jothidam.tv - c99shell

!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!
Software: Apache. PHP/7.3.33 uname -a: Linux web25.us.cloudlogin.co 5.10.237-xeon-hst #1 SMP Mon May 5 15:10:04 UTC 2025 x86_64 uid=233359(alpastrology) gid=888(tty) groups=888(tty),33(tape) Safe-mode: OFF (not secure) /usr/local/imap-2007e/src/osdep/nt/ drwxr-xr-x Free 6181.89 GB of 6263.09 GB (98.7%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

/* ========================================================================
 * Copyright 1988-2006 University of Washington
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * 
 * ========================================================================
 */

/*
 * Program:    GSSAPI Kerberos Shim 5 for Windows 2000/XP IMAP Toolkit
 *
 * Author:    Mark Crispin
 *        Networks and Distributed Computing
 *        Computing & Communications
 *        University of Washington
 *        Administration Building, AG-44
 *        Seattle, WA  98195
 *        Internet: MRC@CAC.Washington.EDU
 *
 * Date:    6 March 2000
 * Last Edited:    30 August 2006
 */

/*  The purpose of this module is to be a shim, so that the auth_gss.c module
 * (written for MIT Kerberos) will compile, link, and run with SSPI Kerberos
 * on Windows 2000 systems.
 *  There is no attempt whatsoever to make this be a complete implementation
 * of GSSAPI.  A number of shortcuts were taken that a real GSSAPI
 * implementation for SSPI can't do.
 *  Nor is there any attempt to make the types identical with MIT Kerberos;
 * you can't link this library with object files compiled with the MIT
 * Kerberos .h files.
 */


/* GSSAPI generic definitions */


#define SECURITY_WIN32
#include <security.h>


/* GSSAPI types for which we use SSPI equivalent types */

typedef ULONG OM_uint32;
typedef PCredHandle gss_cred_id_t;
typedef ULONG gss_cred_usage_t;
typedef PCtxtHandle gss_ctx_id_t;
typedef SEC_CHAR * gss_name_t;
typedef ULONG gss_qop_t;


/* Major status codes */

#define GSS_S_COMPLETE SEC_E_OK
#define GSS_S_BAD_MECH SEC_E_SECPKG_NOT_FOUND
#define GSS_S_CONTINUE_NEEDED SEC_I_CONTINUE_NEEDED
#define GSS_S_CREDENTIALS_EXPIRED SEC_E_CERT_EXPIRED
#define GSS_S_FAILURE SEC_E_INTERNAL_ERROR
#define GSS_S_NO_CRED SEC_E_NO_CREDENTIALS
#define GSS_S_NO_CONTEXT SEC_E_INVALID_HANDLE


/* Flag bits for context-level services */

#define GSS_C_DELEG_FLAG ISC_REQ_DELEGATE
#define GSS_C_MUTUAL_FLAG ISC_REQ_MUTUAL_AUTH
#define GSS_C_REPLAY_FLAG ISC_REQ_REPLAY_DETECT
#define GSS_C_SEQUENCE_FLAG ISC_REQ_SEQUENCE_DETECT
#define GSS_C_CONF_FLAG ISC_REQ_CONFIDENTIALITY
#define GSS_C_INTEG_FLAG ISC_REQ_INTEGRITY


/* Credential usage options */

#define GSS_C_BOTH SECPKG_CRED_BOTH
#define GSS_C_INITIATE SECPKG_CRED_OUTBOUND
#define GSS_C_ACCEPT SECPKG_CRED_INBOUND


/* Major status codes defined by shim */

#define GSS_S_BAD_BINDINGS 100
#define GSS_S_BAD_NAME 101
#define GSS_S_BAD_NAMETYPE 102
#define GSS_S_BAD_STATUS 103

/* GSSAPI types as used in GSSAPI */


/* Buffer */

typedef struct gss_buffer_desc_struct {
  size_t length;
  void *value;
} gss_buffer_desc,*gss_buffer_t;


/* Object identifier */

typedef struct gss_OID_desc_struct {
  OM_uint32 length;
  void *elements;
} gss_OID_desc,*gss_OID;

typedef struct gss_OID_set_desc_struct {
  size_t count;
  gss_OID elements;
} gss_OID_set_desc,*gss_OID_set;


/* Unused, but needed in prototypes */

typedef void * gss_channel_bindings_t;


