summaryrefslogtreecommitdiffstats
path: root/src/include
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2013-03-24 01:28:13 -0400
committerGreg Hudson <ghudson@mit.edu>2013-03-24 01:28:13 -0400
commit6c8fed1bb850b92d471b0741a452bb56354fc0e9 (patch)
treee170a09d8457a58976562d1b0f369348d2198416 /src/include
parent81fde7e475b02986c1aff88766cc48882004d5dc (diff)
downloadkrb5-6c8fed1bb850b92d471b0741a452bb56354fc0e9.tar.gz
krb5-6c8fed1bb850b92d471b0741a452bb56354fc0e9.tar.xz
krb5-6c8fed1bb850b92d471b0741a452bb56354fc0e9.zip
Move a bunch of stuff out of k5-int.h
Move internal declarations from k5-int.h to more localized headers (like int-proto.h) where appropriate. Rename many symbols whose prototypes were moved to use the k5_ prefix instead of krb5int_. Remove some unused declarations or move them to the single source file they were needed in. Remove krb5_creds_compare since it isn't used any more.
Diffstat (limited to 'src/include')
-rw-r--r--src/include/k5-int.h371
1 files changed, 0 insertions, 371 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index ed9f255a7..a8c1028c2 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -570,27 +570,8 @@ krb5_error_code krb5_unlock_file(krb5_context, int);
krb5_error_code krb5_sendto_kdc(krb5_context, const krb5_data *,
const krb5_data *, krb5_data *, int *, int);
-krb5_error_code krb5_create_secure_file(krb5_context, const char * pathname);
-krb5_error_code krb5_sync_disk_file(krb5_context, FILE *fp);
-
krb5_error_code krb5int_init_context_kdc(krb5_context *);
-krb5_error_code krb5_os_init_context(krb5_context context, profile_t profile,
- krb5_flags flags);
-
-void krb5_os_free_context(krb5_context);
-
-/* This function is needed by KfM's KerberosPreferences API
- * because it needs to be able to specify "secure" */
-krb5_error_code
-os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure);
-
-krb5_error_code
-krb5_os_hostaddr(krb5_context, const char *, krb5_address ***);
-
-krb5_error_code
-krb5int_get_domain_realm_mapping(krb5_context , const char *, char ***);
-
struct derived_key {
krb5_data constant;
krb5_key dkey;
@@ -699,22 +680,8 @@ krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context,
const krb5_keyblock *from,
krb5_keyblock *to);
-#ifdef KRB5_OLD_CRYPTO
-/* old provider api */
-
-krb5_error_code krb5_crypto_os_localaddr(krb5_address ***);
-
krb5_error_code krb5_crypto_us_timeofday(krb5_int32 *, krb5_int32 *);
-#endif /* KRB5_OLD_CRYPTO */
-
-/* this helper fct is in libkrb5, but it makes sense declared here. */
-
-krb5_error_code
-krb5_encrypt_keyhelper(krb5_context context, krb5_key key,
- krb5_keyusage keyusage, const krb5_data *plain,
- krb5_enc_data *cipher);
-
/*
* End "los-proto.h"
*/
@@ -727,12 +694,6 @@ typedef struct _krb5_os_context {
char * default_ccname;
} *krb5_os_context;
-/* Get the current time of day plus a specified offset. */
-krb5_error_code k5_time_with_offset(krb5_timestamp offset,
- krb5_int32 offset_usec,
- krb5_timestamp *time_out,
- krb5_int32 *usec_out);
-
/*
* Flags for the os_flags field
*
@@ -757,23 +718,6 @@ krb5_error_code k5_time_with_offset(krb5_timestamp offset,
#define KRB5_LOCKMODE_UNLOCK 0x0008
/*
- * Define our view of the size of a DES key.
- */
-#define KRB5_MIT_DES_KEYSIZE 8
-#define KRB5_MIT_DES3_KEYSIZE 24
-#define KRB5_MIT_DES3_KEY_BYTES 21
-
-/*
- * Check if des_int.h has been included before us. If so, then check to see
- * that our view of the DES key size is the same as des_int.h's.
- */
-#ifdef MIT_DES_KEYSIZE
-#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
-error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif /* MIT_DES_KEYSIZE */
-
-/*
* Begin "preauth.h"
*
* (Originally written by Glen Machin at Sandia Labs.)
@@ -786,20 +730,6 @@ error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
#ifndef KRB5_PREAUTH__
#define KRB5_PREAUTH__
-#include <krb5/clpreauth_plugin.h>
-
-typedef struct k5_response_items_st k5_response_items;
-struct krb5_responder_context_st {
- k5_response_items *items;
-};
-
-typedef krb5_error_code
-(*krb5_gic_get_as_key_fct)(krb5_context, krb5_principal, krb5_enctype,
- krb5_prompter_fct, void *prompter_data,
- krb5_data *salt, krb5_data *s2kparams,
- krb5_keyblock *as_key, void *gak_data,
- k5_response_items *ritems);
-
typedef struct _krb5_pa_enc_ts {
krb5_timestamp patimestamp;
krb5_int32 pausec;
@@ -897,168 +827,23 @@ typedef struct _krb5_iakerb_finished {
krb5_checksum checksum;
} krb5_iakerb_finished;
-typedef krb5_error_code
-(*krb5_preauth_obtain_proc)(krb5_context, krb5_pa_data *,
- krb5_etype_info, krb5_keyblock *,
- krb5_error_code (*)(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer, krb5_creds *,
- krb5_kdc_req *, krb5_pa_data **);
-
-typedef krb5_error_code
-(*krb5_preauth_process_proc)(krb5_context, krb5_pa_data *, krb5_kdc_req *,
- krb5_kdc_rep *,
- krb5_error_code (*)(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_error_code (*)(krb5_context,
- const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ),
- krb5_keyblock **, krb5_creds *, krb5_int32 *,
- krb5_int32 *);
-
-typedef struct _krb5_preauth_ops {
- krb5_magic magic;
- int type;
- int flags;
- krb5_preauth_obtain_proc obtain;
- krb5_preauth_process_proc process;
-} krb5_preauth_ops;
-
krb5_pa_data *
krb5int_find_pa_data(krb5_context, krb5_pa_data *const *, krb5_preauthtype);
/* Does not return a copy; original padata sequence responsible for freeing*/
void krb5_free_etype_info(krb5_context, krb5_etype_info);
-/*
- * Preauthentication property flags
- */
-#define KRB5_PREAUTH_FLAGS_ENCRYPT 0x00000001
-#define KRB5_PREAUTH_FLAGS_HARDWARE 0x00000002
-
#endif /* KRB5_PREAUTH__ */
/*
* End "preauth.h"
*/
-/*
- * Extending the krb5_get_init_creds_opt structure. The original
- * krb5_get_init_creds_opt structure is defined publicly. The
- * new extended version is private. The original interface
- * assumed a pre-allocated structure which was passed to
- * krb5_get_init_creds_init(). The new interface assumes that
- * the caller will call krb5_get_init_creds_alloc() and
- * krb5_get_init_creds_free().
- *
- * Callers MUST NOT call krb5_get_init_creds_init() after allocating an
- * opts structure using krb5_get_init_creds_alloc(). To do so will
- * introduce memory leaks. Unfortunately, there is no way to enforce
- * this behavior.
- *
- * Two private flags are added for backward compatibility.
- * KRB5_GET_INIT_CREDS_OPT_EXTENDED says that the structure was allocated
- * with the new krb5_get_init_creds_opt_alloc() function.
- * KRB5_GET_INIT_CREDS_OPT_SHADOWED is set to indicate that the extended
- * structure is a shadow copy of an original krb5_get_init_creds_opt
- * structure.
- * If KRB5_GET_INIT_CREDS_OPT_SHADOWED is set after a call to
- * krb5int_gic_opt_to_opte(), the resulting extended structure should be
- * freed (using krb5_get_init_creds_free). Otherwise, the original
- * structure was already extended and there is no need to free it.
