Rename internal preauth functions

author Greg Hudson <ghudson@mit.edu>

Sat, 27 Oct 2012 19:29:48 +0000 (15:29 -0400)

committer Greg Hudson <ghudson@mit.edu>

Wed, 19 Dec 2012 19:24:23 +0000 (14:24 -0500)
author Greg Hudson <ghudson@mit.edu>
Sat, 27 Oct 2012 19:29:48 +0000 (15:29 -0400)
committer Greg Hudson <ghudson@mit.edu>
Wed, 19 Dec 2012 19:24:23 +0000 (14:24 -0500)
diff --git a/src/include/k5-int.h b/src/include/k5-int.h

index 52d3602f643816ec878da72f6b8f15d7b2cc1509..ab82f644972f4b71e19b1bd9f1f5628a5833c1c9 100644 (file)
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1066,33 +1066,6 @@ krb5int_populate_gic_opt (krb5_context, krb5_get_init_creds_opt **,
                            krb5_preauthtype *pre_auth_types, krb5_creds *creds);
  
  
-krb5_error_code KRB5_CALLCONV
-krb5_do_preauth(krb5_context context, krb5_kdc_req *request,
-                krb5_data *encoded_request_body,
-                krb5_data *encoded_previous_request, krb5_pa_data **in_padata,
-                krb5_pa_data ***out_padata, krb5_prompter_fct prompter,
-                void *prompter_data, krb5_clpreauth_rock preauth_rock,
-                krb5_gic_opt_ext *opte, krb5_boolean *got_real_out);
-
-krb5_error_code KRB5_CALLCONV
-krb5_do_preauth_tryagain(krb5_context context, krb5_kdc_req *request,
-                         krb5_data *encoded_request_body,
-                         krb5_data *encoded_previous_request,
-                         krb5_pa_data **in_padata, krb5_pa_data ***out_padata,
-                         krb5_error *err_reply, krb5_pa_data **err_padata,
-                         krb5_prompter_fct prompter, void *prompter_data,
-                         krb5_clpreauth_rock preauth_rock,
-                         krb5_gic_opt_ext *opte);
-
-void KRB5_CALLCONV krb5_init_preauth_context(krb5_context);
-void KRB5_CALLCONV krb5_free_preauth_context(krb5_context);
-void KRB5_CALLCONV krb5_clear_preauth_context_use_counts(krb5_context);
-void KRB5_CALLCONV krb5_preauth_prepare_request(krb5_context,
-                                                krb5_gic_opt_ext *,
-                                                krb5_kdc_req *);
-void KRB5_CALLCONV krb5_preauth_request_context_init(krb5_context);
-void KRB5_CALLCONV krb5_preauth_request_context_fini(krb5_context);
-
  void KRB5_CALLCONV
  krb5_free_sam_challenge_2(krb5_context, krb5_sam_challenge_2 *);
  
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c

index bcfc22e5d1fd04608658e06ba361cfc991cbb325..377773e1c2dfef775df516cb0ff3b5ebeaf6cc8a 100644 (file)
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -685,7 +685,7 @@ restart_init_creds_loop(krb5_context context, krb5_init_creds_context ctx,
      if (code != 0)
          goto cleanup;
      ctx->preauth_rock.fast_state = ctx->fast_state;
-    krb5_preauth_request_context_init(context);
+    k5_preauth_request_context_init(context);
      if (ctx->outer_request_body) {
          krb5_free_data(context, ctx->outer_request_body);
          ctx->outer_request_body = NULL;
@@ -732,7 +732,7 @@ restart_init_creds_loop(krb5_context context, krb5_init_creds_context ctx,
              goto cleanup;
      }
      /* give the preauth plugins a chance to prep the request body */
-    krb5_preauth_prepare_request(context, ctx->opte, ctx->request);
+    k5_preauth_prepare_request(context, ctx->opte, ctx->request);
  
