From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Fri, 19 Dec 2003 05:29:32 +0000 (+0000)
Subject: The new functions krb5int_c_mandatory_cksumtype, krb5_ser_pack_int64,
X-Git-Tag: krb5-1.4-beta1~691
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=86b1b4c9850e374d67c59b6f88933c26c2412eb1;p=thirdparty%2Fkrb5.git

The new functions krb5int_c_mandatory_cksumtype, krb5_ser_pack_int64,
and krb5_ser_unpack_int64 are considered private.  Therefore, in order
for them to be used from within gssapi they must be added to the
krb5int_accessor mechanism.  This allows us to not publicize their
existence via exportation on Windows or MacOSX.

ticket: new
tags: pullup
target_version: 1.3.2

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15941 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index 50d522fec2..39cd828248 100644
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,7 @@
+2003-12-18  Jeffrey Altman <jaltman@mit.edu>
+
+    * k5-int.h: add new functions to krb5int_access for use by gssapi
+
 2003-12-15  Ken Raeburn  <raeburn@mit.edu>
 
 	* k5-platform.h (SIZE_MAX): Provide default definition if stdint.h
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 82bc29117c..019d67a457 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1683,7 +1683,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
 /* To keep happy libraries which are (for now) accessing internal stuff */
 
 /* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 7
+#define KRB5INT_ACCESS_STRUCT_VERSION 8
 
 #ifndef ANAME_SZ
 struct ktext;			/* from krb.h, for krb524 support */
@@ -1720,6 +1720,12 @@ typedef struct _krb5int_access {
     krb5_int32 (*krb_life_to_time)(krb5_int32, int);
     int (*krb_time_to_life)(krb5_int32, krb5_int32);
     int (*krb524_encode_v4tkt)(struct ktext *, char *, unsigned int *);
+    krb5_error_code (*krb5int_c_mandatory_cksumtype)
+        (krb5_context, krb5_enctype, krb5_cksumtype *);
+    krb5_error_code (KRB5_CALLCONV *krb5_ser_pack_int64)
+        (krb5_int64, krb5_octet **, size_t *);
+    krb5_error_code (KRB5_CALLCONV *krb5_ser_unpack_int64)
+        (krb5_int64 *, krb5_octet **, size_t *);
 } krb5int_access;
 
 #define KRB5INT_ACCESS_VERSION \
diff --git a/src/lib/ChangeLog b/src/lib/ChangeLog
index c7a97f0b1c..2d456bbebb 100644
--- a/src/lib/ChangeLog
+++ b/src/lib/ChangeLog
@@ -1,3 +1,8 @@
+2003-12-18  Jeffrey Altman <jaltman@mit.edu>
+
+        * krb5_32.def: Remove exports added on 2003-12-13.  Moved
+          to krb5int_accessor
+
 2003-12-13  Jeffrey Altman <jaltman@mit.edu>
    
         * krb4_32.def: Remove exports from KfM not yet compiled in KfW
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
index 66dcc1efdd..404c55cd06 100644
--- a/src/lib/gssapi/krb5/ChangeLog
+++ b/src/lib/gssapi/krb5/ChangeLog
@@ -1,3 +1,9 @@
+2003-12-18  Jeffrey Altman <jaltman@mit.edu>
+
+   * accept_sec_context.c, init_sec_context.c, ser_sctx.c:
+     Implement use of krb5int_accessor() for krb5int_c_mandatory_cksumtype,
+     krb5_ser_pack_int64, and krb5_ser_unpack_int64
+
 2003-12-13  Ken Raeburn  <raeburn@mit.edu>
 	    Sam Hartman  <hartmans@avalanche-breakdown.mit.edu>
 
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index d507909f3a..db03d28150 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -248,7 +248,14 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
    krb5_data scratch;
    gss_cred_id_t cred_handle = NULL;
    krb5_gss_cred_id_t deleg_cred = NULL;
+   krb5int_access kaccess;
 
+   code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
+    if (code) {
+        *minor_status = code;
+        return(GSS_S_FAILURE);
+    }
+       
    if (GSS_ERROR(kg_get_context(minor_status, &context)))
       return(GSS_S_FAILURE);
 
@@ -679,7 +686,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
        ctx->signalg = -1;
        ctx->sealalg = -1;
        ctx->proto = 1;
-       code = krb5int_c_mandatory_cksumtype(context, ctx->subkey->enctype,
+       code = (*kaccess.krb5int_c_mandatory_cksumtype)(context, ctx->subkey->enctype,
 					    &ctx->cksumtype);
        if (code)
 	   goto fail;
@@ -762,7 +769,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
 	       major_status = GSS_S_FAILURE;
 	       goto fail;
 	   }
-	   code = krb5int_c_mandatory_cksumtype(context,
+	   code = (*kaccess.krb5int_c_mandatory_cksumtype)(context,
 						ctx->acceptor_subkey->enctype,
 						&ctx->acceptor_subkey_cksumtype);
 	   if (code) {
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index 102ffdadd3..cadfee85bc 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -333,6 +333,11 @@ setup_enc(
 {
    krb5_error_code code;
    int i;
+   krb5int_access kaccess;
+
+   code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
+   if (code)
+       goto fail;
 
    ctx->have_acceptor_subkey = 0;
    ctx->proto = 0;
@@ -390,7 +395,7 @@ setup_enc(
        ctx->sealalg = -10;
 