/* Default constants */

#define GSS_C_EMPTY_BUFFER {0,NIL}
#define GSS_C_NO_BUFFER ((gss_buffer_t) NIL)
#define GSS_C_NO_OID ((gss_OID) NIL)
#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) NIL)
#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) NIL)
#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) NIL)
#define GSS_C_QOP_DEFAULT NIL


/* Status code types for gss_display_status */

#define GSS_C_GSS_CODE 1
#define GSS_C_MECH_CODE 2


/* GSSAPI constants */

const gss_OID gss_nt_service_name;
#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
const gss_OID gss_mech_krb5;
const gss_OID_set gss_mech_set_krb5;

/* GSSAPI prototypes */


OM_uint32 gss_accept_sec_context (OM_uint32 *minor_status,
                  gss_ctx_id_t *context_handle,
                  gss_cred_id_t acceptor_cred_handle,
                  gss_buffer_t input_token_buffer,
                  gss_channel_bindings_t input_chan_bindings,
                  gss_name_t *src_name,gss_OID *mech_type,
                  gss_buffer_t output_token,
                  OM_uint32 *ret_flags,OM_uint32 *time_rec,
                  gss_cred_id_t *delegated_cred_handle);
OM_uint32 gss_acquire_cred (OM_uint32 *minor_status,gss_name_t desired_name,
                OM_uint32 time_req,gss_OID_set desired_mechs,
                gss_cred_usage_t cred_usage,
                gss_cred_id_t *output_cred_handle,
                gss_OID_set *actual_mechs,OM_uint32 *time_rec);
OM_uint32 gss_delete_sec_context (OM_uint32 *minor_status,
                  gss_ctx_id_t *context_handle,
                  gss_buffer_t output_token);
OM_uint32 gss_display_name (OM_uint32 *minor_status,gss_name_t input_name,
                gss_buffer_t output_name_buffer,
                gss_OID *output_name_type);
OM_uint32 gss_display_status (OM_uint32 *minor_status,OM_uint32 status_value,
                  int status_type,gss_OID mech_type,
                  OM_uint32 *message_context,
                  gss_buffer_t status_string);
OM_uint32 gss_import_name (OM_uint32 *minor_status,
               gss_buffer_t input_name_buffer,
               gss_OID input_name_type,gss_name_t *output_name);
OM_uint32 gss_init_sec_context (OM_uint32 *minor_status,
                gss_cred_id_t claimant_cred_handle,
                gss_ctx_id_t *context_handle,
                gss_name_t target_name,gss_OID mech_type,
                OM_uint32 req_flags,OM_uint32 time_req,
                gss_channel_bindings_t input_chan_bindings,
                gss_buffer_t input_token,
                gss_OID *actual_mech_type,
                gss_buffer_t output_token,OM_uint32 *ret_flags,
                OM_uint32 *time_rec);
OM_uint32 gss_release_buffer (OM_uint32 *minor_status,gss_buffer_t buffer);
OM_uint32 gss_release_cred (OM_uint32 *minor_status,gss_cred_id_t *cred_handle);
OM_uint32 gss_release_name (OM_uint32 *minor_status,gss_name_t *input_name);
OM_uint32 gss_wrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
            int conf_req_flag,gss_qop_t qop_req,
            gss_buffer_t input_message_buffer,int *conf_state,
            gss_buffer_t output_message_buffer);
OM_uint32 gss_unwrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
              gss_buffer_t input_message_buffer,
              gss_buffer_t output_message_buffer,int *conf_state,
              gss_qop_t *qop_state);

/* Kerberos definitions */

long kerberos_server_valid (void);
long kerberos_try_kinit (OM_uint32 error);
char *kerberos_login (char *user,char *authuser,int argc,char *argv[]);


#define STRING WINSTRING    /* conflict with mail.h */
#include <NTSecAPI.h>

/* GSSAPI build-in object identifiers */

static gss_OID_desc oids[] = {    /* stupid C language makes this necessary */
  {10,"\052\206\110\206\367\022\001\002\001\004"},
  {9,"\052\206\110\206\367\022\001\002\002"}
};

                /* stupid C language ditto */
static gss_OID_set_desc oidsets[] = {
  {1,(gss_OID) oids+1}
};

                /* these are the real OIDs */
const gss_OID gss_nt_service_name = oids+0;
const gss_OID gss_mech_krb5 = oids+1;
const gss_OID_set gss_mech_set_krb5 = oidsets+0;


/* Other globals */

                /* substitute for GSS_C_NO_CREDENTIAL */
static gss_cred_id_t gss_default_cred = NIL;

