aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuido G√ľnther <agx@sigxcpu.org>2009-01-08 15:39:24 +0100
committerGuido Guenther <agx@sigxcpu.org>2009-01-08 15:39:24 +0100
commit7bb8b22d8da0f6a398e2102a20d885d885339496 (patch)
tree94e1c50195604b3bd532cc703e90f9eb96e80d67
import initial version
from https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/dd6fc290-0201-0010-c190-86ce775d5673
-rw-r--r--CVS/Entries17
-rw-r--r--CVS/Repository1
-rw-r--r--CVS/Root1
-rw-r--r--Makefile72
-rw-r--r--README447
-rwxr-xr-xbuild.AIX45
-rwxr-xr-xbuild.HP-UX36
-rwxr-xr-xbuild.OSF137
-rwxr-xr-xbuild.SunOS32
-rw-r--r--gssapi_2.h718
-rwxr-xr-xgssntlm.dllbin0 -> 70144 bytes
-rwxr-xr-xgssntlm.libbin0 -> 29714 bytes
-rwxr-xr-xmake.bat35
-rw-r--r--platform.h113
-rw-r--r--sncadapt.c1063
-rwxr-xr-xsncgss.exp54
-rw-r--r--sncgss.h601
-rw-r--r--sncgss32.def57
-rw-r--r--snckrb5.c1060
-rw-r--r--sncntlm.c1060
-rw-r--r--sncsecud.c1060
-rw-r--r--sncspkm1.c1060
22 files changed, 7569 insertions, 0 deletions
diff --git a/CVS/Entries b/CVS/Entries
new file mode 100644
index 0000000..7f8de80
--- /dev/null
+++ b/CVS/Entries
@@ -0,0 +1,17 @@
+/gssapi_2.h/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/platform.h/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/sncadapt.c/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/sncgss.h/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/sncgss32.def/1.1.1.1/Tue Aug 24 14:36:22 1999//
+/snckrb5.c/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/sncntlm.c/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/sncsecud.c/1.1.1.1/Tue Aug 24 14:36:22 1999//
+/sncspkm1.c/1.1.1.1/Tue Aug 24 14:36:21 1999//
+/Makefile/1.2/Tue Aug 24 14:37:57 1999//
+/build.AIX/1.2/Tue Aug 24 14:39:31 1999//
+/build.HP-UX/1.2/Tue Aug 24 14:39:31 1999//
+/build.OSF1/1.2/Tue Aug 24 14:39:31 1999//
+/build.SunOS/1.2/Tue Aug 24 14:39:31 1999//
+/sncgss.exp/1.2/Tue Aug 24 14:39:32 1999//
+/README/1.2/Tue Aug 24 14:59:34 1999//
+D
diff --git a/CVS/Repository b/CVS/Repository
new file mode 100644
index 0000000..7c08f7e
--- /dev/null
+++ b/CVS/Repository
@@ -0,0 +1 @@
+/sapmnt/uw1048/a/CVSroot/sncadapt
diff --git a/CVS/Root b/CVS/Root
new file mode 100644
index 0000000..3a23edb
--- /dev/null
+++ b/CVS/Root
@@ -0,0 +1 @@
+/sapmnt/uw1048/a/CVSroot
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..179ec85
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,72 @@
+##
+## $Id: Makefile,v 1.2 1999/08/24 14:37:57 d019080 Exp $
+##
+## (C) Copyright 1999 SAP AG Walldorf
+##
+## SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+## INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+## EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+## OF THIS SOFTWARE.
+##
+
+MDEFS= CC=cc CFLAGS=-g RM="rm -f" OBJ=.o EXE= LD=cc LDFLAGS=-g LIBS=-ldl XD= LDTARGET='-o $@'
+TAIL="`uname -s`"
+BUILD=./build.$(TAIL)
+
+XNAME = sncntlm
+SRCS = $(XNAME).c
+
+ALL_HDRS= gssapi_2.h platform.h sncgss.h
+
+OBJS= $(XD)$(XNAME)$(OBJ)
+
+TARGET= $(XD)$(XNAME)$(SHEXT)
+
+.c.o:
+ $(CC) $(SHFLAGS) $(CFLAGS) -c $<
+
+### targets
+
+all:
+ $(BUILD) $(MAKE) do-all
+
+clean:
+ $(BUILD) $(MAKE) do-clean
+
+
+do-all: $(TARGET)
+
+
+z $(XOBJS): $(SRCS)
+ $(CC) $(SHFLAGS) $(CFLAGS) -c $(SRCS)
+
+$(TARGET): $(OBJS)
+ $(LINK_SHARED) $(LDTARGET) $(LDFLAGS) $(OBJS) $(VENLIB) $(LINK_SHARED_END)
+
+
+do-clean: $(WIN_CLEAN)
+ $(RM) core
+ $(RM) $(XD)*$(OBJ)
+ $(RM) $(TARGET)
+
+win-clean:
+ del 2>NUL *.pdb
+ del 2>NUL *.idb
+ del 2>NUL *.plg
+ del 2>NUL *.ncb
+ del 2>NUL *.opt
+ del 2>NUL $(XD)*.sbr
+ del 2>NUL $(XD)*.lib
+ del 2>NUL $(XD)*.exp
+ del 2>NUL $(XD)*.pdb
+ del 2>NUL $(XD)*.ilk
+
+
+### dependencies
+
+$(XD)$(XNAME)$(OBJ): $(XNAME).c $(ALL_HDRS)
+
+
diff --git a/README b/README
new file mode 100644
index 0000000..85b6367
--- /dev/null
+++ b/README
@@ -0,0 +1,447 @@
+/*========================================================================*/
+/* $Id: README,v 1.2 1999/08/24 14:59:34 d019080 Exp $ */
+/*========================================================================*/
+
+SNC Adapter README
+
+Martin Rex,
+SAP AG Walldorf
+Email: <Martin.Rex@sap-ag.de>
+
+
+
+SNC stands for "Secure Network Communication" and refers to the
+functionality in SAP R/3 components that performs strong authentication
+and message protection via external software products that implement
+the IETF-defined standard "Generic Security Services API Version 2"
+(GSS-API v2).
+
+This "document" briefly describes purpose, structure, usage of
+the SNC Adapter and tells you how to build an SNC Adapter for
+(new) gssapi mechanisms that SNC doesn't know about.
+
+
+ 1. Purpose
+ -- What is an SNC Adapter ?
+
+ 2. Operational model
+ -- How the SNC Adapter works
+
+ 3. Usage / Installation
+ -- Installation/configuration/use of a
+ product with an SNC Adapter.
+
+ 4. Configuration Items for a custom SNC-Adapter
+
+ 5. Registering a SAPGSS_ID and a PREFIX with SAP
+
+ 6. MAKE
+ -- How to build your own/custom SNC Adapter.
+
+ 7. References
+ -- Additional reading material.
+
+
+
+1. Purpose: What is an SNC-Adapter.
+===================================
+
+ The SNC-Adapter is a thin wrapper or intermediate component
+ to attach a third party security software to the SNC functionality
+ of SAP R/3 via an GSS-API v2 compatible interface.
+
+ The SNC Adapter includes an additional (initialization) call
+ that provides SNC with static information about some characteristics
+ of the gssapi mechanism that cannot be queried via the regular
+ GSS-API functions. All regular GSS-API v2 functions are simply
+ passed on to the gssapi mechanism.
+
+ GSS-API mechanisms can be distinguished by their mechanism OID.
+ There are 3 mechanism OIDs which SNC already knows about, and for
+ which it may use a built-in SNC-Adapter -- provided that the shared
+ library GSS-API interface of the particular product/implementation
+ is directly compatible with SNC:
+
+ (1) The Kerberos 5 GSS-API mechanism (rfc1964),
+ mechanism OIDs {1 3 5 1 5 2} and {1 2 840 113554 1 2 2}
+
+ (2) The proprietary SECUDE 5 gssapi mechanism,
+ mechanism OID {1 3 36 3 1 37 1}
+
+ (3) The SAPNTLM gssapi mechanism supplied by SAP which
+ offers NTLM-based Single Sign-On for Win32 platforms,
+ mechanism OID {1 3 6 1 4 1 694 2 1 2}
+
+ External SNC-Adapters for arbitrary GSS-API mechanisms can be built
+ with the sample sources provided in this distribution.
+ See "Section 6: MAKE" on how to do this.
+
+
+
+2. Operational model
+====================
+
+ An SNC-Adapter is intended as a very thin wrapper on top of the
+ gssapi functions of an arbitrary GSS-API v2 compliant gssapi mechanism.
+ I doesn't change any of the functionality available at the gssapi
+ level, it only provides a little additional configuration information
+ to SNC how to deal with this mechanism and it will allow to accomodate
+ for differences at the binary shared library interface between SAP R/3
+ and the gssapi library.
+
+ All gss-api functions are imported by the SNC-Adapter with their
+ original name and are re-exported with the prefix "sap" to the
+ function name, e.g.:
+
+ gss_acquire_cred() --> sapgss_acquire_cred()
+
+
+ Besides the regular gssapi functions there are 3 additional
+ SNC-specific functions:
+
+ (1) sapsnc_init_adapter()
+
+ (2) sapsnc_export_cname_blob() -- HISTORIC, LEAVE IT ALONE
+ (3) sapsnc_import_cname_blob() -- HISTORIC, LEAVE IT ALONE
+
+ Function (1) "sapsnc_init_adapter()" provides static information
+ about some characteristics of the underlying gssapi mechanism to
+ which this SNC-Adapter is linked.
+
+ The functions (2) and (3) are historic and they are no longer used
+ by SNC in R/3 Releases 3.1I and newer.
+
+ The only function where the sample adapter source contains extra code
+ is sapgss_indicate_mechs(), because SNC will use exactly the first
+ mechanism OID from the list of mechanisms returned by
+ sapgss_indicate_mechs().
+
+ If SNC is enabled for an R/3 component, SNC will try to dynamically
+ load the configured gssapi library at runtime.
+
+ (a) If SNC finds the 3 additional SNC functions in the library,
+ the library is assumed to be an external SNC-Adapter and
+ all gssapi functions will be resolved with the function
+ name prefixed by "sap".
+ When loading is complete, sapsnc_init_adapter() will be
+ called followed by a call to sapgss_indicate_mechs().
+
+ (b) If SNC doesn't find the 3 additional SNC functions in the
+ library, the library is assumed to be a vanilla gssapi
+ library and the gssapi functions will be resolved with their
+ regular names.
+ When loading is complete, gss_indicate_mechs() will be
+ called, and the returned OID_set will be searched for
+ a known mechanism, for which the SNC-Adapter information
+ is already compiled into SNC (see Section 1).
+
+ It is possible to supply an external SNC-Adapter for any of the
+ mechanism already known by SNC. Sample external SNC-Adapters
+ for Kerberos5, SECUDE and SAPNTLM are contained in this distribution
+ (snckrb5.c, sncsecud.c, sncntlm.c).
+
+
+
+3. Usage / Installation / Operation of a Product with SNC-Adapter
+=================================================================
+
+ In order to enable Secure Network Communications (SNC) for any
+ R/3 component, you must specify the location of shared library
+ that provides the gssapi services. Depending on the component
+ this may be through the profile parameter "snc/gssapi_lib",
+ the command line parameter SNC_LIB, environment variable SNC_LIB
+ or rfc.ini-parameter SNC_LIB.
+
+ Specifying the gssapi shared library directly without an
+ intermediate SNC-Adapter works only for the 3 gssapi mechanisms
+ (Kerberos5,SECUDE,SAPNTLM) which SNC already knows.
+ It is up to the vendor of the third party security software
+ whether he includes the SNC-Adapter code directly within
+ his own library or provides it as a seperate shared library.
+ SNC will always try to load the library as an SNC-Adapter,
+ before it checks for a known gssapi library. Therefore it is
+ ok if the shared library exports not only the SNC-Adapter
+ functions but lots of other functions/APIs as well,
+ including a regular gssapi.
+
+ There are several potential issues with shared libraries and
+ dynamic dependencies of one shared library on another one,
+ so you should carefully consider your options how you want
+ to build and finally ship a shared library suitable for use
+ with SNC respectively SAP R/3.
+ (The severity of these potential issues vary across platforms.)
+
+ My recommendation: link all of your object files, including the
+ SNC-Adapter into one single large shared library (respectively DLL).
+ On Unix platforms, relink all of your object files including
+ the SNC-Adapter into one large object file with "ld -r"
+ and then link that single object into one shared library.
+ This will probably save yourself and your customers some headaches
+ in the long run.
+
+ Potential issues with shared libraries:
+
+ (1) shared library initialization/cleanup during load/unload
+
+ Certain languages (e.g. C++) may require that an initialization
+ function is called when the library is loaded and a cleanup
+ function is called before the library is unloaded.
+
+ On Microsoft Windows this is fairly easy, adequately documented
+ and it works. (DllMain entry point).
+
+ I don't know how it works on the various Unix platforms,
+ but I've heard of various problems, and I haven't seen
+ any documentation from any vendor so far.
+ (There is apparently a bug in the HP-UX 10.20 linker,
+ and AIX supports it only from Release 4.2 onward).
+ If your code needs it, GOOD LUCK!
+
+ (2) implicit loading of dependent shared libraries
+
+ If a shared library (or DLL) is not self-contained, but
+ contains implicit dynamic dependencies to other shared libraries
+ placed there when the shared library was compiled and linked,
+ then the system loader will attempt to load the dependents
+ whenever the top-level shared library is loaded.
+
+ When dynamic runtime loading (via dlopen()/LoadLibrary()/...)
+ is used by the application to load a shared library at runtime,
+ it can be loaded from anywhere in the filesystem.
+ When the shared library that is to be runtime loaded
+ contains implicit dependencies on other shared libraries,
+ very platform specific rules will determine where the
+ system loader will look for those other shared libraries
+ and what it will do when it cannot find suitable libraries.
+
+ Win32 search locations for dependents:
+ the normal search order would be:
+ path of the executable
+ %SystemRoot%\System32
+ %SystemRoot%
+ PATH environment variable
+
+ but beware of "Highlanders" -- i.e. registered shared
+ libraries and the shared library cache.
+
+ Unix search locations for dependents:
+ Is hard to impossible to give any reliable rules, since
+ every platform is different and has their own knobs and
+ switches to change the behaviour. Here are some general
+ Unix rules:
+ * Unix does NOT know the directory of the executable,
+ and it does NOT look for shared libraries in the
+ PATH environment variable.
+
+ * There is a system-default list of directories where
+ system loader can search for shared libraries.
+ (e.g. /lib, /usr/lib, /usr/share/lib, ...)
+
+ * Every platform respects an environment variable that
+ may contain one or more directories to search when
+ looking for a shared library. But this environment
+ variable is only honored when (uid)==(euid).
+ LD_LIBRARY_PATH Digital Unix, Linux, Reliant Unix,
+ Sinix, Solaris
+ SHLIB_PATH HP-UX
+ LIB_PATH AIX
+
+ * Most platforms allow to compile-in a list of directories
+ into the executable(!) where to search for shared libraries
+
+ * HP-UX memorizes the exact and full pathname where "ld" found
+ the shared library during the link step of the executable
+ (or higher-level shared library). This original path
+ will be used if other locations fail. This may cause
+ usability problems to NOT show up on development machines.
+
+ * Some platforms allow to reorder the priority of
+ (original location), (compiled-in directory list) and
+ (environment variable), and some platforms allow to
+ selectively disable one or the other feature.
+ (e.g. HP-UX "chatr" command)
+
+ * When (uid)==(euid) a platform-dependent environment variable
+ (LD_LIBRARY_PATH, SHLIB_PATH or LIBPATH) may contain a
+ list of directories where to look for the library.
+
+ * When (uid)!=(euid) or when disabled for the executable,
+ only the compiled-in search path and system-default
+ shared library directories are searched
+ (e.g. /lib,/usr/lib,/usr/share/lib,/usr/local/lib)
+
+ * On some platforms it is possible to compile a shared
+ library search list into executables as well as into shared
+ libraries. Probably the list of the executable takes
+ precedence. However, you cannot set/change the compiled-in
+ search path in executables from other vendors ...
+
+
+
+
+4. Configuration Items for a custom SNC-Adapter
+================================================
+
+ In order to create a custom SNC-Adapter that interfaces to
+ your own gssapi mechanism, you need to fill in the following
+ information into the "sncadapt.c" sample source:
+
+ ADAPTER_MECH_ID -- register with SAP
+ ADAPTER_MECH_PREFIX -- register with SAP
+ ADAPTER_MECH_NAME
+ ADAPTER_MECHANISM_OID
+ ADAPTER_NAMETYPE_OID
+ ADAPTER_CONF_AVAIL
+ ADAPTER_INTEG_AVAIL
+ ADAPTER_MUTUAL_AUTH
+ ADAPTER_REPLAY_PROT
+
+ In detail:
+
+ ADAPTER_MECH_ID (16-bit unsigned integer) -- register with SAP
+ This is a numeric tag that SNC uses internally to distinguish
+ different gssapi mechanisms.
+
+ ADAPTER_MECH_PREFIX (ASCII string) -- register with SAP
+ This prefix must be at most 7 alphanumeric lowercase characters,
+ and it is used internally by SNC in the nametype-prefix of SNC-Names
+ to bind printable names to specific mechanisms. This prefix can
+ be passed to SNC within printable SNC-Names, however the concurrent
+ use of multiple gssapi libraries is NOT supported by SNC.
+
+ ADAPTER_MECH_NAME (ASCII string)
+ This name is used for the printable identification of
+ the SNC-Adapter and used for diagnostic purposes only.
+
+ ADAPTER_MECHANISM_OID (gss_OID)
+ This is the mechanism OID of your gssapi mechanism.
+
+ ADAPTER_NAMETYPE_OID (gss_OID)
+ This is the nametype OID that your gssapi mechanism uses
+ to tag canonical printable names. It is also the nametype oid
+ that will be used to pass SNC-Names to _this_ gssapi library
+ when they were prefixed with "p:"
+ (Other valid SNC-Name prefixes are "u:" and "s:", which indicate
+ to use the standardized generic nametypes GSS_C_NT_USER_NAME
+ and GSS_C_NT_HOSTBASED_SERVICE)
+
+ ADAPTER_CONF_AVAIL (Boolean)
+ Indicates whether this gssapi mechanism will unconditionally
+ support message confidentiality protection on all successfully
+ established security contexts.
+
+ ADAPTER_INTEG_AVAIL (Boolean)
+ Indicates whether this gssapi mechanism will unconditionally
+ support message integrity protection on all successfully
+ established security contexts.
+
+ ADAPTER_MUTUAL_AUTH (Boolean)
+ Indicates whether this gssapi mechanism will unconditionally
+ support mutual authentication on all successfully established
+ security context where this feature was requested during
+ gss_init_sec_context().
+
+ ADAPTER_REPLAY_PROT (Boolean)
+ Indicates whether this gssapi mechanism will unconditionally
+ support message replay protection on all successfully established
+ security contexts where this feature was requested during
+ gss_init_sec_context()
+
+
+
+
+5. Registering a SAPGSS_ID and a PREFIX with SAP
+=================================================
+
+ Send an Email to <Martin.Rex@sap-ag.de> and request a SAPGSS_ID
+ and propose a prefix up to 7 alphanumeric lowercase characters.
+ Please include the name of your product and the list of
+ features (see Section 4) that you are going to configure.
+
+ I would really appreciate if could additionally enclose the output
+ from our gssapi verification program GSSTEST when running it with
+ your gssapi implementation.
+
+
+
+6. MAKE -- How to build your own/custom SNC-Adapter
+=====================================================
+
+ This distribution contains the sample sources for several preconfigured
+ SNC-Adapters (sncntlm.c, snckrb5.c, sncspkm1.c, sncsecud.c) and the
+ template "sncadapt.c" which you can use to build your own SNC-Adapter.
+
+ You are free to tear the "sncadapt.c" template apart and integrate
+ the necessary pieces into your own product. See Section 4 what
+ you will need to configure to build an SNC-Adapter for your own
+ custom gssapi mechanism.
+
+ Included are a Makefile and build scripts for the following platforms:
+ AIX 4.x, Solaris 2.x, Digital Unix 4.x, HP-UX 10.x
+ and a batch file "make.bat" for Microsoft Win32 platforms using
+ the Microsoft Visual C compiler v5 or v6 (Visual Studio 97 or 98).
+
+ For both, Unix and Win32, the filename for the source and the
+ basename of the target shared library is defined in the
+ Makefile with "XNAME=". Edit this definition when necessary.
+
+ On the Unix platforms, you need to add the necessary linker
+ parameters into the build.<platform> shell script into the
+ variable definition for VENLIB so that your own gssapi library
+ can be found and linked to the SNC-Adapter.
+
+ On Windows platforms you also need to edit make.bat and modify
+ the variable definition VENLIB. Currently make.bat is configured
+ to supply the name of the included gssntlm.lib so that the
+ sample SNC-Adapter debug\sncntlm.dll will be generated if you
+ enter "make" in the directory (provided that the Visual compiler
+ environment is available).
+
+
+ If you supply the name of your shared library for "VENLIB="
+ then this sample build environment will create a standalone
+ SNC-Adapter shared library with an implicit dependency on
+ your shared library. As discussed in Section 3, this approach
+ may have significant administrative disadvantages, especially
+ on Unix (because this will usually require the environment
+ variable for the shared library search path to make it work).
+ For Unix, you could either supply an archive library of
+ position independent object files or integrate the
+ SNC-Adapter source into your own shared library, so
+ that you end up with a single shared libraries without
+ implicit dependencies on custom libraries, thus removing
+ the administrative requirement for the environment variable.
+
+
+
+
+7. References: Additional reading material
+===========================================
+
+ * "Generic Security Service Application Program Interface,
+ Version 2, Update 1", John Linn, December 1998
+ NOTE: This document is available only as an Internet draft with the
+ name "draft-ietf-cat-rfc2078bis-08.txt". However, this draft
+ is expected to become an RFC in Fall 1999
+
+ * RFC2078: "Generic Security Service Application Program Interface,
+ Version 2", John Linn, January 1997
+ NOTE: This document will soon be updated/replaced by
+ "draft-ietf-cat-rfc2078bis-08.txt", see above
+
+ * "Generic Security Service API Version 2 : C-bindings"
+ John Wray, November 1998
+ NOTE: This document is available only as an internet draft with the
+ name "draft-ietf-cat-gssv2-cbind-08.txt". However, this draft
+ is expected to become an RFC in Fall 1999
+
+
+ * RFC-1964: "The Kerberos Version 5 GSS-API Mechanism"
+ John Linn, June 1996
+
+
+ * RFC-2025: "The Simple Public-Key GSS-API Mechanism (SPKM)"
+ Carlisle Adams, October 1996
+
+============================================================================
+
diff --git a/build.AIX b/build.AIX
new file mode 100755
index 0000000..6d188a3
--- /dev/null
+++ b/build.AIX
@@ -0,0 +1,45 @@
+#!/bin/sh
+#
+# $Id: build.AIX,v 1.2 1999/08/24 14:39:31 d019080 Exp $
+#
+OBJ=".o"
+CC="xlc"
+MAJOR="`uname -v`"
+MINOR="`uname -r`"
+CFLAGS="-z -qlanglvl=ansi -qarch=com -qspill=1024"
+if [ "${MAJOR}${MINOR}" -ge 40 ] ; then
+ CFLAGS="$CFLAGS -qinfo"
+else
+ CFLAGS="$CFLAGS -D_POSIX_SOURCE -D_ALL_SOURCE"
+fi
+RM="rm -f"
+EXE=""
+LD="$CC"
+LDFLAGS=""
+LDTARGET='-o $@'
+XD=""
+if [ "${MAJOR}${MINOR}" -ge 42 ] ; then
+ # dlopen() is used in AIX 4.2
+ SHLIB=".so"
+ LDLIBS="-ldl"
+else
+ SHLIB=".o"
+ LDLIBS=""
+fi
+SHFLAGS=""
+LINK_SHARED="ld -L/usr/lib -bM:SRE -T512 -H512 -bnoentry"
+LINK_SHARED_END=" -lc $LDLIBS -bE:sncgss.exp"
+
+#VENLIB="-L/your/software/path -lgssapi"
+VENLIB=""
+if [ "$VENLIB" = "" ] ; then
+ echo "***"
+ echo "*** Please edit $0 and define VENLIB to link your"
+ echo "*** GSS-API v2 shared library"
+ echo "***"
+ exit 1
+fi
+
+export OBJ CC CFLAGS RM EXE LDLIBS LD LDTARGET LDFLAGS XD
+export SHEXT SHFLAGS LINK_SHARED LINK_SHARED_END VENLIB
+"$@"
diff --git a/build.HP-UX b/build.HP-UX
new file mode 100755
index 0000000..d015f77
--- /dev/null
+++ b/build.HP-UX
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# $Id: build.HP-UX,v 1.2 1999/08/24 14:39:31 d019080 Exp $
+#
+OBJ=".o"
+CC="cc"
+CFLAGS="-Ae -g -DXDEBUG=1"
+RM="rm -f"
+EXE=""
+LD="$CC"
+LDFLAGS=""
+LDTARGET='-o $@'
+XD=""
+LDLIBS="-Wl,-a,default -lc -ldld"
+if [ -f /opt/langtools/lib/end.o ] ; then
+ # this is for shared library debugging on HP-UX (10.20) ...