      /* Omit request start time in the common case.  MIT and Heimdal KDCs will
       * ignore it for non-postdated tickets anyway. */
@@ -1017,7 +1017,7 @@ krb5_init_creds_set_service(krb5_context context,
      free(ctx->in_tkt_service);
      ctx->in_tkt_service = s;
  
-    krb5_preauth_request_context_fini(context);
+    k5_preauth_request_context_fini(context);
      return restart_init_creds_loop(context, ctx, NULL);
  }
  
@@ -1263,17 +1263,11 @@ init_creds_step_request(krb5_context context,
  
      if (ctx->err_reply == NULL) {
          /* either our first attempt, or retrying after PREAUTH_NEEDED */
-        code = krb5_do_preauth(context,
-                               ctx->request,
-                               ctx->inner_request_body,
-                               ctx->encoded_previous_request,
-                               ctx->preauth_to_use,
-                               &ctx->request->padata,
-                               ctx->prompter,
-                               ctx->prompter_data,
-                               &ctx->preauth_rock,
-                               ctx->opte,
-                               &got_real);
+        code = k5_preauth(context, ctx->opte, &ctx->preauth_rock, ctx->request,
+                          ctx->inner_request_body,
+                          ctx->encoded_previous_request, ctx->preauth_to_use,
+                          ctx->prompter, ctx->prompter_data,
+                          &ctx->request->padata, &got_real);
          if (code == 0 && !got_real && ctx->preauth_required)
              code = KRB5_PREAUTH_FAILED;
          if (code != 0)
@@ -1284,18 +1278,13 @@ init_creds_step_request(krb5_context context,
               * Retry after an error other than PREAUTH_NEEDED,
               * using ctx->err_padata to figure out what to change.
               */
-            code = krb5_do_preauth_tryagain(context,
-                                            ctx->request,
-                                            ctx->inner_request_body,
-                                            ctx->encoded_previous_request,
-                                            ctx->preauth_to_use,
-                                            &ctx->request->padata,
-                                            ctx->err_reply,
-                                            ctx->err_padata,
-                                            ctx->prompter,
-                                            ctx->prompter_data,
-                                            &ctx->preauth_rock,
-                                            ctx->opte);
+            code = k5_preauth_tryagain(context, ctx->opte, &ctx->preauth_rock,
+                                       ctx->request, ctx->inner_request_body,
+                                       ctx->encoded_previous_request,
+                                       ctx->preauth_to_use, ctx->err_reply,
+                                       ctx->err_padata, ctx->prompter,
+                                       ctx->prompter_data,
+                                       &ctx->request->padata);
          } else {
              /* No preauth supplied, so can't query the plugins. */
              code = KRB5KRB_ERR_GENERIC;
@@ -1452,7 +1441,7 @@ init_creds_step_reply(krb5_context context,
              goto cleanup;
          if (negotiation_requests_restart(context, ctx, ctx->err_padata)) {
              ctx->have_restarted = 1;
-            krb5_preauth_request_context_fini(context);
+            k5_preauth_request_context_fini(context);
              if ((ctx->fast_state->fast_state_flags & KRB5INT_FAST_DO_FAST) ==0)
                  ctx->enc_pa_rep_permitted = 0;
              code = restart_init_creds_loop(context, ctx, ctx->err_padata);
@@ -1468,7 +1457,7 @@ init_creds_step_reply(krb5_context context,
              ctx->err_padata = NULL;
              note_req_timestamp(context, &ctx->preauth_rock,
                                 ctx->err_reply->stime, ctx->err_reply->susec);
-            /* this will trigger a new call to krb5_do_preauth() */
+            /* This will trigger a new call to k5_preauth(). */
              krb5_free_error(context, ctx->err_reply);
              ctx->err_reply = NULL;
              code = sort_krb5_padata_sequence(context,
@@ -1488,10 +1477,10 @@ init_creds_step_reply(krb5_context context,
              code = krb5int_copy_data_contents(context,
                                                &ctx->err_reply->client->realm,
                                                &ctx->request->client->realm);
-            /* this will trigger a new call to krb5_do_preauth() */
+            /* This will trigger a new call to k5_preauth(). */
              krb5_free_error(context, ctx->err_reply);
              ctx->err_reply = NULL;
-            krb5_preauth_request_context_fini(context);
+            k5_preauth_request_context_fini(context);
              /* Permit another negotiation based restart. */
              ctx->have_restarted = 0;
              ctx->sent_nontrivial_preauth = 0;
@@ -1521,7 +1510,7 @@ init_creds_step_reply(krb5_context context,
          goto cleanup;
  