/* GSSAPI import name (convert to full service principal name)
 * Accepts: pointer to return minor status
 *        buffer containining input name
 *        type of input name
 *        pointer to return output internal name
 * Returns: major status, always
 */

OM_uint32 gss_import_name (OM_uint32 *minor_status,
               gss_buffer_t input_name_buffer,
               gss_OID input_name_type,gss_name_t *output_name)
{
  OM_uint32 major_status = GSS_S_COMPLETE;
  TimeStamp expiry;
  static CredHandle gss_cred;
  char *s,tmp[MAILTMPLEN];
  *minor_status = 0;        /* never any minor status */
  if (!gss_default_cred) {    /* default credentials set up yet? */
    if (AcquireCredentialsHandle/* no, acquire them now */
    (NIL,MICROSOFT_KERBEROS_NAME_A,SECPKG_CRED_OUTBOUND,NIL,NIL,NIL,NIL,
     &gss_cred,&expiry) != SEC_E_OK) return GSS_S_FAILURE;
                /* have default credentials now */
    gss_default_cred = &gss_cred;
  }
                /* must be the gss_nt_service_name format */
  if (input_name_type != gss_nt_service_name)
    major_status = GSS_S_BAD_NAMETYPE;
                /* name must be of sane length */
  else if (input_name_buffer->length > (MAILTMPLEN/2))
    major_status = GSS_S_BAD_NAME;
  else {            /* copy name */
    memcpy (tmp,input_name_buffer->value,input_name_buffer->length);
    tmp[input_name_buffer->length] = '\0';
    if (s = strchr (tmp,'@')) {    /* find service/host/delimiter */
      *s = '/';            /* convert to full service principal name */
      *output_name = cpystr (tmp);
    }
    else major_status = GSS_S_BAD_NAME;
  }
  return major_status;
}

/* GSSAPI Initialize security context
 * Accepts: pointer to return minor status
 *        claimant credential handle
 *        context (NIL means "none assigned yet")
 *        desired principal
 *        desired mechanisms
 *        required context attributes
 *        desired lifetime
 *        input channel bindings
 *        input token buffer
 *        pointer to return mechanism type
 *        buffer to return output token
 *        pointer to return flags
 *        pointer to return context lifetime
 * Returns: major status, always
 */

OM_uint32 gss_init_sec_context (OM_uint32 *minor_status,
                gss_cred_id_t claimant_cred_handle,
                gss_ctx_id_t *context_handle,
                gss_name_t target_name,gss_OID mech_type,
                OM_uint32 req_flags,OM_uint32 time_req,
                gss_channel_bindings_t input_chan_bindings,
                gss_buffer_t input_token,
                gss_OID *actual_mech_type,
                gss_buffer_t output_token,OM_uint32 *ret_flags,
                OM_uint32 *time_rec)
{
  OM_uint32 i;
  OM_uint32 major_status;
  TimeStamp expiry;
  SecBuffer ibuf[1],obuf[1];
  SecBufferDesc ibufs,obufs;
  *minor_status = 0;        /* never any minor status */
                /* error if non-default time requested */
  if (time_req) return GSS_S_FAILURE;
  if (mech_type && memcmp (mech_type,gss_mech_krb5,sizeof (gss_OID)))
    return GSS_S_BAD_MECH;
                /* ditto if any channel bindings */
  if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS)
    return GSS_S_BAD_BINDINGS;

                /* apply default credential if necessary */
  if (claimant_cred_handle == GSS_C_NO_CREDENTIAL)
    claimant_cred_handle = gss_default_cred;
                /* create output buffer storage as needed */
  req_flags |= ISC_REQ_ALLOCATE_MEMORY;
                /* make output buffer */
  obuf[0].BufferType = SECBUFFER_TOKEN;
  obuf[0].cbBuffer = 0; obuf[0].pvBuffer = NIL;
                /* output buffer descriptor */
  obufs.ulVersion = SECBUFFER_VERSION;
  obufs.cBuffers = 1;
  obufs.pBuffers = obuf;
                /* first time caller? */
  if (*context_handle == GSS_C_NO_CONTEXT) {
                /* yes, set up output context handle */
    PCtxtHandle ctx = (PCtxtHandle) fs_get (sizeof (CtxtHandle));
    major_status = InitializeSecurityContext (claimant_cred_handle,NIL,
                          target_name,req_flags,0,
                          SECURITY_NETWORK_DREP,NIL,0,ctx,
                          &obufs,
                          ret_flags ? ret_flags : &i,
                          &expiry);
    *context_handle = ctx;    /* return updated context */
  }
  else {            /* no, make SSPI buffer from GSSAPI buffer */
    ibuf[0].BufferType = obuf[0].BufferType = SECBUFFER_TOKEN;
    ibuf[0].cbBuffer = input_token->length;
    ibuf[0].pvBuffer = input_token->value;
                /* input buffer descriptor */
    ibufs.ulVersion = SECBUFFER_VERSION;
    ibufs.cBuffers = 1;
    ibufs.pBuffers = ibuf;
    major_status = InitializeSecurityContext (claimant_cred_handle,
                          *context_handle,target_name,
                          req_flags,0,
                          SECURITY_NETWORK_DREP,&ibufs,0,
                          *context_handle,&obufs,
                          ret_flags ? ret_flags : &i,
                          &expiry);
  }
                /* return output */
  output_token->value = obuf[0].pvBuffer;
  output_token->length = obuf[0].cbBuffer;
                /* in case client wanted lifetime returned */
  if (time_rec) *time_rec = expiry.LowPart;
  return major_status;
}

