svn rev #23081: trunk/src/ include/ lib/crypto/crypto_tests/ lib/gssapi/krb5/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Wed Oct 28 15:17:36 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=23081
Commit By: ghudson
Log Message:
Bump the accessor version number since we made changes.
Take the opportunity to regularize accessor field names (no krb5 or
krb5int prefixes).
Fix a test program which was still using krb5_hmac.
Changed Files:
U trunk/src/include/k5-int.h
U trunk/src/lib/crypto/crypto_tests/t_hmac.c
U trunk/src/lib/gssapi/krb5/accept_sec_context.c
U trunk/src/lib/gssapi/krb5/ser_sctx.c
U trunk/src/lib/gssapi/krb5/util_crypt.c
U trunk/src/lib/krb5/os/accessor.c
U trunk/src/plugins/preauth/pkinit/pkinit_accessor.c
Modified: trunk/src/include/k5-int.h
===================================================================
--- trunk/src/include/k5-int.h 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/include/k5-int.h 2009-10-28 19:17:35 UTC (rev 23081)
@@ -2218,7 +2218,7 @@
/* To keep happy libraries which are (for now) accessing internal stuff */
/* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 14
+#define KRB5INT_ACCESS_STRUCT_VERSION 15
#ifndef ANAME_SZ
struct ktext; /* from krb.h, for krb524 support */
@@ -2227,11 +2227,13 @@
/* crypto stuff */
const struct krb5_hash_provider *md5_hash_provider;
const struct krb5_enc_provider *arcfour_enc_provider;
- krb5_error_code (* krb5int_hmac) (const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- unsigned int icount, const krb5_data *input,
- krb5_data *output);
- krb5_error_code (* krb5_auth_con_get_subkey_enctype)(krb5_context, krb5_auth_context, krb5_enctype *);
+ krb5_error_code (*hmac)(const struct krb5_hash_provider *hash,
+ const krb5_keyblock *key,
+ unsigned int icount, const krb5_data *input,
+ krb5_data *output);
+ krb5_error_code (*auth_con_get_subkey_enctype)(krb5_context,
+ krb5_auth_context,
+ krb5_enctype *);
/* service location and communication */
krb5_error_code (*sendto_udp) (krb5_context, const krb5_data *msg,
const struct addrlist *, struct sendto_callback_info*, krb5_data *reply,
@@ -2253,16 +2255,12 @@
int (*use_dns_kdc)(krb5_context);
krb5_error_code (*clean_hostname)(krb5_context, const char *, char *, size_t);
- /* krb4 compatibility stuff -- may be null if not enabled */
- krb5_int32 (*krb_life_to_time)(krb5_int32, int);
- int (*krb_time_to_life)(krb5_int32, krb5_int32);
- int (*krb524_encode_v4tkt)(struct ktext *, char *, unsigned int *);
- krb5_error_code (*krb5int_c_mandatory_cksumtype)
- (krb5_context, krb5_enctype, krb5_cksumtype *);
- krb5_error_code (KRB5_CALLCONV *krb5_ser_pack_int64)
- (krb5_int64, krb5_octet **, size_t *);
- krb5_error_code (KRB5_CALLCONV *krb5_ser_unpack_int64)
- (krb5_int64 *, krb5_octet **, size_t *);
+ krb5_error_code (*mandatory_cksumtype)(krb5_context, krb5_enctype,
+ krb5_cksumtype *);
+ krb5_error_code (KRB5_CALLCONV *ser_pack_int64)(krb5_int64, krb5_octet **,
+ size_t *);
+ krb5_error_code (KRB5_CALLCONV *ser_unpack_int64)(krb5_int64 *,
+ krb5_octet **, size_t *);
/* Used for KDB LDAP back end. */
krb5_error_code
@@ -2342,9 +2340,9 @@
(const krb5_data *output, krb5_kdc_req **rep);
krb5_error_code (*encode_krb5_kdc_req_body)
(const krb5_kdc_req *rep, krb5_data **code);
- void (KRB5_CALLCONV *krb5_free_kdc_req)
+ void (KRB5_CALLCONV *free_kdc_req)
(krb5_context, krb5_kdc_req * );
- void (*krb5int_set_prompt_types)
+ void (*set_prompt_types)
(krb5_context, krb5_prompt_type *);
krb5_error_code (*encode_krb5_authdata_elt)
