1# /* contact Love Hörnquist Åstrand <lha@h5l.org> for new oid arcs */ 2 3# /* 4# * 1.2.752.43.13 Heimdal GSS-API Extentions 5# */ 6 7oid base GSS_KRB5_COPY_CCACHE_X 1.2.752.43.13.1 8oid base GSS_KRB5_GET_TKT_FLAGS_X 1.2.752.43.13.2 9oid base GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X 1.2.752.43.13.3 10oid base GSS_KRB5_COMPAT_DES3_MIC_X 1.2.752.43.13.4 11oid base GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X 1.2.752.43.13.5 12oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_X 1.2.752.43.13.6 13oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X 1.2.752.43.13.6.1 14oid base GSS_KRB5_SET_DNS_CANONICALIZE_X 1.2.752.43.13.7 15oid base GSS_KRB5_GET_SUBKEY_X 1.2.752.43.13.8 16oid base GSS_KRB5_GET_INITIATOR_SUBKEY_X 1.2.752.43.13.9 17oid base GSS_KRB5_GET_ACCEPTOR_SUBKEY_X 1.2.752.43.13.10 18oid base GSS_KRB5_SEND_TO_KDC_X 1.2.752.43.13.11 19oid base GSS_KRB5_GET_AUTHTIME_X 1.2.752.43.13.12 20oid base GSS_KRB5_GET_SERVICE_KEYBLOCK_X 1.2.752.43.13.13 21oid base GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X 1.2.752.43.13.14 22oid base GSS_KRB5_SET_DEFAULT_REALM_X 1.2.752.43.13.15 23oid base GSS_KRB5_CCACHE_NAME_X 1.2.752.43.13.16 24oid base GSS_KRB5_SET_TIME_OFFSET_X 1.2.752.43.13.17 25oid base GSS_KRB5_GET_TIME_OFFSET_X 1.2.752.43.13.18 26oid base GSS_KRB5_PLUGIN_REGISTER_X 1.2.752.43.13.19 27oid base GSS_NTLM_GET_SESSION_KEY_X 1.2.752.43.13.20 28oid base GSS_C_NT_NTLM 1.2.752.43.13.21 29oid base GSS_C_NT_DN 1.2.752.43.13.22 30oid base GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL 1.2.752.43.13.23 31oid base GSS_C_NTLM_GUEST 1.2.752.43.13.24 32oid base GSS_C_NTLM_V1 1.2.752.43.13.25 33oid base GSS_C_NTLM_V2 1.2.752.43.13.26 34oid base GSS_C_NTLM_SESSION_KEY 1.2.752.43.13.27 35oid base GSS_C_NTLM_FORCE_V1 1.2.752.43.13.28 36oid base GSS_KRB5_CRED_NO_CI_FLAGS_X 1.2.752.43.13.29 37oid base GSS_C_NT_UUID 1.2.752.43.13.30 38oid base GSS_C_NTLM_SUPPORT_CHANNELBINDINGS 1.2.752.43.13.31 39oid base GSS_C_NTLM_SUPPORT_LM2 1.2.752.43.13.32 40oid base GSS_KRB5_IMPORT_CRED_X 1.2.752.43.13.33 41# /* .34 was GSS_APPL_LKDC_SUPPORTED */ 42oid base GSS_C_NTLM_RESET_KEYS 1.2.752.43.13.35 43oid base GSS_C_CRED_DIAG 1.2.752.43.13.36 44oid base GSS_C_CRED_VALIDATE 1.2.752.43.13.37 45oid base GSS_C_CRED_SET_DEFAULT 1.2.752.43.13.38 46oid base GSS_C_CRED_GET_DEFAULT 1.2.752.43.13.39 47oid base GSS_C_CRED_RENEW 1.2.752.43.13.40 48 49# /* glue for gss_inquire_saslname_for_mech */ 50oid base GSS_C_MA_SASL_MECH_NAME 1.2.752.43.13.100 51oid base GSS_C_MA_MECH_NAME 1.2.752.43.13.101 52oid base GSS_C_MA_MECH_DESCRIPTION 1.2.752.43.13.102 53 54# /* credential types */ 55oid base GSS_C_CRED_PASSWORD 1.2.752.43.13.200 56oid base GSS_C_CRED_CERTIFICATE 1.2.752.43.13.201 57oid base GSS_C_CRED_SecIdentity 1.2.752.43.13.202 58oid base GSS_C_CRED_HEIMBASE 1.2.752.43.13.203 59 60#/* Heimdal mechanisms - 1.2.752.43.14 */ 61 62oid base GSS_SASL_DIGEST_MD5_MECHANISM 1.2.752.43.14.1 63oid base GSS_NETLOGON_MECHANISM 1.2.752.43.14.2 64oid base GSS_APPL_LKDC_SUPPORTED 1.2.752.43.14.3 65# /* GSS_NETLOGON_SET_.