Skip to content

Commit

Permalink
Move a bunch of stuff out of k5-int.h
Browse files Browse the repository at this point in the history 
Move internal declarations from k5-int.h to more localized headers
(like int-proto.h) where appropriate.  Rename many symbols whose
prototypes were moved to use the k5_ prefix instead of krb5int_.
Remove some unused declarations or move them to the single source file
they were needed in.  Remove krb5_creds_compare since it isn't used
any more.
  • Loading branch information
@greghudson
greghudson committed Mar 24, 2013
1 parent 81fde7e commit 6c8fed1
Show file tree
Hide file tree
Showing 60 changed files with 455 additions and 728 deletions.
371 changes: 0 additions & 371 deletions src/include/k5-int.h
View file

Large diffs are not rendered by default.

3 changes: 0 additions & 3 deletions src/kdc/kdc_util.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,9 +371,6 @@ kdc_handle_protected_negotiation( krb5_context context,
krb5_data *req_pkt, krb5_kdc_req *request,
const krb5_keyblock *reply_key,
krb5_pa_data ***out_enc_padata);
krb5_error_code
krb5int_get_domain_realm_mapping(krb5_context context,
const char *host, char ***realmsp);

/* Information handle for kdcpreauth callbacks. All pointers are aliases. */
struct krb5_kdcpreauth_rock_st {
Expand Down
9 changes: 0 additions & 9 deletions src/lib/crypto/builtin/des/des_int.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,15 +137,6 @@ typedef struct mit_des_ran_key_seed {

#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))

/*
* Check if k5-int.h has been included before us. If so, then check to see
* that our view of the DES key size is the same as k5-int.h's.
*/
#ifdef KRB5_MIT_DES_KEYSIZE
#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
#endif /* KRB5_MIT_DES_KEYSIZE */
#endif /* KRB5_MIT_DES__ */
/*
* End "mit-des.h"
Expand Down
2 changes: 1 addition & 1 deletion src/lib/crypto/nss/enc_provider/des.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ k5_des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data,

const struct krb5_enc_provider krb5int_enc_des = {
8,
7, KRB5_MIT_DES_KEYSIZE,
7, 8,
k5_des_encrypt_iov,
k5_des_decrypt_iov,
k5_des_cbc_mac,
Expand Down
2 changes: 1 addition & 1 deletion src/lib/crypto/nss/enc_provider/des3.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ k5_des3_decrypt_iov(krb5_key key, const krb5_data *ivec,

const struct krb5_enc_provider krb5int_enc_des3 = {
8,
21, KRB5_MIT_DES3_KEYSIZE,
21, 24,
k5_des3_encrypt_iov,
k5_des3_decrypt_iov,
NULL,
Expand Down
69 changes: 69 additions & 0 deletions src/lib/krb5/ccache/cc-int.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,16 @@

#include "k5-int.h"

struct _krb5_ccache {
krb5_magic magic;
const struct _krb5_cc_ops *ops;
krb5_pointer data;
};

krb5_error_code
k5_cc_retrieve_cred_default(krb5_context, krb5_ccache, krb5_flags,
krb5_creds *, krb5_creds *);

krb5_boolean
krb5int_cc_creds_match_request(krb5_context, krb5_flags whichfields, krb5_creds *mcreds, krb5_creds *creds);

Expand Down Expand Up @@ -123,4 +133,63 @@ krb5_error_code
ccselect_k5identity_initvt(krb5_context context, int maj_ver, int min_ver,
krb5_plugin_vtable vtable);

/*
* Per-type ccache cursor.
*/
struct krb5_cc_ptcursor_s {
const struct _krb5_cc_ops *ops;
krb5_pointer data;
};
typedef struct krb5_cc_ptcursor_s *krb5_cc_ptcursor;

struct _krb5_cc_ops {
krb5_magic magic;
char *prefix;
const char * (KRB5_CALLCONV *get_name)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *resolve)(krb5_context, krb5_ccache *,
const char *);
krb5_error_code (KRB5_CALLCONV *gen_new)(krb5_context, krb5_ccache *);
krb5_error_code (KRB5_CALLCONV *init)(krb5_context, krb5_ccache,
krb5_principal);
krb5_error_code (KRB5_CALLCONV *destroy)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *close)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *store)(krb5_context, krb5_ccache,
krb5_creds *);
krb5_error_code (KRB5_CALLCONV *retrieve)(krb5_context, krb5_ccache,
krb5_flags, krb5_creds *,
krb5_creds *);
krb5_error_code (KRB5_CALLCONV *get_princ)(krb5_context, krb5_ccache,
krb5_principal *);
krb5_error_code (KRB5_CALLCONV *get_first)(krb5_context, krb5_ccache,
krb5_cc_cursor *);
krb5_error_code (KRB5_CALLCONV *get_next)(krb5_context, krb5_ccache,
krb5_cc_cursor *, krb5_creds *);
krb5_error_code (KRB5_CALLCONV *end_get)(krb5_context, krb5_ccache,
krb5_cc_cursor *);
krb5_error_code (KRB5_CALLCONV *remove_cred)(krb5_context, krb5_ccache,
krb5_flags, krb5_creds *);
krb5_error_code (KRB5_CALLCONV *set_flags)(krb5_context, krb5_ccache,
krb5_flags);
krb5_error_code (KRB5_CALLCONV *get_flags)(krb5_context, krb5_ccache,
krb5_flags *);
krb5_error_code (KRB5_CALLCONV *ptcursor_new)(krb5_context,
krb5_cc_ptcursor *);
krb5_error_code (KRB5_CALLCONV *ptcursor_next)(krb5_context,
krb5_cc_ptcursor,
krb5_ccache *);
krb5_error_code (KRB5_CALLCONV *ptcursor_free)(krb5_context,
krb5_cc_ptcursor *);
krb5_error_code (KRB5_CALLCONV *move)(krb5_context, krb5_ccache,
krb5_ccache);
krb5_error_code (KRB5_CALLCONV *lastchange)(krb5_context,
krb5_ccache, krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *wasdefault)(krb5_context, krb5_ccache,
krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *lock)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *unlock)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *switch_to)(krb5_context, krb5_ccache);
};