/* GSSAPI display status text
 * Accepts: pointer to return minor status
 *        status to display
 *        status type
 *        message context for continuation
 *        buffer to write status string
 * Returns: major status, always
 */

OM_uint32 gss_display_status (OM_uint32 *minor_status,OM_uint32 status_value,
                  int status_type,gss_OID mech_type,
                  OM_uint32 *message_context,
                  gss_buffer_t status_string)
{
  char *s,tmp[MAILTMPLEN];
  *minor_status = 0;        /* never any minor status */
  if (*message_context) return GSS_S_FAILURE;
  switch (status_type) {    /* what type of status code? */
  case GSS_C_GSS_CODE:        /* major_status */
    switch (status_value) {    /* analyze status value */
    case GSS_S_FAILURE:
      s = "Unspecified failure"; break;
    case GSS_S_CREDENTIALS_EXPIRED:
      s = "Credentials expired"; break;
    case GSS_S_BAD_BINDINGS:
      s = "Bad bindings"; break;
    case GSS_S_BAD_MECH:
      s = "Bad mechanism type"; break;
    case GSS_S_BAD_NAME:
      s = "Bad name"; break;
    case GSS_S_BAD_NAMETYPE:
      s = "Bad name type"; break;
    case GSS_S_BAD_STATUS:
      s = "Bad status"; break;
    case GSS_S_NO_CONTEXT:
      s = "Invalid context handle"; break;
    case GSS_S_NO_CRED:
      s = "Unable to authenticate to Kerberos service";
      mail_parameters (NIL,DISABLE_AUTHENTICATOR,"GSSAPI");
      break;
    case SEC_E_NO_AUTHENTICATING_AUTHORITY:
      s = "No authenticating authority"; break;
    case SEC_E_TARGET_UNKNOWN:
      s = "Destination server unknown to Kerberos service"; break;
    default:
      sprintf (s = tmp,"SSPI code %lx",status_value);
    }
    break;
  case GSS_C_MECH_CODE:        /* minor status - drop into default */
  default:
    return GSS_S_BAD_STATUS;    /* bad status type */
  }
                /* return status string */
  status_string->length = strlen (status_string->value = cpystr (s));
  return GSS_S_COMPLETE;
}

/* GSSAPI delete security context
 * Accepts: pointer to return minor status
 *        context to delete
 *        output context token
 * Returns: major status, always
 */

OM_uint32 gss_delete_sec_context (OM_uint32 *minor_status,
                  gss_ctx_id_t *context_handle,
                  gss_buffer_t output_token)
{
  OM_uint32 major_status;
  *minor_status = 0;        /* never any minor status */
                /* output token not supported */
  major_status = output_token ? GSS_S_FAILURE :
    DeleteSecurityContext (*context_handle);
  fs_give ((void **) context_handle);
  return major_status;
}


/* GSSAPI release buffer
 * Accepts: pointer to return minor status
 *        buffer to release
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_buffer (OM_uint32 *minor_status,gss_buffer_t buffer)
{
  *minor_status = 0;        /* never any minor status */
  fs_give (&buffer->value);
  return GSS_S_COMPLETE;
}


/* GSSAPI release name
 * Accepts: pointer to return minor status
 *        pointer to name to release
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_name (OM_uint32 *minor_status,gss_name_t *input_name)
{
  *minor_status = 0;        /* never any minor status */
  fs_give (input_name);
  return GSS_S_COMPLETE;
}

