Rename and add to etype utility functions

Rename krb5int_count_etypes and krb5int_copy_etypes to have k5_
prefixes, and make them available outside of libkrb5 (but not part of
the public API).  Add k5_etypes_contains to search an etype list, and
use it in krb5_is_permitted_enctype.

src/include/k5-int.h

@@ -2579,6 +2579,12 @@ krb5_error_code krb5int_parse_enctype_list(krb5_context context,
                                            krb5_enctype *default_list,
                                            krb5_enctype **result);
 
+/* Utility functions for zero-terminated enctype lists. */
+size_t k5_count_etypes(const krb5_enctype *list);
+krb5_error_code k5_copy_etypes(const krb5_enctype *old_list,
+                               krb5_enctype **new_list);
+krb5_boolean k5_etypes_contains(const krb5_enctype *list, krb5_enctype etype);
+
 #ifdef DEBUG_ERROR_LOCATIONS
 #define krb5_set_error_message(ctx, code, ...)                          \
     krb5_set_error_message_fl(ctx, code, __FILE__, __LINE__, __VA_ARGS__)

src/lib/krb5/ccache/cc_retr.c

@@ -277,7 +277,7 @@ krb5_cc_retrieve_cred_default (krb5_context context, krb5_ccache id, krb5_flags
         ret = krb5_get_tgs_ktypes (context, mcreds->server, &ktypes);
         if (ret)
             return ret;
-        nktypes = krb5int_count_etypes (ktypes);
+        nktypes = k5_count_etypes (ktypes);
 
         ret = krb5_cc_retrieve_cred_seq (context, id, flags, mcreds, creds,
                                          nktypes, ktypes);

src/lib/krb5/krb/auth_con.c

@@ -381,7 +381,7 @@ krb5_auth_con_setpermetypes(krb5_context context,
     krb5_enctype *newpe;
     krb5_error_code ret;
 
-    ret = krb5int_copy_etypes(permetypes, &newpe);
+    ret = k5_copy_etypes(permetypes, &newpe);
     if (ret != 0)
         return ret;
 
@@ -398,7 +398,7 @@ krb5_auth_con_getpermetypes(krb5_context context,
     *permetypes = NULL;
     if (auth_context->permitted_etypes == NULL)
         return 0;
-    return krb5int_copy_etypes(auth_context->permitted_etypes, permetypes);
+    return k5_copy_etypes(auth_context->permitted_etypes, permetypes);
 }
 
 krb5_error_code KRB5_CALLCONV

src/lib/krb5/krb/copy_ctx.c

@@ -85,10 +85,10 @@ krb5_copy_context(krb5_context ctx, krb5_context *nctx_out)
 
     memset(&nctx->err, 0, sizeof(nctx->err));
 
-    ret = krb5int_copy_etypes(ctx->in_tkt_etypes, &nctx->in_tkt_etypes);
+    ret = k5_copy_etypes(ctx->in_tkt_etypes, &nctx->in_tkt_etypes);
     if (ret)
         goto errout;
-    ret = krb5int_copy_etypes(ctx->tgs_etypes, &nctx->tgs_etypes);
+    ret = k5_copy_etypes(ctx->tgs_etypes, &nctx->tgs_etypes);
     if (ret)
         goto errout;
 

src/lib/krb5/krb/etype_list.c

@@ -33,7 +33,7 @@
 #include "int-proto.h"
 
 size_t
-krb5int_count_etypes(const krb5_enctype *list)
+k5_count_etypes(const krb5_enctype *list)
 {
     size_t count;
 
@@ -43,17 +43,26 @@ krb5int_count_etypes(const krb5_enctype *list)
 
 /* Copy the zero-terminated enctype list old_list into *new_list. */
 krb5_error_code
-krb5int_copy_etypes(const krb5_enctype *old_list, krb5_enctype **new_list)
+k5_copy_etypes(const krb5_enctype *old_list, krb5_enctype **new_list)
 {
     size_t count;
     krb5_enctype *list;
 
     *new_list = NULL;
-    count = krb5int_count_etypes(old_list);
+    count = k5_count_etypes(old_list);
     list = malloc(sizeof(krb5_enctype) * (count + 1));
     if (list == NULL)
         return ENOMEM;
     memcpy(list, old_list, sizeof(krb5_enctype) * (count + 1));
     *new_list = list;
     return 0;
 }
+
+krb5_boolean
+k5_etypes_contains(const krb5_enctype *list, krb5_enctype etype)
+{
+    size_t i;
+
+    for (i = 0; list[i] && list[i] != etype; i++);
+    return (list[i] == etype);
+}

src/lib/krb5/krb/get_in_tkt.c

@@ -906,7 +906,7 @@ krb5_init_creds_init(krb5_context context,
                ctx->request->nktypes * sizeof(krb5_enctype));
     } else if (krb5_get_default_in_tkt_ktypes(context,
                                               &ctx->request->ktype) == 0) {
-        ctx->request->nktypes = krb5int_count_etypes(ctx->request->ktype);
+        ctx->request->nktypes = k5_count_etypes(ctx->request->ktype);
     } else {
         /* there isn't any useful default here. */
         code = KRB5_CONFIG_ETYPE_NOSUPP;
@@ -1679,7 +1679,7 @@ krb5int_populate_gic_opt(krb5_context context, krb5_get_init_creds_opt **out,
     if (addrs)
         krb5_get_init_creds_opt_set_address_list(opt, (krb5_address **) addrs);
     if (ktypes) {
-        i = krb5int_count_etypes(ktypes);
+        i = k5_count_etypes(ktypes);
         if (i)
             krb5_get_init_creds_opt_set_etype_list(opt, ktypes, i);
     }

src/lib/krb5/krb/init_ctx.c

@@ -329,7 +329,7 @@ set_default_etype_var(krb5_context context, const krb5_enctype *etypes,
         /* Empty list passed in. */
         if (etypes[0] == 0)
             return EINVAL;
-        code = krb5int_copy_etypes(etypes, &list);
+        code = k5_copy_etypes(etypes, &list);
         if (code)
             return code;
 
@@ -508,7 +508,7 @@ get_profile_etype_list(krb5_context context, krb5_enctype **etypes_ptr,
 
     if (ctx_list) {
         /* Use application defaults. */
-        code = krb5int_copy_etypes(ctx_list, &etypes);
+        code = k5_copy_etypes(ctx_list, &etypes);
         if (code)
             return code;
     } else {
@@ -577,20 +577,12 @@ krb5_get_permitted_enctypes(krb5_context context, krb5_enctype **ktypes)
 krb5_boolean
 krb5_is_permitted_enctype(krb5_context context, krb5_enctype etype)
 {
-    krb5_enctype *list, *ptr;
+    krb5_enctype *list;
     krb5_boolean ret;
 
     if (krb5_get_permitted_enctypes(context, &list))
-        return(0);
-
-
-    ret = 0;
-
-    for (ptr = list; *ptr; ptr++)
-        if (*ptr == etype)
-            ret = 1;
-
-    krb5_free_ktypes (context, list);
-
-    return(ret);
+        return FALSE;
+    ret = k5_etypes_contains(list, etype);
+    krb5_free_ktypes(context, list);
+    return ret;
 }

src/lib/krb5/krb/int-proto.h

@@ -160,11 +160,6 @@ krb5_error_code krb5int_decode_tgs_rep(krb5_context,
                                        const krb5_keyblock *, krb5_keyusage,
                                        krb5_kdc_rep ** );
 
-/* Utility functions for zero-terminated enctype lists. */
-size_t krb5int_count_etypes(const krb5_enctype *list);
-krb5_error_code krb5int_copy_etypes(const krb5_enctype *old_list,
-                                    krb5_enctype **new_list);
-
 krb5_error_code
 krb5int_validate_times(krb5_context, krb5_ticket_times *);
 

src/lib/krb5/krb/rd_req_dec.c

@@ -494,7 +494,7 @@ rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context,
             if (retval != 0)
                 goto cleanup;
         }
-        permitted_etypes_len = krb5int_count_etypes(permitted_etypes);
+        permitted_etypes_len = k5_count_etypes(permitted_etypes);
     } else {
         permitted_etypes = NULL;
         permitted_etypes_len = 0;

src/lib/krb5/krb/ser_ctx.c

@@ -100,7 +100,7 @@ static const krb5_ser_entry krb5_profile_ser_entry = {
 static inline unsigned int
 etypes_len(krb5_enctype *list)
 {
-    return (list == NULL) ? 0 : krb5int_count_etypes(list);
+    return (list == NULL) ? 0 : k5_count_etypes(list);
 }
 
 /*

src/lib/krb5/libkrb5.exports

@@ -98,6 +98,9 @@ initialize_k5e1_error_table
 initialize_kv5m_error_table
 initialize_prof_error_table
 k5_ccselect_free_context
+k5_copy_etypes
+k5_count_etypes
+k5_etypes_contains
 k5_free_serverlist
 k5_kt_get_principal
 k5_locate_kdc