svn rev #25447: branches/krb5-1-10/src/ include/ include/krb5/ kdc/ lib/ lib/krb5/ ...

tlyu@MIT.EDU tlyu at MIT.EDU
Mon Nov 7 17:35:24 EST 2011


http://src.mit.edu/fisheye/changelog/krb5/?cs=25447
Commit By: tlyu
Log Message:
ticket: 6992
version_fixed: 1.10
status: resolved

pull up r25414 from trunk

 ------------------------------------------------------------------------
 r25414 | ghudson | 2011-10-25 14:30:14 -0400 (Tue, 25 Oct 2011) | 7 lines

 ticket: 6992
 subject: Make krb5_find_authdata public
 target_version: 1.10
 tags: pullup

 Rename krb5int_find_authdata to krb5_find_authdata and make it public.


Changed Files:
U   branches/krb5-1-10/src/include/k5-int.h
U   branches/krb5-1-10/src/include/krb5/krb5.hin
U   branches/krb5-1-10/src/kdc/kdc_authdata.c
U   branches/krb5-1-10/src/kdc/kdc_util.c
U   branches/krb5-1-10/src/lib/krb5/krb/authdata.c
U   branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c
U   branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c
U   branches/krb5-1-10/src/lib/krb5/libkrb5.exports
U   branches/krb5-1-10/src/lib/krb5_32.def
U   branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c
U   branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c
Modified: branches/krb5-1-10/src/include/k5-int.h
===================================================================
--- branches/krb5-1-10/src/include/k5-int.h	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/include/k5-int.h	2011-11-07 22:35:24 UTC (rev 25447)
@@ -2615,12 +2615,6 @@
 
 void KRB5_CALLCONV krb5_free_config_files(char **filenames);
 
-krb5_error_code krb5int_find_authdata(krb5_context context,
-                                      krb5_authdata *const *ticket_authdata,
-                                      krb5_authdata *const *ap_req_authdata,
-                                      krb5_authdatatype ad_type,
-                                      krb5_authdata ***results);
-
 krb5_error_code krb5_rd_req_decoded(krb5_context, krb5_auth_context *,
                                     const krb5_ap_req *, krb5_const_principal,
                                     krb5_keytab, krb5_flags *, krb5_ticket **);

Modified: branches/krb5-1-10/src/include/krb5/krb5.hin
===================================================================
--- branches/krb5-1-10/src/include/krb5/krb5.hin	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/include/krb5/krb5.hin	2011-11-07 22:35:24 UTC (rev 25447)
@@ -3844,6 +3844,27 @@
                    krb5_authdata *const *in_authdat, krb5_authdata ***out);
 
 /**
+ * Find authorization data elements.
+ *
+ * @param [in]  context         Library context
+ * @param [in]  ticket_authdata Authorization data list from ticket
+ * @param [in]  ap_req_authdata Authorization data list from AP request
+ * @param [in]  ad_type         Authorization data type to find
+ * @param [out] results         List of matching entries
+ *
+ * This function searches @a ticket_authdata and @a ap_req_authdata for
+ * elements of type @a ad_type.  Either input list may be NULL, in which case
+ * it will not be searched; otherwise, the input lists must be terminated by
+ * NULL entries.  This function will search inside AD-IF-RELEVANT containers if
+ * found in either list.  Use krb5_free_authdata() to free @a results when it
+ * is no longer needed.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_find_authdata(krb5_context context, krb5_authdata *const *ticket_authdata,
+                   krb5_authdata *const *ap_req_authdata,
+                   krb5_authdatatype ad_type, krb5_authdata ***results);
+
+/**
  * Merge two authorization data lists into a new list.
  *
  * @param [in]  context         Library context

Modified: branches/krb5-1-10/src/kdc/kdc_authdata.c
===================================================================
--- branches/krb5-1-10/src/kdc/kdc_authdata.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/kdc/kdc_authdata.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -902,11 +902,8 @@
     *pdelegated = NULL;
     *path_is_signed = FALSE;
 
