)
  536. {
  537.     if ( p_krb_get_pw_in_tkt_preauth )
  538.         return(p_krb_get_pw_in_tkt_preauth(user,instance,realm,service,
  539.                                             sinstance,life,password));
  540.     else
  541.         return(-1);
  542. }
  543.  
  544. int
  545. ck_krb_get_lrealm(char  *realm, int index)
  546. {
  547.     if ( p_krb_get_lrealm )
  548.         return(p_krb_get_lrealm(realm,index));
  549.     else
  550.         return(-1);
  551. }
  552.  
  553. const char *
  554. ck_krb_get_err_text(int _errno)
  555. {
  556.     if ( p_krb_get_err_text )
  557.         return(p_krb_get_err_text(_errno));
  558.     if ( p_krb_get_err_text_entry )
  559.         return(p_krb_get_err_text_entry(_errno));
  560.     else
  561.         return("");
  562. }
  563. int
  564. ck_kname_parse(char  *name, char  *inst,
  565.                 char  *realm,char  *fullname)
  566. {
  567.     if ( p_kname_parse )
  568.         return(p_kname_parse(name,inst,realm,fullname));
  569.     return(-1);
  570. }
  571.  
  572. int
  573. ck_dest_tkt(void)
  574. {
  575.     if ( p_dest_tkt )
  576.         return(p_dest_tkt());
  577.     else
  578.         return(-1);
  579. }
  580.  
  581. int
  582. ck_tf_get_pname(char* pname)
  583. {
  584.     if ( p_tf_get_pname )
  585.         return(p_tf_get_pname(pname));
  586.     else
  587.         return(-1);
  588. }
  589.  
  590. int
  591. ck_tf_get_pinst(char* pinst)
  592. {
  593.     if ( p_tf_get_pinst )
  594.         return(p_tf_get_pinst(pinst));
  595.     else
  596.         return(-1);
  597. }
  598.  
  599. int
  600. ck_tf_get_cred(LEASH_CREDENTIALS* cred)
  601. {
  602.     if ( p_tf_get_cred )
  603.         return(p_tf_get_cred((CREDENTIALS *)cred));
  604.     else
  605.         return(-1);
  606. }
  607.  
  608. void
  609. ck_tf_close(void)
  610. {
  611.     if ( p_tf_close )
  612.         p_tf_close();
  613. }
  614.  
  615. int
  616. ck_tf_init(char * p,int n)
  617. {
  618.     if ( p_tf_init )
  619.         return(p_tf_init(p,n));
  620.     else
  621.         return(-1);
  622. }
  623.  
  624. char *
  625. ck_tkt_string(void)
  626. {
  627.     if ( p_tkt_string )
  628.         return(p_tkt_string());
  629.     else
  630.         return("");
  631. }
  632.  
  633. int
  634. ck_krb_get_tf_realm(char *ticket_file, char *realm)
  635. {
  636.     if ( p_krb_get_tf_realm )
  637.         return(p_krb_get_tf_realm(ticket_file,realm));
  638.     else
  639.         return(-1);
  640. }
  641.  
  642. int
  643. ck_krb_get_tf_fullname(char *tf, char * name, char * inst, char *realm)
  644. {
  645.     if ( p_krb_get_tf_fullname )
  646.         return(p_krb_get_tf_fullname(tf,name,inst,realm));
  647.     else
  648.         return(-1);
  649. }
  650.  
  651. int
  652. ck_krb_check_serv(char * service)
  653. {
  654.     if ( p_krb_check_serv )
  655.         return(p_krb_check_serv(service));
  656.     else
  657.         return(-1);
  658. }
  659.  
  660. static char lrealm[REALM_SZ] = "";
  661.  
  662. int
  663. ck_kuserok(AUTH_DAT *kdata, char *luser)
  664. {
  665.     if ( p_k95_k4_userok ) {
  666.         ckstrncpy(lrealm,ck_krb4_getrealm(),REALM_SZ);
  667.         return(p_k95_k4_userok(kdata->pname, kdata->pinst, kdata->prealm,
  668.                                 lrealm, luser));
  669.     }
  670.     else if ( p_kuserok )
  671.         return(p_kuserok(kdata,luser));
  672.     else {
  673.         return(stricmp(luser,kdata->pname));
  674.     }
  675. }
  676.  
  677. int
  678. ck_krb_kntoln(AUTH_DAT *kdata, char *luser)
  679. {
  680.  
  681.     if ( p_k95_k4_princ_to_userid ) {
  682.         if (krb_get_lrealm(lrealm,1) == KFAILURE)
  683.             lrealm[0] = '\0';
  684.          return(p_k95_k4_princ_to_userid(kdata->pname, kdata->pinst,
  685.                                           kdata->prealm, lrealm,
  686.                                           luser, ANAME_SZ));
  687.     }
  688.     else if ( p_krb_kntoln )
  689.         return(p_krb_kntoln(kdata,luser));
  690.     else {
  691.  
  692.         if (krb_get_lrealm(lrealm,1) == KFAILURE)
  693.             return(KFAILURE);
  694.  
  695.         if (strcmp(kdata->pinst,""))
  696.             return(KFAILURE);
  697.         if (strcmp(kdata->prealm,lrealm))
  698.             return(KFAILURE);
  699.         (void) ckstrncpy(luser,kdata->pname,ANAME_SZ);
  700.         return(KSUCCESS);
  701.     }
  702. }
  703.  
  704. int
  705. ck_krb_rd_req(KTEXT authent, char *service, char *inst,
  706.                              unsigned int from_addr, AUTH_DAT * adat,
  707.                              char *srvtab)
  708. {
  709.     if ( p_krb_rd_req )
  710.         return(p_krb_rd_req(authent, service, inst, from_addr,
  711.                              adat, srvtab));
  712.     else
  713.         return(-1);
  714.  
  715. }
  716.  
  717. int
  718. ck_krb_sendauth(long opts, int socket, KTEXT ticket, CHAR * service,
  719.                  CHAR * hostname, CHAR * realm, unsigned long pid,
  720.                  MSG_DAT * msg_dat, LEASH_CREDENTIALS * cred,
  721.                  Schedule * sched, struct sockaddr_in * l_addr,
  722.                  struct sockaddr_in * r_addr, CHAR * str)
  723. {
  724.     if ( p_krb_sendauth )
  725.         return(p_krb_sendauth(opts,socket,ticket,service,hostname,
  726.                                realm,pid, msg_dat, (CREDENTIALS *)cred, sched,
  727.                                l_addr, r_addr, str));
  728.     else
  729.         return(-1);
  730. }
  731.  
  732. int
  733. ck_set_krb_debug(int x)
  734. {
  735.     if ( p_set_krb_debug )
  736.         return(p_set_krb_debug(x));
  737.     else
  738.         return(0);
  739. }
  740.  
  741. int
  742. ck_set_krb_ap_req_debug(int x)
  743. {
  744.     if ( p_set_krb_ap_req_debug )
  745.         return(p_set_krb_ap_req_debug(x));
  746.     else
  747.         return(0);
  748. }
  749.  
  750. long
  751. ck_krb_mk_safe(char * in, char * out,
  752.                 unsigned long length,
  753.                 C_Block block,
  754.                 struct sockaddr_in * sender,
  755.                 struct sockaddr_in * receiver)
  756. {
  757.     if ( p_krb_mk_safe )
  758.         return(p_krb_mk_safe(in,out,length,block,sender,receiver));
  759.     else
  760.         return(-1);
  761. }
  762.  
  763. long
  764. ck_krb_mk_priv(char * in, char * out,
  765.                 unsigned long length,
  766.                 Schedule sched,
  767.                 C_Block block,
  768.                 struct sockaddr_in * sender,
  769.                 struct sockaddr_in * receiver)
  770. {
  771.     if ( p_krb_mk_priv )
  772.         return(p_krb_mk_priv(in,out,length,sched,block,sender,receiver));
  773.     else
  774.         return(-1);
  775. }
  776.  
  777. long
  778. ck_krb_rd_priv(char * in, unsigned long in_length,
  779.                 Schedule sched,
  780.                 C_Block block,
  781.                 struct sockaddr_in * sender,
  782.                 struct sockaddr_in * receiver,
  783.                 MSG_DAT * m_data)
  784. {
  785.     if ( p_krb_rd_priv )
  786.         return(p_krb_rd_priv(in, in_length,sched, block, sender, receiver, m_data));
  787.     else
  788.         return(-1);
  789. }
  790.  
  791. long
  792. ck_krb_rd_safe(char * in, unsigned long in_length,
  793.                 C_Block block,
  794.                 struct sockaddr_in * sender,
  795.                 struct sockaddr_in * receiver,
  796.                 MSG_DAT * m_data)
  797. {
  798.     if ( p_krb_rd_safe )
  799.         return(p_krb_rd_safe(in, in_length, block, sender, receiver,m_data));
  800.     else
  801.         return(-1);
  802. }
  803. #endif /* KRB4 */
  804.  
  805. #ifdef KRB5
  806. /* These functions are located in DLLs which we are not linking to at */
  807. /* compile time.  Therefore, we have to redirect them to locally      */
  808. /* defined functions which will call the real thing only if they are  */
  809. /* available via Run-Time Linking.                                    */
  810. /*
  811.     From COMERR32.DLL
  812.        unresolved external symbol __imp__com_err
  813.        unresolved external symbol __imp__error_message@4
  814.  
  815.     From KRB5_32.DLL:
  816.        unresolved external symbol __imp__krb5_free_creds@8
  817.        unresolved external symbol __imp__krb5_copy_keyblock@12
  818.        unresolved external symbol __imp__krb5_free_keyblock@8
  819.        unresolved external symbol __imp__krb5_auth_con_getlocalsubkey@12
  820.        unresolved external symbol __imp__krb5_mk_req_extended@24
  821.        unresolved external symbol __imp__krb5_auth_con_setflags@12
  822.        unresolved external symbol __imp__krb5_auth_con_init@8
  823.        unresolved external symbol __imp__krb5_auth_con_free@8
  824.        unresolved external symbol __imp__krb5_get_credentials@20
  825.        unresolved external symbol __imp__krb5_free_cred_contents@8
  826.        unresolved external symbol __imp__krb5_sname_to_principal@20
  827.        unresolved external symbol __imp__krb5_cc_default@8
  828.        unresolved external symbol __imp__krb5_free_ap_rep_enc_part@8
  829.        unresolved external symbol __imp__krb5_rd_rep@16
  830.  
  831.        unresolved external symbol __imp__krb5_get_in_tkt_with_keytab@36
  832.        unresolved external symbol __imp__krb5_get_in_tkt_with_password@36
  833.        unresolved external symbol __imp__krb5_read_password@20
  834.        unresolved external symbol __imp__krb5_build_principal_ext
  835.        unresolved external symbol __imp__krb5_unparse_name@12
  836.        unresolved external symbol __imp__krb5_parse_name@12
  837.        unresolved external symbol __imp__krb5_cc_resolve@12
  838.        unresolved external symbol __imp__krb5_string_to_timestamp@8
  839.        unresolved external symbol __imp__krb5_kt_resolve@12
  840.        unresolved external symbol __imp__krb5_string_to_deltat@8
  841.        unresolved external symbol __imp__krb5_timeofday@8
  842.        unresolved external symbol __imp__krb5_get_credentials_renew@20
  843.        unresolved external symbol __imp__krb5_get_credentials_validate@20
  844.        unresolved external symbol __imp__krb5_copy_principal@12
  845.        unresolved external symbol __imp__krb5_timestamp_to_sfstring@16
  846.        unresolved external symbol __imp__krb5_kt_default@8
  847.        unresolved external symbol __imp__krb5_free_ticket@8
  848.        unresolved external symbol _decode_krb5_ticket
  849.  
  850.      These were added when Server Side functionality was added:
  851.        unresolved external symbol __imp__krb5_auth_con_getremotesubkey@12
  852.        unresolved external symbol __imp__krb5_mk_rep@12
  853.        unresolved external symbol __imp__krb5_free_authenticator@8
  854.        unresolved external symbol __imp__krb5_verify_checksum@28
  855.        unresolved external symbol __imp__krb5_auth_con_getkey@12
  856.        unresolved external symbol __imp__krb5_auth_con_getauthenticator@12
  857.        unresolved external symbol __imp__krb5_rd_req@28
  858.        unresolved external symbol _krb5_auth_con_setrcache
  859.        unresolved external symbol _krb5_get_server_rcache
  860.        unresolved external symbol _krb5_auth_con_getrcache
  861.        unresolved external symbol __imp__krb5_free_tgt_creds@8
  862.        unresolved external symbol __imp__krb5_rd_cred@20
  863.  
  864.      These were added for 7.1.198 so we can support hardware preauth
  865.      __imp__krb5_get_init_creds_password@36
  866.      __imp__krb5_get_init_creds_opt_set_address_list@8
  867.      __imp__krb5_get_renewed_creds@20
  868.      __imp__krb5_get_validated_creds@20
  869.      __imp__krb5_get_init_creds_opt_set_tkt_life@8
  870.      __imp__krb5_get_init_creds_opt_set_forwardable@8
  871.      __imp__krb5_get_init_creds_opt_set_proxiable@8
  872.      __imp__krb5_get_init_creds_opt_set_renew_life@8
  873.      __imp__krb5_get_init_creds_opt_init@4
  874.  
  875.      These were added 7-17-2000
  876.  
  877.      __imp__krb5_cc_get_principal@12
  878.      __imp__krb5_cc_store_cred@12
  879.      __imp__krb5_cc_initialize@12
  880.      __imp__krb5_cc_destroy@8
  881.      __imp__krb5_cc_end_seq_get@12
  882.      __imp__krb5_cc_next_cred@16
  883.      __imp__krb5_cc_start_seq_get@12
  884.      __imp__krb5_cc_get_type
  885.      __imp__krb5_cc_get_name@8
  886.      __imp__krb5_cc_set_flags@12
  887. */
  888.  
  889.  
  890. static void
  891. (KRB5_CALLCONV * p_com_err)(const char *, errcode_t, const char *, ...)=NULL;
  892. static void (KRB5_CALLCONV * p_com_err_va)
  893.   (const char *, errcode_t, const char *, va_list)=NULL;
  894. static const char *
  895. (KRB5_CALLCONV *p_error_message)(errcode_t)=NULL;
  896. static void
  897. (KRB5_CALLCONV *p_krb5_free_creds)(krb5_context, krb5_creds*)=NULL;
  898. static void
  899. (KRB5_CALLCONV *p_krb5_free_data)(krb5_context, krb5_data *)=NULL;
  900. static void
  901. (KRB5_CALLCONV *p_krb5_free_data_contents)(krb5_context, krb5_data *)=NULL;
  902. static krb5_error_code
  903. (KRB5_CALLCONV *p_krb5_copy_keyblock)(krb5_context,
  904.                          krb5_const krb5_keyblock  *,
  905.                          krb5_keyblock  *  *)=NULL;
  906. static void
  907. (KRB5_CALLCONV *p_krb5_free_keyblock) (krb5_context, krb5_keyblock  *)=NULL;
  908. static krb5_error_code
  909. (KRB5_CALLCONV *p_krb5_auth_con_getlocalsubkey)(krb5_context,
  910.                                                 krb5_auth_context,
  911.                                                 krb5_keyblock  *  *)=NULL;
  912. static krb5_error_code
  913. (KRB5_CALLCONV *p_krb5_mk_req_extended) (krb5_context,
  914.                                          krb5_auth_context  *,
  915.                                          krb5_const krb5_flags,
  916.                                          krb5_data  *,
  917.                                          krb5_creds  *,
  918.                                          krb5_data  * )=NULL;
  919. static krb5_error_code
  920. (KRB5_CALLCONV *p_krb5_mk_req)
  921.         (krb5_context,
  922.                 krb5_auth_context *,
  923.                 krb5_const krb5_flags,
  924.                 char *,
  925.                 char *,
  926.                 krb5_data *,
  927.                 krb5_ccache,
  928.                 krb5_data * )=NULL;
  929. static krb5_error_code
  930. (KRB5_CALLCONV *p_krb5_auth_con_setflags) (krb5_context,
  931.                                            krb5_auth_context,
  932.                                            krb5_int32)=NULL;
  933. static krb5_error_code
  934. (KRB5_CALLCONV *p_krb5_auth_con_init) (krb5_context,
  935.                                        krb5_auth_context  *)=NULL;
  936. static krb5_error_code
  937. (KRB5_CALLCONV *p_krb5_auth_con_free) (krb5_context,
  938.                                        krb5_auth_context)=NULL;
  939. static krb5_error_code
  940. (KRB5_CALLCONV *p_krb5_get_credentials)(krb5_context,
  941.                                         krb5_const krb5_flags,
  942.                                         krb5_ccache,
  943.                                         krb5_creds  *,
  944.                                         krb5_creds  *  *)=NULL;
  945. static void
  946. (KRB5_CALLCONV *p_krb5_free_cred_contents)(krb5_context, krb5_creds  *)=NULL;
  947. static krb5_error_code
  948. (KRB5_CALLCONV *p_krb5_sname_to_principal)(krb5_context,
  949.                                            krb5_const char  *,
  950.                                            krb5_const char  *,
  951.                                            krb5_int32,
  952.                                            krb5_principal  *)=NULL;
  953. static krb5_error_code
  954. (KRB5_CALLCONV *p_krb5_cc_default)(krb5_context,
  955.                                    krb5_ccache  *)=NULL;
  956. static void
  957. (KRB5_CALLCONV *p_krb5_free_ap_rep_enc_part)(krb5_context,
  958.                                              krb5_ap_rep_enc_part  *)=NULL;
  959. static krb5_error_code
  960. (KRB5_CALLCONV *p_krb5_rd_rep)(krb5_context,
  961.                                krb5_auth_context,
  962.                                krb5_const krb5_data  *,
  963.                                krb5_ap_rep_enc_part  *  *)=NULL;
  964. static krb5_error_code
  965. (KRB5_CALLCONV *p_krb5_init_context)(krb5_context *)=NULL;
  966. static void
  967. (KRB5_CALLCONV *p_krb5_free_context)(krb5_context)=NULL;
  968. static krb5_error_code
  969. (KRB5_CALLCONV *p_krb5_init_ets)(krb5_context)=NULL;
  970.  
  971. static void
  972. (KRB5_CALLCONV *p_krb5_free_principal) P((krb5_context, krb5_principal ))=NULL;
  973. static void
  974. (KRB5_CALLCONV *p_krb5_free_unparsed_name) P((krb5_context, char *))=NULL;
  975. static krb5_error_code
  976. (KRB5_CALLCONV *p_krb5_fwd_tgt_creds)P((krb5_context,
  977.                                      krb5_auth_context,
  978.                                      char  *,
  979.                                      krb5_principal,
  980.                                      krb5_principal,
  981.                                      krb5_ccache,
  982.                                      int forwardable,
  983.                                      krb5_data  *))=NULL;
  984. static krb5_error_code
  985. (KRB5_CALLCONV *p_krb5_auth_con_genaddrs)P((krb5_context,
  986.                                          krb5_auth_context,
  987.                                          int, int))=NULL;
  988.  
  989. static krb5_error_code
  990. (KRB5_CALLCONV *p_krb5_get_host_realm)P((krb5_context,
  991.                                     const char *,
  992.                                     char ***))=NULL;
  993. static krb5_error_code
  994. (KRB5_CALLCONV *p_krb5_free_host_realm)P((krb5_context,
  995.                                     char **))=NULL;
  996. static krb5_error_code
  997. (KRB5_CALLCONV *p_krb5_get_in_tkt_with_keytab)P((krb5_context,
  998.                 krb5_const krb5_flags,
  999.                 krb5_address * krb5_const *,
  1000.                 krb5_enctype *,
  1001.                 krb5_preauthtype *,
  1002.                 krb5_const krb5_keytab,
  1003.                 krb5_ccache,
  1004.                 krb5_creds *,
  1005.                 krb5_kdc_rep ** ))=NULL;
  1006.  
  1007. static krb5_error_code
  1008. (KRB5_CALLCONV *p_krb5_get_in_tkt_with_password)P((krb5_context,
  1009.                 krb5_const krb5_flags,
  1010.                 krb5_address * krb5_const *,
  1011.                 krb5_enctype *,
  1012.                 krb5_preauthtype *,
  1013.                 krb5_const char *,
  1014.                 krb5_ccache,
  1015.                 krb5_creds *,
  1016.                 krb5_kdc_rep **))=NULL;
  1017.  
  1018. static krb5_error_code
  1019. (KRB5_CALLCONV *p_krb5_read_password)P((krb5_context,
  1020.                 const char *,
  1021.                 const char *,
  1022.                 char *,
  1023.                 int * ))=NULL;
  1024.  
  1025. static krb5_error_code
  1026. (KRB5_CALLCONV_C *p_krb5_build_principal_ext)P((krb5_context,
  1027.                                  krb5_principal *,
  1028.                                  int,
  1029.                                  krb5_const char *,
  1030.                                  ...))=NULL;
  1031.  
  1032. static krb5_error_code
  1033. (KRB5_CALLCONV *p_krb5_unparse_name)P((krb5_context,
  1034.                 krb5_const_principal,
  1035.                 char ** ))=NULL;
  1036.  
  1037. static krb5_error_code
  1038. (KRB5_CALLCONV *p_krb5_parse_name)P((krb5_context,
  1039.                 krb5_const char *,
  1040.                 krb5_principal *))=NULL;
  1041.  
  1042. static krb5_error_code
  1043. (KRB5_CALLCONV *p_krb5_cc_resolve)P((krb5_context,
  1044.                 char *,
  1045.                 krb5_ccache *))=NULL;
  1046.  
  1047. static const char *
  1048. (KRB5_CALLCONV *p_krb5_cc_default_name)P((krb5_context))=NULL;
  1049.  
  1050. static krb5_error_code
  1051. (KRB5_CALLCONV *p_krb5_string_to_timestamp)P((char *,
  1052.                                            krb5_timestamp *))=NULL;
  1053.  
  1054. static krb5_error_code
  1055. (KRB5_CALLCONV *p_krb5_kt_resolve)P((krb5_context,
  1056.                 krb5_const char *,
  1057.                 krb5_keytab *))=NULL;
  1058.  
  1059. static krb5_error_code
  1060. (KRB5_CALLCONV *p_krb5_string_to_deltat)P((char *, krb5_deltat *))=NULL;
  1061.  
  1062. static krb5_error_code
  1063. (KRB5_CALLCONV *p_krb5_timeofday)P((krb5_context,
  1064.                 krb5_int32 *))=NULL;
  1065.  
  1066. static krb5_error_code
  1067. (KRB5_CALLCONV *p_krb5_get_credentials_renew)P((krb5_context,
  1068.                 krb5_const krb5_flags,
  1069.                 krb5_ccache,
  1070.                 krb5_creds *,
  1071.                 krb5_creds **))=NULL;
  1072.  
  1073. static krb5_error_code
  1074. (KRB5_CALLCONV *p_krb5_get_credentials_validate)P((krb5_context,
  1075.                 krb5_const krb5_flags,
  1076.                 krb5_ccache,
  1077.                 krb5_creds *,
  1078.                 krb5_creds **))=NULL;
  1079.  
  1080. static krb5_error_code
  1081. (KRB5_CALLCONV *p_krb5_copy_principal)P((krb5_context,
  1082.                 krb5_const_principal,
  1083.                 krb5_principal *))=NULL;
  1084.  
  1085. static krb5_error_code
  1086. (KRB5_CALLCONV *p_krb5_timestamp_to_sfstring)P((krb5_timestamp,
  1087.                                              char *,
  1088.                                              size_t,
  1089.                                              char *))=NULL;
  1090.  
  1091. static krb5_error_code
  1092. (KRB5_CALLCONV *p_krb5_kt_default)P((krb5_context,
  1093.                 krb5_keytab *))=NULL;
  1094.  
  1095. static krb5_error_code
  1096. (KRB5_CALLCONV *p_krb5_free_ticket)P((krb5_context, krb5_ticket *))=NULL;
  1097.  
  1098. static krb5_error_code
  1099. (KRB5_CALLCONV_C *p_decode_krb5_ticket)P((const krb5_data *code,
  1100.                                      krb5_ticket **rep))=NULL;
  1101.  
  1102. static krb5_error_code
  1103. (KRB5_CALLCONV *p_cygnus_decode_krb5_ticket)P((const krb5_data *code,
  1104.                                      krb5_ticket **rep))=NULL;
  1105.  
  1106. #ifdef CHECKADDRS
  1107. static krb5_error_code
  1108. (KRB5_CALLCONV *p_krb5_os_localaddr)P((krb5_context con,
  1109.                                     krb5_address *** ppp))=NULL;
  1110.  
  1111. static krb5_boolean
  1112. (KRB5_CALLCONV_C  *p_krb5_address_search)P((krb5_context con,
  1113.                 krb5_const krb5_address * p,
  1114.                 krb5_address * krb5_const * pp))=NULL;
  1115.  
  1116. static void
  1117. (KRB5_CALLCONV * p_krb5_free_addresses)P((krb5_context con,
  1118.                                        krb5_address ** pp))=NULL;
  1119. #endif /* CHECKADDRS */
  1120.  
  1121. static krb5_error_code
  1122. (KRB5_CALLCONV * p_krb5_auth_con_getremotesubkey)P((krb5_context,
  1123.                                                  krb5_auth_context,
  1124.                                                  krb5_keyblock **))
  1125.                                               = NULL;
  1126.  
  1127. static krb5_error_code
  1128. (KRB5_CALLCONV * p_krb5_mk_rep)P((krb5_context, krb5_auth_context,
  1129.                                krb5_data *))=NULL;
  1130.  
  1131. static krb5_error_code
  1132. (KRB5_CALLCONV * p_krb5_free_authenticator)P((krb5_context,
  1133.                                            krb5_authenticator *))=NULL;
  1134.  
  1135. static krb5_error_code
  1136. (KRB5_CALLCONV * p_krb5_verify_checksum)
  1137. P((krb5_context context,
  1138.     krb5_const krb5_cksumtype ctype,
  1139.     krb5_const krb5_checksum * cksum,
  1140.     krb5_const krb5_pointer in, krb5_const size_t in_length,
  1141.     krb5_const krb5_pointer seed, krb5_const size_t seed_length))=NULL;
  1142.  
  1143. static krb5_error_code
  1144. (KRB5_CALLCONV * p_krb5_auth_con_getkey)
  1145. P((krb5_context, krb5_auth_context, krb5_keyblock **))=NULL;
  1146.  
  1147. static krb5_error_code
  1148. (KRB5_CALLCONV * p_krb5_auth_con_getauthenticator)
  1149. P((krb5_context, krb5_auth_context, krb5_authenticator **))=NULL;
  1150.  
  1151. static krb5_error_code
  1152. (KRB5_CALLCONV * p_krb5_rd_req)
  1153. P((krb5_context, krb5_auth_context *, krb5_const krb5_data *,
  1154.     krb5_const_principal, krb5_keytab, krb5_flags *,
  1155.     krb5_ticket **))=NULL;
  1156.  
  1157. static krb5_error_code
  1158. (KRB5_CALLCONV * p_krb5_auth_con_setrcache)
  1159. P((krb5_context, krb5_auth_context, krb5_rcache))=NULL;
  1160.  
  1161. static krb5_error_code
  1162. (KRB5_CALLCONV * p_krb5_get_server_rcache)
  1163. P((krb5_context, krb5_const krb5_data *, krb5_rcache *))=NULL;
  1164.  
  1165. static krb5_error_code
  1166. (KRB5_CALLCONV_C * p_krb5_auth_con_getrcache)
  1167. P((krb5_context, krb5_auth_context, krb5_rcache *))=NULL;
  1168.  
  1169. static krb5_error_code
  1170. (KRB5_CALLCONV * p_krb5_free_tgt_creds)
  1171. P((krb5_context, krb5_creds ** ))=NULL;
  1172.  
  1173. static krb5_error_code
  1174. (KRB5_CALLCONV * p_krb5_rd_cred)
  1175. P((krb5_context,krb5_auth_context,krb5_data *, krb5_creds ***,
  1176.     krb5_replay_data *))=NULL;
  1177.  
  1178. static krb5_error_code
  1179. (KRB5_CALLCONV * p_krb5_c_enctype_compare)
  1180. P((krb5_context, krb5_enctype, krb5_enctype, krb5_boolean *))=NULL;
  1181.  
  1182. static krb5_error_code
  1183. (KRB5_CALLCONV * p_krb5_free_error)
  1184. P((krb5_context, krb5_error *))=NULL;
  1185.  
  1186. static krb5_error_code
  1187. (KRB5_CALLCONV * p_krb5_sendauth)
  1188. P((krb5_context,
  1189.     krb5_auth_context *,
  1190.     krb5_pointer,
  1191.     char *,
  1192.     krb5_principal,
  1193.     krb5_principal,
  1194.     krb5_flags,
  1195.     krb5_data *,
  1196.     krb5_creds *,
  1197.     krb5_ccache,
  1198.     krb5_error **,
  1199.     krb5_ap_rep_enc_part **,
  1200.     krb5_creds **))=NULL;
  1201.  
  1202. static krb5_error_code
  1203. (KRB5_CALLCONV *p_krb5_process_key)
  1204. P((krb5_context, krb5_encrypt_block *, const krb5_keyblock *))=NULL;
  1205.  
  1206. static krb5_error_code
  1207. (KRB5_CALLCONV * p_krb5_use_enctype)
  1208. P((krb5_context, krb5_encrypt_block *, const krb5_enctype))=NULL;
  1209.  
  1210. static krb5_error_code
  1211. (KRB5_CALLCONV * p_krb5_encrypt)
  1212. P((krb5_context context,
  1213.     krb5_const krb5_pointer inptr,
  1214.     krb5_pointer outptr,
  1215.     krb5_const size_t size,
  1216.     krb5_encrypt_block * eblock,
  1217.     krb5_pointer ivec))=NULL;
  1218.  
  1219. static size_t
  1220. (KRB5_CALLCONV * p_krb5_encrypt_size)
  1221. P((krb5_const size_t length,
  1222.     krb5_enctype crypto))=NULL;
  1223.  
  1224. static krb5_error_code
  1225. (KRB5_CALLCONV * p_krb5_decrypt)
  1226. P((krb5_context context,
  1227.     krb5_const krb5_pointer inptr,
  1228.     krb5_pointer outptr,
  1229.     krb5_const size_t size,
  1230.     krb5_encrypt_block  * eblock,
  1231.     krb5_pointer ivec))=NULL;
  1232.  
  1233. static krb5_boolean
  1234. (KRB5_CALLCONV * p_krb5_kuserok)
  1235. P((krb5_context context,krb5_principal princ, const char * p))=NULL;
  1236.  
  1237. static krb5_error_code
  1238. (KRB5_CALLCONV * p_krb5_aname_to_localname)
  1239. P((krb5_context context, krb5_const_principal aname, const int lnsize, char *lname))=NULL;
  1240.  
  1241. static int
  1242. (KRB5_CALLCONV_C * p_k95_k5_userok)
  1243. P((const char * princ_name, const char * princ_inst, const char * princ_realm,
  1244.    const char * local_realm, const char * userid))=NULL;
  1245.  
  1246. static int
  1247. (KRB5_CALLCONV_C * p_k95_k5_principal_to_localname)
  1248. P((const char * princ_name, const char * local_realm, char * userid, int len))=NULL;
  1249.  
  1250. static void
  1251. (KRB5_CALLCONV_C * p_krb5_appdefault_boolean)
  1252. P((krb5_context,const char *,const krb5_data *,const char *,
  1253.      int,int * ))=NULL;
  1254. static void
  1255. (KRB5_CALLCONV_C * p_krb5_appdefault_string)
  1256. P((krb5_context,const char *,const krb5_data *,const char *,
  1257.     char ** ))=NULL;
  1258.  
  1259. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_init)
  1260.     P((krb5_get_init_creds_opt *opt))=NULL;
  1261.  
  1262. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_tkt_life)
  1263.     P((krb5_get_init_creds_opt *opt,
  1264.                  krb5_deltat tkt_life))=NULL;
  1265.  
  1266. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_renew_life)
  1267.     P((krb5_get_init_creds_opt *opt,
  1268.         krb5_deltat renew_life))=NULL;
  1269.  
  1270. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_forwardable)
  1271.     P((krb5_get_init_creds_opt *opt,
  1272.         int forwardable))=NULL;
  1273.  
  1274. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_proxiable)
  1275.     P((krb5_get_init_creds_opt *opt,
  1276.         int proxiable))=NULL;
  1277.  
  1278. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_etype_list)
  1279.     P((krb5_get_init_creds_opt *opt,
  1280.         krb5_enctype *etype_list,
  1281.         int etype_list_length))=NULL;
  1282.  
  1283. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_address_list)
  1284.     P((krb5_get_init_creds_opt *opt, krb5_address **addresses))=NULL;
  1285.  
  1286. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_preauth_list)
  1287.     P((krb5_get_init_creds_opt *opt,
  1288.         krb5_preauthtype *preauth_list,
  1289.         int preauth_list_length))=NULL;
  1290.  
  1291. static void (KRB5_CALLCONV * p_krb5_get_init_creds_opt_set_salt)
  1292.     P((krb5_get_init_creds_opt *opt, krb5_data *salt))=NULL;
  1293.  
  1294. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_init_creds_password)
  1295.     P((krb5_context context,
  1296.         krb5_creds *creds,
  1297.         krb5_principal client,
  1298.         char *password,
  1299.         krb5_prompter_fct prompter,
  1300.         void *data,
  1301.         krb5_deltat start_time,
  1302.         char *in_tkt_service,
  1303.         krb5_get_init_creds_opt *options))=NULL;
  1304.  
  1305. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_init_creds_keytab)
  1306.     P((krb5_context context,
  1307.         krb5_creds *creds,
  1308.         krb5_principal client,
  1309.         krb5_keytab arg_keytab,
  1310.         krb5_deltat start_time,
  1311.         char *in_tkt_service,
  1312.         krb5_get_init_creds_opt *options))=NULL;
  1313.  
  1314. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_validated_creds)
  1315.     P((krb5_context context,
  1316.         krb5_creds *creds,
  1317.         krb5_principal client,
  1318.         krb5_ccache ccache,
  1319.         char *in_tkt_service))=NULL;
  1320.  
  1321. static krb5_error_code (KRB5_CALLCONV * p_krb5_get_renewed_creds)
  1322.     P((krb5_context context,
  1323.         krb5_creds *creds,
  1324.         krb5_principal client,
  1325.         krb5_ccache ccache,
  1326.         char *in_tkt_service))=NULL;
  1327.  
  1328. static krb5_error_code (KRB5_CALLCONV * p_krb5_rd_safe)
  1329.    P((krb5_context,
  1330.        krb5_auth_context,
  1331.        krb5_const krb5_data  *,
  1332.        krb5_data  *,
  1333.        krb5_replay_data  *))=NULL;
  1334.  
  1335. static krb5_error_code (KRB5_CALLCONV * p_krb5_mk_safe)
  1336.     P((krb5_context,
  1337.         krb5_auth_context,
  1338.         krb5_const krb5_data  *,
  1339.         krb5_data  *,
  1340.         krb5_replay_data  *))=NULL;
  1341.  
  1342. static krb5_error_code (KRB5_CALLCONV * p_krb5_rd_priv)
  1343.     P((krb5_context,
  1344.         krb5_auth_context,
  1345.         krb5_const krb5_data  *,
  1346.         krb5_data  *,
  1347.         krb5_replay_data  *))=NULL;
  1348.  
  1349. static krb5_error_code (KRB5_CALLCONV * p_krb5_mk_priv)
  1350.     P((krb5_context,
  1351.         krb5_auth_context,
  1352.         krb5_const krb5_data  *,
  1353.         krb5_data  *,
  1354.         krb5_replay_data  *))=NULL;
  1355.  
  1356. static krb5_error_code (KRB5_CALLCONV *p_krb5_auth_con_setuseruserkey)
  1357.     P((krb5_context,
  1358.         krb5_auth_context,
  1359.         krb5_keyblock *))=NULL;
  1360.  
  1361. static krb5_error_code (KRB5_CALLCONV *p_krb5_get_profile)
  1362.     P((krb5_context, profile_t *))=NULL;
  1363.  
  1364. static long (KRB5_CALLCONV *p_profile_get_relation_names)
  1365.     P((profile_t profile, const char **names, char ***ret_names))=NULL;
  1366.  
  1367. static long (KRB5_CALLCONV *p_profile_get_subsection_names)
  1368.     P((profile_t profile, const char **names, char ***ret_names))=NULL;
  1369.  
  1370. static void (KRB5_CALLCONV *p_krb5_free_keyblock_contents)
  1371. P((krb5_context, krb5_keyblock FAR *))=NULL;
  1372.  
  1373. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_encrypt)
  1374.     P((krb5_context context, krb5_const krb5_keyblock *key,
  1375.         krb5_keyusage usage, krb5_const krb5_data *ivec,
  1376.         krb5_const krb5_data *input, krb5_enc_data *output))=NULL;
  1377.  
  1378. static krb5_error_code (KRB5_CALLCONV *p_krb5_c_decrypt)
  1379.     P((krb5_context context, krb5_const krb5_keyblock *key,
  1380.         krb5_keyusage usage, krb5_const krb5_data *ivec,
  1381.         krb5_const krb5_enc_data *input, krb5_data *output))=NULL;
  1382.  
  1383. static krb5_error_code (KRB5_CALLCONV *p_krb5_c_block_size)
  1384.     P((krb5_context context, krb5_enctype enctype,
  1385.         size_t *blocksize))=NULL;
  1386.  
  1387. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_make_random_key)
  1388.     P((krb5_context context, krb5_enctype enctype,
  1389.        krb5_keyblock *random_key))=NULL;
  1390.  
  1391. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_random_seed)
  1392.     P((krb5_context context, krb5_data *data))=NULL;
  1393.  
  1394. static krb5_error_code (KRB5_CALLCONV * p_krb5_c_encrypt_length)
  1395.     P((krb5_context context, krb5_enctype enctype,
  1396.       size_t inputlen, size_t *length))=NULL;
  1397.  
  1398. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_default_name)
  1399.     P((krb5_context context, char *, int))=NULL;
  1400.  
  1401. static char * (KRB5_CALLCONV * p_krb5_cc_get_name )
  1402.     (krb5_context context, krb5_ccache cache)=NULL;
  1403.  
  1404. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_gen_new )
  1405.     (krb5_context context, krb5_ccache *cache)=NULL;
  1406.  
  1407. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_initialize)
  1408.     (krb5_context context, krb5_ccache cache,
  1409.                     krb5_principal principal)=NULL;
  1410.  
  1411. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_destroy )
  1412.     (krb5_context context, krb5_ccache cache)=NULL;
  1413.  
  1414. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_close )
  1415.     (krb5_context context, krb5_ccache cache)=NULL;
  1416.  
  1417. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_store_cred )
  1418.     (krb5_context context, krb5_ccache cache,
  1419.                      krb5_creds *creds)=NULL;
  1420.  
  1421. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_retrieve_cred )
  1422.     (krb5_context context, krb5_ccache cache,
  1423.       krb5_flags flags, krb5_creds *mcreds,
  1424.       krb5_creds *creds)=NULL;
  1425.  
  1426. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_get_principal )
  1427.     (krb5_context context, krb5_ccache cache,
  1428.       krb5_principal *principal)=NULL;
  1429.  
  1430. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_start_seq_get )
  1431.     (krb5_context context, krb5_ccache cache,
  1432.       krb5_cc_cursor *cursor)=NULL;
  1433.  
  1434. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_next_cred )
  1435.     (krb5_context context, krb5_ccache cache,
  1436.       krb5_cc_cursor *cursor, krb5_creds *creds)=NULL;
  1437.  
  1438. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_end_seq_get )
  1439.     (krb5_context context, krb5_ccache cache,
  1440.       krb5_cc_cursor *cursor)=NULL;
  1441.  
  1442. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_remove_cred )
  1443.     (krb5_context context, krb5_ccache cache, krb5_flags flags,
  1444.       krb5_creds *creds)=NULL;
  1445.  
  1446. static krb5_error_code (KRB5_CALLCONV * p_krb5_cc_set_flags )
  1447.     (krb5_context context, krb5_ccache cache, krb5_flags flags)=NULL;
  1448.  
  1449. static const char * (KRB5_CALLCONV * p_krb5_cc_get_type )
  1450.     (krb5_context context, krb5_ccache cache)=NULL;
  1451.  
  1452. static const char * (KRB5_CALLCONV * p_krb5_kt_get_type )
  1453.     (krb5_context context, krb5_keytab)=NULL;
  1454.  
  1455. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_get_name)
  1456.     (krb5_context, krb5_keytab, char *, int)=NULL;
  1457.  
  1458. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_close)
  1459.     (krb5_context, krb5_keytab)=NULL;
  1460.  
  1461. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_get_entry)
  1462.     (krb5_context, krb5_keytab,
  1463.                  krb5_principal,
  1464.                  krb5_kvno,
  1465.                  krb5_enctype,
  1466.                  krb5_keytab_entry *)=NULL;
  1467.  
  1468. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_start_seq_get)
  1469.     (krb5_context,
  1470.                  krb5_keytab,
  1471.                  krb5_kt_cursor *)=NULL;
  1472. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_next_entry)
  1473.         (krb5_context,
  1474.                  krb5_keytab,
  1475.                  krb5_keytab_entry *,
  1476.                  krb5_kt_cursor *)=NULL;
  1477.  
  1478. static krb5_error_code (KRB5_CALLCONV * p_krb5_kt_end_seq_get)
  1479.         (krb5_context,
  1480.                  krb5_keytab,
  1481.                  krb5_kt_cursor *)=NULL;
  1482.  
  1483. static krb5_error_code (KRB5_CALLCONV_C * p_krb5_build_principal)
  1484.     (krb5_context, krb5_principal *, unsigned int, krb5_const char *, ...)=NULL;
  1485.  
  1486.  
  1487. static int (KRB5_CALLCONV_C *p_krb524_init_ets)(krb5_context context)=NULL;
  1488. static int (KRB5_CALLCONV_C *p_krb524_convert_creds_kdc)(krb5_context context, 
  1489.                                                          krb5_creds *v5creds,
  1490.                                                          CREDENTIALS *v4creds)=NULL;
  1491.  
  1492. const char *
  1493. ck_error_message(errcode_t ec)
  1494. {
  1495.     if ( ec == 0 )
  1496.         return("OK");
  1497.     else if ( ec == -1 )
  1498.         return("Entry point not found in Dynamic Link Library");
  1499.     else if ( p_error_message )
  1500.         return(p_error_message(ec));
  1501.     else
  1502.         return ckitoa(ec);
  1503. }
  1504.  
  1505. void
  1506. ck_com_err(const char * s1, errcode_t ec, const char * s2, ...)
  1507. {
  1508.     va_list ap;
  1509.     const char * msg= NULL;
  1510.  
  1511.     va_start( ap, s2 );
  1512.     msg = error_message(ec);
  1513.  
  1514.     ckmakxmsg(tn_msg,TN_MSG_LEN, (char *)(s1?s1:""), 
  1515.                (char *)(s1?" ":""), (char *)msg, (char *)(s2?" ":""), 
  1516.                (char *)(s2?s2:""),
  1517.                NULL,NULL,NULL,NULL,NULL,NULL,NULL);
  1518.     debug(F111,"KERBEROS",tn_msg,ec);
  1519.  
  1520.     ckmakmsg(tn_msg,TN_MSG_LEN,"?Kerberos 5 error: ",(char *)msg,s2?" ":"",(char *)(s2?s2:""));
  1521.     if (tn_deb || debses) tn_debug(tn_msg);
  1522.     printf("%s\n",tn_msg);
  1523. }
  1524.  
  1525. void
  1526. ck_krb5_free_creds(krb5_context CO, krb5_creds  * CR)
  1527. {
  1528.     if ( p_krb5_free_creds )
  1529.         p_krb5_free_creds(CO,CR);
  1530. }
  1531.  
  1532. void
  1533. ck_krb5_free_data(krb5_context CO, krb5_data  * data)
  1534. {
  1535.     if ( p_krb5_free_data )
  1536.         p_krb5_free_data(CO,data);
  1537. }
  1538.  
  1539. void
  1540. ck_krb5_free_data_contents(krb5_context CO, krb5_data  * data)
  1541. {
  1542.     if ( p_krb5_free_data_contents )
  1543.         p_krb5_free_data_contents(CO,data);
  1544. }
  1545.  
  1546. krb5_error_code
  1547. ck_krb5_copy_keyblock(krb5_context CO,
  1548.                        krb5_const krb5_keyblock  * pKB,
  1549.                        krb5_keyblock ** ppKB)
  1550. {
  1551.     if ( p_krb5_copy_keyblock )
  1552.         return(p_krb5_copy_keyblock(CO,pKB,ppKB));
  1553.     else
  1554.         return KRB5KRB_ERR_GENERIC;
  1555. }
  1556.  
  1557. void
  1558. ck_krb5_free_keyblock (krb5_context CO, krb5_keyblock  * pKB)
  1559. {
  1560.     if ( p_krb5_free_keyblock )
  1561.         p_krb5_free_keyblock(CO,pKB);
  1562.  
  1563. }
  1564. krb5_error_code
  1565. ck_krb5_auth_con_getlocalsubkey(krb5_context CO,
  1566.                                  krb5_auth_context ACO,
  1567.                                  krb5_keyblock  ** ppKB)
  1568. {
  1569.     if ( p_krb5_auth_con_getlocalsubkey )
  1570.         return(p_krb5_auth_con_getlocalsubkey(CO,ACO,ppKB));
  1571.     else
  1572.         return KRB5KRB_ERR_GENERIC;
  1573.  
  1574. }
  1575. krb5_error_code
  1576. ck_krb5_mk_req_extended (krb5_context CO,
  1577.                           krb5_auth_context  * pACO,
  1578.                           krb5_const krb5_flags F,
  1579.                           krb5_data  * pD1,
  1580.                           krb5_creds  * pC,
  1581.                           krb5_data  * pD2)
  1582. {
  1583.     if ( p_krb5_mk_req_extended )
  1584.         return(p_krb5_mk_req_extended(CO,pACO,F,pD1,pC,pD2));
  1585.     else
  1586.         return KRB5KRB_ERR_GENERIC;
  1587. }
  1588. krb5_error_code
  1589. ck_krb5_mk_req(krb5_context CO,
  1590.                 krb5_auth_context *pACO,
  1591.                 krb5_const krb5_flags F,
  1592.                 char * s1,
  1593.                 char * s2,
  1594.                 krb5_data * pD1,
  1595.                 krb5_ccache pC,
  1596.                 krb5_data * pD2)
  1597. {
  1598.     if ( p_krb5_mk_req )
  1599.         return(p_krb5_mk_req(CO,pACO,F,s1,s2,pD1,pC,pD2));
  1600.     else
  1601.         return KRB5KRB_ERR_GENERIC;
  1602. }
  1603.  
  1604. krb5_error_code
  1605. ck_krb5_auth_con_setflags (krb5_context CO,
  1606.                             krb5_auth_context ACO,
  1607.                             krb5_int32 I)
  1608. {
  1609.     if ( p_krb5_auth_con_setflags )
  1610.         return(p_krb5_auth_con_setflags(CO,ACO,I));
  1611.     else
  1612.         return KRB5KRB_ERR_GENERIC;
  1613. }
  1614. krb5_error_code
  1615. ck_krb5_auth_con_init(krb5_context CO,
  1616.                        krb5_auth_context  * pACO)
  1617. {
  1618.     if ( p_krb5_auth_con_init )
  1619.         return(p_krb5_auth_con_init(CO,pACO));
  1620.     else
  1621.         return KRB5KRB_ERR_GENERIC;
  1622. }
  1623. krb5_error_code
  1624. ck_krb5_auth_con_free (krb5_context CO,
  1625.                         krb5_auth_context ACO)
  1626. {
  1627.     if ( p_krb5_auth_con_free )
  1628.         return(p_krb5_auth_con_free(CO,ACO));
  1629.     else
  1630.         return KRB5KRB_ERR_GENERIC;
  1631. }
  1632. krb5_error_code
  1633. ck_krb5_get_credentials(krb5_context CO,
  1634.                          krb5_const krb5_flags F,
  1635.                          krb5_ccache CC,
  1636.                          krb5_creds  * pCR,
  1637.                          krb5_creds  ** ppCR)
  1638. {
  1639.     if ( p_krb5_get_credentials )
  1640.         return(p_krb5_get_credentials(CO,F,CC,pCR,ppCR));
  1641.     else
  1642.         return KRB5KRB_ERR_GENERIC;
  1643. }
  1644. void
  1645. ck_krb5_free_cred_contents(krb5_context CO, krb5_creds  * pCR)
  1646. {
  1647.     if ( p_krb5_free_cred_contents )
  1648.         p_krb5_free_cred_contents(CO,pCR);
  1649. }
  1650.  
  1651. krb5_error_code
  1652. ck_krb5_sname_to_principal(krb5_context CO,
  1653.                             krb5_const char  * pC1,
  1654.                             krb5_const char  * pC2,
  1655.                             krb5_int32 I,
  1656.                             krb5_principal  * pPR)
  1657. {
  1658.     if ( p_krb5_sname_to_principal )
  1659.         return(p_krb5_sname_to_principal(CO,pC1,pC2,I,pPR));
  1660.     else
  1661.         return KRB5KRB_ERR_GENERIC;
  1662. }
  1663.  
  1664. krb5_error_code
  1665. ck_krb5_cc_default(krb5_context CO,
  1666.                     krb5_ccache  * pCC)
  1667. {
  1668.     if ( p_krb5_cc_default )
  1669.         return(p_krb5_cc_default(CO,pCC));
  1670.     else
  1671.         return KRB5KRB_ERR_GENERIC;
  1672. }
  1673.  
  1674. void
  1675. ck_krb5_free_ap_rep_enc_part(krb5_context CO, krb5_ap_rep_enc_part * pAP)
  1676. {
  1677.     if ( p_krb5_free_ap_rep_enc_part )
  1678.         p_krb5_free_ap_rep_enc_part(CO,pAP);
  1679. }
  1680.  