* should move to some other location */ 66oid base GSS_NETLOGON_SET_SESSION_KEY_X 1.2.752.43.14.3 67oid base GSS_NETLOGON_SET_SIGN_ALGORITHM_X 1.2.752.43.14.4 68oid base GSS_NETLOGON_NT_NETBIOS_DNS_NAME 1.2.752.43.14.5 69 70#/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X.128 */ 71oid base GSS_C_INQ_WIN2K_PAC_X 1.2.752.43.13.3.128 72oid base GSS_C_INQ_SSPI_SESSION_KEY 1.2.840.113554.1.2.2.5.5 73 74#/* 75# * "Standard" mechs 76# */ 77 78oid base GSS_KRB5_MECHANISM 1.2.840.113554.1.2.2 79oid base GSS_NTLM_MECHANISM 1.3.6.1.4.1.311.2.2.10 80oid base GSS_IAKERB_MECHANISM 1.3.6.1.5.2.5 81oid base GSS_PKU2U_MECHANISM 1.3.6.1.5.2.7 82oid base GSS_SPNEGO_MECHANISM 1.3.6.1.5.5.2 83oid base GSS_SCRAM_MECHANISM 1.3.6.1.5.5.14 84 85 86#/* 87# * GSS names 88# */ 89 90oid base GSS_C_NT_USER_NAME 1.2.840.113554.1.2.1.1 91oid base GSS_C_NT_MACHINE_UID_NAME 1.2.840.113554.1.2.1.2 92oid base GSS_C_NT_STRING_UID_NAME 1.2.840.113554.1.2.1.3 93oid base GSS_C_NT_HOSTBASED_SERVICE_X 1.3.6.1.5.6.2 94oid base GSS_C_NT_HOSTBASED_SERVICE 1.2.840.113554.1.2.1.4 95oid base GSS_C_NT_ANONYMOUS 1.3.6.1.5.6.3 96oid base GSS_C_NT_EXPORT_NAME 1.3.6.1.5.6.4 97oid base GSS_KRB5_NT_PRINCIPAL_NAME 1.2.840.113554.1.2.2.1 98oid base GSS_KRB5_NT_PRINCIPAL 1.2.840.113554.1.2.2.2 99 100# /* From Luke Howard */ 101 102oid base GSS_C_PEER_HAS_UPDATED_SPNEGO 1.3.6.1.4.1.9513.19.5 103 104#/* 105# * OID mappings with name and short description and and slightly longer description 106# */ 107 108desc mech GSS_KRB5_MECHANISM "Kerberos 5" "Heimdal Kerberos 5 mechanism" 109desc mech GSS_KRB5_MECHANISM "krb5" "Heimdal Kerberos 5 mechanism" 110desc mech GSS_NTLM_MECHANISM "NTLM" "Heimdal NTLM mechanism" 111desc mech GSS_SPNEGO_MECHANISM "SPNEGO" "Heimdal SPNEGO mechanism" 112desc mech GSS_IAKERB_MECHANISM "iakerb" "Heimdal IAKERB mechanism" 113desc mech GSS_PKU2U_MECHANISM "pku2u" "Heimdal PKU2U mechanism" 114 115desc ma GSS_C_MA_MECH_NAME "GSS mech name" "The name of the GSS-API mechanism" 116desc ma GSS_C_MA_SASL_MECH_NAME "SASL mechanism name" "The name of the SASL mechanism" 117desc ma GSS_C_MA_MECH_DESCRIPTION "Mech description" "The long description of the mechanism" 118 119#/* 120# * RFC5587 121# */ 122 123oid base GSS_C_MA_MECH_CONCRETE 1.3.6.1.5.5.13.1 124oid base GSS_C_MA_MECH_PSEUDO 