      /* process any preauth data in the as_reply */
-    krb5_clear_preauth_context_use_counts(context);
+    k5_reset_preauth_types_tried(context);
      code = krb5int_fast_process_response(context, ctx->fast_state,
                                           ctx->reply, &strengthen_key);
      if (code != 0)
@@ -1543,17 +1532,10 @@ init_creds_step_reply(krb5_context context,
      ctx->allowed_preauth_type = KRB5_PADATA_NONE;
      ctx->preauth_rock.selected_preauth_type = NULL;
  
-    code = krb5_do_preauth(context,
-                           ctx->request,
-                           ctx->inner_request_body,
-                           ctx->encoded_previous_request,
-                           ctx->reply->padata,
-                           &kdc_padata,
-                           ctx->prompter,
-                           ctx->prompter_data,
-                           &ctx->preauth_rock,
-                           ctx->opte,
-                           &got_real);
+    code = k5_preauth(context, ctx->opte, &ctx->preauth_rock, ctx->request,
+                      ctx->inner_request_body, ctx->encoded_previous_request,
+                      ctx->reply->padata, ctx->prompter, ctx->prompter_data,
+                      &kdc_padata, &got_real);
      if (code != 0)
          goto cleanup;
  
@@ -1671,7 +1653,7 @@ init_creds_step_reply(krb5_context context,
          }
      }
  
-    krb5_preauth_request_context_fini(context);
+    k5_preauth_request_context_fini(context);
  
      /* success */
      code = 0;
diff --git a/src/lib/krb5/krb/int-proto.h b/src/lib/krb5/krb/int-proto.h

index a4529155177505d7066fdd2057324bd453c786a7..12bee33981a9b61b22ec63d378c0f6eed7cae50a 100644 (file)
--- a/src/lib/krb5/krb/int-proto.h
+++ b/src/lib/krb5/krb/int-proto.h
@@ -203,6 +203,40 @@ krb5_error_code
  k5_init_creds_get(krb5_context context, krb5_init_creds_context ctx,
                    int *use_master);
  
+krb5_error_code
+k5_preauth(krb5_context context, krb5_gic_opt_ext *opte,
+           krb5_clpreauth_rock rock, krb5_kdc_req *req,
+           krb5_data *req_body, krb5_data *prev_req, krb5_pa_data **in_padata,
+           krb5_prompter_fct prompter, void *prompter_data,
+           krb5_pa_data ***padata_out, krb5_boolean *got_real_out);
+
+krb5_error_code
+k5_preauth_tryagain(krb5_context context, krb5_gic_opt_ext *opte,
+                    krb5_clpreauth_rock rock, krb5_kdc_req *req,
+                    krb5_data *req_body, krb5_data *prev_req,
+                    krb5_pa_data **in_padata, krb5_error *err_reply,
+                    krb5_pa_data **err_padata, krb5_prompter_fct prompter,
+                    void *prompter_data, krb5_pa_data ***padata_out);
+
+void
+k5_init_preauth_context(krb5_context context);
+
+void
+k5_free_preauth_context(krb5_context context);
+
+void
+k5_reset_preauth_types_tried(krb5_context context);
+
+void
+k5_preauth_prepare_request(krb5_context context, krb5_gic_opt_ext *opte,
+                           krb5_kdc_req *request);
+
+void
+k5_preauth_request_context_init(krb5_context context);
+
+void
+k5_preauth_request_context_fini(krb5_context context);
+
  krb5_error_code
  k5_response_items_new(k5_response_items **ri_out);
  