  1681. krb5_error_code
  1682. ck_krb5_rd_rep(krb5_context CO,
  1683.                 krb5_auth_context AC,
  1684.                 krb5_const krb5_data  * pD,
  1685.                 krb5_ap_rep_enc_part  ** ppAP)
  1686. {
  1687.     if ( p_krb5_rd_rep )
  1688.         return(p_krb5_rd_rep(CO,AC,pD,ppAP));
  1689.     else
  1690.         return KRB5KRB_ERR_GENERIC;
  1691. }
  1692.  
  1693.  
  1694. krb5_error_code
  1695. ck_krb5_init_context(krb5_context * pCO)
  1696. {
  1697.     if ( p_krb5_init_context )
  1698.         return(p_krb5_init_context(pCO));
  1699.     else
  1700.         return KRB5KRB_ERR_GENERIC;
  1701. }
  1702.  
  1703. krb5_error_code
  1704. ck_krb5_init_ets(krb5_context CO)
  1705. {
  1706.     if ( p_krb5_init_ets )
  1707.         return(p_krb5_init_ets(CO));
  1708.     else
  1709.         return KRB5KRB_ERR_GENERIC;
  1710. }
  1711.  
  1712. void
  1713. ck_krb5_free_context(krb5_context CO)
  1714. {
  1715.  
  1716.     if ( p_krb5_free_context )
  1717.         p_krb5_free_context(CO);
  1718. }
  1719.  
  1720. void
  1721. ck_krb5_free_principal(krb5_context c, krb5_principal p)
  1722. {
  1723.     if ( p_krb5_free_principal )
  1724.         p_krb5_free_principal(c,p);
  1725. }
  1726.  
  1727. void
  1728. ck_krb5_free_unparsed_name(krb5_context c, char * p)
  1729. {
  1730.     if ( p_krb5_free_unparsed_name )
  1731.         p_krb5_free_unparsed_name(c,p);
  1732.     else
  1733.         free(p);
  1734. }
  1735.  
  1736. krb5_error_code
  1737. ck_krb5_fwd_tgt_creds(krb5_context con,
  1738.                        krb5_auth_context acon,
  1739.                        char  * ptr,
  1740.                        krb5_principal prin1,
  1741.                        krb5_principal prin2,
  1742.                        krb5_ccache cc,
  1743.                        int fwd,
  1744.                        krb5_data  * data)
  1745. {
  1746.     if ( p_krb5_fwd_tgt_creds )
  1747.         return(p_krb5_fwd_tgt_creds(con,acon,ptr,
  1748.                                      prin1,prin2,cc,fwd,data));
  1749.     else
  1750.         return KRB5KRB_ERR_GENERIC;
  1751. }
  1752.  
  1753. krb5_error_code
  1754. ck_krb5_auth_con_genaddrs(krb5_context con,
  1755.                            krb5_auth_context acon,
  1756.                            int n, int m)
  1757. {
  1758.     if ( p_krb5_auth_con_genaddrs )
  1759.         return(p_krb5_auth_con_genaddrs(con,acon,n,m));
  1760.     else
  1761.         return KRB5KRB_ERR_GENERIC;
  1762. }
  1763.  
  1764. krb5_error_code
  1765. ck_krb5_get_host_realm(krb5_context con,
  1766.                         const char * host,
  1767.                         char *** realm)
  1768. {
  1769.     if ( p_krb5_get_host_realm )
  1770.         return(p_krb5_get_host_realm(con,host,realm));
  1771.     else {
  1772.         if ( realm )
  1773.             *realm = NULL;
  1774.         return KRB5KRB_ERR_GENERIC;
  1775.     }
  1776. }
  1777.  
  1778. krb5_error_code
  1779. ck_krb5_free_host_realm(krb5_context con,
  1780.                         char ** realmlist)
  1781. {
  1782.     if ( p_krb5_free_host_realm )
  1783.         return(p_krb5_free_host_realm(con,realmlist));
  1784.     else
  1785.         return KRB5KRB_ERR_GENERIC;
  1786. }
  1787.  
  1788. krb5_error_code
  1789. ck_krb5_get_in_tkt_with_keytab(krb5_context con,
  1790.                 krb5_const krb5_flags flags,
  1791.                 krb5_address * krb5_const * addr,
  1792.                 krb5_enctype * enc,
  1793.                 krb5_preauthtype * preauth,
  1794.                 krb5_const krb5_keytab kt,
  1795.                 krb5_ccache cc,
  1796.                 krb5_creds * creds,
  1797.                 krb5_kdc_rep ** rep)
  1798. {
  1799.     if ( p_krb5_get_in_tkt_with_keytab )
  1800.         return(p_krb5_get_in_tkt_with_keytab(con,flags,addr,enc,preauth,
  1801.                                               kt,cc,creds,rep));
  1802.     else
  1803.         return KRB5KRB_ERR_GENERIC;
  1804. }
  1805.  
  1806. krb5_error_code
  1807. ck_krb5_get_in_tkt_with_password(krb5_context con,
  1808.                 krb5_const krb5_flags flags,
  1809.                 krb5_address * krb5_const * addr,
  1810.                 krb5_enctype * enc,
  1811.                 krb5_preauthtype * preauth,
  1812.                 krb5_const char * sz,
  1813.                 krb5_ccache cc,
  1814.                 krb5_creds * creds,
  1815.                 krb5_kdc_rep ** rep)
  1816. {
  1817.     if ( p_krb5_get_in_tkt_with_password )
  1818.         return(p_krb5_get_in_tkt_with_password(con,flags,addr,enc,
  1819.                                                 preauth,sz,cc,creds,rep));
  1820.     else
  1821.         return KRB5KRB_ERR_GENERIC;
  1822. }
  1823.  
  1824. krb5_error_code
  1825. ck_krb5_read_password(krb5_context con,
  1826.                 const char * sz1,
  1827.                 const char * sz2,
  1828.                 char * sz3,
  1829.                 int * pI)
  1830. {
  1831.     if ( p_krb5_read_password )
  1832.         return(p_krb5_read_password(con,sz1,sz2,sz3,pI));
  1833.     else
  1834.         return KRB5KRB_ERR_GENERIC;
  1835. }
  1836.  
  1837. /* We can only due this because we know how many parameters */
  1838. /* we are going to use in the module.                       */
  1839.  
  1840. krb5_error_code
  1841. ck_krb5_build_principal_ext(krb5_context con,
  1842.                              krb5_principal * princ,
  1843.                              int n,
  1844.                              krb5_const char * sz,
  1845.                              int n2,
  1846.                              krb5_const char * sz2,
  1847.                              int n3,
  1848.                              krb5_const char * sz3,
  1849.                              ...)
  1850. {
  1851.     if ( p_krb5_build_principal_ext )
  1852.         return(p_krb5_build_principal_ext(con,princ,n,sz,n2,sz2,n3,sz3,0));
  1853.     else
  1854.         return KRB5KRB_ERR_GENERIC;
  1855. }
  1856.  
  1857. krb5_error_code
  1858. ck_krb5_unparse_name(krb5_context con,
  1859.                 krb5_const_principal princ,
  1860.                 char ** psz)
  1861. {
  1862.     if ( p_krb5_unparse_name )
  1863.         return(p_krb5_unparse_name(con,princ,psz));
  1864.     else
  1865.         return KRB5KRB_ERR_GENERIC;
  1866. }
  1867.  
  1868. krb5_error_code
  1869. ck_krb5_parse_name(krb5_context con,
  1870.                 krb5_const char * sz,
  1871.                 krb5_principal * princ)
  1872.  
  1873. {
  1874.     if ( p_krb5_parse_name )
  1875.         return(p_krb5_parse_name(con,sz,princ));
  1876.     else
  1877.         return KRB5KRB_ERR_GENERIC;
  1878. }
  1879.  
  1880. krb5_error_code
  1881. ck_krb5_cc_resolve(krb5_context con,
  1882.                 char * sz,
  1883.                 krb5_ccache * cc)
  1884. {
  1885.     if ( p_krb5_cc_resolve )
  1886.         return(p_krb5_cc_resolve(con,sz,cc));
  1887.     else
  1888.         return KRB5KRB_ERR_GENERIC;
  1889. }
  1890.  
  1891. const char *
  1892. ck_krb5_cc_default_name(krb5_context con)
  1893. {
  1894.     if ( p_krb5_cc_default_name )
  1895.         return(p_krb5_cc_default_name(con));
  1896.     else
  1897.         return NULL;
  1898. }
  1899.  
  1900. krb5_error_code
  1901. ck_krb5_string_to_timestamp(char * sz,
  1902.                              krb5_timestamp * ts)
  1903. {
  1904.     if ( p_krb5_string_to_timestamp )
  1905.         return(p_krb5_string_to_timestamp(sz,ts));
  1906.     else
  1907.         return KRB5KRB_ERR_GENERIC;
  1908. }
  1909.  
  1910. krb5_error_code
  1911. ck_krb5_kt_resolve(krb5_context con,
  1912.                     krb5_const char * sz,
  1913.                     krb5_keytab * kt)
  1914. {
  1915.     if ( p_krb5_kt_resolve )
  1916.         return(p_krb5_kt_resolve(con,sz,kt));
  1917.     else
  1918.         return KRB5KRB_ERR_GENERIC;
  1919. }
  1920.  
  1921. krb5_error_code
  1922. ck_krb5_string_to_deltat(char * sz,
  1923.                           krb5_deltat * dt)
  1924. {
  1925.     if ( p_krb5_string_to_deltat )
  1926.         return(p_krb5_string_to_deltat(sz,dt));
  1927.     else
  1928.         return KRB5KRB_ERR_GENERIC;
  1929. }
  1930.  
  1931. krb5_error_code
  1932. ck_krb5_timeofday(krb5_context con,
  1933.                 krb5_int32 * pN)
  1934. {
  1935.     if ( p_krb5_timeofday )
  1936.         return(p_krb5_timeofday(con,pN));
  1937.     else
  1938.         return KRB5KRB_ERR_GENERIC;
  1939. }
  1940.  
  1941. krb5_error_code
  1942. ck_krb5_get_credentials_renew(krb5_context con,
  1943.                 krb5_const krb5_flags flags,
  1944.                 krb5_ccache cc,
  1945.                 krb5_creds * pCreds,
  1946.                 krb5_creds ** ppCreds)
  1947. {
  1948.     if ( p_krb5_get_credentials_renew )
  1949.         return(p_krb5_get_credentials_renew(con,flags,cc,pCreds,ppCreds));
  1950.     else
  1951.         return KRB5KRB_ERR_GENERIC;
  1952. }
  1953.  
  1954. krb5_error_code
  1955. ck_krb5_get_credentials_validate(krb5_context con,
  1956.                 krb5_const krb5_flags flags,
  1957.                 krb5_ccache cc,
  1958.                 krb5_creds * pCreds,
  1959.                 krb5_creds ** ppCreds)
  1960. {
  1961.     if ( p_krb5_get_credentials_validate )
  1962.         return(p_krb5_get_credentials_validate(con,flags,cc,pCreds,ppCreds));
  1963.     else
  1964.         return KRB5KRB_ERR_GENERIC;
  1965. }
  1966.  
  1967. krb5_error_code
  1968. ck_krb5_copy_principal(krb5_context con,
  1969.                 krb5_const_principal princ,
  1970.                 krb5_principal * pPrinc)
  1971. {
  1972.     if ( p_krb5_copy_principal )
  1973.         return(p_krb5_copy_principal(con,princ,pPrinc));
  1974.     else
  1975.         return KRB5KRB_ERR_GENERIC;
  1976. }
  1977.  
  1978. krb5_error_code
  1979. ck_krb5_timestamp_to_sfstring(krb5_timestamp ts,
  1980.                                char * sz1,
  1981.                                size_t size,
  1982.                                char * sz2)
  1983. {
  1984.     if ( p_krb5_timestamp_to_sfstring )
  1985.         return(p_krb5_timestamp_to_sfstring(ts,sz1,size,sz2));
  1986.     else
  1987.         return KRB5KRB_ERR_GENERIC;
  1988. }
  1989.  
  1990. krb5_error_code
  1991. ck_krb5_kt_default(krb5_context con,
  1992.                     krb5_keytab * kt)
  1993. {
  1994.     if ( p_krb5_kt_default )
  1995.         return(p_krb5_kt_default(con,kt));
  1996.     else
  1997.         return KRB5KRB_ERR_GENERIC;
  1998. }
  1999.  
  2000. krb5_error_code
  2001. ck_krb5_free_ticket(krb5_context con,
  2002.                      krb5_ticket * kt)
  2003. {
  2004.     if ( p_krb5_free_ticket )
  2005.         return(p_krb5_free_ticket(con,kt));
  2006.     else
  2007.         return KRB5KRB_ERR_GENERIC;
  2008. }
  2009.  
  2010. krb5_error_code
  2011. ck_decode_krb5_ticket(const krb5_data *code,
  2012.                        krb5_ticket **rep)
  2013. {
  2014.     if ( p_decode_krb5_ticket )
  2015.         return(p_decode_krb5_ticket(code,rep));
  2016.     else if ( p_cygnus_decode_krb5_ticket )
  2017.         return(p_cygnus_decode_krb5_ticket(code,rep));
  2018.     else
  2019.         return KRB5KRB_ERR_GENERIC;
  2020. }
  2021.  
  2022. krb5_error_code
  2023. ck_krb5_os_localaddr(krb5_context con, krb5_address *** ppp)
  2024. {
  2025.     if ( p_krb5_os_localaddr )
  2026.         return(p_krb5_os_localaddr(con,ppp));
  2027.     else
  2028.         return KRB5KRB_ERR_GENERIC;
  2029. }
  2030.  
  2031. BOOL
  2032. ck_krb5_address_compare(krb5_context context,
  2033.                          const krb5_address *addr1,
  2034.                          const krb5_address *addr2)
  2035. {
  2036.     if( addr1->addrtype != addr2->addrtype )
  2037.         return(FALSE);
  2038.     if( addr1->length != addr2->length )
  2039.         return(FALSE);
  2040.     if( memcmp((char *)addr1->contents,(char *)addr2->contents, addr1->length))
  2041.         return FALSE;
  2042.     else
  2043.         return TRUE;
  2044. }
  2045.  
  2046. krb5_boolean
  2047. ck_krb5_address_search(krb5_context context,
  2048.                 krb5_const krb5_address * addr,
  2049.                 krb5_address * krb5_const * addrlist)
  2050. {
  2051.     if ( p_krb5_address_search )
  2052.         return(p_krb5_address_search(context,addr,addrlist));
  2053.     else {
  2054.         if( !addrlist )
  2055.             return TRUE;
  2056.         for( ; *addrlist ; addrlist++ )
  2057.         {
  2058.             if( ck_krb5_address_compare(context, addr, *addrlist) )
  2059.                 return TRUE;
  2060.         }
  2061.     }
  2062.     return FALSE;
  2063. }
  2064.  
  2065.  
  2066. void
  2067. ck_krb5_free_addresses(krb5_context con, krb5_address ** pp)
  2068. {
  2069.     if ( p_krb5_free_addresses )
  2070.         p_krb5_free_addresses(con,pp);
  2071. }
  2072.  
  2073. krb5_error_code
  2074. ck_krb5_auth_con_getremotesubkey(krb5_context con,
  2075.                                   krb5_auth_context acon,
  2076.                                   krb5_keyblock ** keyb)
  2077. {
  2078.     if ( p_krb5_auth_con_getremotesubkey )
  2079.         return(p_krb5_auth_con_getremotesubkey(con,acon,keyb));
  2080.     else
  2081.         return KRB5KRB_ERR_GENERIC;
  2082. }
  2083.  
  2084. krb5_error_code
  2085. ck_krb5_mk_rep(krb5_context con, krb5_auth_context auth_con,
  2086.                                krb5_data * data)
  2087. {
  2088.     if ( p_krb5_mk_rep )
  2089.         return(p_krb5_mk_rep(con,auth_con, data));
  2090.     else
  2091.         return KRB5KRB_ERR_GENERIC;
  2092. }
  2093.  
  2094. krb5_error_code
  2095. ck_krb5_free_authenticator(krb5_context con, krb5_authenticator * pauth)
  2096. {
  2097.     if ( p_krb5_free_authenticator )
  2098.         return(p_krb5_free_authenticator(con,pauth));
  2099.     else
  2100.         return KRB5KRB_ERR_GENERIC;
  2101. }
  2102.  
  2103. krb5_error_code
  2104. ck_krb5_verify_checksum(krb5_context context,
  2105.                          krb5_const krb5_cksumtype ctype,
  2106.                          krb5_const krb5_checksum * cksum,
  2107.                          krb5_const krb5_pointer in,
  2108.                          krb5_const size_t in_length,
  2109.                          krb5_const krb5_pointer seed,
  2110.                          krb5_const size_t seed_length)
  2111. {
  2112.     if ( p_krb5_verify_checksum )
  2113.         return(p_krb5_verify_checksum(context, ctype, cksum, in,
  2114.                                       in_length, seed, seed_length));
  2115.     else
  2116.         return KRB5KRB_ERR_GENERIC;
  2117. }
  2118.  
  2119. krb5_error_code
  2120. ck_krb5_auth_con_getkey(krb5_context con, krb5_auth_context acon,
  2121.                          krb5_keyblock ** ppkeyb)
  2122. {
  2123.     if ( p_krb5_auth_con_getkey )
  2124.         return(p_krb5_auth_con_getkey(con,acon,ppkeyb));
  2125.     else
  2126.         return KRB5KRB_ERR_GENERIC;
  2127. }
  2128.  
  2129. krb5_error_code
  2130. ck_krb5_auth_con_getauthenticator(krb5_context con, krb5_auth_context acon,
  2131.                                    krb5_authenticator ** ppauth)
  2132. {
  2133.     if ( p_krb5_auth_con_getauthenticator )
  2134.         return(p_krb5_auth_con_getauthenticator(con,acon,ppauth));
  2135.     else
  2136.         return KRB5KRB_ERR_GENERIC;
  2137. }
  2138.  
  2139. krb5_error_code
  2140. ck_krb5_rd_req(krb5_context con, krb5_auth_context * pacon,
  2141.                 krb5_const krb5_data * data,
  2142.                 krb5_const_principal princ, krb5_keytab keytab,
  2143.                 krb5_flags * flags, krb5_ticket ** pptkt)
  2144. {
  2145.     if ( p_krb5_rd_req )
  2146.         return(p_krb5_rd_req(con,pacon,data,princ,keytab,flags,pptkt));
  2147.     else
  2148.         return KRB5KRB_ERR_GENERIC;
  2149. }
  2150.  
  2151. krb5_error_code
  2152. ck_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
  2153.                             krb5_rcache rcache)
  2154. {
  2155.     if ( p_krb5_auth_con_setrcache )
  2156.         return(p_krb5_auth_con_setrcache(con,acon,rcache));
  2157.     else
  2158.         return KRB5KRB_ERR_GENERIC;
  2159. }
  2160.  
  2161. krb5_error_code
  2162. ck_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data * data,
  2163.                        krb5_rcache * rcache)
  2164. {
  2165.     if ( p_krb5_get_server_rcache )
  2166.         return(p_krb5_get_server_rcache(con,data,rcache));
  2167.     else
  2168.         return KRB5KRB_ERR_GENERIC;
  2169. }
  2170.  
  2171. krb5_error_code
  2172. ck_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
  2173.                             krb5_rcache * prcache)
  2174. {
  2175.     if ( p_krb5_auth_con_getrcache )
  2176.         return(p_krb5_auth_con_getrcache(con,acon, prcache));
  2177.     else
  2178.         return KRB5KRB_ERR_GENERIC;
  2179. }
  2180.  
  2181. krb5_error_code
  2182. ck_krb5_free_tgt_creds(krb5_context con, krb5_creds ** ppcreds)
  2183. {
  2184.     if ( p_krb5_free_tgt_creds )
  2185.         return(p_krb5_free_tgt_creds(con,ppcreds));
  2186.     else
  2187.         return KRB5KRB_ERR_GENERIC;
  2188. }
  2189.  
  2190. krb5_error_code
  2191. ck_krb5_rd_cred(krb5_context con, krb5_auth_context acon,
  2192.                  krb5_data * data, krb5_creds *** pppcreds,
  2193.                  krb5_replay_data * replay_data)
  2194. {
  2195.     if ( p_krb5_rd_cred )
  2196.         return(p_krb5_rd_cred(con,acon,data,pppcreds,replay_data));
  2197.     else
  2198.         return KRB5KRB_ERR_GENERIC;
  2199. }
  2200.  
  2201. krb5_error_code
  2202. ck_krb5_c_enctype_compare(krb5_context con, krb5_enctype e1, krb5_enctype e2,
  2203.                            krb5_boolean * pb)
  2204. {
  2205.     if ( p_krb5_c_enctype_compare )
  2206.         return(p_krb5_c_enctype_compare(con, e1,e2, pb));
  2207.     else
  2208.         return(-1);
  2209. }
  2210.  
  2211. krb5_error_code
  2212. ck_krb5_write_message(krb5_context con, krb5_pointer ptr, krb5_data *data)
  2213. {
  2214.     int fd = *((int *)ptr);
  2215.     long msglen;
  2216.  
  2217.     msglen = htonl(data->length);
  2218.     if (net_write(fd,(CHAR *)&msglen,4) != 4) {
  2219.         return(-1);
  2220.     }
  2221.     if ( data->length ) {
  2222.         if (net_write(fd,data->data,data->length) != data->length) {
  2223.             return(-1);
  2224.         }
  2225.     }
  2226.     return(0);
  2227. }
  2228.  
  2229. krb5_error_code
  2230. ck_krb5_read_message( krb5_context context,
  2231.                       krb5_pointer ptr,
  2232.                       krb5_data * data)
  2233. {
  2234.     extern int ttyfd;
  2235.     int fd = *((int *)ptr);
  2236.     long msglen;
  2237.     char *p;
  2238.     int i, rc;
  2239.  
  2240.     if (net_read(fd,&msglen,4) < 0)
  2241.         return(-1);
  2242.  
  2243.     data->length = ntohl(msglen);
  2244.     if ( data->length ) {
  2245.         data->data = malloc(data->length);
  2246.  
  2247.         i = 0;
  2248.         while ( i < data->length ) {
  2249.             if ((rc = net_read(fd,&data->data[i],(data->length - i))) < 0)
  2250.                 return(-1);
  2251.             i += rc;
  2252.         }
  2253.     }
  2254.     return(0);
  2255. }
  2256.  
  2257. krb5_error_code
  2258. ck_krb5_free_error(krb5_context con, krb5_error * error)
  2259. {
  2260.     if ( p_krb5_free_error )
  2261.         return(p_krb5_free_error(con,error));
  2262.     else
  2263.         return(-1);
  2264. }
  2265.  
  2266. krb5_error_code
  2267. ck_krb5_sendauth(krb5_context con,
  2268.                   krb5_auth_context * auth,
  2269.                   krb5_pointer ptr,
  2270.                   char * str,
  2271.                   krb5_principal princ1,
  2272.                   krb5_principal princ2,
  2273.                   krb5_flags flags,
  2274.                   krb5_data * data,
  2275.                   krb5_creds * creds,
  2276.                   krb5_ccache cc,
  2277.                   krb5_error ** error,
  2278.                   krb5_ap_rep_enc_part ** ap_rep,
  2279.                   krb5_creds ** pcreds)
  2280. {
  2281.     if ( p_krb5_sendauth )
  2282.         return(p_krb5_sendauth(con,auth,ptr,str,princ1,princ2,flags,
  2283.                                 data, creds, cc, error, ap_rep, pcreds));
  2284.     else
  2285.         return(-1);
  2286. }
  2287.  
  2288.  
  2289. krb5_error_code
  2290. ck_krb5_process_key(krb5_context con,
  2291.                      krb5_encrypt_block * eblock, const krb5_keyblock * kblock)
  2292. {
  2293.     if ( p_krb5_process_key )
  2294.         return(p_krb5_process_key(con,eblock,kblock));
  2295.     else
  2296.         return(-1);
  2297. }
  2298.  
  2299. krb5_error_code
  2300. ck_krb5_use_enctype(krb5_context con, krb5_encrypt_block * eblock,
  2301.                      const krb5_enctype etype)
  2302. {
  2303.     if ( p_krb5_use_enctype )
  2304.         return(p_krb5_use_enctype(con,eblock,etype));
  2305.     else
  2306.         return(-1);
  2307. }
  2308.  
  2309. krb5_error_code
  2310. ck_krb5_encrypt(krb5_context context,
  2311.                  krb5_const krb5_pointer inptr,
  2312.                  krb5_pointer outptr,
  2313.                  krb5_const size_t size,
  2314.                  krb5_encrypt_block * eblock,
  2315.                  krb5_pointer ivec)
  2316. {
  2317.     if ( p_krb5_encrypt )
  2318.         return(p_krb5_encrypt(context,inptr,outptr,size,eblock,ivec));
  2319.     else
  2320.         return(-1);
  2321. }
  2322.  
  2323. size_t
  2324. ck_krb5_encrypt_size(krb5_const size_t length,
  2325.                       krb5_enctype crypto)
  2326. {
  2327.     if ( p_krb5_encrypt_size )
  2328.         return(p_krb5_encrypt_size(length,crypto));
  2329.     else
  2330.         return((size_t)-1);
  2331. }
  2332.  
  2333. krb5_error_code
  2334. ck_krb5_decrypt(krb5_context context,
  2335.                  krb5_const krb5_pointer inptr,
  2336.                  krb5_pointer outptr,
  2337.                  krb5_const size_t size,
  2338.                  krb5_encrypt_block * eblock,
  2339.                  krb5_pointer ivec)
  2340. {
  2341.     if ( p_krb5_decrypt )
  2342.         return(p_krb5_decrypt(context,inptr,outptr,size,eblock,ivec));
  2343.     else
  2344.         return(-1);
  2345. }
  2346.  
  2347. #ifdef COMMENT
  2348. krb5_error_code
  2349. ck_k5_princ_to_userid(krb5_context context, krb5_principal princ, char ** userid)
  2350. {
  2351.     krb5_error_code code = 0;
  2352.  
  2353.     if ( p_k95_k5_princ_to_userid ) {
  2354.         char * princ_name;
  2355.         char * princ_inst;
  2356.         char * princ_realm;
  2357.         char * new_userid;
  2358.         int r;
  2359.         int len;
  2360.         char * data;
  2361.  
  2362.         /* Principal Name */
  2363.         len =  krb5_princ_component(k5_context, princ,0)->length;
  2364.         if ( len <= 0 ) {
  2365.             len = 0;
  2366.             data = "";
  2367.         } else
  2368.             data = krb5_princ_component(k5_context, princ,0)->data;
  2369.         princ_name = (char *) malloc(len + 1);
  2370.         if (!princ_name)
  2371.             goto exitpoint;
  2372.         ckstrncpy(princ_name,data,len+1);
  2373.  
  2374.         /* Principal Instance */
  2375.         len =  krb5_princ_component(k5_context, princ,1)->length;
  2376.         if ( len <= 0 ) {
  2377.             len = 0;
  2378.             data = "";
  2379.         } else
  2380.             data = krb5_princ_component(k5_context, princ,1)->data;
  2381.         princ_inst = (char *) malloc(len + 1);
  2382.         if (!princ_inst)
  2383.             goto exitpoint;
  2384.         ckstrncpy(princ_inst,data,len+1);
  2385.  
  2386.         /* Principal Realm */
  2387.         len =  krb5_princ_realm(k5_context, princ)->length;
  2388.         if ( len <= 0 ) {
  2389.             len = 0;
  2390.             data = "";
  2391.         } else
  2392.             data = krb5_princ_realm(k5_context, princ)->data;
  2393.         princ_realm = (char *) malloc(len + 1);
  2394.         if (!princ_realm)
  2395.             goto exitpoint;
  2396.         ckstrncpy(princ_realm,data,len+1);
  2397.  
  2398.         new_userid = (char *) malloc(256);
  2399.         if ( !new_userid )
  2400.             goto exitpoint;
  2401.  
  2402.         r = p_k95_k5_princ_to_userid(princ_name,princ_inst,princ_realm,
  2403.                                       krb5_d_realm ? krb5_d_realm :
  2404.                                       ck_krb5_getrealm(krb5_d_cc),
  2405.                                       new_userid,256);
  2406.         if (r == 0)
  2407.             *userid = new_userid;
  2408.         else
  2409.             free(new_userid);
  2410.  
  2411.       exitpoint:
  2412.         if ( princ_name )
  2413.             free(princ_name);
  2414.         if ( princ_inst )
  2415.             free(princ_inst);
  2416.         if ( princ_realm )
  2417.             free(princ_realm);
  2418.         return(r);
  2419.     } else {
  2420.         if (code = krb5_unparse_name( k5_context, princ, userid))
  2421.             *userid = 0;
  2422.     }
  2423.     return(code);
  2424. }
  2425. #endif
  2426.  
  2427. krb5_boolean
  2428. ck_krb5_kuserok(krb5_context context,krb5_principal princ, const char * p)
  2429. {
  2430.     if ( p_k95_k5_userok ) {
  2431.         char * princ_name;
  2432.         char * princ_inst;
  2433.         char * princ_realm;
  2434.         int r;
  2435.         int len;
  2436.         char * data;
  2437.  
  2438.         /* Principal Name */
  2439.         len =  krb5_princ_component(k5_context, princ,0)->length;
  2440.         if ( len <= 0 ) {
  2441.             len = 0;
  2442.             data = "";
  2443.         } else
  2444.             data = krb5_princ_component(k5_context, princ,0)->data;
  2445.         princ_name = (char *) malloc(len + 1);
  2446.         if (!princ_name)
  2447.             goto exitpoint;
  2448.         ckstrncpy(princ_name,data,len+1);
  2449.  
  2450.         /* Principal Instance */
  2451.         len =  krb5_princ_component(k5_context, princ,1)->length;
  2452.         if ( len <= 0 ) {
  2453.             len = 0;
  2454.             data = "";
  2455.         } else
  2456.             data = krb5_princ_component(k5_context, princ,1)->data;
  2457.         princ_inst = (char *) malloc(len + 1);
  2458.         if (!princ_inst)
  2459.             goto exitpoint;
  2460.         ckstrncpy(princ_inst,data,len+1);
  2461.  
  2462.         /* Principal Realm */
  2463.         len =  krb5_princ_realm(k5_context, princ)->length;
  2464.         if ( len <= 0 ) {
  2465.             len = 0;
  2466.             data = "";
  2467.         } else
  2468.             data = krb5_princ_realm(k5_context, princ)->data;
  2469.         princ_realm = (char *) malloc(len + 1);
  2470.         if (!princ_realm)
  2471.             goto exitpoint;
  2472.         ckstrncpy(princ_realm,data,len+1);
  2473.  
  2474.         r = p_k95_k5_userok(princ_name,princ_inst,princ_realm,
  2475.                              krb5_d_realm ? krb5_d_realm :
  2476.                              ck_krb5_getrealm(krb5_d_cc),p);
  2477.  
  2478.       exitpoint:
  2479.         if ( princ_name )
  2480.             free(princ_name);
  2481.         if ( princ_inst )
  2482.             free(princ_inst);
  2483.         if ( princ_realm )
  2484.             free(princ_realm);
  2485.         return(r);
  2486.     } else if ( p_krb5_kuserok )
  2487.         return(p_krb5_kuserok(context,princ,p));
  2488.     else if ( !strncmp(p,
  2489.         krb5_princ_component(k5_context,
  2490.                              princ,0)->data,
  2491.         krb5_princ_component(k5_context,
  2492.                              princ,0)->length)
  2493.               )
  2494.         return(1);
  2495.     else
  2496.         return(0);
  2497. }
  2498.  
  2499.  
  2500. krb5_error_code
  2501. ck_krb5_aname_to_localname(krb5_context context, krb5_const_principal aname,
  2502.                            const int lnsize, char *lname)
  2503. {
  2504. #ifdef COMMENT
  2505.     if ( p_k95_k5_aname_to_localname ) {
  2506.         return(p_k95_k5_aname_to_localname());
  2507.     } else
  2508. #endif
  2509.         if ( p_krb5_aname_to_localname )
  2510.         return(p_krb5_aname_to_localname(context,aname,lnsize,lname));
  2511.     else {
  2512.         char * name = NULL;
  2513.         if (krb5_unparse_name( context,
  2514.                                aname,
  2515.                                &name))
  2516.             name = 0;
  2517.  
  2518.         if ( name ) {
  2519.             ckstrncpy(lname,name,lnsize);
  2520.  
  2521.             krb5_free_unparsed_name(context,name);
  2522.             return(0);
  2523.         }
  2524.         else
  2525.             return(KRB5_LNAME_NOTRANS);
  2526.     }
  2527. }
  2528.  
  2529.  
  2530.  
  2531. /*
  2532. app_name - the name of the application
  2533. realm - The realm for this application
  2534. optionname - the name of the option
  2535. default - the default value if it isn't found.
  2536. variable - a pointer to the returned value
  2537.  
  2538. the way this appears in the configuration file is:
  2539.  
  2540. [appdefaults]
  2541.  
  2542.         option = false
  2543.  
  2544.         REALM = {
  2545.                 option = false
  2546.                 app_name = {
  2547.                         option = true
  2548.                 }
  2549.         }
  2550.  
  2551.         app_name = {
  2552.                 option = true
  2553.         }
  2554.  
  2555.  
  2556. For telnet, the app name I use is "telnet".  The realm is the realm of the
  2557. default principal.
  2558.  
  2559. The options I use in the Unix telnet are:
  2560.  
  2561.         forward - Forward your credentials if TRUE
  2562.         forwardable - Make the credentials on the remote end forwardable if TRUE
  2563.         encrypt - Attempt to negotiate encryption if TRUE
  2564.         autologin - Attempt to perform AUTHENTICATION option if true
  2565.         forceencrypt - Fail if encryption does not succeed
  2566.  
  2567.   ftp is "ftp" and only 'forward' is defined.
  2568.  
  2569. */
  2570. void
  2571. ck_krb5_appdefault_boolean( krb5_context context, const char * app_name,
  2572.                             const krb5_data * realm, const char * optionname,
  2573.                             int def, int * variable)
  2574. {
  2575.     if ( p_krb5_appdefault_boolean )
  2576.         p_krb5_appdefault_boolean( context,app_name,realm,
  2577.                                    optionname,def,variable );
  2578.     else
  2579.         *variable = def;
  2580. }
  2581.  
  2582. void
  2583. ck_krb5_appdefault_string( krb5_context context, const char * app_name,
  2584.                            const krb5_data * realm, const char * optionname,
  2585.                            char ** value)
  2586. {
  2587.     if ( p_krb5_appdefault_string )
  2588.         p_krb5_appdefault_string( context,app_name,realm,
  2589.                                    optionname,value );
  2590. }
  2591.  
  2592. void
  2593. ck_krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt)
  2594. {
  2595.     if ( p_krb5_get_init_creds_opt_init )
  2596.         p_krb5_get_init_creds_opt_init(opt);
  2597. }
  2598.  
  2599. void
  2600. ck_krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt,
  2601.                  krb5_deltat tkt_life)
  2602. {
  2603.     if ( p_krb5_get_init_creds_opt_set_tkt_life )
  2604.         p_krb5_get_init_creds_opt_set_tkt_life(opt,tkt_life);
  2605. }
  2606.  
  2607. void
  2608. ck_krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt,
  2609.         krb5_deltat renew_life)
  2610. {
  2611.     if ( p_krb5_get_init_creds_opt_set_renew_life )
  2612.         p_krb5_get_init_creds_opt_set_renew_life(opt,renew_life);
  2613. }
  2614.  
  2615. void
  2616. ck_krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt,
  2617.         int forwardable)
  2618. {
  2619.     if ( p_krb5_get_init_creds_opt_set_forwardable )
  2620.         p_krb5_get_init_creds_opt_set_forwardable(opt,forwardable);
  2621. }
  2622.  
  2623. void
  2624. ck_krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt,
  2625.         int proxiable)
  2626. {
  2627.     if ( p_krb5_get_init_creds_opt_set_proxiable )
  2628.         p_krb5_get_init_creds_opt_set_proxiable(opt,proxiable);
  2629. }
  2630.  
  2631. void
  2632. ck_krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt,
  2633.         krb5_enctype *etype_list,
  2634.         int etype_list_length)
  2635. {
  2636.     if ( p_krb5_get_init_creds_opt_set_etype_list)
  2637.         p_krb5_get_init_creds_opt_set_etype_list(opt,etype_list,etype_list_length);
  2638. }
  2639.  
  2640. void
  2641. ck_krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, krb5_address **addresses)
  2642. {
  2643.     if ( p_krb5_get_init_creds_opt_set_address_list )
  2644.         p_krb5_get_init_creds_opt_set_address_list(opt,addresses);
  2645. }
  2646.  
  2647. void
  2648. ck_krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt,
  2649.         krb5_preauthtype *preauth_list,
  2650.         int preauth_list_length)
  2651. {
  2652.     if ( p_krb5_get_init_creds_opt_set_preauth_list )
  2653.         p_krb5_get_init_creds_opt_set_preauth_list(opt,preauth_list,preauth_list_length);
  2654. }
  2655.  
  2656. void
  2657. ck_krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, krb5_data *salt)
  2658. {
  2659.     if ( p_krb5_get_init_creds_opt_set_salt )
  2660.         p_krb5_get_init_creds_opt_set_salt(opt,salt);
  2661. }
  2662.  
  2663. krb5_error_code
  2664. ck_krb5_get_init_creds_password(krb5_context context,
  2665.         krb5_creds *creds,
  2666.         krb5_principal client,
  2667.         char *password,
  2668.         krb5_prompter_fct prompter,
  2669.         void *data,
  2670.         krb5_deltat start_time,
  2671.         char *in_tkt_service,
  2672.         krb5_get_init_creds_opt *options)
  2673. {
  2674.     if ( p_krb5_get_init_creds_password )
  2675.         return(p_krb5_get_init_creds_password(context,creds,client,password,
  2676.                                                prompter,data,start_time,
  2677.                                                in_tkt_service,options));
  2678.     else
  2679.      return(-1);
  2680. }
  2681.  
  2682. krb5_error_code
  2683. ck_krb5_get_init_creds_keytab(krb5_context context,
  2684.         krb5_creds *creds,
  2685.         krb5_principal client,
  2686.         krb5_keytab arg_keytab,
  2687.         krb5_deltat start_time,
  2688.         char *in_tkt_service,
  2689.         krb5_get_init_creds_opt *options)
  2690. {
  2691.     if ( p_krb5_get_init_creds_keytab )
  2692.         return(p_krb5_get_init_creds_keytab(context,creds,client,
  2693.                                              arg_keytab,start_time,
  2694.                                              in_tkt_service,options));
  2695.     else
  2696.         return(-1);
  2697. }
  2698.  
  2699. krb5_error_code
  2700. ck_krb5_get_validated_creds(krb5_context context,
  2701.         krb5_creds *creds,
  2702.         krb5_principal client,
  2703.         krb5_ccache ccache,
  2704.         char *in_tkt_service)
  2705. {
  2706.     if ( p_krb5_get_validated_creds )
  2707.         return(p_krb5_get_validated_creds(context,creds,client,ccache,in_tkt_service));
  2708.     else
  2709.         return(-1);
  2710. }
  2711.  
  2712. krb5_error_code
  2713. ck_krb5_get_renewed_creds(krb5_context context,
  2714.         krb5_creds *creds,
  2715.         krb5_principal client,
  2716.         krb5_ccache ccache,
  2717.         char *in_tkt_service)
  2718. {
  2719.     if ( p_krb5_get_renewed_creds )
  2720.         return(p_krb5_get_renewed_creds(context,creds,client,ccache,in_tkt_service));
  2721.     else
  2722.         return(-1);
  2723. }
  2724.  
  2725. krb5_error_code
  2726. ck_krb5_rd_safe( krb5_context context,
  2727.                  krb5_auth_context auth,
  2728.                  krb5_const krb5_data  * data1,
  2729.                  krb5_data  * data2,
  2730.                  krb5_replay_data  * replay)
  2731. {
  2732.     if ( p_krb5_rd_safe )
  2733.         return(p_krb5_rd_safe(context,auth,data1,data2,replay));
  2734.     else
  2735.         return(-1);
  2736.  
  2737. }
  2738.  
  2739. krb5_error_code
  2740. ck_krb5_mk_safe( krb5_context context,
  2741.                  krb5_auth_context auth,
  2742.                  krb5_const krb5_data  * data1,
  2743.                  krb5_data  * data2,
  2744.                  krb5_replay_data  * replay)
  2745. {
  2746.     if ( p_krb5_mk_safe )
  2747.         return(p_krb5_mk_safe( context, auth, data1, data2, replay));
  2748.     else
  2749.         return(-1);
  2750. }
  2751.  
  2752. krb5_error_code
  2753. ck_krb5_rd_priv( krb5_context context,
  2754.                  krb5_auth_context auth,
  2755.                  krb5_const krb5_data  * data1,
  2756.                  krb5_data  * data2,
  2757.                  krb5_replay_data  * replay)
  2758. {
  2759.     if ( p_krb5_rd_priv )
  2760.         return(p_krb5_rd_priv(context,auth,data1,data2,replay));
  2761.     else
  2762.         return(-1);
  2763.  
  2764. }
  2765.  
  2766. krb5_error_code
  2767. ck_krb5_mk_priv( krb5_context context,
  2768.                  krb5_auth_context auth,
  2769.                  krb5_const krb5_data  * data1,
  2770.                  krb5_data  * data2,
  2771.                  krb5_replay_data  * replay)
  2772. {
  2773.     if ( p_krb5_mk_priv )
  2774.         return(p_krb5_mk_priv( context, auth, data1, data2, replay));
  2775.     else
  2776.         return(-1);
  2777. }
  2778.  
  2779. krb5_error_code
  2780. ck_krb5_auth_con_setuseruserkey( krb5_context context,
  2781.                                  krb5_auth_context auth,
  2782.                                  krb5_keyblock * key)
  2783. {
  2784.     if ( p_krb5_auth_con_setuseruserkey )
  2785.         return(p_krb5_auth_con_setuseruserkey(context,auth,key));
  2786.     else
  2787.         return(-1);
  2788. }
  2789.  
  2790. krb5_error_code
  2791. ck_krb5_get_profile(krb5_context context, profile_t * profile)
  2792. {
  2793.     if ( p_krb5_get_profile )
  2794.         return(p_krb5_get_profile(context,profile));
  2795.     else
  2796.         return(-1);
  2797. }
  2798.  
  2799. long
  2800. ck_profile_get_relation_names(profile_t profile, const char **names, char ***ret_names)
  2801. {
  2802.     if ( p_profile_get_relation_names )
  2803.         return(p_profile_get_relation_names(profile,names,ret_names));
  2804.     else
  2805.         return(-1);
  2806. }
  2807.  
  2808. long
  2809. ck_profile_get_subsection_names(profile_t profile, const char **names, char ***ret_names)
  2810. {
  2811.     if ( p_profile_get_subsection_names )
  2812.         return(p_profile_get_subsection_names(profile,names,ret_names));
  2813.     else
  2814.         return(-1);
  2815. }
  2816.  
  2817. void ck_krb5_free_keyblock_contents(krb5_context context, krb5_keyblock * keyblock)
  2818. {
  2819.     if ( p_krb5_free_keyblock_contents )
  2820.         p_krb5_free_keyblock_contents(context,keyblock);
  2821. }
  2822.  
  2823. krb5_error_code ck_krb5_c_encrypt(krb5_context context, krb5_const krb5_keyblock *key,
  2824.         krb5_keyusage usage, krb5_const krb5_data *ivec,
  2825.         krb5_const krb5_data *input, krb5_enc_data *output)
  2826. {
  2827.     if ( p_krb5_c_encrypt )
  2828.         return(p_krb5_c_encrypt(context,key,usage,ivec,input,output));
  2829.     else
  2830.         return(-1);
  2831. }
  2832.  
  2833. krb5_error_code ck_krb5_c_decrypt(krb5_context context, krb5_const krb5_keyblock *key,
  2834.                                    krb5_keyusage usage, krb5_const krb5_data *ivec,
  2835.                                    krb5_const krb5_enc_data *input, krb5_data *output)
  2836. {
  2837.     if ( p_krb5_c_decrypt )
  2838.         return(p_krb5_c_decrypt(context,key,usage,ivec,input,output));
  2839.     else
  2840.         return(-1);
  2841. }
  2842.  
  2843. krb5_error_code ck_krb5_c_block_size(krb5_context context, krb5_enctype enctype,
  2844.                                       size_t *blocksize)
  2845. {
  2846.     if ( p_krb5_c_block_size )
  2847.         return(p_krb5_c_block_size(context,enctype,blocksize));
  2848.     else
  2849.         return(-1);
  2850. }
  2851.  
  2852. krb5_error_code ck_krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
  2853.                                            krb5_keyblock *random_key)
  2854. {
  2855.     if ( p_krb5_c_make_random_key )
  2856.         return(p_krb5_c_make_random_key(context,enctype,random_key));
  2857.     else
  2858.         return(-1);
  2859. }
  2860.  
  2861. krb5_error_code
  2862. ck_krb5_c_random_seed(krb5_context context, krb5_data *data)
  2863. {
  2864.     if ( p_krb5_c_random_seed )
  2865.         return(p_krb5_c_random_seed(context,data));
  2866.     else
  2867.         return(-1);
  2868. }
  2869.  
  2870. krb5_error_code 
  2871. ck_krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype,
  2872.                           size_t inputlen, size_t *length)
  2873. {
  2874.     if ( p_krb5_c_encrypt_length )
  2875.         return(p_krb5_c_encrypt_length(context,enctype,inputlen,length));
  2876.     else
  2877.         return(-1);
  2878. }
  2879.  
  2880. krb5_error_code
  2881. ck_krb5_kt_default_name(krb5_context context, char * name, int len)
  2882. {
  2883.     krb5_error_code code;
  2884.     krb5_keytab kt;
  2885.  
  2886.     if ( p_krb5_kt_default_name ) {
  2887.         code = p_krb5_kt_default_name(context,name,len);
  2888.         return(code);
  2889.     } else {
  2890.         code = krb5_kt_default(context,&kt);
  2891.         if ( code )
  2892.             return(code);
  2893.         krb5_kt_get_name(context,kt,name,len);
  2894.         krb5_kt_close(context,kt);
  2895.         return(0);
  2896.     }
  2897. }
  2898.  
  2899. #ifndef krb5_x
  2900. #define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
  2901. #define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
  2902. #endif
  2903.  
  2904. #ifndef NO_DEF_KRB5_CCACHE
  2905. typedef krb5_pointer    krb5_cc_cursor; /* cursor for sequential lookup */
  2906.  
  2907. typedef struct _krb5_ccache {
  2908.     krb5_magic magic;
  2909.     struct _krb5_cc_ops FAR *ops;
  2910.     krb5_pointer data;
  2911. } *krb5_ccache;
  2912.  
  2913. typedef struct _krb5_cc_ops {
  2914.     krb5_magic magic;
  2915.     char  *prefix;
  2916.     char  * (KRB5_CALLCONV *get_name) (krb5_context, krb5_ccache);
  2917.     krb5_error_code (KRB5_CALLCONV *resolve) (krb5_context, krb5_ccache  *,
  2918.                                             const char  *);
  2919.     krb5_error_code (KRB5_CALLCONV *gen_new) (krb5_context, krb5_ccache  *);
  2920.     krb5_error_code (KRB5_CALLCONV *init) (krb5_context, krb5_ccache,
  2921.                                             krb5_principal);
  2922.     krb5_error_code (KRB5_CALLCONV *destroy) (krb5_context, krb5_ccache);
  2923.     krb5_error_code (KRB5_CALLCONV *close) (krb5_context, krb5_ccache);
  2924.     krb5_error_code (KRB5_CALLCONV *store) (krb5_context, krb5_ccache,
  2925.                                             krb5_creds  *);
  2926.     krb5_error_code (KRB5_CALLCONV *retrieve) (krb5_context, krb5_ccache,
  2927.                                             krb5_flags, krb5_creds  *,
  2928.                                             krb5_creds  *);
  2929.     krb5_error_code (KRB5_CALLCONV *get_princ) (krb5_context, krb5_ccache,
  2930.                                             krb5_principal  *);
  2931.     krb5_error_code (KRB5_CALLCONV *get_first) (krb5_context, krb5_ccache,
  2932.                                             krb5_cc_cursor  *);
  2933.     krb5_error_code (KRB5_CALLCONV *get_next) (krb5_context, krb5_ccache,
  2934.                                             krb5_cc_cursor  *, krb5_creds  *);
  2935.     krb5_error_code (KRB5_CALLCONV *end_get) (krb5_context, krb5_ccache,
  2936.                                             krb5_cc_cursor  *);
  2937.     krb5_error_code (KRB5_CALLCONV *remove_cred) (krb5_context, krb5_ccache,
  2938.                                             krb5_flags, krb5_creds  *);
  2939.     krb5_error_code (KRB5_CALLCONV *set_flags) (krb5_context, krb5_ccache,
  2940.                                             krb5_flags);
  2941. } krb5_cc_ops;
  2942. #endif /* NO_DEF_KRB5_CCACHE */
  2943.  
  2944. char * ck_krb5_cc_get_name
  2945.     (krb5_context context, krb5_ccache cache)
  2946. {
  2947.     if ( p_krb5_cc_get_name )
  2948.         return(p_krb5_cc_get_name(context,cache));
  2949.     else
  2950.         return(krb5_xc((cache)->ops->get_name,(context, cache)));
  2951. }
  2952.  
  2953.  
  2954. krb5_error_code ck_krb5_cc_gen_new
  2955.     (krb5_context context, krb5_ccache *cache)
  2956. {
  2957.     if ( p_krb5_cc_gen_new )
  2958.         return(p_krb5_cc_gen_new(context,cache));
  2959.     else
  2960.         return(krb5_x ((*cache)->ops->gen_new,(context, cache)));
  2961. }
  2962.  