1.3.6.1.5.5.13.2 125oid base GSS_C_MA_MECH_COMPOSITE 1.3.6.1.5.5.13.3 126oid base GSS_C_MA_MECH_NEGO 1.3.6.1.5.5.13.4 127oid base GSS_C_MA_MECH_GLUE 1.3.6.1.5.5.13.5 128oid base GSS_C_MA_NOT_MECH 1.3.6.1.5.5.13.6 129oid base GSS_C_MA_DEPRECATED 1.3.6.1.5.5.13.7 130oid base GSS_C_MA_NOT_DFLT_MECH 1.3.6.1.5.5.13.8 131oid base GSS_C_MA_ITOK_FRAMED 1.3.6.1.5.5.13.9 132oid base GSS_C_MA_AUTH_INIT 1.3.6.1.5.5.13.10 133oid base GSS_C_MA_AUTH_TARG 1.3.6.1.5.5.13.11 134oid base GSS_C_MA_AUTH_INIT_INIT 1.3.6.1.5.5.13.12 135oid base GSS_C_MA_AUTH_TARG_INIT 1.3.6.1.5.5.13.13 136oid base GSS_C_MA_AUTH_INIT_ANON 1.3.6.1.5.5.13.14 137oid base GSS_C_MA_AUTH_TARG_ANON 1.3.6.1.5.5.13.15 138oid base GSS_C_MA_DELEG_CRED 1.3.6.1.5.5.13.16 139oid base GSS_C_MA_INTEG_PROT 1.3.6.1.5.5.13.17 140oid base GSS_C_MA_CONF_PROT 1.3.6.1.5.5.13.18 141oid base GSS_C_MA_MIC 1.3.6.1.5.5.13.19 142oid base GSS_C_MA_WRAP 1.3.6.1.5.5.13.20 143oid base GSS_C_MA_PROT_READY 1.3.6.1.5.5.13.21 144oid base GSS_C_MA_REPLAY_DET 1.3.6.1.5.5.13.22 145oid base GSS_C_MA_OOS_DET 1.3.6.1.5.5.13.23 146oid base GSS_C_MA_CBINDINGS 1.3.6.1.5.5.13.24 147oid base GSS_C_MA_PFS 1.3.6.1.5.5.13.25 148oid base GSS_C_MA_COMPRESS 1.3.6.1.5.5.13.26 149oid base GSS_C_MA_CTX_TRANS 1.3.6.1.5.5.13.27 150 151desc ma GSS_C_MA_MECH_CONCRETE "concrete-mech" "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism" 152desc ma GSS_C_MA_MECH_PSEUDO "pseudo-mech" "" 153desc ma GSS_C_MA_MECH_COMPOSITE "composite-mech" "" 154desc ma GSS_C_MA_MECH_NEGO "mech-negotiation-mech" "" 155desc ma GSS_C_MA_MECH_GLUE "mech-glue" "" 156desc ma GSS_C_MA_NOT_MECH "not-mech" "" 157desc ma GSS_C_MA_DEPRECATED "mech-deprecated" "" 158desc ma GSS_C_MA_NOT_DFLT_MECH "mech-not-default" "" 159desc ma GSS_C_MA_ITOK_FRAMED "initial-is-framed" "" 160desc ma GSS_C_MA_AUTH_INIT "auth-init-princ" "" 161desc ma GSS_C_MA_AUTH_TARG "auth-targ-princ" "" 162desc ma GSS_C_MA_AUTH_INIT_INIT "auth-init-princ-initial" "" 163desc ma GSS_C_MA_AUTH_TARG_INIT "auth-targ-princ-initial" "" 164desc ma GSS_C_MA_AUTH_INIT_ANON "auth-init-princ-anon" "" 165desc ma GSS_C_MA_AUTH_TARG_ANON "auth-targ-princ-anon" "" 166desc ma GSS_C_MA_DELEG_CRED "deleg-cred" "" 167desc ma GSS_C_MA_INTEG_PROT "integ-prot" "" 168desc ma GSS_C_MA_CONF_PROT "conf-prot" "" 169desc ma GSS_C_MA_MIC "mic" "" 170desc ma GSS_C_MA_WRAP "wrap" "" 171desc ma GSS_C_MA_PROT_READY "prot-ready" "" 172desc ma GSS_C_MA_REPLAY_DET "replay-detection" "" 173desc ma GSS_C_MA_OOS_DET "oos-detection" "" 174desc ma GSS_C_MA_CBINDINGS "channel-bindings" "" 175desc ma GSS_C_MA_PFS "pfs" "" 176desc ma GSS_C_MA_COMPRESS "compress" "" 177desc ma GSS_C_MA_CTX_TRANS "context-transfer" "" 178