+ LDLIBS="${LDLIBS} /opt/langtools/lib/end.o"
+fi
+SHEXT=".sl"
+SHFLAGS="+z"
+LINK_SHARED="ld +vshlibunsats +s -b"
+LINK_SHARED_END="-a default -lc"
+
+#VENLIB="-L/your/software/path +b /your/software/path -lgssapi"
+VENLIB="-L/sapmnt/hs0101/b/security/secude5.2/hp/lib.secude -lsecude"
+if [ "$VENLIB" = "" ] ; then
+ echo "***"
+ echo "*** Please edit $0 and define VENLIB to link your"
+ echo "*** GSS-API v2 shared library"
+ echo "***"
+ exit 1
+fi
+
+export OBJ CC CFLAGS RM EXE LDLIBS LD LDTARGET LDFLAGS XD
+export SHEXT SHFLAGS LINK_SHARED LINK_SHARED_END VENLIB
+"$@"
diff --git a/build.OSF1 b/build.OSF1
new file mode 100755
index 0000000..b7134d4
--- /dev/null
+++ b/build.OSF1
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# $Id: build.OSF1,v 1.2 1999/08/24 14:39:31 d019080 Exp $
+#
+OBJ=".o"
+CC="cc"
+CFLAGS="-std1 -g -DXDEBUG=1"
+RM="rm -f"
+EXE=""
+LD="$CC"
+LDFLAGS=""
+LDTARGET='-o $@'
+XD=""
+LDLIBS=""
+SHEXT=".so"
+SHFLAGS=""
+LINK_SHARED="ld -shared"
+LINK_SHARED_END="-lc"
+
+# needs LD_LIBRAR_PATH if gssapi library is a true shared library
+# preferably, the gssapi library should be an archive library
+# of position-independent objects so that setting LD_LIBRARY_PATH
+# will not be necessary for the executable
+#
+#VENLIB="-L/your/software/path -rpath /your/software/path -lgssapi"
+VENLIB=""
+if [ "$VENLIB" = "" ] ; then
+ echo "***"
+ echo "*** Please edit $0 and define VENLIB to link your"
+ echo "*** GSS-API v2 shared library"
+ echo "***"
+ exit 1
+fi
+
+export OBJ CC CFLAGS RM EXE LDLIBS LD LDTARGET LDFLAGS XD
+export SHEXT SHFLAGS LINK_SHARED LINK_SHARED_END VENLIB
+"$@"
diff --git a/build.SunOS b/build.SunOS
new file mode 100755
index 0000000..60d3130
--- /dev/null
+++ b/build.SunOS
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# $Id: build.SunOS,v 1.2 1999/08/24 14:39:31 d019080 Exp $
+#
+OBJ=".o"
+CC="/opt/SUNWspro/bin/cc"
+CFLAGS="-Xa -g -DXDEBUG=1"
+RM="rm -f"
+EXE=""
+LD="$CC"
+LDFLAGS="$CFLAGS -ldl -lnsl -lthread"
+LDTARGET='-o $@'
+XD=""
+LDLIBS="-ldl"
+SHEXT=".so"
+SHFLAGS="-Kpic"
+LINK_SHARED="$(CC) -G"
+LINK_SHARED_END=""
+
+#VENLIB="-L/your/software/path -R/your/software/path -lgssapi"
+VENLIB=""
+if [ "$VENLIB" = "" ] ; then
+ echo "***"
+ echo "*** Please edit $0 and define VENLIB to link your"
+ echo "*** GSS-API v2 shared library"
+ echo "***"
+ exit 1
+fi
+
+export OBJ CC CFLAGS RM EXE LDLIBS LD LDTARGET LDFLAGS XD
+export SHEXT SHFLAGS LINK_SHARED LINK_SHARED_END VENLIB
+"$@"
diff --git a/gssapi_2.h b/gssapi_2.h
new file mode 100644
index 0000000..95330c2
--- /dev/null
+++ b/gssapi_2.h
@@ -0,0 +1,718 @@
+/*********************************************************************
+ * $Id: gssapi_2.h,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $
+ *********************************************************************/
+
+/*
+ * GSS-API Version 2 Header File, See RFC 2xxx
+ */
+
+#ifndef _GSSAPI_H_
+#define _GSSAPI_H_
+
+/*
+ * Determine platform-dependent configuration.
+ */
+
+#ifndef _XX_PLATFORM_H_
+# include "platform.h"
+#endif
+
+#define GSS_SIZEOF_SHORT XX_SIZEOF_SHORT
+#define GSS_SIZEOF_INT XX_SIZEOF_INT
+#define GSS_SIZEOF_LONG XX_SIZEOF_LONG
+
+/*
+ * The following type must be defined as the smallest natural
+ * unsigned integer supported by the platform that has at least
+ * 32 bits of precision.
+ */
+typedef Uint32 gss_uint32;
+
+
+
+
+/*
+ *###########################################################
+ *## One common gssapi_2.h Header file for all platforms ##
+ *###########################################################
+ */
+
+
+
+/*
+ * First, include stddef.h to get size_t defined.
+ */
+#include <stddef.h>
+
+
+/*
+ * First, define the three platform-dependent pointer types.
+ */
+typedef void FAR * gss_ctx_id_t;
+typedef void FAR * gss_cred_id_t;
+typedef void FAR * gss_name_t;
+
+
+typedef gss_uint32 OM_uint32;
+
+typedef struct gss_OID_desc_struct {
+ OM_uint32 length;
+ void FAR * elements;
+} gss_OID_desc, FAR * gss_OID;
+
+
+typedef struct gss_OID_set_desc_struct {
+ size_t count;
+ gss_OID elements;
+} gss_OID_set_desc, FAR * gss_OID_set;
+
+typedef struct gss_buffer_desc_struct {
+ size_t length;
+ void FAR * value;
+} gss_buffer_desc, FAR * gss_buffer_t;
+
+typedef struct gss_channel_bindings_struct {
+ OM_uint32 initiator_addrtype;
+ gss_buffer_desc initiator_address;
+ OM_uint32 acceptor_addrtype;
+ gss_buffer_desc acceptor_address;
+ gss_buffer_desc application_data;
+} FAR * gss_channel_bindings_t;
+
+/*
+ * For now, define a QOP-type as an OM_uint32 (pending resolution
+ * of ongoing discussions).
+ */
+typedef OM_uint32 gss_qop_t;
+typedef int gss_cred_usage_t;
+
+/*
+ * Flag bits for context-level services.
+ */
+#define GSS_C_DELEG_FLAG 1
+#define GSS_C_MUTUAL_FLAG 2
+#define GSS_C_REPLAY_FLAG 4
+#define GSS_C_SEQUENCE_FLAG 8
+#define GSS_C_CONF_FLAG 16
+#define GSS_C_INTEG_FLAG 32
+#define GSS_C_ANON_FLAG 64
+#define GSS_C_PROT_READY_FLAG 128
+#define GSS_C_TRANS_FLAG 256
+
+/*
+ * Credential usage options
+ */
+#define GSS_C_BOTH 0
+#define GSS_C_INITIATE 1
+#define GSS_C_ACCEPT 2
+
+/*
+ * Status code types for gss_display_status
+ */
+#define GSS_C_GSS_CODE 1
+#define GSS_C_MECH_CODE 2
+
+/*
+ * The constant definitions for channel-bindings address families
+ */
+#define GSS_C_AF_UNSPEC 0
+#define GSS_C_AF_LOCAL 1
+#define GSS_C_AF_INET 2
+#define GSS_C_AF_IMPLINK 3
+#define GSS_C_AF_PUP 4
+#define GSS_C_AF_CHAOS 5
+#define GSS_C_AF_NS 6
+#define GSS_C_AF_NBS 7
+#define GSS_C_AF_ECMA 8
+#define GSS_C_AF_DATAKIT 9
+#define GSS_C_AF_CCITT 10
+#define GSS_C_AF_SNA 11
+#define GSS_C_AF_DECnet 12
+#define GSS_C_AF_DLI 13
+#define GSS_C_AF_LAT 14
+#define GSS_C_AF_HYLINK 15
+#define GSS_C_AF_APPLETALK 16
+#define GSS_C_AF_BSC 17
+#define GSS_C_AF_DSS 18
+#define GSS_C_AF_OSI 19
+#define GSS_C_AF_X25 21
+
+#define GSS_C_AF_NULLADDR 255
+
+/*
+ * Various Null values
+ */
+#define GSS_C_NO_BUFFER ((gss_buffer_t) 0)
+#define GSS_C_NO_NAME ((gss_name_t) 0)
+#define GSS_C_NO_OID ((gss_OID) 0)
+#define GSS_C_NO_OID_SET ((gss_OID_set) 0)
+#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0)
+#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0)
+#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0)
+#define GSS_C_EMPTY_BUFFER {0, NULL}
+
+/*
+ * Some alternate names for a couple of the above values.
+ * These are defined for V1 compatibility.
+ */
+#define GSS_C_NULL_OID GSS_C_NO_OID
+#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET
+
+/*
+ * Define the default Quality of Protection for per-message
+ * services. Note that an implementation that offers multiple
+ * levels of QOP may either reserve a value (for example zero,
+ * as assumed here) to mean "default protection", or
+ * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific
+ * explicit QOP value. However, a value of 0 should always be
+ * interpreted by a GSSAPI implementation as a request for the
+ * default protection level.
+ */
+#define GSS_C_QOP_DEFAULT 0
+
+/*
+ * Expiration time of 2^32-1 seconds means infinite lifetime for a
+ * credential or security context
+ */
+#define GSS_C_INDEFINITE 0xfffffffful
+#define GSS_C_EXPIRED 0ul
+
+
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {6, (void *)"\x2b\x06\01\x05\x06\x03"},
+ * corresponding to an object identifier value of
+ * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
+ * 6(nametypes), 3(gss-anonymous-name)}. The constant
+ * and GSS_C_NT_ANONYMOUS should be initialized to point
+ * to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_ANONYMOUS;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {6, (void *)"\x2b\x06\x01\x05\x06\x04"},
+ * corresponding to an object-identifier value of
+ * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
+ * 6(nametypes), 4(gss-api-exported-name)}. The constant
+ * GSS_C_NT_EXPORT_NAME should be initialized to point
+ * to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_EXPORT_NAME;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"},
+ * corresponding to an object-identifier value of
+ * {iso(1) member-body(2) United States(840) mit(113554)
+ * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant
+ * GSS_C_NT_USER_NAME should be initialized to point
+ * to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_USER_NAME;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"},
+ * corresponding to an object-identifier value of
+ * {iso(1) member-body(2) United States(840) mit(113554)
+ * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}.
+ * The constant GSS_C_NT_MACHINE_UID_NAME should be
+ * initialized to point to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_MACHINE_UID_NAME;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"},
+ * corresponding to an object-identifier value of
+ * {iso(1) member-body(2) United States(840) mit(113554)
+ * infosys(1) gssapi(2) generic(1) string_uid_name(3)}.
+ * The constant GSS_C_NT_STRING_UID_NAME should be
+ * initialized to point to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_STRING_UID_NAME;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
+ * "\x01\x02\x01\x04"}, corresponding to an
+ * object-identifier value of {iso(1) member-body(2)
+ * Unites States(840) mit(113554) infosys(1) gssapi(2)
+ * generic(1) service_name(4)}. The constant
+ * GSS_C_NT_HOSTBASED_SERVICE should be initialized
+ * to point to that gss_OID_desc.
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_HOSTBASED_SERVICE;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
+ * corresponding to an object-identifier value of
+ * {iso(1) org(3) dod(6) internet(1) security(5)
+ * nametypes(6) gss-host-based-services(2)). The constant
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
+ * to that gss_OID_desc. This is a deprecated OID value, and
+ * implementations wishing to support hostbased-service names
+ * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
+ * defined below, to identify such names;
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
+ * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
+ * parameter, but should not be emitted by GSSAPI
+ * implementations
+ */
+extern gss_OID DLL_DATA_DECO GSS_C_NT_HOSTBASED_SERVICE_X;
+
+
+
+/* Major status codes */
+
+#define GSS_S_COMPLETE 0
+
+/*
+ * Some "helper" definitions to make the status code macros obvious.
+ */
+#define GSS_C_CALLING_ERROR_OFFSET 24
+#define GSS_C_ROUTINE_ERROR_OFFSET 16
+#define GSS_C_SUPPLEMENTARY_OFFSET 0
+#define GSS_C_CALLING_ERROR_MASK 0377ul
+#define GSS_C_ROUTINE_ERROR_MASK 0377ul
+#define GSS_C_SUPPLEMENTARY_MASK 0177777ul
+
+/*
+ * The macros that test status codes for error conditions. Note that the
+ * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now
+ * evaluates its argument only once.
+ */
+#define GSS_CALLING_ERROR(x) \
+ ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
+#define GSS_ROUTINE_ERROR(x) \
+ ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
+#define GSS_SUPPLEMENTARY_INFO(x) \
+ ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
+#define GSS_ERROR(x) \
+ ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
+ (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
+
+/*
+ * Now the actual status code definitions
+ */
+
+/*
+ * Calling errors:
+ */
+#define GSS_S_CALL_INACCESSIBLE_READ (1ul << GSS_C_CALLING_ERROR_OFFSET)
+#define GSS_S_CALL_INACCESSIBLE_WRITE (2ul << GSS_C_CALLING_ERROR_OFFSET)
+#define GSS_S_CALL_BAD_STRUCTURE (3ul << GSS_C_CALLING_ERROR_OFFSET)
+
+/*
+ * Routine errors:
+ */
+#define GSS_S_BAD_MECH ( 1ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_NAME ( 2ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_NAMETYPE ( 3ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_BINDINGS ( 4ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_STATUS ( 5ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_MIC ( 6ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_SIG GSS_S_BAD_MIC
+#define GSS_S_NO_CRED ( 7ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_NO_CONTEXT ( 8ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_DEFECTIVE_TOKEN ( 9ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET)
+#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET)
+
+/*
+ * Supplementary info bits:
+ */
+#define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
+#define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
+#define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
+#define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
+#define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
+
+
+/*
+ * Finally, function prototypes for the GSSAPI routines.
+ */
+
+OM_uint32 DLL_FUNC_DECO gss_acquire_cred(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* desired_name */
+ OM_uint32, /* time_req */
+ gss_OID_set, /* desired_mechs */
+ gss_cred_usage_t, /* cred_usage */
+ gss_cred_id_t FAR *, /* output_cred_handle */
+ gss_OID_set FAR *, /* actual_mechs */
+ OM_uint32 FAR * /* time_rec */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_release_cred(
+ OM_uint32 FAR *, /* minor_status */
+ gss_cred_id_t FAR * /* cred_handle */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_init_sec_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_cred_id_t, /* claimant_cred_handle */
+ gss_ctx_id_t FAR *, /* context_handle */
+ gss_name_t, /* target_name */
+ gss_OID, /* mech_type */
+ OM_uint32, /* req_flags */
+ OM_uint32, /* time_req */
+ gss_channel_bindings_t, /* input_chan_bindings */
+ gss_buffer_t, /* input_token */
+ gss_OID FAR *, /* actual_mech_type */
+ gss_buffer_t, /* output_token */
+ OM_uint32 FAR *, /* ret_flags */
+ OM_uint32 FAR * /* time_rec */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_accept_sec_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t FAR *, /* context_handle */
+ gss_cred_id_t, /* acceptor_cred_handle */
+ gss_buffer_t, /* input_token_buffer */
+ gss_channel_bindings_t, /* input_chan_bindings */
+ gss_name_t FAR *, /* src_name */
+ gss_OID FAR *, /* mech_type */
+ gss_buffer_t, /* output_token */
+ OM_uint32 FAR *, /* ret_flags */
+ OM_uint32 FAR *, /* time_rec */
+ gss_cred_id_t FAR * /* delegated_cred_handle */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_process_context_token(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_buffer_t /* token_buffer */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_delete_sec_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t FAR *, /* context_handle */
+ gss_buffer_t /* output_token */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_context_time(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ OM_uint32 FAR * /* time_rec */
+);
+
+
+/* New name in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_get_mic(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_qop_t, /* qop_req */
+ gss_buffer_t, /* message_buffer */
+ gss_buffer_t /* message_token */
+);
+
+
+/* New name in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_verify_mic(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_buffer_t, /* message_buffer */
+ gss_buffer_t, /* message_token */
+ gss_qop_t * /* qop_state */
+);
+
+
+/* New name in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_wrap(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ int, /* conf_req_flag */
+ gss_qop_t, /* qop_req */
+ gss_buffer_t, /* input_message_buffer */
+ int FAR *, /* conf_state */
+ gss_buffer_t /* output_message_buffer */
+);
+
+
+/* New name in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_unwrap(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_buffer_t, /* input_message_buffer */
+ gss_buffer_t, /* output_message_buffer */
+ int FAR *, /* conf_state */
+ gss_qop_t FAR * /* qop_state */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_display_status(
+ OM_uint32 FAR *, /* minor_status */
+ OM_uint32, /* status_value */
+ int, /* status_type */
+ gss_OID, /* mech_type */
+ OM_uint32 FAR *, /* message_context */
+ gss_buffer_t /* status_string */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_indicate_mechs(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID_set FAR * /* mech_set */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_compare_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* name1 */
+ gss_name_t, /* name2 */
+ int FAR * /* name_equal */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_display_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* input_name */
+ gss_buffer_t, /* output_name_buffer */
+ gss_OID FAR * /* output_name_type */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_import_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_buffer_t, /* input_name_buffer */
+ gss_OID, /* input_name_type */
+ gss_name_t FAR * /* output_name */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_release_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t FAR * /* input_name */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_release_buffer(
+ OM_uint32 FAR *, /* minor_status */
+ gss_buffer_t /* buffer */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_release_oid_set(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID_set FAR * /* set */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_inquire_cred(
+ OM_uint32 FAR *, /* minor_status */
+ gss_cred_id_t, /* cred_handle */
+ gss_name_t FAR *, /* name */
+ OM_uint32 FAR *, /* lifetime */
+ gss_cred_usage_t FAR *, /* cred_usage */
+ gss_OID_set FAR * /* mechanisms */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_inquire_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_name_t FAR *, /* src_name */
+ gss_name_t FAR *, /* targ_name */
+ OM_uint32 FAR *, /* lifetime_rec */
+ gss_OID FAR *, /* mech_type */
+ OM_uint32 FAR *, /* ctx_flags */
+ int FAR *, /* locally_initiated */
+ int FAR * /* open */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_wrap_size_limit(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ int, /* conf_req_flag */
+ gss_qop_t, /* qop_req */
+ OM_uint32, /* req_output_size */
+ OM_uint32 * /* max_input_size */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_add_cred(
+ OM_uint32 FAR *, /* minor_status */
+ gss_cred_id_t, /* input_cred_handle */
+ gss_name_t, /* desired_name */
+ gss_OID, /* desired_mech */
+ gss_cred_usage_t, /* cred_usage */
+ OM_uint32, /* initiator_time_req */
+ OM_uint32, /* acceptor_time_req */
+ gss_cred_id_t FAR *, /* output_cred_handle */
+ gss_OID_set FAR *, /* actual_mechs */
+ OM_uint32 FAR *, /* initiator_time_rec */
+ OM_uint32 FAR * /* acceptor_time_rec */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_inquire_cred_by_mech(
+ OM_uint32 FAR *, /* minor_status */
+ gss_cred_id_t, /* cred_handle */
+ gss_OID, /* mech_type */
+ gss_name_t FAR *, /* name */
+ OM_uint32 FAR *, /* initiator_lifetime */
+ OM_uint32 FAR *, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * /* cred_usage */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_export_sec_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t FAR *, /* context_handle */
+ gss_buffer_t /* interprocess_token */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_import_sec_context(
+ OM_uint32 FAR *, /* minor_status */
+ gss_buffer_t, /* interprocess_token */
+ gss_ctx_id_t FAR * /* context_handle */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_create_empty_oid_set(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID_set FAR * /* oid_set */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_add_oid_set_member(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID, /* member_oid */
+ gss_OID_set FAR * /* oid_set */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_test_oid_set_member(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID, /* member */
+ gss_OID_set, /* set */
+ int FAR * /* present */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_inquire_names_for_mech(
+ OM_uint32 FAR *, /* minor_status */
+ gss_OID, /* mechanism */
+ gss_OID_set FAR * /* name_types */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_inquire_mechs_for_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* input_name */
+ gss_OID_set FAR * /* mechanism_oids */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_canonicalize_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* input_name */
+ gss_OID, /* mech_type */
+ gss_name_t FAR * /* output_name */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_export_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* input_name */
+ gss_buffer_t /* output_name_blob */
+);
+
+
+/* New in GSS-API V2 */
+OM_uint32 DLL_FUNC_DECO gss_duplicate_name(
+ OM_uint32 FAR *, /* minor_status */
+ gss_name_t, /* src_name */
+ gss_name_t FAR * /* dest_name */
+);
+
+
+/*
+ * The following routines are obsolete variants of gss_get_mic,
+ * gss_wrap, gss_verify_mic and gss_unwrap. They should be
+ * provided by GSSAPI V2 implementations for backwards
+ * compatibility with V1 applications. Distinct entrypoints
+ * (as opposed to #defines) should be provided, both allow GSSAPI
+ * V1 applications to link against GSSAPI V2 implementations, and
+ * to retain the slight parameter type differences between the
+ * obsolete versions of these routines and their current forms.