(const krb5_authdata *rep, krb5_data **code);
Modified: trunk/src/lib/crypto/crypto_tests/t_hmac.c
===================================================================
--- trunk/src/lib/crypto/crypto_tests/t_hmac.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/lib/crypto/crypto_tests/t_hmac.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -122,7 +122,7 @@
}
printd(" hmac input", in);
krb5_k_create_key(NULL, key, &k);
- err = krb5_hmac(h, k, 1, in, out);
+ err = krb5int_hmac(h, k, 1, in, out);
krb5_k_free_key(NULL, k);
if (err == 0)
printd(" hmac output", out);
Modified: trunk/src/lib/gssapi/krb5/accept_sec_context.c
===================================================================
--- trunk/src/lib/gssapi/krb5/accept_sec_context.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/lib/gssapi/krb5/accept_sec_context.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -988,9 +988,9 @@
if (ctx->proto == 0 &&
(ctx->gss_flags & GSS_C_DCE_STYLE) == 0 &&
(ap_req_options & AP_OPTS_USE_SUBKEY)) {
- code = (*kaccess.krb5_auth_con_get_subkey_enctype) (context,
- auth_context,
- &negotiated_etype);
+ code = (*kaccess.auth_con_get_subkey_enctype)(context,
+ auth_context,
+ &negotiated_etype);
if (code != 0) {
major_status = GSS_S_FAILURE;
goto fail;
Modified: trunk/src/lib/gssapi/krb5/ser_sctx.c
===================================================================
--- trunk/src/lib/gssapi/krb5/ser_sctx.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/lib/gssapi/krb5/ser_sctx.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -433,10 +433,10 @@
&bp, &remain);
(void) krb5_ser_pack_int32((krb5_int32) ctx->krb_flags,
&bp, &remain);
- (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_send,
- &bp, &remain);
- (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_recv,
- &bp, &remain);
+ (void) (*kaccess.ser_pack_int64)((krb5_int64) ctx->seq_send,
+ &bp, &remain);
+ (void) (*kaccess.ser_pack_int64)((krb5_int64) ctx->seq_recv,
+ &bp, &remain);
/* Now dynamic data */
kret = 0;
@@ -644,8 +644,10 @@
ctx->krb_times.renew_till = (krb5_timestamp) ibuf;
(void) krb5_ser_unpack_int32(&ibuf, &bp, &remain);
ctx->krb_flags = (krb5_flags) ibuf;
- (void) (*kaccess.krb5_ser_unpack_int64)((krb5_int64 *)&ctx->seq_send, &bp, &remain);
- kret = (*kaccess.krb5_ser_unpack_int64)((krb5_int64 *)&ctx->seq_recv, &bp, &remain);
+ (void) (*kaccess.ser_unpack_int64)((krb5_int64 *)&ctx->seq_send,
+ &bp, &remain);
+ kret = (*kaccess.ser_unpack_int64)((krb5_int64 *)&ctx->seq_recv,
+ &bp, &remain);
if (kret) {
free(ctx);
return kret;
Modified: trunk/src/lib/gssapi/krb5/util_crypt.c
===================================================================
--- trunk/src/lib/gssapi/krb5/util_crypt.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/lib/gssapi/krb5/util_crypt.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -119,9 +119,8 @@
if (code != 0)
return code;
- code = (*kaccess.krb5int_c_mandatory_cksumtype)(context,
- subkey->keyblock.enctype,
- cksumtype);
+ code = (*kaccess.mandatory_cksumtype)(context, subkey->keyblock.enctype,
+ cksumtype);
if (code != 0)
return code;
@@ -321,8 +320,8 @@
input.length = i;
output.data = (void *) usage_key.contents;
output.length = usage_key.length;
- code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
- longterm_key, 1, &input, &output);
+ code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1,
+ &input, &output);
if (code)
goto cleanup_arcfour;
if (exportable)
@@ -331,8 +330,8 @@
input.data = ( void *) kd_data;
input.length = kd_data_len;