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c

index d25a3a98e6ccfcd1746b3f6de2701bf7bcde3f6a..be560b2c46a5432363ccb0908126ebc37067a5ed 100644 (file)
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -88,8 +88,8 @@ find_module(clpreauth_handle *handles, krb5_preauthtype pa_type)
  }
  
  /* Initialize the preauth state for a krb5 context. */
-void KRB5_CALLCONV
-krb5_init_preauth_context(krb5_context kcontext)
+void
+k5_init_preauth_context(krb5_context context)
  {
      krb5_plugin_initvt_fn *modules = NULL, *mod;
      clpreauth_handle *list = NULL, h, h2;
@@ -97,25 +97,25 @@ krb5_init_preauth_context(krb5_context kcontext)
      krb5_preauthtype *tp;
  
      /* Only do this once for each krb5_context */
-    if (kcontext->preauth_context != NULL)
+    if (context->preauth_context != NULL)
          return;
  
      /* Auto-register built-in modules. */
-    k5_plugin_register_dyn(kcontext, PLUGIN_INTERFACE_CLPREAUTH, "pkinit",
+    k5_plugin_register_dyn(context, PLUGIN_INTERFACE_CLPREAUTH, "pkinit",
                             "preauth");
-    k5_plugin_register(kcontext, PLUGIN_INTERFACE_CLPREAUTH,
+    k5_plugin_register(context, PLUGIN_INTERFACE_CLPREAUTH,
                         "encrypted_challenge",
                         clpreauth_encrypted_challenge_initvt);
-    k5_plugin_register(kcontext, PLUGIN_INTERFACE_CLPREAUTH,
+    k5_plugin_register(context, PLUGIN_INTERFACE_CLPREAUTH,
                         "encrypted_timestamp",
                         clpreauth_encrypted_timestamp_initvt);
-    k5_plugin_register(kcontext, PLUGIN_INTERFACE_CLPREAUTH, "sam2",
+    k5_plugin_register(context, PLUGIN_INTERFACE_CLPREAUTH, "sam2",
                         clpreauth_sam2_initvt);
-    k5_plugin_register(kcontext, PLUGIN_INTERFACE_CLPREAUTH, "otp",
+    k5_plugin_register(context, PLUGIN_INTERFACE_CLPREAUTH, "otp",
                         clpreauth_otp_initvt);
  
      /* Get all available clpreauth vtables. */
-    if (k5_plugin_load_all(kcontext, PLUGIN_INTERFACE_CLPREAUTH, &modules))
+    if (k5_plugin_load_all(context, PLUGIN_INTERFACE_CLPREAUTH, &modules))
          return;
  
      /* Allocate a large enough list of handles. */
@@ -132,7 +132,7 @@ krb5_init_preauth_context(krb5_context kcontext)
              goto cleanup;
  
          /* Initialize the handle vtable. */
-        if ((*mod)(kcontext, 1, 1, (krb5_plugin_vtable)&h->vt) != 0) {
+        if ((*mod)(context, 1, 1, (krb5_plugin_vtable)&h->vt) != 0) {
              free(h);
              continue;
          }
@@ -141,7 +141,7 @@ krb5_init_preauth_context(krb5_context kcontext)
          for (tp = h->vt.pa_type_list; *tp != 0; tp++) {
              h2 = find_module(list, *tp);
              if (h2 != NULL) {
-                TRACE_PREAUTH_CONFLICT(kcontext, h->vt.name, h2->vt.name, *tp);
+                TRACE_PREAUTH_CONFLICT(context, h->vt.name, h2->vt.name, *tp);
                  break;
              }
          }
@@ -150,7 +150,7 @@ krb5_init_preauth_context(krb5_context kcontext)
  
          /* Initialize the module data. */
          h->data = NULL;
-        if (h->vt.init != NULL && h->vt.init(kcontext, &h->data) != 0) {
+        if (h->vt.init != NULL && h->vt.init(context, &h->data) != 0) {
              free(h);
              continue;
          }
@@ -160,23 +160,25 @@ krb5_init_preauth_context(krb5_context kcontext)
      list[count] = NULL;
  