/* GSSAPI wrap data
 * Accepts: pointer to return minor status
 *        context handle
 *        requested confidentiality
 *        requested quality of protection
 *        input message buffer
 *        pointer to return confidentiality state
 *        output message buffer
 * Returns: major status, always
 */

OM_uint32 gss_wrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
            int conf_req_flag,gss_qop_t qop_req,
            gss_buffer_t input_message_buffer,int *conf_state,
            gss_buffer_t output_message_buffer)
{
  OM_uint32 major_status;
  SecBuffer buf[3];
  SecBufferDesc bufs;
  SecPkgContext_Sizes sizes;
  *minor_status = NIL;        /* never any minor status */
  *conf_state = conf_req_flag;    /* same as requested */
  if ((major_status =        /* get trailer and padding sizes */
       QueryContextAttributes (context_handle,SECPKG_ATTR_SIZES,&sizes)) ==
      SEC_E_OK) {
                /* create big enough output buffer */
    output_message_buffer->value =
      fs_get (sizes.cbSecurityTrailer + input_message_buffer->length +
          sizes.cbBlockSize);
    /* MSDN claims that for EncryptMessage() in Kerberos, you need an
     * uninitialized SECBUFFER_STREAM_HEADER; a SECBUFFER_DATA that "contains
     * the message to be encrypted.  The message is encrypted in place,
     * overwriting the original contents of its buffer"; an uninitialized
     * SECBUFFER_STREAM_TRAILER, and an uninitialized SECBUFFER_EMPTY.  I've
     * never been able to get it to work that way.
     */
    bufs.cBuffers = 3;        /* set up buffer descriptor */
    bufs.pBuffers = buf;
    bufs.ulVersion = SECBUFFER_VERSION;
    buf[0].BufferType = SECBUFFER_TOKEN;
    buf[0].pvBuffer = output_message_buffer->value;
    buf[0].cbBuffer = sizes.cbSecurityTrailer;
                /* I/O buffer */
    buf[1].BufferType = SECBUFFER_DATA;
    buf[1].pvBuffer = ((char *) buf[0].pvBuffer) + buf[0].cbBuffer;
    buf[1].cbBuffer = input_message_buffer->length;
    memcpy (buf[1].pvBuffer,input_message_buffer->value,buf[1].cbBuffer);
    buf[2].BufferType = SECBUFFER_PADDING;
    buf[2].pvBuffer = ((char *) buf[1].pvBuffer) + buf[1].cbBuffer;
    buf[2].cbBuffer = sizes.cbBlockSize;
    if ((major_status = EncryptMessage (context_handle,qop_req,&bufs,0)) ==
    GSS_S_COMPLETE) {
                /* slide data as necessary (how annoying!) */
      unsigned long i = sizes.cbSecurityTrailer - buf[0].cbBuffer;
      if (i) buf[1].pvBuffer =
           memmove (((char *) buf[0].pvBuffer) + buf[0].cbBuffer,
            buf[1].pvBuffer,buf[1].cbBuffer);
      if (i += (input_message_buffer->length - buf[1].cbBuffer))
    buf[1].pvBuffer = memmove (((char *)buf[1].pvBuffer) + buf[1].cbBuffer,
           buf[2].pvBuffer,buf[2].cbBuffer);
      output_message_buffer->length = buf[0].cbBuffer + buf[1].cbBuffer +
    buf[2].cbBuffer;
    }
    else fs_give (&output_message_buffer->value);
  }
  return major_status;        /* return status */
}

/* GSSAPI unwrap data
 * Accepts: pointer to return minor status
 *        context handle
 *        input message buffer
 *        output message buffer
 *        pointer to return confidentiality state
 *        pointer to return quality of protection
 * Returns: major status, always
 */