- */
-
-#define KRB5_GET_INIT_CREDS_OPT_EXTENDED 0x80000000
-#define KRB5_GET_INIT_CREDS_OPT_SHADOWED 0x40000000
-
-#define krb5_gic_opt_is_extended(s) \
- ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0)
-#define krb5_gic_opt_is_shadowed(s) \
- ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0)
-
-
-typedef struct _krb5_gic_opt_private {
- int num_preauth_data;
- krb5_gic_opt_pa_data *preauth_data;
- char * fast_ccache_name;
- krb5_ccache in_ccache;
- krb5_ccache out_ccache;
- krb5_flags fast_flags;
- krb5_expire_callback_func expire_cb;
- void *expire_data;
- krb5_responder_fn responder;
- void *responder_data;
-} krb5_gic_opt_private;
-
-/*
- * On the Mac, ensure that the layout of krb5_gic_opt_ext matches that
- * of krb5_get_init_creds_opt.
- */
-#if TARGET_OS_MAC
-# pragma pack(push,2)
-#endif
-
-typedef struct _krb5_gic_opt_ext {
- krb5_flags flags;
- krb5_deltat tkt_life;
- krb5_deltat renew_life;
- int forwardable;
- int proxiable;
- krb5_enctype *etype_list;
- int etype_list_length;
- krb5_address **address_list;
- krb5_preauthtype *preauth_list;
- int preauth_list_length;
- krb5_data *salt;
- /*
- * Do not change anything above this point in this structure.
- * It is identical to the public krb5_get_init_creds_opt structure.
- * New members must be added below.
- */
- krb5_gic_opt_private *opt_private;
-} krb5_gic_opt_ext;
-
-#if TARGET_OS_MAC
-# pragma pack(pop)
-#endif
-
-krb5_error_code
-krb5int_gic_opt_to_opte(krb5_context context, krb5_get_init_creds_opt *opt,
- krb5_gic_opt_ext **opte, unsigned int force,
- const char *where);
-
krb5_error_code
krb5int_copy_data_contents(krb5_context, const krb5_data *, krb5_data *);
krb5_error_code
krb5int_copy_data_contents_add0(krb5_context, const krb5_data *, krb5_data *);
-krb5_error_code
-krb5int_copy_creds_contents(krb5_context, const krb5_creds *, krb5_creds *);
-
-krb5_error_code KRB5_CALLCONV
-krb5int_get_init_creds(krb5_context context, krb5_creds *creds,
- krb5_principal client, krb5_prompter_fct prompter,
- void *prompter_data, krb5_deltat start_time,
- const char *in_tkt_service,
- krb5_get_init_creds_opt *options,
- krb5_gic_get_as_key_fct gak, void *gak_data,
- int *master, krb5_kdc_rep **as_reply);
-
-krb5_error_code
-krb5int_populate_gic_opt (krb5_context, krb5_get_init_creds_opt **,
- krb5_flags options, krb5_address *const *addrs,
- krb5_enctype *ktypes,
- krb5_preauthtype *pre_auth_types, krb5_creds *creds);
-
-
void KRB5_CALLCONV
krb5_free_sam_challenge_2(krb5_context, krb5_sam_challenge_2 *);
@@ -1100,9 +885,6 @@ krb5_free_pa_s4u_x509_user(krb5_context, krb5_pa_s4u_x509_user *);
void KRB5_CALLCONV
krb5_free_pa_pac_req(krb5_context, krb5_pa_pac_req * );
-void KRB5_CALLCONV
-krb5_free_etype_list(krb5_context, krb5_etype_list * );
-
void KRB5_CALLCONV krb5_free_fast_armor(krb5_context, krb5_fast_armor *);
void KRB5_CALLCONV krb5_free_fast_armored_req(krb5_context,
krb5_fast_armored_req *);
@@ -1961,57 +1743,11 @@ krb5_ser_unpack_bytes(krb5_octet *, size_t, krb5_octet **, size_t *);
krb5_error_code KRB5_CALLCONV
krb5int_cc_default(krb5_context, krb5_ccache *);
-krb5_error_code KRB5_CALLCONV
-krb5_cc_retrieve_cred_default(krb5_context, krb5_ccache, krb5_flags,
- krb5_creds *, krb5_creds *);
-
-krb5_error_code
-krb5int_build_conf_principals(krb5_context context, krb5_ccache id,
- krb5_const_principal principal,
- const char *name, krb5_creds *cred);
-
-krb5_boolean KRB5_CALLCONV
-krb5_creds_compare(krb5_context in_context, krb5_creds *in_creds,
- krb5_creds *in_compare_creds);