-    code = krb5int_find_authdata(context,
-                                 enc_tkt_part->authorization_data,
-                                 NULL,
-                                 KRB5_AUTHDATA_SIGNTICKET,
-                                 &sp_authdata);
+    code = krb5_find_authdata(context, enc_tkt_part->authorization_data, NULL,
+                              KRB5_AUTHDATA_SIGNTICKET, &sp_authdata);
     if (code != 0)
         goto cleanup;
 

Modified: branches/krb5-1-10/src/kdc/kdc_util.c
===================================================================
--- branches/krb5-1-10/src/kdc/kdc_util.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/kdc/kdc_util.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -284,10 +284,10 @@
                                                  &authenticator)))
         goto cleanup_auth_context;
 
-    retval = krb5int_find_authdata(kdc_context,
-                                   (*ticket)->enc_part2->authorization_data,
-                                   authenticator->authorization_data,
-                                   KRB5_AUTHDATA_FX_ARMOR, &authdata);
+    retval = krb5_find_authdata(kdc_context,
+                                (*ticket)->enc_part2->authorization_data,
+                                authenticator->authorization_data,
+                                KRB5_AUTHDATA_FX_ARMOR, &authdata);
     if (retval != 0)
         goto cleanup_authenticator;
     if (authdata&& authdata[0]) {

Modified: branches/krb5-1-10/src/lib/krb5/krb/authdata.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/authdata.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/authdata.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -514,11 +514,8 @@
 
     ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
 
-    code = krb5int_find_authdata(kcontext,
-                                 ticket_authdata,
-                                 NULL,
-                                 KRB5_AUTHDATA_KDC_ISSUED,
-                                 &authdata);
+    code = krb5_find_authdata(kcontext, ticket_authdata, NULL,
+                              KRB5_AUTHDATA_KDC_ISSUED, &authdata);
     if (code != 0 || authdata == NULL)
         return code;
 
@@ -573,11 +570,8 @@
 
         if (kdc_issued_authdata != NULL &&
             (module->flags & AD_USAGE_KDC_ISSUED)) {
-            code = krb5int_find_authdata(kcontext,
-                                         kdc_issued_authdata,
-                                         NULL,
-                                         module->ad_type,
-                                         &authdata);
+            code = krb5_find_authdata(kcontext, kdc_issued_authdata, NULL,
+                                      module->ad_type, &authdata);
             if (code != 0)
                 break;
 
@@ -599,11 +593,10 @@
             if (module->flags & AD_USAGE_AP_REQ)
                 authen_usage = TRUE;
 
-            code = krb5int_find_authdata(kcontext,
-                                         ticket_usage ? ticket_authdata : NULL,
-                                         authen_usage ? authen_authdata : NULL,
-                                         module->ad_type,
-                                         &authdata);
+            code = krb5_find_authdata(kcontext,
+                                      ticket_usage ? ticket_authdata : NULL,
+                                      authen_usage ? authen_authdata : NULL,
+                                      module->ad_type, &authdata);
             if (code != 0)
                 break;
         }

Modified: branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/authdata_dec.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -154,11 +154,11 @@
     return retval;
 }
 
-krb5_error_code
-krb5int_find_authdata(krb5_context context,
-                      krb5_authdata *const *ticket_authdata,
-                      krb5_authdata *const *ap_req_authdata,
-                      krb5_authdatatype ad_type, krb5_authdata ***results)
+krb5_error_code KRB5_CALLCONV
+krb5_find_authdata(krb5_context context,
+                   krb5_authdata *const *ticket_authdata,
+                   krb5_authdata *const *ap_req_authdata,
+                   krb5_authdatatype ad_type, krb5_authdata ***results)
 {
     krb5_error_code retval = 0;
     struct find_authdata_context fctx;