      /* Place the constructed preauth context into the krb5 context. */
-    kcontext->preauth_context = malloc(sizeof(struct krb5_preauth_context_st));
-    if (kcontext->preauth_context == NULL)
+    context->preauth_context = malloc(sizeof(struct krb5_preauth_context_st));
+    if (context->preauth_context == NULL)
          goto cleanup;
-    kcontext->preauth_context->tried = NULL;
-    kcontext->preauth_context->handles = list;
+    context->preauth_context->tried = NULL;
+    context->preauth_context->handles = list;
      list = NULL;
  
  cleanup:
-    k5_plugin_free_modules(kcontext, modules);
-    free_handles(kcontext, list);
+    k5_plugin_free_modules(context, modules);
+    free_handles(context, list);
  }
  
-/* Zero the use counts for the modules herein.  Usually used before we
- * start processing any data from the server, at which point every module
- * will again be able to take a crack at whatever the server sent. */
-void KRB5_CALLCONV
-krb5_clear_preauth_context_use_counts(krb5_context context)
+/*
+ * Reset the memory of which preauth types we have already tried, because we
+ * are entering a new phase of padata processing (such as the padata in an
+ * AS-REP).
+ */
+void
+k5_reset_preauth_types_tried(krb5_context context)
  {
      struct krb5_preauth_context_st *pctx = context->preauth_context;
  
@@ -190,8 +192,8 @@ krb5_clear_preauth_context_use_counts(krb5_context context)
  /* Free the per-krb5_context preauth_context. This means clearing any
   * plugin-specific context which may have been created, and then
   * freeing the context itself. */
-void KRB5_CALLCONV
-krb5_free_preauth_context(krb5_context context)
+void
+k5_free_preauth_context(krb5_context context)
  {
      struct krb5_preauth_context_st *pctx = context->preauth_context;
  
@@ -205,19 +207,19 @@ krb5_free_preauth_context(krb5_context context)
  
  /* Initialize the per-AS-REQ context. This means calling the client_req_init
   * function to give the plugin a chance to allocate a per-request context. */
-void KRB5_CALLCONV
-krb5_preauth_request_context_init(krb5_context context)
+void
+k5_preauth_request_context_init(krb5_context context)
  {
      struct krb5_preauth_context_st *pctx = context->preauth_context;
      clpreauth_handle *hp, h;
  
      if (pctx == NULL) {
-        krb5_init_preauth_context(context);
+        k5_init_preauth_context(context);
          pctx = context->preauth_context;
          if (pctx == NULL)
              return;
      }
-    krb5_clear_preauth_context_use_counts(context);
+    k5_reset_preauth_types_tried(context);
      for (hp = pctx->handles; *hp != NULL; hp++) {
          h = *hp;
          if (h->vt.request_init != NULL)
@@ -227,8 +229,8 @@ krb5_preauth_request_context_init(krb5_context context)
  
  /* Free the per-AS-REQ context. This means clearing any request-specific
   * context which the plugin may have created. */
-void KRB5_CALLCONV
-krb5_preauth_request_context_fini(krb5_context context)
+void
+k5_preauth_request_context_fini(krb5_context context)
  {
      struct krb5_preauth_context_st *pctx = context->preauth_context;
      clpreauth_handle *hp, h;
@@ -489,12 +491,11 @@ static struct krb5_clpreauth_callbacks_st callbacks = {
  /* Tweak the request body, for now adding any enctypes which the module claims
   * to add support for to the list, but in the future perhaps doing more
   * involved things. */
-void KRB5_CALLCONV
-krb5_preauth_prepare_request(krb5_context kcontext,
-                             krb5_gic_opt_ext *opte,
-                             krb5_kdc_req *request)
+void
+k5_preauth_prepare_request(krb5_context context, krb5_gic_opt_ext *opte,
+                           krb5_kdc_req *req)
  {
-    struct krb5_preauth_context_st *pctx = kcontext->preauth_context;
+    struct krb5_preauth_context_st *pctx = context->preauth_context;
      clpreauth_handle *hp, h;
      krb5_enctype *ep;
  
@@ -508,7 +509,7 @@ krb5_preauth_prepare_request(krb5_context kcontext,
          if (h->vt.enctype_list == NULL)
              continue;
          for (ep = h->vt.enctype_list; *ep != ENCTYPE_NULL; ep++)
-            grow_ktypes(&request->ktype, &request->nktypes, *ep);
+            grow_ktypes(&req->ktype, &req->nktypes, *ep);
      }
  }
  
@@ -840,13 +841,13 @@ add_s4u_x509_user_padata(krb5_context context, krb5_s4u_userid *userid,
   * err_reply, return 0.  If it's the sort of correction which requires that we
   * ask the user another question, we let the calling application deal with it.
   */
-krb5_error_code KRB5_CALLCONV
-krb5_do_preauth_tryagain(krb5_context context, krb5_kdc_req *req,
-                         krb5_data *req_body, krb5_data *prev_req,
-                         krb5_pa_data **in_padata, krb5_pa_data ***out_padata,
-                         krb5_error *err_reply, krb5_pa_data **err_padata,
-                         krb5_prompter_fct prompter, void *prompter_data,
-                         krb5_clpreauth_rock rock, krb5_gic_opt_ext *opte)
+krb5_error_code
+k5_preauth_tryagain(krb5_context context, krb5_gic_opt_ext *opte,
+                    krb5_clpreauth_rock rock, krb5_kdc_req *req,
+                    krb5_data *req_body, krb5_data *prev_req,
+                    krb5_pa_data **in_padata, krb5_error *err_reply,
+                    krb5_pa_data **err_padata, krb5_prompter_fct prompter,
+                    void *prompter_data, krb5_pa_data ***padata_out)
  {
      struct krb5_preauth_context_st *pctx = context->preauth_context;
      krb5_error_code ret;
@@ -855,14 +856,13 @@ krb5_do_preauth_tryagain(krb5_context context, krb5_kdc_req *req,
      clpreauth_handle h;
      int i;
  
-    *out_padata = NULL;
+    *padata_out = NULL;
      if (pctx == NULL)
          return KRB5KRB_ERR_GENERIC;
  
      TRACE_PREAUTH_TRYAGAIN_INPUT(context, in_padata);
  
      for (i = 0; in_padata[i] != NULL; i++) {
-        out_padata = NULL;
          h = find_module(pctx->handles, in_padata[i]->pa_type);
          if (h == NULL)
              continue;
@@ -873,7 +873,7 @@ krb5_do_preauth_tryagain(krb5_context context, krb5_kdc_req *req,
                                   prompter_data, &mod_pa);
          if (ret == 0 && mod_pa != NULL) {
              TRACE_PREAUTH_TRYAGAIN_OUTPUT(context, mod_pa);
-            *out_padata = mod_pa;
+            *padata_out = mod_pa;
              return 0;
          }
      }
@@ -910,12 +910,12 @@ fill_response_items(krb5_context context, krb5_get_init_creds_opt *opt,
      return 0;
  }
  
-krb5_error_code KRB5_CALLCONV
-krb5_do_preauth(krb5_context context, krb5_kdc_req *req, krb5_data *req_body,
-                krb5_data *prev_req, krb5_pa_data **in_padata,
-                krb5_pa_data ***out_padata, krb5_prompter_fct prompter,
-                void *prompter_data, krb5_clpreauth_rock rock,
-                krb5_gic_opt_ext *opte, krb5_boolean *got_real_out)
+krb5_error_code
+k5_preauth(krb5_context context, krb5_gic_opt_ext *opte,
+           krb5_clpreauth_rock rock, krb5_kdc_req *req,
+           krb5_data *req_body, krb5_data *prev_req, krb5_pa_data **in_padata,
+           krb5_prompter_fct prompter, void *prompter_data,
+           krb5_pa_data ***padata_out, krb5_boolean *got_real_out)
  {
      int out_pa_list_size = 0;
      krb5_pa_data **out_pa_list = NULL;
@@ -923,7 +923,7 @@ krb5_do_preauth(krb5_context context, krb5_kdc_req *req, krb5_data *req_body,
      krb5_responder_fn responder = opte->opt_private->responder;
      krb5_get_init_creds_opt *opt = (krb5_get_init_creds_opt *)opte;
  