        ctx->proto = 1;
-       code = krb5int_c_mandatory_cksumtype(context, ctx->subkey->enctype,
+       code = (*kaccess.krb5int_c_mandatory_cksumtype)(context, ctx->subkey->enctype,
 					    &ctx->cksumtype);
        if (code)
 	   goto fail;
@@ -430,7 +435,6 @@ new_connection(
 {
    OM_uint32 major_status;
    krb5_error_code code;
-   krb5_enctype *requested_enctypes;
    krb5_creds *k_cred;
    krb5_gss_ctx_id_rec *ctx, *ctx_free;
    krb5_timestamp now;
@@ -681,6 +685,11 @@ mutual_auth(
    krb5_gss_ctx_id_rec *ctx;
    krb5_error *krb_error;
    krb5_error_code code;
+   krb5int_access kaccess;
+
+   code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
+   if (code)
+       goto fail;
 
    major_status = GSS_S_FAILURE;
 
@@ -782,7 +791,7 @@ mutual_auth(
 				 &ctx->acceptor_subkey);
        if (code)
 	   goto fail;
-       code = krb5int_c_mandatory_cksumtype(context,
+       code = (*kaccess.krb5int_c_mandatory_cksumtype)(context,
 					    ctx->acceptor_subkey->enctype,
 					    &ctx->acceptor_subkey_cksumtype);
        if (code)
diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c
index f6314928e5..4c5564609d 100644
--- a/src/lib/gssapi/krb5/ser_sctx.c
+++ b/src/lib/gssapi/krb5/ser_sctx.c
@@ -304,6 +304,11 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain)
     krb5_octet		*bp;
     size_t		remain;
     int			i;
+    krb5int_access kaccess;
+
+    kret = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
+    if (kret) 
+        return(kret);
 
     required = 0;
     bp = *buffer;
@@ -336,9 +341,9 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain)
 				       &bp, &remain);
 	    (void) krb5_ser_pack_int32((krb5_int32) ctx->krb_flags,
 				       &bp, &remain);
-	    (void) krb5_ser_pack_int64((krb5_int64) ctx->seq_send,
+	    (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_send,
 				       &bp, &remain);
-	    (void) krb5_ser_pack_int64((krb5_int64) ctx->seq_recv,
+	    (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_recv,
 				       &bp, &remain);
 	    (void) krb5_ser_pack_int32((krb5_int32) ctx->established,
 				       &bp, &remain);
@@ -418,6 +423,11 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain)
     krb5_octet		*bp;
     size_t		remain;
     int			i;
+    krb5int_access kaccess;
+
+    kret = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION);
+    if (kret)
+        return(kret);
 
     bp = *buffer;
     remain = *lenremain;
@@ -454,8 +464,8 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain)
 	    ctx->endtime = (krb5_timestamp) ibuf;
 	    (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain);
 	    ctx->krb_flags = (krb5_flags) ibuf;
-	    (void) krb5_ser_unpack_int64(&ctx->seq_send, &bp, &remain);
-	    (void) krb5_ser_unpack_int64(&ctx->seq_recv, &bp, &remain);
+	    (void) (*kaccess.krb5_ser_unpack_int64)(&ctx->seq_send, &bp, &remain);
+	    (void) (*kaccess.krb5_ser_unpack_int64)(&ctx->seq_recv, &bp, &remain);
 	    (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain);
 	    ctx->established = (int) ibuf;
 	    (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain);
diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog
index 7895b7c689..ae9b515703 100644
--- a/src/lib/krb5/os/ChangeLog
+++ b/src/lib/krb5/os/ChangeLog
@@ -1,3 +1,7 @@
+2003-12-18  Jeffrey Altman <jaltman@mit.edu>
+
+    * accessor.c: Add new functions for use by gssapi
+
 2003-12-12  Tom Yu  <tlyu@mit.edu>
 
 	* an_to_ln.c (krb5_aname_to_localname): Don't write one byte past
diff --git a/src/lib/krb5/os/accessor.c b/src/lib/krb5/os/accessor.c
index 3b38e54414..4e907b1c4d 100644
--- a/src/lib/krb5/os/accessor.c
+++ b/src/lib/krb5/os/accessor.c
@@ -58,6 +58,9 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version)
     internals_temp.krb_time_to_life = 0;
     internals_temp.krb524_encode_v4tkt = 0;
 #endif
+    internals_temp.krb5int_c_mandatory_cksumtype = krb5int_c_mandatory_cksumtype;
+    internals_temp.krb5_ser_pack_int64 = krb5_ser_pack_int64;
+    internals_temp.krb5_ser_unpack_int64 = krb5_ser_unpack_int64;
     *internals = internals_temp;
     return 0;
   }
diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def
index 715e7bfec2..58b4390df0 100644
--- a/src/lib/krb5_32.def
+++ b/src/lib/krb5_32.def
@@ -279,8 +279,4 @@ krb5_set_password_using_ccache
 	krb5_rc_close				; PRIVATE GSSAPI krb5.hin
 	krb5_free_enc_tkt_part			; PRIVATE GSSAPI krb5.hin
 	krb5_decrypt_tkt_part			; PRIVATE GSSAPI krb5.hin
-    krb5int_c_mandatory_cksumtype   ; PRIVATE GSSAPI k5-int.h
-    krb5_ser_pack_int64             ; PRIVATE GSSAPI k5-int.h
-    krb5_ser_unpack_int64           ; PRIVATE GSSAPI k5-int.h
-
     
\ No newline at end of file