output.data = (void *) seq_enc_key.contents;
- code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
- &usage_key, 1, &input, &output);
+ code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1,
+ &input, &output);
if (code)
goto cleanup_arcfour;
input.data = ( void * ) input_buf;
@@ -667,8 +666,8 @@
input.length = i;
output.data = (void *) usage_key.contents;
output.length = usage_key.length;
- code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
- longterm_key, 1, &input, &output);
+ code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1,
+ &input, &output);
if (code)
goto cleanup_arcfour;
if (exportable)
@@ -677,8 +676,8 @@
input.data = ( void *) kd_data;
input.length = kd_data_len;
output.data = (void *) seq_enc_key.contents;
- code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
- &usage_key, 1, &input, &output);
+ code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1,
+ &input, &output);
if (code)
goto cleanup_arcfour;
Modified: trunk/src/lib/krb5/os/accessor.c
===================================================================
--- trunk/src/lib/krb5/os/accessor.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/lib/krb5/os/accessor.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -52,8 +52,8 @@
krb5int_access internals_temp;
#endif
S (free_addrlist, krb5int_free_addrlist),
- S (krb5int_hmac, krb5int_hmac_keyblock),
- S (krb5_auth_con_get_subkey_enctype, krb5_auth_con_get_subkey_enctype),
+ S (hmac, krb5int_hmac_keyblock),
+ S (auth_con_get_subkey_enctype, krb5_auth_con_get_subkey_enctype),
S (md5_hash_provider, &krb5int_hash_md5),
S (arcfour_enc_provider, &krb5int_enc_arcfour),
S (sendto_udp, &krb5int_sendto),
@@ -70,18 +70,14 @@
#undef SC
S (clean_hostname, krb5int_clean_hostname),
- S (krb_life_to_time, 0),
- S (krb_time_to_life, 0),
- S (krb524_encode_v4tkt, 0),
-
- S (krb5int_c_mandatory_cksumtype, krb5int_c_mandatory_cksumtype),
+ S (mandatory_cksumtype, krb5int_c_mandatory_cksumtype),
#ifndef LEAN_CLIENT
#define SC(FIELD, VAL) S(FIELD, VAL)
#else /* disable */
#define SC(FIELD, VAL) S(FIELD, 0)
#endif
- SC (krb5_ser_pack_int64, krb5_ser_pack_int64),
- SC (krb5_ser_unpack_int64, krb5_ser_unpack_int64),
+ SC (ser_pack_int64, krb5_ser_pack_int64),
+ SC (ser_unpack_int64, krb5_ser_unpack_int64),
#undef SC
#ifdef ENABLE_LDAP
@@ -125,8 +121,8 @@
SC (decode_krb5_td_dh_parameters, decode_krb5_td_dh_parameters),
SC (decode_krb5_as_req, decode_krb5_as_req),
SC (encode_krb5_kdc_req_body, encode_krb5_kdc_req_body),
- SC (krb5_free_kdc_req, krb5_free_kdc_req),
- SC (krb5int_set_prompt_types, krb5int_set_prompt_types),
+ SC (free_kdc_req, krb5_free_kdc_req),
+ SC (set_prompt_types, krb5int_set_prompt_types),
SC (encode_krb5_authdata_elt, encode_krb5_authdata_elt),
#undef SC
Modified: trunk/src/plugins/preauth/pkinit/pkinit_accessor.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_accessor.c 2009-10-28 18:37:18 UTC (rev 23080)
+++ trunk/src/plugins/preauth/pkinit/pkinit_accessor.c 2009-10-28 19:17:35 UTC (rev 23081)
@@ -111,8 +111,8 @@
k5int_decode_krb5_principal_name = k5int.decode_krb5_principal_name;
k5int_decode_krb5_as_req = k5int.decode_krb5_as_req;
k5int_encode_krb5_kdc_req_body = k5int.encode_krb5_kdc_req_body;
- k5int_krb5_free_kdc_req = k5int.krb5_free_kdc_req;
- k5int_set_prompt_types = k5int.krb5int_set_prompt_types;
+ k5int_krb5_free_kdc_req = k5int.free_kdc_req;
+ k5int_set_prompt_types = k5int.set_prompt_types;
k5int_encode_krb5_authdata_elt = k5int.encode_krb5_authdata_elt;
return 0;
}
More information about the cvs-krb5
mailing list