-    *out_padata = NULL;
+    *padata_out = NULL;
      *got_real_out = FALSE;
  
      if (in_padata == NULL)
@@ -951,9 +951,10 @@ krb5_do_preauth(krb5_context context, krb5_kdc_req *req, krb5_data *req_body,
      }
  
      /* If we can't initialize the preauth context, stop with what we have. */
-    krb5_init_preauth_context(context);
+    k5_init_preauth_context(context);
      if (context->preauth_context == NULL) {
-        *out_padata = out_pa_list;
+        *padata_out = out_pa_list;
+        out_pa_list = NULL;
          goto error;
      }
  
@@ -978,7 +979,7 @@ krb5_do_preauth(krb5_context context, krb5_kdc_req *req, krb5_data *req_body,
          goto error;
  
      TRACE_PREAUTH_OUTPUT(context, out_pa_list);
-    *out_padata = out_pa_list;
+    *padata_out = out_pa_list;
      return 0;
  
  error:
@@ -1001,7 +1002,7 @@ krb5_preauth_supply_preauth_data(krb5_context context, krb5_gic_opt_ext *opte,
      const char *emsg = NULL;
  
      if (pctx == NULL) {
-        krb5_init_preauth_context(context);
+        k5_init_preauth_context(context);
          pctx = context->preauth_context;
          if (pctx == NULL) {
              krb5_set_error_message(context, EINVAL,
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports

index 078c020482ebffafea4cc8d8b66ec04ebe50b43e..eb3eb79c8b1bbbe258ef98078e084f841e066f50 100644 (file)
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -256,7 +256,6 @@ krb5_decrypt_tkt_part
  krb5_default_pwd_prompt1
  krb5_default_pwd_prompt2
  krb5_deltat_to_string
-krb5_do_preauth
  krb5_encode_authdata_container
  krb5_encode_kdc_rep
  krb5_encrypt_helper
diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c

index c4bf3019cf5030bcd08c8809775af312b080da5e..56b8d92f72d415a7138cb9bc5df92927e83fc12a 100644 (file)
--- a/src/lib/krb5/os/init_os_ctx.c
+++ b/src/lib/krb5/os/init_os_ctx.c
@@ -28,6 +28,7 @@
  
  #include "k5-int.h"
  #include "os-proto.h"
+#include "../krb/int-proto.h"
  #include "prof_int.h"        /* XXX for profile_copy, not public yet */
  
  #if defined(_WIN32)
@@ -517,7 +518,7 @@ krb5_os_free_context(krb5_context ctx)
      }
  
      if (ctx->preauth_context) {
-        krb5_free_preauth_context(ctx);
+        k5_free_preauth_context(ctx);
          ctx->preauth_context = NULL;
      }
      krb5int_close_plugin_dirs (&ctx->libkrb5_plugins);
author	Greg Hudson <ghudson@mit.edu>
	Sat, 27 Oct 2012 19:29:48 +0000 (15:29 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Wed, 19 Dec 2012 19:24:23 +0000 (14:24 -0500)
src/include/k5-int.h		patch \| blob \| blame \| history
src/lib/krb5/krb/get_in_tkt.c		patch \| blob \| blame \| history
src/lib/krb5/krb/int-proto.h		patch \| blob \| blame \| history
src/lib/krb5/krb/preauth2.c		patch \| blob \| blame \| history
src/lib/krb5/libkrb5.exports		patch \| blob \| blame \| history
src/lib/krb5/os/init_os_ctx.c		patch \| blob \| blame \| history