  2963.  
  2964. krb5_error_code ck_krb5_cc_initialize
  2965.     (krb5_context context, krb5_ccache cache,
  2966.                     krb5_principal principal)
  2967. {
  2968.     if ( p_krb5_cc_initialize )
  2969.         return(p_krb5_cc_initialize(context,cache,principal));
  2970.     else
  2971.         return(krb5_x ((cache)->ops->init,(context, cache, principal)));
  2972. }
  2973.  
  2974.  
  2975. krb5_error_code ck_krb5_cc_destroy
  2976.     (krb5_context context, krb5_ccache cache)
  2977. {
  2978.     if ( p_krb5_cc_destroy )
  2979.         return(p_krb5_cc_destroy(context,cache));
  2980.     else
  2981.         return(krb5_x ((cache)->ops->destroy,(context, cache)));
  2982. }
  2983.  
  2984.  
  2985. krb5_error_code ck_krb5_cc_close
  2986.     (krb5_context context, krb5_ccache cache)
  2987. {
  2988.     if ( p_krb5_cc_close )
  2989.         return(p_krb5_cc_close(context,cache));
  2990.     else
  2991.         return(krb5_x ((cache)->ops->close,(context, cache)));
  2992. }
  2993.  
  2994.  
  2995. krb5_error_code ck_krb5_cc_store_cred
  2996.     (krb5_context context, krb5_ccache cache,
  2997.                      krb5_creds *creds)
  2998. {
  2999.     if ( p_krb5_cc_store_cred )
  3000.         return(p_krb5_cc_store_cred(context,cache,creds));
  3001.     else
  3002.         return(krb5_x ((cache)->ops->store,(context, cache, creds)));
  3003. }
  3004.  
  3005.  
  3006. krb5_error_code ck_krb5_cc_retrieve_cred
  3007.     (krb5_context context, krb5_ccache cache,
  3008.       krb5_flags flags, krb5_creds *mcreds,
  3009.       krb5_creds *creds)
  3010. {
  3011.     if ( p_krb5_cc_retrieve_cred )
  3012.         return(p_krb5_cc_retrieve_cred(context,cache,flags,mcreds,creds));
  3013.     else
  3014.         return(krb5_x ((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)));
  3015. }
  3016.  
  3017.  
  3018. krb5_error_code ck_krb5_cc_get_principal
  3019.     (krb5_context context, krb5_ccache cache,
  3020.       krb5_principal *principal)
  3021. {
  3022.     if ( p_krb5_cc_get_principal )
  3023.         return(p_krb5_cc_get_principal(context,cache,principal));
  3024.     else
  3025.         return(krb5_x ((cache)->ops->get_princ,(context, cache, principal)));
  3026. }
  3027.  
  3028.  
  3029. krb5_error_code ck_krb5_cc_start_seq_get
  3030.     (krb5_context context, krb5_ccache cache,
  3031.       krb5_cc_cursor *cursor)
  3032. {
  3033.     if ( p_krb5_cc_start_seq_get )
  3034.         return(p_krb5_cc_start_seq_get(context,cache,cursor));
  3035.     else
  3036.         return(krb5_x ((cache)->ops->get_first,(context, cache, cursor)));
  3037. }
  3038.  
  3039.  
  3040. krb5_error_code ck_krb5_cc_next_cred
  3041.     (krb5_context context, krb5_ccache cache,
  3042.       krb5_cc_cursor *cursor, krb5_creds *creds)
  3043. {
  3044.     if ( p_krb5_cc_next_cred )
  3045.         return(p_krb5_cc_next_cred(context,cache,cursor,creds));
  3046.     else
  3047.         return(krb5_x ((cache)->ops->get_next,(context, cache, cursor, creds)));
  3048. }
  3049.  
  3050.  
  3051. krb5_error_code ck_krb5_cc_end_seq_get
  3052.     (krb5_context context, krb5_ccache cache,
  3053.       krb5_cc_cursor *cursor)
  3054. {
  3055.     if ( p_krb5_cc_end_seq_get )
  3056.         return(p_krb5_cc_end_seq_get(context,cache,cursor));
  3057.     else
  3058.         return(krb5_x ((cache)->ops->end_get,(context, cache, cursor)));
  3059. }
  3060.  
  3061.  
  3062. krb5_error_code ck_krb5_cc_remove_cred
  3063.     (krb5_context context, krb5_ccache cache, krb5_flags flags,
  3064.       krb5_creds *creds)
  3065. {
  3066.     if ( p_krb5_cc_remove_cred )
  3067.         return(p_krb5_cc_remove_cred(context,cache,flags,creds));
  3068.     else
  3069.         return(krb5_x ((cache)->ops->remove_cred,(context, cache,flags, creds)));
  3070. }
  3071.  
  3072.  
  3073. krb5_error_code ck_krb5_cc_set_flags
  3074.     (krb5_context context, krb5_ccache cache, krb5_flags flags)
  3075. {
  3076.     if ( p_krb5_cc_set_flags )
  3077.         return(p_krb5_cc_set_flags(context,cache,flags));
  3078.     else
  3079.         return(krb5_x ((cache)->ops->set_flags,(context, cache, flags)));
  3080. }
  3081.  
  3082. const char * ck_krb5_cc_get_type
  3083.     (krb5_context context, krb5_ccache cache)
  3084. {
  3085.     if ( p_krb5_cc_get_type )
  3086.         return(p_krb5_cc_get_type(context,cache));
  3087.     else
  3088.         return(((cache)->ops->prefix));
  3089. }
  3090.  
  3091. #ifndef NO_DEF_KRB5_KT
  3092. typedef krb5_pointer krb5_kt_cursor;    /* XXX */
  3093.  
  3094. typedef struct old_krb5_keytab_entry_st {
  3095.     krb5_magic magic;
  3096.     krb5_principal principal;   /* principal of this key */
  3097.     krb5_timestamp timestamp;   /* time entry written to keytable */
  3098.     krb5_kvno vno;              /* key version number */
  3099.     krb5_keyblock key;          /* the secret key */
  3100. } old_krb5_keytab_entry;
  3101.  
  3102. typedef struct _old_krb5_kt {
  3103.     krb5_magic magic;
  3104.     struct _krb5_kt_ops FAR *ops;
  3105.     krb5_pointer data;
  3106. } *old_krb5_keytab;
  3107.  
  3108. typedef struct _krb5_kt_ops {
  3109.     krb5_magic magic;
  3110.     char *prefix;
  3111.     /* routines always present */
  3112.     krb5_error_code (KRB5_CALLCONV *resolve)
  3113.         (krb5_context,
  3114.                  krb5_const char *,
  3115.                  krb5_keytab *);
  3116.     krb5_error_code (KRB5_CALLCONV *get_name)
  3117.         (krb5_context,
  3118.                  krb5_keytab,
  3119.                  char *,
  3120.                  int);
  3121.     krb5_error_code (KRB5_CALLCONV *close)
  3122.         (krb5_context,
  3123.                  krb5_keytab);
  3124.     krb5_error_code (KRB5_CALLCONV *get)
  3125.         (krb5_context,
  3126.                  krb5_keytab,
  3127.                  krb5_principal,
  3128.                  krb5_kvno,
  3129.                  krb5_enctype,
  3130.                  krb5_keytab_entry *);
  3131.     krb5_error_code (KRB5_CALLCONV *start_seq_get)
  3132.         (krb5_context,
  3133.                  krb5_keytab,
  3134.                  krb5_kt_cursor *);
  3135.     krb5_error_code (KRB5_CALLCONV *get_next)
  3136.         (krb5_context,
  3137.                           krb5_keytab,
  3138.                           krb5_keytab_entry *,
  3139.                           krb5_kt_cursor *);
  3140.     krb5_error_code (KRB5_CALLCONV *end_get)
  3141.         (krb5_context,
  3142.                  krb5_keytab,
  3143.                  krb5_kt_cursor *);
  3144.     /* routines to be included on extended version (write routines) */
  3145.     krb5_error_code (KRB5_CALLCONV *add)
  3146.         (krb5_context,
  3147.                  krb5_keytab,
  3148.                  krb5_keytab_entry *);
  3149.     krb5_error_code (KRB5_CALLCONV *remove)
  3150.         (krb5_context,
  3151.                  krb5_keytab,
  3152.                   krb5_keytab_entry *);
  3153.  
  3154.     /* Handle for serializer */
  3155.     void * serializer;
  3156. } krb5_kt_ops;
  3157. #else
  3158. #define old_krb5_keytab krb5_keytab
  3159. #endif /* NO_DEF_KRB5_KT */
  3160.  
  3161. const char * ck_krb5_kt_get_type
  3162.      (krb5_context context, krb5_keytab keytab)
  3163. {
  3164.     if ( p_krb5_kt_get_type )
  3165.         return(p_krb5_kt_get_type(context,keytab));
  3166.     else
  3167.         return(((old_krb5_keytab)keytab)->ops->prefix);
  3168. }
  3169.  
  3170. krb5_error_code ck_krb5_kt_get_name
  3171.      (krb5_context context, krb5_keytab keytab, char * name, unsigned int namelen)
  3172. {
  3173.     if ( p_krb5_kt_get_name )
  3174.         return(p_krb5_kt_get_name(context,keytab,name,namelen));
  3175.     else
  3176.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get_name,(context, keytab,name,namelen)));
  3177. }
  3178.  
  3179. krb5_error_code ck_krb5_kt_close(krb5_context context, krb5_keytab keytab)
  3180. {
  3181.     if ( p_krb5_kt_close )
  3182.         return(p_krb5_kt_close(context,keytab));
  3183.     else
  3184.         return(krb5_x(((old_krb5_keytab)keytab)->ops->close,(context, keytab)));
  3185. }
  3186.  
  3187. krb5_error_code ck_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
  3188.                  krb5_principal princ,
  3189.                  krb5_kvno kvno,
  3190.                  krb5_enctype enc,
  3191.                  krb5_keytab_entry * entry)
  3192. {
  3193.     if ( p_krb5_kt_get_entry )
  3194.         return(p_krb5_kt_get_entry(context,keytab,princ,kvno,enc,entry));
  3195.     else
  3196.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get,(context, keytab, princ, kvno, enc, entry)));
  3197. }
  3198.  
  3199. krb5_error_code ck_krb5_kt_start_seq_get(krb5_context context,
  3200.                  krb5_keytab keytab,
  3201.                  krb5_kt_cursor * cursor)
  3202. {
  3203.     if ( p_krb5_kt_start_seq_get )
  3204.         return(p_krb5_kt_start_seq_get(context,keytab,cursor));
  3205.     else
  3206.         return(krb5_x(((old_krb5_keytab)keytab)->ops->start_seq_get,(context, keytab, cursor)));
  3207. }
  3208. krb5_error_code ck_krb5_kt_next_entry(krb5_context context,
  3209.                  krb5_keytab keytab,
  3210.                  krb5_keytab_entry * entry,
  3211.                  krb5_kt_cursor * cursor)
  3212. {
  3213.     if ( p_krb5_kt_next_entry )
  3214.         return(p_krb5_kt_next_entry(context,keytab,entry,cursor) );
  3215.     else
  3216.         return(krb5_x(((old_krb5_keytab)keytab)->ops->get_next,(context, keytab, entry, cursor)));
  3217. }
  3218.  
  3219. krb5_error_code ck_krb5_kt_end_seq_get(krb5_context context,
  3220.                  krb5_keytab keytab,
  3221.                  krb5_kt_cursor * cursor)
  3222. {
  3223.     if ( p_krb5_kt_end_seq_get )
  3224.         return(p_krb5_kt_end_seq_get(context,keytab,cursor));
  3225.     else
  3226.         return(krb5_x(((old_krb5_keytab)keytab)->ops->end_get,(context, keytab, cursor)));
  3227. }
  3228.  
  3229. krb5_error_code ck_krb5_build_principal(krb5_context context,
  3230.           krb5_principal * princ, unsigned int len, krb5_const char * data1,
  3231.           krb5_const char * data2, krb5_const char * data3, krb5_const char *data4)
  3232. {
  3233.     if ( p_krb5_build_principal )
  3234.         return(p_krb5_build_principal(context,princ,len,data1,data2,data3,data4));
  3235.     else
  3236.         return(-1);
  3237. }
  3238.  
  3239. int 
  3240. ck_krb524_init_ets(krb5_context context)
  3241. {
  3242.     if ( p_krb524_init_ets )
  3243.         return(p_krb524_init_ets(context));
  3244.     else
  3245.         return(-1);
  3246. }
  3247.  
  3248. int
  3249. ck_krb524_convert_creds_kdc(krb5_context context,
  3250.                              krb5_creds *v5creds,
  3251.                              LEASH_CREDENTIALS *v4creds)
  3252. {
  3253.     if ( p_krb524_convert_creds_kdc )
  3254.         return(p_krb524_convert_creds_kdc(context,v5creds,(CREDENTIALS *)v4creds));
  3255.     else
  3256.         return(-1);
  3257. }
  3258. #endif /* KRB5 */
  3259.  
  3260. #ifdef CK_DES
  3261. /* These functions are located in DLLs which we are not linking to at */
  3262. /* compile time.  Therefore, we have to redirect them to locally      */
  3263. /* defined functions which will call the real thing only if they are  */
  3264. /* available via Run-Time Linking.                                    */
  3265. /*
  3266.    From KRB5_32.DLL:
  3267.        unresolved external symbol __imp__des_ecb_encrypt@16
  3268.        unresolved external symbol __imp__des_new_random_key@4
  3269.        unresolved external symbol __imp__des_key_sched@8
  3270.        unresolved external symbol __imp__des_set_random_generator_seed@4
  3271.  
  3272. */
  3273.  
  3274. static int
  3275. (KRB5_CALLCONV *p_des_new_random_key) P((Block))=NULL;
  3276. static void
  3277. (KRB5_CALLCONV *p_des_set_random_generator_seed) P((Block))=NULL;
  3278. static int
  3279. (KRB5_CALLCONV *p_des_key_sched) P((Block, Schedule))=NULL;
  3280. static void
  3281. (KRB5_CALLCONV *p_des_ecb_encrypt) P((Block, Block, Schedule, int))=NULL;
  3282. static void
  3283. (KRB5_CALLCONV *p_des_pcbc_encrypt)
  3284. P((Block, Block, long, Schedule, Block, int))=NULL;
  3285. static int
  3286. (KRB5_CALLCONV *p_des_string_to_key) P((char *, Block))=NULL;
  3287. static void
  3288. (KRB5_CALLCONV *p_des_fixup_key_parity) P((Block))=NULL;
  3289.  
  3290. /* these were KRB5_CALLCONV */
  3291. static int
  3292. (KRB5_CALLCONV_C  *p_k4_des_new_random_key) P((Block))=NULL;
  3293. static void
  3294. (KRB5_CALLCONV_C  *p_k4_des_set_random_generator_seed) P((Block))=NULL;
  3295. static int
  3296. (KRB5_CALLCONV_C  *p_k4_des_key_sched) P((Block, Schedule))=NULL;
  3297. static void
  3298. (KRB5_CALLCONV_C  *p_k4_des_ecb_encrypt) P((Block, Block, Schedule, int))=NULL;
  3299. static void
  3300. (KRB5_CALLCONV_C  *p_k4_des_pcbc_encrypt) P((Block, Block, long, Schedule, Block, int))=NULL;
  3301. static int
  3302. (KRB5_CALLCONV_C  *p_k4_des_string_to_key) P((char *, Block))=NULL;
  3303. static void
  3304. (KRB5_CALLCONV_C  *p_k4_des_fixup_key_parity) P((Block))=NULL;
  3305.  
  3306. #ifdef LIBDES
  3307. #ifdef CRYPT_DLL
  3308. int   (*libdes_random_key)(Block)=NULL;
  3309. void  (*libdes_random_seed)(Block)=NULL;
  3310. int   (*libdes_key_sched)(Block, Schedule)=NULL;
  3311. void  (*libdes_ecb_encrypt)(Block, Block, Schedule, int)=NULL;
  3312. int   (*libdes_string_to_key)(char *, Block)=NULL;
  3313. int   (*libdes_fixup_key_parity)(Block)=NULL;
  3314. int   (*libdes_pcbc_encrypt)(Block, Block, long, Schedule, Block, int)=NULL;
  3315. #else /* CRYPT_DLL */
  3316. int   libdes_random_key(Block);
  3317. void  libdes_random_seed(Block);
  3318. int   libdes_key_sched(Block, Schedule);
  3319. void  libdes_ecb_encrypt(Block, Block, Schedule, int);
  3320. int   libdes_string_to_key(char *, Block);
  3321. int   libdes_fixup_key_parity(Block);
  3322. int   libdes_pcbc_encrypt(Block, Block, long, Schedule, Block, int);
  3323. #endif /* CRYPT_DLL */
  3324. #endif /* LIBDES */
  3325.  
  3326. int
  3327. ck_des_new_random_key(Block B)
  3328. {
  3329.     int rc=0;
  3330. #ifdef LIBDES
  3331. #ifdef CRYPT_DLL
  3332.     if ( libdes_random_key ) {
  3333.         rc = libdes_random_key(B);
  3334.         return(rc);
  3335.     }
  3336.     else
  3337.         return(-1);
  3338. #else /* CRYPT_DLL */
  3339.     rc = libdes_random_key(B);
  3340.     return(rc);
  3341. #endif /* CRYPT_DLL */
  3342. #endif /* LIBDES */
  3343.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3344.         if ( p_des_new_random_key == NULL )
  3345.             return(-1);
  3346.         else {
  3347.             rc = p_des_new_random_key(B);
  3348.             return(rc);
  3349.         }
  3350.     }
  3351.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3352.         if ( p_k4_des_new_random_key == NULL )
  3353.             return(-1);
  3354.         else {
  3355.             rc = p_k4_des_new_random_key(B);
  3356.             return(rc);
  3357.         }
  3358.     }
  3359.     return(-1);
  3360. }
  3361. void
  3362. ck_des_set_random_generator_seed(Block B)
  3363. {
  3364. #ifdef LIBDES
  3365. #ifdef CRYPT_DLL
  3366.     if ( libdes_random_seed ) {
  3367.         libdes_random_seed(B);
  3368.         return;
  3369.     }
  3370. #else /* CRYPT_DLL */
  3371.     libdes_random_seed(B);
  3372.     return;
  3373. #endif /* CRYPT_DLL */
  3374. #endif /* LIBDES */
  3375.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3376.         if ( p_des_set_random_generator_seed )
  3377.             p_des_set_random_generator_seed(B);
  3378.     }
  3379.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3380.         if ( p_k4_des_set_random_generator_seed )
  3381.             p_k4_des_set_random_generator_seed(B);
  3382.     }
  3383. }
  3384. int
  3385. ck_des_key_sched(Block B, Schedule S)
  3386. {
  3387. #ifdef LIBDES
  3388. #ifdef CRYPT_DLL
  3389.     if ( libdes_key_sched ) {
  3390.         return libdes_key_sched(B,S);
  3391.     }
  3392.     else
  3393.         return(-3);
  3394. #else /* CRYPT_DLL */
  3395.     return libdes_key_sched(B,S);
  3396. #endif /* CRYPT_DLL */
  3397. #endif /* LIBDES */
  3398.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3399.         if ( p_des_key_sched )
  3400.             return p_des_key_sched(B,S);
  3401.         else
  3402.             return(-3);
  3403.     }
  3404.     else if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3405.         if ( p_k4_des_key_sched )
  3406.             return p_k4_des_key_sched(B,S);
  3407.         else
  3408.             return(-3);
  3409.     }
  3410.     return(-3);
  3411. }
  3412.  
  3413. int
  3414. ck_k4_des_key_sched(Block B, Schedule S)
  3415. {
  3416.     if ( p_k4_des_key_sched )
  3417.         return p_k4_des_key_sched(B,S);
  3418.     else
  3419.         return(-3);
  3420. }
  3421.  
  3422. void
  3423. ck_des_ecb_encrypt(Block B1, Block B2, Schedule S, int I)
  3424. {
  3425.     if ( I ) {      /* Encrypting */
  3426.         hexdump("des_ecb_encrypt() encrypting",B1,sizeof(Block));
  3427.     } else {        /* Decrypting */
  3428.         hexdump("des_ecb_encrypt() decrypting",B1,sizeof(Block));
  3429.     }
  3430.  
  3431. #ifdef LIBDES
  3432. #ifdef CRYPT_DLL
  3433.     if ( libdes_ecb_encrypt ) {
  3434.         libdes_ecb_encrypt(B1,B2,S,I);
  3435.         goto exit_des_ecb_encrypt;
  3436.     }
  3437. #else /* CRYPT_DLL */
  3438.     libdes_ecb_encrypt(B1,B2,S,I);
  3439.     goto exit_des_ecb_encrypt;
  3440. #endif /* CRYPT_DLL */
  3441. #endif /* LIBDES */
  3442.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3443.         if ( p_des_ecb_encrypt )
  3444.             p_des_ecb_encrypt(B1,B2,S,I);
  3445.     }
  3446.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3447.         if ( p_k4_des_ecb_encrypt )
  3448.             p_k4_des_ecb_encrypt(B1,B2,S,I);
  3449.     }
  3450.   exit_des_ecb_encrypt:
  3451.     hexdump("des_ecb_encrypt() B1",B1,sizeof(Block));
  3452.     hexdump("des_ecb_encrypt() B2",B2,sizeof(Block));
  3453. }
  3454.  
  3455. int
  3456. ck_des_string_to_key(char * p, Block B)
  3457. {
  3458. #ifdef LIBDES
  3459. #ifdef CRYPT_DLL
  3460.     if ( libdes_string_to_key )
  3461.         return(libdes_string_to_key(p,B));
  3462.     else
  3463.         return(0);
  3464. #else /* CRYPT_DLL */
  3465.     return(libdes_string_to_key(p,B));
  3466. #endif /* CRYPT_DLL */
  3467. #endif /* LIBDES */
  3468.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3469.         if ( p_des_string_to_key )
  3470.             return(p_des_string_to_key(p,B));
  3471.         else
  3472.             return(-1);
  3473.     }
  3474.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3475.         if ( p_k4_des_string_to_key )
  3476.             return(p_k4_des_string_to_key(p,B));
  3477.         else
  3478.             return(-1);
  3479.     }
  3480. }
  3481.  
  3482. void
  3483. ck_des_fixup_key_parity(Block B)
  3484. {
  3485. #ifdef LIBDES
  3486. #ifdef CRYPT_DLL
  3487.     if ( libdes_fixup_key_parity ) {
  3488.         libdes_fixup_key_parity(B);
  3489.         return;
  3490.     }
  3491. #else /* CRYPT_DLL */
  3492.     libdes_fixup_key_parity(B);
  3493.     return;
  3494. #endif /* CRYPT_DLL */
  3495. #endif /* LIBDES */
  3496.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3497.         if ( p_des_fixup_key_parity )
  3498.             p_des_fixup_key_parity(B);
  3499.     }
  3500.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3501.         if ( p_k4_des_fixup_key_parity )
  3502.             p_k4_des_fixup_key_parity(B);
  3503.     }
  3504. }
  3505.  
  3506. void
  3507. ck_des_pcbc_encrypt(Block input, Block output, long length,
  3508.                     Schedule schedule, Block ivec, int enc)
  3509. {
  3510. #ifdef LIBDES
  3511. #ifdef CRYPT_DLL
  3512.     if ( libdes_pcbc_encrypt ) {
  3513.         libdes_pcbc_encrypt(input,output,length,schedule,ivec,enc);
  3514.         return;
  3515.     }
  3516. #else /* CRYPT_DLL */
  3517.     libdes_pcbc_encrypt(input,output,length,schedule,ivec,enc);
  3518.     return;
  3519. #endif /* CRYPT_DLL */
  3520. #endif /* LIBDES */
  3521.     if ( authentication_version == AUTHTYPE_KERBEROS_V5 ) {
  3522.         if ( p_des_pcbc_encrypt ) {
  3523.             p_des_pcbc_encrypt(input,output,length,schedule,ivec,enc);
  3524.             return;
  3525.         }
  3526.     }
  3527.     if ( authentication_version == AUTHTYPE_KERBEROS_V4 ) {
  3528.         if ( p_k4_des_pcbc_encrypt ) {
  3529.             p_k4_des_pcbc_encrypt(input,output,length,schedule,ivec,enc);
  3530.             return;
  3531.         }
  3532.     }
  3533. }
  3534. #endif /* CK_DES */
  3535.  
  3536. #ifdef CRYPT_DLL
  3537. static int  (*p_crypt_dll_init)(struct _crypt_dll_init *)=NULL;
  3538. static int  (*p_encrypt_parse)(unsigned char *, int)=NULL;
  3539. static void (*p_encrypt_init)(kstream,int)=NULL;
  3540. static int  (*p_encrypt_session_key)(Session_Key *, int)=NULL;
  3541. static int  (*p_encrypt_dont_support)(int)=NULL;
  3542. static void (*p_encrypt_send_request_start)(void)=NULL;
  3543. static int  (*p_encrypt_request_start)(void)=NULL;
  3544. static int  (*p_encrypt_send_request_end)(void)=NULL;
  3545. static void (*p_encrypt_send_end)(void)=NULL;
  3546. static void (*p_encrypt_send_support)(void)=NULL;
  3547. static int  (*p_encrypt_is_encrypting)(void)=NULL;
  3548. static int  (*p_encrypt_is_decrypting)(void)=NULL;
  3549. static int  (*p_get_crypt_table)(struct keytab ** pTable, int * pN)=NULL;
  3550. static int  (*p_des_is_weak_key)(Block)=NULL;
  3551. static char * (*p_crypt_dll_version)()=NULL;
  3552.  
  3553. int
  3554. ck_encrypt_parse(unsigned char * s, int n)
  3555. {
  3556.     if ( p_encrypt_parse )
  3557.         return(p_encrypt_parse(s,n));
  3558.     else
  3559.         return(0);
  3560. }
  3561.  
  3562. void
  3563. ck_encrypt_init(kstream ks, int type)
  3564. {
  3565.     if ( p_encrypt_init )
  3566.         p_encrypt_init(ks,type);
  3567. }
  3568.  
  3569. int
  3570. ck_encrypt_dont_support(int type)
  3571. {
  3572.     if ( p_encrypt_dont_support )
  3573.         return p_encrypt_dont_support(type);
  3574.     return(0);
  3575. }
  3576.  
  3577. int
  3578. ck_encrypt_session_key(Session_Key * key, int n)
  3579. {
  3580.     if ( p_encrypt_session_key )
  3581.         return p_encrypt_session_key(key,n);
  3582.     return(0);
  3583. }
  3584.  
  3585. void
  3586. ck_encrypt_send_support(void)
  3587. {
  3588.     if ( p_encrypt_send_support )
  3589.         p_encrypt_send_support();
  3590. }
  3591.  
  3592. void
  3593. ck_encrypt_send_request_start(void)
  3594. {
  3595.     if ( p_encrypt_send_request_start )
  3596.         p_encrypt_send_request_start();
  3597. }
  3598.  
  3599. void
  3600. ck_encrypt_request_start(void)
  3601. {
  3602.     if ( p_encrypt_request_start )
  3603.         p_encrypt_request_start();
  3604. }
  3605.  
  3606. void
  3607. ck_encrypt_send_request_end(void)
  3608. {
  3609.     if ( p_encrypt_send_request_end )
  3610.         p_encrypt_send_request_end();
  3611. }
  3612.  
  3613. void
  3614. ck_encrypt_send_end(void)
  3615. {
  3616.     if ( p_encrypt_send_end )
  3617.         p_encrypt_send_end();
  3618. }
  3619.  
  3620. int
  3621. ck_encrypt_is_encrypting(void)
  3622. {
  3623.     if ( p_encrypt_is_encrypting )
  3624.         return(p_encrypt_is_encrypting());
  3625.     else
  3626.         return(0);
  3627. }
  3628.  
  3629. int
  3630. ck_encrypt_is_decrypting(void)
  3631. {
  3632.     if ( p_encrypt_is_decrypting )
  3633.         return(p_encrypt_is_decrypting());
  3634.     else
  3635.         return(0);
  3636. }
  3637.  
  3638. int
  3639. ck_get_crypt_table(struct keytab ** pTable, int * pN)
  3640. {
  3641.     if (p_get_crypt_table) {
  3642.         return(p_get_crypt_table(pTable,pN));
  3643.     } else {
  3644.         int i = 0;
  3645.         if (*pTable) {
  3646.             for (i = 0; i < *pN; i++)
  3647.               free((*pTable)[i].kwd);
  3648.             free (*pTable);
  3649.         }
  3650.         *pTable = NULL;
  3651.         *pN = 0;
  3652.  
  3653.         *pTable = malloc( sizeof(struct keytab) * 2);
  3654.         if (!(*pTable))
  3655.           return(0);
  3656.         (*pTable)[0].kwd = strdup("automatic");
  3657.         (*pTable)[0].kwval = ENCTYPE_ANY;
  3658.         (*pTable)[0].flgs = 0;
  3659.         (*pTable)[1].kwd = strdup("none");
  3660.         (*pTable)[1].kwval = -1;
  3661.         (*pTable)[1].flgs = 0;
  3662.         (*pN) = 2;
  3663.         return(2);
  3664.     }
  3665. }
  3666.  
  3667. int
  3668. ck_des_is_weak_key(Block B)
  3669. {
  3670.     if ( p_des_is_weak_key )
  3671.         return(p_des_is_weak_key(B));
  3672.     else
  3673.         return(0);      /* assume it is not */
  3674. }
  3675.  
  3676. void
  3677. crypt_install_funcs(char * name, void * func)
  3678. {
  3679. #ifdef NT
  3680.     if ( !strcmp(name,"encrypt_parse") )
  3681.         (FARPROC) p_encrypt_parse = (FARPROC) func;
  3682.     else if ( !strcmp(name,"encrypt_init") )
  3683.         (FARPROC) p_encrypt_init = (FARPROC) func;
  3684.     else if ( !strcmp(name,"encrypt_session_key") )
  3685.         (FARPROC) p_encrypt_session_key = (FARPROC) func;
  3686.     else if ( !strcmp(name,"encrypt_dont_support") )
  3687.         (FARPROC) p_encrypt_dont_support = (FARPROC) func;
  3688.     else if ( !strcmp(name,"encrypt_send_request_start") )
  3689.         (FARPROC) p_encrypt_send_request_start = (FARPROC) func;
  3690.     else if ( !strcmp(name,"encrypt_request_start") )
  3691.         (FARPROC) p_encrypt_request_start = (FARPROC) func;
  3692.     else if ( !strcmp(name,"encrypt_send_request_end") )
  3693.         (FARPROC) p_encrypt_send_request_end = (FARPROC) func;
  3694.     else if ( !strcmp(name, "encrypt_send_end") )
  3695.         (FARPROC) p_encrypt_send_end = (FARPROC) func;
  3696.     else if ( !strcmp(name,"encrypt_send_support") )
  3697.         (FARPROC) p_encrypt_send_support = (FARPROC) func;
  3698.     else if ( !strcmp(name,"encrypt_is_encrypting") )
  3699.         (FARPROC) p_encrypt_is_encrypting = (FARPROC) func;
  3700.     else if ( !strcmp(name,"encrypt_is_decrypting") )
  3701.         (FARPROC) p_encrypt_is_decrypting = (FARPROC) func;
  3702.     else if ( !strcmp(name,"get_crypt_table") )
  3703.         (FARPROC) p_get_crypt_table = (FARPROC) func;
  3704.     else if ( !strcmp(name,"des_is_weak_key") )
  3705.         (FARPROC) p_des_is_weak_key = (FARPROC) func;
  3706.     else if ( !strcmp(name,"libdes_random_key") )
  3707.         (FARPROC) libdes_random_key = (FARPROC) func;
  3708.     else if ( !strcmp(name,"libdes_random_seed") )
  3709.         (FARPROC) libdes_random_seed = (FARPROC) func;
  3710.     else if ( !strcmp(name,"libdes_key_sched") )
  3711.         (FARPROC) libdes_key_sched = (FARPROC) func;
  3712.     else if ( !strcmp(name,"libdes_ecb_encrypt") )
  3713.         (FARPROC) libdes_ecb_encrypt = (FARPROC) func;
  3714.     else if ( !strcmp(name,"libdes_string_to_key") )
  3715.         (FARPROC) libdes_string_to_key = (FARPROC) func;
  3716.     else if ( !strcmp(name,"libdes_fixup_key_parity") )
  3717.         (FARPROC) libdes_fixup_key_parity = (FARPROC) func;
  3718.     else if ( !strcmp(name,"libdes_pcbc_encrypt") )
  3719.         (FARPROC) libdes_pcbc_encrypt = (FARPROC) func;
  3720.     else if ( !strcmp(name,"crypt_dll_version") )
  3721.         (FARPROC) p_crypt_dll_version = (FARPROC) func;
  3722. #else /* NT */
  3723.     if ( !strcmp(name,"encrypt_parse") )
  3724.         p_encrypt_parse = (PFN*) func;
  3725.     else if ( !strcmp(name,"encrypt_init") )
  3726.         p_encrypt_init = (PFN*) func;
  3727.     else if ( !strcmp(name,"encrypt_session_key") )
  3728.         p_encrypt_session_key = (PFN*) func;
  3729.     else if ( !strcmp(name,"encrypt_dont_support") )
  3730.         p_encrypt_dont_support = (PFN*) func;
  3731.     else if ( !strcmp(name,"encrypt_send_request_start") )
  3732.         p_encrypt_send_request_start = (PFN*) func;
  3733.     else if ( !strcmp(name,"encrypt_request_start") )
  3734.         p_encrypt_request_start = (PFN*) func;
  3735.     else if ( !strcmp(name,"encrypt_send_request_end") )
  3736.         p_encrypt_send_request_end = (PFN*) func;
  3737.     else if ( !strcmp(name, "encrypt_send_end") )
  3738.         p_encrypt_send_end = (PFN*) func;
  3739.     else if ( !strcmp(name,"encrypt_send_support") )
  3740.         p_encrypt_send_support = (PFN*) func;
  3741.     else if ( !strcmp(name,"encrypt_is_encrypting") )
  3742.         p_encrypt_is_encrypting = (PFN*) func;
  3743.     else if ( !strcmp(name,"encrypt_is_decrypting") )
  3744.         p_encrypt_is_decrypting = (PFN*) func;
  3745.     else if ( !strcmp(name,"get_crypt_table") )
  3746.         p_get_crypt_table = (PFN*) func;
  3747.     else if ( !strcmp(name,"des_is_weak_key") )
  3748.         p_des_is_weak_key = (PFN*) func;
  3749.     else if ( !strcmp(name,"libdes_random_key") )
  3750.         libdes_random_key = (PFN*) func;
  3751.     else if ( !strcmp(name,"libdes_random_seed") )
  3752.         libdes_random_seed = (PFN*) func;
  3753.     else if ( !strcmp(name,"libdes_key_sched") )
  3754.         libdes_key_sched = (PFN*) func;
  3755.     else if ( !strcmp(name,"libdes_ecb_encrypt") )
  3756.         libdes_ecb_encrypt = (PFN*) func;
  3757.     else if ( !strcmp(name,"libdes_string_to_key") )
  3758.         libdes_string_to_key = (PFN*) func;
  3759.     else if ( !strcmp(name,"libdes_fixup_key_parity") )
  3760.         libdes_fixup_key_parity = (PFN*) func;
  3761.     else if ( !strcmp(name,"libdes_pcbc_encrypt") )
  3762.         libdes_pcbc_encrypt = (PFN*) func;
  3763.     else if ( !strcmp(name,"crypt_dll_version") )
  3764.         p_crypt_dll_version = (PFN*) func;
  3765. #endif /* NT */
  3766. }
  3767.  
  3768. char *
  3769. ck_crypt_dll_version()
  3770. {
  3771.     if ( p_crypt_dll_version )
  3772.         return(p_crypt_dll_version());
  3773.     else
  3774.         return("Encryption provided via external DLL");
  3775. }
  3776.  
  3777. #define encrypt_parse                 ck_encrypt_parse
  3778. #define encrypt_init                  ck_encrypt_init
  3779. #define encrypt_session_key           ck_encrypt_session_key
  3780. #define encrypt_dont_support          ck_encrypt_dont_support
  3781. #define encrypt_send_support          ck_encrypt_send_support
  3782. #define encrypt_send_end              ck_encrypt_send_end
  3783. #define encrypt_send_request_end      ck_encrypt_send_request_end
  3784. #define encrypt_send_request_start    ck_encrypt_send_request_start
  3785. #define encrypt_request_start         ck_encrypt_request_start
  3786. #define encrypt_is_encrypting         ck_encrypt_is_encrypting
  3787. #define encrypt_is_decrypting         ck_encrypt_is_decrypting
  3788.  
  3789. #ifdef NT
  3790. HINSTANCE hCRYPT = NULL;
  3791. #else /* NT */
  3792. HMODULE hCRYPT = 0;
  3793. #endif /* NT */
  3794.  
  3795. static void
  3796. ck_crypt_dll_loaddll_eh(void)
  3797. {
  3798.     if ( hCRYPT ) {
  3799. #ifdef NT
  3800.         FreeLibrary(hCRYPT);
  3801.         hCRYPT = NULL;
  3802. #else /* NT */
  3803.         DosFreeModule(hCRYPT);
  3804.         hCRYPT = 0;
  3805. #endif /* NT */
  3806.     }
  3807.     p_crypt_dll_init=NULL;
  3808.     p_encrypt_parse=NULL;
  3809.     p_encrypt_init=NULL;
  3810.     p_encrypt_session_key=NULL;
  3811.     p_encrypt_dont_support=NULL;
  3812.     p_encrypt_send_support=NULL;
  3813.     p_encrypt_send_request_start=NULL;
  3814.     p_encrypt_request_start=NULL;
  3815.     p_encrypt_send_request_end=NULL;
  3816.     p_encrypt_send_end=NULL;
  3817.     p_encrypt_is_encrypting=NULL;
  3818.     p_encrypt_is_decrypting=NULL;
  3819.     p_get_crypt_table = NULL;
  3820.     p_des_is_weak_key = NULL;
  3821.  
  3822.     libdes_random_key=NULL;
  3823.     libdes_random_seed=NULL;
  3824.     libdes_key_sched=NULL;
  3825.     libdes_ecb_encrypt=NULL;
  3826.     libdes_string_to_key=NULL;
  3827.     libdes_fixup_key_parity=NULL;
  3828.     libdes_pcbc_encrypt=NULL;
  3829.  
  3830.     p_crypt_dll_version=NULL;
  3831.  
  3832.     encrypt_flag = 0;
  3833. }
  3834.  
  3835. static int crypt_dll_loaded=0;
  3836.  
  3837. int
  3838. ck_crypt_loaddll( void )
  3839. {
  3840.     ULONG rc = 0 ;
  3841.     struct _crypt_dll_init init;
  3842.     extern unsigned long startflags;
  3843.     int load_error = 0, len;
  3844. #ifdef OS2ONLY
  3845.     CHAR *exe_path;
  3846.     CHAR path[256];
  3847.     CHAR * dllname = "K2CRYPT";
  3848. #endif /* OS2ONLY */
  3849.  
  3850.     if ( crypt_dll_loaded )
  3851.         return(1);
  3852.  
  3853.     if ( startflags & 8 )       /* do not load if we are not supposed to */
  3854.         return(0);
  3855.  
  3856. #ifdef NT
  3857.     hCRYPT = LoadLibrary("K95CRYPT");
  3858.     if ( !hCRYPT ) {
  3859.         rc = GetLastError() ;
  3860.         debug(F101, "K95 Crypt LoadLibrary failed","",rc) ;
  3861.         return(0);
  3862.     } else {
  3863.         if (((FARPROC) p_crypt_dll_init =
  3864.               GetProcAddress( hCRYPT, "crypt_dll_init" )) == NULL )
  3865.         {
  3866.             rc = GetLastError() ;
  3867.             debug(F111,"K95 Crypt GetProcAddress failed","crypt_dll_init",rc);
  3868.             load_error = 1;
  3869.         }
  3870.         if ( load_error ) {
  3871.             ck_crypt_dll_loaddll_eh();
  3872.             return 0;
  3873.         }
  3874.     }
  3875. #else /* NT */
  3876.     exe_path = GetLoadPath();
  3877.     len = get_dir_len(exe_path);
  3878.     if ( len + strlen(dllname) + 4 > sizeof(path) )
  3879.         return(0);
  3880.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
  3881.     rc = DosLoadModule(fail, sizeof(fail), path, &hCRYPT);
  3882.     if (rc) {
  3883.         debug(F111, "K95 Crypt LoadLibrary failed",fail,rc) ;
  3884.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hCRYPT);
  3885.     }
  3886.     if ( rc ) {
  3887.         debug(F111, "K95 Crypt LoadLibrary failed",fail,rc) ;
  3888.         return(0);
  3889.     } else {
  3890.         debug(F111, "K95 Crypt LoadLibrary success",fail,rc) ;
  3891.         if (rc = DosQueryProcAddr(hCRYPT,0,"crypt_dll_init",(PFN*)&p_crypt_dll_init))
  3892.         {
  3893.             debug(F111,"K95 Crypt GetProcAddress failed","crypt_dll_init",rc);
  3894.             load_error = 1;
  3895.             ck_crypt_dll_loaddll_eh();
  3896.             return 0;
  3897.         }
  3898.     }
  3899. #endif /* NT */
  3900.  
  3901.     init.version = 6;
  3902.     /* Version 1 */
  3903.     init.p_ttol = ttol;
  3904. #ifndef NODEBUG
  3905.     init.p_dodebug = dodebug;
  3906.     init.p_dohexdump = dohexdump;
  3907. #else /* NODEBUG */
  3908.     init.p_dodebug = NULL;
  3909.     init.p_dohexdump = NULL;
  3910. #endif /* NODEBUG */
  3911.     init.p_tn_debug = tn_debug;
  3912.     init.p_vscrnprintf = Vscrnprintf;
  3913.     /* Version 2 */
  3914. #ifdef KRB5
  3915.     init.p_k5_context = &k5_context;
  3916. #else /* KRB5 */
  3917.     init.p_k5_context = NULL;
  3918. #endif /* KRB5 */
  3919.     /* Version 3 */
  3920.     init.p_install_funcs = crypt_install_funcs;
  3921.     /* Version 5 */
  3922.     init.p_reqtelmutex = RequestTelnetMutex;
  3923.     init.p_reltelmutex = ReleaseTelnetMutex;
  3924.     /* Version 6 - adds p_encrypt_dont_support */
  3925.  
  3926.     if (!p_crypt_dll_init) {
  3927.         debug(F110,"K95 Crypt initialization failed",
  3928.               "p_crypt_dll_init is NULL",0);
  3929.         ck_crypt_dll_loaddll_eh();
  3930.         return(0);
  3931.     }
  3932.  
  3933.     debug(F100,"Calling p_crypt_dll_init()","",0);
  3934.     if ( !p_crypt_dll_init(&init) ) {
  3935.         debug(F110,"K95 Crypt initialization failed",
  3936.               "error in crypt init",0);
  3937.         ck_crypt_dll_loaddll_eh();
  3938.         return(0);
  3939.     }
  3940.  
  3941.     if ( p_crypt_dll_init==NULL ||
  3942.          p_encrypt_parse==NULL ||
  3943.          p_encrypt_init==NULL ||
  3944.          p_encrypt_session_key==NULL ||
  3945.          p_encrypt_dont_support==NULL ||
  3946.          p_encrypt_send_support==NULL ||
  3947.          p_encrypt_send_request_start==NULL ||
  3948.          p_encrypt_request_start==NULL ||
  3949.          p_encrypt_send_request_end==NULL ||
  3950.          p_encrypt_send_end==NULL ||
  3951.          p_encrypt_is_encrypting==NULL ||
  3952.          p_encrypt_is_decrypting==NULL ||
  3953.          p_get_crypt_table==NULL ||
  3954.          p_des_is_weak_key==NULL ||
  3955.  
  3956.          libdes_random_key==NULL ||
  3957.          libdes_random_seed==NULL ||
  3958.          libdes_key_sched==NULL ||
  3959.          libdes_ecb_encrypt==NULL ||
  3960.          libdes_string_to_key==NULL ||
  3961.          libdes_fixup_key_parity==NULL ||
  3962.          libdes_pcbc_encrypt==NULL
  3963.          /* p_crypt_dll_version is an optional function */
  3964.          )
  3965.     {
  3966.         debug(F110,"K95 Crypt initialization failed",
  3967.                "not all functions loaded",0);
  3968.         ck_crypt_dll_loaddll_eh();
  3969.         return(0);
  3970.     }
  3971.  
  3972.     encrypt_flag = 1;
  3973.     crypt_dll_loaded = 1;
  3974.     if ( deblog )
  3975.         printf("Encryption DLL Loaded\n");
  3976.     return(1);
  3977. }
  3978.  
  3979. int
  3980. ck_crypt_unloaddll( void )
  3981. {
  3982.     if ( !crypt_dll_loaded )
  3983.         return(1);
  3984.  
  3985.     /* unload dlls */
  3986.     ck_crypt_dll_loaddll_eh();
  3987.  
  3988.     /* success */
  3989.     crypt_dll_loaded = 0;
  3990.     return(1);
  3991. }
  3992. #endif /* CRYPT_DLL */
  3993.  
  3994. static int security_dll_loaded = 0;
  3995.  
  3996. #ifdef NTLM
  3997. #ifdef NT
  3998. /* Where did I get these? */
  3999. #define NTLMSSP_REQUEST_INIT_RESPONSE       0x100000    /* get back session keys  */
  4000. #define NTLMSSP_REQUEST_ACCEPT_RESPONSE     0x200000    /* get back session key, LUID */
  4001. #define NTLMSSP_REQUEST_NON_NT_SESSION_KEY  0x400000    /* request non-nt session keys */
  4002.  
  4003. HINSTANCE hSSPI = NULL;
  4004. #else /* NT */
  4005. NTLM is not supported on non-windows platforms
  4006. #endif /* NT */
  4007.  
  4008. static int sspi_dll_loaded = 0;
  4009. static PSecurityFunctionTable (*p_SSPI_InitSecurityInterface)(void)=NULL;
  4010. static PSecurityFunctionTable p_SSPI_Func = NULL;
  4011. CredHandle hNTLMCred = { 0, 0 };
  4012. static TimeStamp  NTLMTimeStampCred;
  4013. static CtxtHandle hNTLMContext;
  4014. int    haveNTLMContext = 0;
  4015. static SecBufferDesc NTLMSecBufDesc;
  4016. SecBuffer     NTLMSecBuf[1];
  4017. static UCHAR      NTLMBuffer[1024];
  4018. static UCHAR      NTLMBuffer2[1024];
  4019. static SecBufferDesc NTLMInSecBufDesc;
  4020. static SecBuffer     NTLMInSecBuf;
  4021. static UCHAR      NTLMInBuffer[512];
  4022. static ULONG      NTLMContextAttrib;
  4023. static TimeStamp  NTLMTimeStampContext;
  4024. static SECURITY_STATUS ss = SEC_E_OK;
  4025. static PBYTE ntlm_pClientBuf = NULL;
  4026. static PBYTE ntlm_pServerBuf = NULL;
  4027. static DWORD ntlm_cbMaxToken = 0;
  4028.  
  4029.  
  4030. static void
  4031. ck_sspi_loaddll_eh( void )
  4032. {
  4033.     if ( hSSPI ) {
  4034.         FreeLibrary(hSSPI);
  4035.         hSSPI = NULL;
  4036.     }
  4037.  
  4038.     p_SSPI_InitSecurityInterface = NULL;
  4039.     p_SSPI_Func = NULL;
  4040. }
  4041.  
  4042. static int
  4043. ck_ntlm_unloaddll( void )
  4044. {
  4045.     if ( !sspi_dll_loaded )
  4046.         return(1);
  4047.  
  4048.     /* unload dlls */
  4049.     ck_sspi_loaddll_eh();
  4050.  
  4051.     /* success */
  4052.     sspi_dll_loaded = 0;
  4053.     return(1);
  4054. }
  4055.  
  4056. const char *
  4057. sspi_errstr(SECURITY_STATUS ss)
  4058. {
  4059.     switch ( ss ) {
  4060.     case SEC_E_OK:
  4061.         return("OK");
  4062.     case SEC_E_INSUFFICIENT_MEMORY:
  4063.         return("Not enough memory is available to complete this request");
  4064.     case SEC_E_INVALID_HANDLE:
  4065.         return("The handle specified is invalid");
  4066.     case SEC_E_UNSUPPORTED_FUNCTION:
  4067.         return("The function requested is not supported");
  4068.     case SEC_E_TARGET_UNKNOWN:
  4069.         return("The specified target is unknown or unreachable");
  4070.     case SEC_E_INTERNAL_ERROR:
  4071.         return("The Local Security Authority cannot be contacted");
  4072.     case SEC_E_SECPKG_NOT_FOUND:
  4073.         return("The requested security package does not exist");
  4074.     case SEC_E_NOT_OWNER:
  4075.         return("The caller is not the owner of the desired credentials");
  4076.     case SEC_E_CANNOT_INSTALL:
  4077.         return("The security pakage failed to initialize, and cannot be installed");
  4078.     case SEC_E_INVALID_TOKEN:
  4079.         return("The token supplied to the function is invalid");
  4080.     case SEC_E_CANNOT_PACK:
  4081.         return("The security package is not ablle to marshall the logon buffer so the logon attempt has failed");
  4082.     case SEC_E_QOP_NOT_SUPPORTED:
  4083.         return("The per-message Quality of Protection is not supported by the security package");
  4084.     case SEC_E_NO_IMPERSONATION:
  4085.         return("The security context does not allow impersonation of the client");
  4086.     case SEC_E_LOGON_DENIED:
  4087.         return("The logon attempt failed");
  4088.     case SEC_E_UNKNOWN_CREDENTIALS:
  4089.         return("The credentials supplied to the package were not recognized");
  4090.     case SEC_E_NO_CREDENTIALS:
  4091.         return("No credentials are available in the security package");
  4092.     case SEC_E_MESSAGE_ALTERED:
  4093.         return("The message supplied for verification has been altered");
  4094.     case SEC_E_OUT_OF_SEQUENCE:
  4095.         return("The message supplied for verification is out of sequence");
  4096.     case SEC_E_NO_AUTHENTICATING_AUTHORITY:
  4097.         return("No authority could be contacted for authentication");
  4098.     case SEC_I_CONTINUE_NEEDED:
  4099.         return("The function completed successfully, but must be called again to complete the context");
  4100.     case SEC_I_COMPLETE_NEEDED:
  4101.         return("The function completed successfully, but CompleteToken must be called");
  4102.     case SEC_I_COMPLETE_AND_CONTINUE:
  4103.         return("The function completed successfully, but both CompleteToken and this function must be called again");
  4104.     case SEC_I_LOCAL_LOGON:
  4105.         return("The logon was completed, but no network authority was available.  The logon was made using locally known information");
  4106.     case SEC_E_BAD_PKGID:
  4107.         return("The requested security package does not exist");
  4108.     case SEC_E_CONTEXT_EXPIRED:
  4109.         return("The context has expired and can no longer be used");
  4110.     case SEC_E_INCOMPLETE_MESSAGE:
  4111.         return("The supplied message is incomplete.  The signature was not verified");
  4112.     case SEC_E_INCOMPLETE_CREDENTIALS:
  4113.         return("The credentials supplied were not complete, and could not be verified.  The context could not be initialized");
  4114.     case SEC_E_BUFFER_TOO_SMALL:
  4115.         return("The buffers supplied to the function were too small");
  4116.     case SEC_I_INCOMPLETE_CREDENTIALS:
  4117.         return("The credentials supplied were not complete, and could not be verified.  Additional information can be returned from the context");
  4118.     case SEC_I_RENEGOTIATE:
  4119.         return("The context data must be renegotiated with the user");
  4120.     case SEC_E_WRONG_PRINCIPAL:
  4121.         return("The context data must be renegotiated with the peer");
  4122.     default:
  4123.         return("Unknown security error");
  4124.     }
  4125. }
  4126.  
  4127. int
  4128. ck_sspi_loaddll( void )
  4129. {
  4130.     ULONG rc = 0 ;
  4131.     ULONG Packages;              /* receives the number of packages */
  4132.     PSecPkgInfo pPackageInfo;    /* receives array of information   */
  4133.     SECURITY_STATUS ss = SEC_E_NOT_SUPPORTED;
  4134.     int ntlm_found = 0;
  4135.     int load_error = 0;
  4136.  
  4137.  
  4138.     if ( isWin95() )
  4139.         hSSPI = LoadLibrary("SECUR32");
  4140.     else
  4141.         hSSPI = LoadLibrary("SECURITY") ;
  4142.  
  4143.     if ( !hSSPI ) {
  4144.         rc = GetLastError() ;
  4145.         debug(F101, "NTLM LoadLibrary failed","",rc) ;
  4146.         return(0);
  4147.     }
  4148.  
  4149.     /* when we define UNICODE we must load the Unicode version of this function */
  4150.  
  4151.     if (((FARPROC) p_SSPI_InitSecurityInterface =
  4152.           GetProcAddress( hSSPI, "InitSecurityInterfaceA" )) == NULL )
  4153.     {
  4154.         rc = GetLastError() ;
  4155.         debug(F111, "NTLM GetProcAddress failed",
  4156.                "InitSecurityInterfaceA",rc) ;
  4157.         load_error = 1;
  4158.     } else {
  4159.         p_SSPI_Func = p_SSPI_InitSecurityInterface();
  4160.     }
  4161.  
  4162.     if ( !p_SSPI_Func )
  4163.     {
  4164.         rc = GetLastError() ;
  4165.         debug(F101, "NTLM InitSecurityInterface() failed","",rc) ;
  4166.         load_error = 1;
  4167.     } else {
  4168.         ss = p_SSPI_Func->EnumerateSecurityPackages(&Packages,
  4169.                                             &pPackageInfo);
  4170.     }
  4171.  
  4172.     if ( ss != SEC_E_OK )
  4173.     {
  4174.         debug(F101, "NTLM EnumerateSecurityPackages() failed",
  4175.                sspi_errstr(ss),ss) ;
  4176.         load_error = 1;
  4177.     } else {
  4178.         debug(F101,"Microsoft Security Providers","",Packages);
  4179.         for (;Packages--;) {
  4180.             debug(F111,pPackageInfo[Packages].Name,
  4181.                    pPackageInfo[Packages].Comment,
  4182.                    Packages);
  4183.             if ( !strcmp(NTLMSP_NAME_A,pPackageInfo[Packages].Name) ) {
  4184.                 ntlm_found = 1;
  4185.                 ntlm_cbMaxToken = pPackageInfo[Packages].cbMaxToken;
  4186.             }
  4187.         }
  4188.         p_SSPI_Func->FreeContextBuffer(pPackageInfo);
  4189.     }
  4190.  
  4191.     if ( !ntlm_found || load_error ) {
  4192.         debug(F100, "NTLM not installed","",0) ;
  4193.         ck_sspi_loaddll_eh();
  4194.         return 0;
  4195.     }
  4196.  
  4197.     if ( deblog ) {
  4198.         if ( hSSPI )
  4199.             printf("NTLM available\n");
  4200.     }
  4201.     return(1);
  4202.  
  4203. }
  4204.  
  4205. int
  4206. ck_ntlm_is_valid(int query_user) {
  4207.     extern int sstelnet;
  4208.     extern char szUserName[];
  4209.     extern char pwbuf[];
  4210.     extern int  pwflg, pwcrypt;
  4211.  
  4212.     SEC_WINNT_AUTH_IDENTITY AuthIdentity;
  4213.     char prompt[128];
  4214.     char domain[128]="",name[128]="",pwd[128]="", *p;
  4215.     char localuser[128]="";
  4216.     DWORD dw;
  4217.     int len;
  4218.  
  4219.     if ( !p_SSPI_Func || (isWin95() && sstelnet) )
  4220.         return(0);
  4221.  
  4222.     p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
  4223.  
  4224.     if (!sstelnet) {
  4225.         len = strlen(localuser);
  4226.         dw = sizeof(localuser)-len;
  4227.         GetUserName(&localuser[len],&dw);
  4228.  
  4229.         len = strlen(szUserName);
  4230.         if (len > 0 && query_user) {
  4231.             p = szUserName + len - 1;
  4232.             while ( p > szUserName ) {
  4233.                 if ( *p == '\\' || *p == '/' ) {
  4234.                     char q;
  4235.                     /* we found a domain */
  4236.                     ckstrncpy(name,p+1,sizeof(name));
  4237.                     q = *p;
  4238.                     *p = '\0';
  4239.                     ckstrncpy(domain,szUserName,sizeof(domain));
  4240.                     *p = q;
  4241.                 }
  4242.                 p--;
  4243.             }
  4244.  
  4245.             if (!name[0])
  4246.                 ckstrncpy(name,szUserName,sizeof(name));
  4247.  
  4248.             if (pwbuf[0] && pwflg) {
  4249.                 ckstrncpy(pwd,pwbuf,sizeof(pwd));
  4250. #ifdef OS2
  4251.                 if ( pwcrypt )
  4252.                     ck_encrypt((char *)pwd);
  4253. #endif /* OS2 */
  4254.                 if (!domain[0])
  4255.                     strcpy(domain,".");
  4256.             } else {
  4257. #ifdef KUI
  4258.                 struct txtbox tb[3];
  4259.                 int ok;
  4260.  
  4261.                 tb[0].t_buf = domain;
  4262.                 tb[0].t_len = sizeof(domain);
  4263.                 tb[0].t_lbl = "Domain: ";
  4264.                 tb[0].t_dflt = domain;
  4265.                 tb[0].t_echo = 1;
  4266.                 tb[1].t_buf = name;
  4267.                 tb[1].t_len = sizeof(name);
  4268.                 tb[1].t_lbl = "Username: ";
  4269.                 tb[1].t_dflt = name;
  4270.                 tb[1].t_echo = 1;
  4271.                 tb[2].t_buf = pwd;
  4272.                 tb[2].t_len = sizeof(pwd);
  4273.                 tb[2].t_lbl = "Passphrase: ";
  4274.                 tb[2].t_dflt = NULL;
  4275.                 tb[2].t_echo = 2;
  4276.  
  4277.                 ok = uq_mtxt("NTLM Authentication Required\n",
  4278.                               NULL, 3, tb);
  4279.  
  4280. #else /* KUI */
  4281.                 if (!domain[0]) {
  4282.                     ckmakmsg(prompt,sizeof(prompt),name,"'s NTLM Domain: ",NULL,NULL);
  4283.                     readtext(prompt,domain,sizeof(domain));
  4284.                 }
  4285.  
  4286.                 if (domain[0]) {
  4287.                     ckmakmsg(prompt,sizeof(prompt),domain,"\\",name,"'s NTLM password: ");
  4288.                 } else {
  4289.                     ckmakmsg(prompt,sizeof(prompt),name,"'s NTLM password: ",NULL,NULL);
  4290.                     strcpy(domain,".");
  4291.                 }
  4292.                 readpass(prompt,pwd,sizeof(pwd));
  4293. #endif /* KUI */
  4294.             }
  4295.  
  4296.             ZeroMemory( &AuthIdentity, sizeof(AuthIdentity) );
  4297.             AuthIdentity.Domain = domain;
  4298.             AuthIdentity.DomainLength = lstrlen(domain);
  4299.             AuthIdentity.User = name;
  4300.             AuthIdentity.UserLength = lstrlen(name);
  4301.             AuthIdentity.Password = pwd;
  4302.             AuthIdentity.PasswordLength = lstrlen(pwd);
  4303.             AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
  4304.         }
  4305.     }
  4306.  
  4307.     ss = p_SSPI_Func->
  4308.         AcquireCredentialsHandle( NULL,
  4309.                                   NTLMSP_NAME_A,
  4310.                                   sstelnet?
  4311.                                     SECPKG_CRED_INBOUND:
  4312.                                     SECPKG_CRED_OUTBOUND,
  4313.                                   NULL,
  4314.                                   (!sstelnet && query_user && szUserName[0]) ?
  4315.                                   &AuthIdentity : NULL,
  4316.                                   NULL,
  4317.                                   NULL,
  4318.                                   (PCredHandle) &hNTLMCred,
  4319.                                   &NTLMTimeStampCred);
  4320.     debug(F111,"ck_ntlm_is_valid AcquireCredentialsHandle",sspi_errstr(ss),ss);
  4321.     return(ss == SEC_E_OK);
  4322. }
  4323.  
  4324. void
  4325. ntlm_reject(int how) {
  4326.     unsigned char buf[12];
  4327.  
  4328.     sprintf(buf, "%c%c%c%c%c%c%c%c%c",
  4329.              IAC, SB, TELOPT_AUTHENTICATION,
  4330.              TELQUAL_IS,
  4331.              authentication_version,
  4332.              how,
  4333.              NTLM_REJECT, IAC, SE);
  4334.     if (deblog || tn_deb || debses) {
  4335.         int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
  4336.         ckmakxmsg(tn_msg,TN_MSG_LEN,
  4337.                   "TELNET SENT SB ", TELOPT(TELOPT_AUTHENTICATION),
  4338.                    " IS ", AUTHTYPE_NAME(authentication_version),
  4339.                    " ", AUTHMODE_NAME(mode),
  4340.                    " NTLM_REJECT IAC SE",
  4341.                    NULL,NULL,NULL,NULL,NULL
  4342.                    );
  4343.         debug(F100,tn_msg,"",0);
  4344.         if (tn_deb || debses) tn_debug(tn_msg);
  4345.     }
  4346. #ifdef OS2
  4347.     RequestTelnetMutex( SEM_INDEFINITE_WAIT );
  4348. #endif
  4349.     ttol((char *)buf, 9);
  4350. #ifdef OS2
  4351.     ReleaseTelnetMutex();
  4352. #endif
  4353. }
  4354.  
  4355. int
  4356. ntlm_auth_send() {
  4357.     DWORD context_requirements = 0;
  4358.  
  4359.     if ( !p_SSPI_Func ) {
  4360.         debug(F110,"ntlm_auth_send() failed","NTLM not installed",0);
  4361.         return(-1);
  4362.     }
  4363.  
  4364.     //
  4365.     // Set up the Buffer Descriptor
  4366.     //
  4367.     NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
  4368.     NTLMSecBufDesc.cBuffers = 1;
  4369.     NTLMSecBufDesc.pBuffers = NTLMSecBuf;
  4370.  
  4371.     NTLMSecBuf[0].cbBuffer = 1024;
  4372.     NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
  4373.     NTLMSecBuf[0].pvBuffer = NTLMBuffer;
  4374.  
  4375.     p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  4376.     memset(&hNTLMContext,0,sizeof(hNTLMContext));
  4377.     memset(&NTLMContextAttrib,0,sizeof(NTLMContextAttrib));
  4378.     memset(&NTLMTimeStampContext,0,sizeof(NTLMTimeStampContext));
  4379.  
  4380.     if ( !isWin95() ) {
  4381.         context_requirements =
  4382. #ifdef COMMENT
  4383.             ISC_REQ_USE_DCE_STYLE |
  4384.             ISC_REQ_DELEGATE |
  4385.             ISC_REQ_MUTUAL_AUTH |
  4386.             ISC_REQ_REPLAY_DETECT |
  4387.             ISC_REQ_SEQUENCE_DETECT |
  4388.             ISC_REQ_CONFIDENTIALITY |
  4389.             ISC_REQ_CONNECTION |
  4390.             ISC_REQ_USE_SESSION_KEY |
  4391.             ISC_REQ_EXTENDED_ERROR |
  4392.             NTLMSSP_REQUEST_INIT_RESPONSE |
  4393.             NTLMSSP_REQUEST_ACCEPT_RESPONSE |
  4394.             NTLMSSP_REQUEST_NON_NT_SESSION_KEY,
  4395. #else
  4396.             ISC_REQ_USE_DCE_STYLE |
  4397.             ISC_REQ_DELEGATE |
  4398.             ISC_REQ_MUTUAL_AUTH |
  4399.             ISC_REQ_REPLAY_DETECT |
  4400.             ISC_REQ_SEQUENCE_DETECT |
  4401.             ISC_REQ_CONFIDENTIALITY |
  4402.             ISC_REQ_CONNECTION |
  4403.             ISC_REQ_USE_SESSION_KEY |
  4404.             ISC_REQ_EXTENDED_ERROR
  4405. #endif
  4406.                 ;
  4407.     }
  4408.  
  4409.     ss = p_SSPI_Func->InitializeSecurityContext(&hNTLMCred,
  4410.                 0,
  4411.                 NULL,
  4412.                 context_requirements,
  4413.                 0,
  4414.                 SECURITY_NETWORK_DREP,
  4415.                 0,
  4416.                 0,
  4417.                 &hNTLMContext,
  4418.                 &NTLMSecBufDesc,
  4419.                 &NTLMContextAttrib,
  4420.                 &NTLMTimeStampContext);
  4421.     debug(F111,"ntlm_auth_send() InitializeSecurityContext",
  4422.            sspi_errstr(ss),ss);
  4423.  
  4424.     hexdump("ntlm_auth_send() InitializeSecurityContext Context Requirements",
  4425.            &context_requirements,sizeof(context_requirements));
  4426.     hexdump("ntlm_auth_send() InitializeSecurityContext Context Attributes",
  4427.            &NTLMContextAttrib,sizeof(NTLMContextAttrib));
  4428.  
  4429.     switch ( ss ) {
  4430.     case SEC_E_OK:
  4431.     case SEC_I_CONTINUE_NEEDED:
  4432.     case SEC_I_COMPLETE_AND_CONTINUE:
  4433.         break;
  4434.     default:
  4435.         printf("ISC: %s\n",sspi_errstr(ss));
  4436.         debug(F111,"ntlm_auth_send() failed",
  4437.                sspi_errstr(ss),ss);
  4438.         return(-1);
  4439.     }
  4440.  
  4441.     debug(F111,"ntlm_auth_send sending","NTLMSecBuf[0].cbBuffer",
  4442.            NTLMSecBuf[0].cbBuffer);
  4443.     debug(F111,"ntlm_auth_send sending","NTLMSecBuf[0].BufferType",
  4444.            NTLMSecBuf[0].BufferType);
  4445.     hexdump("ntlm_auth_send sending NTLMSecBuf[0].pvBuffer",
  4446.              NTLMSecBuf[0].pvBuffer,
  4447.              NTLMSecBuf[0].cbBuffer);
  4448.  
  4449.     /* The rest of the work is continued in auth_send() */
  4450.     return(0);
  4451. }
  4452.  
  4453. int
  4454. #ifdef CK_ANSIC
  4455. ntlm_reply(int how, unsigned char *data, int cnt)
  4456. #else
  4457. ntlm_reply(how,data,cnt) int how; unsigned char *data; int cnt;
  4458. #endif
  4459. {
  4460.     DWORD context_requirements = 0;
  4461.     unsigned char buf[512], *p;
  4462.     int length = 0, iaccnt = 0, i;
  4463.  
  4464.     data += 4;                          /* Point to status byte */
  4465.     cnt  -= 4;
  4466.  
  4467.     if(cnt < 8  && ss != SEC_E_OK) {
  4468.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  4469.         p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
  4470.  
  4471.         ntlm_reject(how);
  4472.         auth_finished(AUTH_REJECT);
  4473.         return(AUTH_FAILURE);
  4474.     }
  4475.  
  4476.     if ( !isWin95() ) {
  4477.         context_requirements =
  4478. #ifdef COMMENT
  4479.                 ISC_REQ_USE_DCE_STYLE |
  4480.                 ISC_REQ_DELEGATE |
  4481.                 ISC_REQ_MUTUAL_AUTH |
  4482.                 ISC_REQ_REPLAY_DETECT |
  4483.                 ISC_REQ_SEQUENCE_DETECT |
  4484.                 ISC_REQ_CONFIDENTIALITY |
  4485.                 ISC_REQ_CONNECTION |
  4486.                 ISC_REQ_USE_SESSION_KEY |
  4487.                 ISC_REQ_EXTENDED_ERROR |
  4488.                 NTLMSSP_REQUEST_INIT_RESPONSE |
  4489.                 NTLMSSP_REQUEST_ACCEPT_RESPONSE |
  4490.                 NTLMSSP_REQUEST_NON_NT_SESSION_KEY
  4491. #else
  4492.                 ISC_REQ_USE_DCE_STYLE |
  4493.                 ISC_REQ_DELEGATE |
  4494.                 ISC_REQ_MUTUAL_AUTH |
  4495.                 ISC_REQ_REPLAY_DETECT |
  4496.                 ISC_REQ_SEQUENCE_DETECT |
  4497.                 ISC_REQ_CONFIDENTIALITY |
  4498.                 ISC_REQ_CONNECTION |
  4499.                 ISC_REQ_USE_SESSION_KEY |
  4500.                 ISC_REQ_EXTENDED_ERROR
  4501. #endif
  4502.                     ;
  4503.     }
  4504.  
  4505.     cnt--;
  4506.     switch(*data++) {
  4507.     case 1:     /* CONTINUE */
  4508.         memcpy(buf,data,cnt);
  4509.         p = buf;
  4510.  
  4511.         NTLMInSecBufDesc.ulVersion = SECBUFFER_VERSION;
  4512.         NTLMInSecBufDesc.cBuffers = 1;
  4513.         NTLMInSecBufDesc.pBuffers = &NTLMInSecBuf;
  4514.  
  4515.         p = (unsigned char *)&NTLMInSecBuf.cbBuffer;
  4516.         p[0] = *data++;
  4517.         p[1] = *data++;
  4518.         p[2] = *data++;
  4519.         p[3] = *data++;
  4520.  
  4521.         p = (unsigned char *)&NTLMInSecBuf.BufferType;
  4522.         p[0] = *data++;
  4523.         p[1] = *data++;
  4524.         p[2] = *data++;
  4525.         p[3] = *data++;
  4526.  
  4527.         NTLMInSecBuf.pvBuffer = data;
  4528.  
  4529.         NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
  4530.         NTLMSecBufDesc.cBuffers = 1;
  4531.         NTLMSecBufDesc.pBuffers = NTLMSecBuf;
  4532.  
  4533.         NTLMSecBuf[0].cbBuffer = 1024;
  4534.         NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
  4535.         NTLMSecBuf[0].pvBuffer = NTLMBuffer;
  4536.  
  4537.         debug(F111,"ntlm_reply received","NTLMInSecBuf.cbBuffer",
  4538.                NTLMSecBuf[0].cbBuffer);
  4539.         debug(F111,"ntlm_reply received","NTLMInSecBuf.BufferType",
  4540.                NTLMSecBuf[0].BufferType);
  4541.         hexdump("ntlm_reply received NTLMInSecBuf[0].pvBuffer",
  4542.                  NTLMInSecBuf.pvBuffer,
  4543.                  NTLMInSecBuf.cbBuffer);
  4544.  
  4545.  
  4546.         ss = p_SSPI_Func->InitializeSecurityContext(0,
  4547.                 &hNTLMContext,
  4548.                 0,
  4549.                 context_requirements,
  4550.                 0,
  4551.                 SECURITY_NETWORK_DREP,
  4552.                 &NTLMInSecBufDesc,
  4553.                 0,
  4554.                 &hNTLMContext,
  4555.                 &NTLMSecBufDesc,
  4556.                 &NTLMContextAttrib,
  4557.                 &NTLMTimeStampContext);
  4558.         debug(F111,"ntlm_reply InitializeSecurityContext",sspi_errstr(ss),ss);
  4559.  
  4560.         hexdump("ntlm_reply() InitializeSecurityContext Context Requirements",
  4561.                  &context_requirements,sizeof(context_requirements));
  4562.         hexdump("ntlm_reply() InitializeSecurityContext Context Attributes",
  4563.                  &NTLMContextAttrib,sizeof(NTLMContextAttrib));
  4564.  
  4565.  
  4566.         switch ( ss ) {
  4567.         case SEC_E_OK:
  4568.         case SEC_I_CONTINUE_NEEDED:
  4569.         case SEC_I_COMPLETE_AND_CONTINUE:
  4570.             break;
  4571.         default:
  4572.             debug(F111,"ntlm_auth_reply() failed",sspi_errstr(ss),ss);
  4573.             p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  4574.             p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
  4575.  
  4576.             ntlm_reject(how);
  4577.             auth_finished(AUTH_REJECT);
  4578.             return(AUTH_FAILURE);
  4579.         }
  4580.  
  4581.         sprintf(buf, "%c%c%c%c%c%c%c",
  4582.                  IAC, SB, TELOPT_AUTHENTICATION,
  4583.                  TELQUAL_IS,
  4584.                  authentication_version,
  4585.                  how,
  4586.                  NTLM_RESPONSE);                        /* safe */
  4587.  
  4588.         debug(F111,"ntlm_reply sending","NTLMSecBuf[0].cbBuffer",
  4589.                NTLMSecBuf[0].cbBuffer);
  4590.         debug(F111,"ntlm_reply sending","NTLMSecBuf[0].BufferType",
  4591.                NTLMSecBuf[0].BufferType);
  4592.         hexdump("ntlm_reply sending NTLMSecBuf[0].pvBuffer",
  4593.                  NTLMSecBuf[0].pvBuffer,
  4594.                  NTLMSecBuf[0].cbBuffer);
  4595.  
  4596.         for ( i=0 ; i<NTLMSecBuf[0].cbBuffer ; i++ ) {
  4597.             if ( ((char *)NTLMSecBuf[0].pvBuffer)[i] == IAC )
  4598.                 iaccnt++;
  4599.         }
  4600.  
  4601.         if ( NTLMSecBuf[0].cbBuffer + 2 * sizeof(ULONG) + 10 + iaccnt <
  4602.              sizeof(buf) ) {
  4603.             length = copy_for_net(&buf[7], (char *) &NTLMSecBuf[0],
  4604.                                    2*sizeof(ULONG));
  4605.             length += copy_for_net(&buf[7+length], NTLMSecBuf[0].pvBuffer,
  4606.                                     NTLMSecBuf[0].cbBuffer);
  4607.         }
  4608.         sprintf(&buf[7+length], "%c%c", IAC, SE);       /* safe */
  4609.  
  4610.         if (deblog || tn_deb || debses) {
  4611.             int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
  4612.             ckmakxmsg(tn_msg,TN_MSG_LEN,"TELNET SENT SB ",
  4613.                        TELOPT(TELOPT_AUTHENTICATION)," IS ",
  4614.                        AUTHTYPE_NAME(authentication_version)," ",
  4615.                        AUTHMODE_NAME(mode), " NTLM_RESPONSE ",
  4616.                        NULL,NULL,NULL,NULL,NULL );
  4617.             tn_hex(tn_msg,TN_MSG_LEN,&buf[7],length);
  4618.             ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
  4619.             debug(F100,tn_msg,"",0);
  4620.             if (tn_deb || debses) tn_debug(tn_msg);
  4621.         }
  4622. #ifdef OS2
  4623.         RequestTelnetMutex( SEM_INDEFINITE_WAIT );
  4624. #endif
  4625.         ttol((char *)buf, length+9);
  4626. #ifdef OS2
  4627.         ReleaseTelnetMutex();
  4628. #endif
  4629.         break;
  4630.     case NTLM_ACCEPT:     /* ACCEPT */
  4631.         auth_finished(AUTH_VALID);
  4632.         accept_complete = 1;
  4633.         return AUTH_SUCCESS;
  4634.     case NTLM_REJECT:     /* REJECT */
  4635.         if (cnt > 0) {
  4636.             data[cnt] = '\0';
  4637.             ckmakmsg(strTmp,sizeof(strTmp),"NTLM refuses authentication (",
  4638.                      data,")\r\n",NULL);
  4639.         } else {
  4640.             sprintf(strTmp,"NTLM refuses authentication\r\n");
  4641.         }
  4642.         printf("NTLM authentication failed!\r\n%s\r\n",strTmp);
  4643.  
  4644.     default:
  4645.         auth_finished(AUTH_REJECT);
  4646.         accept_complete = 1;
  4647.         return AUTH_FAILURE;
  4648.         break;
  4649.     }
  4650.  
  4651. #ifdef COMMENT
  4652.     if ( ss == SEC_E_OK ) {
  4653.  
  4654.         SecPkgContext_Sizes sizes;
  4655.         SecPkgContext_Names names;
  4656.         SecPkgContext_Lifespan lifespan;
  4657.         SecPkgContext_DceInfo dce;
  4658.         SecPkgContext_StreamSizes stream;
  4659.         SecPkgContext_Authority authority;
  4660.         SecPkgContext_KeyInfo keyinfo;
  4661.         SecPkgContext_ProtoInfo proto;
  4662.         SecPkgContext_PasswordExpiry pwd;
  4663.         SecPkgContext_SessionKey skey;
  4664.         SecPkgContext_PackageInfo pkginf;
  4665.  
  4666.         /* The Server has now authenticated the Client's User */
  4667.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SIZES,&sizes);
  4668.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_SIZES",sspi_errstr(ss),ss);
  4669.  
  4670.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_NAMES,&names);
  4671.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_NAMES",sspi_errstr(ss),ss);
  4672.  
  4673.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_LIFESPAN,&lifespan);
  4674.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_LIFESPAN",sspi_errstr(ss),ss);
  4675.  
  4676.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_DCE_INFO,&dce);
  4677.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_DCE_INFO",sspi_errstr(ss),ss);
  4678.  
  4679.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_STREAM_SIZES,&stream);
  4680.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_STREAM_SIZES",sspi_errstr(ss),ss);
  4681.  
  4682.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_KEY_INFO,&keyinfo);
  4683.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_KEY_INFO",sspi_errstr(ss),ss);
  4684.  
  4685.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_AUTHORITY,&authority);
  4686.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_AUTHORITY",sspi_errstr(ss),ss);
  4687.  
  4688.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PROTO_INFO,&proto);
  4689.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PROTO_INFO",sspi_errstr(ss),ss);
  4690.  
  4691.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PASSWORD_EXPIRY,&pwd);
  4692.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PASSWORD_EXPIRY",sspi_errstr(ss),ss);
  4693.  
  4694.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SESSION_KEY,&skey);
  4695.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_SESSION_KEY",sspi_errstr(ss),ss);
  4696.  
  4697.         ss = p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PACKAGE_INFO,&pkginf);
  4698.         debug(F111,"SSPI QueryConextAttributes SECPKG_ATTR_PACKAGE_INFO",sspi_errstr(ss),ss);
  4699.         ss = SEC_E_OK;
  4700.     }
  4701. #endif /* COMMENT */
  4702.  
  4703.     return AUTH_SUCCESS;
  4704. }
  4705.  
  4706. int
  4707. ntlm_impersonate()
  4708. {
  4709.     if ( p_SSPI_Func ) {
  4710.         ss = p_SSPI_Func->ImpersonateSecurityContext( &hNTLMContext );
  4711.         debug(F111,"ntlm_impersonate() ImpersonateSecurityContext","ss",ss);
  4712.         return(ss == SEC_E_OK);
  4713.     }
  4714.     return(0);
  4715. }
  4716.  
  4717. int
  4718. ntlm_revert()
  4719. {
  4720.     if ( p_SSPI_Func ) {
  4721.         ss = p_SSPI_Func->RevertSecurityContext( &hNTLMContext );
  4722.         debug(F111,"ntlm_revert() RevertSecurityContext","ss",ss);
  4723.         return(ss == SEC_E_OK);
  4724.     }
  4725.     return(0);
  4726. }
  4727.  
  4728. int
  4729. #ifdef CK_ANSIC
  4730. ntlm_is(unsigned char *data, int cnt)
  4731. #else
  4732. ntlm_is(data,cnt) unsigned char *data; int cnt;
  4733. #endif
  4734. {
  4735.     DWORD context_requirements = 0;
  4736.     unsigned char buf[512], *p;
  4737.     int length = 0;
  4738.     int round = -1;
  4739.     int i, iaccnt = 0;
  4740.  
  4741.     data += 4;                          /* Point to status byte */
  4742.     cnt  -= 4;
  4743.  
  4744.     if (cnt < 8) {
  4745.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  4746.         p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
  4747.         ntlm_reject(auth_how);
  4748.         auth_finished(AUTH_REJECT);
  4749.         return(AUTH_FAILURE);
  4750.     }
  4751.  
  4752.     cnt--;
  4753.     round = *data++;
  4754.     debug(F111,"ntlm_is","round",round);
  4755.     switch(round) {
  4756.     case 0:
  4757.     case 2:
  4758.         NTLMInSecBufDesc.ulVersion = 0;
  4759.         NTLMInSecBufDesc.cBuffers = 1;
  4760.         NTLMInSecBufDesc.pBuffers = &NTLMInSecBuf;
  4761.  
  4762.         p = (unsigned char *)&NTLMInSecBuf.cbBuffer;
  4763.         p[0] = *data++;
  4764.         p[1] = *data++;
  4765.         p[2] = *data++;
  4766.         p[3] = *data++;
  4767.         cnt -= 4;
  4768.         debug(F111,"ntlm_is","NTLMInSecBuf.cbBuffer",NTLMInSecBuf.cbBuffer);
  4769.  
  4770.         p = (unsigned char *)&NTLMInSecBuf.BufferType;
  4771.         p[0] = *data++;
  4772.         p[1] = *data++;
  4773.         p[2] = *data++;
  4774.         p[3] = *data++;
  4775.         cnt -= 4;
  4776.         debug(F111,"ntlm_is","NTLMInSecBuf.BufferType",NTLMInSecBuf.BufferType);
  4777.  
  4778.         hexdump("ntlm_is received NTLMInSecBuf.pvBuffer",data,cnt);
  4779.         NTLMInSecBuf.pvBuffer = data;
  4780.  
  4781.         NTLMSecBufDesc.ulVersion = SECBUFFER_VERSION;
  4782.         NTLMSecBufDesc.cBuffers = 1;
  4783.         NTLMSecBufDesc.pBuffers = NTLMSecBuf;
  4784.  
  4785.         NTLMSecBuf[0].cbBuffer = 1024;
  4786.         NTLMSecBuf[0].BufferType = SECBUFFER_TOKEN;
  4787.         NTLMSecBuf[0].pvBuffer = NTLMBuffer;
  4788.  
  4789.         if ( !isWin95() ) {
  4790.             context_requirements =
  4791. #ifdef COMMENT
  4792.                                    ASC_REQ_USE_DCE_STYLE |
  4793.                                    ASC_REQ_DELEGATE |
  4794.                                    ASC_REQ_MUTUAL_AUTH |
  4795.                                    ASC_REQ_REPLAY_DETECT |
  4796.                                    ASC_REQ_SEQUENCE_DETECT |
  4797.                                    ASC_REQ_CONFIDENTIALITY |
  4798.                                    ASC_REQ_CONNECTION |
  4799.                                    ASC_REQ_USE_SESSION_KEY |
  4800.                                    ASC_REQ_EXTENDED_ERROR |
  4801.                                    NTLMSSP_REQUEST_INIT_RESPONSE |
  4802.                                    NTLMSSP_REQUEST_ACCEPT_RESPONSE |
  4803.                                    NTLMSSP_REQUEST_NON_NT_SESSION_KEY
  4804. #else
  4805.                                    ASC_REQ_USE_DCE_STYLE |
  4806.                                    ASC_REQ_MUTUAL_AUTH |
  4807.                                    ASC_REQ_DELEGATE |
  4808.                                    ASC_REQ_SEQUENCE_DETECT |
  4809.                                    ASC_REQ_CONFIDENTIALITY |
  4810.                                    ASC_REQ_CONNECTION |
  4811.                                    ASC_REQ_USE_SESSION_KEY |
  4812.                                    ASC_REQ_EXTENDED_ERROR
  4813. #endif
  4814.                                        ;
  4815.         }
  4816.  
  4817.         ss = p_SSPI_Func->
  4818.             AcceptSecurityContext(
  4819. #ifdef COMMENT
  4820.                                    round == 0 ? &hNTLMCred : 0,
  4821. #else COMMENT
  4822.                                    &hNTLMCred,
  4823. #endif /* COMMENT */
  4824.                                    round == 2 ? &hNTLMContext : 0,
  4825.                                    &NTLMInSecBufDesc,
  4826.                                    context_requirements,
  4827.                                    SECURITY_NETWORK_DREP,
  4828.                                    &hNTLMContext,
  4829.                                    &NTLMSecBufDesc,
  4830.                                    &NTLMContextAttrib,
  4831.                                    &NTLMTimeStampContext);
  4832.  
  4833.         hexdump("ntlm_is() AcceptSecurityContext Context Requirements",
  4834.                  &context_requirements,sizeof(context_requirements));
  4835.         hexdump("ntlm_is() AcceptSecurityContext Context Attributes",
  4836.                  &NTLMContextAttrib,sizeof(NTLMContextAttrib));
  4837.  
  4838.         debug(F111,"ntlm_is AcceptSecurityContext",sspi_errstr(ss),ss);
  4839.         switch ( ss ) {
  4840.         case SEC_I_CONTINUE_NEEDED:
  4841.         case SEC_I_COMPLETE_AND_CONTINUE:
  4842.             sprintf(buf, "%c%c%c%c%c%c%c",
  4843.                      IAC, SB, TELOPT_AUTHENTICATION,
  4844.                      TELQUAL_REPLY,
  4845.                      authentication_version,
  4846.                      auth_how,
  4847.                      NTLM_CHALLENGE);                   /* safe */
  4848.  
  4849.             for ( i=0 ; i<NTLMSecBuf[0].cbBuffer ; i++ ) {
  4850.                 if ( ((char *)NTLMSecBuf[0].pvBuffer)[i] == IAC )
  4851.                     iaccnt++;
  4852.             }
  4853.             if ( NTLMSecBuf[0].cbBuffer + 2*sizeof(ULONG) + iaccnt + 10 <
  4854.                  sizeof(buf)) {
  4855.                 debug(F111,"ntlm_is sending","NTLMSecBuf[0].cbBuffer",
  4856.                          NTLMSecBuf[0].cbBuffer);
  4857.                 debug(F111,"ntlm_is sending","NTLMSecBuf[0].BufferType",
  4858.                          NTLMSecBuf[0].BufferType);
  4859.                 length = copy_for_net(&buf[7], (char *) &NTLMSecBuf[0],
  4860.                                        2*sizeof(ULONG));
  4861.                 hexdump("ntlm_is sending NTLMSecBuf[0].pvBuffer",NTLMSecBuf[0].pvBuffer,
  4862.                                         NTLMSecBuf[0].cbBuffer);
  4863.                 length += copy_for_net(&buf[7+length], NTLMSecBuf[0].pvBuffer,
  4864.                                         NTLMSecBuf[0].cbBuffer);
  4865.             }
  4866.             break;
  4867.         case SEC_E_OK:
  4868.             ss = p_SSPI_Func->ImpersonateSecurityContext( &hNTLMContext );
  4869.             debug(F111,"ntlm_is ImpersonateSecurityContext",sspi_errstr(ss),ss);
  4870.             if ( ss == SEC_E_OK ) {
  4871.                 sprintf(buf, "%c%c%c%c%c%c%c",
  4872.                          IAC, SB, TELOPT_AUTHENTICATION,
  4873.                          TELQUAL_REPLY,
  4874.                          authentication_version,
  4875.                          auth_how,
  4876.                          NTLM_ACCEPT);                  /* safe */
  4877.  
  4878.                 ss = p_SSPI_Func->RevertSecurityContext( &hNTLMContext );
  4879.                 debug(F111,"ntlm_is RevertSecurityContext",sspi_errstr(ss),ss);
  4880.                 break;
  4881.             }
  4882.             /* If there was an error Impersonating, fall through */
  4883.         default:
  4884.             printf("?NTLM Accept failed: %s\r\n",sspi_errstr(ss));
  4885.             p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  4886.             p_SSPI_Func->FreeCredentialHandle( &hNTLMCred );
  4887.             length = strlen(sspi_errstr(ss));
  4888.             if ( length + 10 >= sizeof(buf) )
  4889.                 length = 0;
  4890.             sprintf(buf, "%c%c%c%c%c%c%c%s",
  4891.                      IAC, SB, TELOPT_AUTHENTICATION,
  4892.                      TELQUAL_REPLY,
  4893.                      authentication_version,
  4894.                      auth_how,
  4895.                      NTLM_REJECT,
  4896.                      (length ? sspi_errstr(ss) : ""));  /* safe */
  4897.         }
  4898.         sprintf(&buf[7+length], "%c%c", IAC, SE);       /* safe */
  4899.  
  4900.         if (deblog || tn_deb || debses) {
  4901.             int i;
  4902.             int mode = AUTH_CLIENT_TO_SERVER | (auth_how & AUTH_HOW_MASK);
  4903.             char * s = NULL;
  4904.  
  4905.             switch (buf[6]) {
  4906.             case NTLM_CHALLENGE:
  4907.                 s = "NTLM_CHALLENGE";
  4908.                 break;
  4909.             case NTLM_ACCEPT:
  4910.                 s = "NTLM_ACCEPT";
  4911.                 break;
  4912.             case NTLM_REJECT:
  4913.                 s = "NTLM_REJECT";
  4914.                 break;
  4915.             }
  4916.             ckmakxmsg(tn_msg,TN_MSG_LEN,
  4917.                       "TELNET SENT SB ", TELOPT(TELOPT_AUTHENTICATION),
  4918.                        " REPLY ", AUTHTYPE_NAME(authentication_version),
  4919.                        " ", AUTHMODE_NAME(mode),
  4920.                        " ", s," ",
  4921.                        NULL,NULL,NULL);
  4922.             tn_hex(tn_msg,TN_MSG_LEN,&buf[7],length);
  4923.             ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN);
  4924.             debug(F100,tn_msg,"",0);
  4925.             if (tn_deb || debses) tn_debug(tn_msg);
  4926.         }
  4927. #ifdef OS2
  4928.         RequestTelnetMutex( SEM_INDEFINITE_WAIT );
  4929. #endif
  4930.         ttol((char *)buf, length+9);
  4931. #ifdef OS2
  4932.         ReleaseTelnetMutex();
  4933. #endif
  4934.     }
  4935.  
  4936.     switch (buf[6]) {
  4937.     case NTLM_ACCEPT: {
  4938.         char * p;
  4939.         SecPkgContext_Sizes sizes;
  4940.         SecPkgContext_Names names;
  4941.         SecPkgContext_Lifespan lifespan;
  4942.         SecPkgContext_DceInfo dce;
  4943.         SecPkgContext_StreamSizes stream;
  4944.         SecPkgContext_Authority authority;
  4945.         SecPkgContext_KeyInfo keyinfo;
  4946.         SecPkgContext_ProtoInfo proto;
  4947.         SecPkgContext_PasswordExpiry pwd;
  4948.         SecPkgContext_SessionKey skey;
  4949.         SecPkgContext_PackageInfo pkginf;
  4950. #ifdef IKSD
  4951.         extern CHAR * pReferenceDomainName;
  4952.         extern int inserver;
  4953. #endif /* IKSD */
  4954.  
  4955.         /* The Server has now authenticated the Client's User */
  4956.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SIZES,&sizes);
  4957.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_NAMES,&names);
  4958.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_LIFESPAN,&lifespan);
  4959.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_DCE_INFO,&dce);
  4960.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_STREAM_SIZES,&stream);
  4961.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_KEY_INFO,&keyinfo);
  4962.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_AUTHORITY,&authority);
  4963.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PROTO_INFO,&proto);
  4964.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PASSWORD_EXPIRY,&pwd);
  4965.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_SESSION_KEY,&skey);
  4966.         p_SSPI_Func->QueryContextAttributes(&hNTLMContext,SECPKG_ATTR_PACKAGE_INFO,&pkginf);
  4967.  
  4968. #ifdef IKSD
  4969.         /* Format of sUserName is HOST\user or DOMAIN\user */
  4970.         if ( !inserver ) {
  4971.             p = names.sUserName + strlen(names.sUserName);
  4972.             while ( p != names.sUserName ) {
  4973.                 if ( *p == '\\' ) {
  4974.                     *p = '\0';
  4975.                     makestr(&pReferenceDomainName,names.sUserName);
  4976.                     *p = '\\';
  4977.                     p++;
  4978.                     break;
  4979.                 }
  4980.                 p--;
  4981.             }
  4982.         } else
  4983. #endif /* IKSD */
  4984.         {
  4985.             /* Let the Reference Domain Name be extracted by zvuser() */
  4986.             /* if we are running as IKSD */
  4987.             p = names.sUserName;
  4988.         }
  4989.         ckstrncpy(szUserNameRequested,p,UIDBUFLEN);
  4990.         cklower(szUserNameRequested);
  4991.         ckstrncpy(szUserNameAuthenticated,names.sUserName,UIDBUFLEN);
  4992.  
  4993.         auth_finished(AUTH_VALID);
  4994.         accept_complete = 1;
  4995.         return AUTH_SUCCESS;
  4996.     }
  4997.     case NTLM_REJECT:
  4998.         auth_finished(AUTH_REJECT);
  4999.         return(AUTH_FAILURE);
  5000.     case NTLM_CHALLENGE:
  5001.         return AUTH_SUCCESS;
  5002.     }
  5003.     return AUTH_FAILURE;
  5004. }
  5005.  
  5006. /* The following code is used to implement the SSPLogonUser() function */
  5007.  
  5008. // structure storing the state of the authentication sequence
  5009. //
  5010. int SSPLogonError = SEC_E_OK;
  5011.  
  5012. typedef struct _AUTH_SEQ {
  5013.     BOOL _fNewConversation;
  5014.     CredHandle _hcred;
  5015.     BOOL _fHaveCredHandle;
  5016.     BOOL _fHaveCtxtHandle;
  5017.     struct _SecHandle  _hctxt;
  5018. } AUTH_SEQ, *PAUTH_SEQ;
  5019.  
  5020.  
  5021. typedef struct _node_tag  {
  5022.     DWORD dwKey;
  5023.     PVOID *pData;
  5024.     struct _node_tag *pNext;
  5025. } NODE, *PNODE;
  5026.  
  5027. static NODE Head = {(DWORD)-1, NULL, NULL};
  5028.  
  5029. BOOL GetEntry (DWORD dwKey, PVOID *ppData)
  5030. {
  5031.     PNODE pCurrent;
  5032.  
  5033.     pCurrent = Head.pNext;
  5034.     while (NULL != pCurrent) {
  5035.         if (dwKey == pCurrent->dwKey)  {
  5036.             *ppData = pCurrent->pData;
  5037.             return(TRUE);
  5038.         }
  5039.         pCurrent = pCurrent->pNext;
  5040.     }
  5041.  
  5042.     return(FALSE);
  5043. }
  5044.  
  5045. BOOL AddEntry (DWORD dwKey, PVOID pData)
  5046. {
  5047.     PNODE pTemp;
  5048.  
  5049.     pTemp = (PNODE) malloc (sizeof (NODE));
  5050.     if (NULL == pTemp)  {
  5051.         return(FALSE);
  5052.     }
  5053.  
  5054.     pTemp->dwKey = dwKey;
  5055.     pTemp->pData = pData;
  5056.     pTemp->pNext = Head.pNext;
  5057.     Head.pNext = pTemp;
  5058.  
  5059.     return(TRUE);
  5060. }
  5061.  
  5062. BOOL DeleteEntry (DWORD dwKey, PVOID *ppData)
  5063. {
  5064.     PNODE pCurrent, pTemp;
  5065.  
  5066.     pTemp = &Head;
  5067.     pCurrent = Head.pNext;
  5068.  
  5069.     while (NULL != pCurrent) {
  5070.         if (dwKey == pCurrent->dwKey)  {
  5071.             pTemp->pNext = pCurrent->pNext;
  5072.             *ppData = pCurrent->pData;
  5073.             free (pCurrent);
  5074.             return(TRUE);
  5075.         }
  5076.         else {
  5077.             pTemp = pCurrent;
  5078.             pCurrent = pCurrent->pNext;
  5079.         }
  5080.     }
  5081.  
  5082.     return(FALSE);
  5083. }
  5084.  
  5085. BOOL InitSession (DWORD dwKey)
  5086. /*++
  5087.  
  5088.  Routine Description:
  5089.  
  5090.     Initializes the context associated with a key and adds it to the
  5091.         collection.
  5092.  
  5093.  Return Value:
  5094.  
  5095.     Returns TRUE is successful; otherwise FALSE is returned.
  5096.  
  5097. --*/
  5098. {
  5099.     PAUTH_SEQ pAS;
  5100.  
  5101.     pAS = (PAUTH_SEQ) malloc (sizeof (AUTH_SEQ));
  5102.     if (NULL == pAS)
  5103.         return(FALSE);
  5104.  
  5105.     pAS->_fNewConversation = TRUE;
  5106.     pAS->_fHaveCredHandle = FALSE;
  5107.     pAS->_fHaveCtxtHandle = FALSE;
  5108.  
  5109.     if (!AddEntry (dwKey, (PVOID)pAS))  {
  5110.         free (pAS);
  5111.         return(FALSE);
  5112.     }
  5113.  
  5114.     return(TRUE);
  5115. }
  5116.  
  5117. BOOL TermSession (DWORD dwKey)
  5118. /*++
  5119.  
  5120.  Routine Description:
  5121.  
  5122.     Releases the resources associated with a key and removes it from
  5123.         the collection.
  5124.  
  5125.  Return Value:
  5126.  
  5127.     Returns TRUE is successful; otherwise FALSE is returned.
  5128.  
  5129. --*/
  5130. {
  5131.     PAUTH_SEQ pAS;
  5132.  
  5133.     if (!DeleteEntry (dwKey, (LPVOID*)&pAS))
  5134.         return(FALSE);
  5135.  
  5136.     if (pAS->_fHaveCtxtHandle) {
  5137.         SSPLogonError = p_SSPI_Func->DeleteSecurityContext (&pAS->_hctxt);
  5138.         debug(F111,"TermSession DeleteSecurityContext",
  5139.                sspi_errstr(SSPLogonError),SSPLogonError);
  5140.     }
  5141.  
  5142.     if (pAS->_fHaveCredHandle) {
  5143.         SSPLogonError = p_SSPI_Func->FreeCredentialHandle (&pAS->_hcred);
  5144.         debug(F111,"TermSession FreeCredentials Handle",
  5145.                sspi_errstr(SSPLogonError),SSPLogonError);
  5146.     }
  5147.  
  5148.     free (pAS);
  5149.     return(TRUE);
  5150. }
  5151.  
  5152. BOOL GenClientContext ( DWORD dwKey,
  5153.                         SEC_WINNT_AUTH_IDENTITY *pAuthIdentity,
  5154.                         BYTE *pIn,
  5155.                         DWORD cbIn,
  5156.                         BYTE *pOut,
  5157.                         DWORD *pcbOut,
  5158.                         BOOL *pfDone)
  5159. /*++
  5160.  
  5161.  Routine Description:
  5162.  
  5163.     Optionally takes an input buffer coming from the server and returns
  5164.         a buffer of information to send back to the server.  Also returns
  5165.         an indication of whether or not the context is complete.
  5166.  
  5167.  Return Value:
  5168.  
  5169.     Returns TRUE is successful; otherwise FALSE is returned.
  5170.  
  5171. --*/
  5172. {
  5173.     SECURITY_STATUS     ss;
  5174.     TimeStamp           Lifetime;
  5175.     SecBufferDesc       OutBuffDesc;
  5176.     SecBuffer           OutSecBuff;
  5177.     SecBufferDesc       InBuffDesc;
  5178.     SecBuffer           InSecBuff;
  5179.     ULONG               ContextAttributes;
  5180.     PAUTH_SEQ           pAS;
  5181.  
  5182.     // Lookup pAS based on Key
  5183.     //
  5184.     if (!GetEntry (dwKey, (PVOID*) &pAS)) {
  5185.         debug(F110,"GenClientContext","GetEntry failed",0);
  5186.         return(FALSE);
  5187.     }
  5188.  