OM_uint32 gss_unwrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
              gss_buffer_t input_message_buffer,
              gss_buffer_t output_message_buffer,int *conf_state,
              gss_qop_t *qop_state)
{
  OM_uint32 major_status;
  SecBuffer buf[2];
  SecBufferDesc bufs;
  *minor_status = NIL;        /* never any minor status */
  *conf_state = NIL;        /* or confidentiality state */
  /* MSDN implies that all that is needed for DecryptMessage() in Kerberos
   * is a single SECBUFFER_DATA which "contains the encrypted message.  The
   * encrypted message is decrypted in place, overwriting the original
   * contents of its buffer."  I've never been able to get it to work without
   * using a SECBUFFER_STREAM for input and an uninitialized SECBUFFER_DATA
   * for output.
   * It *does* overwrite the input buffer, but not at the same point; e.g.
   * with an input pointer of 0xa140a8 and size of 53, the output ends up
   * at 0xa140d5 and size of 4.
   */
  bufs.cBuffers = 2;        /* set up buffer descriptor */
  bufs.pBuffers = buf;
  bufs.ulVersion = SECBUFFER_VERSION;
                /* input buffer */
  buf[0].BufferType = SECBUFFER_STREAM;
  buf[0].pvBuffer = input_message_buffer->value;
  buf[0].cbBuffer = input_message_buffer->length;
                /* output buffer */
  buf[1].BufferType = SECBUFFER_DATA;
  buf[1].pvBuffer = NIL;
  buf[1].cbBuffer = 0;
                /* decrypt and copy to output buffer */
  if ((major_status = DecryptMessage (context_handle,&bufs,0,qop_state)) ==
      SEC_E_OK)
   memcpy (output_message_buffer->value = fs_get (buf[1].cbBuffer),
       buf[1].pvBuffer,output_message_buffer->length = buf[1].cbBuffer);
  return major_status;        /* return status */
}

/* From here on are server-only functions, currently unused */


/* GSSAPI acquire credentials
 * Accepts: pointer to return minor status
 *        desired principal
 *        desired lifetime
 *        desired mechanisms
 *        credentials usage
 *        pointer to return credentials handle
 *        pointer to return mechanisms
 *        pointer to return lifetime
 * Returns: GSS_S_FAILURE, always
 */

OM_uint32 gss_acquire_cred (OM_uint32 *minor_status,gss_name_t desired_name,
                OM_uint32 time_req,gss_OID_set desired_mechs,
                gss_cred_usage_t cred_usage,
                gss_cred_id_t *output_cred_handle,
                gss_OID_set *actual_mechs,OM_uint32 *time_rec)
{
  *minor_status = 0;        /* never any minor status */
  return GSS_S_FAILURE;        /* server only */
}


/* GSSAPI release credentials
 * Accepts: pointer to return minor status
 *        credentials handle to free
 * Returns: GSS_S_COMPLETE, always
 */

OM_uint32 gss_release_cred (OM_uint32 *minor_status,gss_cred_id_t *cred_handle)
{
  *minor_status = 0;        /* never any minor status */
  return GSS_S_FAILURE;        /* server only */
}

/* GSSAPI Accept security context
 * Accepts: pointer to return minor status
 *        context
 *        acceptor credentials
 *        input token buffer
 *        input channel bindings
 *        pointer to return source name
 *        pointer to return mechanism type
 *        buffer to return output token
 *        pointer to return flags
 *        pointer to return context lifetime
 *        pointer to return delegated credentials
 * Returns: GSS_S_FAILURE, always
 */

OM_uint32 gss_accept_sec_context (OM_uint32 *minor_status,
                  gss_ctx_id_t *context_handle,
                  gss_cred_id_t acceptor_cred_handle,
                  gss_buffer_t input_token_buffer,
                  gss_channel_bindings_t input_chan_bindings,
                  gss_name_t *src_name,gss_OID *mech_type,
                  gss_buffer_t output_token,
                  OM_uint32 *ret_flags,OM_uint32 *time_rec,
                  gss_cred_id_t *delegated_cred_handle)
{
  *minor_status = 0;        /* never any minor status */
  return GSS_S_FAILURE;        /* server only */
}


/* GSSAPI return printable name
 * Accepts: pointer to return minor status
 *        internal name
 *        buffer to return output name
 *        output name type
 * Returns: GSS_S_FAILURE, always
 */

OM_uint32 gss_display_name (OM_uint32 *minor_status,gss_name_t input_name,
                gss_buffer_t output_name_buffer,
                gss_OID *output_name_type)
{
  *minor_status = 0;        /* never any minor status */
  return GSS_S_FAILURE;        /* server only */
}

/* Kerberos server valid check
 * Returns: T if have keytab, NIL otherwise
 */

long kerberos_server_valid ()
{
  return NIL;
}


/* Kerberos check for missing or expired credentials
 * Returns: T if should suggest running kinit, NIL otherwise
 */

long kerberos_try_kinit (OM_uint32 error)
{
  return NIL;
}

/* Kerberos server log in
 * Accepts: authorization ID as user name
 *        authentication ID as Kerberos principal
 *        argument count
 *        argument vector
 * Returns: logged in user name if logged in, NIL otherwise
 */

char *kerberos_login (char *user,char *authuser,int argc,char *argv[])
{
  return NIL;
}
:: Command execute ::
Enter:	Select: