7 files changed, 47 insertions, 52 deletions

diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 9217174f2..e6f84562e 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -2218,7 +2218,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
 /* To keep happy libraries which are (for now) accessing internal stuff */
 
 /* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 14
+#define KRB5INT_ACCESS_STRUCT_VERSION 15
 
 #ifndef ANAME_SZ
 struct ktext;			/* from krb.h, for krb524 support */
@@ -2227,11 +2227,13 @@ typedef struct _krb5int_access {
     /* crypto stuff */
     const struct krb5_hash_provider *md5_hash_provider;
     const struct krb5_enc_provider *arcfour_enc_provider;
-    krb5_error_code (* krb5int_hmac) (const struct krb5_hash_provider *hash,
-				   const krb5_keyblock *key,
-				   unsigned int icount, const krb5_data *input,
-				   krb5_data *output);
-    krb5_error_code (* krb5_auth_con_get_subkey_enctype)(krb5_context, krb5_auth_context, krb5_enctype *);
+    krb5_error_code (*hmac)(const struct krb5_hash_provider *hash,
+			    const krb5_keyblock *key,
+			    unsigned int icount, const krb5_data *input,
+			    krb5_data *output);
+    krb5_error_code (*auth_con_get_subkey_enctype)(krb5_context,
+						   krb5_auth_context,
+						   krb5_enctype *);
     /* service location and communication */
     krb5_error_code (*sendto_udp) (krb5_context, const krb5_data *msg,
 				   const struct addrlist *, struct sendto_callback_info*, krb5_data *reply,
@@ -2253,16 +2255,12 @@ typedef struct _krb5int_access {
     int (*use_dns_kdc)(krb5_context);
     krb5_error_code (*clean_hostname)(krb5_context, const char *, char *, size_t);
 
-    /* krb4 compatibility stuff -- may be null if not enabled */
-    krb5_int32 (*krb_life_to_time)(krb5_int32, int);
-    int (*krb_time_to_life)(krb5_int32, krb5_int32);
-    int (*krb524_encode_v4tkt)(struct ktext *, char *, unsigned int *);
-    krb5_error_code (*krb5int_c_mandatory_cksumtype)
-        (krb5_context, krb5_enctype, krb5_cksumtype *);
-    krb5_error_code (KRB5_CALLCONV *krb5_ser_pack_int64)
-        (krb5_int64, krb5_octet **, size_t *);
-    krb5_error_code (KRB5_CALLCONV *krb5_ser_unpack_int64)
-        (krb5_int64 *, krb5_octet **, size_t *);
+    krb5_error_code (*mandatory_cksumtype)(krb5_context, krb5_enctype,
+					   krb5_cksumtype *);
+    krb5_error_code (KRB5_CALLCONV *ser_pack_int64)(krb5_int64, krb5_octet **,
+						    size_t *);
+    krb5_error_code (KRB5_CALLCONV *ser_unpack_int64)(krb5_int64 *,
+						      krb5_octet **, size_t *);
 