+ */
+
+OM_uint32 DLL_FUNC_DECO gss_sign(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ int, /* qop_req */
+ gss_buffer_t, /* message_buffer */
+ gss_buffer_t /* message_token */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_verify(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_buffer_t, /* message_buffer */
+ gss_buffer_t, /* token_buffer */
+ int FAR * /* qop_state */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_seal(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ int, /* conf_req_flag */
+ int, /* qop_req */
+ gss_buffer_t, /* input_message_buffer */
+ int FAR *, /* conf_state */
+ gss_buffer_t /* output_message_buffer */
+);
+
+
+OM_uint32 DLL_FUNC_DECO gss_unseal(
+ OM_uint32 FAR *, /* minor_status */
+ gss_ctx_id_t, /* context_handle */
+ gss_buffer_t, /* input_message_buffer */
+ gss_buffer_t, /* output_message_buffer */
+ int FAR *, /* conf_state */
+ int FAR * /* qop_state */
+);
+
+#endif /* _GSSAPI_H_ */
diff --git a/gssntlm.dll b/gssntlm.dll
new file mode 100755
index 0000000..60bcc3f
--- /dev/null
+++ b/gssntlm.dll
Binary files differ
diff --git a/gssntlm.lib b/gssntlm.lib
new file mode 100755
index 0000000..9bc1c21
--- /dev/null
+++ b/gssntlm.lib
Binary files differ
diff --git a/make.bat b/make.bat
new file mode 100755
index 0000000..922e429
--- /dev/null
+++ b/make.bat
@@ -0,0 +1,35 @@
+@echo off
+set CC=cl
+set CFLAGS=/nologo /MD /W3 /GX /Zi /Od /Fo"Debug/"
+set LDFLAGS=/nologo /subsystem:console /incremental:no /pdb:"$*.pdb" /debug /pdbtype:sept /libpath:debug
+set LD=link
+set LDTARGET=/out:$(TARGET)
+set "RM=del 2>NUL "
+set OBJ=.obj
+set XOBJS=$(OBJS)
+set XD=Debug\
+set EXE=.exe
+set BUILD=
+set WIN_CLEAN=win-clean
+set LIBS=kernel32.lib
+set SHEXT=.dll
+set SHFLAGS=/LD
+set LINK_SHARED=$(LD) /DLL /DEF:sncgss32.def /IMPLIB:$*.lib /SUBSYSTEM:CONSOLE
+set LINK_SHARED_END=
+
+set VENLIB=.\gssntlm.lib
+if NOT %VENLIB%. == . goto :trymake
+echo ***
+echo *** Please edit MAKE.BAT and define VENLIB to point to the *.LIB stub
+echo *** of your GSS-API v2 windows library (DLL)
+echo ***
+goto :finish
+
+:trymake
+
+if %1. == clean. nmake /NOLOGO do-clean
+if %1. == . nmake /NOLOGO do-all
+if %1. == all. nmake /NOLOGO do-all
+
+@echo off
+
diff --git a/platform.h b/platform.h
new file mode 100644
index 0000000..71a6d4d
--- /dev/null
+++ b/platform.h
@@ -0,0 +1,113 @@
+/************************************************************************/
+/* $Id: platform.h,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $
+ ************************************************************************/
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+#ifndef _XX_PLATFORM_H_
+# define _XX_PLATFORM_H_
+
+
+#ifndef USHRT_MAX
+# include <limits.h>
+#endif
+
+
+#if USHRT_MAX >= 0x10000ul
+# define XX_SIZEOF_USHORT 4
+# error cannot handle unsigned short > 2 bytes
+#else
+# define XX_SIZEOF_USHORT 2
+#endif
+
+#if UINT_MAX >= 0x10000ul
+# define XX_SIZEOF_UINT 4
+#else
+# define XX_SIZEOF_UINT 2
+#endif
+
+#if ULONG_MAX > 0xFFFFFFFFul
+# define XX_SIZEOF_ULONG 8
+#else
+# define XX_SIZEOF_ULONG 4
+#endif
+
+
+#if (XX_SIZEOF_UINT == 4)
+
+ typedef unsigned int Uint32;
+
+#elif (XX_SIZEOF_ULONG == 4)
+
+ typedef unsigned long Uint32;
+
+#elif (XX_SIZEOF_USHORT == 4)
+
+ typedef unsigned short Uint32;
+
+#endif
+
+
+
+/*
+ * Define DLL_FUNC_DECO, DLL_DATA_DECO, FUNCPTR_DECO and FAR
+ */
+
+#if defined(_WIN32)
+# if !defined(WINAPI)
+# if !defined(_M_IX86)
+# include <windows.h>
+# else
+# /* shortcutting Microsoft Win32 on Intel x86i, because including */
+# /* <windows.h> is painfully timeconsuming during development ... */
+# define WINAPI __stdcall
+# endif
+# endif
+# define FUNCPTR_DECO WINAPI
+# define EXPORT_FUNCTION __declspec(dllexport) WINAPI
+# define EXPORT_DATA __declspec(dllexport)
+# define IMPORT_FUNCTION __declspec(dllimport) WINAPI
+# define IMPORT_DATA __declspec(dllimport)
+#elif defined(_WINDOWS)
+# if !defined(WINAPI)
+# define WINAPI __far __pascal
+# endif
+# define FUNCPTR_DECO WINAPI
+# define EXPORT_FUNCTION __export WINAPI
+# define EXPORT_DATA __export
+# define IMPORT_FUNCTION __export WINAPI
+# define IMPORT_DATA __export
+# define FAR __far
+#else
+# define EXPORT_FUNCTION
+# define EXPORT_DATA
+# define IMPORT_FUNCTION
+# define IMPORT_DATA
+# define FUNCPTR_DECO
+#endif
+
+#ifdef BUILDING_DLL
+# define DLL_DATA_DECO EXPORT_DATA
+# define DLL_FUNC_DECO EXPORT_FUNCTION
+#else
+# define DLL_DATA_DECO IMPORT_DATA
+# define DLL_FUNC_DECO IMPORT_FUNCTION
+#endif
+
+#ifndef FAR
+# define FAR
+#endif
+
+
+
+#endif /* _XX_PLATFORM_H_ */
diff --git a/sncadapt.c b/sncadapt.c
new file mode 100644
index 0000000..e91f8e9
--- /dev/null
+++ b/sncadapt.c
@@ -0,0 +1,1063 @@
+static char * this_File = "sncadapt.c";
+static char * cvs_id =
+ "$Id: sncadapt.c,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $";
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+
+
+/************************************************************************/
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/* */
+/* Configurable Parameters that describe the characteristics */
+/* of the security mechanism to which this adapter interfaces */
+/* To register a MECH_PREFIX or MECH_ID with SAP, */
+/* send a request via Email to <Martin.Rex@sap-ag.de> including */
+/* the following information: */
+/* - mechanism OID of gssapi mechanism */
+/* - gssapi mechanism name (for open protocol specs) */
+/* OR product name of proprietary gssapi mechanism */
+/* - default nametype OID */
+/* - proposed printable prefix (up to seven characters) */
+/* - Email address of technical contact */
+/* */
+/* In case you're implementing a published gssapi mechanism spec, */
+/* a SAPGSS_MECH_ID and SAPGSS_MECH_PREFIX may already be assigned. */
+/* You can check the "sncgss.h" Header file first. */
+/* */
+/* */
+/* ADAPTER_MECH_NAME Name of gssapi mechanism protocol */
+/* (for open protocol specifications) */
+/* OR name of a software product for */
+/* a proprietary gssapi mechanism */
+/* */
+/* ADAPTER_MECH_PREFIX (must REGISTER with SAP) */
+/* ASCII-string up to 7 chars to */
+/* identify the mechanism */
+/* */
+/* ADAPTER_MECH_ID (must REGISTER with SAP) */
+/* numeric constant taken from the */
+/* SAPGSS_MECH_ID enumerator in "sncgss.h" */
+/* */
+/* ADAPTER_MECHANISM_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the gssapi mechanism to which this */
+/* SNC-Adapter will be linked */
+/* */
+/* ADAPTER_NAMETYPE_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the default/canonical/native nametype*/
+/* of above gssapi mechanism */
+/* */
+/* ADAPTER_MAJOR_REVISION cosmetic, no functional purpose */
+/* ADAPTER_MINOR_REVISION cosmetic, no functional purpose */
+/* */
+/* ADAPTER_CONF_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message confidentiality protection */
+/* for all established security contexts */
+/* */
+/* ADAPTER_INTEG_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message integrity protection for all */
+/* established security contexts */
+/* */
+/* ADAPTER_MUTUAL_AUTH (0 or 1) REQUIRED */
+/* implemenation guarantees availability */
+/* of mutual authentication on security */
+/* contexts. Absence of mutual auth is */
+/* a serious security problem in */
+/* distributed applications */
+/* */
+/* ADAPTER_REPLAY_PROT (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of replay detection of protected */
+/* messages on all security contexts. */
+/* SAP R/3 process all messages on a */
+/* particular security context strictly */
+/* sequential, so it's acceptable */
+/* if replay detection is only available */
+/* in combination with sequence protection */
+/* */
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/************************************************************************/
+
+
+#define ADAPTER_MECH_NAME >>> "X X X X X X X X X X X X X X X"
+ /* Name of the gssapi mechanism or product */
+ /* that this SNC-Adapter interfaces to */
+ /* (less than 80 characters, please !!) */
+
+
+#define ADAPTER_MECH_PREFIX >>> "xxxx"
+ /* Mech prefix for mechanism */
+ /* (register this prefix with SAP) */
+ /* Alphanumeric, must be <= 7 characters long */
+ /* This prefix may be used within SNC-Names */
+ /* i.e. "p/sapntlm:NTDomain\User" */
+
+
+#define ADAPTER_MECH_ID >>> SAPGSS_ID_XXXX
+ /* Mechanism identifier */
+ /* numeric (16-bit unsigned integer) */
+ /* used internally by SNC for tagging */
+ /* and to distinguish different gssapi mechs */
+
+
+ /* ASN.1 OID of the gssapi mechanism to which this */
+ /* SNC-Adapter is linked */
+#define ADAPTER_MECHANISM_OID \
+ >>> { 7, "\053\006\001\005\005\001\001" }
+
+ /* ASN.1 OID of the default/canonical nametype that */
+ /* this gssapi mechanism will accept with gss_import_name() */
+ /* and emit with gss_display_name() for canonical names */
+#define ADAPTER_NAMETYPE_OID \
+ >>> { 9, "\053\006\001\004\001\201\172\002\001" }
+
+
+/*******************/
+/* 16-bit Integers */
+/*******************/
+#define ADAPTER_MAJOR_REVISION >>> 1 /* indicates API changes */
+
+#define ADAPTER_MINOR_REVISION >>> 0 /* indicates fixes or */
+ /* cosmetic changes */
+
+/*******************/
+/* BOOLEAN values */
+/*******************/
+#define ADAPTER_CONF_AVAIL >>> 1 /* Confidentiality available */
+#define ADAPTER_INTEG_AVAIL >>> 1 /* Integrity available */
+
+#define ADAPTER_MUTUAL_AUTH >>> 1 /* supports mutual authentication */
+#define ADAPTER_REPLAY_PROT >>> 1 /* supports message replay detection */
+
+
+/************************************************************************/
+/*>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/
+/************************************************************************/
+
+
+
+
+/* Some ANSI-C standard headers */
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/**********************************************************************/
+/* */
+/* Microsoft Windows DLL support */
+/* */
+/**********************************************************************/
+
+#ifdef _WIN32
+# include <windows.h>
+ BOOL APIENTRY
+ DllMain(HANDLE hInst, DWORD ul_reason_being_called, LPVOID lpReserved)
+ {
+ return 1;
+
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(ul_reason_being_called);
+ UNREFERENCED_PARAMETER(lpReserved);
+ }
+#else
+
+# if defined(_WINDOWS)
+# include <windows.h>
+# ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(x) ((x)=(x))
+# endif
+
+ BOOL CALLBACK
+ LibMain (HINSTANCE hInst, WORD wDataSeg, WORD cbHeap, LPSTR CmdLine)
+ {
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(wDataSeg);
+ UNREFERENCED_PARAMETER(cbHeap);
+ UNREFERENCED_PARAMETER(CmdLine);
+
+ return 1;
+ }
+
+ int CALLBACK __export
+ WEP(int nParam)
+ {
+ UNREFERENCED_PARAMETER(nParam);
+
+ return 1;
+ }
+# endif
+
+#endif
+
+/**********************************************************************/
+/* */
+/* Import interface */
+/* - include files of other projects */
+/* Declare gss_* function prototypes as __declspec(dllimport) */
+/* */
+/**********************************************************************/
+
+#include "platform.h"
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO IMPORT_DATA
+#define DLL_FUNC_DECO IMPORT_FUNCTION
+#include "gssapi_2.h"
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - header files of this project */
+/* Declare our sapgss_* function prototypes as __declspec(dllexport) */
+/* */
+/**********************************************************************/
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO EXPORT_DATA
+#define DLL_FUNC_DECO EXPORT_FUNCTION
+#include "sncgss.h"
+
+
+
+
+/************************************************************************/
+/* (27-jun-95) Martin Rex */
+/* With the following two macros one can convert macros into */
+/* string literals to include them in constant strings. */
+/* see ANSI-C, X3.159-1989 section 3.8.3.2 and example on pg. 93 */
+/************************************************************************/
+#define LITERAL_MACRO(x) # x
+#define XLITERAL_MACRO(x) LITERAL_MACRO(x)
+
+
+
+/****************************************************/
+/* we don't need to export/share OID data at the */
+/* shared library interface for SAP R/3, */
+/* and is not part of the draft-ietf-cat-wingss-... */
+/****************************************************/
+
+
+static gss_OID_desc oids[] = {
+ ADAPTER_NAMETYPE_OID, /* nametype OID for canonical printable name */
+ ADAPTER_MECHANISM_OID /* mechanism OID of the gssapi mechanism */
+};
+
+static gss_OID sapsnc_nt_canon_printable_name = &(oids[0]);
+static gss_OID sapsnc_mech_oid = &(oids[1]);
+
+#define SAPSNC_CANON_NAME_OID sapsnc_nt_canon_printable_name
+
+/**********************************************************************
+ * sapsnc_init_adapter():
+ *
+ * Description:
+ * This function must be called before other functions of the
+ * gss-api are used. It sets up all translation pointers
+ * exported by the gss-api.
+ *
+ * Parameters:
+ * p_info IN REF the structure referenced by this
+ * pointer (see sapgss.h) describes
+ * some characteristics of the security
+ * mechanism to which this adapter interfaces
+ *
+ * p_length IN Length of the structure supplied by the
+ * SNC-Layer.
+ * Initialization policy for future enhancements:
+ * * SNC-Layer zeroes out structure before calling.
+ * * future extensions must be appended to the
+ * existing structure only
+ * * Unknown structure elements will not be changed.
+ * * The Adapter must initialize only fields known
+ * to the calling SNC-layer
+ * (i.e. no elements past p_length)
+ *
+ * Returns:
+ * 0 Initialization o.k.
+ * -1 FAILURE -- something is definitely broken if this happens
+ **********************************************************************/
+OM_uint32 EXPORT_FUNCTION
+sapsnc_init_adapter( struct sapgss_info_s *p_info, size_t p_length,
+ int adapter_idx )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ if ( p_info==NULL || p_length<=SNCADAPT_BASIC_INFO_LEN ) {
+
+ /* At least we want to fill in the basic set of information */
+ return(1);
+
+ } else {
+
+ memset( p_info, 0, p_length );
+
+ p_info->major_rev = (int) ADAPTER_MAJOR_REVISION;
+ p_info->minor_rev = (int) ADAPTER_MINOR_REVISION;
+
+ p_info->adapter_name =
+ "External SNC-Adapter"
+ " (Rev " XLITERAL_MACRO(ADAPTER_MAJOR_REVISION)
+ "." XLITERAL_MACRO(ADAPTER_MINOR_REVISION) ") to "
+ ADAPTER_MECH_NAME;
+
+ p_info->mech_id = ADAPTER_MECH_ID;
+
+ p_info->nt_canonical_name = SAPSNC_CANON_NAME_OID;
+ p_info->nt_private_name1 = sapsnc_nt_canon_printable_name;
+ p_info->nt_private_name2 = (gss_OID_desc *)0;
+ p_info->nt_private_name3 = (gss_OID_desc *)0;
+ p_info->nt_private_name4 = (gss_OID_desc *)0;
+
+ p_info->integ_avail = ADAPTER_INTEG_AVAIL;
+ p_info->conf_avail = ADAPTER_CONF_AVAIL;
+ p_info->unused1 = 0; /* historic/expirmental, MUST be 0 */
+ p_info->export_sec_context = 1; /* required functionality, MUST be 1 */
+ p_info->mutual_auth = ADAPTER_MUTUAL_AUTH;
+ p_info->replay_prot = ADAPTER_REPLAY_PROT;
+
+ p_info->unused2 = 0; /* historic/experimental, MUST be 0 */
+
+ p_info->mech_prefix_string = ADAPTER_MECH_PREFIX;
+
+ if ( p_length>=SNCADAPT_INFO_LEN(mech_oid) ) {
+ p_info->mech_oid = sapsnc_mech_oid;
+ }
+
+ }
+
+ /* Initialize future elements only if the supplied structure is large */
+ /* enough, */
+ /* i.e. the calling SNC-layer is as recent or newer as the adapter */
+
+ return(0);
+
+} /* sapsnc_init_adapter() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapsnc_export_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+ UNREFERENCED_PARAMETER(in_name);
+
+ if ( out_identity!=NULL ) {
+ out_identity->length = 0;
+ out_identity->value = NULL;
+ }
+
+ if ( min_stat!=NULL )
+ (*min_stat) = 0;
+
+ return(GSS_S_FAILURE);
+
+} /* sapsnc_export_cname_blob() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+OM_uint32 EXPORT_FUNCTION
+sapsnc_import_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_name_t * out_name, /* output_name */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ return( gss_import_name( min_stat, in_identity,
+ (gss_OID)SAPSNC_CANON_NAME_OID, out_name ) );
+
+} /* sapsnc_import_cname_blob() */
+
+
+/*********************************************************************
+ *
+ * All functions following this comment are CALL ADAPTERS
+ * to the GSS-API functions.
+ *
+ *********************************************************************/
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* *******************/
+/******************* GSS-API v1 ( RFC 1508/1509 ) *******************/
+/******************* *******************/
+/**********************************************************************/
+/**********************************************************************/
+
+
+/* sapgss_acquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_acquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t my_gss_name, /* desired_name */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_OID_set in_mechs, /* desired_mechs */
+ gss_cred_usage_t in_cred_usage, /* cred_usage */
+ gss_cred_id_t * out_cred, /* output_cred_handle */
+ gss_OID_set * out_mechs, /* actual_mechs */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_acquire_cred( min_stat, my_gss_name, in_lifetime,
+ in_mechs, in_cred_usage,
+ out_cred, out_mechs, out_lifetime ) );
+}
+
+
+
+/* sapgss_release_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t * in_cred /* cred_handle */
+ )
+{
+ return( gss_release_cred( min_stat, in_cred ) );
+}
+
+
+
+/* sapgss_init_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_init_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* claimant_cred_handle */
+ gss_ctx_id_t * in_context, /* context_handle */
+ gss_name_t in_name, /* target_name */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 in_service_opts, /* req_flags */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_buffer_t in_token, /* input_token */
+ gss_OID * out_mech, /* actual_mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 * out_service_opts, /* ret_flags */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_init_sec_context( min_stat, in_cred, in_context, in_name,
+ in_mech, in_service_opts, in_lifetime,
+ in_channel_bind, in_token, out_mech,
+ out_token, out_service_opts, out_lifetime ) );
+}
+
+
+
+/* sapgss_accept_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_accept_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_cred_id_t in_cred, /* verifier_cred_handle */
+ gss_buffer_t in_token, /* input_token_buffer */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_name_t *peer_name, /* src_name */
+ gss_OID *out_mech, /* mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 *out_service_opts, /* ret_flags */
+ OM_uint32 *out_lifetime, /* time_rec */
+ gss_cred_id_t *out_cred /* delegated_cred_handle */
+ )
+{
+ return( gss_accept_sec_context( min_stat, in_context, in_cred, in_token,
+ in_channel_bind, peer_name, out_mech,
+ out_token, out_service_opts, out_lifetime,
+ out_cred ) );
+}
+
+
+
+/* sapgss_process_context_token() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_process_context_token(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token /* token_buffer */
+ )
+{
+ return( gss_process_context_token( min_stat, in_context, in_token ) );
+}
+
+
+
+/* sapgss_delete_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_delete_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_buffer_t out_token /* output_token */
+ )
+{
+ return( gss_delete_sec_context( min_stat, in_context, out_token ) );
+}
+
+
+
+/* sapgss_context_time() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_context_time(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_context_time( min_stat, in_context, out_lifetime ) );
+}
+
+
+
+/* sapgss_get_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_get_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t out_token /* message_token */
+ )
+{
+ return( gss_get_mic( min_stat, in_context, in_qop, in_msg, out_token ) );
+}
+
+
+
+/* sapgss_verify_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_verify_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t in_token, /* token_buffer */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_verify_mic( min_stat, in_context, in_msg, in_token, out_qop ) );
+}
+
+
+
+/* sapgss_wrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* input_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_buffer_t out_token /* output_message_buffer */
+ )
+{
+ return( gss_wrap( min_stat, in_context, in_want_conf,
+ in_qop, in_msg, out_is_conf, out_token ) );
+}
+
+
+
+/* sapgss_unwrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_unwrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token, /* input_message_buffer */
+ gss_buffer_t out_msg, /* output_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_unwrap( min_stat, in_context, in_token,
+ out_msg, out_is_conf, out_qop ) );
+}
+
+
+
+/* sapgss_display_status() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_status(
+ OM_uint32 *min_stat, /* minor_status */
+ OM_uint32 in_status, /* status_value */
+ int in_status_type, /* status_type */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 *out_more_text, /* message_context */
+ gss_buffer_t out_text /* status_string */
+ )
+{
+ return( gss_display_status( min_stat, in_status, in_status_type,
+ in_mech, out_more_text, out_text ) );
+}
+
+
+
+/*
+ * sapgss_indicate_mechs()
+ *
+ * IMPORTANT: This call MUST return the correct mech_OID
+ * for this implementation in the first position of the
+ * out_mechs OID array!
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_indicate_mechs(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *out_mechs /* mech_set */
+ )
+{
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat2;
+
+ maj_stat = gss_indicate_mechs( min_stat, out_mechs );
+
+ if ( maj_stat==GSS_S_COMPLETE ) {
+ if ( out_mechs==NULL
+ || (*out_mechs)==GSS_C_NO_OID_SET
+ || (*out_mechs)->count==0
+ || (*out_mechs)->elements==GSS_C_NO_OID
+ || ((*out_mechs)->elements[0]).length!=sapsnc_mech_oid->length
+ || memcmp( ((*out_mechs)->elements[0]).elements,
+ sapsnc_mech_oid->elements, sapsnc_mech_oid->length )!=0 ) {
+
+ (void)sapgss_release_oid_set( &min_stat2, out_mechs );
+
+ (*out_mechs) = GSS_C_NO_OID_SET;
+ (*min_stat) = 0;
+
+ return(GSS_S_BAD_MECH);
+
+ }
+ }
+
+ return(maj_stat);
+
+}
+
+
+
+/* sapgss_compare_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_compare_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name1, /* name1 */
+ gss_name_t in_name2, /* name2 */
+ int *out_are_equal /* name_equal */
+ )
+{
+ return( gss_compare_name( min_stat, in_name1, in_name2, out_are_equal ) );
+}
+
+
+
+/* sapgss_display_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ gss_OID *out_oid /* output_name_type */
+ )
+{
+ return( gss_display_name( min_stat, in_name, out_identity, out_oid ) );
+}
+
+
+
+/* sapgss_import_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_OID in_oid, /* input_name_type */
+ gss_name_t *out_name /* output_name */
+ )
+{
+ return( gss_import_name( min_stat, in_identity, in_oid, out_name ) );
+}
+
+
+
+/* sapgss_release_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t *in_name /* input_name */
+ )
+{
+ return( gss_release_name( min_stat, in_name ) );
+}
+
+
+
+/* sapgss_release_buffer() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_buffer(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_buffer /* buffer */
+ )
+{
+ return( gss_release_buffer( min_stat, in_buffer ) );
+}
+
+
+
+/* sapgss_release_oid_set() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_oid_set(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *in_oids /* set */
+ )
+{
+ return( gss_release_oid_set( min_stat, in_oids ) );
+}
+
+
+
+/* sapgss_inquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* cred_handle */
+ gss_name_t * out_name, /* name */
+ OM_uint32 * out_lifetime, /* lifetime */
+ gss_cred_usage_t * out_cred_usage, /* cred_usage */
+ gss_OID_set * out_mechs /* mechanisms */
+ )
+{
+ return( gss_inquire_cred( min_stat, in_cred, out_name,
+ out_lifetime, out_cred_usage, out_mechs ) );
+}
+
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* ********************/
+/******************* New fuctions for GSS-API v2 ********************/
+/******************* ********************/
+/**********************************************************************/
+/**********************************************************************/
+
+/*
+ * sapgss_add_cred()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ *
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_cred(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t input_cred_handle, /* input_cred_handle */
+ gss_name_t desired_name, /* desired_name */
+ gss_OID desired_mech, /* desired_mech */
+ gss_cred_usage_t cred_usage, /* cred_usage */
+ OM_uint32 initiator_time_req, /* initiator_time_req */
+ OM_uint32 acceptor_time_req, /* acceptor_time_req */
+ gss_cred_id_t FAR * output_cred_handle, /* output_cred_handle */
+ gss_OID_set FAR * actual_mechs, /* actual_mechs */
+ OM_uint32 FAR * initiator_time_rec, /* initiator_time_rec */
+ OM_uint32 FAR * acceptor_time_rec /* acceptor_time_rec */
+ )
+{
+ return( gss_add_cred( min_stat, input_cred_handle, desired_name,
+ desired_mech, cred_usage, initiator_time_req,
+ acceptor_time_req,
+ output_cred_handle, actual_mechs,
+ initiator_time_rec, acceptor_time_rec ) );
+}
+
+
+
+/*
+ * sapgss_inquire_cred_by_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred_by_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t cred_handle, /* cred_handle */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * name, /* name */
+ OM_uint32 FAR * initiator_lifetime, /* initiator_lifetime */
+ OM_uint32 FAR * acceptor_lifetime, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * cred_usage /* cred_usage */
+ )
+{
+ return( gss_inquire_cred_by_mech( min_stat, cred_handle, mech_type,
+ name, initiator_lifetime,
+ acceptor_lifetime, cred_usage ) );
+}
+
+
+
+/* sapgss_inquire_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_name_t *out_myname, /* initiator_name */
+ gss_name_t *out_peername, /* acceptor_name */
+ OM_uint32 *out_lifetime, /* lifetime_rec */
+ gss_OID *out_mech, /* mech_type */
+ OM_uint32 *out_service_opts, /* ctx_flags */
+ int *out_initiator, /* locally_initiated */
+ int *out_open /* open */
+ )
+{
+ return( gss_inquire_context( min_stat, in_context, out_myname,
+ out_peername, out_lifetime, out_mech,
+ out_service_opts, out_initiator, out_open) );
+}
+
+
+
+/*
+ * sapgss_wrap_size_limit()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap_size_limit(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t qop_req, /* qop_req */
+ OM_uint32 out_size, /* requested output size */
+ OM_uint32 * max_in_size /* maximum input size */
+ )
+{
+ return( gss_wrap_size_limit( min_stat, in_context, in_want_conf,
+ qop_req, out_size, max_in_size) );
+}
+
+
+
+/* sapgss_export_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t * in_ctx, /* context_handle */
+ gss_buffer_t out_buffer /* interprocess_token */
+ )
+{
+ return( gss_export_sec_context( min_stat, in_ctx, out_buffer ) );
+}
+
+
+
+/* sapgss_import_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_buffer, /* interprocess_token */
+ gss_ctx_id_t * out_ctx /* context_handle */
+ )
+{
+ return( gss_import_sec_context( min_stat, in_buffer, out_ctx ) );
+}
+
+
+
+/*
+ * sapgss_create_empty_oid_set()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_create_empty_oid_set(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_create_empty_oid_set( min_stat, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_add_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member_oid, /* member_oid */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_add_oid_set_member( min_stat, member_oid, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_test_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_test_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member, /* member */
+ gss_OID_set set, /* set */
+ int FAR * present /* present */
+ )
+{
+ return( gss_test_oid_set_member( min_stat, member, set, present ) );
+}
+
+
+
+/*
+ * sapgss_inquire_names_for_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_names_for_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID mech_oid, /* mechanism_oid */
+ gss_OID_set FAR * name_types /* name_types */
+ )
+{
+ return( gss_inquire_names_for_mech( min_stat, mech_oid, name_types ) );
+}
+
+
+
+/*
+ * sapgss_inquire_mechs_for_name()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_mechs_for_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID_set FAR * mech_set /* mechanism_oids */
+ )
+{
+ return( gss_inquire_mechs_for_name( min_stat, input_name, mech_set ) );
+}
+
+
+/* sapgss_canonicalize_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_canonicalize_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * output_name /* output_name */
+ )
+{
+ return( gss_canonicalize_name( min_stat, input_name,
+ mech_type, output_name ) );
+}
+
+
+/* sapgss_export_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_buffer_t output_name_blob /* output_name_blob */
+ )
+{
+ return( gss_export_name( min_stat, input_name, output_name_blob ) );
+}
+
+
+/*
+ * sapgss_duplicate_name()
+ *
+ * Status: Don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_duplicate_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t src_name, /* src_name */
+ gss_name_t FAR * dest_name /* dest_name */
+ )
+{
+ return( gss_duplicate_name( min_stat, src_name, dest_name ) );
+}
+
+
+/* end of sncadapt.c */
+
diff --git a/sncgss.exp b/sncgss.exp
new file mode 100755
index 0000000..ea27fad
--- /dev/null
+++ b/sncgss.exp
@@ -0,0 +1,54 @@
+#! sncgss.o
+* $Id: sncgss.exp,v 1.2 1999/08/24 14:39:32 d019080 Exp $
+* export definition for shared libraries/objects on AIX
+*
+
+* SNC-Adapter calls
+*
+sapsnc_init_adapter
+sapsnc_export_cname_blob
+sapsnc_import_cname_blob
+
+* wrapper calls for GSS-API Version 1 (RFC 1508/1509)
+*
+sapgss_acquire_cred
+sapgss_release_cred
+sapgss_init_sec_context
+sapgss_accept_sec_context
+sapgss_process_context_token
+sapgss_delete_sec_context
+sapgss_context_time
+sapgss_get_mic
+sapgss_verify_mic
+sapgss_wrap
+sapgss_unwrap
+sapgss_display_status
+sapgss_indicate_mechs
+sapgss_compare_name
+sapgss_display_name
+sapgss_import_name
+sapgss_release_name
+sapgss_release_buffer
+sapgss_release_oid_set
+sapgss_inquire_cred
+
+* wrapper calls for GSS-API Version 2
+*
+sapgss_add_cred
+sapgss_inquire_cred_by_mech
+
+sapgss_inquire_context
+sapgss_wrap_size_limit
+sapgss_export_sec_context
+sapgss_import_sec_context
+
+sapgss_create_empty_oid_set
+sapgss_add_oid_set_member
+sapgss_test_oid_set_member
+
+sapgss_canonicalize_name
+sapgss_export_name
+sapgss_inquire_names_for_mech
+sapgss_inquire_mechs_for_name
+
+
diff --git a/sncgss.h b/sncgss.h
new file mode 100644
index 0000000..a0e2925
--- /dev/null
+++ b/sncgss.h
@@ -0,0 +1,601 @@
+/**********************************************************************/
+/* $Id: sncgss.h,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $
+ **********************************************************************/
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+#ifndef _SNCGSS_H
+#define _SNCGSS_H 1
+
+#ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(a) ((a)=(a))
+#endif
+
+/**********************************************************************/
+/* */
+/* Public type definitions */
+/* */
+/**********************************************************************/
+
+/**********************************************************************
+ *
+ * SAPGSS type definitions for use within the snc*.[ch] modules
+ *
+ * If these don't match with the GSS-API definitions, then
+ * we might have a problem
+ *
+ **********************************************************************/
+
+
+
+typedef enum sapgss_prod_id {
+ SAPGSS_ID_DUMMY = 0, /* No security (26-jun-95) mrex */
+ SAPGSS_ID_GENERIC = 1, /* Generic GSS-API v2 Mechanism, */
+ /* let GSS-API fight it out ... */
+
+
+ SAPGSS_ID_KERBEROS5 = 2, /* Kerberos 5 / MIT (26-jun-95) mrex */
+#define SAPGSS_KERBEROS5_PREFIX "krb5"
+#define SAPGSS_KERBEROS5_NAME "Kerberos 5/GSS-API v2"
+#define SAPGSS_KERBEROS5_MECH_OID { 9, "\052\206\110\206\367\022\001\002\002" }
+#define SAPGSS_KERBEROS5_CNAME_OID { 10, "\052\206\110\206\367\022\001\002\002\001" }
+
+
+ SAPGSS_ID_SECUDE = 3, /* SecuDE 5 (21-sep-95) mrex */
+#define SAPGSS_SECUDE_PREFIX "secude"
+#define SAPGSS_SECUDE_NAME "Secude 5 GSS-API v2"
+#define SAPGSS_SECUDE_MECH_OID { 6, "\053\044\003\001\045\001" }
+#define SAPGSS_SECUDE_CNAME_OID { 6, "\053\044\003\001\046\001" }
+
+
+ SAPGSS_ID_SAPNTLM = 4, /* SAPNTLM (08-okt-97) mrex */
+#define SAPGSS_SAPNTLM_PREFIX "sapntlm"
+#define SAPGSS_SAPNTLM_NAME "SAP's GSS-API v2 over NTLM(SSPI)"
+#define SAPGSS_SAPNTLM_MECH_OID { 10, "\053\006\001\004\001\205\066\002\001\002" }
+#define SAPGSS_SAPNTLM_CNAME_OID { 11, "\053\006\001\004\001\205\066\002\001\002\001" }
+
+
+
+ SAPGSS_ID_SPKM1 = 5, /* SPKM1 (18-aug-98) mrex */
+#define SAPGSS_SPKM1_PREFIX "spkm1"
+#define SAPGSS_SPKM1_NAME "SPKM1 GSS-API v2 library"
+#define SAPGSS_SPKM1_MECH_OID { 7, "\053\006\001\005\005\001\001" }
+#define SAPGSS_SPKM1_CNAME_OID { 9, "\053\006\001\004\001\201\172\002\001" }
+
+
+ SAPGSS_ID_SPKM2 = 6, /* SPKM2 (18-aug-98) mrex */
+#define SAPGSS_SPKM2_PREFIX "spkm2"
+#define SAPGSS_SPKM2_NAME "SPKM2 GSS-API v2 library"
+#define SAPGSS_SPKM2_MECH_OID { 7, "\053\006\001\005\005\001\002" }
+#define SAPGSS_SPKM2_CNAME_OID { 9, "\053\006\001\004\001\201\172\002\001" }
+
+
+ SAPGSS_ID_RESERVED_1 = 7, /* reserved ID (30-oct-96) mrex */
+
+
+ SAPGSS_ID_ITSEC = 8,
+#define SAPGSS_ITSEC_PREFIX "itsec"
+#define SAPGSS_ITSEC_NAME
+#define SAPGSS_ITSEC_MECH_OID
+#define SAPGSS_ITSEC_CNAME_OID
+
+
+ SAPGSS_ID_SDTI = 9,
+#define SAPGSS_SDTI_PREFIX "sdti"
+#define SAPGSS_SDTI_NAME "SDTI Connect Agent"
+#define SAPGSS_SDTI_MECH_OID { 9, "\052\206\110\206\367\015\005\004\001" }
+#define SAPGSS_SDTI_CNAME_OID { 9, "\052\206\110\206\367\015\005\004\002" }
+
+
+ SAPGSS_ID_AMDCE = 10,
+#define SAPGSS_AMDCE_PREFIX "amdce"
+#define SAPGSS_AMDCE_NAME "AccessMaster DCE"
+#define SAPGSS_AMDCE_MECH_OID { 7, "\053\014\001\056\001\062\002" }
+#define SAPGSS_AMDCE_CNAME_OID { 10, "\052\206\110\206\367\022\001\002\002\001" }
+
+ SAPGSS_ID_INVALID
+} SAPGSS_MECH_ID;
+
+#define NUM_INTERNAL_STUBS (SAPGSS_ID_SAPNTLM+1)
+
+
+struct sapgss_info_s {
+ int major_rev; /* major revision number of SNC-Adapter */
+ int minor_rev; /* minor revision number of SNC-Adapter */
+
+ char * adapter_name; /* SNC-Adapter identification string */
+ SAPGSS_MECH_ID mech_id; /* SAP-registered gssapi mechanism identifier */
+
+ char integ_avail; /* gssapi mechanism supports integrity protection */
+ char conf_avail; /* gssapi mechanism supports confidentiality protection */
+
+ char unused1; /* historic -- not used -- MUST BE 0 */
+
+ char export_sec_context;
+ /* gssapi mechanism supports exporting */
+ /* of an established security context, */
+ /* as defined by GSS-API v2 */
+
+ OM_uint32 unused2; /* historic -- not used -- MUST BE 0 */
+
+ gss_OID_desc FAR * nt_canonical_name;
+ gss_OID_desc FAR * nt_private_name1;
+ gss_OID_desc FAR * nt_private_name2;
+ gss_OID_desc FAR * nt_private_name3;
+ gss_OID_desc FAR * nt_private_name4;
+
+ char FAR * mech_prefix_string;
+
+ char mutual_auth; /* gssapi mechanism supports mutual authentication */
+ char replay_prot; /* gssapi mechanism supports replay detection */
+ char reserved1;
+ char reserved2;
+
+ gss_OID_desc FAR * mech_oid;
+
+};
+
+
+#define SNCADAPT_INFO_LEN(x) (offsetof(struct sapgss_info_s, x) + sizeof( ((struct sapgss_info_s *)0)->x ) )
+#define SNCADAPT_BASIC_INFO_LEN SNCADAPT_INFO_LEN( replay_prot )
+
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - Function list ( Prototype definitions ) */
+/* */
+/**********************************************************************/
+
+#define ARG3_INIT_ADAPTER \
+ struct sapgss_info_s FAR * , \
+ size_t , \
+ int
+
+OM_uint32 DLL_FUNC_DECO
+sapsnc_init_adapter( ARG3_INIT_ADAPTER );
+
+
+
+#define ARG4_EXPORT_CNAME_BLOB \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* input_name */ \
+ gss_buffer_t , /* output_name_buffer */ \
+ int /* adapter_index (snc internal use) */
+
+OM_uint32 DLL_FUNC_DECO
+sapsnc_export_cname_blob( ARG4_EXPORT_CNAME_BLOB );
+
+
+
+#define ARG4_IMPORT_CNAME_BLOB \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_buffer_t , /* input_name_buffer */ \
+ gss_name_t FAR * , /* output_name */ \
+ int /* adapter_index (snc internal use) */
+
+OM_uint32 DLL_FUNC_DECO
+sapsnc_import_cname_blob( ARG4_IMPORT_CNAME_BLOB );
+
+
+
+/*
+ * GSS-API Version 1 functionality (RFC 1508 & 1509 )
+ */
+#define ARG8_ACQUIRE_CRED \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* desired_name */ \
+ OM_uint32 , /* time_req */ \
+ gss_OID_set , /* desired_mechs */ \
+ gss_cred_usage_t , /* cred_usage */ \
+ gss_cred_id_t FAR * , /* output_cred_handle */ \
+ gss_OID_set FAR * , /* actual_mechs */ \
+ OM_uint32 FAR * /* time_rec */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_acquire_cred( ARG8_ACQUIRE_CRED );
+
+
+
+#define ARG2_RELEASE_CRED \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_cred_id_t FAR * /* cred_handle */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_release_cred( ARG2_RELEASE_CRED );
+
+
+
+#define ARG13_INIT_SEC_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_cred_id_t , /* claimant_cred_handle */ \
+ gss_ctx_id_t FAR * , /* context_handle */ \
+ gss_name_t , /* target_name */ \
+ gss_OID , /* mech_type */ \
+ OM_uint32 , /* req_flags */ \
+ OM_uint32 , /* time_req */ \
+ gss_channel_bindings_t , /* input_chan_bindings */ \
+ gss_buffer_t , /* input_token */ \
+ gss_OID FAR * , /* actual_mech_type */ \
+ gss_buffer_t , /* output_token */ \
+ OM_uint32 FAR * , /* ret_flags */ \
+ OM_uint32 FAR * /* time_rec */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_init_sec_context( ARG13_INIT_SEC_CONTEXT );
+
+
+
+#define ARG11_ACCEPT_SEC_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t FAR * , /* context_handle */ \
+ gss_cred_id_t , /* verifier_cred_handle */ \
+ gss_buffer_t , /* input_token_buffer */ \
+ gss_channel_bindings_t , /* input_chan_bindings */ \
+ gss_name_t FAR * , /* src_name */ \
+ gss_OID FAR * , /* mech_type */ \
+ gss_buffer_t , /* output_token */ \
+ OM_uint32 FAR * , /* ret_flags */ \
+ OM_uint32 FAR * , /* time_rec */ \
+ gss_cred_id_t FAR * /* delegated_cred_handle */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_accept_sec_context( ARG11_ACCEPT_SEC_CONTEXT );
+
+
+
+#define ARG3_PROCESS_CONTEXT_TOKEN \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ gss_buffer_t /* token_buffer */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_process_context_token( ARG3_PROCESS_CONTEXT_TOKEN );
+
+
+
+#define ARG3_DELETE_SEC_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t FAR * , /* context_handle */ \
+ gss_buffer_t /* output_token */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_delete_sec_context( ARG3_DELETE_SEC_CONTEXT );
+
+
+
+#define ARG3_CONTEXT_TIME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ OM_uint32 FAR * /* time_rec */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_context_time( ARG3_CONTEXT_TIME );
+
+
+
+/* v2 name for gss_sign() */
+#define ARG5_GET_MIC \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ gss_qop_t , /* qop_req */ \
+ gss_buffer_t , /* message_buffer */ \
+ gss_buffer_t /* message_token */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_get_mic( ARG5_GET_MIC );
+
+
+
+/* v2 name for gss_verify() */
+#define ARG5_VERIFY_MIC \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ gss_buffer_t , /* message_buffer */ \
+ gss_buffer_t , /* token_buffer */ \
+ gss_qop_t FAR * /* qop_state */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_verify_mic( ARG5_VERIFY_MIC );
+
+
+
+/* v2 name for gss_seal() */
+#define ARG7_WRAP \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ int , /* conf_req_flag */ \
+ gss_qop_t , /* qop_req */ \
+ gss_buffer_t , /* input_message_buffer */ \
+ int FAR * , /* conf_state */ \
+ gss_buffer_t /* output_message_buffer */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_wrap( ARG7_WRAP );
+
+
+
+/* v2 name for gss_unseal() */
+#define ARG6_UNWRAP \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ gss_buffer_t , /* input_message_buffer */ \
+ gss_buffer_t , /* output_message_buffer */ \
+ int FAR * , /* conf_state */ \
+ gss_qop_t FAR * /* qop_state */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_unwrap( ARG6_UNWRAP );
+
+
+
+#define ARG6_DISPLAY_STATUS \
+ OM_uint32 FAR * , /* minor_status */ \
+ OM_uint32 , /* status_value */ \
+ int , /* status_type */ \
+ gss_OID , /* mech_type */ \
+ OM_uint32 FAR * , /* message_context */ \
+ gss_buffer_t /* status_string */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_display_status( ARG6_DISPLAY_STATUS );
+
+
+
+#define ARG2_INDICATE_MECHS \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID_set FAR * /* mech_set */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_indicate_mechs( ARG2_INDICATE_MECHS );
+
+
+
+#define ARG4_COMPARE_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* name1 */ \
+ gss_name_t , /* name2 */ \
+ int FAR * /* name_equal */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_compare_name( ARG4_COMPARE_NAME );
+
+
+
+#define ARG4_DISPLAY_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* input_name */ \
+ gss_buffer_t , /* output_name_buffer */ \
+ gss_OID FAR * /* output_name_type */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_display_name( ARG4_DISPLAY_NAME );
+
+
+
+#define ARG4_IMPORT_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_buffer_t , /* input_name_buffer */ \
+ gss_OID , /* input_name_type */ \
+ gss_name_t FAR * /* output_name */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_import_name( ARG4_IMPORT_NAME );
+
+
+
+#define ARG2_RELEASE_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t FAR * /* input_name */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_release_name( ARG2_RELEASE_NAME );
+
+
+
+#define ARG2_RELEASE_BUFFER \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_buffer_t /* buffer */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_release_buffer( ARG2_RELEASE_BUFFER );
+
+
+
+#define ARG2_RELEASE_OID_SET \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID_set FAR * /* set */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_release_oid_set( ARG2_RELEASE_OID_SET );
+
+
+
+#define ARG6_INQUIRE_CRED \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_cred_id_t , /* cred_handle */ \
+ gss_name_t FAR * , /* name */ \
+ OM_uint32 FAR * , /* lifetime */ \
+ gss_cred_usage_t FAR * , /* cred_usage */ \
+ gss_OID_set FAR * /* mechanisms */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_inquire_cred( ARG6_INQUIRE_CRED );
+
+
+
+
+/*
+ * New functionality of GSS-API Version 2
+ */
+#define ARG11_ADD_CRED \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_cred_id_t , /* input_cred_handle */ \
+ gss_name_t , /* desired_name */ \
+ gss_OID , /* desired_mech */ \
+ gss_cred_usage_t , /* cred_usage */ \
+ OM_uint32 , /* initiator_time_req */ \
+ OM_uint32 , /* acceptor_time_req */ \
+ gss_cred_id_t FAR * , /* output_cred_handle */ \
+ gss_OID_set FAR * , /* actual_mechs */ \
+ OM_uint32 FAR * , /* initiator_time_rec */ \
+ OM_uint32 FAR * /* acceptor_time_rec */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_add_cred( ARG11_ADD_CRED );
+
+
+
+#define ARG7_INQUIRE_CRED_BY_MECH \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_cred_id_t , /* cred_handle */ \
+ gss_OID , /* mech_type */ \
+ gss_name_t FAR * , /* name */ \
+ OM_uint32 FAR * , /* initiator_lifetime */ \
+ OM_uint32 FAR * , /* acceptor_lifetime */ \
+ gss_cred_usage_t FAR * /* cred_usage */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_inquire_cred_by_mech( ARG7_INQUIRE_CRED_BY_MECH );
+
+
+
+#define ARG9_INQUIRE_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context_handle */ \
+ gss_name_t FAR * , /* initiator_name */ \
+ gss_name_t FAR * , /* acceptor_name */ \
+ OM_uint32 FAR * , /* lifetime_rec */ \
+ gss_OID FAR * , /* mech_type */ \
+ OM_uint32 FAR * , /* ret_flags */ \
+ int FAR * , /* locally_initiated */ \
+ int FAR * /* open */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_inquire_context( ARG9_INQUIRE_CONTEXT );
+
+
+
+#define ARG6_WRAP_SIZE_LIMIT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t , /* context handle */ \
+ int , /* conf_req_flag */ \
+ gss_qop_t , /* qop_req */ \
+ OM_uint32 , /* requested output size */ \
+ OM_uint32 FAR * /* maximum input size */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_wrap_size_limit( ARG6_WRAP_SIZE_LIMIT );
+
+
+
+#define ARG3_EXPORT_SEC_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_ctx_id_t FAR * , /* context_handle */ \
+ gss_buffer_t /* interprocess_token */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_export_sec_context( ARG3_EXPORT_SEC_CONTEXT );
+
+
+
+#define ARG3_IMPORT_SEC_CONTEXT \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_buffer_t , /* interprocess_token */ \
+ gss_ctx_id_t FAR * /* context_handle */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_import_sec_context( ARG3_IMPORT_SEC_CONTEXT );
+
+
+
+#define ARG2_CREATE_EMPTY_OID_SET \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID_set FAR * /* oid_set */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_create_emtpy_oid_set( ARG2_CREATE_EMPTY_OID_SET );
+
+
+
+#define ARG3_ADD_OID_SET_MEMBER \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID , /* member_oid */ \
+ gss_OID_set FAR * /* oid_set */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_add_oid_set_member( ARG3_ADD_OID_SET_MEMBER );
+
+
+
+#define ARG4_TEST_OID_SET_MEMBER \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID , /* member */ \
+ gss_OID_set , /* set */ \
+ int FAR * /* present */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_test_oid_set_member( ARG4_TEST_OID_SET_MEMBER );
+
+
+
+#define ARG3_INQUIRE_NAMES_FOR_MECH \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_OID , /* mechanism_oid */ \
+ gss_OID_set FAR * /* name_types */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_inquire_names_for_mech( ARG3_INQUIRE_NAMES_FOR_MECH );
+
+
+
+#define ARG3_INQUIRE_MECHS_FOR_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* input_name */ \
+ gss_OID_set FAR * /* mechanism oids */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_inquire_mechs_for_name( ARG3_INQUIRE_MECHS_FOR_NAME );
+
+
+
+#define ARG4_CANONICALIZE_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* input_name */ \
+ gss_OID , /* mechanism_type */ \
+ gss_name_t FAR * /* output_name */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_canonicalize_name( ARG4_CANONICALIZE_NAME );
+
+
+
+#define ARG3_EXPORT_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* input_name */ \
+ gss_buffer_t /* output_name_blob */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_export_name( ARG3_EXPORT_NAME );
+
+
+
+#define ARG3_DUPLICATE_NAME \
+ OM_uint32 FAR * , /* minor_status */ \
+ gss_name_t , /* src_name */ \
+ gss_name_t FAR * /* dest_name */
+
+OM_uint32 DLL_FUNC_DECO
+sapgss_duplicate_name( ARG3_DUPLICATE_NAME );
+
+#endif /* _SNCGSS_H */
+
diff --git a/sncgss32.def b/sncgss32.def
new file mode 100644
index 0000000..a54080b
--- /dev/null
+++ b/sncgss32.def
@@ -0,0 +1,57 @@
+; $Id: sncgss32.def,v 1.1.1.1 1999/08/24 14:36:22 d019080 Exp $
+;----------------------------------------------------------------------
+; SNCGSS32.DLL SAP-SecureNetworkCommunication to GSS-API adapter DLL
+; Win32 Module Definition File (for Microsoft Visual C++ >= 2.1)
+;----------------------------------------------------------------------
+;
+
+;LIBRARY SNCGSS32
+DESCRIPTION 'SNC to GSSAPI v2 DLL-Adapter Win32'
+
+EXPORTS
+; SAP specific functions of the adapter
+ sapsnc_init_adapter @1
+ sapsnc_export_cname_blob @2
+ sapsnc_import_cname_blob @3
+
+; GSS-API Version 1 (RFC 1508,1509)
+ sapgss_acquire_cred @11
+ sapgss_release_cred @12
+ sapgss_init_sec_context @13
+ sapgss_accept_sec_context @14
+ sapgss_process_context_token @15
+ sapgss_delete_sec_context @16
+ sapgss_context_time @17
+ sapgss_get_mic @18
+ sapgss_verify_mic @19
+ sapgss_wrap @20
+ sapgss_unwrap @21
+ sapgss_display_status @22
+ sapgss_indicate_mechs @23
+ sapgss_compare_name @24
+ sapgss_display_name @25
+ sapgss_import_name @26
+ sapgss_release_name @27
+ sapgss_release_buffer @28
+ sapgss_release_oid_set @29
+ sapgss_inquire_cred @30
+
+; GSS-API Version 2 new calls
+ sapgss_add_cred
+ sapgss_inquire_cred_by_mech
+
+ sapgss_inquire_context
+ sapgss_wrap_size_limit
+ sapgss_export_sec_context
+ sapgss_import_sec_context
+
+ sapgss_create_empty_oid_set
+ sapgss_add_oid_set_member
+ sapgss_test_oid_set_member
+
+ sapgss_canonicalize_name
+ sapgss_export_name
+ sapgss_duplicate_name
+ sapgss_inquire_names_for_mech
+ sapgss_inquire_mechs_for_name
+
diff --git a/snckrb5.c b/snckrb5.c
new file mode 100644
index 0000000..f706278
--- /dev/null
+++ b/snckrb5.c
@@ -0,0 +1,1060 @@
+static char * this_File = "snckrb5.c";
+static char * cvs_id =
+ "$Id: snckrb5.c,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $";
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+
+/************************************************************************/
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/* */
+/* Configurable Parameters that describe the characteristics */
+/* of the security mechanism to which this adapter interfaces */
+/* To register a MECH_PREFIX or MECH_ID with SAP, */
+/* send a request via Email to <Martin.Rex@sap-ag.de> including */
+/* the following information: */
+/* - mechanism OID of gssapi mechanism */
+/* - gssapi mechanism name (for open protocol specs) */
+/* OR product name of proprietary gssapi mechanism */
+/* - default nametype OID */
+/* - proposed printable prefix (up to seven characters) */
+/* - Email address of technical contact */
+/* */
+/* In case you're implementing a published gssapi mechanism spec, */
+/* a SAPGSS_MECH_ID and SAPGSS_MECH_PREFIX may already be assigned. */
+/* You can check the "sncgss.h" Header file first. */
+/* */
+/* */
+/* ADAPTER_MECH_NAME Name of gssapi mechanism protocol */
+/* (for open protocol specifications) */
+/* OR name of a software product for */
+/* a proprietary gssapi mechanism */
+/* */
+/* ADAPTER_MECH_PREFIX (must REGISTER with SAP) */
+/* ASCII-string up to 7 chars to */
+/* identify the mechanism */
+/* */
+/* ADAPTER_MECH_ID (must REGISTER with SAP) */
+/* numeric constant taken from the */
+/* SAPGSS_MECH_ID enumerator in "sncgss.h" */
+/* */
+/* ADAPTER_MECHANISM_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the gssapi mechanism to which this */
+/* SNC-Adapter will be linked */
+/* */
+/* ADAPTER_NAMETYPE_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the default/canonical/native nametype*/
+/* of above gssapi mechanism */
+/* */
+/* ADAPTER_MAJOR_REVISION cosmetic, no functional purpose */
+/* ADAPTER_MINOR_REVISION cosmetic, no functional purpose */
+/* */
+/* ADAPTER_CONF_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message confidentiality protection */
+/* for all established security contexts */
+/* */
+/* ADAPTER_INTEG_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message integrity protection for all */
+/* established security contexts */
+/* */
+/* ADAPTER_MUTUAL_AUTH (0 or 1) REQUIRED */
+/* implemenation guarantees availability */
+/* of mutual authentication on security */
+/* contexts. Absence of mutual auth is */
+/* a serious security problem in */
+/* distributed applications */
+/* */
+/* ADAPTER_REPLAY_PROT (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of replay detection of protected */
+/* messages on all security contexts. */
+/* SAP R/3 process all messages on a */
+/* particular security context strictly */
+/* sequential, so it's acceptable */
+/* if replay detection is only available */
+/* in combination with sequence protection */
+/* */
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/************************************************************************/
+
+
+#define ADAPTER_MECH_NAME SAPGSS_KERBEROS5_NAME
+ /* Name of the gssapi mechanism or product */
+ /* that this SNC-Adapter interfaces to */
+ /* (less than 80 characters, please !!) */
+
+
+#define ADAPTER_MECH_PREFIX SAPGSS_KERBEROS5_PREFIX
+ /* Mech prefix for mechanism */
+ /* (register this prefix with SAP) */
+ /* Alphanumeric, must be <= 7 characters long */
+ /* This prefix may be used within SNC-Names */
+ /* i.e. "p/sapntlm:NTDomain\User" */
+
+
+#define ADAPTER_MECH_ID SAPGSS_ID_KERBEROS5
+ /* Mechanism identifier */
+ /* numeric (16-bit unsigned integer) */
+ /* used internally by SNC for tagging */
+ /* and to distinguish different gssapi mechs */
+
+
+ /* ASN.1 OID of the gssapi mechanism to which this */
+ /* SNC-Adapter is linked */
+#define ADAPTER_MECHANISM_OID SAPGSS_KERBEROS5_MECH_OID
+
+ /* ASN.1 OID of the default/canonical nametype that */
+ /* this gssapi mechanism will accept with gss_import_name() */
+ /* and emit with gss_display_name() for canonical names */
+#define ADAPTER_NAMETYPE_OID SAPGSS_KERBEROS5_CNAME_OID
+
+
+/*******************/
+/* 16-bit Integers */
+/*******************/
+#define ADAPTER_MAJOR_REVISION 1 /* indicates API changes */
+
+#define ADAPTER_MINOR_REVISION 0 /* indicates fixes or */
+ /* cosmetic changes */
+
+/*******************/
+/* BOOLEAN values */
+/*******************/
+#define ADAPTER_CONF_AVAIL 1 /* Confidentiality available */
+#define ADAPTER_INTEG_AVAIL 1 /* Integrity available */
+
+#define ADAPTER_MUTUAL_AUTH 1 /* supports mutual authentication */
+#define ADAPTER_REPLAY_PROT 1 /* supports message replay detection */
+
+
+/************************************************************************/
+/*>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/
+/************************************************************************/
+
+
+
+
+/* Some ANSI-C standard headers */
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/**********************************************************************/
+/* */
+/* Microsoft Windows DLL support */
+/* */
+/**********************************************************************/
+
+#ifdef _WIN32
+# include <windows.h>
+ BOOL APIENTRY
+ DllMain(HANDLE hInst, DWORD ul_reason_being_called, LPVOID lpReserved)
+ {
+ return 1;
+
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(ul_reason_being_called);
+ UNREFERENCED_PARAMETER(lpReserved);
+ }
+#else
+
+# if defined(_WINDOWS)
+# include <windows.h>
+# ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(x) ((x)=(x))
+# endif
+
+ BOOL CALLBACK
+ LibMain (HINSTANCE hInst, WORD wDataSeg, WORD cbHeap, LPSTR CmdLine)
+ {
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(wDataSeg);
+ UNREFERENCED_PARAMETER(cbHeap);
+ UNREFERENCED_PARAMETER(CmdLine);
+
+ return 1;
+ }
+
+ int CALLBACK __export
+ WEP(int nParam)
+ {
+ UNREFERENCED_PARAMETER(nParam);
+
+ return 1;
+ }
+# endif
+
+#endif
+
+/**********************************************************************/
+/* */
+/* Import interface */
+/* - include files of other projects */
+/* Declare gss_* function prototypes as __declspec(dllimport) */
+/* */
+/**********************************************************************/
+
+#include "platform.h"
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO IMPORT_DATA
+#define DLL_FUNC_DECO IMPORT_FUNCTION
+#include "gssapi_2.h"
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - header files of this project */
+/* Declare our sapgss_* function prototypes as __declspec(dllexport) */
+/* */
+/**********************************************************************/
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO EXPORT_DATA
+#define DLL_FUNC_DECO EXPORT_FUNCTION
+#include "sncgss.h"
+
+
+
+
+/************************************************************************/
+/* (27-jun-95) Martin Rex */
+/* With the following two macros one can convert macros into */
+/* string literals to include them in constant strings. */
+/* see ANSI-C, X3.159-1989 section 3.8.3.2 and example on pg. 93 */
+/************************************************************************/
+#define LITERAL_MACRO(x) # x
+#define XLITERAL_MACRO(x) LITERAL_MACRO(x)
+
+
+
+
+/****************************************************/
+/* we don't need to export/share OID data at the */
+/* shared library interface for SAP R/3, */
+/* and is not part of the draft-ietf-cat-wingss-... */
+/****************************************************/
+
+static gss_OID_desc oids[] = {
+ ADAPTER_NAMETYPE_OID, /* nametype OID for canonical printable name */
+ ADAPTER_MECHANISM_OID /* mechanism OID of the gssapi mechanism */
+};
+
+static gss_OID sapsnc_nt_canon_printable_name = &(oids[0]);
+static gss_OID sapsnc_mech_oid = &(oids[1]);
+
+#define SAPSNC_CANON_NAME_OID sapsnc_nt_canon_printable_name
+
+/**********************************************************************
+ * sapsnc_init_adapter():
+ *
+ * Description:
+ * This function must be called before other functions of the
+ * gss-api are used. It sets up all translation pointers
+ * exported by the gss-api.
+ *
+ * Parameters:
+ * p_info IN REF the structure referenced by this
+ * pointer (see sapgss.h) describes
+ * some characteristics of the security
+ * mechanism to which this adapter interfaces
+ *
+ * p_length IN Length of the structure supplied by the
+ * SNC-Layer.
+ * Initialization policy for future enhancements:
+ * * SNC-Layer zeroes out structure before calling.
+ * * future extensions must be appended to the
+ * existing structure only
+ * * Unknown structure elements will not be changed.
+ * * The Adapter must initialize only fields known
+ * to the calling SNC-layer
+ * (i.e. no elements past p_length)
+ *
+ * Returns:
+ * 0 Initialization o.k.
+ * -1 FAILURE -- something is definitely broken if this happens
+ **********************************************************************/
+OM_uint32 EXPORT_FUNCTION
+sapsnc_init_adapter( struct sapgss_info_s *p_info, size_t p_length,
+ int adapter_idx )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ if ( p_info==NULL || p_length<=SNCADAPT_BASIC_INFO_LEN ) {
+
+ /* At least we want to fill in the basic set of information */
+ return(1);
+
+ } else {
+
+ memset( p_info, 0, p_length );
+
+ p_info->major_rev = (int) ADAPTER_MAJOR_REVISION;
+ p_info->minor_rev = (int) ADAPTER_MINOR_REVISION;
+
+ p_info->adapter_name =
+ "External SNC-Adapter"
+ " (Rev " XLITERAL_MACRO(ADAPTER_MAJOR_REVISION)
+ "." XLITERAL_MACRO(ADAPTER_MINOR_REVISION) ") to "
+ ADAPTER_MECH_NAME;
+
+ p_info->mech_id = ADAPTER_MECH_ID;
+
+ p_info->nt_canonical_name = SAPSNC_CANON_NAME_OID;
+ p_info->nt_private_name1 = sapsnc_nt_canon_printable_name;
+ p_info->nt_private_name2 = (gss_OID_desc *)0;
+ p_info->nt_private_name3 = (gss_OID_desc *)0;
+ p_info->nt_private_name4 = (gss_OID_desc *)0;
+
+ p_info->integ_avail = ADAPTER_INTEG_AVAIL;
+ p_info->conf_avail = ADAPTER_CONF_AVAIL;
+ p_info->unused1 = 0; /* historic/expirmental, MUST be 0 */
+ p_info->export_sec_context = 1; /* required functionality, MUST be 1 */
+ p_info->mutual_auth = ADAPTER_MUTUAL_AUTH;
+ p_info->replay_prot = ADAPTER_REPLAY_PROT;
+
+ p_info->unused2 = 0; /* historic/experimental, MUST be 0 */
+
+ p_info->mech_prefix_string = ADAPTER_MECH_PREFIX;
+
+ if ( p_length>=SNCADAPT_INFO_LEN(mech_oid) ) {
+ p_info->mech_oid = sapsnc_mech_oid;
+ }
+
+ }
+
+ /* Initialize future elements only if the supplied structure is large */
+ /* enough, */
+ /* i.e. the calling SNC-layer is as recent or newer as the adapter */
+
+ return(0);
+
+} /* sapsnc_init_adapter() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapsnc_export_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+ UNREFERENCED_PARAMETER(in_name);
+
+ if ( out_identity!=NULL ) {
+ out_identity->length = 0;
+ out_identity->value = NULL;
+ }
+
+ if ( min_stat!=NULL )
+ (*min_stat) = 0;
+
+ return(GSS_S_FAILURE);
+
+} /* sapsnc_export_cname_blob() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+OM_uint32 EXPORT_FUNCTION
+sapsnc_import_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_name_t * out_name, /* output_name */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ return( gss_import_name( min_stat, in_identity,
+ (gss_OID)SAPSNC_CANON_NAME_OID, out_name ) );
+
+} /* sapsnc_import_cname_blob() */
+
+
+/*********************************************************************
+ *
+ * All functions following this comment are CALL ADAPTERS
+ * to the GSS-API functions.
+ *
+ *********************************************************************/
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* *******************/
+/******************* GSS-API v1 ( RFC 1508/1509 ) *******************/
+/******************* *******************/
+/**********************************************************************/
+/**********************************************************************/
+
+
+/* sapgss_acquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_acquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t my_gss_name, /* desired_name */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_OID_set in_mechs, /* desired_mechs */
+ gss_cred_usage_t in_cred_usage, /* cred_usage */
+ gss_cred_id_t * out_cred, /* output_cred_handle */
+ gss_OID_set * out_mechs, /* actual_mechs */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_acquire_cred( min_stat, my_gss_name, in_lifetime,
+ in_mechs, in_cred_usage,
+ out_cred, out_mechs, out_lifetime ) );
+}
+
+
+
+/* sapgss_release_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t * in_cred /* cred_handle */
+ )
+{
+ return( gss_release_cred( min_stat, in_cred ) );
+}
+
+
+
+/* sapgss_init_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_init_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* claimant_cred_handle */
+ gss_ctx_id_t * in_context, /* context_handle */
+ gss_name_t in_name, /* target_name */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 in_service_opts, /* req_flags */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_buffer_t in_token, /* input_token */
+ gss_OID * out_mech, /* actual_mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 * out_service_opts, /* ret_flags */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_init_sec_context( min_stat, in_cred, in_context, in_name,
+ in_mech, in_service_opts, in_lifetime,
+ in_channel_bind, in_token, out_mech,
+ out_token, out_service_opts, out_lifetime ) );
+}
+
+
+
+/* sapgss_accept_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_accept_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_cred_id_t in_cred, /* verifier_cred_handle */
+ gss_buffer_t in_token, /* input_token_buffer */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_name_t *peer_name, /* src_name */
+ gss_OID *out_mech, /* mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 *out_service_opts, /* ret_flags */
+ OM_uint32 *out_lifetime, /* time_rec */
+ gss_cred_id_t *out_cred /* delegated_cred_handle */
+ )
+{
+ return( gss_accept_sec_context( min_stat, in_context, in_cred, in_token,
+ in_channel_bind, peer_name, out_mech,
+ out_token, out_service_opts, out_lifetime,
+ out_cred ) );
+}
+
+
+
+/* sapgss_process_context_token() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_process_context_token(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token /* token_buffer */
+ )
+{
+ return( gss_process_context_token( min_stat, in_context, in_token ) );
+}
+
+
+
+/* sapgss_delete_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_delete_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_buffer_t out_token /* output_token */
+ )
+{
+ return( gss_delete_sec_context( min_stat, in_context, out_token ) );
+}
+
+
+
+/* sapgss_context_time() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_context_time(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_context_time( min_stat, in_context, out_lifetime ) );
+}
+
+
+
+/* sapgss_get_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_get_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t out_token /* message_token */
+ )
+{
+ return( gss_get_mic( min_stat, in_context, in_qop, in_msg, out_token ) );
+}
+
+
+
+/* sapgss_verify_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_verify_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t in_token, /* token_buffer */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_verify_mic( min_stat, in_context, in_msg, in_token, out_qop ) );
+}
+
+
+
+/* sapgss_wrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* input_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_buffer_t out_token /* output_message_buffer */
+ )
+{
+ return( gss_wrap( min_stat, in_context, in_want_conf,
+ in_qop, in_msg, out_is_conf, out_token ) );
+}
+
+
+
+/* sapgss_unwrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_unwrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token, /* input_message_buffer */
+ gss_buffer_t out_msg, /* output_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_unwrap( min_stat, in_context, in_token,
+ out_msg, out_is_conf, out_qop ) );
+}
+
+
+
+/* sapgss_display_status() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_status(
+ OM_uint32 *min_stat, /* minor_status */
+ OM_uint32 in_status, /* status_value */
+ int in_status_type, /* status_type */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 *out_more_text, /* message_context */
+ gss_buffer_t out_text /* status_string */
+ )
+{
+ return( gss_display_status( min_stat, in_status, in_status_type,
+ in_mech, out_more_text, out_text ) );
+}
+
+
+
+/*
+ * sapgss_indicate_mechs()
+ *
+ * IMPORTANT: This call MUST return the correct mech_OID
+ * for this implementation in the first position of the
+ * out_mechs OID array!
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_indicate_mechs(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *out_mechs /* mech_set */
+ )
+{
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat2;
+
+ maj_stat = gss_indicate_mechs( min_stat, out_mechs );
+
+ if ( maj_stat==GSS_S_COMPLETE ) {
+ if ( out_mechs==NULL
+ || (*out_mechs)==GSS_C_NO_OID_SET
+ || (*out_mechs)->count==0
+ || (*out_mechs)->elements==GSS_C_NO_OID
+ || ((*out_mechs)->elements[0]).length!=sapsnc_mech_oid->length
+ || memcmp( ((*out_mechs)->elements[0]).elements,
+ sapsnc_mech_oid->elements, sapsnc_mech_oid->length )!=0 ) {
+
+ (void)sapgss_release_oid_set( &min_stat2, out_mechs );
+
+ (*out_mechs) = GSS_C_NO_OID_SET;
+ (*min_stat) = 0;
+
+ return(GSS_S_BAD_MECH);
+
+ }
+ }
+
+ return(maj_stat);
+
+}
+
+
+
+/* sapgss_compare_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_compare_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name1, /* name1 */
+ gss_name_t in_name2, /* name2 */
+ int *out_are_equal /* name_equal */
+ )
+{
+ return( gss_compare_name( min_stat, in_name1, in_name2, out_are_equal ) );
+}
+
+
+
+/* sapgss_display_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ gss_OID *out_oid /* output_name_type */
+ )
+{
+ return( gss_display_name( min_stat, in_name, out_identity, out_oid ) );
+}
+
+
+
+/* sapgss_import_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_OID in_oid, /* input_name_type */
+ gss_name_t *out_name /* output_name */
+ )
+{
+ return( gss_import_name( min_stat, in_identity, in_oid, out_name ) );
+}
+
+
+
+/* sapgss_release_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t *in_name /* input_name */
+ )
+{
+ return( gss_release_name( min_stat, in_name ) );
+}
+
+
+
+/* sapgss_release_buffer() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_buffer(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_buffer /* buffer */
+ )
+{
+ return( gss_release_buffer( min_stat, in_buffer ) );
+}
+
+
+
+/* sapgss_release_oid_set() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_oid_set(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *in_oids /* set */
+ )
+{
+ return( gss_release_oid_set( min_stat, in_oids ) );
+}
+
+
+
+/* sapgss_inquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* cred_handle */
+ gss_name_t * out_name, /* name */
+ OM_uint32 * out_lifetime, /* lifetime */
+ gss_cred_usage_t * out_cred_usage, /* cred_usage */
+ gss_OID_set * out_mechs /* mechanisms */
+ )
+{
+ return( gss_inquire_cred( min_stat, in_cred, out_name,
+ out_lifetime, out_cred_usage, out_mechs ) );
+}
+
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* ********************/
+/******************* New fuctions for GSS-API v2 ********************/
+/******************* ********************/
+/**********************************************************************/
+/**********************************************************************/
+
+/*
+ * sapgss_add_cred()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ *
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_cred(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t input_cred_handle, /* input_cred_handle */
+ gss_name_t desired_name, /* desired_name */
+ gss_OID desired_mech, /* desired_mech */
+ gss_cred_usage_t cred_usage, /* cred_usage */
+ OM_uint32 initiator_time_req, /* initiator_time_req */
+ OM_uint32 acceptor_time_req, /* acceptor_time_req */
+ gss_cred_id_t FAR * output_cred_handle, /* output_cred_handle */
+ gss_OID_set FAR * actual_mechs, /* actual_mechs */
+ OM_uint32 FAR * initiator_time_rec, /* initiator_time_rec */
+ OM_uint32 FAR * acceptor_time_rec /* acceptor_time_rec */
+ )
+{
+ return( gss_add_cred( min_stat, input_cred_handle, desired_name,
+ desired_mech, cred_usage, initiator_time_req,
+ acceptor_time_req,
+ output_cred_handle, actual_mechs,
+ initiator_time_rec, acceptor_time_rec ) );
+}
+
+
+
+/*
+ * sapgss_inquire_cred_by_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred_by_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t cred_handle, /* cred_handle */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * name, /* name */
+ OM_uint32 FAR * initiator_lifetime, /* initiator_lifetime */
+ OM_uint32 FAR * acceptor_lifetime, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * cred_usage /* cred_usage */
+ )
+{
+ return( gss_inquire_cred_by_mech( min_stat, cred_handle, mech_type,
+ name, initiator_lifetime,
+ acceptor_lifetime, cred_usage ) );
+}
+
+
+
+/* sapgss_inquire_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_name_t *out_myname, /* initiator_name */
+ gss_name_t *out_peername, /* acceptor_name */
+ OM_uint32 *out_lifetime, /* lifetime_rec */
+ gss_OID *out_mech, /* mech_type */
+ OM_uint32 *out_service_opts, /* ctx_flags */
+ int *out_initiator, /* locally_initiated */
+ int *out_open /* open */
+ )
+{
+ return( gss_inquire_context( min_stat, in_context, out_myname,
+ out_peername, out_lifetime, out_mech,
+ out_service_opts, out_initiator, out_open) );
+}
+
+
+
+/*
+ * sapgss_wrap_size_limit()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap_size_limit(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t qop_req, /* qop_req */
+ OM_uint32 out_size, /* requested output size */
+ OM_uint32 * max_in_size /* maximum input size */
+ )
+{
+ return( gss_wrap_size_limit( min_stat, in_context, in_want_conf,
+ qop_req, out_size, max_in_size) );
+}
+
+
+
+/* sapgss_export_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t * in_ctx, /* context_handle */
+ gss_buffer_t out_buffer /* interprocess_token */
+ )
+{
+ return( gss_export_sec_context( min_stat, in_ctx, out_buffer ) );
+}
+
+
+
+/* sapgss_import_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_buffer, /* interprocess_token */
+ gss_ctx_id_t * out_ctx /* context_handle */
+ )
+{
+ return( gss_import_sec_context( min_stat, in_buffer, out_ctx ) );
+}
+
+
+
+/*
+ * sapgss_create_empty_oid_set()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_create_empty_oid_set(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_create_empty_oid_set( min_stat, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_add_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member_oid, /* member_oid */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_add_oid_set_member( min_stat, member_oid, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_test_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_test_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member, /* member */
+ gss_OID_set set, /* set */
+ int FAR * present /* present */
+ )
+{
+ return( gss_test_oid_set_member( min_stat, member, set, present ) );
+}
+
+
+
+/*
+ * sapgss_inquire_names_for_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_names_for_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID mech_oid, /* mechanism_oid */
+ gss_OID_set FAR * name_types /* name_types */
+ )
+{
+ return( gss_inquire_names_for_mech( min_stat, mech_oid, name_types ) );
+}
+
+
+
+/*
+ * sapgss_inquire_mechs_for_name()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_mechs_for_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID_set FAR * mech_set /* mechanism_oids */
+ )
+{
+ return( gss_inquire_mechs_for_name( min_stat, input_name, mech_set ) );
+}
+
+
+/* sapgss_canonicalize_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_canonicalize_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * output_name /* output_name */
+ )
+{
+ return( gss_canonicalize_name( min_stat, input_name,
+ mech_type, output_name ) );
+}
+
+
+/* sapgss_export_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_buffer_t output_name_blob /* output_name_blob */
+ )
+{
+ return( gss_export_name( min_stat, input_name, output_name_blob ) );
+}
+
+
+/*
+ * sapgss_duplicate_name()
+ *
+ * Status: Don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_duplicate_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t src_name, /* src_name */
+ gss_name_t FAR * dest_name /* dest_name */
+ )
+{
+ return( gss_duplicate_name( min_stat, src_name, dest_name ) );
+}
+
+
+/* end of snckrb5.c */
+
diff --git a/sncntlm.c b/sncntlm.c
new file mode 100644
index 0000000..8eab195
--- /dev/null
+++ b/sncntlm.c
@@ -0,0 +1,1060 @@
+static char * this_File = "sncntlm.c";
+static char * cvs_id =
+ "$Id: sncntlm.c,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $";
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+
+
+/************************************************************************/
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/* */
+/* Configurable Parameters that describe the characteristics */
+/* of the security mechanism to which this adapter interfaces */
+/* To register a MECH_PREFIX or MECH_ID with SAP, */
+/* send a request via Email to <Martin.Rex@sap-ag.de> including */
+/* the following information: */
+/* - mechanism OID of gssapi mechanism */
+/* - gssapi mechanism name (for open protocol specs) */
+/* OR product name of proprietary gssapi mechanism */
+/* - default nametype OID */
+/* - proposed printable prefix (up to seven characters) */
+/* - Email address of technical contact */
+/* */
+/* In case you're implementing a published gssapi mechanism spec, */
+/* a SAPGSS_MECH_ID and SAPGSS_MECH_PREFIX may already be assigned. */
+/* You can check the "sncgss.h" Header file first. */
+/* */
+/* */
+/* ADAPTER_MECH_NAME Name of gssapi mechanism protocol */
+/* (for open protocol specifications) */
+/* OR name of a software product for */
+/* a proprietary gssapi mechanism */
+/* */
+/* ADAPTER_MECH_PREFIX (must REGISTER with SAP) */
+/* ASCII-string up to 7 chars to */
+/* identify the mechanism */
+/* */
+/* ADAPTER_MECH_ID (must REGISTER with SAP) */
+/* numeric constant taken from the */
+/* SAPGSS_MECH_ID enumerator in "sncgss.h" */
+/* */
+/* ADAPTER_MECHANISM_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the gssapi mechanism to which this */
+/* SNC-Adapter will be linked */
+/* */
+/* ADAPTER_NAMETYPE_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the default/canonical/native nametype*/
+/* of above gssapi mechanism */
+/* */
+/* ADAPTER_MAJOR_REVISION cosmetic, no functional purpose */
+/* ADAPTER_MINOR_REVISION cosmetic, no functional purpose */
+/* */
+/* ADAPTER_CONF_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message confidentiality protection */
+/* for all established security contexts */
+/* */
+/* ADAPTER_INTEG_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message integrity protection for all */
+/* established security contexts */
+/* */
+/* ADAPTER_MUTUAL_AUTH (0 or 1) REQUIRED */
+/* implemenation guarantees availability */
+/* of mutual authentication on security */
+/* contexts. Absence of mutual auth is */
+/* a serious security problem in */
+/* distributed applications */
+/* */
+/* ADAPTER_REPLAY_PROT (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of replay detection of protected */
+/* messages on all security contexts. */
+/* SAP R/3 process all messages on a */
+/* particular security context strictly */
+/* sequential, so it's acceptable */
+/* if replay detection is only available */
+/* in combination with sequence protection */
+/* */
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/************************************************************************/
+
+
+#define ADAPTER_MECH_NAME SAPGSS_SAPNTLM_NAME
+ /* Name of the gssapi mechanism or product */
+ /* that this SNC-Adapter interfaces to */
+ /* (less than 80 characters, please !!) */
+
+
+#define ADAPTER_MECH_PREFIX SAPGSS_SAPNTLM_PREFIX
+ /* Mech prefix for mechanism */
+ /* (register this prefix with SAP) */
+ /* Alphanumeric, must be <= 7 characters long */
+ /* This prefix may be used within SNC-Names */
+ /* i.e. "p/sapntlm:NTDomain\User" */
+
+
+#define ADAPTER_MECH_ID SAPGSS_ID_SAPNTLM
+ /* Mechanism identifier */
+ /* numeric (16-bit unsigned integer) */
+ /* used internally by SNC for tagging */
+ /* and to distinguish different gssapi mechs */
+
+
+ /* ASN.1 OID of the gssapi mechanism to which this */
+ /* SNC-Adapter is linked */
+#define ADAPTER_MECHANISM_OID SAPGSS_SAPNTLM_MECH_OID
+
+ /* ASN.1 OID of the default/canonical nametype that */
+ /* this gssapi mechanism will accept with gss_import_name() */
+ /* and emit with gss_display_name() for canonical names */
+#define ADAPTER_NAMETYPE_OID SAPGSS_SAPNTLM_CNAME_OID
+
+
+/*******************/
+/* 16-bit Integers */
+/*******************/
+#define ADAPTER_MAJOR_REVISION 1 /* indicates API changes */
+
+#define ADAPTER_MINOR_REVISION 0 /* indicates fixes or */
+ /* cosmetic changes */
+
+/*******************/
+/* BOOLEAN values */
+/*******************/
+#define ADAPTER_CONF_AVAIL 0 /* Confidentiality available */
+#define ADAPTER_INTEG_AVAIL 0 /* Integrity available */
+
+#define ADAPTER_MUTUAL_AUTH 0 /* supports mutual authentication */
+#define ADAPTER_REPLAY_PROT 0 /* supports message replay detection */
+
+
+/************************************************************************/
+/*>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/
+/************************************************************************/
+
+
+
+
+/* Some ANSI-C standard headers */
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/**********************************************************************/
+/* */
+/* Microsoft Windows DLL support */
+/* */
+/**********************************************************************/
+
+#ifdef _WIN32
+# include <windows.h>
+ BOOL APIENTRY
+ DllMain(HANDLE hInst, DWORD ul_reason_being_called, LPVOID lpReserved)
+ {
+ return 1;
+
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(ul_reason_being_called);
+ UNREFERENCED_PARAMETER(lpReserved);
+ }
+#else
+
+# if defined(_WINDOWS)
+# include <windows.h>
+# ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(x) ((x)=(x))
+# endif
+
+ BOOL CALLBACK
+ LibMain (HINSTANCE hInst, WORD wDataSeg, WORD cbHeap, LPSTR CmdLine)
+ {
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(wDataSeg);
+ UNREFERENCED_PARAMETER(cbHeap);
+ UNREFERENCED_PARAMETER(CmdLine);
+
+ return 1;
+ }
+
+ int CALLBACK __export
+ WEP(int nParam)
+ {
+ UNREFERENCED_PARAMETER(nParam);
+
+ return 1;
+ }
+# endif
+
+#endif
+
+/**********************************************************************/
+/* */
+/* Import interface */
+/* - include files of other projects */
+/* Declare gss_* function prototypes as __declspec(dllimport) */
+/* */
+/**********************************************************************/
+
+#include "platform.h"
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO IMPORT_DATA
+#define DLL_FUNC_DECO IMPORT_FUNCTION
+#include "gssapi_2.h"
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - header files of this project */
+/* Declare our sapgss_* function prototypes as __declspec(dllexport) */
+/* */
+/**********************************************************************/
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO EXPORT_DATA
+#define DLL_FUNC_DECO EXPORT_FUNCTION
+#include "sncgss.h"
+
+
+
+
+/************************************************************************/
+/* (27-jun-95) Martin Rex */
+/* With the following two macros one can convert macros into */
+/* string literals to include them in constant strings. */
+/* see ANSI-C, X3.159-1989 section 3.8.3.2 and example on pg. 93 */
+/************************************************************************/
+#define LITERAL_MACRO(x) # x
+#define XLITERAL_MACRO(x) LITERAL_MACRO(x)
+
+
+
+/****************************************************/
+/* we don't need to export/share OID data at the */
+/* shared library interface for SAP R/3, */
+/* and is not part of the draft-ietf-cat-wingss-... */
+/****************************************************/
+
+static gss_OID_desc oids[] = {
+ ADAPTER_NAMETYPE_OID, /* nametype OID for canonical printable name */
+ ADAPTER_MECHANISM_OID /* mechanism OID of the gssapi mechanism */
+};
+
+static gss_OID sapsnc_nt_canon_printable_name = &(oids[0]);
+static gss_OID sapsnc_mech_oid = &(oids[1]);
+
+#define SAPSNC_CANON_NAME_OID sapsnc_nt_canon_printable_name
+
+/**********************************************************************
+ * sapsnc_init_adapter():
+ *
+ * Description:
+ * This function must be called before other functions of the
+ * gss-api are used. It sets up all translation pointers
+ * exported by the gss-api.
+ *
+ * Parameters:
+ * p_info IN REF the structure referenced by this
+ * pointer (see sapgss.h) describes
+ * some characteristics of the security
+ * mechanism to which this adapter interfaces
+ *
+ * p_length IN Length of the structure supplied by the
+ * SNC-Layer.
+ * Initialization policy for future enhancements:
+ * * SNC-Layer zeroes out structure before calling.
+ * * future extensions must be appended to the
+ * existing structure only
+ * * Unknown structure elements will not be changed.
+ * * The Adapter must initialize only fields known
+ * to the calling SNC-layer
+ * (i.e. no elements past p_length)
+ *
+ * Returns:
+ * 0 Initialization o.k.
+ * -1 FAILURE -- something is definitely broken if this happens
+ **********************************************************************/
+OM_uint32 EXPORT_FUNCTION
+sapsnc_init_adapter( struct sapgss_info_s *p_info, size_t p_length,
+ int adapter_idx )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ if ( p_info==NULL || p_length<=SNCADAPT_BASIC_INFO_LEN ) {
+
+ /* At least we want to fill in the basic set of information */
+ return(1);
+
+ } else {
+
+ memset( p_info, 0, p_length );
+
+ p_info->major_rev = (int) ADAPTER_MAJOR_REVISION;
+ p_info->minor_rev = (int) ADAPTER_MINOR_REVISION;
+
+ p_info->adapter_name =
+ "External SNC-Adapter"
+ " (Rev " XLITERAL_MACRO(ADAPTER_MAJOR_REVISION)
+ "." XLITERAL_MACRO(ADAPTER_MINOR_REVISION) ") to "
+ ADAPTER_MECH_NAME;
+
+ p_info->mech_id = ADAPTER_MECH_ID;
+
+ p_info->nt_canonical_name = SAPSNC_CANON_NAME_OID;
+ p_info->nt_private_name1 = sapsnc_nt_canon_printable_name;
+ p_info->nt_private_name2 = (gss_OID_desc *)0;
+ p_info->nt_private_name3 = (gss_OID_desc *)0;
+ p_info->nt_private_name4 = (gss_OID_desc *)0;
+
+ p_info->integ_avail = ADAPTER_INTEG_AVAIL;
+ p_info->conf_avail = ADAPTER_CONF_AVAIL;
+ p_info->unused1 = 0; /* historic/expirmental, MUST be 0 */
+ p_info->export_sec_context = 1; /* required functionality, MUST be 1 */
+ p_info->mutual_auth = ADAPTER_MUTUAL_AUTH;
+ p_info->replay_prot = ADAPTER_REPLAY_PROT;
+
+ p_info->unused2 = 0; /* historic/experimental, MUST be 0 */
+
+ p_info->mech_prefix_string = ADAPTER_MECH_PREFIX;
+
+ if ( p_length>=SNCADAPT_INFO_LEN(mech_oid) ) {
+ p_info->mech_oid = sapsnc_mech_oid;
+ }
+
+ }
+
+ /* Initialize future elements only if the supplied structure is large */
+ /* enough, */
+ /* i.e. the calling SNC-layer is as recent or newer as the adapter */
+
+ return(0);
+
+} /* sapsnc_init_adapter() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapsnc_export_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+ UNREFERENCED_PARAMETER(in_name);
+
+ if ( out_identity!=NULL ) {
+ out_identity->length = 0;
+ out_identity->value = NULL;
+ }
+
+ if ( min_stat!=NULL )
+ (*min_stat) = 0;
+
+ return(GSS_S_FAILURE);
+
+} /* sapsnc_export_cname_blob() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+OM_uint32 EXPORT_FUNCTION
+sapsnc_import_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_name_t * out_name, /* output_name */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ return( gss_import_name( min_stat, in_identity,
+ (gss_OID)SAPSNC_CANON_NAME_OID, out_name ) );
+
+} /* sapsnc_import_cname_blob() */
+
+
+/*********************************************************************
+ *
+ * All functions following this comment are CALL ADAPTERS
+ * to the GSS-API functions.
+ *
+ *********************************************************************/
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* *******************/
+/******************* GSS-API v1 ( RFC 1508/1509 ) *******************/
+/******************* *******************/
+/**********************************************************************/
+/**********************************************************************/
+
+
+/* sapgss_acquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_acquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t my_gss_name, /* desired_name */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_OID_set in_mechs, /* desired_mechs */
+ gss_cred_usage_t in_cred_usage, /* cred_usage */
+ gss_cred_id_t * out_cred, /* output_cred_handle */
+ gss_OID_set * out_mechs, /* actual_mechs */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_acquire_cred( min_stat, my_gss_name, in_lifetime,
+ in_mechs, in_cred_usage,
+ out_cred, out_mechs, out_lifetime ) );
+}
+
+
+
+/* sapgss_release_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t * in_cred /* cred_handle */
+ )
+{
+ return( gss_release_cred( min_stat, in_cred ) );
+}
+
+
+
+/* sapgss_init_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_init_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* claimant_cred_handle */
+ gss_ctx_id_t * in_context, /* context_handle */
+ gss_name_t in_name, /* target_name */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 in_service_opts, /* req_flags */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_buffer_t in_token, /* input_token */
+ gss_OID * out_mech, /* actual_mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 * out_service_opts, /* ret_flags */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_init_sec_context( min_stat, in_cred, in_context, in_name,
+ in_mech, in_service_opts, in_lifetime,
+ in_channel_bind, in_token, out_mech,
+ out_token, out_service_opts, out_lifetime ) );
+}
+
+
+
+/* sapgss_accept_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_accept_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_cred_id_t in_cred, /* verifier_cred_handle */
+ gss_buffer_t in_token, /* input_token_buffer */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_name_t *peer_name, /* src_name */
+ gss_OID *out_mech, /* mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 *out_service_opts, /* ret_flags */
+ OM_uint32 *out_lifetime, /* time_rec */
+ gss_cred_id_t *out_cred /* delegated_cred_handle */
+ )
+{
+ return( gss_accept_sec_context( min_stat, in_context, in_cred, in_token,
+ in_channel_bind, peer_name, out_mech,
+ out_token, out_service_opts, out_lifetime,
+ out_cred ) );
+}
+
+
+
+/* sapgss_process_context_token() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_process_context_token(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token /* token_buffer */
+ )
+{
+ return( gss_process_context_token( min_stat, in_context, in_token ) );
+}
+
+
+
+/* sapgss_delete_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_delete_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_buffer_t out_token /* output_token */
+ )
+{
+ return( gss_delete_sec_context( min_stat, in_context, out_token ) );
+}
+
+
+
+/* sapgss_context_time() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_context_time(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_context_time( min_stat, in_context, out_lifetime ) );
+}
+
+
+
+/* sapgss_get_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_get_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t out_token /* message_token */
+ )
+{
+ return( gss_get_mic( min_stat, in_context, in_qop, in_msg, out_token ) );
+}
+
+
+
+/* sapgss_verify_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_verify_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t in_token, /* token_buffer */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_verify_mic( min_stat, in_context, in_msg, in_token, out_qop ) );
+}
+
+
+
+/* sapgss_wrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* input_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_buffer_t out_token /* output_message_buffer */
+ )
+{
+ return( gss_wrap( min_stat, in_context, in_want_conf,
+ in_qop, in_msg, out_is_conf, out_token ) );
+}
+
+
+
+/* sapgss_unwrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_unwrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token, /* input_message_buffer */
+ gss_buffer_t out_msg, /* output_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_unwrap( min_stat, in_context, in_token,
+ out_msg, out_is_conf, out_qop ) );
+}
+
+
+
+/* sapgss_display_status() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_status(
+ OM_uint32 *min_stat, /* minor_status */
+ OM_uint32 in_status, /* status_value */
+ int in_status_type, /* status_type */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 *out_more_text, /* message_context */
+ gss_buffer_t out_text /* status_string */
+ )
+{
+ return( gss_display_status( min_stat, in_status, in_status_type,
+ in_mech, out_more_text, out_text ) );
+}
+
+
+
+/*
+ * sapgss_indicate_mechs()
+ *
+ * IMPORTANT: This call MUST return the correct mech_OID
+ * for this implementation in the first position of the
+ * out_mechs OID array!
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_indicate_mechs(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *out_mechs /* mech_set */
+ )
+{
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat2;
+
+ maj_stat = gss_indicate_mechs( min_stat, out_mechs );
+
+ if ( maj_stat==GSS_S_COMPLETE ) {
+ if ( out_mechs==NULL
+ || (*out_mechs)==GSS_C_NO_OID_SET
+ || (*out_mechs)->count==0
+ || (*out_mechs)->elements==GSS_C_NO_OID
+ || ((*out_mechs)->elements[0]).length!=sapsnc_mech_oid->length
+ || memcmp( ((*out_mechs)->elements[0]).elements,
+ sapsnc_mech_oid->elements, sapsnc_mech_oid->length )!=0 ) {
+
+ (void)sapgss_release_oid_set( &min_stat2, out_mechs );
+
+ (*out_mechs) = GSS_C_NO_OID_SET;
+ (*min_stat) = 0;
+
+ return(GSS_S_BAD_MECH);
+
+ }
+ }
+
+ return(maj_stat);
+
+}
+
+
+
+/* sapgss_compare_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_compare_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name1, /* name1 */
+ gss_name_t in_name2, /* name2 */
+ int *out_are_equal /* name_equal */
+ )
+{
+ return( gss_compare_name( min_stat, in_name1, in_name2, out_are_equal ) );
+}
+
+
+
+/* sapgss_display_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ gss_OID *out_oid /* output_name_type */
+ )
+{
+ return( gss_display_name( min_stat, in_name, out_identity, out_oid ) );
+}
+
+
+
+/* sapgss_import_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_OID in_oid, /* input_name_type */
+ gss_name_t *out_name /* output_name */
+ )
+{
+ return( gss_import_name( min_stat, in_identity, in_oid, out_name ) );
+}
+
+
+
+/* sapgss_release_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t *in_name /* input_name */
+ )
+{
+ return( gss_release_name( min_stat, in_name ) );
+}
+
+
+
+/* sapgss_release_buffer() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_buffer(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_buffer /* buffer */
+ )
+{
+ return( gss_release_buffer( min_stat, in_buffer ) );
+}
+
+
+
+/* sapgss_release_oid_set() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_oid_set(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *in_oids /* set */
+ )
+{
+ return( gss_release_oid_set( min_stat, in_oids ) );
+}
+
+
+
+/* sapgss_inquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* cred_handle */
+ gss_name_t * out_name, /* name */
+ OM_uint32 * out_lifetime, /* lifetime */
+ gss_cred_usage_t * out_cred_usage, /* cred_usage */
+ gss_OID_set * out_mechs /* mechanisms */
+ )
+{
+ return( gss_inquire_cred( min_stat, in_cred, out_name,
+ out_lifetime, out_cred_usage, out_mechs ) );
+}
+
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* ********************/
+/******************* New fuctions for GSS-API v2 ********************/
+/******************* ********************/
+/**********************************************************************/
+/**********************************************************************/
+
+/*
+ * sapgss_add_cred()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ *
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_cred(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t input_cred_handle, /* input_cred_handle */
+ gss_name_t desired_name, /* desired_name */
+ gss_OID desired_mech, /* desired_mech */
+ gss_cred_usage_t cred_usage, /* cred_usage */
+ OM_uint32 initiator_time_req, /* initiator_time_req */
+ OM_uint32 acceptor_time_req, /* acceptor_time_req */
+ gss_cred_id_t FAR * output_cred_handle, /* output_cred_handle */
+ gss_OID_set FAR * actual_mechs, /* actual_mechs */
+ OM_uint32 FAR * initiator_time_rec, /* initiator_time_rec */
+ OM_uint32 FAR * acceptor_time_rec /* acceptor_time_rec */
+ )
+{
+ return( gss_add_cred( min_stat, input_cred_handle, desired_name,
+ desired_mech, cred_usage, initiator_time_req,
+ acceptor_time_req,
+ output_cred_handle, actual_mechs,
+ initiator_time_rec, acceptor_time_rec ) );
+}
+
+
+
+/*
+ * sapgss_inquire_cred_by_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred_by_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t cred_handle, /* cred_handle */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * name, /* name */
+ OM_uint32 FAR * initiator_lifetime, /* initiator_lifetime */
+ OM_uint32 FAR * acceptor_lifetime, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * cred_usage /* cred_usage */
+ )
+{
+ return( gss_inquire_cred_by_mech( min_stat, cred_handle, mech_type,
+ name, initiator_lifetime,
+ acceptor_lifetime, cred_usage ) );
+}
+
+
+
+/* sapgss_inquire_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_name_t *out_myname, /* initiator_name */
+ gss_name_t *out_peername, /* acceptor_name */
+ OM_uint32 *out_lifetime, /* lifetime_rec */
+ gss_OID *out_mech, /* mech_type */
+ OM_uint32 *out_service_opts, /* ctx_flags */
+ int *out_initiator, /* locally_initiated */
+ int *out_open /* open */
+ )
+{
+ return( gss_inquire_context( min_stat, in_context, out_myname,
+ out_peername, out_lifetime, out_mech,
+ out_service_opts, out_initiator, out_open) );
+}
+
+
+
+/*
+ * sapgss_wrap_size_limit()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap_size_limit(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t qop_req, /* qop_req */
+ OM_uint32 out_size, /* requested output size */
+ OM_uint32 * max_in_size /* maximum input size */
+ )
+{
+ return( gss_wrap_size_limit( min_stat, in_context, in_want_conf,
+ qop_req, out_size, max_in_size) );
+}
+
+
+
+/* sapgss_export_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t * in_ctx, /* context_handle */
+ gss_buffer_t out_buffer /* interprocess_token */
+ )
+{
+ return( gss_export_sec_context( min_stat, in_ctx, out_buffer ) );
+}
+
+
+
+/* sapgss_import_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_buffer, /* interprocess_token */
+ gss_ctx_id_t * out_ctx /* context_handle */
+ )
+{
+ return( gss_import_sec_context( min_stat, in_buffer, out_ctx ) );
+}
+
+
+
+/*
+ * sapgss_create_empty_oid_set()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_create_empty_oid_set(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_create_empty_oid_set( min_stat, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_add_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member_oid, /* member_oid */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_add_oid_set_member( min_stat, member_oid, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_test_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_test_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member, /* member */
+ gss_OID_set set, /* set */
+ int FAR * present /* present */
+ )
+{
+ return( gss_test_oid_set_member( min_stat, member, set, present ) );
+}
+
+
+
+/*
+ * sapgss_inquire_names_for_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_names_for_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID mech_oid, /* mechanism_oid */
+ gss_OID_set FAR * name_types /* name_types */
+ )
+{
+ return( gss_inquire_names_for_mech( min_stat, mech_oid, name_types ) );
+}
+
+
+
+/*
+ * sapgss_inquire_mechs_for_name()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_mechs_for_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID_set FAR * mech_set /* mechanism_oids */
+ )
+{
+ return( gss_inquire_mechs_for_name( min_stat, input_name, mech_set ) );
+}
+
+
+/* sapgss_canonicalize_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_canonicalize_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * output_name /* output_name */
+ )
+{
+ return( gss_canonicalize_name( min_stat, input_name,
+ mech_type, output_name ) );
+}
+
+
+/* sapgss_export_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_buffer_t output_name_blob /* output_name_blob */
+ )
+{
+ return( gss_export_name( min_stat, input_name, output_name_blob ) );
+}
+
+
+/*
+ * sapgss_duplicate_name()
+ *
+ * Status: Don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_duplicate_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t src_name, /* src_name */
+ gss_name_t FAR * dest_name /* dest_name */
+ )
+{
+ return( gss_duplicate_name( min_stat, src_name, dest_name ) );
+}
+
+
+/* end of sncntlm.c */
+
diff --git a/sncsecud.c b/sncsecud.c
new file mode 100644
index 0000000..f3cadf9
--- /dev/null
+++ b/sncsecud.c
@@ -0,0 +1,1060 @@
+static char * this_File = "sncsecud.c";
+static char * cvs_id =
+ "$Id: sncsecud.c,v 1.1.1.1 1999/08/24 14:36:22 d019080 Exp $";
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+
+
+/************************************************************************/
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/* */
+/* Configurable Parameters that describe the characteristics */
+/* of the security mechanism to which this adapter interfaces */
+/* To register a MECH_PREFIX or MECH_ID with SAP, */
+/* send a request via Email to <Martin.Rex@sap-ag.de> including */
+/* the following information: */
+/* - mechanism OID of gssapi mechanism */
+/* - gssapi mechanism name (for open protocol specs) */
+/* OR product name of proprietary gssapi mechanism */
+/* - default nametype OID */
+/* - proposed printable prefix (up to seven characters) */
+/* - Email address of technical contact */
+/* */
+/* In case you're implementing a published gssapi mechanism spec, */
+/* a SAPGSS_MECH_ID and SAPGSS_MECH_PREFIX may already be assigned. */
+/* You can check the "sncgss.h" Header file first. */
+/* */
+/* */
+/* ADAPTER_MECH_NAME Name of gssapi mechanism protocol */
+/* (for open protocol specifications) */
+/* OR name of a software product for */
+/* a proprietary gssapi mechanism */
+/* */
+/* ADAPTER_MECH_PREFIX (must REGISTER with SAP) */
+/* ASCII-string up to 7 chars to */
+/* identify the mechanism */
+/* */
+/* ADAPTER_MECH_ID (must REGISTER with SAP) */
+/* numeric constant taken from the */
+/* SAPGSS_MECH_ID enumerator in "sncgss.h" */
+/* */
+/* ADAPTER_MECHANISM_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the gssapi mechanism to which this */
+/* SNC-Adapter will be linked */
+/* */
+/* ADAPTER_NAMETYPE_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the default/canonical/native nametype*/
+/* of above gssapi mechanism */
+/* */
+/* ADAPTER_MAJOR_REVISION cosmetic, no functional purpose */
+/* ADAPTER_MINOR_REVISION cosmetic, no functional purpose */
+/* */
+/* ADAPTER_CONF_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message confidentiality protection */
+/* for all established security contexts */
+/* */
+/* ADAPTER_INTEG_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message integrity protection for all */
+/* established security contexts */
+/* */
+/* ADAPTER_MUTUAL_AUTH (0 or 1) REQUIRED */
+/* implemenation guarantees availability */
+/* of mutual authentication on security */
+/* contexts. Absence of mutual auth is */
+/* a serious security problem in */
+/* distributed applications */
+/* */
+/* ADAPTER_REPLAY_PROT (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of replay detection of protected */
+/* messages on all security contexts. */
+/* SAP R/3 process all messages on a */
+/* particular security context strictly */
+/* sequential, so it's acceptable */
+/* if replay detection is only available */
+/* in combination with sequence protection */
+/* */
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/************************************************************************/
+
+
+#define ADAPTER_MECH_NAME SAPGSS_SECUDE_NAME
+ /* Name of the gssapi mechanism or product */
+ /* that this SNC-Adapter interfaces to */
+ /* (less than 80 characters, please !!) */
+
+
+#define ADAPTER_MECH_PREFIX SAPGSS_SECUDE_PREFIX
+ /* Mech prefix for mechanism */
+ /* (register this prefix with SAP) */
+ /* Alphanumeric, must be <= 7 characters long */
+ /* This prefix may be used within SNC-Names */
+ /* i.e. "p/sapntlm:NTDomain\User" */
+
+
+#define ADAPTER_MECH_ID SAPGSS_ID_SECUDE
+ /* Mechanism identifier */
+ /* numeric (16-bit unsigned integer) */
+ /* used internally by SNC for tagging */
+ /* and to distinguish different gssapi mechs */
+
+
+ /* ASN.1 OID of the gssapi mechanism to which this */
+ /* SNC-Adapter is linked */
+#define ADAPTER_MECHANISM_OID SAPGSS_SECUDE_MECH_OID
+
+ /* ASN.1 OID of the default/canonical nametype that */
+ /* this gssapi mechanism will accept with gss_import_name() */
+ /* and emit with gss_display_name() for canonical names */
+#define ADAPTER_NAMETYPE_OID SAPGSS_SECUDE_CNAME_OID
+
+
+/*******************/
+/* 16-bit Integers */
+/*******************/
+#define ADAPTER_MAJOR_REVISION 1 /* indicates API changes */
+
+#define ADAPTER_MINOR_REVISION 0 /* indicates fixes or */
+ /* cosmetic changes */
+
+/*******************/
+/* BOOLEAN values */
+/*******************/
+#define ADAPTER_CONF_AVAIL 1 /* Confidentiality available */
+#define ADAPTER_INTEG_AVAIL 1 /* Integrity available */
+
+#define ADAPTER_MUTUAL_AUTH 1 /* supports mutual authentication */
+#define ADAPTER_REPLAY_PROT 1 /* supports message replay detection */
+
+
+/************************************************************************/
+/*>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/
+/************************************************************************/
+
+
+
+
+/* Some ANSI-C standard headers */
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/**********************************************************************/
+/* */
+/* Microsoft Windows DLL support */
+/* */
+/**********************************************************************/
+
+#ifdef _WIN32
+# include <windows.h>
+ BOOL APIENTRY
+ DllMain(HANDLE hInst, DWORD ul_reason_being_called, LPVOID lpReserved)
+ {
+ return 1;
+
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(ul_reason_being_called);
+ UNREFERENCED_PARAMETER(lpReserved);
+ }
+#else
+
+# if defined(_WINDOWS)
+# include <windows.h>
+# ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(x) ((x)=(x))
+# endif
+
+ BOOL CALLBACK
+ LibMain (HINSTANCE hInst, WORD wDataSeg, WORD cbHeap, LPSTR CmdLine)
+ {
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(wDataSeg);
+ UNREFERENCED_PARAMETER(cbHeap);
+ UNREFERENCED_PARAMETER(CmdLine);
+
+ return 1;
+ }
+
+ int CALLBACK __export
+ WEP(int nParam)
+ {
+ UNREFERENCED_PARAMETER(nParam);
+
+ return 1;
+ }
+# endif
+
+#endif
+
+/**********************************************************************/
+/* */
+/* Import interface */
+/* - include files of other projects */
+/* Declare gss_* function prototypes as __declspec(dllimport) */
+/* */
+/**********************************************************************/
+
+#include "platform.h"
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO IMPORT_DATA
+#define DLL_FUNC_DECO IMPORT_FUNCTION
+#include "gssapi_2.h"
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - header files of this project */
+/* Declare our sapgss_* function prototypes as __declspec(dllexport) */
+/* */
+/**********************************************************************/
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO EXPORT_DATA
+#define DLL_FUNC_DECO EXPORT_FUNCTION
+#include "sncgss.h"
+
+
+
+
+/************************************************************************/
+/* (27-jun-95) Martin Rex */
+/* With the following two macros one can convert macros into */
+/* string literals to include them in constant strings. */
+/* see ANSI-C, X3.159-1989 section 3.8.3.2 and example on pg. 93 */
+/************************************************************************/
+#define LITERAL_MACRO(x) # x
+#define XLITERAL_MACRO(x) LITERAL_MACRO(x)
+
+
+
+/****************************************************/
+/* we don't need to export/share OID data at the */
+/* shared library interface for SAP R/3, */
+/* and is not part of the draft-ietf-cat-wingss-... */
+/****************************************************/
+
+static gss_OID_desc oids[] = {
+ ADAPTER_NAMETYPE_OID, /* nametype OID for canonical printable name */
+ ADAPTER_MECHANISM_OID /* mechanism OID of the gssapi mechanism */
+};
+
+static gss_OID sapsnc_nt_canon_printable_name = &(oids[0]);
+static gss_OID sapsnc_mech_oid = &(oids[1]);
+
+#define SAPSNC_CANON_NAME_OID sapsnc_nt_canon_printable_name
+
+/**********************************************************************
+ * sapsnc_init_adapter():
+ *
+ * Description:
+ * This function must be called before other functions of the
+ * gss-api are used. It sets up all translation pointers
+ * exported by the gss-api.
+ *
+ * Parameters:
+ * p_info IN REF the structure referenced by this
+ * pointer (see sapgss.h) describes
+ * some characteristics of the security
+ * mechanism to which this adapter interfaces
+ *
+ * p_length IN Length of the structure supplied by the
+ * SNC-Layer.
+ * Initialization policy for future enhancements:
+ * * SNC-Layer zeroes out structure before calling.
+ * * future extensions must be appended to the
+ * existing structure only
+ * * Unknown structure elements will not be changed.
+ * * The Adapter must initialize only fields known
+ * to the calling SNC-layer
+ * (i.e. no elements past p_length)
+ *
+ * Returns:
+ * 0 Initialization o.k.
+ * -1 FAILURE -- something is definitely broken if this happens
+ **********************************************************************/
+OM_uint32 EXPORT_FUNCTION
+sapsnc_init_adapter( struct sapgss_info_s *p_info, size_t p_length,
+ int adapter_idx )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ if ( p_info==NULL || p_length<=SNCADAPT_BASIC_INFO_LEN ) {
+
+ /* At least we want to fill in the basic set of information */
+ return(1);
+
+ } else {
+
+ memset( p_info, 0, p_length );
+
+ p_info->major_rev = (int) ADAPTER_MAJOR_REVISION;
+ p_info->minor_rev = (int) ADAPTER_MINOR_REVISION;
+
+ p_info->adapter_name =
+ "External SNC-Adapter"
+ " (Rev " XLITERAL_MACRO(ADAPTER_MAJOR_REVISION)
+ "." XLITERAL_MACRO(ADAPTER_MINOR_REVISION) ") to "
+ ADAPTER_MECH_NAME;
+
+ p_info->mech_id = ADAPTER_MECH_ID;
+
+ p_info->nt_canonical_name = SAPSNC_CANON_NAME_OID;
+ p_info->nt_private_name1 = sapsnc_nt_canon_printable_name;
+ p_info->nt_private_name2 = (gss_OID_desc *)0;
+ p_info->nt_private_name3 = (gss_OID_desc *)0;
+ p_info->nt_private_name4 = (gss_OID_desc *)0;
+
+ p_info->integ_avail = ADAPTER_INTEG_AVAIL;
+ p_info->conf_avail = ADAPTER_CONF_AVAIL;
+ p_info->unused1 = 0; /* historic/expirmental, MUST be 0 */
+ p_info->export_sec_context = 1; /* required functionality, MUST be 1 */
+ p_info->mutual_auth = ADAPTER_MUTUAL_AUTH;
+ p_info->replay_prot = ADAPTER_REPLAY_PROT;
+
+ p_info->unused2 = 0; /* historic/experimental, MUST be 0 */
+
+ p_info->mech_prefix_string = ADAPTER_MECH_PREFIX;
+
+ if ( p_length>=SNCADAPT_INFO_LEN(mech_oid) ) {
+ p_info->mech_oid = sapsnc_mech_oid;
+ }
+
+ }
+
+ /* Initialize future elements only if the supplied structure is large */
+ /* enough, */
+ /* i.e. the calling SNC-layer is as recent or newer as the adapter */
+
+ return(0);
+
+} /* sapsnc_init_adapter() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapsnc_export_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+ UNREFERENCED_PARAMETER(in_name);
+
+ if ( out_identity!=NULL ) {
+ out_identity->length = 0;
+ out_identity->value = NULL;
+ }
+
+ if ( min_stat!=NULL )
+ (*min_stat) = 0;
+
+ return(GSS_S_FAILURE);
+
+} /* sapsnc_export_cname_blob() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+OM_uint32 EXPORT_FUNCTION
+sapsnc_import_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_name_t * out_name, /* output_name */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ return( gss_import_name( min_stat, in_identity,
+ (gss_OID)SAPSNC_CANON_NAME_OID, out_name ) );
+
+} /* sapsnc_import_cname_blob() */
+
+
+/*********************************************************************
+ *
+ * All functions following this comment are CALL ADAPTERS
+ * to the GSS-API functions.
+ *
+ *********************************************************************/
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* *******************/
+/******************* GSS-API v1 ( RFC 1508/1509 ) *******************/
+/******************* *******************/
+/**********************************************************************/
+/**********************************************************************/
+
+
+/* sapgss_acquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_acquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t my_gss_name, /* desired_name */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_OID_set in_mechs, /* desired_mechs */
+ gss_cred_usage_t in_cred_usage, /* cred_usage */
+ gss_cred_id_t * out_cred, /* output_cred_handle */
+ gss_OID_set * out_mechs, /* actual_mechs */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_acquire_cred( min_stat, my_gss_name, in_lifetime,
+ in_mechs, in_cred_usage,
+ out_cred, out_mechs, out_lifetime ) );
+}
+
+
+
+/* sapgss_release_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t * in_cred /* cred_handle */
+ )
+{
+ return( gss_release_cred( min_stat, in_cred ) );
+}
+
+
+
+/* sapgss_init_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_init_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* claimant_cred_handle */
+ gss_ctx_id_t * in_context, /* context_handle */
+ gss_name_t in_name, /* target_name */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 in_service_opts, /* req_flags */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_buffer_t in_token, /* input_token */
+ gss_OID * out_mech, /* actual_mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 * out_service_opts, /* ret_flags */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_init_sec_context( min_stat, in_cred, in_context, in_name,
+ in_mech, in_service_opts, in_lifetime,
+ in_channel_bind, in_token, out_mech,
+ out_token, out_service_opts, out_lifetime ) );
+}
+
+
+
+/* sapgss_accept_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_accept_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_cred_id_t in_cred, /* verifier_cred_handle */
+ gss_buffer_t in_token, /* input_token_buffer */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_name_t *peer_name, /* src_name */
+ gss_OID *out_mech, /* mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 *out_service_opts, /* ret_flags */
+ OM_uint32 *out_lifetime, /* time_rec */
+ gss_cred_id_t *out_cred /* delegated_cred_handle */
+ )
+{
+ return( gss_accept_sec_context( min_stat, in_context, in_cred, in_token,
+ in_channel_bind, peer_name, out_mech,
+ out_token, out_service_opts, out_lifetime,
+ out_cred ) );
+}
+
+
+
+/* sapgss_process_context_token() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_process_context_token(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token /* token_buffer */
+ )
+{
+ return( gss_process_context_token( min_stat, in_context, in_token ) );
+}
+
+
+
+/* sapgss_delete_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_delete_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_buffer_t out_token /* output_token */
+ )
+{
+ return( gss_delete_sec_context( min_stat, in_context, out_token ) );
+}
+
+
+
+/* sapgss_context_time() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_context_time(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_context_time( min_stat, in_context, out_lifetime ) );
+}
+
+
+
+/* sapgss_get_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_get_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t out_token /* message_token */
+ )
+{
+ return( gss_get_mic( min_stat, in_context, in_qop, in_msg, out_token ) );
+}
+
+
+
+/* sapgss_verify_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_verify_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t in_token, /* token_buffer */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_verify_mic( min_stat, in_context, in_msg, in_token, out_qop ) );
+}
+
+
+
+/* sapgss_wrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* input_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_buffer_t out_token /* output_message_buffer */
+ )
+{
+ return( gss_wrap( min_stat, in_context, in_want_conf,
+ in_qop, in_msg, out_is_conf, out_token ) );
+}
+
+
+
+/* sapgss_unwrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_unwrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token, /* input_message_buffer */
+ gss_buffer_t out_msg, /* output_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_unwrap( min_stat, in_context, in_token,
+ out_msg, out_is_conf, out_qop ) );
+}
+
+
+
+/* sapgss_display_status() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_status(
+ OM_uint32 *min_stat, /* minor_status */
+ OM_uint32 in_status, /* status_value */
+ int in_status_type, /* status_type */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 *out_more_text, /* message_context */
+ gss_buffer_t out_text /* status_string */
+ )
+{
+ return( gss_display_status( min_stat, in_status, in_status_type,
+ in_mech, out_more_text, out_text ) );
+}
+
+
+
+/*
+ * sapgss_indicate_mechs()
+ *
+ * IMPORTANT: This call MUST return the correct mech_OID
+ * for this implementation in the first position of the
+ * out_mechs OID array!
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_indicate_mechs(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *out_mechs /* mech_set */
+ )
+{
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat2;
+
+ maj_stat = gss_indicate_mechs( min_stat, out_mechs );
+
+ if ( maj_stat==GSS_S_COMPLETE ) {
+ if ( out_mechs==NULL
+ || (*out_mechs)==GSS_C_NO_OID_SET
+ || (*out_mechs)->count==0
+ || (*out_mechs)->elements==GSS_C_NO_OID
+ || ((*out_mechs)->elements[0]).length!=sapsnc_mech_oid->length
+ || memcmp( ((*out_mechs)->elements[0]).elements,
+ sapsnc_mech_oid->elements, sapsnc_mech_oid->length )!=0 ) {
+
+ (void)sapgss_release_oid_set( &min_stat2, out_mechs );
+
+ (*out_mechs) = GSS_C_NO_OID_SET;
+ (*min_stat) = 0;
+
+ return(GSS_S_BAD_MECH);
+
+ }
+ }
+
+ return(maj_stat);
+
+}
+
+
+
+/* sapgss_compare_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_compare_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name1, /* name1 */
+ gss_name_t in_name2, /* name2 */
+ int *out_are_equal /* name_equal */
+ )
+{
+ return( gss_compare_name( min_stat, in_name1, in_name2, out_are_equal ) );
+}
+
+
+
+/* sapgss_display_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ gss_OID *out_oid /* output_name_type */
+ )
+{
+ return( gss_display_name( min_stat, in_name, out_identity, out_oid ) );
+}
+
+
+
+/* sapgss_import_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_OID in_oid, /* input_name_type */
+ gss_name_t *out_name /* output_name */
+ )
+{
+ return( gss_import_name( min_stat, in_identity, in_oid, out_name ) );
+}
+
+
+
+/* sapgss_release_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t *in_name /* input_name */
+ )
+{
+ return( gss_release_name( min_stat, in_name ) );
+}
+
+
+
+/* sapgss_release_buffer() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_buffer(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_buffer /* buffer */
+ )
+{
+ return( gss_release_buffer( min_stat, in_buffer ) );
+}
+
+
+
+/* sapgss_release_oid_set() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_oid_set(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *in_oids /* set */
+ )
+{
+ return( gss_release_oid_set( min_stat, in_oids ) );
+}
+
+
+
+/* sapgss_inquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* cred_handle */
+ gss_name_t * out_name, /* name */
+ OM_uint32 * out_lifetime, /* lifetime */
+ gss_cred_usage_t * out_cred_usage, /* cred_usage */
+ gss_OID_set * out_mechs /* mechanisms */
+ )
+{
+ return( gss_inquire_cred( min_stat, in_cred, out_name,
+ out_lifetime, out_cred_usage, out_mechs ) );
+}
+
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* ********************/
+/******************* New fuctions for GSS-API v2 ********************/
+/******************* ********************/
+/**********************************************************************/
+/**********************************************************************/
+
+/*
+ * sapgss_add_cred()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ *
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_cred(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t input_cred_handle, /* input_cred_handle */
+ gss_name_t desired_name, /* desired_name */
+ gss_OID desired_mech, /* desired_mech */
+ gss_cred_usage_t cred_usage, /* cred_usage */
+ OM_uint32 initiator_time_req, /* initiator_time_req */
+ OM_uint32 acceptor_time_req, /* acceptor_time_req */
+ gss_cred_id_t FAR * output_cred_handle, /* output_cred_handle */
+ gss_OID_set FAR * actual_mechs, /* actual_mechs */
+ OM_uint32 FAR * initiator_time_rec, /* initiator_time_rec */
+ OM_uint32 FAR * acceptor_time_rec /* acceptor_time_rec */
+ )
+{
+ return( gss_add_cred( min_stat, input_cred_handle, desired_name,
+ desired_mech, cred_usage, initiator_time_req,
+ acceptor_time_req,
+ output_cred_handle, actual_mechs,
+ initiator_time_rec, acceptor_time_rec ) );
+}
+
+
+
+/*
+ * sapgss_inquire_cred_by_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred_by_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t cred_handle, /* cred_handle */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * name, /* name */
+ OM_uint32 FAR * initiator_lifetime, /* initiator_lifetime */
+ OM_uint32 FAR * acceptor_lifetime, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * cred_usage /* cred_usage */
+ )
+{
+ return( gss_inquire_cred_by_mech( min_stat, cred_handle, mech_type,
+ name, initiator_lifetime,
+ acceptor_lifetime, cred_usage ) );
+}
+
+
+
+/* sapgss_inquire_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_name_t *out_myname, /* initiator_name */
+ gss_name_t *out_peername, /* acceptor_name */
+ OM_uint32 *out_lifetime, /* lifetime_rec */
+ gss_OID *out_mech, /* mech_type */
+ OM_uint32 *out_service_opts, /* ctx_flags */
+ int *out_initiator, /* locally_initiated */
+ int *out_open /* open */
+ )
+{
+ return( gss_inquire_context( min_stat, in_context, out_myname,
+ out_peername, out_lifetime, out_mech,
+ out_service_opts, out_initiator, out_open) );
+}
+
+
+
+/*
+ * sapgss_wrap_size_limit()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap_size_limit(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t qop_req, /* qop_req */
+ OM_uint32 out_size, /* requested output size */
+ OM_uint32 * max_in_size /* maximum input size */
+ )
+{
+ return( gss_wrap_size_limit( min_stat, in_context, in_want_conf,
+ qop_req, out_size, max_in_size) );
+}
+
+
+
+/* sapgss_export_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t * in_ctx, /* context_handle */
+ gss_buffer_t out_buffer /* interprocess_token */
+ )
+{
+ return( gss_export_sec_context( min_stat, in_ctx, out_buffer ) );
+}
+
+
+
+/* sapgss_import_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_buffer, /* interprocess_token */
+ gss_ctx_id_t * out_ctx /* context_handle */
+ )
+{
+ return( gss_import_sec_context( min_stat, in_buffer, out_ctx ) );
+}
+
+
+
+/*
+ * sapgss_create_empty_oid_set()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_create_empty_oid_set(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_create_empty_oid_set( min_stat, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_add_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member_oid, /* member_oid */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_add_oid_set_member( min_stat, member_oid, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_test_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_test_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member, /* member */
+ gss_OID_set set, /* set */
+ int FAR * present /* present */
+ )
+{
+ return( gss_test_oid_set_member( min_stat, member, set, present ) );
+}
+
+
+
+/*
+ * sapgss_inquire_names_for_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_names_for_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID mech_oid, /* mechanism_oid */
+ gss_OID_set FAR * name_types /* name_types */
+ )
+{
+ return( gss_inquire_names_for_mech( min_stat, mech_oid, name_types ) );
+}
+
+
+
+/*
+ * sapgss_inquire_mechs_for_name()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_mechs_for_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID_set FAR * mech_set /* mechanism_oids */
+ )
+{
+ return( gss_inquire_mechs_for_name( min_stat, input_name, mech_set ) );
+}
+
+
+/* sapgss_canonicalize_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_canonicalize_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * output_name /* output_name */
+ )
+{
+ return( gss_canonicalize_name( min_stat, input_name,
+ mech_type, output_name ) );
+}
+
+
+/* sapgss_export_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_buffer_t output_name_blob /* output_name_blob */
+ )
+{
+ return( gss_export_name( min_stat, input_name, output_name_blob ) );
+}
+
+
+/*
+ * sapgss_duplicate_name()
+ *
+ * Status: Don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_duplicate_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t src_name, /* src_name */
+ gss_name_t FAR * dest_name /* dest_name */
+ )
+{
+ return( gss_duplicate_name( min_stat, src_name, dest_name ) );
+}
+
+
+/* end of sncsecud.c */
+
diff --git a/sncspkm1.c b/sncspkm1.c
new file mode 100644
index 0000000..e565b6d
--- /dev/null
+++ b/sncspkm1.c
@@ -0,0 +1,1060 @@
+static char * this_File = "sncspkm1.c";
+static char * cvs_id =
+ "$Id: sncspkm1.c,v 1.1.1.1 1999/08/24 14:36:21 d019080 Exp $";
+/*
+ * (C) Copyright 1999 SAP AG Walldorf
+ *
+ * SAP AG DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+ * EVENT SHALL SAP AG BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+ * OF THIS SOFTWARE.