  5189.     if (pAS->_fNewConversation)  {
  5190.         ss = p_SSPI_Func->AcquireCredentialsHandle (NULL,       // principal
  5191.                                                      NTLMSP_NAME_A,
  5192.                                                      SECPKG_CRED_OUTBOUND,
  5193.                                                      NULL,      // LOGON id
  5194.                                                      pAuthIdentity, // auth data
  5195.                                                      NULL,      // get key fn
  5196.                                                      NULL,      // get key arg
  5197.                                                      &pAS->_hcred,
  5198.                                                      &Lifetime
  5199.                                                      );
  5200.         debug(F111,"GenClientContext AcquireCredentialsHandle",sspi_errstr(ss),ss);
  5201.         if (ss >= 0)
  5202.             pAS->_fHaveCredHandle = TRUE;
  5203.         else {
  5204.             SSPLogonError = ss;
  5205.             return(FALSE);
  5206.         }
  5207.     }
  5208.  
  5209.     // prepare output buffer
  5210.     //
  5211.     OutBuffDesc.ulVersion = 0;
  5212.     OutBuffDesc.cBuffers = 1;
  5213.     OutBuffDesc.pBuffers = &OutSecBuff;
  5214.  
  5215.     OutSecBuff.cbBuffer = *pcbOut;
  5216.     OutSecBuff.BufferType = SECBUFFER_TOKEN;
  5217.     OutSecBuff.pvBuffer = pOut;
  5218.  
  5219.     // prepare input buffer
  5220.     //
  5221.     if (!pAS->_fNewConversation)  {
  5222.         InBuffDesc.ulVersion = 0;
  5223.         InBuffDesc.cBuffers = 1;
  5224.         InBuffDesc.pBuffers = &InSecBuff;
  5225.  
  5226.         InSecBuff.cbBuffer = cbIn;
  5227.         InSecBuff.BufferType = SECBUFFER_TOKEN;
  5228.         InSecBuff.pvBuffer = pIn;
  5229.     }
  5230.  
  5231.     ss = p_SSPI_Func->InitializeSecurityContext ( &pAS->_hcred,
  5232.                                                   pAS->_fNewConversation ? NULL : &pAS->_hctxt,
  5233.                                                   NULL,
  5234.                                                   0,    // context requirements
  5235.                                                   0,    // reserved1
  5236.                                                   SECURITY_NATIVE_DREP,
  5237.                                                   pAS->_fNewConversation ? NULL : &InBuffDesc,
  5238.                                                   0,    // reserved2
  5239.                                                   &pAS->_hctxt,
  5240.                                                   &OutBuffDesc,
  5241.                                                   &ContextAttributes,
  5242.                                                   &Lifetime
  5243.                                                   );
  5244.     if ( pAS->_fNewConversation )
  5245.         debug(F111,"GenClientContext InitializeSecurityContext (new conversation)",sspi_errstr(ss),ss);
  5246.     else
  5247.         debug(F111,"GenClientContext InitializeSecurityContext (old conversation)",sspi_errstr(ss),ss);
  5248.  
  5249.     if (ss < 0)  {
  5250.         SSPLogonError = ss;
  5251.         return FALSE;
  5252.     }
  5253.  
  5254.     pAS->_fHaveCtxtHandle = TRUE;
  5255.  
  5256.     // Complete token -- if applicable
  5257.     //
  5258.     if ((SEC_I_COMPLETE_NEEDED == ss) || (SEC_I_COMPLETE_AND_CONTINUE == ss))  {
  5259.         if (p_SSPI_Func->CompleteAuthToken) {
  5260.             ss = p_SSPI_Func->CompleteAuthToken (&pAS->_hctxt, &OutBuffDesc);
  5261.             debug(F111,"GenClientContext CompleteAuthToken",sspi_errstr(ss),ss);
  5262.             if (ss < 0)  {
  5263.                 SSPLogonError = ss;
  5264.                 return FALSE;
  5265.             }
  5266.         }
  5267.         else {
  5268.             SSPLogonError = SEC_E_UNSUPPORTED_FUNCTION;
  5269.             debug(F110,"GenClientContext CompleteAuthToken missing","Logon not supported",0);
  5270.             return FALSE;
  5271.         }
  5272.     }
  5273.  
  5274.     *pcbOut = OutSecBuff.cbBuffer;
  5275.  
  5276.     if (pAS->_fNewConversation)
  5277.         pAS->_fNewConversation = FALSE;
  5278.  
  5279.     *pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
  5280.                  (SEC_I_COMPLETE_AND_CONTINUE == ss));
  5281.  
  5282.     SSPLogonError = SEC_E_OK;
  5283.     return TRUE;
  5284. }
  5285.  
  5286. BOOL GenServerContext ( DWORD dwKey,
  5287.                         BYTE *pIn,
  5288.                         DWORD cbIn,
  5289.                         BYTE *pOut,
  5290.                         DWORD *pcbOut,
  5291.                         BOOL *pfDone,
  5292.                         CtxtHandle * phContext)
  5293. /*++
  5294.  
  5295.  Routine Description:
  5296.  
  5297.     Takes an input buffer coming from the client and returns a buffer
  5298.         to be sent to the client.  Also returns an indication of whether or
  5299.         not the context is complete.
  5300.  
  5301.  Return Value:
  5302.  
  5303.     Returns TRUE is successful; otherwise FALSE is returned.
  5304.  
  5305. --*/
  5306. {
  5307.     SECURITY_STATUS     ss;
  5308.     TimeStamp           Lifetime;
  5309.     SecBufferDesc       OutBuffDesc;
  5310.     SecBuffer           OutSecBuff;
  5311.     SecBufferDesc       InBuffDesc;
  5312.     SecBuffer           InSecBuff;
  5313.     ULONG               ContextAttributes;
  5314.     PAUTH_SEQ           pAS;
  5315.  
  5316.     // Lookup pAS based on Key
  5317.     //
  5318.     if (!GetEntry (dwKey, (PVOID*) &pAS)) {
  5319.         SSPLogonError = SEC_E_INVALID_HANDLE;
  5320.         debug(F110,"GenServerContext","GetEntry failed",0);
  5321.         return(FALSE);
  5322.     }
  5323.  
  5324.     if (pAS->_fNewConversation)  {
  5325.         ss = p_SSPI_Func->AcquireCredentialsHandle ( NULL,      // principal
  5326.                                                      NTLMSP_NAME_A,
  5327.                                                      SECPKG_CRED_INBOUND,
  5328.                                                      NULL,      // LOGON id
  5329.                                                      NULL,      // auth data
  5330.                                                      NULL,      // get key fn
  5331.                                                      NULL,      // get key arg
  5332.                                                      &pAS->_hcred,
  5333.                                                      &Lifetime
  5334.                                                      );
  5335.         debug(F111,"GenServerContext AcquireCredentialsHandle()",
  5336.                sspi_errstr(ss),ss);
  5337.         if (ss >= 0)
  5338.             pAS->_fHaveCredHandle = TRUE;
  5339.         else {
  5340.             SSPLogonError = ss;
  5341.             return(FALSE);
  5342.         }
  5343.     }
  5344.  
  5345.     // prepare output buffer
  5346.     //
  5347.     OutBuffDesc.ulVersion = 0;
  5348.     OutBuffDesc.cBuffers = 1;
  5349.     OutBuffDesc.pBuffers = &OutSecBuff;
  5350.  
  5351.     OutSecBuff.cbBuffer = *pcbOut;
  5352.     OutSecBuff.BufferType = SECBUFFER_TOKEN;
  5353.     OutSecBuff.pvBuffer = pOut;
  5354.  
  5355.     // prepare input buffer
  5356.     //
  5357.     InBuffDesc.ulVersion = 0;
  5358.     InBuffDesc.cBuffers = 1;
  5359.     InBuffDesc.pBuffers = &InSecBuff;
  5360.  
  5361.     InSecBuff.cbBuffer = cbIn;
  5362.     InSecBuff.BufferType = SECBUFFER_TOKEN;
  5363.     InSecBuff.pvBuffer = pIn;
  5364.  
  5365.     ss = p_SSPI_Func->AcceptSecurityContext ( &pAS->_hcred,
  5366.                                               pAS->_fNewConversation ? NULL : &pAS->_hctxt,
  5367.                                               &InBuffDesc,
  5368.                                               0,        // context requirements
  5369.                                               SECURITY_NATIVE_DREP,
  5370.                                               &pAS->_hctxt,
  5371.                                               &OutBuffDesc,
  5372.                                               &ContextAttributes,
  5373.                                               &Lifetime
  5374.                                               );
  5375.     if ( pAS->_fNewConversation )
  5376.         debug(F111,"GenServerContext AcceptSecurityContext() (new conversation)",
  5377.                sspi_errstr(ss),ss);
  5378.     else
  5379.         debug(F111,"GenServerContext AcceptSecurityContext() (old conversation)",
  5380.                sspi_errstr(ss),ss);
  5381.     if (ss < 0)  {
  5382.         SSPLogonError = ss;
  5383.         return FALSE;
  5384.     }
  5385.  
  5386.     pAS->_fHaveCtxtHandle = TRUE;
  5387.  
  5388.     // Complete token -- if applicable
  5389.     //
  5390.     if ((SEC_I_COMPLETE_NEEDED == ss) || (SEC_I_COMPLETE_AND_CONTINUE == ss))  {
  5391.         if (p_SSPI_Func->CompleteAuthToken) {
  5392.             ss = p_SSPI_Func->CompleteAuthToken (&pAS->_hctxt, &OutBuffDesc);
  5393.             debug(F111,"GenServerContext CompleteAuthToken()",
  5394.                    sspi_errstr(ss),ss);
  5395.             if (ss < 0)  {
  5396.                 SSPLogonError = ss;
  5397.                 return FALSE;
  5398.             }
  5399.         }
  5400.         else {
  5401.             SSPLogonError = SEC_E_UNSUPPORTED_FUNCTION;
  5402.             debug(F110,"GenServerContext CompleteAuthToken missing",
  5403.                    "Logon Not Supported",0);
  5404.             return FALSE;
  5405.         }
  5406.     }
  5407.  
  5408.     *pcbOut = OutSecBuff.cbBuffer;
  5409.  
  5410.     if (pAS->_fNewConversation)
  5411.         pAS->_fNewConversation = FALSE;
  5412.  
  5413.     *pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
  5414.                  (SEC_I_COMPLETE_AND_CONTINUE == ss));
  5415.  
  5416.     if (*pfDone && phContext) {
  5417.         haveNTLMContext = 1;
  5418.         memcpy(phContext,&pAS->_hctxt,sizeof(CtxtHandle));
  5419.         ZeroMemory(&pAS->_hctxt,sizeof(CtxtHandle));
  5420.         pAS->_fHaveCtxtHandle = FALSE;
  5421.     }
  5422.     SSPLogonError = SEC_E_OK;
  5423.     return TRUE;
  5424. }
  5425.  
  5426. void
  5427. ntlm_logout() {
  5428.     if ( haveNTLMContext ) {
  5429.         p_SSPI_Func->RevertSecurityContext(&hNTLMContext);
  5430.         p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  5431.     }
  5432.     haveNTLMContext = 0;
  5433.     SSPLogonError = SEC_E_OK;
  5434. }
  5435.  
  5436. BOOL
  5437. SSPLogonUser( LPTSTR DomainName,
  5438.               LPTSTR UserName,
  5439.               LPTSTR Password )
  5440. {
  5441.  
  5442.     BOOL done = FALSE;
  5443.     DWORD cbOut, cbIn;
  5444.     char szUser[80];
  5445.     DWORD cbUser = 80;
  5446.     SEC_WINNT_AUTH_IDENTITY AuthIdentity;
  5447.  
  5448.     if ( !p_SSPI_Func ) {
  5449.         SSPLogonError = SEC_E_SECPKG_NOT_FOUND;
  5450.         debug(F110,"SSPLogonUser","NTLM SSPI not installed",0);
  5451.         return(FALSE);
  5452.     }
  5453.  
  5454.     if(!InitSession(0)) {
  5455.         debug(F110,"SSPLogonUser","unable to Init Session 0",0);
  5456.         SSPLogonError = SEC_E_INTERNAL_ERROR;
  5457.         return(FALSE);
  5458.     }
  5459.  
  5460.     if(!InitSession(1)) {
  5461.         debug(F110,"SSPLogonUser","unable to Init Session 1",0);
  5462.         SSPLogonError = SEC_E_INTERNAL_ERROR;
  5463.         return(FALSE);
  5464.     }
  5465.  
  5466.     ntlm_pClientBuf = (PBYTE) malloc(ntlm_cbMaxToken);
  5467.     ntlm_pServerBuf = (PBYTE) malloc(ntlm_cbMaxToken);
  5468.  
  5469.     if ( haveNTLMContext ) {
  5470.         SSPLogonError = p_SSPI_Func->DeleteSecurityContext(&hNTLMContext);
  5471.         debug(F110,"SSPLogonUser DeleteSecurityContext",sspi_errstr(SSPLogonError),SSPLogonError);
  5472.     }
  5473.  
  5474.     ZeroMemory( &hNTLMContext,sizeof(hNTLMContext));
  5475.     ZeroMemory( &AuthIdentity, sizeof(AuthIdentity) );
  5476.  
  5477.     if ( DomainName != NULL )
  5478.     {
  5479.         AuthIdentity.Domain = DomainName;
  5480.         AuthIdentity.DomainLength = lstrlen(DomainName);
  5481.     }
  5482.  
  5483.     if ( UserName != NULL )
  5484.     {
  5485.         AuthIdentity.User = UserName;
  5486.         AuthIdentity.UserLength = lstrlen(UserName);
  5487.     }
  5488.  
  5489.     if ( Password != NULL )
  5490.     {
  5491.         AuthIdentity.Password = Password;
  5492.         AuthIdentity.PasswordLength = lstrlen(Password);
  5493.     }
  5494.  
  5495. #ifdef UNICODE
  5496.     AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
  5497. #else
  5498.     AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
  5499. #endif
  5500.  
  5501.     //
  5502.     // Prepare client message (negotiate).
  5503.     //
  5504.     cbOut = ntlm_cbMaxToken;
  5505.     if (!GenClientContext (0,
  5506.                             &AuthIdentity,
  5507.                             NULL,
  5508.                             0,
  5509.                             ntlm_pClientBuf,
  5510.                             &cbOut,
  5511.                             &done))
  5512.     {
  5513.         debug(F111,"SSPLogonUser","GenClientContext failed (negotiate)",
  5514.                SSPLogonError);
  5515.         return(FALSE);
  5516.      }
  5517.  
  5518.     cbIn = cbOut;
  5519.     //
  5520.     // Prepare server message (challenge).
  5521.     //
  5522.     cbOut = ntlm_cbMaxToken;
  5523.     if (!GenServerContext (1,
  5524.                             ntlm_pClientBuf,
  5525.                             cbIn,
  5526.                             ntlm_pServerBuf,
  5527.                             &cbOut,
  5528.                             &done,
  5529.                             NULL))
  5530.     {
  5531.     //
  5532.     // Most likely failure: AcceptServerContext fails with
  5533.     // SEC_E_LOGON_DENIED in the case of bad username or password
  5534.     //
  5535.     // Unexpected Result: Logon will succeed if you pass in a bad
  5536.     // username and the guest account is enabled in the specified
  5537.     // domain.
  5538.     //
  5539.         debug(F111,"SSPLogonUser","GenServerContext failed (challenge)",
  5540.                SSPLogonError);
  5541.         return(FALSE);
  5542.     }
  5543.  
  5544.     cbIn = cbOut;
  5545.     //
  5546.     // Prepare client message (authenticate).
  5547.     //
  5548.     cbOut = ntlm_cbMaxToken;
  5549.     if (!GenClientContext (0,
  5550.                             &AuthIdentity,
  5551.                             ntlm_pServerBuf,
  5552.                             cbIn,
  5553.                             ntlm_pClientBuf,
  5554.                              &cbOut,
  5555.                             &done))
  5556.     {
  5557.         debug(F111,"SSPLogonUser","GenClientContext failed (authenticate)",
  5558.                SSPLogonError);
  5559.         return(FALSE);
  5560.     }
  5561.  
  5562.     cbIn = cbOut;
  5563.     //
  5564.     // Prepare server message (authentication).
  5565.     //
  5566.     cbOut = ntlm_cbMaxToken;
  5567.     if (!GenServerContext (1,
  5568.                             ntlm_pClientBuf,
  5569.                             cbIn,
  5570.                             ntlm_pServerBuf,
  5571.                              &cbOut,
  5572.                             &done,
  5573.                             &hNTLMContext))
  5574.     {
  5575.         debug(F111,"SSPLogonUser","GenServerContext failed (authentication)",
  5576.                SSPLogonError);
  5577.         return(FALSE);
  5578.     }
  5579.  
  5580.     TermSession(0);
  5581.     TermSession(1);
  5582.  
  5583.     free(ntlm_pClientBuf);
  5584.     free(ntlm_pServerBuf);
  5585.  
  5586.     SSPLogonError = SEC_E_OK;
  5587.     return(TRUE);
  5588. }
  5589. #endif /* NTLM */
  5590.  
  5591. #ifdef NT
  5592. HINSTANCE hKRB5_32 = NULL;
  5593. HINSTANCE hKRB4_32 = NULL;
  5594. HINSTANCE hCOMERR32 = NULL;
  5595. HINSTANCE hPROFILE = NULL;
  5596. HINSTANCE hKRB42UID = NULL;
  5597. HINSTANCE hKRB52UID = NULL;
  5598. HINSTANCE hGSSAPI = NULL;
  5599. HINSTANCE hKRB524 = NULL;
  5600. #else /* NT */
  5601. HMODULE hKRB5_32 = NULL;
  5602. HMODULE hKRB4_32 = NULL;
  5603. HMODULE hCOMERR32 = NULL;
  5604. HMODULE hPROFILE = NULL;
  5605. HMODULE hKRB42UID = NULL;
  5606. HMODULE hKRB52UID = NULL;
  5607. HMODULE hGSSAPI = NULL;
  5608. HMODULE hEMX = NULL;
  5609. #endif /* NT */
  5610. static int cygnus = 0;
  5611.  
  5612. static void
  5613. ck_krb4_loaddll_eh( void )
  5614. {
  5615.     if ( hKRB4_32 ) {
  5616. #ifdef NT
  5617.         FreeLibrary(hKRB4_32);
  5618.         hKRB4_32 = NULL;
  5619. #else /* NT */
  5620.         DosFreeModule(hKRB4_32);
  5621.         hKRB4_32 = 0;
  5622. #endif  /* NT */
  5623.     }
  5624.     if ( hKRB42UID ) {
  5625. #ifdef NT
  5626.         FreeLibrary(hKRB42UID);
  5627.         hKRB42UID = NULL;
  5628. #else /* NT */
  5629.         DosFreeModule(hKRB42UID);
  5630.         hKRB42UID = 0;
  5631. #endif  /* NT */
  5632.     }
  5633.  
  5634. #ifdef KRB4
  5635.     p_krb_get_err_text_entry         = NULL;
  5636.     p_krb_get_cred                   = NULL;
  5637.     p_krb_mk_req                     = NULL;
  5638.     p_krb_realmofhost                = NULL;
  5639.     p_krb_get_phost                  = NULL;
  5640.     p_k4_des_new_random_key             = NULL;
  5641.     p_k4_des_set_random_generator_seed  = NULL;
  5642.     p_k4_des_key_sched                  = NULL;
  5643.     p_k4_des_ecb_encrypt                = NULL;
  5644.     p_k4_des_pcbc_encrypt               = NULL;
  5645.     p_k4_des_string_to_key            = NULL;
  5646.     p_k4_des_fixup_key_parity         = NULL;
  5647.     p_krb_get_pw_in_tkt               = NULL;
  5648.     p_krb_get_pw_in_tkt_preauth       = NULL;
  5649.     p_krb_get_lrealm                  = NULL;
  5650.     p_krb_get_err_text                = NULL;
  5651.     p_kname_parse                     = NULL;
  5652.     p_dest_tkt                        = NULL;
  5653.     p_krb_get_tf_realm                = NULL;
  5654.     p_krb_get_tf_fullname             = NULL;
  5655.     p_tf_get_pname                    = NULL;
  5656.     p_tf_get_pinst                    = NULL;
  5657.     p_tf_get_cred                     = NULL;
  5658.     p_tf_close                        = NULL;
  5659.     p_tf_init                         = NULL;
  5660.     p_tkt_string                      = NULL;
  5661.     p_krb_check_serv                  = NULL;
  5662.     p_kuserok                         = NULL;
  5663.     p_krb_kntoln                      = NULL;
  5664.     p_krb_rd_req                      = NULL;
  5665.     p_krb_sendauth                    = NULL;
  5666.     p_set_krb_debug                   = NULL;
  5667.     p_set_krb_ap_req_debug            = NULL;
  5668.     p_krb_mk_safe      = NULL;
  5669.     p_krb_mk_priv      = NULL;
  5670.     p_krb_rd_priv      = NULL;
  5671.     p_krb_rd_safe      = NULL;
  5672.     p_krb_in_tkt       = NULL;
  5673.     p_krb_save_credentials = NULL;
  5674.  
  5675.     p_k95_k4_princ_to_userid = NULL;
  5676.     p_k95_k4_userok = NULL;
  5677. #endif /* KRB4 */
  5678. }
  5679.  
  5680. static void
  5681. ck_krb5_loaddll_eh( void )
  5682. {
  5683. #ifdef OS2ONLY
  5684.     if ( hEMX ) {
  5685.         DosFreeModule(hEMX);
  5686.         hEMX = 0;
  5687.     }
  5688. #endif /* OS2 */
  5689.     if ( hPROFILE ) {
  5690. #ifdef NT
  5691.         FreeLibrary(hPROFILE);
  5692.         hPROFILE = NULL;
  5693. #else /* NT */
  5694.         DosFreeModule(hPROFILE);
  5695.         hPROFILE = 0;
  5696. #endif  /* NT */
  5697.     }
  5698.     if ( hKRB5_32 ) {
  5699. #ifdef NT
  5700.         FreeLibrary(hKRB5_32);
  5701.         hKRB5_32 = NULL;
  5702. #else /* NT */
  5703.         DosFreeModule(hKRB5_32);
  5704.         hKRB5_32 = 0;
  5705. #endif  /* NT */
  5706.     }
  5707.     if ( hCOMERR32 ) {
  5708. #ifdef NT
  5709.         FreeLibrary(hCOMERR32);
  5710.         hCOMERR32 = NULL;
  5711. #else /* NT */
  5712.         DosFreeModule(hCOMERR32);
  5713.         hCOMERR32 = 0;
  5714. #endif /* NT */
  5715.     }
  5716. #ifdef NT
  5717.     if ( hKRB524 ) {
  5718.         FreeLibrary(hKRB524);
  5719.         hKRB524 = NULL;
  5720.     }
  5721. #endif /* NT */
  5722.  
  5723.     if ( hKRB52UID ) {
  5724. #ifdef NT
  5725.         FreeLibrary(hKRB52UID);
  5726.         hKRB52UID = NULL;
  5727. #else /* NT */
  5728.         DosFreeModule(hKRB52UID);
  5729.         hKRB52UID = 0;
  5730. #endif  /* NT */
  5731.     }
  5732.  
  5733.     cygnus = 0;
  5734. #ifdef KRB5
  5735.     p_com_err                        = NULL;
  5736.     p_com_err_va                     = NULL;
  5737.     p_error_message                  = NULL;
  5738.     p_krb5_free_creds                = NULL;
  5739.     p_krb5_free_data                 = NULL;
  5740.     p_krb5_free_data_contents        = NULL;
  5741.     p_krb5_copy_keyblock             = NULL;
  5742.     p_krb5_free_keyblock             = NULL;
  5743.     p_krb5_auth_con_getlocalsubkey   = NULL;
  5744.     p_krb5_mk_req_extended           = NULL;
  5745.     p_krb5_mk_req                    = NULL;
  5746.     p_krb5_auth_con_setflags         = NULL;
  5747.     p_krb5_auth_con_init             = NULL;
  5748.     p_krb5_auth_con_free             = NULL;
  5749.     p_krb5_get_credentials           = NULL;
  5750.     p_krb5_free_cred_contents        = NULL;
  5751.     p_krb5_sname_to_principal        = NULL;
  5752.     p_krb5_cc_default                = NULL;
  5753.     p_krb5_free_ap_rep_enc_part      = NULL;
  5754.     p_krb5_rd_rep                    = NULL;
  5755.     p_krb5_init_context              = NULL;
  5756.     p_krb5_init_ets                  = NULL;
  5757.     p_krb5_free_context              = NULL;
  5758.     p_krb5_free_principal            = NULL;
  5759.     p_krb5_free_unparsed_name        = NULL;
  5760.     p_krb5_fwd_tgt_creds             = NULL;
  5761.     p_krb5_auth_con_genaddrs         = NULL;
  5762.     p_des_new_random_key             = NULL;
  5763.     p_des_set_random_generator_seed  = NULL;
  5764.     p_des_key_sched                  = NULL;
  5765.     p_des_ecb_encrypt                = NULL;
  5766.     p_des_pcbc_encrypt               = NULL;
  5767.     p_des_string_to_key              = NULL;
  5768.     p_des_fixup_key_parity           = NULL;
  5769.  
  5770.     p_krb5_get_host_realm            = NULL;
  5771.     p_krb5_free_host_realm           = NULL;
  5772.     p_krb5_get_in_tkt_with_keytab    = NULL;
  5773.     p_krb5_get_in_tkt_with_password  = NULL;
  5774.     p_krb5_read_password             = NULL;
  5775.     p_krb5_build_principal_ext       = NULL;
  5776.     p_krb5_unparse_name              = NULL;
  5777.     p_krb5_parse_name                = NULL;
  5778.     p_krb5_cc_resolve                = NULL;
  5779.     p_krb5_cc_default_name           = NULL;
  5780.     p_krb5_string_to_timestamp       = NULL;
  5781.     p_krb5_kt_resolve                = NULL;
  5782.     p_krb5_string_to_deltat          = NULL;
  5783.     p_krb5_timeofday                 = NULL;
  5784.     p_krb5_get_credentials_renew     = NULL;
  5785.     p_krb5_get_credentials_validate  = NULL;
  5786.     p_krb5_copy_principal            = NULL;
  5787.     p_krb5_timestamp_to_sfstring     = NULL;
  5788.     p_krb5_kt_default                = NULL;
  5789.     p_krb5_free_ticket               = NULL;
  5790.     p_decode_krb5_ticket             = NULL;
  5791.     p_cygnus_decode_krb5_ticket      = NULL;
  5792.  
  5793. #ifdef CHECKADDRS
  5794.     p_krb5_os_localaddr              = NULL;
  5795.     p_krb5_address_search            = NULL;
  5796.     p_krb5_free_addresses            = NULL;
  5797. #endif /* CHECKADDRS */
  5798.  
  5799.     p_krb5_auth_con_getremotesubkey  = NULL;
  5800.     p_krb5_mk_rep                    = NULL;
  5801.     p_krb5_free_authenticator        = NULL;
  5802.     p_krb5_verify_checksum           = NULL;
  5803.     p_krb5_auth_con_getkey           = NULL;
  5804.     p_krb5_auth_con_getauthenticator = NULL;
  5805.     p_krb5_rd_req                    = NULL;
  5806.     p_krb5_auth_con_setrcache        = NULL;
  5807.     p_krb5_get_server_rcache         = NULL;
  5808.     p_krb5_auth_con_getrcache        = NULL;
  5809.     p_krb5_free_tgt_creds            = NULL;
  5810.     p_krb5_rd_cred                   = NULL;
  5811.  
  5812.     p_krb5_c_enctype_compare         = NULL;
  5813.     p_krb5_free_error                = NULL;
  5814.     p_krb5_sendauth                  = NULL;
  5815.     p_krb5_process_key               = NULL;
  5816.     p_krb5_use_enctype               = NULL;
  5817.     p_krb5_encrypt                   = NULL;
  5818.     p_krb5_encrypt_size              = NULL;
  5819.     p_krb5_decrypt                   = NULL;
  5820.     p_krb5_kuserok                   = NULL;
  5821.     p_krb5_appdefault_boolean        = NULL;
  5822.     p_krb5_appdefault_string         = NULL;
  5823.  
  5824.     p_krb5_get_init_creds_password             = NULL;
  5825.     p_krb5_get_init_creds_opt_set_address_list = NULL;
  5826.     p_krb5_get_renewed_creds                   = NULL;
  5827.     p_krb5_get_validated_creds                 = NULL;
  5828.     p_krb5_get_init_creds_opt_set_tkt_life     = NULL;
  5829.     p_krb5_get_init_creds_opt_set_forwardable  = NULL;
  5830.     p_krb5_get_init_creds_opt_set_proxiable    = NULL;
  5831.     p_krb5_get_init_creds_opt_set_renew_life   = NULL;
  5832.     p_krb5_get_init_creds_opt_init             = NULL;
  5833.     p_krb5_get_init_creds_opt_set_etype_list   = NULL;
  5834.     p_krb5_get_init_creds_opt_set_preauth_list = NULL;
  5835.     p_krb5_get_init_creds_opt_set_salt         = NULL;
  5836.  
  5837.     p_krb5_rd_safe                  = NULL;
  5838.     p_krb5_mk_safe                  = NULL;
  5839.     p_krb5_rd_priv                  = NULL;
  5840.     p_krb5_mk_priv                  = NULL;
  5841.     p_krb5_auth_con_setuseruserkey  = NULL;
  5842.     p_krb5_get_profile              = NULL;
  5843.  
  5844.     p_profile_get_subsection_names = NULL;
  5845.     p_profile_get_relation_names   = NULL;
  5846.  
  5847.     p_k95_k5_principal_to_localname = NULL;
  5848.     p_k95_k5_userok = NULL;
  5849.  
  5850.     p_krb5_free_keyblock_contents = NULL;
  5851.     p_krb5_c_encrypt = NULL;
  5852.     p_krb5_c_decrypt = NULL;
  5853.     p_krb5_c_make_random_key = NULL;
  5854.     p_krb5_c_random_seed = NULL;
  5855.     p_krb5_c_encrypt_length = NULL;
  5856.     p_krb5_c_block_size = NULL;
  5857.     p_krb5_kt_default_name = NULL;
  5858.  
  5859.     p_krb5_cc_get_principal   = NULL;
  5860.     p_krb5_cc_store_cred      = NULL;
  5861.     p_krb5_cc_initialize      = NULL;
  5862.     p_krb5_cc_destroy         = NULL;
  5863.     p_krb5_cc_end_seq_get     = NULL;
  5864.     p_krb5_cc_next_cred       = NULL;
  5865.     p_krb5_cc_start_seq_get   = NULL;
  5866.     p_krb5_cc_get_type        = NULL;
  5867.     p_krb5_cc_get_name        = NULL;
  5868.     p_krb5_cc_set_flags       = NULL;
  5869.     p_krb5_cc_close           = NULL;
  5870.  
  5871.     p_krb5_kt_get_type        = NULL;
  5872.     p_krb5_kt_get_name        = NULL;
  5873.     p_krb5_kt_close           = NULL;
  5874.     p_krb5_kt_get_entry       = NULL;
  5875.     p_krb5_kt_start_seq_get   = NULL;
  5876.     p_krb5_kt_next_entry      = NULL;
  5877.     p_krb5_kt_end_seq_get     = NULL;
  5878.     p_krb5_build_principal    = NULL;
  5879.  
  5880.     p_krb524_init_ets         = NULL;
  5881.     p_krb524_convert_creds_kdc = NULL;
  5882. #endif /* KRB5 */
  5883. }
  5884.  
  5885. int
  5886. ck_krb4_loaddll( void )
  5887. {
  5888. #ifdef KRB4
  5889.     ULONG rc = 0 ;
  5890.     int load_error = 0, len;
  5891. #ifdef OS2ONLY
  5892.     CHAR *exe_path;
  5893.     CHAR path[256];
  5894.     CHAR * dllname = "KRB4_32";
  5895. #endif /* OS2ONLY */
  5896.  
  5897. #ifdef NT
  5898.     HINSTANCE hLEASH;
  5899.  
  5900.     if ( !(hKRB4_32 = LoadLibrary("KRBV4W32")) ) {
  5901.         rc = GetLastError() ;
  5902.         debug(F111, "Kerberos LoadLibrary failed","KRBV4W32",rc) ;
  5903.         ck_krb4_loaddll_eh();
  5904.     }
  5905.     if ( !hKRB4_32 &&
  5906.          !(hKRB4_32 = LoadLibrary("KRB4_32"))) {
  5907.         rc = GetLastError() ;
  5908.         debug(F111, "Kerberos LoadLibrary failed","KRB4_32",rc) ;
  5909.         ck_krb4_loaddll_eh();
  5910.     }
  5911.     if (hKRB4_32) {
  5912.         debug(F100,"Kerberos IV support provided by MIT Leash","",0);
  5913.         if (((FARPROC) p_krb_get_err_text_entry =
  5914.               GetProcAddress( hKRB4_32, "get_krb_err_txt_entry" )) == NULL )
  5915.         {
  5916.             rc = GetLastError() ;
  5917.             debug(F111,
  5918.                   "Kerberos GetProcAddress failed","get_krb_err_txt_entry",rc);
  5919.             load_error = 1;
  5920.         }
  5921.         if (((FARPROC) p_krb_get_cred =
  5922.               GetProcAddress( hKRB4_32, "krb_get_cred" )) == NULL )
  5923.         {
  5924.             rc = GetLastError() ;
  5925.             debug(F111, "Kerberos GetProcAddress failed","krb_get_cred",rc) ;
  5926.             load_error = 1;
  5927.         }
  5928.         if (((FARPROC) p_krb_mk_req =
  5929.               GetProcAddress( hKRB4_32, "krb_mk_req" )) == NULL )
  5930.         {
  5931.             rc = GetLastError() ;
  5932.             debug(F111, "Kerberos GetProcAddress failed","krb_mk_req",rc) ;
  5933.             load_error = 1;
  5934.         }
  5935.         if (((FARPROC) p_krb_realmofhost =
  5936.               GetProcAddress( hKRB4_32, "krb_realmofhost" )) == NULL )
  5937.         {
  5938.             rc = GetLastError() ;
  5939.             debug(F111,"Kerberos GetProcAddress failed","krb_realmofhost",rc);
  5940.             load_error = 1;
  5941.         }
  5942.         if (((FARPROC) p_krb_get_phost =
  5943.               GetProcAddress( hKRB4_32, "krb_get_phost" )) == NULL )
  5944.         {
  5945.             rc = GetLastError() ;
  5946.             debug(F111, "Kerberos GetProcAddress failed","krb_get_phost",rc) ;
  5947.             load_error = 1;
  5948.         }
  5949.  
  5950.         /* The DES functions are not required.  But if we do not have */
  5951.         /* them and do not have the CRYPT DLL we will not be able to  */
  5952.         /* perform mutual authentication.                             */
  5953.         if (((FARPROC) p_k4_des_ecb_encrypt =
  5954.               GetProcAddress( hKRB4_32, "des_ecb_encrypt" )) == NULL )
  5955.         {
  5956.             rc = GetLastError() ;
  5957.             debug(F111,"Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
  5958.         }
  5959.         if (((FARPROC) p_k4_des_pcbc_encrypt =
  5960.               GetProcAddress( hKRB4_32, "des_pcbc_encrypt" )) == NULL )
  5961.         {
  5962.             rc = GetLastError() ;
  5963.             debug(F111,"Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
  5964.         }
  5965.         if (((FARPROC) p_k4_des_new_random_key =
  5966.               GetProcAddress( hKRB4_32, "des_new_random_key" )) == NULL )
  5967.         {
  5968.             rc = GetLastError() ;
  5969.             debug(F111,
  5970.                   "Kerberos GetProcAddress failed","des_new_random_key",rc) ;
  5971.         }
  5972.         if (((FARPROC) p_k4_des_key_sched =
  5973.               GetProcAddress( hKRB4_32, "des_key_sched" )) == NULL )
  5974.         {
  5975.             rc = GetLastError() ;
  5976.             debug(F111, "Kerberos GetProcAddress failed","des_key_sched",rc) ;
  5977.         }
  5978.         if (((FARPROC) p_k4_des_set_random_generator_seed =
  5979.              GetProcAddress(hKRB4_32,"des_set_random_generator_seed")) == NULL)
  5980.         {
  5981.             rc = GetLastError() ;
  5982.             debug(F111, "Kerberos GetProcAddress failed",
  5983.                    "des_set_random_generator_seed",rc) ;
  5984.         }
  5985.  
  5986.         if (((FARPROC) p_krb_get_pw_in_tkt =
  5987.               GetProcAddress( hKRB4_32, "krb_get_pw_in_tkt" )) == NULL )
  5988.         {
  5989.             rc = GetLastError() ;
  5990.             debug(F111, "Kerberos GetProcAddress failed",
  5991.                    "krb_get_pw_in_tkt",rc) ;
  5992.             load_error = 1;
  5993.         }
  5994.         /* Not supported in Leash */
  5995.         if (((FARPROC) p_krb_get_pw_in_tkt_preauth =
  5996.              GetProcAddress( hKRB4_32, "krb_get_pw_in_tkt_preauth" )) == NULL )
  5997.         {
  5998.             rc = GetLastError() ;
  5999.             debug(F111, "Kerberos GetProcAddress failed",
  6000.                    "krb_get_pw_in_tkt_preauth",rc) ;
  6001.         }
  6002.         if (((FARPROC) p_krb_get_lrealm =
  6003.               GetProcAddress( hKRB4_32, "krb_get_lrealm" )) == NULL )
  6004.         {
  6005.             rc = GetLastError() ;
  6006.             debug(F111, "Kerberos GetProcAddress failed",
  6007.                    "krb_get_lrealm",rc) ;
  6008.             load_error = 1;
  6009.         }
  6010.         if (((FARPROC) p_krb_get_err_text =
  6011.               GetProcAddress( hKRB4_32, "krb_get_err_text" )) == NULL )
  6012.         {
  6013.             rc = GetLastError() ;
  6014.             debug(F111, "Kerberos GetProcAddress failed",
  6015.                    "krb_get_err_text",rc) ;
  6016.         }
  6017.         if (((FARPROC) p_kname_parse =
  6018.               GetProcAddress( hKRB4_32, "kname_parse" )) == NULL )
  6019.         {
  6020.             rc = GetLastError() ;
  6021.             debug(F111, "Kerberos GetProcAddress failed",
  6022.                    "kname_parse",rc) ;
  6023.             load_error = 1;
  6024.         }
  6025.         if (((FARPROC) p_dest_tkt =
  6026.               GetProcAddress( hKRB4_32, "dest_tkt" )) == NULL )
  6027.         {
  6028.             rc = GetLastError() ;
  6029.             debug(F111, "Kerberos GetProcAddress failed",
  6030.                    "dest_tkt",rc) ;
  6031.             load_error = 1;
  6032.         }
  6033.         if (((FARPROC) p_krb_get_tf_realm =
  6034.               GetProcAddress( hKRB4_32, "krb_get_tf_realm" )) == NULL )
  6035.         {
  6036.             rc = GetLastError() ;
  6037.             debug(F111, "Kerberos GetProcAddress failed",
  6038.                    "krb_get_tf_realm",rc) ;
  6039.             load_error = 1;
  6040.         }
  6041.         if (((FARPROC) p_krb_get_tf_fullname =
  6042.               GetProcAddress( hKRB4_32, "krb_get_tf_fullname" )) == NULL )
  6043.         {
  6044.             rc = GetLastError() ;
  6045.             debug(F111, "Kerberos GetProcAddress failed",
  6046.                    "krb_get_tf_fullname",rc) ;
  6047.             load_error = 1;
  6048.         }
  6049.         if (((FARPROC) p_tf_get_pname =
  6050.               GetProcAddress( hKRB4_32, "tf_get_pname" )) == NULL )
  6051.         {
  6052.             rc = GetLastError() ;
  6053.             debug(F111, "Kerberos GetProcAddress failed",
  6054.                    "tf_get_pname",rc) ;
  6055.             load_error = 1;
  6056.         }
  6057.         if (((FARPROC) p_tf_get_pinst =
  6058.               GetProcAddress( hKRB4_32, "tf_get_pinst" )) == NULL )
  6059.         {
  6060.             rc = GetLastError() ;
  6061.             debug(F111, "Kerberos GetProcAddress failed",
  6062.                    "tf_get_pinst",rc) ;
  6063.             load_error = 1;
  6064.         }
  6065.         if (((FARPROC) p_tf_get_cred =
  6066.               GetProcAddress( hKRB4_32, "tf_get_cred" )) == NULL )
  6067.         {
  6068.             rc = GetLastError() ;
  6069.             debug(F111, "Kerberos GetProcAddress failed",
  6070.                    "tf_get_cred",rc) ;
  6071.             load_error = 1;
  6072.         }
  6073.         if (((FARPROC) p_tf_close =
  6074.               GetProcAddress( hKRB4_32, "tf_close" )) == NULL )
  6075.         {
  6076.             rc = GetLastError() ;
  6077.             debug(F111, "Kerberos GetProcAddress failed",
  6078.                    "tf_close",rc) ;
  6079.             load_error = 1;
  6080.         }
  6081.         if (((FARPROC) p_tf_init =
  6082.               GetProcAddress( hKRB4_32, "tf_init" )) == NULL )
  6083.         {
  6084.             rc = GetLastError() ;
  6085.             debug(F111, "Kerberos GetProcAddress failed",
  6086.                    "tf_init",rc) ;
  6087.             load_error = 1;
  6088.         }
  6089.         if (((FARPROC) p_tkt_string =
  6090.               GetProcAddress( hKRB4_32, "tkt_string" )) == NULL )
  6091.         {
  6092.             rc = GetLastError() ;
  6093.             debug(F111, "Kerberos GetProcAddress failed",
  6094.                    "tkt_string",rc) ;
  6095.             load_error = 1;
  6096.         }
  6097.         if (((FARPROC) p_krb_check_serv =
  6098.               GetProcAddress( hKRB4_32, "krb_check_serv" )) == NULL )
  6099.         {
  6100.             rc = GetLastError() ;
  6101.             debug(F111, "Kerberos GetProcAddress failed",
  6102.                    "krb_check_serv",rc) ;
  6103.             load_error = 1;
  6104.         }
  6105.         if (((FARPROC) p_kuserok =
  6106.               GetProcAddress( hKRB4_32, "kuserok" )) == NULL )
  6107.         {
  6108.             rc = GetLastError() ;
  6109.             debug(F111, "Kerberos GetProcAddress failed",
  6110.                    "kuserok",rc) ;
  6111.         }
  6112.         if (((FARPROC) p_krb_kntoln =
  6113.               GetProcAddress( hKRB4_32, "krb_kntoln" )) == NULL )
  6114.         {
  6115.             rc = GetLastError() ;
  6116.             debug(F111, "Kerberos GetProcAddress failed",
  6117.                    "krb_kntoln",rc) ;
  6118.         }
  6119.         if (((FARPROC) p_krb_rd_req =
  6120.               GetProcAddress( hKRB4_32, "krb_rd_req" )) == NULL )
  6121.         {
  6122.             rc = GetLastError() ;
  6123.             debug(F111, "Kerberos GetProcAddress failed",
  6124.                    "krb_rd_req",rc) ;
  6125.         }
  6126.         if (((FARPROC) p_krb_sendauth =
  6127.               GetProcAddress( hKRB4_32, "krb_sendauth" )) == NULL )
  6128.         {
  6129.             rc = GetLastError() ;
  6130.             debug(F111, "Kerberos GetProcAddress failed",
  6131.                    "krb_sendauth",rc) ;
  6132.             load_error = 1;
  6133.         }
  6134.         if (((FARPROC) p_set_krb_debug =
  6135.               GetProcAddress( hKRB4_32, "set_krb_debug" )) == NULL )
  6136.         {
  6137.             rc = GetLastError() ;
  6138.             debug(F111, "Kerberos GetProcAddress failed",
  6139.                    "set_krb_debug",rc) ;
  6140.         }
  6141.         if (((FARPROC) p_set_krb_ap_req_debug =
  6142.               GetProcAddress( hKRB4_32, "set_krb_ap_req_debug" )) == NULL )
  6143.         {
  6144.             rc = GetLastError() ;
  6145.             debug(F111, "Kerberos GetProcAddress failed",
  6146.                    "set_krb_ap_req_debug",rc) ;
  6147.         }
  6148.         if (((FARPROC) p_krb_mk_safe =
  6149.               GetProcAddress( hKRB4_32, "krb_mk_safe" )) == NULL )
  6150.         {
  6151.             rc = GetLastError() ;
  6152.             debug(F111, "Kerberos GetProcAddress failed",
  6153.                    "krb_mk_safe",rc) ;
  6154.             load_error = 1;
  6155.         }
  6156.         if (((FARPROC) p_krb_mk_priv =
  6157.               GetProcAddress( hKRB4_32, "krb_mk_priv" )) == NULL )
  6158.         {
  6159.             rc = GetLastError() ;
  6160.             debug(F111, "Kerberos GetProcAddress failed",
  6161.                    "krb_mk_priv",rc) ;
  6162.             load_error = 1;
  6163.         }
  6164.         if (((FARPROC) p_krb_rd_priv =
  6165.               GetProcAddress( hKRB4_32, "krb_rd_priv" )) == NULL )
  6166.         {
  6167.             rc = GetLastError() ;
  6168.             debug(F111, "Kerberos GetProcAddress failed",
  6169.                    "krb_rd_priv",rc) ;
  6170.             load_error = 1;
  6171.         }
  6172.         if (((FARPROC) p_krb_rd_safe =
  6173.               GetProcAddress( hKRB4_32, "krb_rd_safe" )) == NULL )
  6174.         {
  6175.             rc = GetLastError() ;
  6176.             debug(F111, "Kerberos GetProcAddress failed",
  6177.                    "krb_rd_safe",rc) ;
  6178.             load_error = 1;
  6179.         }
  6180.         if (((FARPROC) p_krb_in_tkt =
  6181.               GetProcAddress( hKRB4_32, "krb_in_tkt" )) == NULL )
  6182.         {
  6183.             rc = GetLastError() ;
  6184.             debug(F111, "Kerberos GetProcAddress failed",
  6185.                    "krb_in_tkt",rc) ;
  6186.             load_error = 1;
  6187.         }
  6188.         if (((FARPROC) p_krb_save_credentials =
  6189.               GetProcAddress( hKRB4_32, "krb_save_credentials" )) == NULL )
  6190.         {
  6191.             rc = GetLastError() ;
  6192.             debug(F111, "Kerberos GetProcAddress failed",
  6193.                    "krb_save_credentials",rc) ;
  6194.             load_error = 1;
  6195.         }
  6196.  
  6197.         if ( load_error ) {
  6198.             ck_krb4_loaddll_eh();
  6199.             return 0;
  6200.         }
  6201.     }
  6202. #else /* NT */
  6203.     exe_path = GetLoadPath();
  6204.     len = get_dir_len(exe_path);
  6205.     if ( len + strlen(dllname) + 4 > sizeof(path) )
  6206.         return(0);
  6207.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
  6208.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB4_32);
  6209.     if (rc) {
  6210.         debug(F111, "Kerberos IV LoadLibrary failed",fail,rc) ;
  6211.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB4_32);
  6212.     }
  6213.  