-
-void
-krb5int_set_prompt_types(krb5_context, krb5_prompt_type *);
-
-krb5_error_code
-krb5int_generate_and_save_subkey(krb5_context, krb5_auth_context,
- krb5_keyblock * /* Old keyblock, not new! */,
- krb5_enctype);
-
-struct srv_dns_entry {
- struct srv_dns_entry *next;
- int priority;
- int weight;
- unsigned short port;
- char *host;
-};
-
-#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1)
-
-#ifdef KRB5_DNS_LOOKUP
-krb5_error_code
-krb5int_make_srv_query_realm(const krb5_data *realm,
- const char *service,
- const char *protocol,
- struct srv_dns_entry **answers);
-void krb5int_free_srv_dns_data(struct srv_dns_entry *);
-#endif
-
/* value to use when requesting a keytab entry and KVNO doesn't matter */
#define IGNORE_VNO 0
/* value to use when requesting a keytab entry and enctype doesn't matter */
#define IGNORE_ENCTYPE 0
-/*
- * Convenience function for structure magic number
- */
-#define KRB5_VERIFY_MAGIC(structure,magic_number) \
- if ((structure)->magic != (magic_number)) return (magic_number);
-
/* to keep lint happy */
#define krb5_xfree(val) free((char *)(val))
@@ -2146,82 +1882,6 @@ typedef struct _krb5int_access {
krb5_error_code KRB5_CALLCONV
krb5int_accessor(krb5int_access*, krb5_int32);
-/* Ick -- some krb524 and krb4 support placed in the krb5 library,
- because AFS (and potentially other applications?) use the krb4
- object as an opaque token, which (in some implementations) is not
- in fact a krb4 ticket, so we don't want to drag in the krb4 support
- just to enable this. */
-
-#define KRB524_SERVICE "krb524"
-#define KRB524_PORT 4444
-
-/* temporary -- this should be under lib/krb5/ccache somewhere */
-
-struct _krb5_ccache {
- krb5_magic magic;
- const struct _krb5_cc_ops *ops;
- krb5_pointer data;
-};
-
-/*
- * Per-type ccache cursor.
- */
-struct krb5_cc_ptcursor_s {
- const struct _krb5_cc_ops *ops;
- krb5_pointer data;
-};
-typedef struct krb5_cc_ptcursor_s *krb5_cc_ptcursor;
-
-struct _krb5_cc_ops {
- krb5_magic magic;
- char *prefix;
- const char * (KRB5_CALLCONV *get_name)(krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *resolve)(krb5_context, krb5_ccache *,
- const char *);
- krb5_error_code (KRB5_CALLCONV *gen_new)(krb5_context, krb5_ccache *);
- krb5_error_code (KRB5_CALLCONV *init)(krb5_context, krb5_ccache,
- krb5_principal);
- krb5_error_code (KRB5_CALLCONV *destroy)(krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *close)(krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *store)(krb5_context, krb5_ccache,
- krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *retrieve)(krb5_context, krb5_ccache,
- krb5_flags, krb5_creds *,
- krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *get_princ)(krb5_context, krb5_ccache,
- krb5_principal *);
- krb5_error_code (KRB5_CALLCONV *get_first)(krb5_context, krb5_ccache,
- krb5_cc_cursor *);
- krb5_error_code (KRB5_CALLCONV *get_next)(krb5_context, krb5_ccache,
- krb5_cc_cursor *, krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *end_get)(krb5_context, krb5_ccache,
- krb5_cc_cursor *);
- krb5_error_code (KRB5_CALLCONV *remove_cred)(krb5_context, krb5_ccache,
- krb5_flags, krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *set_flags)(krb5_context, krb5_ccache,
- krb5_flags);
- krb5_error_code (KRB5_CALLCONV *get_flags)(krb5_context, krb5_ccache,
- krb5_flags *);
- krb5_error_code (KRB5_CALLCONV *ptcursor_new)(krb5_context,
- krb5_cc_ptcursor *);
- krb5_error_code (KRB5_CALLCONV *ptcursor_next)(krb5_context,
- krb5_cc_ptcursor,