+ */
+
+
+
+
+/************************************************************************/
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/* */
+/* Configurable Parameters that describe the characteristics */
+/* of the security mechanism to which this adapter interfaces */
+/* To register a MECH_PREFIX or MECH_ID with SAP, */
+/* send a request via Email to <Martin.Rex@sap-ag.de> including */
+/* the following information: */
+/* - mechanism OID of gssapi mechanism */
+/* - gssapi mechanism name (for open protocol specs) */
+/* OR product name of proprietary gssapi mechanism */
+/* - default nametype OID */
+/* - proposed printable prefix (up to seven characters) */
+/* - Email address of technical contact */
+/* */
+/* In case you're implementing a published gssapi mechanism spec, */
+/* a SAPGSS_MECH_ID and SAPGSS_MECH_PREFIX may already be assigned. */
+/* You can check the "sncgss.h" Header file first. */
+/* */
+/* */
+/* ADAPTER_MECH_NAME Name of gssapi mechanism protocol */
+/* (for open protocol specifications) */
+/* OR name of a software product for */
+/* a proprietary gssapi mechanism */
+/* */
+/* ADAPTER_MECH_PREFIX (must REGISTER with SAP) */
+/* ASCII-string up to 7 chars to */
+/* identify the mechanism */
+/* */
+/* ADAPTER_MECH_ID (must REGISTER with SAP) */
+/* numeric constant taken from the */
+/* SAPGSS_MECH_ID enumerator in "sncgss.h" */
+/* */
+/* ADAPTER_MECHANISM_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the gssapi mechanism to which this */
+/* SNC-Adapter will be linked */
+/* */
+/* ADAPTER_NAMETYPE_OID ASN.1 OID (written as gss_OID_desc) */
+/* of the default/canonical/native nametype*/
+/* of above gssapi mechanism */
+/* */
+/* ADAPTER_MAJOR_REVISION cosmetic, no functional purpose */
+/* ADAPTER_MINOR_REVISION cosmetic, no functional purpose */
+/* */
+/* ADAPTER_CONF_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message confidentiality protection */
+/* for all established security contexts */
+/* */
+/* ADAPTER_INTEG_AVAIL (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of message integrity protection for all */
+/* established security contexts */
+/* */
+/* ADAPTER_MUTUAL_AUTH (0 or 1) REQUIRED */
+/* implemenation guarantees availability */
+/* of mutual authentication on security */
+/* contexts. Absence of mutual auth is */
+/* a serious security problem in */
+/* distributed applications */
+/* */
+/* ADAPTER_REPLAY_PROT (0 or 1) REQUIRED */
+/* implementation guarantees availability */
+/* of replay detection of protected */
+/* messages on all security contexts. */
+/* SAP R/3 process all messages on a */
+/* particular security context strictly */
+/* sequential, so it's acceptable */
+/* if replay detection is only available */
+/* in combination with sequence protection */
+/* */
+/* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> */
+/************************************************************************/
+
+
+#define ADAPTER_MECH_NAME SAPGSS_SPKM1_NAME
+ /* Name of the gssapi mechanism or product */
+ /* that this SNC-Adapter interfaces to */
+ /* (less than 80 characters, please !!) */
+
+
+#define ADAPTER_MECH_PREFIX SAPGSS_SPKM1_PREFIX
+ /* Mech prefix for mechanism */
+ /* (register this prefix with SAP) */
+ /* Alphanumeric, must be <= 7 characters long */
+ /* This prefix may be used within SNC-Names */
+ /* i.e. "p/sapntlm:NTDomain\User" */
+
+
+#define ADAPTER_MECH_ID SAPGSS_ID_SPKM1
+ /* Mechanism identifier */
+ /* numeric (16-bit unsigned integer) */
+ /* used internally by SNC for tagging */
+ /* and to distinguish different gssapi mechs */
+
+
+ /* ASN.1 OID of the gssapi mechanism to which this */
+ /* SNC-Adapter is linked */
+#define ADAPTER_MECHANISM_OID SAPGSS_SPKM1_MECH_OID
+
+ /* ASN.1 OID of the default/canonical nametype that */
+ /* this gssapi mechanism will accept with gss_import_name() */
+ /* and emit with gss_display_name() for canonical names */
+#define ADAPTER_NAMETYPE_OID SAPGSS_SPKM1_CNAME_OID
+
+
+/*******************/
+/* 16-bit Integers */
+/*******************/
+#define ADAPTER_MAJOR_REVISION 1 /* indicates API changes */
+
+#define ADAPTER_MINOR_REVISION 0 /* indicates fixes or */
+ /* cosmetic changes */
+
+/*******************/
+/* BOOLEAN values */
+/*******************/
+#define ADAPTER_CONF_AVAIL 1 /* Confidentiality available */
+#define ADAPTER_INTEG_AVAIL 1 /* Integrity available */
+
+#define ADAPTER_MUTUAL_AUTH 1 /* supports mutual authentication */
+#define ADAPTER_REPLAY_PROT 1 /* supports message replay detection */
+
+
+/************************************************************************/
+/*>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/
+/************************************************************************/
+
+
+
+
+/* Some ANSI-C standard headers */
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/**********************************************************************/
+/* */
+/* Microsoft Windows DLL support */
+/* */
+/**********************************************************************/
+
+#ifdef _WIN32
+# include <windows.h>
+ BOOL APIENTRY
+ DllMain(HANDLE hInst, DWORD ul_reason_being_called, LPVOID lpReserved)
+ {
+ return 1;
+
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(ul_reason_being_called);
+ UNREFERENCED_PARAMETER(lpReserved);
+ }
+#else
+
+# if defined(_WINDOWS)
+# include <windows.h>
+# ifndef UNREFERENCED_PARAMETER
+# define UNREFERENCED_PARAMETER(x) ((x)=(x))
+# endif
+
+ BOOL CALLBACK
+ LibMain (HINSTANCE hInst, WORD wDataSeg, WORD cbHeap, LPSTR CmdLine)
+ {
+ UNREFERENCED_PARAMETER(hInst);
+ UNREFERENCED_PARAMETER(wDataSeg);
+ UNREFERENCED_PARAMETER(cbHeap);
+ UNREFERENCED_PARAMETER(CmdLine);
+
+ return 1;
+ }
+
+ int CALLBACK __export
+ WEP(int nParam)
+ {
+ UNREFERENCED_PARAMETER(nParam);
+
+ return 1;
+ }
+# endif
+
+#endif
+
+/**********************************************************************/
+/* */
+/* Import interface */
+/* - include files of other projects */
+/* Declare gss_* function prototypes as __declspec(dllimport) */
+/* */
+/**********************************************************************/
+
+#include "platform.h"
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO IMPORT_DATA
+#define DLL_FUNC_DECO IMPORT_FUNCTION
+#include "gssapi_2.h"
+
+/**********************************************************************/
+/* */
+/* Export interface */
+/* - header files of this project */
+/* Declare our sapgss_* function prototypes as __declspec(dllexport) */
+/* */
+/**********************************************************************/
+
+#undef DLL_DATA_DECO
+#undef DLL_FUNC_DECO
+#define DLL_DATA_DECO EXPORT_DATA
+#define DLL_FUNC_DECO EXPORT_FUNCTION
+#include "sncgss.h"
+
+
+
+
+/************************************************************************/
+/* (27-jun-95) Martin Rex */
+/* With the following two macros one can convert macros into */
+/* string literals to include them in constant strings. */
+/* see ANSI-C, X3.159-1989 section 3.8.3.2 and example on pg. 93 */
+/************************************************************************/
+#define LITERAL_MACRO(x) # x
+#define XLITERAL_MACRO(x) LITERAL_MACRO(x)
+
+
+
+/****************************************************/
+/* we don't need to export/share OID data at the */
+/* shared library interface for SAP R/3, */
+/* and is not part of the draft-ietf-cat-wingss-... */
+/****************************************************/
+
+static gss_OID_desc oids[] = {
+ ADAPTER_NAMETYPE_OID, /* nametype OID for canonical printable name */
+ ADAPTER_MECHANISM_OID /* mechanism OID of the gssapi mechanism */
+};
+
+static gss_OID sapsnc_nt_canon_printable_name = &(oids[0]);
+static gss_OID sapsnc_mech_oid = &(oids[1]);
+
+#define SAPSNC_CANON_NAME_OID sapsnc_nt_canon_printable_name
+
+/**********************************************************************
+ * sapsnc_init_adapter():
+ *
+ * Description:
+ * This function must be called before other functions of the
+ * gss-api are used. It sets up all translation pointers
+ * exported by the gss-api.
+ *
+ * Parameters:
+ * p_info IN REF the structure referenced by this
+ * pointer (see sapgss.h) describes
+ * some characteristics of the security
+ * mechanism to which this adapter interfaces
+ *
+ * p_length IN Length of the structure supplied by the
+ * SNC-Layer.
+ * Initialization policy for future enhancements:
+ * * SNC-Layer zeroes out structure before calling.
+ * * future extensions must be appended to the
+ * existing structure only
+ * * Unknown structure elements will not be changed.
+ * * The Adapter must initialize only fields known
+ * to the calling SNC-layer
+ * (i.e. no elements past p_length)
+ *
+ * Returns:
+ * 0 Initialization o.k.
+ * -1 FAILURE -- something is definitely broken if this happens
+ **********************************************************************/
+OM_uint32 EXPORT_FUNCTION
+sapsnc_init_adapter( struct sapgss_info_s *p_info, size_t p_length,
+ int adapter_idx )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ if ( p_info==NULL || p_length<=SNCADAPT_BASIC_INFO_LEN ) {
+
+ /* At least we want to fill in the basic set of information */
+ return(1);
+
+ } else {
+
+ memset( p_info, 0, p_length );
+
+ p_info->major_rev = (int) ADAPTER_MAJOR_REVISION;
+ p_info->minor_rev = (int) ADAPTER_MINOR_REVISION;
+
+ p_info->adapter_name =
+ "External SNC-Adapter"
+ " (Rev " XLITERAL_MACRO(ADAPTER_MAJOR_REVISION)
+ "." XLITERAL_MACRO(ADAPTER_MINOR_REVISION) ") to "
+ ADAPTER_MECH_NAME;
+
+ p_info->mech_id = ADAPTER_MECH_ID;
+
+ p_info->nt_canonical_name = SAPSNC_CANON_NAME_OID;
+ p_info->nt_private_name1 = sapsnc_nt_canon_printable_name;
+ p_info->nt_private_name2 = (gss_OID_desc *)0;
+ p_info->nt_private_name3 = (gss_OID_desc *)0;
+ p_info->nt_private_name4 = (gss_OID_desc *)0;
+
+ p_info->integ_avail = ADAPTER_INTEG_AVAIL;
+ p_info->conf_avail = ADAPTER_CONF_AVAIL;
+ p_info->unused1 = 0; /* historic/expirmental, MUST be 0 */
+ p_info->export_sec_context = 1; /* required functionality, MUST be 1 */
+ p_info->mutual_auth = ADAPTER_MUTUAL_AUTH;
+ p_info->replay_prot = ADAPTER_REPLAY_PROT;
+
+ p_info->unused2 = 0; /* historic/experimental, MUST be 0 */
+
+ p_info->mech_prefix_string = ADAPTER_MECH_PREFIX;
+
+ if ( p_length>=SNCADAPT_INFO_LEN(mech_oid) ) {
+ p_info->mech_oid = sapsnc_mech_oid;
+ }
+
+ }
+
+ /* Initialize future elements only if the supplied structure is large */
+ /* enough, */
+ /* i.e. the calling SNC-layer is as recent or newer as the adapter */
+
+ return(0);
+
+} /* sapsnc_init_adapter() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapsnc_export_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+ UNREFERENCED_PARAMETER(in_name);
+
+ if ( out_identity!=NULL ) {
+ out_identity->length = 0;
+ out_identity->value = NULL;
+ }
+
+ if ( min_stat!=NULL )
+ (*min_stat) = 0;
+
+ return(GSS_S_FAILURE);
+
+} /* sapsnc_export_cname_blob() */
+
+
+
+/*
+ * sapsnc_export_cname_blob()
+ *
+ * BETTER LEAVE THIS ALONE !!
+ *
+ * This call was a temporary intermediate before the two calls
+ * gss_canonicalize_name() and gss_export_name() were added
+ * to the GSS-API v2 spec.
+ *
+ * However it is still required for R/3 up to 3.1H components
+ * and for interoperability with those components or incomplete
+ * gssapi v2 implementations of (MIT) Kerberos 5 and SECUDE
+ */
+OM_uint32 EXPORT_FUNCTION
+sapsnc_import_cname_blob(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_name_t * out_name, /* output_name */
+ int adapter_idx
+ )
+{
+ UNREFERENCED_PARAMETER(adapter_idx);
+
+ return( gss_import_name( min_stat, in_identity,
+ (gss_OID)SAPSNC_CANON_NAME_OID, out_name ) );
+
+} /* sapsnc_import_cname_blob() */
+
+
+/*********************************************************************
+ *
+ * All functions following this comment are CALL ADAPTERS
+ * to the GSS-API functions.
+ *
+ *********************************************************************/
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* *******************/
+/******************* GSS-API v1 ( RFC 1508/1509 ) *******************/
+/******************* *******************/
+/**********************************************************************/
+/**********************************************************************/
+
+
+/* sapgss_acquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_acquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_name_t my_gss_name, /* desired_name */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_OID_set in_mechs, /* desired_mechs */
+ gss_cred_usage_t in_cred_usage, /* cred_usage */
+ gss_cred_id_t * out_cred, /* output_cred_handle */
+ gss_OID_set * out_mechs, /* actual_mechs */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_acquire_cred( min_stat, my_gss_name, in_lifetime,
+ in_mechs, in_cred_usage,
+ out_cred, out_mechs, out_lifetime ) );
+}
+
+
+
+/* sapgss_release_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t * in_cred /* cred_handle */
+ )
+{
+ return( gss_release_cred( min_stat, in_cred ) );
+}
+
+
+
+/* sapgss_init_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_init_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* claimant_cred_handle */
+ gss_ctx_id_t * in_context, /* context_handle */
+ gss_name_t in_name, /* target_name */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 in_service_opts, /* req_flags */
+ OM_uint32 in_lifetime, /* time_req */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_buffer_t in_token, /* input_token */
+ gss_OID * out_mech, /* actual_mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 * out_service_opts, /* ret_flags */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_init_sec_context( min_stat, in_cred, in_context, in_name,
+ in_mech, in_service_opts, in_lifetime,
+ in_channel_bind, in_token, out_mech,
+ out_token, out_service_opts, out_lifetime ) );
+}
+
+
+
+/* sapgss_accept_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_accept_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_cred_id_t in_cred, /* verifier_cred_handle */
+ gss_buffer_t in_token, /* input_token_buffer */
+ gss_channel_bindings_t
+ in_channel_bind, /* input_chan_bindings */
+ gss_name_t *peer_name, /* src_name */
+ gss_OID *out_mech, /* mech_type */
+ gss_buffer_t out_token, /* output_token */
+ OM_uint32 *out_service_opts, /* ret_flags */
+ OM_uint32 *out_lifetime, /* time_rec */
+ gss_cred_id_t *out_cred /* delegated_cred_handle */
+ )
+{
+ return( gss_accept_sec_context( min_stat, in_context, in_cred, in_token,
+ in_channel_bind, peer_name, out_mech,
+ out_token, out_service_opts, out_lifetime,
+ out_cred ) );
+}
+
+
+
+/* sapgss_process_context_token() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_process_context_token(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token /* token_buffer */
+ )
+{
+ return( gss_process_context_token( min_stat, in_context, in_token ) );
+}
+
+
+
+/* sapgss_delete_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_delete_sec_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t *in_context, /* context_handle */
+ gss_buffer_t out_token /* output_token */
+ )
+{
+ return( gss_delete_sec_context( min_stat, in_context, out_token ) );
+}
+
+
+
+/* sapgss_context_time() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_context_time(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ OM_uint32 * out_lifetime /* time_rec */
+ )
+{
+ return( gss_context_time( min_stat, in_context, out_lifetime ) );
+}
+
+
+
+/* sapgss_get_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_get_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t out_token /* message_token */
+ )
+{
+ return( gss_get_mic( min_stat, in_context, in_qop, in_msg, out_token ) );
+}
+
+
+
+/* sapgss_verify_mic() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_verify_mic(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_msg, /* message_buffer */
+ gss_buffer_t in_token, /* token_buffer */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_verify_mic( min_stat, in_context, in_msg, in_token, out_qop ) );
+}
+
+
+
+/* sapgss_wrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t in_qop, /* qop_req */
+ gss_buffer_t in_msg, /* input_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_buffer_t out_token /* output_message_buffer */
+ )
+{
+ return( gss_wrap( min_stat, in_context, in_want_conf,
+ in_qop, in_msg, out_is_conf, out_token ) );
+}
+
+
+
+/* sapgss_unwrap() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_unwrap(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_buffer_t in_token, /* input_message_buffer */
+ gss_buffer_t out_msg, /* output_message_buffer */
+ int * out_is_conf, /* conf_state */
+ gss_qop_t * out_qop /* qop_state */
+ )
+{
+ return( gss_unwrap( min_stat, in_context, in_token,
+ out_msg, out_is_conf, out_qop ) );
+}
+
+
+
+/* sapgss_display_status() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_status(
+ OM_uint32 *min_stat, /* minor_status */
+ OM_uint32 in_status, /* status_value */
+ int in_status_type, /* status_type */
+ gss_OID in_mech, /* mech_type */
+ OM_uint32 *out_more_text, /* message_context */
+ gss_buffer_t out_text /* status_string */
+ )
+{
+ return( gss_display_status( min_stat, in_status, in_status_type,
+ in_mech, out_more_text, out_text ) );
+}
+
+
+
+/*
+ * sapgss_indicate_mechs()
+ *
+ * IMPORTANT: This call MUST return the correct mech_OID
+ * for this implementation in the first position of the
+ * out_mechs OID array!
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_indicate_mechs(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *out_mechs /* mech_set */
+ )
+{
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat2;
+
+ maj_stat = gss_indicate_mechs( min_stat, out_mechs );
+
+ if ( maj_stat==GSS_S_COMPLETE ) {
+ if ( out_mechs==NULL
+ || (*out_mechs)==GSS_C_NO_OID_SET
+ || (*out_mechs)->count==0
+ || (*out_mechs)->elements==GSS_C_NO_OID
+ || ((*out_mechs)->elements[0]).length!=sapsnc_mech_oid->length
+ || memcmp( ((*out_mechs)->elements[0]).elements,
+ sapsnc_mech_oid->elements, sapsnc_mech_oid->length )!=0 ) {
+
+ (void)sapgss_release_oid_set( &min_stat2, out_mechs );
+
+ (*out_mechs) = GSS_C_NO_OID_SET;
+ (*min_stat) = 0;
+
+ return(GSS_S_BAD_MECH);
+
+ }
+ }
+
+ return(maj_stat);
+
+}
+
+
+
+/* sapgss_compare_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_compare_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name1, /* name1 */
+ gss_name_t in_name2, /* name2 */
+ int *out_are_equal /* name_equal */
+ )
+{
+ return( gss_compare_name( min_stat, in_name1, in_name2, out_are_equal ) );
+}
+
+
+
+/* sapgss_display_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_display_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t in_name, /* input_name */
+ gss_buffer_t out_identity, /* output_name_buffer */
+ gss_OID *out_oid /* output_name_type */
+ )
+{
+ return( gss_display_name( min_stat, in_name, out_identity, out_oid ) );
+}
+
+
+
+/* sapgss_import_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_identity, /* input_name_buffer */
+ gss_OID in_oid, /* input_name_type */
+ gss_name_t *out_name /* output_name */
+ )
+{
+ return( gss_import_name( min_stat, in_identity, in_oid, out_name ) );
+}
+
+
+
+/* sapgss_release_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_name(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_name_t *in_name /* input_name */
+ )
+{
+ return( gss_release_name( min_stat, in_name ) );
+}
+
+
+
+/* sapgss_release_buffer() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_buffer(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_buffer_t in_buffer /* buffer */
+ )
+{
+ return( gss_release_buffer( min_stat, in_buffer ) );
+}
+
+
+
+/* sapgss_release_oid_set() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_release_oid_set(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_OID_set *in_oids /* set */
+ )
+{
+ return( gss_release_oid_set( min_stat, in_oids ) );
+}
+
+
+
+/* sapgss_inquire_cred() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_cred_id_t in_cred, /* cred_handle */
+ gss_name_t * out_name, /* name */
+ OM_uint32 * out_lifetime, /* lifetime */
+ gss_cred_usage_t * out_cred_usage, /* cred_usage */
+ gss_OID_set * out_mechs /* mechanisms */
+ )
+{
+ return( gss_inquire_cred( min_stat, in_cred, out_name,
+ out_lifetime, out_cred_usage, out_mechs ) );
+}
+
+
+/**********************************************************************/
+/**********************************************************************/
+/******************* ********************/
+/******************* New fuctions for GSS-API v2 ********************/
+/******************* ********************/
+/**********************************************************************/
+/**********************************************************************/
+
+/*
+ * sapgss_add_cred()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ *
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_cred(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t input_cred_handle, /* input_cred_handle */
+ gss_name_t desired_name, /* desired_name */
+ gss_OID desired_mech, /* desired_mech */
+ gss_cred_usage_t cred_usage, /* cred_usage */
+ OM_uint32 initiator_time_req, /* initiator_time_req */
+ OM_uint32 acceptor_time_req, /* acceptor_time_req */
+ gss_cred_id_t FAR * output_cred_handle, /* output_cred_handle */
+ gss_OID_set FAR * actual_mechs, /* actual_mechs */
+ OM_uint32 FAR * initiator_time_rec, /* initiator_time_rec */
+ OM_uint32 FAR * acceptor_time_rec /* acceptor_time_rec */
+ )
+{
+ return( gss_add_cred( min_stat, input_cred_handle, desired_name,
+ desired_mech, cred_usage, initiator_time_req,
+ acceptor_time_req,
+ output_cred_handle, actual_mechs,
+ initiator_time_rec, acceptor_time_rec ) );
+}
+
+
+
+/*
+ * sapgss_inquire_cred_by_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_cred_by_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_cred_id_t cred_handle, /* cred_handle */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * name, /* name */
+ OM_uint32 FAR * initiator_lifetime, /* initiator_lifetime */
+ OM_uint32 FAR * acceptor_lifetime, /* acceptor_lifetime */
+ gss_cred_usage_t FAR * cred_usage /* cred_usage */
+ )
+{
+ return( gss_inquire_cred_by_mech( min_stat, cred_handle, mech_type,
+ name, initiator_lifetime,
+ acceptor_lifetime, cred_usage ) );
+}
+
+
+
+/* sapgss_inquire_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_context(
+ OM_uint32 *min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context_handle */
+ gss_name_t *out_myname, /* initiator_name */
+ gss_name_t *out_peername, /* acceptor_name */
+ OM_uint32 *out_lifetime, /* lifetime_rec */
+ gss_OID *out_mech, /* mech_type */
+ OM_uint32 *out_service_opts, /* ctx_flags */
+ int *out_initiator, /* locally_initiated */
+ int *out_open /* open */
+ )
+{
+ return( gss_inquire_context( min_stat, in_context, out_myname,
+ out_peername, out_lifetime, out_mech,
+ out_service_opts, out_initiator, out_open) );
+}
+
+
+
+/*
+ * sapgss_wrap_size_limit()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_wrap_size_limit(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t in_context, /* context handle */
+ int in_want_conf, /* conf_req_flag */
+ gss_qop_t qop_req, /* qop_req */
+ OM_uint32 out_size, /* requested output size */
+ OM_uint32 * max_in_size /* maximum input size */
+ )
+{
+ return( gss_wrap_size_limit( min_stat, in_context, in_want_conf,
+ qop_req, out_size, max_in_size) );
+}
+
+
+
+/* sapgss_export_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_ctx_id_t * in_ctx, /* context_handle */
+ gss_buffer_t out_buffer /* interprocess_token */
+ )
+{
+ return( gss_export_sec_context( min_stat, in_ctx, out_buffer ) );
+}
+
+
+
+/* sapgss_import_sec_context() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_import_sec_context(
+ OM_uint32 * min_stat, /* minor_status */
+ gss_buffer_t in_buffer, /* interprocess_token */
+ gss_ctx_id_t * out_ctx /* context_handle */
+ )
+{
+ return( gss_import_sec_context( min_stat, in_buffer, out_ctx ) );
+}
+
+
+
+/*
+ * sapgss_create_empty_oid_set()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_create_empty_oid_set(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_create_empty_oid_set( min_stat, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_add_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_add_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member_oid, /* member_oid */
+ gss_OID_set FAR * oid_set /* oid_set */
+ )
+{
+ return( gss_add_oid_set_member( min_stat, member_oid, oid_set ) );
+}
+
+
+
+/*
+ * sapgss_test_oid_set_member()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_test_oid_set_member(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID member, /* member */
+ gss_OID_set set, /* set */
+ int FAR * present /* present */
+ )
+{
+ return( gss_test_oid_set_member( min_stat, member, set, present ) );
+}
+
+
+
+/*
+ * sapgss_inquire_names_for_mech()
+ *
+ * Status: not used by SNC in R/3 release 3.x and 4.0
+ * this may change in future releases
+ */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_names_for_mech(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_OID mech_oid, /* mechanism_oid */
+ gss_OID_set FAR * name_types /* name_types */
+ )
+{
+ return( gss_inquire_names_for_mech( min_stat, mech_oid, name_types ) );
+}
+
+
+
+/*
+ * sapgss_inquire_mechs_for_name()
+ *
+ * Status: don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_inquire_mechs_for_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID_set FAR * mech_set /* mechanism_oids */
+ )
+{
+ return( gss_inquire_mechs_for_name( min_stat, input_name, mech_set ) );
+}
+
+
+/* sapgss_canonicalize_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_canonicalize_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_OID mech_type, /* mech_type */
+ gss_name_t FAR * output_name /* output_name */
+ )
+{
+ return( gss_canonicalize_name( min_stat, input_name,
+ mech_type, output_name ) );
+}
+
+
+/* sapgss_export_name() */
+
+OM_uint32 EXPORT_FUNCTION
+sapgss_export_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t input_name, /* input_name */
+ gss_buffer_t output_name_blob /* output_name_blob */
+ )
+{
+ return( gss_export_name( min_stat, input_name, output_name_blob ) );
+}
+
+
+/*
+ * sapgss_duplicate_name()
+ *
+ * Status: Don't care
+ */
+OM_uint32 EXPORT_FUNCTION
+sapgss_duplicate_name(
+ OM_uint32 FAR * min_stat, /* minor_status */
+ gss_name_t src_name, /* src_name */
+ gss_name_t FAR * dest_name /* dest_name */
+ )
+{
+ return( gss_duplicate_name( min_stat, src_name, dest_name ) );
+}
+
+
+/* end of sncspkm1.c */
+