  6214.     if (rc) {
  6215.         debug(F111, "Kerberos IV LoadLibrary failed",fail,rc) ;
  6216.         ck_krb4_loaddll_eh();
  6217.     } else {
  6218.         debug(F100,"Kerberos IV support provided by MIT","",0);
  6219.         if (rc = DosQueryProcAddr(hKRB4_32,0,"get_krb_err_txt_entry",
  6220.                                    (PFN*)&p_krb_get_err_text_entry))
  6221.         {
  6222.             debug(F111,"Kerberos GetProcAddress failed","get_krb_err_txt_entry",rc);
  6223.             load_error = 1;
  6224.         }
  6225.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_cred",
  6226.                                    (PFN*)&p_krb_get_cred))
  6227.         {
  6228.             debug(F111,"Kerberos GetProcAddress failed","krb_get_cred",rc);
  6229.             load_error = 1;
  6230.         }
  6231.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_req",
  6232.                                    (PFN*)&p_krb_mk_req))
  6233.         {
  6234.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_req",rc);
  6235.             load_error = 1;
  6236.         }
  6237.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_realmofhost",
  6238.                                    (PFN*)&p_krb_realmofhost))
  6239.         {
  6240.             debug(F111,"Kerberos GetProcAddress failed","krb_realmofhost",rc);
  6241.             load_error = 1;
  6242.         }
  6243.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_phost",
  6244.                                    (PFN*)&p_krb_get_phost))
  6245.         {
  6246.             debug(F111,"Kerberos GetProcAddress failed","krb_get_phost",rc);
  6247.             load_error = 1;
  6248.         }
  6249.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_ecb_encrypt",
  6250.                                    (PFN*)&p_k4_des_ecb_encrypt))
  6251.         {
  6252.             debug(F111,"Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
  6253.         }
  6254.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_pcbc_encrypt",
  6255.                                    (PFN*)&p_k4_des_pcbc_encrypt))
  6256.         {
  6257.             debug(F111,"Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
  6258.         }
  6259.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_new_random_key",
  6260.                                    (PFN*)&p_k4_des_new_random_key))
  6261.         {
  6262.             debug(F111,"Kerberos GetProcAddress failed","des_new_random_key",rc);
  6263.         }
  6264.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_key_sched",
  6265.                                    (PFN*)&p_k4_des_key_sched))
  6266.         {
  6267.             debug(F111,"Kerberos GetProcAddress failed","des_key_sched",rc);
  6268.         }
  6269.         if (rc = DosQueryProcAddr(hKRB4_32,0,"des_set_random_generator_seed",
  6270.                                    (PFN*)&p_k4_des_set_random_generator_seed))
  6271.         {
  6272.             debug(F111,"Kerberos GetProcAddress failed","des_set_random_generator_seed",rc);
  6273.         }
  6274.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_pw_in_tkt",
  6275.                                    (PFN*)&p_krb_get_pw_in_tkt))
  6276.         {
  6277.             debug(F111,"Kerberos GetProcAddress failed","krb_get_pw_in_tkt",rc);
  6278.             load_error = 1;
  6279.         }
  6280.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_pw_in_tkt_preauth",
  6281.                                    (PFN*)&p_krb_get_pw_in_tkt_preauth))
  6282.         {
  6283.             debug(F111,"Kerberos GetProcAddress failed","krb_get_pw_in_tkt_preauth",rc);
  6284.         }
  6285.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_lrealm",
  6286.                                    (PFN*)&p_krb_get_lrealm))
  6287.         {
  6288.             debug(F111,"Kerberos GetProcAddress failed","krb_get_lrealm",rc);
  6289.             load_error = 1;
  6290.         }
  6291.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_err_text",
  6292.                                    (PFN*)&p_krb_get_err_text))
  6293.         {
  6294.             debug(F111,"Kerberos GetProcAddress failed","krb_get_err_text",rc);
  6295.         }
  6296.         if (rc = DosQueryProcAddr(hKRB4_32,0,"kname_parse",
  6297.                                    (PFN*)&p_kname_parse))
  6298.         {
  6299.             debug(F111,"Kerberos GetProcAddress failed","kname_parse",rc);
  6300.             load_error = 1;
  6301.         }
  6302.         if (rc = DosQueryProcAddr(hKRB4_32,0,"dest_tkt",
  6303.                                    (PFN*)&p_dest_tkt))
  6304.         {
  6305.             debug(F111,"Kerberos GetProcAddress failed","dest_tkt",rc);
  6306.             load_error = 1;
  6307.         }
  6308.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_tf_realm",
  6309.                                    (PFN*)&p_krb_get_tf_realm))
  6310.         {
  6311.             debug(F111,"Kerberos GetProcAddress failed","krb_get_tf_realm",rc);
  6312.             load_error = 1;
  6313.         }
  6314.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_get_tf_fullname",
  6315.                                    (PFN*)&p_krb_get_tf_fullname))
  6316.         {
  6317.             debug(F111,"Kerberos GetProcAddress failed","krb_get_tf_fullname",rc);
  6318.             load_error = 1;
  6319.         }
  6320.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_pname",
  6321.                                    (PFN*)&p_tf_get_pname))
  6322.         {
  6323.             debug(F111,"Kerberos GetProcAddress failed","tf_get_pname",rc);
  6324.             load_error = 1;
  6325.         }
  6326.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_pinst",
  6327.                                    (PFN*)&p_tf_get_pinst))
  6328.         {
  6329.             debug(F111,"Kerberos GetProcAddress failed","tf_get_pinst",rc);
  6330.             load_error = 1;
  6331.         }
  6332.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_get_cred",
  6333.                                    (PFN*)&p_tf_get_cred))
  6334.         {
  6335.             debug(F111,"Kerberos GetProcAddress failed","tf_get_cred",rc);
  6336.             load_error = 1;
  6337.         }
  6338.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_close",
  6339.                                    (PFN*)&p_tf_close))
  6340.         {
  6341.             debug(F111,"Kerberos GetProcAddress failed","tf_close",rc);
  6342.             load_error = 1;
  6343.         }
  6344.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tf_init",
  6345.                                    (PFN*)&p_tf_init))
  6346.         {
  6347.             debug(F111,"Kerberos GetProcAddress failed","tf_init",rc);
  6348.             load_error = 1;
  6349.         }
  6350.         if (rc = DosQueryProcAddr(hKRB4_32,0,"tkt_string",
  6351.                                    (PFN*)&p_tkt_string))
  6352.         {
  6353.             debug(F111,"Kerberos GetProcAddress failed","tkt_string",rc);
  6354.             load_error = 1;
  6355.         }
  6356.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_check_serv",
  6357.                                    (PFN*)&p_krb_check_serv))
  6358.         {
  6359.             debug(F111,"Kerberos GetProcAddress failed","krb_check_serv",rc);
  6360.             load_error = 1;
  6361.         }
  6362.         if (rc = DosQueryProcAddr(hKRB4_32,0,"kuserok",
  6363.                                    (PFN*)&p_kuserok))
  6364.         {
  6365.             debug(F111,"Kerberos GetProcAddress failed","kuserok",rc);
  6366.         }
  6367.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_kntoln",
  6368.                                    (PFN*)&p_krb_kntoln))
  6369.         {
  6370.             debug(F111,"Kerberos GetProcAddress failed","krb_kntoln",rc);
  6371.         }
  6372.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_req",
  6373.                                    (PFN*)&p_krb_rd_req))
  6374.         {
  6375.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_req",rc);
  6376.         }
  6377.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_sendauth",
  6378.                                    (PFN*)&p_krb_sendauth))
  6379.         {
  6380.             debug(F111,"Kerberos GetProcAddress failed","krb_sendauth",rc);
  6381.             load_error = 1;
  6382.         }
  6383.         if (rc = DosQueryProcAddr(hKRB4_32,0,"set_krb_debug",
  6384.                                    (PFN*)&p_set_krb_debug))
  6385.         {
  6386.             debug(F111,"Kerberos GetProcAddress failed","set_krb_debug",rc);
  6387.         }
  6388.         if (rc = DosQueryProcAddr(hKRB4_32,0,"set_krb_ap_req_debug",
  6389.                                    (PFN*)&p_set_krb_ap_req_debug))
  6390.         {
  6391.             debug(F111,"Kerberos GetProcAddress failed","set_krb_ap_req_debug",rc);
  6392.         }
  6393.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_safe",
  6394.                                    (PFN*)&p_krb_mk_safe))
  6395.         {
  6396.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_safe",rc);
  6397.             load_error = 1;
  6398.         }
  6399.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_mk_priv",
  6400.                                    (PFN*)&p_krb_mk_priv))
  6401.         {
  6402.             debug(F111,"Kerberos GetProcAddress failed","krb_mk_priv",rc);
  6403.             load_error = 1;
  6404.         }
  6405.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_priv",
  6406.                                    (PFN*)&p_krb_rd_priv))
  6407.         {
  6408.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_priv",rc);
  6409.             load_error = 1;
  6410.         }
  6411.         if (rc = DosQueryProcAddr(hKRB4_32,0,"krb_rd_safe",
  6412.                                    (PFN*)&p_krb_rd_safe))
  6413.         {
  6414.             debug(F111,"Kerberos GetProcAddress failed","krb_rd_safe",rc);
  6415.             load_error = 1;
  6416.         }
  6417.         if ( load_error ) {
  6418.             ck_krb4_loaddll_eh();
  6419.             return 0;
  6420.         }
  6421.     }
  6422. #endif /* NT */
  6423.  
  6424.     if ( deblog ) {
  6425.         if ( hKRB4_32 )
  6426.             printf("MIT Kerberos 4 available\n");
  6427.     }
  6428.  
  6429.     /* Attempt to load a krb4_principal_to_userid() function */
  6430. #ifdef NT
  6431.     hKRB42UID = LoadLibrary("KRB42UID");
  6432.     if ( hKRB42UID ) {
  6433.         if (((FARPROC) p_k95_k4_princ_to_userid =
  6434.               GetProcAddress( hKRB42UID, "krb4_principal_to_userid" )) == NULL )
  6435.         {
  6436.             rc = GetLastError() ;
  6437.             debug(F111,"KRB42UID GetProcAddress failed","krb4_principal_to_userid",rc);
  6438.         }
  6439.         if (((FARPROC) p_k95_k4_userok =
  6440.               GetProcAddress( hKRB42UID, "krb4_userok" )) == NULL )
  6441.         {
  6442.             rc = GetLastError() ;
  6443.             debug(F111,"KRB42UID GetProcAddress failed","krb4_userok",rc);
  6444.         }
  6445.     }
  6446. #else /* NT */
  6447.     dllname = "KRB42UID";
  6448.     len = get_dir_len(exe_path);
  6449.     if ( len + strlen(dllname) + 4 > sizeof(path) )
  6450.         return(0);
  6451.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
  6452.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB42UID);
  6453.     if (rc) {
  6454.         debug(F111, "KRB42UID LoadLibrary failed",fail,rc) ;
  6455.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB42UID);
  6456.     }
  6457.     if ( rc ) {
  6458.         debug(F111, "KRB42UID LoadLibrary failed",fail,rc) ;
  6459.     } else {
  6460.         debug(F111, "KRB42UID LoadLibrary success",fail,rc) ;
  6461.         if (rc = DosQueryProcAddr( hKRB42UID, 0, "krb4_principal_to_userid",
  6462.                                   (PFN*) &p_k95_k4_princ_to_userid))
  6463.         {
  6464.             debug(F111,"KRB42UID GetProcAddress failed",
  6465.                   "krb4_principal_to_userid",rc);
  6466.         }
  6467.         if (rc = DosQueryProcAddr( hKRB42UID, 0, "krb4_userok",
  6468.                                   (PFN*) &p_k95_k4_userok))
  6469.         {
  6470.             debug(F111,"KRB42UID GetProcAddress failed",
  6471.                   "krb4_userok",rc);
  6472.         }
  6473.     }
  6474.  
  6475.  
  6476.     /* Initialize Kerberos 4 ticket options based upon MIT Leash selections */
  6477.     hLEASH = LoadLibrary("LEASHW32");
  6478.     if ( hLEASH )
  6479.     {
  6480.         DWORD (* pLeash_get_default_lifetime)(void);
  6481.  
  6482.         (FARPROC) pLeash_get_default_lifetime =
  6483.             GetProcAddress(hLEASH, "Leash_get_default_lifetime");
  6484.  
  6485.         if ( pLeash_get_default_lifetime )
  6486.         krb4_d_lifetime = pLeash_get_default_lifetime();
  6487.         FreeLibrary("LEASHW32");
  6488.     }
  6489. #endif /* NT */
  6490.     return(1);
  6491. #else /* KRB4 */
  6492.     return(0);
  6493. #endif /* KRB4 */
  6494. }
  6495.  
  6496. int
  6497. ck_krb5_loaddll( void )
  6498. {
  6499. #ifdef KRB5
  6500.     ULONG rc = 0 ;
  6501.     int load_error = 0, len;
  6502. #ifdef OS2ONLY
  6503.     CHAR *exe_path;
  6504.     CHAR path[256];
  6505.     CHAR * dllname = "KRB5_32";
  6506.     static void (_System * p_emx_init)(void)=NULL;
  6507. #endif /* OS2ONLY */
  6508.  
  6509. #ifdef NT
  6510.     HINSTANCE hLEASH = NULL;
  6511.     
  6512.     hKRB5_32 = LoadLibrary("KRB5_32") ;
  6513.     if ( !hKRB5_32 ) {
  6514.         /* Try Cygnus Solutions version */
  6515.         hKRB5_32 = LoadLibrary("LIBKRB5");
  6516.         cygnus = 1;
  6517.     }
  6518.     if ( !hKRB5_32 )
  6519.     {
  6520.         rc = GetLastError() ;
  6521.         debug(F111, "Kerberos LoadLibrary failed","KRB5_32",rc) ;
  6522.     }
  6523.  
  6524.     hKRB524 = LoadLibrary("KRB524") ;
  6525.     if ( !hKRB524 )
  6526.     {
  6527.         rc = GetLastError() ;
  6528.         debug(F111, "Kerberos LoadLibrary failed","KRB524",rc) ;
  6529.     } else {
  6530.         if (((FARPROC) p_krb524_init_ets =
  6531.               GetProcAddress( hKRB524, "krb524_init_ets" )) == NULL )
  6532.         {
  6533.             rc = GetLastError() ;
  6534.             debug(F111, "Kerberos GetProcAddress failed",
  6535.                    "krb524_init_ets",rc);
  6536.         }
  6537.         if (((FARPROC) p_krb524_convert_creds_kdc =
  6538.               GetProcAddress( hKRB524, "krb524_convert_creds_kdc" )) == NULL )
  6539.         {
  6540.             rc = GetLastError() ;
  6541.             debug(F111, "Kerberos GetProcAddress failed",
  6542.                    "krb524_convert_creds_kdc",rc);
  6543.         }
  6544.     }
  6545.  
  6546.     if ( hKRB5_32 != NULL ) {
  6547.     if ( cygnus ) {
  6548.         debug(F100,"Kerberos V support provided by Cygnus Solutions","",0);
  6549.         if (((FARPROC) p_com_err =
  6550.               GetProcAddress( hKRB5_32, "com_err" )) == NULL )
  6551.         {
  6552.             rc = GetLastError() ;
  6553.             debug(F111, "Kerberos GetProcAddress failed","com_err",rc) ;
  6554.             load_error = 1;
  6555.         }
  6556. #ifdef COMMENT
  6557.         /* Cygnus Solutions does not have this function in their DLL */
  6558.         if (((FARPROC) p_com_err_va =
  6559.               GetProcAddress( hKRB5_32, "com_err_va" )) == NULL )
  6560.         {
  6561.             rc = GetLastError() ;
  6562.             debug(F111, "Kerberos GetProcAddress failed","com_err_va",rc) ;
  6563.             load_error = 1;
  6564.         }
  6565. #endif /* COMMENT */
  6566.         if (((FARPROC) p_error_message =
  6567.               GetProcAddress( hKRB5_32, "error_message" )) == NULL )
  6568.         {
  6569.             rc = GetLastError() ;
  6570.             debug(F111, "Kerberos GetProcAddress failed","error_message",rc) ;
  6571.             load_error = 1;
  6572.         }
  6573.         if (((FARPROC) p_krb5_init_ets =
  6574.               GetProcAddress( hKRB5_32, "krb5_init_ets" )) == NULL )
  6575.         {
  6576.             rc = GetLastError() ;
  6577.             debug(F111, "Kerberos GetProcAddress failed","krb5_init_ets",rc) ;
  6578.             /* krb5_init_ets is a private function as of 1.2.5 */
  6579.         }
  6580.         if (((FARPROC) p_cygnus_decode_krb5_ticket=
  6581.               GetProcAddress( hKRB5_32, "decode_krb5_ticket" )) == NULL )
  6582.         {
  6583.             rc = GetLastError() ;
  6584.             debug(F111, "Kerberos GetProcAddress failed",
  6585.                    "decode_krb5_ticket",rc) ;
  6586.             load_error = 1;
  6587.         }
  6588.     }
  6589.     else {
  6590.         debug(F100,"Kerberos V support provided by MIT","",0);
  6591.         hCOMERR32 = LoadLibrary("COMERR32") ;
  6592.         if ( !hCOMERR32 )
  6593.         {
  6594.             rc = GetLastError() ;
  6595.             debug(F111, "Kerberos LoadLibrary failed","COMERR32",rc) ;
  6596.             load_error = 1;
  6597.         }
  6598.         if (((FARPROC) p_com_err =
  6599.               GetProcAddress( hCOMERR32, "com_err" )) == NULL )
  6600.         {
  6601.             rc = GetLastError() ;
  6602.             debug(F111, "Kerberos GetProcAddress failed","com_err",rc) ;
  6603.             load_error = 1;
  6604.         }
  6605.         if (((FARPROC) p_com_err_va =
  6606.               GetProcAddress( hCOMERR32, "com_err_va" )) == NULL )
  6607.         {
  6608.             rc = GetLastError() ;
  6609.             debug(F111, "Kerberos GetProcAddress failed","com_err_va",rc) ;
  6610.             load_error = 1;
  6611.         }
  6612.         if (((FARPROC) p_error_message =
  6613.               GetProcAddress( hCOMERR32, "error_message" )) == NULL )
  6614.         {
  6615.             rc = GetLastError() ;
  6616.             debug(F111, "Kerberos GetProcAddress failed","error_message",rc) ;
  6617.             load_error = 1;
  6618.         }
  6619.         if (((FARPROC) p_decode_krb5_ticket =
  6620.               GetProcAddress( hKRB5_32, "decode_krb5_ticket" )) == NULL )
  6621.         {
  6622.             rc = GetLastError() ;
  6623.             debug(F111, "Kerberos GetProcAddress failed",
  6624.                    "decode_krb5_ticket",rc) ;
  6625.             if (((FARPROC) p_cygnus_decode_krb5_ticket =
  6626.                   GetProcAddress( hKRB5_32, "krb5_decode_ticket" )) == NULL )
  6627.             {
  6628.                 rc = GetLastError() ;
  6629.                 debug(F111, "Kerberos GetProcAddress failed",
  6630.                        "krb5_decode_ticket",rc) ;
  6631.                 load_error = 1;
  6632.             }
  6633.         }
  6634.         if (((FARPROC) p_krb5_mk_rep =
  6635.               GetProcAddress( hKRB5_32, "krb5_mk_rep" )) == NULL )
  6636.         {
  6637.             rc = GetLastError() ;
  6638.             debug(F111, "Kerberos GetProcAddress failed",
  6639.                    "krb5_mk_rep",rc) ;
  6640.             load_error = 1;
  6641.         }
  6642.         if (((FARPROC) p_krb5_free_authenticator=
  6643.               GetProcAddress( hKRB5_32, "krb5_free_authenticator" )) == NULL )
  6644.         {
  6645.             rc = GetLastError() ;
  6646.             debug(F111, "Kerberos GetProcAddress failed",
  6647.                    "krb5_free_authenticator",rc) ;
  6648.             load_error = 1;
  6649.         }
  6650.         if (((FARPROC) p_krb5_verify_checksum=
  6651.               GetProcAddress( hKRB5_32, "krb5_verify_checksum" )) == NULL )
  6652.         {
  6653.             rc = GetLastError() ;
  6654.             debug(F111, "Kerberos GetProcAddress failed",
  6655.                    "krb5_verify_checksum",rc) ;
  6656.             load_error = 1;
  6657.         }
  6658.         if (((FARPROC) p_krb5_rd_req=
  6659.               GetProcAddress( hKRB5_32, "krb5_rd_req" )) == NULL )
  6660.         {
  6661.             rc = GetLastError() ;
  6662.             debug(F111, "Kerberos GetProcAddress failed",
  6663.                    "krb5_rd_req",rc) ;
  6664.             load_error = 1;
  6665.         }
  6666.     }
  6667.  
  6668.     if (((FARPROC) p_krb5_free_creds =
  6669.           GetProcAddress( hKRB5_32, "krb5_free_creds" )) == NULL )
  6670.     {
  6671.         rc = GetLastError() ;
  6672.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_creds",rc) ;
  6673.         load_error = 1;
  6674.     }
  6675.     if (((FARPROC) p_krb5_free_data =
  6676.           GetProcAddress( hKRB5_32, "krb5_free_data" )) == NULL )
  6677.     {
  6678.         rc = GetLastError() ;
  6679.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_data",rc) ;
  6680.         load_error = 1;
  6681.     }
  6682.     if (((FARPROC) p_krb5_free_data_contents =
  6683.           GetProcAddress( hKRB5_32, "krb5_free_data_contents" )) == NULL )
  6684.     {
  6685.         rc = GetLastError() ;
  6686.         debug(F111, "Kerberos GetProcAddress failed",
  6687.                "krb5_free_data_contents",rc) ;
  6688.         load_error = 1;
  6689.     }
  6690.     if (((FARPROC) p_krb5_copy_keyblock =
  6691.           GetProcAddress( hKRB5_32, "krb5_copy_keyblock" )) == NULL )
  6692.     {
  6693.         rc = GetLastError() ;
  6694.         debug(F111, "Kerberos GetProcAddress failed","krb5_copy_keyblock",rc) ;
  6695.         load_error = 1;
  6696.     }
  6697.     if (((FARPROC) p_krb5_free_keyblock =
  6698.           GetProcAddress( hKRB5_32, "krb5_free_keyblock" )) == NULL )
  6699.     {
  6700.         rc = GetLastError() ;
  6701.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_keyblock",rc) ;
  6702.         load_error = 1;
  6703.     }
  6704.     if (((FARPROC) p_krb5_auth_con_getlocalsubkey =
  6705.           GetProcAddress( hKRB5_32, "krb5_auth_con_getlocalsubkey" )) == NULL )
  6706.     {
  6707.         rc = GetLastError() ;
  6708.         debug(F111, "Kerberos GetProcAddress failed",
  6709.                "krb5_auth_con_getlocalsubkey",rc) ;
  6710.         load_error = 1;
  6711.     }
  6712.     if (((FARPROC) p_krb5_mk_req_extended =
  6713.           GetProcAddress( hKRB5_32, "krb5_mk_req_extended" )) == NULL )
  6714.     {
  6715.         rc = GetLastError() ;
  6716.         debug(F111,"Kerberos GetProcAddress failed","krb5_mk_req_extended",rc);
  6717.         load_error = 1;
  6718.     }
  6719.     if (((FARPROC) p_krb5_mk_req =
  6720.           GetProcAddress( hKRB5_32, "krb5_mk_req" )) == NULL )
  6721.     {
  6722.         rc = GetLastError() ;
  6723.         debug(F111,"Kerberos GetProcAddress failed","krb5_mk_req",rc);
  6724.         load_error = 1;
  6725.     }
  6726.     if (((FARPROC) p_krb5_auth_con_setflags =
  6727.       GetProcAddress( hKRB5_32, "krb5_auth_con_setflags" )) == NULL )
  6728.     {
  6729.         rc = GetLastError() ;
  6730.         debug(F111, "Kerberos GetProcAddress failed",
  6731.                "krb5_auth_con_setflags",rc) ;
  6732.         load_error = 1;
  6733.     }
  6734.     if (((FARPROC) p_krb5_auth_con_init =
  6735.           GetProcAddress( hKRB5_32, "krb5_auth_con_init" )) == NULL )
  6736.     {
  6737.         rc = GetLastError() ;
  6738.         debug(F111, "Kerberos GetProcAddress failed","krb5_auth_con_init",rc) ;
  6739.         load_error = 1;
  6740.     }
  6741.     if (((FARPROC) p_krb5_auth_con_free =
  6742.           GetProcAddress( hKRB5_32, "krb5_auth_con_free" )) == NULL )
  6743.     {
  6744.         rc = GetLastError() ;
  6745.         debug(F111, "Kerberos GetProcAddress failed","krb5_auth_con_free",rc) ;
  6746.         load_error = 1;
  6747.     }
  6748.     if (((FARPROC) p_krb5_get_credentials =
  6749.           GetProcAddress( hKRB5_32, "krb5_get_credentials" )) == NULL )
  6750.     {
  6751.         rc = GetLastError() ;
  6752.         debug(F111,"Kerberos GetProcAddress failed","krb5_get_credentials",rc);
  6753.         load_error = 1;
  6754.     }
  6755.     if (((FARPROC) p_krb5_free_cred_contents =
  6756.           GetProcAddress( hKRB5_32, "krb5_free_cred_contents" )) == NULL )
  6757.     {
  6758.         rc = GetLastError() ;
  6759.         debug(F111,
  6760.               "Kerberos GetProcAddress failed","krb5_free_cred_contents",rc);
  6761.         load_error = 1;
  6762.     }
  6763.     if (((FARPROC) p_krb5_sname_to_principal =
  6764.           GetProcAddress( hKRB5_32, "krb5_sname_to_principal" )) == NULL )
  6765.     {
  6766.         rc = GetLastError() ;
  6767.         debug(F111,
  6768.               "Kerberos GetProcAddress failed","krb5_sname_to_principal",rc);
  6769.         load_error = 1;
  6770.     }
  6771.     if (((FARPROC) p_krb5_cc_default =
  6772.           GetProcAddress( hKRB5_32, "krb5_cc_default" )) == NULL )
  6773.     {
  6774.         rc = GetLastError() ;
  6775.         debug(F111, "Kerberos GetProcAddress failed","krb5_cc_default",rc) ;
  6776.         load_error = 1;
  6777.     }
  6778.     if (((FARPROC) p_krb5_free_ap_rep_enc_part =
  6779.       GetProcAddress( hKRB5_32, "krb5_free_ap_rep_enc_part" )) == NULL )
  6780.     {
  6781.         rc = GetLastError() ;
  6782.         debug(F111, "Kerberos GetProcAddress failed",
  6783.                "krb5_free_ap_rep_enc_part",rc) ;
  6784.         load_error = 1;
  6785.     }
  6786.     if (((FARPROC) p_krb5_rd_rep =
  6787.           GetProcAddress( hKRB5_32, "krb5_rd_rep" )) == NULL )
  6788.     {
  6789.         rc = GetLastError() ;
  6790.         debug(F111, "Kerberos GetProcAddress failed","krb5_rd_rep",rc) ;
  6791.         load_error = 1;
  6792.     }
  6793.     if (((FARPROC) p_krb5_init_context =
  6794.           GetProcAddress( hKRB5_32, "krb5_init_context" )) == NULL )
  6795.     {
  6796.         rc = GetLastError() ;
  6797.         debug(F111, "Kerberos GetProcAddress failed","krb5_init_context",rc) ;
  6798.         load_error = 1;
  6799.     }
  6800.     if (((FARPROC) p_krb5_free_context =
  6801.           GetProcAddress( hKRB5_32, "krb5_free_context" )) == NULL )
  6802.     {
  6803.         rc = GetLastError() ;
  6804.         debug(F111, "Kerberos GetProcAddress failed","krb5_free_context",rc) ;
  6805.         load_error = 1;
  6806.     }
  6807.  
  6808.     if (((FARPROC) p_krb5_free_principal =
  6809.           GetProcAddress( hKRB5_32, "krb5_free_principal" )) == NULL )
  6810.     {
  6811.         rc = GetLastError() ;
  6812.         debug(F111, "Kerberos GetProcAddress failed",
  6813.                "krb5_free_principal",rc) ;
  6814.         load_error = 1;
  6815.     }
  6816.     if (((FARPROC) p_krb5_free_unparsed_name =
  6817.           GetProcAddress( hKRB5_32, "krb5_free_unparsed_name" )) == NULL )
  6818.     {
  6819.         rc = GetLastError() ;
  6820.         debug(F111, "Kerberos GetProcAddress failed",
  6821.                "krb5_free_unparsed_name",rc) ;
  6822. #ifdef COMMENT
  6823.         load_error = 1;
  6824. #endif /* COMMENT */
  6825.     }
  6826.     if (((FARPROC) p_krb5_fwd_tgt_creds =
  6827.           GetProcAddress( hKRB5_32, "krb5_fwd_tgt_creds" )) == NULL )
  6828.     {
  6829.         rc = GetLastError() ;
  6830.         debug(F111, "Kerberos GetProcAddress failed",
  6831.                "krb5_fwd_tgt_creds",rc) ;
  6832.         load_error = 1;
  6833.     }
  6834.     if (((FARPROC) p_krb5_auth_con_genaddrs =
  6835.           GetProcAddress( hKRB5_32, "krb5_auth_con_genaddrs" )) == NULL )
  6836.     {
  6837.         rc = GetLastError() ;
  6838.         debug(F111, "Kerberos GetProcAddress failed",
  6839.                "krb5_auth_con_genaddrs",rc) ;
  6840.         load_error = 1;
  6841.     }
  6842.  
  6843.         /* The DES functions are not required.  But if we do not have */
  6844.         /* them and do not have the CRYPT DLL we will not be able to  */
  6845.         /* perform mutual authentication.                             */
  6846.         if (((FARPROC) p_des_ecb_encrypt =
  6847.               GetProcAddress( hKRB5_32, "des_ecb_encrypt" )) == NULL )
  6848.         {
  6849.             rc = GetLastError() ;
  6850.             debug(F111, "Kerberos GetProcAddress failed","des_ecb_encrypt",rc);
  6851.         }
  6852.         if (((FARPROC) p_des_pcbc_encrypt =
  6853.               GetProcAddress( hKRB5_32, "des_pcbc_encrypt" )) == NULL )
  6854.         {
  6855.             rc = GetLastError() ;
  6856.             debug(F111, "Kerberos GetProcAddress failed","des_pcbc_encrypt",rc);
  6857.         }
  6858.         if (((FARPROC) p_des_new_random_key =
  6859.           GetProcAddress( hKRB5_32, "des_new_random_key" )) == NULL )
  6860.         {
  6861.             rc = GetLastError() ;
  6862.             debug(F111, "Kerberos GetProcAddress failed","des_new_random_key",rc) ;
  6863.         }
  6864.         if (((FARPROC) p_des_key_sched =
  6865.               GetProcAddress( hKRB5_32, "des_key_sched" )) == NULL )
  6866.         {
  6867.             rc = GetLastError() ;
  6868.             debug(F111, "Kerberos GetProcAddress failed","des_key_sched",rc) ;
  6869.         }
  6870.         if (((FARPROC) p_des_set_random_generator_seed =
  6871.               GetProcAddress(hKRB5_32, "des_set_random_generator_seed" )) == NULL )
  6872.         {
  6873.             rc = GetLastError() ;
  6874.             debug(F111, "Kerberos GetProcAddress failed",
  6875.                    "des_set_random_generator_seed",rc) ;
  6876.         }
  6877.  
  6878.         if (((FARPROC) p_krb5_get_host_realm=
  6879.               GetProcAddress(hKRB5_32,"krb5_get_host_realm")) == NULL)
  6880.         {
  6881.             rc = GetLastError() ;
  6882.             debug(F111, "Kerberos GetProcAddress failed",
  6883.                    "krb5_get_host_realm",rc) ;
  6884.             load_error = 1;
  6885.         }
  6886.         if (((FARPROC) p_krb5_free_host_realm=
  6887.               GetProcAddress(hKRB5_32,"krb5_free_host_realm")) == NULL)
  6888.         {
  6889.             rc = GetLastError() ;
  6890.             debug(F111, "Kerberos GetProcAddress failed",
  6891.                    "krb5_free_host_realm",rc) ;
  6892.             load_error = 1;
  6893.         }
  6894.         if (((FARPROC) p_krb5_get_in_tkt_with_keytab=
  6895.               GetProcAddress(hKRB5_32,"krb5_get_in_tkt_with_keytab")) == NULL)
  6896.         {
  6897.             rc = GetLastError() ;
  6898.             debug(F111, "Kerberos GetProcAddress failed",
  6899.                    "krb5_get_in_tkt_with_keytab",rc) ;
  6900.             load_error = 1;
  6901.         }
  6902.         if (((FARPROC) p_krb5_get_in_tkt_with_password=
  6903.              GetProcAddress(hKRB5_32,"krb5_get_in_tkt_with_password")) == NULL)
  6904.         {
  6905.             rc = GetLastError() ;
  6906.             debug(F111, "Kerberos GetProcAddress failed",
  6907.                    "krb5_get_in_tkt_with_password",rc) ;
  6908.             load_error = 1;
  6909.         }
  6910.         if (((FARPROC) p_krb5_read_password=
  6911.               GetProcAddress( hKRB5_32, "krb5_read_password" )) == NULL )
  6912.         {
  6913.             rc = GetLastError() ;
  6914.             debug(F111, "Kerberos GetProcAddress failed",
  6915.                    "krb5_read_password",rc) ;
  6916.             load_error = 1;
  6917.         }
  6918.         if (((FARPROC) p_krb5_build_principal_ext=
  6919.               GetProcAddress( hKRB5_32, "krb5_build_principal_ext" )) == NULL )
  6920.         {
  6921.             rc = GetLastError() ;
  6922.             debug(F111, "Kerberos GetProcAddress failed",
  6923.                    "krb5_build_principal_ext",rc) ;
  6924.             load_error = 1;
  6925.         }
  6926.         if (((FARPROC) p_krb5_unparse_name=
  6927.               GetProcAddress( hKRB5_32, "krb5_unparse_name" )) == NULL )
  6928.         {
  6929.             rc = GetLastError() ;
  6930.             debug(F111, "Kerberos GetProcAddress failed",
  6931.                    "krb5_unparse_name",rc) ;
  6932.             load_error = 1;
  6933.         }
  6934.         if (((FARPROC) p_krb5_parse_name=
  6935.               GetProcAddress( hKRB5_32, "krb5_parse_name" )) == NULL )
  6936.         {
  6937.             rc = GetLastError() ;
  6938.             debug(F111, "Kerberos GetProcAddress failed",
  6939.                    "krb5_parse_name",rc) ;
  6940.             load_error = 1;
  6941.         }
  6942.         if (((FARPROC) p_krb5_cc_resolve=
  6943.               GetProcAddress( hKRB5_32, "krb5_cc_resolve" )) == NULL )
  6944.         {
  6945.             rc = GetLastError() ;
  6946.             debug(F111, "Kerberos GetProcAddress failed",
  6947.                    "krb5_cc_resolve",rc) ;
  6948.             load_error = 1;
  6949.         }
  6950.         if (((FARPROC) p_krb5_cc_default_name=
  6951.               GetProcAddress( hKRB5_32, "krb5_cc_default_name" )) == NULL )
  6952.         {
  6953.             rc = GetLastError() ;
  6954.             debug(F111, "Kerberos GetProcAddress failed",
  6955.                    "krb5_cc_default_name",rc) ;
  6956.         }
  6957.         if (((FARPROC) p_krb5_string_to_timestamp=
  6958.               GetProcAddress( hKRB5_32, "krb5_string_to_timestamp" )) == NULL )
  6959.         {
  6960.             rc = GetLastError() ;
  6961.             debug(F111, "Kerberos GetProcAddress failed",
  6962.                    "krb5_string_to_timestamp",rc) ;
  6963.             load_error = 1;
  6964.         }
  6965.         if (((FARPROC) p_krb5_kt_resolve=
  6966.               GetProcAddress( hKRB5_32, "krb5_kt_resolve" )) == NULL )
  6967.         {
  6968.             rc = GetLastError() ;
  6969.             debug(F111, "Kerberos GetProcAddress failed",
  6970.                    "krb5_kt_resolve",rc) ;
  6971.             load_error = 1;
  6972.         }
  6973.         if (((FARPROC) p_krb5_string_to_deltat=
  6974.               GetProcAddress( hKRB5_32, "krb5_string_to_deltat" )) == NULL )
  6975.         {
  6976.             rc = GetLastError() ;
  6977.             debug(F111, "Kerberos GetProcAddress failed",
  6978.                    "krb5_string_to_deltat",rc) ;
  6979.             load_error = 1;
  6980.         }
  6981.         if (((FARPROC) p_krb5_timeofday=
  6982.               GetProcAddress( hKRB5_32, "krb5_timeofday" )) == NULL )
  6983.         {
  6984.             rc = GetLastError() ;
  6985.             debug(F111, "Kerberos GetProcAddress failed",
  6986.                    "krb5_timeofday",rc) ;
  6987.             load_error = 1;
  6988.         }
  6989.         if (((FARPROC) p_krb5_get_credentials_renew=
  6990.              GetProcAddress(hKRB5_32, "krb5_get_credentials_renew" )) == NULL)
  6991.         {
  6992.             rc = GetLastError() ;
  6993.             debug(F111, "Kerberos GetProcAddress failed",
  6994.                    "krb5_get_credentials_renew",rc) ;
  6995.             load_error = 1;
  6996.         }
  6997.         if (((FARPROC) p_krb5_get_credentials_validate=
  6998.              GetProcAddress(hKRB5_32,"krb5_get_credentials_validate")) == NULL)
  6999.         {
  7000.             rc = GetLastError() ;
  7001.             debug(F111, "Kerberos GetProcAddress failed",
  7002.                    "krb5_get_credentials_validate",rc) ;
  7003.             load_error = 1;
  7004.         }
  7005.         if (((FARPROC) p_krb5_copy_principal=
  7006.               GetProcAddress( hKRB5_32, "krb5_copy_principal" )) == NULL )
  7007.         {
  7008.             rc = GetLastError() ;
  7009.             debug(F111, "Kerberos GetProcAddress failed",
  7010.                    "krb5_copy_principal",rc) ;
  7011.             load_error = 1;
  7012.         }
  7013.         if (((FARPROC) p_krb5_timestamp_to_sfstring=
  7014.               GetProcAddress(hKRB5_32,"krb5_timestamp_to_sfstring" )) == NULL)
  7015.         {
  7016.             rc = GetLastError() ;
  7017.             debug(F111, "Kerberos GetProcAddress failed",
  7018.                    "krb5_timestamp_to_sfstring",rc) ;
  7019.             load_error = 1;
  7020.         }
  7021.         if (((FARPROC) p_krb5_kt_default=
  7022.               GetProcAddress( hKRB5_32, "krb5_kt_default" )) == NULL )
  7023.         {
  7024.             rc = GetLastError() ;
  7025.             debug(F111, "Kerberos GetProcAddress failed",
  7026.                    "krb5_kt_default",rc) ;
  7027.             load_error = 1;
  7028.         }
  7029.         if (((FARPROC) p_krb5_free_ticket=
  7030.               GetProcAddress( hKRB5_32, "krb5_free_ticket" )) == NULL )
  7031.         {
  7032.             rc = GetLastError() ;
  7033.             debug(F111, "Kerberos GetProcAddress failed",
  7034.                    "krb5_free_ticket",rc) ;
  7035.             load_error = 1;
  7036.         }
  7037.  
  7038. #ifdef CHECKADDRS
  7039.         if (((FARPROC) p_krb5_os_localaddr=
  7040.               GetProcAddress( hKRB5_32, "krb5_os_localaddr" )) == NULL )
  7041.         {
  7042.             rc = GetLastError() ;
  7043.             debug(F111, "Kerberos GetProcAddress failed",
  7044.                    "krb5_os_localaddr",rc) ;
  7045.             load_error = 1;
  7046.         }
  7047.         if (((FARPROC) p_krb5_address_search=
  7048.               GetProcAddress( hKRB5_32, "krb5_address_search" )) == NULL )
  7049.         {
  7050.             rc = GetLastError() ;
  7051.             debug(F111, "Kerberos GetProcAddress failed",
  7052.                    "krb5_address_search",rc) ;
  7053.  
  7054.             /* This is not a fatal error since we expect that most builds */
  7055.             /* of krb5 dll will have an error in the export list that     */
  7056.             /* prevents this function from being found.  Therefore a      */
  7057.             /* built in version is used if it is missing                  */
  7058.         }
  7059.         if (((FARPROC) p_krb5_free_addresses=
  7060.               GetProcAddress( hKRB5_32, "krb5_free_addresses" )) == NULL )
  7061.         {
  7062.             rc = GetLastError() ;
  7063.             debug(F111, "Kerberos GetProcAddress failed",
  7064.                    "krb5_free_addresses",rc) ;
  7065.             load_error = 1;
  7066.         }
  7067.  
  7068. #endif /* CHECKADDRS */
  7069.         if (((FARPROC) p_krb5_auth_con_getremotesubkey=
  7070.               GetProcAddress( hKRB5_32, "krb5_auth_con_getremotesubkey" )) == NULL )
  7071.         {
  7072.             rc = GetLastError() ;
  7073.             debug(F111, "Kerberos GetProcAddress failed",
  7074.                    "krb5_auth_con_getremotesubkey",rc) ;
  7075.             load_error = 1;
  7076.         }
  7077.         if (((FARPROC) p_krb5_auth_con_getkey=
  7078.               GetProcAddress( hKRB5_32, "krb5_auth_con_getkey" )) == NULL )
  7079.         {
  7080.             rc = GetLastError() ;
  7081.             debug(F111, "Kerberos GetProcAddress failed",
  7082.                    "krb5_auth_con_getkey",rc) ;
  7083.             load_error = 1;
  7084.         }
  7085.         if (((FARPROC) p_krb5_auth_con_getauthenticator=
  7086.               GetProcAddress( hKRB5_32, "krb5_auth_con_getauthenticator" )) == NULL )
  7087.         {
  7088.             rc = GetLastError() ;
  7089.             debug(F111, "Kerberos GetProcAddress failed",
  7090.                    "krb5_auth_con_getauthenticator",rc) ;
  7091.             load_error = 1;
  7092.         }
  7093.         if (((FARPROC) p_krb5_auth_con_setrcache=
  7094.               GetProcAddress( hKRB5_32, "krb5_auth_con_setrcache" )) == NULL )
  7095.         {
  7096.             rc = GetLastError() ;
  7097.             debug(F111, "Kerberos GetProcAddress failed",
  7098.                    "krb5_auth_con_setrcache",rc) ;
  7099.         }
  7100.         if (((FARPROC) p_krb5_get_server_rcache=
  7101.               GetProcAddress( hKRB5_32, "krb5_get_server_rcache" )) == NULL )
  7102.         {
  7103.             rc = GetLastError() ;
  7104.             debug(F111, "Kerberos GetProcAddress failed",
  7105.                    "krb5_get_server_rcache",rc) ;
  7106.         }
  7107.         if (((FARPROC) p_krb5_auth_con_getrcache=
  7108.               GetProcAddress( hKRB5_32, "krb5_auth_con_getrcache" )) == NULL )
  7109.         {
  7110.             rc = GetLastError() ;
  7111.             debug(F111, "Kerberos GetProcAddress failed",
  7112.                    "krb5_auth_con_getrcache",rc) ;
  7113.         }
  7114.         if (((FARPROC) p_krb5_free_tgt_creds=
  7115.               GetProcAddress( hKRB5_32, "krb5_free_tgt_creds" )) == NULL )
  7116.         {
  7117.             rc = GetLastError() ;
  7118.             debug(F111, "Kerberos GetProcAddress failed",
  7119.                    "krb5_free_tgt_creds",rc) ;
  7120.         }
  7121.         if (((FARPROC) p_krb5_rd_cred=
  7122.               GetProcAddress( hKRB5_32, "krb5_rd_cred" )) == NULL )
  7123.         {
  7124.             rc = GetLastError() ;
  7125.             debug(F111, "Kerberos GetProcAddress failed",
  7126.                    "krb5_rd_cred",rc) ;
  7127.         }
  7128.  
  7129.         if (((FARPROC) p_krb5_c_enctype_compare=
  7130.               GetProcAddress( hKRB5_32, "krb5_c_enctype_compare" )) == NULL )
  7131.         {
  7132.             rc = GetLastError() ;
  7133.             debug(F111, "Kerberos GetProcAddress failed",
  7134.                    "krb5_c_enctype_compare",rc) ;
  7135.         }
  7136.         if (((FARPROC) p_krb5_free_error=
  7137.               GetProcAddress( hKRB5_32, "krb5_free_error" )) == NULL )
  7138.         {
  7139.             rc = GetLastError() ;
  7140.             debug(F111, "Kerberos GetProcAddress failed",
  7141.                    "krb5_free_error",rc) ;
  7142.         }
  7143.         if (((FARPROC) p_krb5_sendauth=
  7144.               GetProcAddress( hKRB5_32, "krb5_sendauth" )) == NULL )
  7145.         {
  7146.             rc = GetLastError() ;
  7147.             debug(F111, "Kerberos GetProcAddress failed",
  7148.                    "krb5_sendauth",rc) ;
  7149.         }
  7150.         if (((FARPROC) p_krb5_process_key=
  7151.               GetProcAddress( hKRB5_32, "krb5_process_key" )) == NULL )
  7152.         {
  7153.             rc = GetLastError() ;
  7154.             debug(F111, "Kerberos GetProcAddress failed",
  7155.                    "krb5_process_key",rc) ;
  7156.         }
  7157.         if (((FARPROC) p_krb5_use_enctype=
  7158.               GetProcAddress( hKRB5_32, "krb5_use_enctype" )) == NULL )
  7159.         {
  7160.             rc = GetLastError() ;
  7161.             debug(F111, "Kerberos GetProcAddress failed",
  7162.                    "krb5_use_enctype",rc) ;
  7163.         }
  7164.         if (((FARPROC) p_krb5_encrypt=
  7165.               GetProcAddress( hKRB5_32, "krb5_encrypt" )) == NULL )
  7166.         {
  7167.             rc = GetLastError() ;
  7168.             debug(F111, "Kerberos GetProcAddress failed",
  7169.                    "krb5_encrypt",rc) ;
  7170.         }
  7171.         if (((FARPROC) p_krb5_decrypt=
  7172.               GetProcAddress( hKRB5_32, "krb5_decrypt" )) == NULL )
  7173.         {
  7174.             rc = GetLastError() ;
  7175.             debug(F111, "Kerberos GetProcAddress failed",
  7176.                    "krb5_decrypt",rc) ;
  7177.         }
  7178.         if (((FARPROC) p_krb5_encrypt_size=
  7179.               GetProcAddress( hKRB5_32, "krb5_encrypt_size" )) == NULL )
  7180.         {
  7181.             rc = GetLastError() ;
  7182.             debug(F111, "Kerberos GetProcAddress failed",
  7183.                    "krb5_encrypt_size",rc) ;
  7184.         }
  7185.         if (((FARPROC) p_krb5_kuserok=
  7186.               GetProcAddress( hKRB5_32, "krb5_kuserok" )) == NULL )
  7187.         {
  7188.             rc = GetLastError() ;
  7189.             debug(F111, "Kerberos GetProcAddress failed",
  7190.                    "krb5_kuserok",rc) ;
  7191.         }
  7192.         if (((FARPROC) p_krb5_appdefault_boolean =
  7193.               GetProcAddress( hKRB5_32, "krb5_appdefault_boolean" )) == NULL )
  7194.         {
  7195.             rc = GetLastError() ;
  7196.             debug(F111, "Kerberos GetProcAddress failed",
  7197.                    "krb5_appdefault_boolean",rc) ;
  7198.             /* NRL only */
  7199.         }
  7200.         if (((FARPROC) p_krb5_appdefault_string =
  7201.               GetProcAddress( hKRB5_32, "krb5_appdefault_string" )) == NULL )
  7202.         {
  7203.             rc = GetLastError() ;
  7204.             debug(F111, "Kerberos GetProcAddress failed",
  7205.                    "krb5_appdefault_string",rc) ;
  7206.             /* NRL only */
  7207.         }
  7208.         if (((FARPROC) p_krb5_get_renewed_creds =
  7209.               GetProcAddress( hKRB5_32, "krb5_get_renewed_creds" )) == NULL )
  7210.         {
  7211.             rc = GetLastError() ;
  7212.             debug(F111, "Kerberos GetProcAddress failed",
  7213.                    "krb5_get_renewed_creds",rc) ;
  7214.             /* Not in NRL or NT-ALPHA-2 */
  7215.         }
  7216.         if (((FARPROC) p_krb5_get_validated_creds =
  7217.               GetProcAddress( hKRB5_32, "krb5_get_validated_creds" )) == NULL )
  7218.         {
  7219.             rc = GetLastError() ;
  7220.             debug(F111, "Kerberos GetProcAddress failed",
  7221.                    "krb5_get_validated_creds",rc) ;
  7222.             /* Not in NRL or NT-ALPHA-2 */
  7223.         }
  7224.         if (((FARPROC) p_krb5_get_init_creds_password =
  7225.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_password" )) == NULL )
  7226.         {
  7227.             rc = GetLastError() ;
  7228.             debug(F111, "Kerberos GetProcAddress failed",
  7229.                    "krb5_get_init_creds_password",rc) ;
  7230.             /* Not in NT-ALPHA-2 */
  7231.         }
  7232.         if (((FARPROC) p_krb5_get_init_creds_opt_set_address_list =
  7233.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_address_list" )) == NULL )
  7234.         {
  7235.             rc = GetLastError() ;
  7236.             debug(F111, "Kerberos GetProcAddress failed",
  7237.                    "krb5_get_init_creds_opt_set_address_list",rc) ;
  7238.             /* Not in NT-ALPHA-2 */
  7239.         }
  7240.         if (((FARPROC) p_krb5_get_init_creds_opt_set_tkt_life =
  7241.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_tkt_life" )) == NULL )
  7242.         {
  7243.             rc = GetLastError() ;
  7244.             debug(F111, "Kerberos GetProcAddress failed",
  7245.                    "krb5_get_init_creds_opt_set_tkt_life",rc) ;
  7246.             /* Not in NT-ALPHA-2 */
  7247.         }
  7248.         if (((FARPROC) p_krb5_get_init_creds_opt_set_forwardable =
  7249.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_forwardable" )) == NULL )
  7250.         {
  7251.             rc = GetLastError() ;
  7252.             debug(F111, "Kerberos GetProcAddress failed",
  7253.                    "krb5_get_init_creds_opt_set_forwardable",rc) ;
  7254.             /* Not in NT-ALPHA-2 */
  7255.         }
  7256.         if (((FARPROC) p_krb5_get_init_creds_opt_set_proxiable =
  7257.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_proxiable" )) == NULL )
  7258.         {
  7259.             rc = GetLastError() ;
  7260.             debug(F111, "Kerberos GetProcAddress failed",
  7261.                    "krb5_get_init_creds_opt_set_proxiable",rc) ;
  7262.             /* Not in NT-ALPHA-2 */
  7263.         }
  7264.         if (((FARPROC) p_krb5_get_init_creds_opt_set_renew_life =
  7265.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_renew_life" )) == NULL )
  7266.         {
  7267.             rc = GetLastError() ;
  7268.             debug(F111, "Kerberos GetProcAddress failed",
  7269.                    "krb5_get_init_creds_opt_set_renew_life",rc) ;
  7270.             /* Not in NT-ALPHA-2 */
  7271.         }
  7272.         if (((FARPROC) p_krb5_get_init_creds_opt_init =
  7273.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_init" )) == NULL )
  7274.         {
  7275.             rc = GetLastError() ;
  7276.             debug(F111, "Kerberos GetProcAddress failed",
  7277.                    "krb5_get_init_creds_opt_init",rc) ;
  7278.             /* Not in NT-ALPHA-2 */
  7279.         }
  7280.         if (((FARPROC) p_krb5_get_init_creds_opt_set_etype_list =
  7281.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_etype_list" )) == NULL )
  7282.         {
  7283.             rc = GetLastError() ;
  7284.             debug(F111, "Kerberos GetProcAddress failed",
  7285.                    "krb5_get_init_creds_opt_set_etype_list",rc) ;
  7286.             /* Not in NT-ALPHA-2 */
  7287.         }
  7288.         if (((FARPROC) p_krb5_get_init_creds_opt_set_preauth_list =
  7289.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_preauth_list" )) == NULL )
  7290.         {
  7291.             rc = GetLastError() ;
  7292.             debug(F111, "Kerberos GetProcAddress failed",
  7293.                    "krb5_get_init_creds_opt_set_preauth_list",rc) ;
  7294.             /* Not in NT-ALPHA-2 */
  7295.         }
  7296.         if (((FARPROC) p_krb5_get_init_creds_opt_set_salt =
  7297.               GetProcAddress( hKRB5_32, "krb5_get_init_creds_opt_set_salt" )) == NULL )
  7298.         {
  7299.             rc = GetLastError() ;
  7300.             debug(F111, "Kerberos GetProcAddress failed",
  7301.                    "krb5_get_init_creds_opt_set_salt",rc) ;
  7302.             /* Not in NT-ALPHA-2 */
  7303.         }
  7304.  