Modified: branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c
===================================================================
--- branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/krb/t_authdata.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -47,9 +47,8 @@
     3,
     (unsigned char *) "ab"
 };
-/* we want three results in the return from krb5int_find_authdata so
-   it has to grow its list.
-*/
+/* We want three results in the return from krb5_find_authdata so it has to
+ * grow its list.  */
 krb5_authdata ad4 = {
     KV5M_AUTHDATA,
     22,
@@ -94,8 +93,8 @@
     container[0] = &ad3;
     container[1] = NULL;
     assert(krb5_encode_authdata_container( context, KRB5_AUTHDATA_IF_RELEVANT, container, &container_out) == 0);
-    assert(krb5int_find_authdata(context,
-                                 adseq1, container_out, 22, &results) == 0);
+    assert(krb5_find_authdata(context, adseq1, container_out, 22,
+                              &results) == 0);
     compare_authdata(&ad1, results[0]);
     compare_authdata( results[1], &ad4);
     compare_authdata( results[2], &ad3);

Modified: branches/krb5-1-10/src/lib/krb5/libkrb5.exports
===================================================================
--- branches/krb5-1-10/src/lib/krb5/libkrb5.exports	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5/libkrb5.exports	2011-11-07 22:35:24 UTC (rev 25447)
@@ -257,6 +257,7 @@
 krb5_externalize_data
 krb5_externalize_opaque
 krb5_fcc_ops
+krb5_find_authdata
 krb5_find_serializer
 krb5_free_ad_kdcissued
 krb5_free_ad_signedpath
@@ -607,7 +608,6 @@
 krb5int_clean_hostname
 krb5int_cm_call_select
 krb5int_copy_data_contents_add0
-krb5int_find_authdata
 krb5int_find_pa_data
 krb5int_foreach_localaddr
 krb5int_free_data_list

Modified: branches/krb5-1-10/src/lib/krb5_32.def
===================================================================
--- branches/krb5-1-10/src/lib/krb5_32.def	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/lib/krb5_32.def	2011-11-07 22:35:24 UTC (rev 25447)
@@ -419,3 +419,4 @@
 	krb5_free_string				@393
 	krb5_cc_select					@394
 	krb5_pac_sign					@395
+	krb5_find_authdata				@396

Modified: branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c
===================================================================
--- branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/plugins/authdata/greet_server/greet_auth.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -65,11 +65,8 @@
     krb5_authdata **kdc_issued = NULL;
     krb5_authdata **greet = NULL;
 
-    code = krb5int_find_authdata(context,
-                                 enc_tkt_request->authorization_data,
-                                 NULL,
-                                 KRB5_AUTHDATA_KDC_ISSUED,
-                                 &tgt_authdata);
+    code = krb5_find_authdata(context, enc_tkt_request->authorization_data,
+                              NULL, KRB5_AUTHDATA_KDC_ISSUED, &tgt_authdata);
     if (code != 0 || tgt_authdata == NULL)
         return 0;
 
@@ -83,11 +80,7 @@
         return code;
     }
 
-    code = krb5int_find_authdata(context,
-                                 kdc_issued,
-                                 NULL,
-                                 -42,
-                                 &greet);
+    code = krb5_find_authdata(context, kdc_issued, NULL, -42, &greet);
     if (code == 0) {
         krb5_data tmp;
 

Modified: branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c
===================================================================
--- branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c	2011-11-07 17:51:57 UTC (rev 25446)
+++ branches/krb5-1-10/src/plugins/kdb/hdb/kdb_windc.c	2011-11-07 22:35:24 UTC (rev 25447)
@@ -270,11 +270,8 @@
 
     if (!is_as_req) {
         /* find the existing PAC, if present */
-        code = krb5int_find_authdata(context,
-                                     tgt_auth_data,
-                                     NULL,
-                                     KRB5_AUTHDATA_WIN2K_PAC,
-                                     &authdata);
+        code = krb5_find_authdata(context, tgt_auth_data, NULL,
+                                  KRB5_AUTHDATA_WIN2K_PAC, &authdata);
         if (code != 0)
             goto cleanup;
     }




More information about the cvs-krb5 mailing list