- krb5_ccache *);
- krb5_error_code (KRB5_CALLCONV *ptcursor_free)(krb5_context,
- krb5_cc_ptcursor *);
- krb5_error_code (KRB5_CALLCONV *move)(krb5_context, krb5_ccache,
- krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *lastchange)(krb5_context,
- krb5_ccache, krb5_timestamp *);
- krb5_error_code (KRB5_CALLCONV *wasdefault)(krb5_context, krb5_ccache,
- krb5_timestamp *);
- krb5_error_code (KRB5_CALLCONV *lock)(krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *unlock)(krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *switch_to)(krb5_context, krb5_ccache);
-};
-
-extern const krb5_cc_ops *krb5_cc_dfl_ops;
-
typedef struct _krb5_donot_replay {
krb5_magic magic;
krb5_ui_4 hash;
@@ -2310,10 +1970,6 @@ typedef struct _krb5_kt_ops {
const krb5_ser_entry *serializer;
} krb5_kt_ops;
-extern const krb5_kt_ops krb5_kt_dfl_ops;
-
-extern krb5_error_code krb5int_translate_gai_error(int);
-
/* Not sure it's ready for exposure just yet. */
extern krb5_error_code
krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *);
@@ -2323,10 +1979,6 @@ krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *);
*/
#define KRB5_REFERRAL_MAXHOPS 10
-/* Common hostname-parsing code. */
-krb5_error_code
-krb5int_clean_hostname(krb5_context, const char *, char *, size_t);
-
struct _krb5_kt { /* should move into k5-int.h */
krb5_magic magic;
const struct _krb5_kt_ops *ops;
@@ -2378,9 +2030,6 @@ krb5_error_code KRB5_CALLCONV krb5_kt_register(krb5_context,
krb5_error_code k5_kt_get_principal(krb5_context context, krb5_keytab keytab,
krb5_principal *princ_out);
-krb5_error_code k5_kt_client_default_name(krb5_context context,
- char **name_out);
-
krb5_error_code krb5_principal2salt_norealm(krb5_context, krb5_const_principal,
krb5_data *);
@@ -2437,10 +2086,6 @@ krb5_error_code krb5_walk_realm_tree(krb5_context, const krb5_data *,
int);
krb5_error_code
-k5_client_realm_path(krb5_context context, const krb5_data *client,
- const krb5_data *server, krb5_data **rpath_out);
-
-krb5_error_code
krb5_auth_con_set_safe_cksumtype(krb5_context, krb5_auth_context,
krb5_cksumtype);
@@ -2470,15 +2115,8 @@ krb5_auth_con_set_authdata_context(krb5_context context,
krb5_auth_context auth_context,
krb5_authdata_context ad_context);
-krb5_error_code KRB5_CALLCONV
-krb5int_server_decrypt_ticket_keyblock(krb5_context context,
- const krb5_keyblock *key,
- krb5_ticket *ticket);
-
krb5_error_code krb5_read_message(krb5_context, krb5_pointer, krb5_data *);
krb5_error_code krb5_write_message(krb5_context, krb5_pointer, krb5_data *);
-krb5_error_code krb5int_write_messages(krb5_context, krb5_pointer, krb5_data *,
- int);
int krb5_net_read(krb5_context, int , char *, int);
int krb5_net_write(krb5_context, int , const char *, int);
@@ -2617,10 +2255,6 @@ krb5_error_code krb5int_parse_enctype_list(krb5_context context,
krb5_enctype *default_list,
krb5_enctype **result);
-/* Utility functions for zero-terminated enctype lists. */
-size_t k5_count_etypes(const krb5_enctype *list);
-krb5_error_code k5_copy_etypes(const krb5_enctype *old_list,
- krb5_enctype **new_list);
krb5_boolean k5_etypes_contains(const krb5_enctype *list, krb5_enctype etype);
#ifdef DEBUG_ERROR_LOCATIONS
@@ -2635,9 +2269,4 @@ krb5_set_error_message_fl(krb5_context ctx, krb5_error_code code,
#endif
;
-#ifndef DISABLE_TRACING
-/* Do not use these functions directly; see k5-trace.h. */
-void krb5int_init_trace(krb5_context context);
-#endif
-
#endif /* _KRB5_INT_H */
generated by cgit (git 2.34.1) at 2026-01-06 05:15:20 +0000