  7305.         if (((FARPROC) p_krb5_rd_safe =
  7306.               GetProcAddress( hKRB5_32, "krb5_rd_safe" )) == NULL )
  7307.         {
  7308.             rc = GetLastError() ;
  7309.             debug(F111, "Kerberos GetProcAddress failed",
  7310.                    "krb5_rd_safe",rc) ;
  7311.             load_error = 1;
  7312.         }
  7313.         if (((FARPROC) p_krb5_mk_safe =
  7314.               GetProcAddress( hKRB5_32, "krb5_mk_safe" )) == NULL )
  7315.         {
  7316.             rc = GetLastError() ;
  7317.             debug(F111, "Kerberos GetProcAddress failed",
  7318.                    "krb5_mk_safe",rc) ;
  7319.             load_error = 1;
  7320.         }
  7321.         if (((FARPROC) p_krb5_rd_priv =
  7322.               GetProcAddress( hKRB5_32, "krb5_rd_priv" )) == NULL )
  7323.         {
  7324.             rc = GetLastError() ;
  7325.             debug(F111, "Kerberos GetProcAddress failed",
  7326.                    "krb5_rd_priv",rc) ;
  7327.             load_error = 1;
  7328.         }
  7329.         if (((FARPROC) p_krb5_mk_priv =
  7330.               GetProcAddress( hKRB5_32, "krb5_mk_priv" )) == NULL )
  7331.         {
  7332.             rc = GetLastError() ;
  7333.             debug(F111, "Kerberos GetProcAddress failed",
  7334.                    "krb5_mk_priv",rc) ;
  7335.             load_error = 1;
  7336.         }
  7337.         if (((FARPROC) p_krb5_auth_con_setuseruserkey =
  7338.               GetProcAddress( hKRB5_32, "krb5_auth_con_setuseruserkey" )) == NULL )
  7339.         {
  7340.             rc = GetLastError() ;
  7341.             debug(F111, "Kerberos GetProcAddress failed",
  7342.                    "krb5_auth_con_setuseruserkey",rc) ;
  7343.             load_error = 1;
  7344.         }
  7345.         if (((FARPROC) p_krb5_get_profile =
  7346.               GetProcAddress( hKRB5_32, "krb5_get_profile" )) == NULL )
  7347.         {
  7348.             rc = GetLastError() ;
  7349.             debug(F111, "Kerberos GetProcAddress failed",
  7350.                    "krb5_get_profile",rc) ;
  7351.         }
  7352.  
  7353.         if (((FARPROC) p_krb5_free_keyblock_contents =
  7354.               GetProcAddress( hKRB5_32, "krb5_free_keyblock_contents" )) == NULL )
  7355.         {
  7356.             rc = GetLastError() ;
  7357.             debug(F111, "Kerberos GetProcAddress failed",
  7358.                    "krb5_free_keyblock_contents",rc) ;
  7359.         }
  7360.         if (((FARPROC) p_krb5_c_encrypt =
  7361.               GetProcAddress( hKRB5_32, "krb5_c_encrypt" )) == NULL )
  7362.         {
  7363.             rc = GetLastError() ;
  7364.             debug(F111, "Kerberos GetProcAddress failed",
  7365.                    "krb5_c_encrypt",rc) ;
  7366.         }
  7367.         if (((FARPROC) p_krb5_c_decrypt =
  7368.               GetProcAddress( hKRB5_32, "krb5_c_decrypt" )) == NULL )
  7369.         {
  7370.             rc = GetLastError() ;
  7371.             debug(F111, "Kerberos GetProcAddress failed",
  7372.                    "krb5_c_decrypt",rc) ;
  7373.         }
  7374.         if (((FARPROC) p_krb5_c_make_random_key =
  7375.               GetProcAddress( hKRB5_32, "krb5_c_make_random_key" )) == NULL )
  7376.         {
  7377.             rc = GetLastError() ;
  7378.             debug(F111, "Kerberos GetProcAddress failed",
  7379.                    "krb5_c_make_random_key",rc) ;
  7380.         }
  7381.         if (((FARPROC) p_krb5_c_random_seed =
  7382.               GetProcAddress( hKRB5_32, "krb5_c_random_seed" )) == NULL )
  7383.         {
  7384.             rc = GetLastError() ;
  7385.             debug(F111, "Kerberos GetProcAddress failed",
  7386.                    "krb5_c_random_seed",rc) ;
  7387.         }
  7388.         if (((FARPROC) p_krb5_c_block_size =
  7389.               GetProcAddress( hKRB5_32, "krb5_c_block_size" )) == NULL )
  7390.         {
  7391.             rc = GetLastError() ;
  7392.             debug(F111, "Kerberos GetProcAddress failed",
  7393.                    "krb5_c_block_size",rc) ;
  7394.         }
  7395.         if (((FARPROC) p_krb5_c_encrypt_length =
  7396.               GetProcAddress( hKRB5_32, "krb5_c_encrypt_length" )) == NULL )
  7397.         {
  7398.             rc = GetLastError() ;
  7399.             debug(F111, "Kerberos GetProcAddress failed",
  7400.                    "krb5_c_encrypt_length",rc) ;
  7401.         }
  7402.         if (((FARPROC) p_krb5_kt_default_name =
  7403.               GetProcAddress( hKRB5_32, "krb5_kt_default_name" )) == NULL )
  7404.         {
  7405.             rc = GetLastError() ;
  7406.             debug(F111, "Kerberos GetProcAddress failed",
  7407.                    "krb5_kt_default_name",rc);
  7408.         }
  7409.  
  7410.         if (((FARPROC) p_krb5_cc_get_principal =
  7411.               GetProcAddress( hKRB5_32, "krb5_cc_get_principal" )) == NULL )
  7412.         {
  7413.             rc = GetLastError() ;
  7414.             debug(F111, "Kerberos GetProcAddress failed",
  7415.                    "krb5_cc_get_principal",rc);
  7416.         }
  7417.         if (((FARPROC) p_krb5_cc_store_cred =
  7418.               GetProcAddress( hKRB5_32, "krb5_cc_store_cred" )) == NULL )
  7419.         {
  7420.             rc = GetLastError() ;
  7421.             debug(F111, "Kerberos GetProcAddress failed",
  7422.                    "krb5_cc_store_cred",rc);
  7423.         }
  7424.         if (((FARPROC) p_krb5_cc_initialize =
  7425.               GetProcAddress( hKRB5_32, "krb5_cc_initialize" )) == NULL )
  7426.         {
  7427.             rc = GetLastError() ;
  7428.             debug(F111, "Kerberos GetProcAddress failed",
  7429.                    "krb5_cc_initialize",rc);
  7430.         }
  7431.         if (((FARPROC) p_krb5_cc_destroy =
  7432.               GetProcAddress( hKRB5_32, "krb5_cc_destroy" )) == NULL )
  7433.         {
  7434.             rc = GetLastError() ;
  7435.             debug(F111, "Kerberos GetProcAddress failed",
  7436.                    "krb5_cc_destroy",rc);
  7437.         }
  7438.         if (((FARPROC) p_krb5_cc_end_seq_get =
  7439.               GetProcAddress( hKRB5_32, "krb5_cc_end_seq_get" )) == NULL )
  7440.         {
  7441.             rc = GetLastError() ;
  7442.             debug(F111, "Kerberos GetProcAddress failed",
  7443.                    "krb5_cc_end_seq_get",rc);
  7444.         }
  7445.         if (((FARPROC) p_krb5_cc_next_cred =
  7446.               GetProcAddress( hKRB5_32, "krb5_cc_next_cred" )) == NULL )
  7447.         {
  7448.             rc = GetLastError() ;
  7449.             debug(F111, "Kerberos GetProcAddress failed",
  7450.                    "krb5_cc_next_cred",rc);
  7451.         }
  7452.         if (((FARPROC) p_krb5_cc_start_seq_get =
  7453.               GetProcAddress( hKRB5_32, "krb5_cc_start_seq_get" )) == NULL )
  7454.         {
  7455.             rc = GetLastError() ;
  7456.             debug(F111, "Kerberos GetProcAddress failed",
  7457.                    "krb5_cc_start_seq_get",rc);
  7458.         }
  7459.         if (((FARPROC) p_krb5_cc_get_type =
  7460.               GetProcAddress( hKRB5_32, "krb5_cc_get_type" )) == NULL )
  7461.         {
  7462.             rc = GetLastError() ;
  7463.             debug(F111, "Kerberos GetProcAddress failed",
  7464.                    "krb5_cc_get_type",rc);
  7465.         }
  7466.         if (((FARPROC) p_krb5_cc_get_name =
  7467.               GetProcAddress( hKRB5_32, "krb5_cc_get_name" )) == NULL )
  7468.         {
  7469.             rc = GetLastError() ;
  7470.             debug(F111, "Kerberos GetProcAddress failed",
  7471.                    "krb5_cc_get_name",rc);
  7472.         }
  7473.         if (((FARPROC) p_krb5_cc_set_flags =
  7474.               GetProcAddress( hKRB5_32, "krb5_cc_set_flags" )) == NULL )
  7475.         {
  7476.             rc = GetLastError() ;
  7477.             debug(F111, "Kerberos GetProcAddress failed",
  7478.                    "krb5_cc_set_flags",rc);
  7479.         }
  7480.         if (((FARPROC) p_krb5_cc_close =
  7481.               GetProcAddress( hKRB5_32, "krb5_cc_close" )) == NULL )
  7482.         {
  7483.             rc = GetLastError() ;
  7484.             debug(F111, "Kerberos GetProcAddress failed",
  7485.                    "krb5_cc_close",rc);
  7486.         }
  7487.  
  7488.         if (((FARPROC) p_krb5_kt_get_type =
  7489.               GetProcAddress( hKRB5_32, "krb5_kt_get_type" )) == NULL )
  7490.         {
  7491.             rc = GetLastError() ;
  7492.             debug(F111, "Kerberos GetProcAddress failed",
  7493.                    "krb5_kt_get_type",rc);
  7494.         }
  7495.         if (((FARPROC) p_krb5_kt_get_name =
  7496.               GetProcAddress( hKRB5_32, "krb5_kt_get_name" )) == NULL )
  7497.         {
  7498.             rc = GetLastError() ;
  7499.             debug(F111, "Kerberos GetProcAddress failed",
  7500.                    "krb5_kt_get_name",rc);
  7501.         }
  7502.         if (((FARPROC) p_krb5_kt_close =
  7503.               GetProcAddress( hKRB5_32, "krb5_kt_close" )) == NULL )
  7504.         {
  7505.             rc = GetLastError() ;
  7506.             debug(F111, "Kerberos GetProcAddress failed",
  7507.                    "krb5_kt_close",rc);
  7508.         }
  7509.         if (((FARPROC) p_krb5_kt_get_entry =
  7510.               GetProcAddress( hKRB5_32, "krb5_kt_get_entry" )) == NULL )
  7511.         {
  7512.             rc = GetLastError() ;
  7513.             debug(F111, "Kerberos GetProcAddress failed",
  7514.                    "krb5_kt_get_entry",rc);
  7515.         }
  7516.         if (((FARPROC) p_krb5_kt_start_seq_get =
  7517.               GetProcAddress( hKRB5_32, "krb5_kt_start_seq_get" )) == NULL )
  7518.         {
  7519.             rc = GetLastError() ;
  7520.             debug(F111, "Kerberos GetProcAddress failed",
  7521.                    "krb5_kt_start_seq_get",rc);
  7522.         }
  7523.         if (((FARPROC) p_krb5_kt_next_entry =
  7524.               GetProcAddress( hKRB5_32, "krb5_kt_next_entry" )) == NULL )
  7525.         {
  7526.             rc = GetLastError() ;
  7527.             debug(F111, "Kerberos GetProcAddress failed",
  7528.                    "krb5_kt_next_entry",rc);
  7529.         }
  7530.         if (((FARPROC) p_krb5_kt_end_seq_get =
  7531.               GetProcAddress( hKRB5_32, "krb5_kt_end_seq_get" )) == NULL )
  7532.         {
  7533.             rc = GetLastError() ;
  7534.             debug(F111, "Kerberos GetProcAddress failed",
  7535.                    "krb5_kt_end_seq_get",rc);
  7536.         }
  7537.         if (((FARPROC) p_krb5_build_principal =
  7538.               GetProcAddress( hKRB5_32, "krb5_build_principal" )) == NULL )
  7539.         {
  7540.             rc = GetLastError() ;
  7541.             debug(F111, "Kerberos GetProcAddress failed",
  7542.                    "krb5_build_principal",rc);
  7543.         }
  7544.  
  7545.         if ( load_error ) {
  7546.             ck_krb5_loaddll_eh();
  7547.             return 0;
  7548.         }
  7549.     }
  7550.  
  7551.     hPROFILE = LoadLibrary("XPPROF32") ;
  7552.     if ( hPROFILE ) {
  7553.         if (((FARPROC) p_profile_get_relation_names =
  7554.               GetProcAddress( hPROFILE, "profile_get_relation_names" )) == NULL )
  7555.         {
  7556.             rc = GetLastError() ;
  7557.             debug(F111, "Kerberos GetProcAddress failed",
  7558.                    "profile_get_relation_names",rc) ;
  7559.         }
  7560.         if (((FARPROC) p_profile_get_subsection_names =
  7561.               GetProcAddress( hPROFILE, "profile_get_subsection_names" )) == NULL )
  7562.         {
  7563.             rc = GetLastError() ;
  7564.             debug(F111, "Kerberos GetProcAddress failed",
  7565.                    "profile_get_subsection_names",rc) ;
  7566.         }
  7567.     }
  7568. #else /* NT */
  7569.     exe_path = GetLoadPath();
  7570.     len = get_dir_len(exe_path);
  7571.     if ( len + strlen("KRB5_32") + 4 > sizeof(path) )
  7572.         return(0);
  7573.     sprintf(path, "%.*s%s.DLL", len, exe_path,"KRB5_32");         /* safe */
  7574.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB5_32);
  7575.     if (rc) {
  7576.         debug(F111, "Kerberos V LoadLibrary failed",fail,rc) ;
  7577.         rc = DosLoadModule(fail, sizeof(fail), "KRB5_32", &hKRB5_32);
  7578.     }
  7579.     if (rc) {
  7580.         debug(F111, "Kerberos V LoadLibrary failed",fail,rc) ;
  7581.     } else {
  7582.         exe_path = GetLoadPath();
  7583.         len = get_dir_len(exe_path);
  7584.         if ( len + strlen("COMERR32") + 4 > sizeof(path) )
  7585.             return(0);
  7586.         sprintf(path, "%.*s%s.DLL", len, exe_path,"COMERR32");         /* safe */
  7587.         rc = DosLoadModule(fail, sizeof(fail), path, &hCOMERR32);
  7588.         if (rc) {
  7589.             debug(F111, "Kerberos V Common Error LoadLibrary failed",fail,rc) ;
  7590.             rc = DosLoadModule(fail, sizeof(fail), "COMERR32", &hCOMERR32);
  7591.         }
  7592.         if (rc) {
  7593.             debug(F111, "Kerberos V Common Error LoadLibrary failed",fail,rc) ;
  7594.         } else {
  7595.             exe_path = GetLoadPath();
  7596.             len = get_dir_len(exe_path);
  7597.             if ( len + strlen("EMX") + 4 > sizeof(path) )
  7598.                 return(0);
  7599.             sprintf(path, "%.*s%s.DLL", len, exe_path,"EMX");         /* safe */
  7600.             rc = DosLoadModule(fail, sizeof(fail), path, &hEMX);
  7601.             if (rc) {
  7602.                 debug(F111, "EMX LoadLibrary failed",fail,rc) ;
  7603.                 rc = DosLoadModule(fail, sizeof(fail), "EMX", &hEMX);
  7604.             }
  7605.  
  7606.             if (rc) {
  7607.                 debug(F111, "EMX LoadLibrary failed",fail,rc) ;
  7608.             } else {
  7609.                 if (rc = DosQueryProcAddr(hEMX,0,"emx_init",
  7610.                                           (PFN*)&p_emx_init))
  7611.                 {
  7612.                     debug(F111,"EMX GetProcAddress failed","emx_init",rc);
  7613.                 } else {
  7614.                     debug(F100,"calling EMX init routines","",0);
  7615.                     p_emx_init();
  7616.                 }
  7617.             }
  7618.         }
  7619.     }
  7620.     if (rc) {
  7621.         ck_krb5_loaddll_eh();
  7622.     } else {
  7623.         debug(F100,"Kerberos V support provided by MIT","",0);
  7624.         if (rc = DosQueryProcAddr(hCOMERR32,0,"com_err",
  7625.                                    (PFN*)&p_com_err))
  7626.         {
  7627.             debug(F111,"Kerberos V GetProcAddress failed","com_err",rc);
  7628.             load_error = 1;
  7629.         }
  7630.         if (rc = DosQueryProcAddr(hCOMERR32,0,"com_err_va",
  7631.                                    (PFN*)&p_com_err_va))
  7632.         {
  7633.             debug(F111,"Kerberos V GetProcAddress failed","com_err_va",rc);
  7634.             load_error = 1;
  7635.         }
  7636.         if (rc = DosQueryProcAddr(hCOMERR32,0,"error_message",
  7637.                                    (PFN*)&p_error_message))
  7638.         {
  7639.             debug(F111,"Kerberos V GetProcAddress failed","error_message",rc);
  7640.             load_error = 1;
  7641.         }
  7642.         if (rc = DosQueryProcAddr(hKRB5_32,0,"decode_krb5_ticket",
  7643.                                    (PFN*)&p_decode_krb5_ticket))
  7644.         {
  7645.             debug(F111,"Kerberos V GetProcAddress failed","decode_krb5_ticket",rc);
  7646.             load_error = 1;
  7647.         }
  7648.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_decode_ticket",
  7649.                                    (PFN*)&p_cygnus_decode_krb5_ticket))
  7650.         {
  7651.             debug(F111,"Kerberos V GetProcAddress failed","krb5_decode_ticket",rc);
  7652.             load_error = 1;
  7653.         }
  7654.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_rep",
  7655.                                    (PFN*)&p_krb5_mk_rep))
  7656.         {
  7657.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_rep",rc);
  7658.             load_error = 1;
  7659.         }
  7660.  
  7661.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_rep",
  7662.                                    (PFN*)&p_krb5_mk_rep))
  7663.         {
  7664.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_rep",rc);
  7665.             load_error = 1;
  7666.         }
  7667.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_authenticator",
  7668.                                    (PFN*)&p_krb5_free_authenticator))
  7669.         {
  7670.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_authenticator",rc);
  7671.             load_error = 1;
  7672.         }
  7673.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_verify_checksum",
  7674.                                    (PFN*)&p_krb5_verify_checksum))
  7675.         {
  7676.             debug(F111,"Kerberos V GetProcAddress failed","krb5_verify_checksum",rc);
  7677.             load_error = 1;
  7678.         }
  7679.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_req",
  7680.                                    (PFN*)&p_krb5_rd_req))
  7681.         {
  7682.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_req",rc);
  7683.             load_error = 1;
  7684.         }
  7685.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_creds",
  7686.                                    (PFN*)&p_krb5_free_creds))
  7687.         {
  7688.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_creds",rc);
  7689.             load_error = 1;
  7690.         }
  7691.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_data",
  7692.                                    (PFN*)&p_krb5_free_data))
  7693.         {
  7694.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_data",rc);
  7695.             load_error = 1;
  7696.         }
  7697.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_data_contents",
  7698.                                    (PFN*)&p_krb5_free_data_contents))
  7699.         {
  7700.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_data_contents",rc);
  7701.             load_error = 1;
  7702.         }
  7703.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_copy_keyblock",
  7704.                                    (PFN*)&p_krb5_copy_keyblock))
  7705.         {
  7706.             debug(F111,"Kerberos V GetProcAddress failed","krb5_copy_keyblock",rc);
  7707.             load_error = 1;
  7708.         }
  7709.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_keyblock",
  7710.                                    (PFN*)&p_krb5_free_keyblock))
  7711.         {
  7712.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_keyblock",rc);
  7713.             load_error = 1;
  7714.         }
  7715.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getlocalsubkey",
  7716.                                    (PFN*)&p_krb5_auth_con_getlocalsubkey))
  7717.         {
  7718.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getlocalsubkey",rc);
  7719.             load_error = 1;
  7720.         }
  7721.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_req_extended",
  7722.                                    (PFN*)&p_krb5_mk_req_extended))
  7723.         {
  7724.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_req_extended",rc);
  7725.             load_error = 1;
  7726.         }
  7727.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_req",
  7728.                                    (PFN*)&p_krb5_mk_req))
  7729.         {
  7730.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_req",rc);
  7731.             load_error = 1;
  7732.         }
  7733.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setflags",
  7734.                                    (PFN*)&p_krb5_auth_con_setflags))
  7735.         {
  7736.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setflags",rc);
  7737.             load_error = 1;
  7738.         }
  7739.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_init",
  7740.                                    (PFN*)&p_krb5_auth_con_init))
  7741.         {
  7742.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_init",rc);
  7743.             load_error = 1;
  7744.         }
  7745.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_free",
  7746.                                    (PFN*)&p_krb5_auth_con_free))
  7747.         {
  7748.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_free",rc);
  7749.             load_error = 1;
  7750.         }
  7751.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials",
  7752.                                    (PFN*)&p_krb5_get_credentials))
  7753.         {
  7754.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials",rc);
  7755.             load_error = 1;
  7756.         }
  7757.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_cred_contents",
  7758.                                    (PFN*)&p_krb5_free_cred_contents))
  7759.         {
  7760.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_cred_contents",rc);
  7761.             load_error = 1;
  7762.         }
  7763.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_sname_to_principal",
  7764.                                    (PFN*)&p_krb5_sname_to_principal))
  7765.         {
  7766.             debug(F111,"Kerberos V GetProcAddress failed","krb5_sname_to_principal",rc);
  7767.             load_error = 1;
  7768.         }
  7769.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_default",
  7770.                                    (PFN*)&p_krb5_cc_default))
  7771.         {
  7772.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_default",rc);
  7773.             load_error = 1;
  7774.         }
  7775.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_ap_rep_enc_part",
  7776.                                    (PFN*)&p_krb5_free_ap_rep_enc_part))
  7777.         {
  7778.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_ap_rep_enc_part",rc);
  7779.             load_error = 1;
  7780.         }
  7781.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_rep",
  7782.                                    (PFN*)&p_krb5_rd_rep))
  7783.         {
  7784.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_rep",rc);
  7785.             load_error = 1;
  7786.         }
  7787.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_init_context",
  7788.                                    (PFN*)&p_krb5_init_context))
  7789.         {
  7790.             debug(F111,"Kerberos V GetProcAddress failed","krb5_init_context",rc);
  7791.             load_error = 1;
  7792.         }
  7793.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_context",
  7794.                                    (PFN*)&p_krb5_free_context))
  7795.         {
  7796.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_context",rc);
  7797.             load_error = 1;
  7798.         }
  7799.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_principal",
  7800.                                    (PFN*)&p_krb5_free_principal))
  7801.         {
  7802.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_principal",rc);
  7803.             load_error = 1;
  7804.         }
  7805.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_unparsed_name",
  7806.                                    (PFN*)&p_krb5_free_unparsed_name))
  7807.         {
  7808.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_unparsed_name",rc);
  7809.         }
  7810.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_fwd_tgt_creds",
  7811.                                    (PFN*)&p_krb5_fwd_tgt_creds))
  7812.         {
  7813.             debug(F111,"Kerberos V GetProcAddress failed","krb5_fwd_tgt_creds",rc);
  7814.             load_error = 1;
  7815.         }
  7816.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_genaddrs",
  7817.                                    (PFN*)&p_krb5_auth_con_genaddrs))
  7818.         {
  7819.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_genaddrs",rc);
  7820.             load_error = 1;
  7821.         }
  7822.         /* The DES functions are not required.  But if we do not have */
  7823.         /* them and do not have the CRYPT DLL we will not be able to  */
  7824.         /* perform mutual authentication.                             */
  7825.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_ecb_encrypt",
  7826.                                    (PFN*)&p_des_ecb_encrypt))
  7827.         {
  7828.             debug(F111,"Kerberos V GetProcAddress failed","des_ecb_encrypt",rc);
  7829.         }
  7830.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_pcbc_encrypt",
  7831.                                    (PFN*)&p_des_pcbc_encrypt))
  7832.         {
  7833.             debug(F111,"Kerberos V GetProcAddress failed","des_pcbc_encrypt",rc);
  7834.         }
  7835.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_new_random_key",
  7836.                                    (PFN*)&p_des_new_random_key))
  7837.         {
  7838.             debug(F111,"Kerberos V GetProcAddress failed","des_new_random_key",rc);
  7839.         }
  7840.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_key_sched",
  7841.                                    (PFN*)&p_des_key_sched))
  7842.         {
  7843.             debug(F111,"Kerberos V GetProcAddress failed","des_key_sched",rc);
  7844.         }
  7845.         if (rc = DosQueryProcAddr(hKRB5_32,0,"des_set_random_generator_seed",
  7846.                                    (PFN*)&p_des_set_random_generator_seed))
  7847.         {
  7848.             debug(F111,"Kerberos V GetProcAddress failed","des_set_random_generator_seed",rc);
  7849.         }
  7850.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_host_realm",
  7851.                                    (PFN*)&p_krb5_get_host_realm))
  7852.         {
  7853.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_host_realm",rc);
  7854.             load_error = 1;
  7855.         }
  7856.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_host_realm",
  7857.                                    (PFN*)&p_krb5_free_host_realm))
  7858.         {
  7859.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_host_realm",rc);
  7860.             load_error = 1;
  7861.         }
  7862.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_in_tkt_with_keytab",
  7863.                                    (PFN*)&p_krb5_get_in_tkt_with_keytab))
  7864.         {
  7865.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_in_tkt_with_keytab",rc);
  7866.             load_error = 1;
  7867.         }
  7868.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_in_tkt_with_password",
  7869.                                    (PFN*)&p_krb5_get_in_tkt_with_password))
  7870.         {
  7871.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_in_tkt_with_password",rc);
  7872.             load_error = 1;
  7873.         }
  7874.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_read_password",
  7875.                                    (PFN*)&p_krb5_read_password))
  7876.         {
  7877.             debug(F111,"Kerberos V GetProcAddress failed","krb5_read_password",rc);
  7878.             load_error = 1;
  7879.         }
  7880.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_build_principal_ext",
  7881.                                    (PFN*)&p_krb5_build_principal_ext))
  7882.         {
  7883.             debug(F111,"Kerberos V GetProcAddress failed","krb5_build_principal_ext",rc);
  7884.             load_error = 1;
  7885.         }
  7886.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_unparse_name",
  7887.                                    (PFN*)&p_krb5_unparse_name))
  7888.         {
  7889.             debug(F111,"Kerberos V GetProcAddress failed","krb5_unparse_name",rc);
  7890.             load_error = 1;
  7891.         }
  7892.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_parse_name",
  7893.                                    (PFN*)&p_krb5_parse_name))
  7894.         {
  7895.             debug(F111,"Kerberos V GetProcAddress failed","krb5_parse_name",rc);
  7896.             load_error = 1;
  7897.         }
  7898.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_resolve",
  7899.                                    (PFN*)&p_krb5_cc_resolve))
  7900.         {
  7901.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_resolve",rc);
  7902.             load_error = 1;
  7903.         }
  7904.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_default_name",
  7905.                                    (PFN*)&p_krb5_cc_default_name))
  7906.         {
  7907.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_default_name",rc);
  7908.         }
  7909.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_string_to_timestamp",
  7910.                                    (PFN*)&p_krb5_string_to_timestamp))
  7911.         {
  7912.             debug(F111,"Kerberos V GetProcAddress failed","krb5_string_to_timestamp",rc);
  7913.             load_error = 1;
  7914.         }
  7915.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_resolve",
  7916.                                    (PFN*)&p_krb5_kt_resolve))
  7917.         {
  7918.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_resolve",rc);
  7919.             load_error = 1;
  7920.         }
  7921.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_string_to_deltat",
  7922.                                    (PFN*)&p_krb5_string_to_deltat))
  7923.         {
  7924.             debug(F111,"Kerberos V GetProcAddress failed","krb5_string_to_deltat",rc);
  7925.             load_error = 1;
  7926.         }
  7927.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_timeofday",
  7928.                                    (PFN*)&p_krb5_timeofday))
  7929.         {
  7930.             debug(F111,"Kerberos V GetProcAddress failed","krb5_timeofday",rc);
  7931.             load_error = 1;
  7932.         }
  7933.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials_renew",
  7934.                                    (PFN*)&p_krb5_get_credentials_renew))
  7935.         {
  7936.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials_renew",rc);
  7937.             load_error = 1;
  7938.         }
  7939.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_credentials_validate",
  7940.                                    (PFN*)&p_krb5_get_credentials_validate))
  7941.         {
  7942.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_credentials_validate",rc);
  7943.             load_error = 1;
  7944.         }
  7945.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_copy_principal",
  7946.                                    (PFN*)&p_krb5_copy_principal))
  7947.         {
  7948.             debug(F111,"Kerberos V GetProcAddress failed","krb5_copy_principal",rc);
  7949.             load_error = 1;
  7950.         }
  7951.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_timestamp_to_sfstring",
  7952.                                    (PFN*)&p_krb5_timestamp_to_sfstring))
  7953.         {
  7954.             debug(F111,"Kerberos V GetProcAddress failed","krb5_timestamp_to_sfstring",rc);
  7955.             load_error = 1;
  7956.         }
  7957.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_default",
  7958.                                    (PFN*)&p_krb5_kt_default))
  7959.         {
  7960.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_default",rc);
  7961.             load_error = 1;
  7962.         }
  7963.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_ticket",
  7964.                                    (PFN*)&p_krb5_free_ticket))
  7965.         {
  7966.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_ticket",rc);
  7967.             load_error = 1;
  7968.         }
  7969. #ifdef CHECKADDRS
  7970.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_os_localaddr",
  7971.                                    (PFN*)&p_krb5_os_localaddr))
  7972.         {
  7973.             debug(F111,"Kerberos V GetProcAddress failed","krb5_os_localaddr",rc);
  7974.             load_error = 1;
  7975.         }
  7976.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_address_search",
  7977.                                    (PFN*)&p_krb5_address_search))
  7978.         {
  7979.             debug(F111,"Kerberos V GetProcAddress failed","krb5_address_search",rc);
  7980.             /* This is not a fatal error since we expect that most builds */
  7981.             /* of krb5 dll will have an error in the export list that     */
  7982.             /* prevents this function from being found.  Therefore a      */
  7983.             /* built in version is used if it is missing                  */
  7984.         }
  7985.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_addresses",
  7986.                                    (PFN*)&p_krb5_free_addresses))
  7987.         {
  7988.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_addresses",rc);
  7989.             load_error = 1;
  7990.         }
  7991. #endif /* CHECKADDRS */
  7992.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getremotesubkey",
  7993.                                    (PFN*)&p_krb5_auth_con_getremotesubkey))
  7994.         {
  7995.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getremotesubkey",rc);
  7996.             load_error = 1;
  7997.         }
  7998.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getkey",
  7999.                                    (PFN*)&p_krb5_auth_con_getkey))
  8000.         {
  8001.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getkey",rc);
  8002.             load_error = 1;
  8003.         }
  8004.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getauthenticator",
  8005.                                    (PFN*)&p_krb5_auth_con_getauthenticator))
  8006.         {
  8007.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getauthenticator",rc);
  8008.             load_error = 1;
  8009.         }
  8010.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setrcache",
  8011.                                    (PFN*)&p_krb5_auth_con_setrcache))
  8012.         {
  8013.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setrcache",rc);
  8014.         }
  8015.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_server_rcache",
  8016.                                    (PFN*)&p_krb5_get_server_rcache))
  8017.         {
  8018.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_server_rcache",rc);
  8019.         }
  8020.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_getrcache",
  8021.                                    (PFN*)&p_krb5_auth_con_getrcache))
  8022.         {
  8023.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_getrcache",rc);
  8024.         }
  8025.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_tgt_creds",
  8026.                                    (PFN*)&p_krb5_free_tgt_creds))
  8027.         {
  8028.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_tgt_creds",rc);
  8029.         }
  8030.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_cred",
  8031.                                    (PFN*)&p_krb5_rd_cred))
  8032.         {
  8033.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_cred",rc);
  8034.         }
  8035.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_enctype_compare",
  8036.                                    (PFN*)&p_krb5_c_enctype_compare))
  8037.         {
  8038.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_enctype_compare",rc);
  8039.         }
  8040.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_error",
  8041.                                    (PFN*)&p_krb5_free_error))
  8042.         {
  8043.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_error",rc);
  8044.         }
  8045.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_sendauth",
  8046.                                    (PFN*)&p_krb5_sendauth))
  8047.         {
  8048.             debug(F111,"Kerberos V GetProcAddress failed","krb5_sendauth",rc);
  8049.         }
  8050.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_process_key",
  8051.                                    (PFN*)&p_krb5_process_key))
  8052.         {
  8053.             debug(F111,"Kerberos V GetProcAddress failed","krb5_process_key",rc);
  8054.         }
  8055.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_use_enctype",
  8056.                                    (PFN*)&p_krb5_use_enctype))
  8057.         {
  8058.             debug(F111,"Kerberos V GetProcAddress failed","krb5_use_enctype",rc);
  8059.         }
  8060.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_encrypt",
  8061.                                    (PFN*)&p_krb5_encrypt))
  8062.         {
  8063.             debug(F111,"Kerberos V GetProcAddress failed","krb5_encrypt",rc);
  8064.         }
  8065.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_decrypt",
  8066.                                    (PFN*)&p_krb5_decrypt))
  8067.         {
  8068.             debug(F111,"Kerberos V GetProcAddress failed","krb5_decrypt",rc);
  8069.         }
  8070.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_encrypt_size",
  8071.                                    (PFN*)&p_krb5_encrypt_size))
  8072.         {
  8073.             debug(F111,"Kerberos V GetProcAddress failed","krb5_encrypt_size",rc);
  8074.         }
  8075.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kuserok",
  8076.                                    (PFN*)&p_krb5_kuserok))
  8077.         {
  8078.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kuserok",rc);
  8079.         }
  8080.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_appdefault_boolean",
  8081.                                    (PFN*)&p_krb5_appdefault_boolean))
  8082.         {
  8083.             debug(F111,"Kerberos V GetProcAddress failed","krb5_appdefault_boolean",rc);
  8084.         }
  8085.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_appdefault_string",
  8086.                                    (PFN*)&p_krb5_appdefault_string))
  8087.         {
  8088.             debug(F111,"Kerberos V GetProcAddress failed","krb5_appdefault_string",rc);
  8089.         }
  8090.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_renewed_creds",
  8091.                                    (PFN*)&p_krb5_get_renewed_creds))
  8092.         {
  8093.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_renewed_creds",rc);
  8094.         }
  8095.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_validated_creds",
  8096.                                    (PFN*)&p_krb5_get_validated_creds))
  8097.         {
  8098.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_validated_creds",rc);
  8099.         }
  8100.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_password",
  8101.                                    (PFN*)&p_krb5_get_init_creds_password))
  8102.         {
  8103.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_password",rc);
  8104.         }
  8105.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_address_list",
  8106.                                    (PFN*)&p_krb5_get_init_creds_opt_set_address_list))
  8107.         {
  8108.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_address_list",rc);
  8109.         }
  8110.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_tkt_life",
  8111.                                    (PFN*)&p_krb5_get_init_creds_opt_set_tkt_life))
  8112.         {
  8113.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_tkt_life",rc);
  8114.         }
  8115.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_forwardable",
  8116.                                    (PFN*)&p_krb5_get_init_creds_opt_set_forwardable))
  8117.         {
  8118.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_forwardable",rc);
  8119.         }
  8120.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_proxiable",
  8121.                                    (PFN*)&p_krb5_get_init_creds_opt_set_proxiable))
  8122.         {
  8123.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_proxiable",rc);
  8124.         }
  8125.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_renew_life",
  8126.                                    (PFN*)&p_krb5_get_init_creds_opt_set_renew_life))
  8127.         {
  8128.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_renew_life",rc);
  8129.         }
  8130.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_init",
  8131.                                    (PFN*)&p_krb5_get_init_creds_opt_init))
  8132.         {
  8133.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_init",rc);
  8134.         }
  8135.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_etype_list",
  8136.                                    (PFN*)&p_krb5_get_init_creds_opt_set_etype_list))
  8137.         {
  8138.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_etype_list",rc);
  8139.         }
  8140.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_preauth_list",
  8141.                                    (PFN*)&p_krb5_get_init_creds_opt_set_preauth_list))
  8142.         {
  8143.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_preauth_list",rc);
  8144.         }
  8145.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_init_creds_opt_set_salt",
  8146.                                    (PFN*)&p_krb5_get_init_creds_opt_set_salt))
  8147.         {
  8148.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_init_creds_opt_set_salt",rc);
  8149.         }
  8150.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_safe",
  8151.                                    (PFN*)&p_krb5_rd_safe))
  8152.         {
  8153.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_safe",rc);
  8154.             load_error = 1;
  8155.         }
  8156.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_safe",
  8157.                                    (PFN*)&p_krb5_mk_safe))
  8158.         {
  8159.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_safe",rc);
  8160.             load_error = 1;
  8161.         }
  8162.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_rd_priv",
  8163.                                    (PFN*)&p_krb5_rd_priv))
  8164.         {
  8165.             debug(F111,"Kerberos V GetProcAddress failed","krb5_rd_priv",rc);
  8166.             load_error = 1;
  8167.         }
  8168.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_mk_priv",
  8169.                                    (PFN*)&p_krb5_mk_priv))
  8170.         {
  8171.             debug(F111,"Kerberos V GetProcAddress failed","krb5_mk_priv",rc);
  8172.             load_error = 1;
  8173.         }
  8174.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_auth_con_setuseruserkey",
  8175.                                    (PFN*)&p_krb5_auth_con_setuseruserkey))
  8176.         {
  8177.             debug(F111,"Kerberos V GetProcAddress failed","krb5_auth_con_setuseruserkey",rc);
  8178.             load_error = 1;
  8179.         }
  8180.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_get_profile",
  8181.                                    (PFN*)&p_krb5_get_profile))
  8182.         {
  8183.             debug(F111,"Kerberos V GetProcAddress failed","krb5_get_profile",rc);
  8184.         }
  8185.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_free_keyblock_contents",
  8186.                                    (PFN*)&p_krb5_free_keyblock_contents))
  8187.         {
  8188.             debug(F111,"Kerberos V GetProcAddress failed","krb5_free_keyblock_contents",rc);
  8189.         }
  8190.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_encrypt",
  8191.                                    (PFN*)&p_krb5_c_encrypt))
  8192.         {
  8193.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_encrypt",rc);
  8194.         }
  8195.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_decrypt",
  8196.                                    (PFN*)&p_krb5_c_decrypt))
  8197.         {
  8198.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_decrypt",rc);
  8199.         }
  8200.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_make_random_key",
  8201.                                    (PFN*)&p_krb5_c_make_random_key))
  8202.         {
  8203.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_make_random_key",rc);
  8204.         }
  8205.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_random_seed",
  8206.                                    (PFN*)&p_krb5_c_random_seed))
  8207.         {
  8208.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_random_seed",rc);
  8209.         }
  8210.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_block_size",
  8211.                                    (PFN*)&p_krb5_c_block_size))
  8212.         {
  8213.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_block_size",rc);
  8214.         }
  8215.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_c_encrypt_length",
  8216.                                    (PFN*)&p_krb5_c_encrypt_length))
  8217.         {
  8218.             debug(F111,"Kerberos V GetProcAddress failed","krb5_c_encrypt_length",rc);
  8219.         }
  8220.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_default_name",
  8221.                                    (PFN*)&p_krb5_kt_default_name))
  8222.         {
  8223.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_default_name",rc);
  8224.         }
  8225.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_principal",
  8226.                                    (PFN*)&p_krb5_cc_get_principal))
  8227.         {
  8228.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_principal",rc);
  8229.         }
  8230.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_store_cred",
  8231.                                    (PFN*)&p_krb5_cc_store_cred))
  8232.         {
  8233.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_store_cred",rc);
  8234.         }
  8235.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_initialize",
  8236.                                    (PFN*)&p_krb5_cc_initialize))
  8237.         {
  8238.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_initialize",rc);
  8239.         }
  8240.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_destroy",
  8241.                                    (PFN*)&p_krb5_cc_destroy))
  8242.         {
  8243.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_destroy",rc);
  8244.         }
  8245.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_end_seq_get",
  8246.                                    (PFN*)&p_krb5_cc_end_seq_get))
  8247.         {
  8248.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_end_seq_get",rc);
  8249.         }
  8250.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_next_cred",
  8251.                                    (PFN*)&p_krb5_cc_next_cred))
  8252.         {
  8253.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_next_cred",rc);
  8254.         }
  8255.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_start_seq_get",
  8256.                                    (PFN*)&p_krb5_cc_start_seq_get))
  8257.         {
  8258.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_start_seq_get",rc);
  8259.         }
  8260.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_type",
  8261.                                    (PFN*)&p_krb5_cc_get_type))
  8262.         {
  8263.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_type",rc);
  8264.         }
  8265.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_get_name",
  8266.                                    (PFN*)&p_krb5_cc_get_name))
  8267.         {
  8268.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_get_name",rc);
  8269.         }
  8270.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_set_flags",
  8271.                                    (PFN*)&p_krb5_cc_set_flags))
  8272.         {
  8273.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_set_flags",rc);
  8274.         }
  8275.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_cc_close",
  8276.                                    (PFN*)&p_krb5_cc_close))
  8277.         {
  8278.             debug(F111,"Kerberos V GetProcAddress failed","krb5_cc_close",rc);
  8279.         }
  8280.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_type",
  8281.                                    (PFN*)&p_krb5_kt_get_type))
  8282.         {
  8283.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_type",rc);
  8284.         }
  8285.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_name",
  8286.                                    (PFN*)&p_krb5_kt_get_name))
  8287.         {
  8288.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_name",rc);
  8289.         }
  8290.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_close",
  8291.                                    (PFN*)&p_krb5_kt_close))
  8292.         {
  8293.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_close",rc);
  8294.         }
  8295.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_get_entry",
  8296.                                    (PFN*)&p_krb5_kt_get_entry))
  8297.         {
  8298.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_get_entry",rc);
  8299.         }
  8300.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_start_seq_get",
  8301.                                    (PFN*)&p_krb5_kt_start_seq_get))
  8302.         {
  8303.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_start_seq_get",rc);
  8304.         }
  8305.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_next_entry",
  8306.                                    (PFN*)&p_krb5_kt_next_entry))
  8307.         {
  8308.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_next_entry",rc);
  8309.         }
  8310.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_kt_end_seq_get",
  8311.                                    (PFN*)&p_krb5_kt_end_seq_get))
  8312.         {
  8313.             debug(F111,"Kerberos V GetProcAddress failed","krb5_kt_end_seq_get",rc);
  8314.         }
  8315.         if (rc = DosQueryProcAddr(hKRB5_32,0,"krb5_build_principal",
  8316.                                    (PFN*)&p_krb5_build_principal))
  8317.         {
  8318.             debug(F111,"Kerberos V GetProcAddress failed","krb5_build_principal",rc);
  8319.         }
  8320.     }
  8321.  
  8322.     exe_path = GetLoadPath();
  8323.     len = get_dir_len(exe_path);
  8324.     if ( len + strlen("XPPROF32") + 4 > sizeof(path) )
  8325.         return(0);
  8326.     sprintf(path, "%.*s%s.DLL", len, exe_path,"XPPROF32");         /* safe */
  8327.     rc = DosLoadModule(fail, sizeof(fail), path, &hPROFILE);
  8328.     if (rc) {
  8329.         debug(F111, "Kerberos V Profile LoadLibrary failed",fail,rc) ;
  8330.         rc = DosLoadModule(fail, sizeof(fail), "XPPROF32", &hPROFILE);
  8331.     }
  8332.  
  8333.     if ( rc ) {
  8334.         debug(F111, "Kerberos V Profile LoadLibrary failed",fail,rc) ;
  8335.     } else {
  8336.         if (rc = DosQueryProcAddr(hPROFILE,0,"profile_get_relation_names",
  8337.                                    (PFN*)&p_profile_get_relation_names))
  8338.         {
  8339.             debug(F111,"Kerberos V GetProcAddress failed","profile_get_relation_names",rc);
  8340.         }
  8341.         if (rc = DosQueryProcAddr(hPROFILE,0,"profile_get_subsection_names",
  8342.                                    (PFN*)&p_profile_get_subsection_names))
  8343.         {
  8344.             debug(F111,"Kerberos V GetProcAddress failed","profile_get_subsection_names",rc);
  8345.         }
  8346.     }
  8347. #endif /* NT */
  8348.  
  8349.     if ( deblog ) {
  8350.         if ( hKRB5_32 ) {
  8351.             if ( cygnus )
  8352.                 printf("Cygnus Kerberos 5 available\n");
  8353.             else
  8354.                 printf("MIT Kerberos 5 available\n");
  8355.         }
  8356.         if ( hKRB524 )
  8357.             printf("MIT Kerberos 524 available\n");
  8358.     }
  8359.  
  8360.     /* Attempt to load a krb5_principal_to_userid() function */
  8361. #ifdef NT
  8362.     hKRB52UID = LoadLibrary("KRB52UID");
  8363.     if ( hKRB52UID ) {
  8364.         if (((FARPROC) p_k95_k5_principal_to_localname =
  8365.               GetProcAddress( hKRB52UID, "krb5_principal_to_localname" )) == NULL )
  8366.         {
  8367.             rc = GetLastError() ;
  8368.             debug(F111,"KRB52UID GetProcAddress failed",
  8369.                    "krb5_principal_to_localname",rc);
  8370.         }
  8371.         if (((FARPROC) p_k95_k5_userok =
  8372.               GetProcAddress( hKRB52UID, "krb5_kuserok" )) == NULL )
  8373.         {
  8374.             rc = GetLastError() ;
  8375.             debug(F111,"KRB52UID GetProcAddress failed","krb5_kuserok",rc);
  8376.         }
  8377.     }
  8378.  
  8379.     /* Initialize Kerberos 5 ticket options based upon MIT Leash selections */
  8380.     hLEASH = LoadLibrary("LEASHW32");
  8381.     if ( hLEASH )
  8382.     {
  8383.         DWORD (* pLeash_get_default_lifetime)(void);
  8384.         DWORD (* pLeash_get_default_forwardable)(void);
  8385.         DWORD (* pLeash_get_default_proxiable)(void);
  8386.         DWORD (* pLeash_get_default_renewable)(void);
  8387.         DWORD (* pLeash_get_default_renew_till)(void);
  8388.         DWORD (* pLeash_get_default_noaddresses)(void);
  8389.         DWORD (* pLeash_get_default_publicip)(void);
  8390.         DWORD (* pLeash_get_default_use_krb4)(void);
  8391.  
  8392.         (FARPROC) pLeash_get_default_lifetime =
  8393.             GetProcAddress(hLEASH, "Leash_get_default_lifetime");
  8394.         (FARPROC) pLeash_get_default_forwardable =
  8395.             GetProcAddress(hLEASH, "Leash_get_default_forwardable");
  8396.         (FARPROC) pLeash_get_default_proxiable =
  8397.             GetProcAddress(hLEASH, "Leash_get_default_proxiable");
  8398.         (FARPROC) pLeash_get_default_renewable =
  8399.             GetProcAddress(hLEASH, "Leash_get_default_renewable");
  8400.         (FARPROC) pLeash_get_default_renew_till =
  8401.             GetProcAddress(hLEASH, "Leash_get_default_renew_till");
  8402.         (FARPROC) pLeash_get_default_noaddresses =
  8403.             GetProcAddress(hLEASH, "Leash_get_default_noaddresses");
  8404.         (FARPROC) pLeash_get_default_publicip =
  8405.             GetProcAddress(hLEASH, "Leash_get_default_publicip");
  8406.         (FARPROC) pLeash_get_default_use_krb4 =
  8407.             GetProcAddress(hLEASH, "Leash_get_default_use_krb4");
  8408.  
  8409.         if ( pLeash_get_default_lifetime )
  8410.             krb5_d_lifetime =    pLeash_get_default_lifetime();
  8411.         if ( pLeash_get_default_forwardable )
  8412.             krb5_d_forwardable = pLeash_get_default_forwardable();
  8413.         if ( pLeash_get_default_proxiable )
  8414.             krb5_d_proxiable   = pLeash_get_default_proxiable();
  8415.         if ( pLeash_get_default_renewable && pLeash_get_default_renew_till)
  8416.             krb5_d_renewable   = pLeash_get_default_renewable() ? pLeash_get_default_renew_till() : 0;
  8417.         if ( pLeash_get_default_noaddresses )
  8418.             krb5_d_no_addresses = pLeash_get_default_noaddresses();
  8419.         if ( pLeash_get_default_publicip && pLeash_get_default_publicip() )
  8420.         {
  8421.             DWORD dwValue = pLeash_get_default_publicip();
  8422.             int i;
  8423.             char buf[17];
  8424.             for ( i = 0;
  8425.                   i < KRB5_NUM_OF_ADDRS && krb5_d_addrs[i];
  8426.                   i++) {
  8427.                 if (krb5_d_addrs[i])
  8428.                     free(krb5_d_addrs[i]);
  8429.                 krb5_d_addrs[i] = NULL;
  8430.             }
  8431.  