     /* Used for KDB LDAP back end.  */
     krb5_error_code
@@ -2342,9 +2340,9 @@ typedef struct _krb5int_access {
 	(const krb5_data *output, krb5_kdc_req **rep);
     krb5_error_code (*encode_krb5_kdc_req_body)
 	(const krb5_kdc_req *rep, krb5_data **code);
-    void (KRB5_CALLCONV *krb5_free_kdc_req)
+    void (KRB5_CALLCONV *free_kdc_req)
 	(krb5_context, krb5_kdc_req * );
-    void (*krb5int_set_prompt_types)
+    void (*set_prompt_types)
 	(krb5_context, krb5_prompt_type *);
     krb5_error_code (*encode_krb5_authdata_elt)
 	(const krb5_authdata *rep, krb5_data **code);
diff --git a/src/lib/crypto/crypto_tests/t_hmac.c b/src/lib/crypto/crypto_tests/t_hmac.c
index 30830d617..d09adb080 100644
--- a/src/lib/crypto/crypto_tests/t_hmac.c
+++ b/src/lib/crypto/crypto_tests/t_hmac.c
@@ -122,7 +122,7 @@ static krb5_error_code hmac1(const struct krb5_hash_provider *h,
     }
     printd(" hmac input", in);
     krb5_k_create_key(NULL, key, &k);
-    err = krb5_hmac(h, k, 1, in, out);
+    err = krb5int_hmac(h, k, 1, in, out);
     krb5_k_free_key(NULL, k);
     if (err == 0)
 	printd(" hmac output", out);
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index b6c216d58..ccfdb5c1c 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -988,9 +988,9 @@ kg_accept_krb5(minor_status, context_handle,
         if (ctx->proto == 0 &&
             (ctx->gss_flags & GSS_C_DCE_STYLE) == 0 &&
             (ap_req_options & AP_OPTS_USE_SUBKEY)) {
-            code = (*kaccess.krb5_auth_con_get_subkey_enctype) (context,
-                                                                auth_context,
-                                                                &negotiated_etype);
+            code = (*kaccess.auth_con_get_subkey_enctype)(context,
+                                                          auth_context,
+                                                          &negotiated_etype);
             if (code != 0) {
                 major_status = GSS_S_FAILURE;
                 goto fail;
diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c
index bdcd7685e..4987b2e9c 100644
--- a/src/lib/gssapi/krb5/ser_sctx.c
+++ b/src/lib/gssapi/krb5/ser_sctx.c
@@ -433,10 +433,10 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain)
                                        &bp, &remain);
             (void) krb5_ser_pack_int32((krb5_int32) ctx->krb_flags,
                                        &bp, &remain);
-            (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_send,
-                                                  &bp, &remain);
-            (void) (*kaccess.krb5_ser_pack_int64)((krb5_int64) ctx->seq_recv,
-                                                  &bp, &remain);
+            (void) (*kaccess.ser_pack_int64)((krb5_int64) ctx->seq_send,
+                                             &bp, &remain);
+            (void) (*kaccess.ser_pack_int64)((krb5_int64) ctx->seq_recv,
+                                             &bp, &remain);
 
             /* Now dynamic data */
             kret = 0;
@@ -644,8 +644,10 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain)
             ctx->krb_times.renew_till = (krb5_timestamp) ibuf;
             (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain);
             ctx->krb_flags = (krb5_flags) ibuf;
-            (void) (*kaccess.krb5_ser_unpack_int64)((krb5_int64 *)&ctx->seq_send, &bp, &remain);
-            kret = (*kaccess.krb5_ser_unpack_int64)((krb5_int64 *)&ctx->seq_recv, &bp, &remain);
+            (void) (*kaccess.ser_unpack_int64)((krb5_int64 *)&ctx->seq_send,
+                                               &bp, &remain);
+            kret = (*kaccess.ser_unpack_int64)((krb5_int64 *)&ctx->seq_recv,
+                                               &bp, &remain);
             if (kret) {
                 free(ctx);
                 return kret;
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
index 0f712ea46..e0970865b 100644
--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
@@ -119,9 +119,8 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
     if (code != 0)
         return code;
 
-    code = (*kaccess.krb5int_c_mandatory_cksumtype)(context,
-                                                    subkey->keyblock.enctype,
-                                                    cksumtype);
+    code = (*kaccess.mandatory_cksumtype)(context, subkey->keyblock.enctype,
+                                          cksumtype);
     if (code != 0)
         return code;
 
@@ -321,8 +320,8 @@ kg_arcfour_docrypt(const krb5_keyblock *longterm_key , int ms_usage,
     input.length = i;
     output.data = (void *) usage_key.contents;
     output.length = usage_key.length;
-    code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
-                                 longterm_key, 1, &input, &output);
+    code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1,
+                           &input, &output);
     if (code)
         goto cleanup_arcfour;
     if (exportable)
@@ -331,8 +330,8 @@ kg_arcfour_docrypt(const krb5_keyblock *longterm_key , int ms_usage,
     input.data = ( void *) kd_data;
     input.length = kd_data_len;
     output.data = (void *) seq_enc_key.contents;
-    code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
-                                 &usage_key, 1, &input, &output);
+    code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1,
+                           &input, &output);
     if (code)
         goto cleanup_arcfour;
     input.data = ( void * ) input_buf;
@@ -667,8 +666,8 @@ kg_arcfour_docrypt_iov(krb5_context context,
     input.length = i;
     output.data = (void *) usage_key.contents;
     output.length = usage_key.length;
-    code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
-                                 longterm_key, 1, &input, &output);
+    code = (*kaccess.hmac)(kaccess.md5_hash_provider, longterm_key, 1,
+                           &input, &output);
     if (code)
         goto cleanup_arcfour;
     if (exportable)
@@ -677,8 +676,8 @@ kg_arcfour_docrypt_iov(krb5_context context,
     input.data = ( void *) kd_data;
     input.length = kd_data_len;
     output.data = (void *) seq_enc_key.contents;
-    code = (*kaccess.krb5int_hmac) (kaccess.md5_hash_provider,
-                                 &usage_key, 1, &input, &output);
+    code = (*kaccess.hmac)(kaccess.md5_hash_provider, &usage_key, 1,
+                           &input, &output);
     if (code)
         goto cleanup_arcfour;
 
