svn rev #25447: branches/krb5-1-10/src/ include/ include/krb5/ kdc/ lib/ lib/krb5/ ...
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Nov 7 17:35:24 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25447
Commit By: tlyu
Log Message:
ticket: 6992
version_fixed: 1.10
status: resolved
pull up r25414 from trunk
------------------------------------------------------------------------
r25414 | ghudson | 2011-10-25 14:30:14 -0400 (Tue, 25 Oct 2011) | 7 lines
ticket: 6992
subject: Make krb5_find_authdata public
target_version: 1.10
tags: pullup
Rename krb5int_find_authdata to krb5_find_authdata and make it public.
Changed Files:
U branches/krb5-1-10/src/include/k5-int.h
U branches/krb5-1-10/src/include/krb5/krb5.hin
U branches/krb5-1-10/src/kdc/kdc_authdata.c
U branches/krb5-1-10/src/kdc/kdc_util.c
U branches/krb5-1-10/src/lib/krb5/krb/authdata.c
U branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c
U branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c
U branches/krb5-1-10/src/lib/krb5/libkrb5.exports
U branches/krb5-1-10/src/lib/krb5_32.def
U branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c
U branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c
Modified: branches/krb5-1-10/src/include/k5-int.h
===================================================================
--- branches/krb5-1-10/src/include/k5-int.h 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/include/k5-int.h 2011-11-07 22:35:24 UTC (rev 25447)
@@ -2615,12 +2615,6 @@
void KRB5_CALLCONV krb5_free_config_files(char **filenames);
-krb5_error_code krb5int_find_authdata(krb5_context context,
- krb5_authdata *const *ticket_authdata,
- krb5_authdata *const *ap_req_authdata,
- krb5_authdatatype ad_type,
- krb5_authdata ***results);
-
krb5_error_code krb5_rd_req_decoded(krb5_context, krb5_auth_context *,
const krb5_ap_req *, krb5_const_principal,
krb5_keytab, krb5_flags *, krb5_ticket **);
Modified: branches/krb5-1-10/src/include/krb5/krb5.hin
===================================================================
--- branches/krb5-1-10/src/include/krb5/krb5.hin 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/include/krb5/krb5.hin 2011-11-07 22:35:24 UTC (rev 25447)
@@ -3844,6 +3844,27 @@
krb5_authdata *const *in_authdat, krb5_authdata ***out);
/**
+ * Find authorization data elements.
+ *
+ * @param [in] context Library context
+ * @param [in] ticket_authdata Authorization data list from ticket
+ * @param [in] ap_req_authdata Authorization data list from AP request
+ * @param [in] ad_type Authorization data type to find
+ * @param [out] results List of matching entries
+ *
+ * This function searches @a ticket_authdata and @a ap_req_authdata for
+ * elements of type @a ad_type. Either input list may be NULL, in which case
+ * it will not be searched; otherwise, the input lists must be terminated by
+ * NULL entries. This function will search inside AD-IF-RELEVANT containers if
+ * found in either list. Use krb5_free_authdata() to free @a results when it
+ * is no longer needed.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_find_authdata(krb5_context context, krb5_authdata *const *ticket_authdata,
+ krb5_authdata *const *ap_req_authdata,
+ krb5_authdatatype ad_type, krb5_authdata ***results);
+
+/**
* Merge two authorization data lists into a new list.
*
* @param [in] context Library context
Modified: branches/krb5-1-10/src/kdc/kdc_authdata.c
===================================================================
--- branches/krb5-1-10/src/kdc/kdc_authdata.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/kdc/kdc_authdata.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -902,11 +902,8 @@
*pdelegated = NULL;
*path_is_signed = FALSE;
- code = krb5int_find_authdata(context,
- enc_tkt_part->authorization_data,
- NULL,
- KRB5_AUTHDATA_SIGNTICKET,
- &sp_authdata);
+ code = krb5_find_authdata(context, enc_tkt_part->authorization_data, NULL,
+ KRB5_AUTHDATA_SIGNTICKET, &sp_authdata);
if (code != 0)
goto cleanup;
Modified: branches/krb5-1-10/src/kdc/kdc_util.c
===================================================================
--- branches/krb5-1-10/src/kdc/kdc_util.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/kdc/kdc_util.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -284,10 +284,10 @@
&authenticator)))
goto cleanup_auth_context;
- retval = krb5int_find_authdata(kdc_context,
- (*ticket)->enc_part2->authorization_data,
- authenticator->authorization_data,
- KRB5_AUTHDATA_FX_ARMOR, &authdata);
+ retval = krb5_find_authdata(kdc_context,
+ (*ticket)->enc_part2->authorization_data,
+ authenticator->authorization_data,
+ KRB5_AUTHDATA_FX_ARMOR, &authdata);
if (retval != 0)
goto cleanup_authenticator;
if (authdata&& authdata[0]) {
Modified: branches/krb5-1-10/src/lib/krb5/krb/authdata.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/authdata.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/authdata.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -514,11 +514,8 @@
ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
- code = krb5int_find_authdata(kcontext,
- ticket_authdata,
- NULL,
- KRB5_AUTHDATA_KDC_ISSUED,
- &authdata);
+ code = krb5_find_authdata(kcontext, ticket_authdata, NULL,
+ KRB5_AUTHDATA_KDC_ISSUED, &authdata);
if (code != 0 || authdata == NULL)
return code;
@@ -573,11 +570,8 @@
if (kdc_issued_authdata != NULL &&
(module->flags & AD_USAGE_KDC_ISSUED)) {
- code = krb5int_find_authdata(kcontext,
- kdc_issued_authdata,
- NULL,
- module->ad_type,
- &authdata);
+ code = krb5_find_authdata(kcontext, kdc_issued_authdata, NULL,
+ module->ad_type, &authdata);
if (code != 0)
break;
@@ -599,11 +593,10 @@
if (module->flags & AD_USAGE_AP_REQ)
authen_usage = TRUE;
- code = krb5int_find_authdata(kcontext,
- ticket_usage ? ticket_authdata : NULL,
- authen_usage ? authen_authdata : NULL,
- module->ad_type,
- &authdata);
+ code = krb5_find_authdata(kcontext,
+ ticket_usage ? ticket_authdata : NULL,
+ authen_usage ? authen_authdata : NULL,
+ module->ad_type, &authdata);
if (code != 0)
break;
}
Modified: branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -154,11 +154,11 @@
return retval;
}
-krb5_error_code
-krb5int_find_authdata(krb5_context context,
- krb5_authdata *const *ticket_authdata,
- krb5_authdata *const *ap_req_authdata,
- krb5_authdatatype ad_type, krb5_authdata ***results)
+krb5_error_code KRB5_CALLCONV
+krb5_find_authdata(krb5_context context,
+ krb5_authdata *const *ticket_authdata,
+ krb5_authdata *const *ap_req_authdata,
+ krb5_authdatatype ad_type, krb5_authdata ***results)
{
krb5_error_code retval = 0;
struct find_authdata_context fctx;
Modified: branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -47,9 +47,8 @@
3,
(unsigned char *) "ab"
};
-/* we want three results in the return from krb5int_find_authdata so
- it has to grow its list.
-*/
+/* We want three results in the return from krb5_find_authdata so it has to
+ * grow its list. */
krb5_authdata ad4 = {
KV5M_AUTHDATA,
22,
@@ -94,8 +93,8 @@
container[0] = &ad3;
container[1] = NULL;
assert(krb5_encode_authdata_container( context, KRB5_AUTHDATA_IF_RELEVANT, container, &container_out) == 0);
- assert(krb5int_find_authdata(context,
- adseq1, container_out, 22, &results) == 0);
+ assert(krb5_find_authdata(context, adseq1, container_out, 22,
+ &results) == 0);
compare_authdata(&ad1, results[0]);
compare_authdata( results[1], &ad4);
compare_authdata( results[2], &ad3);
Modified: branches/krb5-1-10/src/lib/krb5/libkrb5.exports
===================================================================
--- branches/krb5-1-10/src/lib/krb5/libkrb5.exports 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/libkrb5.exports 2011-11-07 22:35:24 UTC (rev 25447)
@@ -257,6 +257,7 @@
krb5_externalize_data
krb5_externalize_opaque
krb5_fcc_ops
+krb5_find_authdata
krb5_find_serializer
krb5_free_ad_kdcissued
krb5_free_ad_signedpath
@@ -607,7 +608,6 @@
krb5int_clean_hostname
krb5int_cm_call_select
krb5int_copy_data_contents_add0
-krb5int_find_authdata
krb5int_find_pa_data
krb5int_foreach_localaddr
krb5int_free_data_list
Modified: branches/krb5-1-10/src/lib/krb5_32.def
===================================================================
--- branches/krb5-1-10/src/lib/krb5_32.def 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5_32.def 2011-11-07 22:35:24 UTC (rev 25447)
@@ -419,3 +419,4 @@
krb5_free_string @393
krb5_cc_select @394
krb5_pac_sign @395
+ krb5_find_authdata @396
Modified: branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c
===================================================================
--- branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -65,11 +65,8 @@
krb5_authdata **kdc_issued = NULL;
krb5_authdata **greet = NULL;
- code = krb5int_find_authdata(context,
- enc_tkt_request->authorization_data,
- NULL,
- KRB5_AUTHDATA_KDC_ISSUED,
- &tgt_authdata);
+ code = krb5_find_authdata(context, enc_tkt_request->authorization_data,
+ NULL, KRB5_AUTHDATA_KDC_ISSUED, &tgt_authdata);
if (code != 0 || tgt_authdata == NULL)
return 0;
@@ -83,11 +80,7 @@
return code;
}
- code = krb5int_find_authdata(context,
- kdc_issued,
- NULL,
- -42,
- &greet);
+ code = krb5_find_authdata(context, kdc_issued, NULL, -42, &greet);
if (code == 0) {
krb5_data tmp;
Modified: branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c
===================================================================
--- branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c 2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c 2011-11-07 22:35:24 UTC (rev 25447)
@@ -270,11 +270,8 @@
if (!is_as_req) {
/* find the existing PAC, if present */
- code = krb5int_find_authdata(context,
- tgt_auth_data,
- NULL,
- KRB5_AUTHDATA_WIN2K_PAC,
- &authdata);
+ code = krb5_find_authdata(context, tgt_auth_data, NULL,
+ KRB5_AUTHDATA_WIN2K_PAC, &authdata);
if (code != 0)
goto cleanup;
}
More information about the cvs-krb5
mailing list