  8432.             sprintf(buf,"%d.%d.%d.%d",
  8433.                      (dwValue&0xFF000000)>>24,
  8434.                      (dwValue&0x00FF0000)>>16,
  8435.                      (dwValue&0x0000FF00)>>8,
  8436.                      (dwValue&0x000000FF));
  8437.             makestr(&krb5_d_addrs[0],buf);
  8438.         }
  8439.         if ( pLeash_get_default_use_krb4 )
  8440.             krb5_d_getk4 = pLeash_get_default_use_krb4();
  8441.         FreeLibrary(hLEASH);
  8442.     }
  8443. #else /* NT */
  8444.     dllname = "KRB52UID";
  8445.     len = get_dir_len(exe_path);
  8446.     if ( len + strlen(dllname) + 4 > sizeof(path) )
  8447.         return(0);
  8448.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);
  8449.     rc = DosLoadModule(fail, sizeof(fail), path, &hKRB52UID);
  8450.     if (rc) {
  8451.         debug(F111, "KRB52UID LoadLibrary failed",fail,rc) ;
  8452.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hKRB52UID);
  8453.     }
  8454.     if ( rc ) {
  8455.         debug(F111, "KRB52UID LoadLibrary failed",fail,rc) ;
  8456.     } else {
  8457.         if (rc = DosQueryProcAddr( hKRB52UID, 0, "krb5_principal_to_userid",
  8458.                                   (PFN*) &p_k95_k5_principal_to_localname))
  8459.         {
  8460.             debug(F111,"KRB52UID GetProcAddress failed",
  8461.                   "krb5_principal_to_userid",rc);
  8462.         }
  8463.         if (rc = DosQueryProcAddr( hKRB52UID, 0, "krb5_userok",
  8464.                                   (PFN*) &p_k95_k5_userok))
  8465.         {
  8466.             debug(F111,"KRB52UID GetProcAddress failed",
  8467.                   "krb5_userok",rc);
  8468.         }
  8469.     }
  8470. #endif /* NT */
  8471.  
  8472.     return(1);
  8473. #else /* KRB5 */
  8474.     return(0);
  8475. #endif /* KRB5 */
  8476. }
  8477.  
  8478. #ifdef CK_SRP
  8479. #ifdef SRPDLL
  8480. static HINSTANCE hSRP = NULL;
  8481. static int srp_dll_loaded = 0;
  8482. #endif /* SRPDLL */
  8483.  
  8484. static int
  8485. ck_srp_loaddll( void )
  8486. {
  8487. #ifdef SRPDLL
  8488.     ULONG rc = 0 ;
  8489.     int load_error = 0;
  8490. #ifdef NT
  8491.     hSRP = LoadLibrary("SRP");
  8492.     if ( !hSRP ) {
  8493.         rc = GetLastError() ;
  8494.         debug(F111, "SRP LoadLibrary failed","SRP",rc) ;
  8495.     } else {
  8496.         if (((FARPROC) p_t_clientresponse =
  8497.               GetProcAddress( hSRP, "t_clientresponse" )) == NULL )
  8498.         {
  8499.             rc = GetLastError() ;
  8500.             debug(F111, "SRP GetProcAddress failed","t_clientresponse",rc) ;
  8501.             load_error = 1;
  8502.         }
  8503.         if (((FARPROC) p_t_clientgetkey =
  8504.               GetProcAddress( hSRP, "t_clientgetkey" )) == NULL )
  8505.         {
  8506.             rc = GetLastError() ;
  8507.             debug(F111, "SRP GetProcAddress failed","t_clientgetkey",rc) ;
  8508.             load_error = 1;
  8509.         }
  8510.         if (((FARPROC) p_t_clientpasswd =
  8511.               GetProcAddress( hSRP, "t_clientpasswd" )) == NULL )
  8512.         {                                                                      x2
  8513.             rc = GetLastError() ;
  8514.             debug(F111, "SRP GetProcAddress failed","t_clientpasswd",rc) ;
  8515.             load_error = 1;
  8516.         }
  8517.         if (((FARPROC) p_t_clientgenexp =
  8518.               GetProcAddress( hSRP, "t_clientgenexp" )) == NULL )
  8519.         {
  8520.             rc = GetLastError() ;
  8521.             debug(F111, "SRP GetProcAddress failed","t_clientgenexp",rc) ;
  8522.             load_error = 1;
  8523.         }
  8524.         if (((FARPROC) p_t_clientopen =
  8525.               GetProcAddress( hSRP, "t_clientopen" )) == NULL )
  8526.         {
  8527.             rc = GetLastError() ;
  8528.             debug(F111, "SRP GetProcAddress failed","t_clientopen",rc) ;
  8529.             load_error = 1;
  8530.         }
  8531.         if (((FARPROC) p_t_clientverify =
  8532.               GetProcAddress( hSRP, "t_clientverify" )) == NULL )
  8533.         {
  8534.             rc = GetLastError() ;
  8535.             debug(F111, "SRP GetProcAddress failed","t_clientverify",rc) ;
  8536.             load_error = 1;
  8537.         }
  8538.  
  8539.         if ( load_error ) {
  8540.             ck_srp_loaddll_eh();
  8541.             return 0;
  8542.         }
  8543.         if ( deblog )
  8544.             printf("SRP available\n");
  8545.     }
  8546. #else /* NT */
  8547.     Not yet implemented
  8548. #endif /* NT */
  8549. #else /* SRPDLL */
  8550.     if ( deblog )
  8551.         printf("SRP available\n");
  8552. #endif /* SRPDLL */
  8553.     return(1);
  8554. }
  8555.  
  8556. #ifdef SRPDLL
  8557. static void
  8558. ck_srp_loaddll_eh( void )
  8559. {
  8560.     if ( hSRP ) {
  8561. #ifdef NT
  8562.         FreeLibrary(hSRP);
  8563.         hSRP = NULL;
  8564. #else /* NT */
  8565.         DosFreeModule(hSRP);
  8566.         hSRP = 0;
  8567. #endif /* NT */
  8568.     }
  8569. #ifdef SRP
  8570.     p_t_clientresponse=NULL;
  8571.     p_t_clientgetkey=NULL;
  8572.     p_t_clientpasswd=NULL;
  8573.     p_t_clientgenexp=NULL;
  8574.     p_t_clientopen=NULL;
  8575.     p_t_clientverify=NULL;
  8576. #endif /* SRP */
  8577. }
  8578. #endif /* SRPDLL */
  8579.  
  8580. int
  8581. ck_srp_unloaddll( void )
  8582. {
  8583. #ifdef SRPDLL
  8584.     if ( !srp_dll_loaded )
  8585.         return(1);
  8586.  
  8587.     /* unload dlls */
  8588.     ck_srp_dll_loaddll_eh();
  8589.  
  8590.     /* success */
  8591.     srp_dll_loaded = 0;
  8592. #endif /* SRPDLL */
  8593.     return(1);
  8594. }
  8595.  
  8596. #include <krypto.h>
  8597.  
  8598. static struct _cipher_desc * (*p_cipher_getdescbyid)(unsigned char id)=NULL;
  8599. static unsigned char * (*p_cipher_getlist)()=NULL;
  8600. static struct _cipher_desc * (*p_cipher_getdescbyname)(char * name)=NULL;
  8601. static struct _hash_desc * (*p_hash_getdescbyid)(unsigned char id)=NULL;
  8602. static unsigned char * (*p_hash_getlist)()=NULL;
  8603. static struct _hash_desc * (*p_hash_getdescbyname)(char * name)=NULL;
  8604. static void (*p_krypto_delete)(krypto_context * cc)=NULL;
  8605. static krypto_context * (*p_krypto_new)( unsigned cid, unsigned hid,
  8606.                                          unsigned char *key, unsigned keylen,
  8607.                                          unsigned char *iv, unsigned ivlen,
  8608.                                          unsigned char *seq, unsigned state)=NULL;
  8609. static int (*p_hash_supported)(unsigned char * a, unsigned char b)=NULL;
  8610. static int (*p_cipher_supported)(unsigned char *a, unsigned char b)=NULL;
  8611. static int (*p_krypto_msg_safe)(krypto_context *cc, unsigned char *in,
  8612.                                  unsigned char * out, int len)=NULL;
  8613. static int (*p_krypto_msg_priv)(krypto_context *cc, unsigned char *in,
  8614.                                  unsigned char * out, int len)=NULL;
  8615.  
  8616. struct _cipher_desc *
  8617. ck_cipher_getdescbyid(unsigned char id)
  8618. {
  8619.     if ( p_cipher_getdescbyid )
  8620.         return(p_cipher_getdescbyid(id));
  8621.     else
  8622.         return(NULL);
  8623. }
  8624.  
  8625. unsigned char *
  8626. ck_cipher_getlist()
  8627. {
  8628.     if ( p_cipher_getlist )
  8629.         return(p_cipher_getlist());
  8630.     else
  8631.         return(NULL);
  8632. }
  8633.  
  8634. struct _cipher_desc *
  8635. ck_cipher_getdescbyname(char * name)
  8636. {
  8637.     if ( p_cipher_getdescbyname )
  8638.         return(p_cipher_getdescbyname(name));
  8639.     else
  8640.         return(NULL);
  8641. }
  8642.  
  8643. struct _hash_desc *
  8644. ck_hash_getdescbyid(unsigned char id)
  8645. {
  8646.     if ( p_hash_getdescbyid )
  8647.         return(p_hash_getdescbyid(id));
  8648.     return(NULL);
  8649. }
  8650.  
  8651. unsigned char *
  8652. ck_hash_getlist()
  8653. {
  8654.     if ( p_hash_getlist )
  8655.         return(p_hash_getlist());
  8656.     else
  8657.         return(NULL);
  8658. }
  8659.  
  8660. struct _hash_desc *
  8661. ck_hash_getdescbyname(char * name)
  8662. {
  8663.     if ( p_hash_getdescbyname )
  8664.         return(p_hash_getdescbyname(name));
  8665.     else
  8666.         return(NULL);
  8667. }
  8668.  
  8669. void
  8670. ck_krypto_delete(krypto_context * cc)
  8671. {
  8672.     if ( p_krypto_delete && cc)
  8673.         p_krypto_delete(cc);
  8674. }
  8675.  
  8676. krypto_context *
  8677. ck_krypto_new( unsigned cid, unsigned hid,
  8678.                unsigned char *key, unsigned keylen,
  8679.                unsigned char *iv, unsigned ivlen,
  8680.                unsigned char *seq, unsigned state)
  8681. {
  8682.     if ( p_krypto_new )
  8683.         return(p_krypto_new(cid, hid, key, keylen, iv, ivlen, seq, state));
  8684.     else
  8685.         return(NULL);
  8686. }
  8687.  
  8688. int
  8689. ck_hash_supported(unsigned char * a, unsigned char b)
  8690. {
  8691.     if ( p_hash_supported )
  8692.         return(p_hash_supported(a,b));
  8693.     else
  8694.         return(0);
  8695. }
  8696.  
  8697. int
  8698. ck_cipher_supported(unsigned char *a, unsigned char b)
  8699. {
  8700.     if ( p_cipher_supported )
  8701.         return(p_cipher_supported(a,b));
  8702.     else
  8703.         return(0);
  8704. }
  8705.  
  8706. int
  8707. ck_krypto_msg_safe(krypto_context *cc, unsigned char *in,
  8708.                     unsigned char * out, int len)
  8709. {
  8710.     if ( p_krypto_msg_safe )
  8711.         return(p_krypto_msg_safe(cc,in,out,len));
  8712.     else
  8713.         return(-1);
  8714. }
  8715.  
  8716. int
  8717. ck_krypto_msg_priv(krypto_context *cc, unsigned char *in,
  8718.                     unsigned char * out, int len)
  8719. {
  8720.     if ( p_krypto_msg_priv )
  8721.         return(p_krypto_msg_priv(cc,in,out,len));
  8722.     else
  8723.         return(-1);
  8724. }
  8725.  
  8726. static int krypto_loaded=0;
  8727. #ifdef NT
  8728. HINSTANCE hLIBKRYPTO = NULL;
  8729. #else
  8730. HMODULE hLIBKRYPTO = 0;
  8731. #endif /* NT */
  8732.  
  8733. static void
  8734. load_krypto_eh()
  8735. {
  8736.     if ( hLIBKRYPTO ) {
  8737. #ifdef NT
  8738.         FreeLibrary(hLIBKRYPTO);
  8739.         hLIBKRYPTO = NULL;
  8740. #else
  8741.         DosFreeModule(hLIBKRYPTO);
  8742.         hLIBKRYPTO = 0;
  8743. #endif /* NT */
  8744.     }
  8745.  
  8746.     p_cipher_getdescbyid   = NULL;
  8747.     p_cipher_getlist       = NULL;
  8748.     p_cipher_getdescbyname = NULL;
  8749.     p_hash_getdescbyid     = NULL;
  8750.     p_hash_getlist         = NULL;
  8751.     p_hash_getdescbyname   = NULL;
  8752.     p_krypto_delete        = NULL;
  8753.     p_krypto_new           = NULL;
  8754.     p_hash_supported       = NULL;
  8755.     p_cipher_supported     = NULL;
  8756.     p_krypto_msg_safe      = NULL;
  8757.     p_krypto_msg_priv      = NULL;
  8758.  
  8759.     krypto_loaded = 0;
  8760. }
  8761.  
  8762.  
  8763. static int
  8764. ck_krypto_loaddll()
  8765. {
  8766.     ULONG rc = 0;
  8767.     int load_error = 0;
  8768.  
  8769. #ifdef OS2ONLY
  8770.     CHAR *exe_path;
  8771.     CHAR path[256];
  8772.     CHAR * dllname = "KRYPTO";
  8773. #endif /* OS2ONLY */
  8774.  
  8775.     if ( krypto_loaded )
  8776.         return(1);
  8777.  
  8778. #ifdef NT
  8779.     hLIBKRYPTO = LoadLibrary("KRYPTO");
  8780.     if ( !hLIBKRYPTO )
  8781.         return(0);
  8782.  
  8783.     if (((FARPROC) p_cipher_getdescbyid =
  8784.           GetProcAddress( hLIBKRYPTO, "cipher_getdescbyid" )) == NULL )
  8785.     {
  8786.         rc = GetLastError() ;
  8787.         load_error = 1;
  8788.     }
  8789.     if (((FARPROC) p_cipher_getlist =
  8790.           GetProcAddress( hLIBKRYPTO, "cipher_getlist" )) == NULL )
  8791.     {
  8792.         rc = GetLastError() ;
  8793.         load_error = 1;
  8794.     }
  8795.     if (((FARPROC) p_cipher_getdescbyname =
  8796.           GetProcAddress( hLIBKRYPTO, "cipher_getdescbyname" )) == NULL )
  8797.     {
  8798.         rc = GetLastError() ;
  8799.         load_error = 1;
  8800.     }
  8801.     if (((FARPROC) p_hash_getdescbyid =
  8802.           GetProcAddress( hLIBKRYPTO, "hash_getdescbyid" )) == NULL )
  8803.     {
  8804.         rc = GetLastError() ;
  8805.         load_error = 1;
  8806.     }
  8807.     if (((FARPROC) p_hash_getlist =
  8808.           GetProcAddress( hLIBKRYPTO, "hash_getlist" )) == NULL )
  8809.     {
  8810.         rc = GetLastError() ;
  8811.         load_error = 1;
  8812.     }
  8813.     if (((FARPROC) p_hash_getdescbyname =
  8814.           GetProcAddress( hLIBKRYPTO, "hash_getdescbyname" )) == NULL )
  8815.     {
  8816.         rc = GetLastError() ;
  8817.         load_error = 1;
  8818.     }
  8819.     if (((FARPROC) p_krypto_delete =
  8820.           GetProcAddress( hLIBKRYPTO, "krypto_delete" )) == NULL )
  8821.     {
  8822.         rc = GetLastError() ;
  8823.         load_error = 1;
  8824.     }
  8825.     if (((FARPROC) p_krypto_new =
  8826.           GetProcAddress( hLIBKRYPTO, "krypto_new" )) == NULL )
  8827.     {
  8828.         rc = GetLastError() ;
  8829.         load_error = 1;
  8830.     }
  8831.     if (((FARPROC) p_hash_supported =
  8832.           GetProcAddress( hLIBKRYPTO, "hash_supported" )) == NULL )
  8833.     {
  8834.         rc = GetLastError() ;
  8835.         load_error = 1;
  8836.     }
  8837.     if (((FARPROC) p_cipher_supported =
  8838.           GetProcAddress( hLIBKRYPTO, "cipher_supported" )) == NULL )
  8839.     {
  8840.         rc = GetLastError() ;
  8841.         load_error = 1;
  8842.     }
  8843.     if (((FARPROC) p_krypto_msg_safe =
  8844.           GetProcAddress( hLIBKRYPTO, "krypto_msg_safe" )) == NULL )
  8845.     {
  8846.         rc = GetLastError() ;
  8847.         load_error = 1;
  8848.     }
  8849.     if (((FARPROC) p_krypto_msg_priv =
  8850.           GetProcAddress( hLIBKRYPTO, "krypto_msg_priv" )) == NULL )
  8851.     {
  8852.         rc = GetLastError() ;
  8853.         load_error = 1;
  8854.     }
  8855.     if ( load_error ) {
  8856.         load_krypto_eh();
  8857.         return 0;
  8858.     }
  8859.     krypto_loaded = 1;
  8860. #else /* NT */
  8861.     return(0);
  8862. #endif /* NT */
  8863.     return(1);
  8864. }
  8865.  
  8866. static int
  8867. ck_krypto_unloaddll()
  8868. {
  8869.     if ( !krypto_loaded )
  8870.         return(1);
  8871.  
  8872.     load_krypto_eh();
  8873.     return(1);
  8874. }
  8875.  
  8876. int krypto_avail()
  8877. {
  8878.     return krypto_loaded;
  8879. }
  8880. #else
  8881. int krypto_avail()
  8882. {
  8883.     return 0;
  8884. }
  8885. #endif /* CK_SRP */
  8886.  
  8887. #ifdef KRB5
  8888. #include <gssapi/gssapi.h>
  8889. #include <gssapi/gssapi_generic.h>
  8890.  
  8891. static unsigned long (KRB5_CALLCONV * p_gss_release_buffer)
  8892.     ( unsigned long *, gss_buffer_t )= NULL;
  8893. static unsigned long (KRB5_CALLCONV * p_gss_seal)(unsigned long *, gss_ctx_id_t, int, int,
  8894.                            gss_buffer_t, int *, gss_buffer_t )= NULL;
  8895. static unsigned long (KRB5_CALLCONV * p_gss_unseal)(unsigned long *,
  8896.                                                 gss_ctx_id_t, gss_buffer_t,
  8897.                                                 gss_buffer_t, int *, int * )= NULL;
  8898. static unsigned long (KRB5_CALLCONV * p_gss_release_name)(unsigned long *,
  8899.                                                       gss_name_t *)= NULL;
  8900. static unsigned long (KRB5_CALLCONV * p_gss_init_sec_context)
  8901.     (unsigned long *, gss_cred_id_t,
  8902.       gss_ctx_id_t *, gss_name_t,
  8903.       gss_OID, OM_uint32, OM_uint32,
  8904.       gss_channel_bindings_t,
  8905.       gss_buffer_t, gss_OID *,
  8906.       gss_buffer_t,
  8907.       unsigned long *,
  8908.       unsigned long * )= NULL;
  8909. static unsigned long (KRB5_CALLCONV * p_gss_import_name)(unsigned long *,
  8910.                                                      gss_buffer_t, gss_OID,
  8911.                                                      gss_name_t * )= NULL;
  8912. static unsigned long (KRB5_CALLCONV * p_gss_display_status)(unsigned long *,
  8913.                                                         unsigned long,
  8914.                                                         int, gss_OID,
  8915.                                                         unsigned long *,
  8916.                                                         gss_buffer_t)= NULL;
  8917. static unsigned long (KRB5_CALLCONV * p_gss_indicate_mechs)
  8918.     (OM_uint32 * minor_status, gss_OID_set * mech_set)= NULL;
  8919.  
  8920.  
  8921. OM_uint32 (KRB5_CALLCONV * p_gss_verify_mic)
  8922. (OM_uint32 *,           /* minor_status */
  8923.             gss_ctx_id_t,               /* context_handle */
  8924.             gss_buffer_t,               /* message_buffer */
  8925.             gss_buffer_t,               /* message_token */
  8926.             gss_qop_t *                 /* qop_state */
  8927.            )=NULL;
  8928.  
  8929. OM_uint32 (KRB5_CALLCONV * p_gss_release_cred)
  8930. (OM_uint32 *,           /* minor_status */
  8931.             gss_cred_id_t *             /* cred_handle */
  8932.            )=NULL;
  8933.  
  8934. OM_uint32 (KRB5_CALLCONV * p_gss_delete_sec_context)
  8935. (OM_uint32 *,           /* minor_status */
  8936.             gss_ctx_id_t *,             /* context_handle */
  8937.             gss_buffer_t                /* output_token */
  8938.            )=NULL;
  8939.  
  8940. OM_uint32 (KRB5_CALLCONV * p_gss_accept_sec_context)
  8941. (OM_uint32 *,           /* minor_status */
  8942.             gss_ctx_id_t *,             /* context_handle */
  8943.             gss_cred_id_t,              /* acceptor_cred_handle */
  8944.             gss_buffer_t,               /* input_token_buffer */
  8945.             gss_channel_bindings_t,     /* input_chan_bindings */
  8946.             gss_name_t *,               /* src_name */
  8947.             gss_OID *,          /* mech_type */
  8948.             gss_buffer_t,               /* output_token */
  8949.             OM_uint32 *,                /* ret_flags */
  8950.             OM_uint32 *,                /* time_rec */
  8951.             gss_cred_id_t *             /* delegated_cred_handle */
  8952.            )=NULL;
  8953.  
  8954. OM_uint32 (KRB5_CALLCONV * p_gss_acquire_cred)
  8955. (OM_uint32 *,           /* minor_status */
  8956.             gss_name_t,                 /* desired_name */
  8957.             OM_uint32,                  /* time_req */
  8958.             gss_OID_set,                /* desired_mechs */
  8959.             gss_cred_usage_t,           /* cred_usage */
  8960.             gss_cred_id_t *,    /* output_cred_handle */
  8961.             gss_OID_set *,              /* actual_mechs */
  8962.             OM_uint32 *         /* time_rec */
  8963.            )=NULL;
  8964.  
  8965. OM_uint32 (KRB5_CALLCONV * p_gss_get_mic)
  8966. (OM_uint32 *,           /* minor_status */
  8967.             gss_ctx_id_t,               /* context_handle */
  8968.             gss_qop_t,                  /* qop_req */
  8969.             gss_buffer_t,               /* message_buffer */
  8970.             gss_buffer_t                /* message_token */
  8971.            )=NULL;
  8972.  
  8973. OM_uint32 (KRB5_CALLCONV * p_gss_display_name)
  8974. (OM_uint32 *,           /* minor_status */
  8975.             gss_name_t,                 /* input_name */
  8976.             gss_buffer_t,               /* output_name_buffer */
  8977.             gss_OID *           /* output_name_type */
  8978.            )=NULL;
  8979.  
  8980. OM_uint32 (KRB5_CALLCONV * p_gss_test_oid_set_member)
  8981. (OM_uint32 *,           /* minor_status */
  8982.             gss_OID,                    /* member */
  8983.             gss_OID_set,                /* set */
  8984.             int *                       /* present */
  8985.            )=NULL;
  8986.  
  8987. OM_uint32 (KRB5_CALLCONV * p_gss_add_oid_set_member)
  8988. (OM_uint32 *,           /* minor_status */
  8989.             gss_OID,                    /* member_oid */
  8990.             gss_OID_set *               /* oid_set */
  8991.            )=NULL;
  8992.  
  8993. OM_uint32 (KRB5_CALLCONV * p_gss_create_empty_oid_set)
  8994. (OM_uint32 *,           /* minor_status */
  8995.             gss_OID_set *               /* oid_set */
  8996.            )=NULL;
  8997.  
  8998. OM_uint32 (KRB5_CALLCONV * p_gss_release_oid_set)
  8999. (OM_uint32 *,           /* minor_status */
  9000.             gss_OID_set *               /* set */
  9001.            )=NULL;
  9002.  
  9003.  
  9004. unsigned long
  9005. ck_gss_release_buffer( unsigned long * c, gss_buffer_t b)
  9006. {
  9007.     if ( p_gss_release_buffer )
  9008.         return(p_gss_release_buffer(c,b));
  9009.     else
  9010.         return(GSS_S_UNAVAILABLE);
  9011. }
  9012.  
  9013. unsigned long
  9014. ck_gss_seal(unsigned long * a, gss_ctx_id_t b, int c, int d,
  9015.              gss_buffer_t e, int * f, gss_buffer_t g)
  9016. {
  9017.     if ( p_gss_seal )
  9018.         return(p_gss_seal(a,b,c,d,e,f,g));
  9019.     else
  9020.         return(GSS_S_UNAVAILABLE);
  9021. }
  9022.  
  9023. unsigned long
  9024. ck_gss_unseal(unsigned long * a, gss_ctx_id_t b, gss_buffer_t c,
  9025.                           gss_buffer_t d, int * e, int * f )
  9026. {
  9027.     if ( p_gss_unseal )
  9028.         return(p_gss_unseal(a,b,c,d,e,f));
  9029.     else
  9030.         return(GSS_S_UNAVAILABLE);
  9031. }
  9032.  
  9033. unsigned long
  9034. ck_gss_release_name(unsigned long * a, gss_name_t * b)
  9035. {
  9036.     if ( p_gss_release_name )
  9037.         return(p_gss_release_name(a,b));
  9038.     else
  9039.         return(GSS_S_UNAVAILABLE);
  9040. }
  9041.  
  9042. unsigned long
  9043. ck_gss_init_sec_context(unsigned long * a, gss_cred_id_t b,
  9044.                                        gss_ctx_id_t * c, gss_name_t d,
  9045.                                        gss_OID e, OM_uint32 f, OM_uint32 g,
  9046.                                        gss_channel_bindings_t h,
  9047.                                        gss_buffer_t i, gss_OID * j,
  9048.                                        gss_buffer_t k,
  9049.                                        unsigned long * l,
  9050.                                        unsigned long * m)
  9051. {
  9052.     if ( p_gss_init_sec_context )
  9053.         return(p_gss_init_sec_context(a,b,c,d,e,f,g,h,i,j,k,l,m));
  9054.     else
  9055.         return(GSS_S_UNAVAILABLE);
  9056. }
  9057.  
  9058. unsigned long
  9059. ck_gss_import_name(unsigned long * a, gss_buffer_t b, gss_OID c,
  9060.                                   gss_name_t * d)
  9061. {
  9062.     if ( p_gss_import_name )
  9063.         return(p_gss_import_name(a,b,c,d));
  9064.     else
  9065.         return(GSS_S_UNAVAILABLE);
  9066. }
  9067.  
  9068. unsigned long
  9069. ck_gss_display_status(unsigned long * a, unsigned long b,
  9070.                                      int c, gss_OID d, unsigned long * e,
  9071.                                      gss_buffer_t f )
  9072. {
  9073.     if ( p_gss_display_status )
  9074.         return(p_gss_display_status(a,b,c,d,e,f));
  9075.     else
  9076.         return(GSS_S_UNAVAILABLE);
  9077. }
  9078.  
  9079. unsigned long
  9080. ck_gss_indicate_mechs(OM_uint32 * minor_status, gss_OID_set * mech_set)
  9081. {
  9082.     if ( p_gss_indicate_mechs )
  9083.         return(p_gss_indicate_mechs(minor_status,mech_set));
  9084.     else
  9085.         return(GSS_S_UNAVAILABLE);
  9086. }
  9087.  
  9088.  
  9089. OM_uint32
  9090. ck_gss_verify_mic(OM_uint32 * status,           /* minor_status */
  9091.             gss_ctx_id_t context,               /* context_handle */
  9092.             gss_buffer_t buf,               /* message_buffer */
  9093.             gss_buffer_t tok,               /* message_token */
  9094.             gss_qop_t *  qop               /* qop_state */
  9095.            )
  9096. {
  9097.     if ( p_gss_verify_mic )
  9098.         return(p_gss_verify_mic(status,context,buf,tok,qop));
  9099.     else
  9100.         return(GSS_S_UNAVAILABLE);
  9101. }
  9102.  
  9103. OM_uint32
  9104. ck_gss_release_cred(OM_uint32 * status,           /* minor_status */
  9105.             gss_cred_id_t * cred             /* cred_handle */
  9106.            )
  9107. {
  9108.     if ( p_gss_release_cred )
  9109.         return(p_gss_release_cred(status,cred));
  9110.     else
  9111.         return(GSS_S_UNAVAILABLE);
  9112. }
  9113.  
  9114. OM_uint32
  9115. ck_gss_delete_sec_context(OM_uint32 * status,           /* minor_status */
  9116.             gss_ctx_id_t * context,             /* context_handle */
  9117.             gss_buffer_t   tok             /* output_token */
  9118.            )
  9119. {
  9120.     if ( p_gss_delete_sec_context )
  9121.         return(p_gss_delete_sec_context(status,context,tok));
  9122.     else
  9123.         return(GSS_S_UNAVAILABLE);
  9124. }
  9125.  
  9126. OM_uint32
  9127. ck_gss_accept_sec_context(OM_uint32 * status,           /* minor_status */
  9128.             gss_ctx_id_t * context,             /* context_handle */
  9129.             gss_cred_id_t  acceptor,              /* acceptor_cred_handle */
  9130.             gss_buffer_t   buf,               /* input_token_buffer */
  9131.             gss_channel_bindings_t binding,     /* input_chan_bindings */
  9132.             gss_name_t * name,               /* src_name */
  9133.             gss_OID * type,          /* mech_type */
  9134.             gss_buffer_t out,               /* output_token */
  9135.             OM_uint32 * ret,                /* ret_flags */
  9136.             OM_uint32 * time,                /* time_rec */
  9137.             gss_cred_id_t * delcred             /* delegated_cred_handle */
  9138.            )
  9139. {
  9140.     if ( p_gss_accept_sec_context )
  9141.         return(p_gss_accept_sec_context(status,context,acceptor,buf,binding,
  9142.                                          name, type, out, ret, time, delcred));
  9143.     else
  9144.         return(GSS_S_UNAVAILABLE);
  9145. }
  9146.  
  9147. OM_uint32
  9148. ck_gss_acquire_cred(OM_uint32 * status,           /* minor_status */
  9149.             gss_name_t name,                 /* desired_name */
  9150.             OM_uint32 timereq,                  /* time_req */
  9151.             gss_OID_set dmechs,                /* desired_mechs */
  9152.             gss_cred_usage_t usage,           /* cred_usage */
  9153.             gss_cred_id_t * outcred,    /* output_cred_handle */
  9154.             gss_OID_set * amechs,              /* actual_mechs */
  9155.             OM_uint32 *   timerec      /* time_rec */
  9156.            )
  9157. {
  9158.     if ( p_gss_acquire_cred )
  9159.         return(p_gss_acquire_cred(status,name,timereq,dmechs,usage,outcred,amechs,timerec));
  9160.     else
  9161.         return(GSS_S_UNAVAILABLE);
  9162. }
  9163.  
  9164. OM_uint32
  9165. ck_gss_get_mic(OM_uint32 * status,           /* minor_status */
  9166.             gss_ctx_id_t context,               /* context_handle */
  9167.             gss_qop_t qop,                  /* qop_req */
  9168.             gss_buffer_t buf,               /* message_buffer */
  9169.             gss_buffer_t tok               /* message_token */
  9170.            )
  9171. {
  9172.     if ( p_gss_get_mic )
  9173.         return(p_gss_get_mic(status,context,qop,buf,tok));
  9174.     else
  9175.         return(GSS_S_UNAVAILABLE);
  9176. }
  9177.  
  9178. OM_uint32
  9179. ck_gss_display_name(OM_uint32 * status,           /* minor_status */
  9180.             gss_name_t      inname,                 /* input_name */
  9181.             gss_buffer_t    outname,               /* output_name_buffer */
  9182.             gss_OID *       outtype              /* output_name_type */
  9183.            )
  9184. {
  9185.     if ( p_gss_display_name )
  9186.         return(p_gss_display_name(status,inname,outname,outtype));
  9187.     else
  9188.         return(GSS_S_UNAVAILABLE);
  9189. }
  9190.  
  9191. OM_uint32
  9192. ck_gss_test_oid_set_member(OM_uint32 * status,           /* minor_status */
  9193.             gss_OID member,                    /* member */
  9194.             gss_OID_set set,                /* set */
  9195.             int * present                      /* present */
  9196.            )
  9197. {
  9198.     if ( p_gss_test_oid_set_member )
  9199.         return(p_gss_test_oid_set_member(status,member,set,present));
  9200.     else
  9201.         return(GSS_S_UNAVAILABLE);
  9202. }
  9203.  
  9204. OM_uint32
  9205. ck_gss_add_oid_set_member(OM_uint32 * status,           /* minor_status */
  9206.             gss_OID member,                    /* member_oid */
  9207.             gss_OID_set * set              /* oid_set */
  9208.            )
  9209. {
  9210.     if ( p_gss_add_oid_set_member )
  9211.         return(p_gss_add_oid_set_member(status,member,set));
  9212.     else
  9213.         return(GSS_S_UNAVAILABLE);
  9214. }
  9215.  
  9216. OM_uint32
  9217. ck_gss_create_empty_oid_set(OM_uint32 * status,           /* minor_status */
  9218.             gss_OID_set * set              /* oid_set */
  9219.            )
  9220. {
  9221.     if ( p_gss_create_empty_oid_set )
  9222.         return(p_gss_create_empty_oid_set(status,set));
  9223.     else
  9224.         return(GSS_S_UNAVAILABLE);
  9225. }
  9226.  
  9227. OM_uint32
  9228. ck_gss_release_oid_set(OM_uint32 * status,           /* minor_status */
  9229.             gss_OID_set *  set             /* set */
  9230.            )
  9231. {
  9232.     if ( p_gss_release_oid_set )
  9233.         return(p_gss_release_oid_set(status,set));
  9234.     else
  9235.         return(GSS_S_UNAVAILABLE);
  9236. }
  9237.  
  9238.  
  9239. static int gssapi_loaded = 0;
  9240.  
  9241. static void
  9242. load_gssapi_eh()
  9243. {
  9244.     if ( hGSSAPI) {
  9245. #ifdef NT
  9246.         FreeLibrary(hGSSAPI);
  9247.         hGSSAPI = NULL;
  9248. #else
  9249.         DosFreeModule(hGSSAPI);
  9250.         hGSSAPI = 0;
  9251. #endif /* NT */
  9252.     }
  9253.  
  9254.     p_gss_release_buffer = NULL;
  9255.     p_gss_seal = NULL;
  9256.     p_gss_unseal = NULL;
  9257.     p_gss_release_name = NULL;
  9258.     p_gss_init_sec_context = NULL;
  9259.     p_gss_display_status = NULL;
  9260.     p_gss_indicate_mechs = NULL;
  9261.  
  9262.     p_gss_verify_mic             = NULL;
  9263.     p_gss_test_oid_set_member    = NULL;
  9264.     p_gss_add_oid_set_member     = NULL;
  9265.     p_gss_create_empty_oid_set   = NULL;
  9266.     p_gss_release_cred           = NULL;
  9267.     p_gss_delete_sec_context     = NULL;
  9268.     p_gss_accept_sec_context     = NULL;
  9269.     p_gss_release_oid_set        = NULL;
  9270.     p_gss_acquire_cred           = NULL;
  9271.     p_gss_display_name           = NULL;
  9272.     p_gss_get_mic                = NULL;
  9273.  
  9274.     gssapi_loaded = 0;
  9275. }
  9276.  
  9277. int
  9278. ck_gssapi_loaddll()
  9279. {
  9280.     ULONG rc = 0;
  9281.     int load_error = 0;
  9282.     gss_OID_set mech_set=NULL;
  9283.     OM_uint32 minor_status=0;
  9284.  
  9285. #ifdef OS2ONLY
  9286.     CHAR *exe_path;
  9287.     CHAR path[256];
  9288.     CHAR * dllname = "GSSAPI32";
  9289.     int len;
  9290. #endif /* OS2ONLY */
  9291.  
  9292.     if ( gssapi_loaded )
  9293.         return(1);
  9294.  
  9295. #ifdef NT
  9296.     hGSSAPI = LoadLibrary("GSSKRB5");
  9297.     if ( !hGSSAPI )
  9298.         hGSSAPI = LoadLibrary("GSSAPI32");
  9299.     if ( !hGSSAPI )
  9300.         return(0);
  9301.  
  9302.     if (((FARPROC) p_gss_release_buffer =
  9303.           GetProcAddress( hGSSAPI, "gss_release_buffer" )) == NULL )
  9304.     {
  9305.         load_error = 1;
  9306.     }
  9307.     if (((FARPROC) p_gss_seal =
  9308.           GetProcAddress( hGSSAPI, "gss_seal" )) == NULL )
  9309.     {
  9310.         load_error = 1;
  9311.     }
  9312.     if (((FARPROC) p_gss_unseal =
  9313.           GetProcAddress( hGSSAPI, "gss_unseal" )) == NULL )
  9314.     {
  9315.         load_error = 1;
  9316.     }
  9317.     if (((FARPROC) p_gss_release_name =
  9318.           GetProcAddress( hGSSAPI, "gss_release_name" )) == NULL )
  9319.     {
  9320.         load_error = 1;
  9321.     }
  9322.     if (((FARPROC) p_gss_init_sec_context =
  9323.           GetProcAddress( hGSSAPI, "gss_init_sec_context" )) == NULL )
  9324.     {
  9325.         load_error = 1;
  9326.     }
  9327.     if (((FARPROC) p_gss_import_name =
  9328.           GetProcAddress( hGSSAPI, "gss_import_name" )) == NULL )
  9329.     {
  9330.         load_error = 1;
  9331.     }
  9332.     if (((FARPROC) p_gss_display_status =
  9333.           GetProcAddress( hGSSAPI, "gss_display_status" )) == NULL )
  9334.     {
  9335.         load_error = 1;
  9336.     }
  9337.     if (((FARPROC) p_gss_indicate_mechs =
  9338.           GetProcAddress( hGSSAPI, "gss_indicate_mechs" )) == NULL )
  9339.     {
  9340.         load_error = 1;
  9341.     }
  9342.     if (((FARPROC) p_gss_verify_mic =
  9343.           GetProcAddress( hGSSAPI, "gss_verify_mic" )) == NULL )
  9344.     {
  9345.         load_error = 1;
  9346.     }
  9347.     if (((FARPROC) p_gss_test_oid_set_member =
  9348.           GetProcAddress( hGSSAPI, "gss_test_oid_set_member" )) == NULL )
  9349.     {
  9350.         load_error = 1;
  9351.     }
  9352.     if (((FARPROC) p_gss_add_oid_set_member =
  9353.           GetProcAddress( hGSSAPI, "gss_add_oid_set_member" )) == NULL )
  9354.     {
  9355.         load_error = 1;
  9356.     }
  9357.     if (((FARPROC) p_gss_create_empty_oid_set =
  9358.           GetProcAddress( hGSSAPI, "gss_create_empty_oid_set" )) == NULL )
  9359.     {
  9360.         load_error = 1;
  9361.     }
  9362.     if (((FARPROC) p_gss_release_cred =
  9363.           GetProcAddress( hGSSAPI, "gss_release_cred" )) == NULL )
  9364.     {
  9365.         load_error = 1;
  9366.     }
  9367.     if (((FARPROC) p_gss_delete_sec_context =
  9368.           GetProcAddress( hGSSAPI, "gss_delete_sec_context" )) == NULL )
  9369.     {
  9370.         load_error = 1;
  9371.     }
  9372.     if (((FARPROC) p_gss_accept_sec_context =
  9373.           GetProcAddress( hGSSAPI, "gss_accept_sec_context" )) == NULL )
  9374.     {
  9375.         load_error = 1;
  9376.     }
  9377.     if (((FARPROC) p_gss_release_oid_set =
  9378.           GetProcAddress( hGSSAPI, "gss_release_oid_set" )) == NULL )
  9379.     {
  9380.         load_error = 1;
  9381.     }
  9382.     if (((FARPROC) p_gss_acquire_cred =
  9383.           GetProcAddress( hGSSAPI, "gss_acquire_cred" )) == NULL )
  9384.     {
  9385.         load_error = 1;
  9386.     }
  9387.     if (((FARPROC) p_gss_display_name =
  9388.           GetProcAddress( hGSSAPI, "gss_display_name" )) == NULL )
  9389.     {
  9390.         load_error = 1;
  9391.     }
  9392.     if (((FARPROC) p_gss_get_mic =
  9393.           GetProcAddress( hGSSAPI, "gss_get_mic" )) == NULL )
  9394.     {
  9395.         load_error = 1;
  9396.     }
  9397. #else /* NT */
  9398.     exe_path = GetLoadPath();
  9399.     len = get_dir_len(exe_path);
  9400.     if ( len + strlen(dllname) + 4 > sizeof(path) )
  9401.         return(0);
  9402.     sprintf(path, "%.*s%s.DLL", len, exe_path,dllname);         /* safe */
  9403.     rc = DosLoadModule(fail, sizeof(fail), path, &hGSSAPI);
  9404.     if (rc) {
  9405.         debug(F111, "GSSAPI LoadLibrary failed",fail,rc) ;
  9406.         rc = DosLoadModule(fail, sizeof(fail), dllname, &hGSSAPI);
  9407.     }
  9408.  
  9409.     if (rc) {
  9410.         debug(F111, "GSSAPI LoadLibrary failed",fail,rc) ;
  9411.         return(0);
  9412.     }
  9413.  
  9414.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_release_buffer",
  9415.                               (PFN*)&p_gss_release_buffer))
  9416.     {
  9417.         debug(F111,"GSSAPI GetProcAddress failed","gss_release_buffer",rc);
  9418.         load_error = 1;
  9419.     }
  9420.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_seal",
  9421.                               (PFN*)&p_gss_seal))
  9422.     {
  9423.         debug(F111,"GSSAPI GetProcAddress failed","gss_seal",rc);
  9424.         load_error = 1;
  9425.     }
  9426.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_unseal",
  9427.                               (PFN*)&p_gss_unseal))
  9428.     {
  9429.         debug(F111,"GSSAPI GetProcAddress failed","gss_unseal",rc);
  9430.         load_error = 1;
  9431.     }
  9432.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_release_name",
  9433.                               (PFN*)&p_gss_release_name))
  9434.     {
  9435.         debug(F111,"GSSAPI GetProcAddress failed","gss_release_name",rc);
  9436.         load_error = 1;
  9437.     }
  9438.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_init_sec_context",
  9439.                               (PFN*)&p_gss_init_sec_context))
  9440.     {
  9441.         debug(F111,"GSSAPI GetProcAddress failed","gss_init_sec_context",rc);
  9442.         load_error = 1;
  9443.     }
  9444.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_import_name",
  9445.                               (PFN*)&p_gss_import_name))
  9446.     {
  9447.         debug(F111,"GSSAPI GetProcAddress failed","gss_import_name",rc);
  9448.         load_error = 1;
  9449.     }
  9450.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_display_status",
  9451.                               (PFN*)&p_gss_display_status))
  9452.     {
  9453.         debug(F111,"GSSAPI GetProcAddress failed","gss_display_status",rc);
  9454.         load_error = 1;
  9455.     }
  9456.     if (rc = DosQueryProcAddr(hGSSAPI,0,"gss_indicate_mechs",
  9457.                               (PFN*)&p_gss_indicate_mechs))
  9458.     {
  9459.         debug(F111,"GSSAPI GetProcAddress failed","gss_indicate_mechs",rc);
  9460.         load_error = 1;
  9461.     }
  9462. #endif /* NT */
  9463.  
  9464.     if ( load_error ) {
  9465.         load_gssapi_eh();
  9466.         return 0;
  9467.     }
  9468.     gssapi_loaded = 1;
  9469.     return(1);
  9470. }
  9471.  
  9472. int
  9473. ck_gssapi_unloaddll()
  9474. {
  9475.     if ( !gssapi_loaded )
  9476.         return(1);
  9477.  
  9478.     load_gssapi_eh();
  9479.     return(1);
  9480. }
  9481.  
  9482. int gssapi_avail() {
  9483.     return gssapi_loaded;
  9484. }
  9485. #else /* GSSAPI */
  9486. int ck_gssapi_unloaddll() { return 0; }
  9487. int gssapi_avail() { return 0; }
  9488. #endif /* GSSAPI */
  9489.  
  9490. int
  9491. ck_security_loaddll( void )
  9492. {
  9493.     ULONG rc = 0 ;
  9494.     extern unsigned long startflags;
  9495.  
  9496.     if ( security_dll_loaded )
  9497.         return(1);
  9498.  
  9499.     if ( startflags & 8 )       /* do not load if we are not supposed to */
  9500.         return(0);
  9501.  
  9502.     /* Cygnus Solutions builds the libraries differently from MIT */
  9503.     /* Cygnus combines KRB5_32 and COMERR32 into a single DLL     */
  9504.     /* called LIBKRB5.                                            */
  9505.  
  9506.     /* load dlls */
  9507. #ifdef CRYPT_DLL
  9508.     ck_crypt_loaddll();
  9509. #endif /* CRYPT_DLL */
  9510.  
  9511. #ifdef NTLM
  9512.     ck_sspi_loaddll();
  9513. #endif /* NTLM */
  9514.  
  9515. #ifdef CK_SRP
  9516.     if (ck_srp_loaddll() && hCRYPT)
  9517.         ck_krypto_loaddll();
  9518. #endif /* CK_SRP */
  9519.  
  9520. #ifdef CK_KERBEROS
  9521. #ifdef KRB5
  9522.     ck_krb5_loaddll();
  9523.     ck_gssapi_loaddll();
  9524. #endif /* KRB5 */
  9525. #ifdef KRB4
  9526.     ck_krb4_loaddll();
  9527. #endif /* KRB4 */
  9528. #endif /* CK_KERBEROS */
  9529.  
  9530. #ifdef CK_SSL
  9531.     ck_crypto_loaddll();
  9532.     ck_ssl_loaddll();
  9533. #endif /* CK_SSL */
  9534.  
  9535. #ifdef ZLIB
  9536.     ck_zlib_loaddll();
  9537. #endif /* ZLIB */
  9538.  
  9539.     /* success */
  9540.     security_dll_loaded = 1;
  9541.     return(1);
  9542. }
  9543.  
  9544. int
  9545. ck_security_unloaddll( void )
  9546. {
  9547.     if ( !security_dll_loaded )
  9548.         return(1);
  9549.  
  9550.     /* unload dlls */
  9551.     ck_krb4_loaddll_eh();
  9552.     ck_gssapi_unloaddll();
  9553.     ck_krb5_loaddll_eh();
  9554.  
  9555. #ifdef CK_SSL
  9556.     ck_ssl_unloaddll();
  9557.     ck_crypto_unloaddll();
  9558. #endif /* CK_SSL */
  9559.  
  9560. #ifdef ZLIB
  9561.     ck_zlib_unloaddll();
  9562. #endif /* ZLIB */
  9563.  
  9564. #ifdef CRYPT_DLL
  9565.     ck_crypt_unloaddll();
  9566. #endif /* CRYPT_DLL */
  9567.  
  9568. #ifdef NTLM
  9569.     ck_ntlm_unloaddll();
  9570. #endif /* NTLM */
  9571.  
  9572. #ifdef CK_SRP
  9573.     ck_srp_unloaddll();
  9574.     ck_krypto_unloaddll();
  9575. #endif /* CK_SRP */
  9576.  
  9577.     /* success */
  9578.     security_dll_loaded = 0;
  9579.     return(1);
  9580. }
  9581.  
  9582. #ifdef KRB5
  9583. int
  9584. is_NRL_KRB5()
  9585. {
  9586.     return !cygnus && p_decode_krb5_ticket && p_des_set_random_generator_seed &&
  9587.         p_krb5_appdefault_boolean && p_krb5_appdefault_string &&
  9588.         !p_krb5_free_unparsed_name && !p_krb5_auth_con_getrcache &&
  9589.         !p_krb5_c_enctype_compare  && !p_krb5_kuserok &&
  9590.         !p_krb5_get_renewed_creds && !p_krb5_get_validated_creds;
  9591. }
  9592.  
  9593. int
  9594. has_NEW_KRB5_CRYPTO()
  9595. {
  9596.     return(p_krb5_c_encrypt && p_krb5_c_decrypt && p_krb5_c_make_random_key &&
  9597.             p_krb5_c_random_seed && p_krb5_c_block_size && p_krb5_c_encrypt_length);
  9598. }
  9599. #endif /* KRB5 */
  9600. #endif /* End OS2 DLL Function Pointers */
  9601.  
  9602.  
  9603. #ifdef COMMENT
  9604. Undocumented function:
  9605.  
  9606. From: "Maxim S. Shatskih" <maxim__s@mtu-net.ru>
  9607. Looks like calling NtCreateToken from your service running under
  9608. LocalSystem is the only way.
  9609. The function is completely undocumented - looks like it accepts parameters
  9610. like user's SID, all groups SID's (to which this user belongs) and all
  9611. privilige
  9612. IDs - which this user posesses.
  9613. Calling the function will bypass NT security & log the specified user on
  9614. without
  9615. any password validation (you are free to use your own instead of NTs
  9616. standard) & audit trail. In fact, this means that you implement your own LSA
  9617. :-)
  9618.  
  9619.  
  9620. // untested
  9621. HCRYPTPROV hProvider = 0;
  9622. BYTE randomBytes[128];
  9623. CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
  9624. CryptGenRandom(hProvider, sizeof(randomBytes), randomBytes);
  9625.  
  9626. #endif /* COMMENT */
  9627. #endif /* CK_AUTHENTICATION */
  9628.