diff --git a/src/lib/krb5/os/accessor.c b/src/lib/krb5/os/accessor.c
index 6df7e1100..a051736b5 100644
--- a/src/lib/krb5/os/accessor.c
+++ b/src/lib/krb5/os/accessor.c
@@ -52,8 +52,8 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version)
 	    krb5int_access internals_temp;
 #endif
 	    S (free_addrlist, krb5int_free_addrlist),
-	    S (krb5int_hmac, krb5int_hmac_keyblock),
-	    S (krb5_auth_con_get_subkey_enctype, krb5_auth_con_get_subkey_enctype),
+	    S (hmac, krb5int_hmac_keyblock),
+	    S (auth_con_get_subkey_enctype, krb5_auth_con_get_subkey_enctype),
 	    S (md5_hash_provider, &krb5int_hash_md5),
 	    S (arcfour_enc_provider, &krb5int_enc_arcfour),
 	    S (sendto_udp, &krb5int_sendto),
@@ -70,18 +70,14 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version)
 #undef SC
 	    S (clean_hostname, krb5int_clean_hostname),
 
-	    S (krb_life_to_time, 0),
-	    S (krb_time_to_life, 0),
-	    S (krb524_encode_v4tkt, 0),
-
-	    S (krb5int_c_mandatory_cksumtype, krb5int_c_mandatory_cksumtype),
+	    S (mandatory_cksumtype, krb5int_c_mandatory_cksumtype),
 #ifndef LEAN_CLIENT
 #define SC(FIELD, VAL)	S(FIELD, VAL)
 #else /* disable */
 #define SC(FIELD, VAL)	S(FIELD, 0)
 #endif
-	    SC (krb5_ser_pack_int64, krb5_ser_pack_int64),
-	    SC (krb5_ser_unpack_int64, krb5_ser_unpack_int64),
+	    SC (ser_pack_int64, krb5_ser_pack_int64),
+	    SC (ser_unpack_int64, krb5_ser_unpack_int64),
 #undef SC
 
 #ifdef ENABLE_LDAP
@@ -125,8 +121,8 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version)
 	    SC (decode_krb5_td_dh_parameters, decode_krb5_td_dh_parameters),
 	    SC (decode_krb5_as_req, decode_krb5_as_req),
 	    SC (encode_krb5_kdc_req_body, encode_krb5_kdc_req_body),
-	    SC (krb5_free_kdc_req, krb5_free_kdc_req),
-	    SC (krb5int_set_prompt_types, krb5int_set_prompt_types),
+	    SC (free_kdc_req, krb5_free_kdc_req),
+	    SC (set_prompt_types, krb5int_set_prompt_types),
 	    SC (encode_krb5_authdata_elt, encode_krb5_authdata_elt),
 #undef SC
 
diff --git a/src/plugins/preauth/pkinit/pkinit_accessor.c b/src/plugins/preauth/pkinit/pkinit_accessor.c
index e954ca361..e310b0040 100644
--- a/src/plugins/preauth/pkinit/pkinit_accessor.c
+++ b/src/plugins/preauth/pkinit/pkinit_accessor.c
@@ -111,8 +111,8 @@ k5int_decode_##type = k5int.decode_##type;
     k5int_decode_krb5_principal_name = k5int.decode_krb5_principal_name;
     k5int_decode_krb5_as_req = k5int.decode_krb5_as_req;
     k5int_encode_krb5_kdc_req_body = k5int.encode_krb5_kdc_req_body;
-    k5int_krb5_free_kdc_req = k5int.krb5_free_kdc_req;
-    k5int_set_prompt_types = k5int.krb5int_set_prompt_types;
+    k5int_krb5_free_kdc_req = k5int.free_kdc_req;
+    k5int_set_prompt_types = k5int.set_prompt_types;
     k5int_encode_krb5_authdata_elt = k5int.encode_krb5_authdata_elt;
     return 0;
 }