extern const krb5_cc_ops *krb5_cc_dfl_ops;

#endif /* __KRB5_CCACHE_H__ */
4 changes: 2 additions & 2 deletions src/lib/krb5/ccache/cc_file.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2178,8 +2178,8 @@ krb5_fcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *pri
static krb5_error_code KRB5_CALLCONV
krb5_fcc_retrieve(krb5_context context, krb5_ccache id, krb5_flags whichfields, krb5_creds *mcreds, krb5_creds *creds)
{
return krb5_cc_retrieve_cred_default (context, id, whichfields,
mcreds, creds);
return k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
}


Expand Down
4 changes: 2 additions & 2 deletions src/lib/krb5/ccache/cc_keyring.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -968,8 +968,8 @@ krb5_krcc_retrieve(krb5_context context, krb5_ccache id,
{
DEBUG_PRINT(("krb5_krcc_retrieve: entered\n"));

return krb5_cc_retrieve_cred_default(context, id, whichfields,
mcreds, creds);
return k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
}

/*
Expand Down
7 changes: 4 additions & 3 deletions src/lib/krb5/ccache/cc_memory.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
*/

#include "cc-int.h"
#include "../krb/int-proto.h"
#include <errno.h>

static krb5_error_code KRB5_CALLCONV krb5_mcc_close
Expand Down Expand Up @@ -383,7 +384,7 @@ krb5_mcc_next_cred(krb5_context context, krb5_ccache id,
return KRB5_CC_END;
memset(creds, 0, sizeof(krb5_creds));
if (mcursor->creds) {
retval = krb5int_copy_creds_contents(context, mcursor->creds, creds);
retval = k5_copy_creds_contents(context, mcursor->creds, creds);
if (retval)
return retval;
}
Expand Down Expand Up @@ -607,8 +608,8 @@ krb5_error_code KRB5_CALLCONV
krb5_mcc_retrieve(krb5_context context, krb5_ccache id, krb5_flags whichfields,
krb5_creds *mcreds, krb5_creds *creds)
{
return krb5_cc_retrieve_cred_default (context, id, whichfields,
mcreds, creds);
return k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
}

/*
Expand Down
8 changes: 5 additions & 3 deletions src/lib/krb5/ccache/cc_mslsa.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2488,7 +2488,8 @@ krb5_lcc_retrieve(krb5_context context, krb5_ccache id, krb5_flags whichfields,
memset(&fetchcreds, 0, sizeof(krb5_creds));

/* first try to find out if we have an existing ticket which meets the requirements */
kret = krb5_cc_retrieve_cred_default (context, id, whichfields, mcreds, creds);
kret = k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
/* This sometimes returns a zero-length ticket; work around it. */
if ( !kret && creds->ticket.length > 0 )
return KRB5_OK;
Expand All @@ -2506,7 +2507,8 @@ krb5_lcc_retrieve(krb5_context context, krb5_ccache id, krb5_flags whichfields,
}

/* try again to find out if we have an existing ticket which meets the requirements */
kret = krb5_cc_retrieve_cred_default (context, id, whichfields, mcreds, creds);
kret = k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
/* This sometimes returns a zero-length ticket; work around it. */
if ( !kret && creds->ticket.length > 0 )
goto cleanup;
Expand Down Expand Up @@ -2570,7 +2572,7 @@ krb5_lcc_retrieve(krb5_context context, krb5_ccache id, krb5_flags whichfields,


/* check to see if this ticket matches the request using logic from
* krb5_cc_retrieve_cred_default()
* k5_cc_retrieve_cred_default()
*/
if ( krb5int_cc_creds_match_request(context, whichfields, mcreds, &fetchcreds) ) {
*creds = fetchcreds;
Expand Down
95 changes: 4 additions & 91 deletions src/lib/krb5/ccache/cc_retr.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -266,8 +266,10 @@ krb5_cc_retrieve_cred_seq (krb5_context context, krb5_ccache id,
return nomatch_err;
}

krb5_error_code KRB5_CALLCONV
krb5_cc_retrieve_cred_default (krb5_context context, krb5_ccache id, krb5_flags flags, krb5_creds *mcreds, krb5_creds *creds)
krb5_error_code
k5_cc_retrieve_cred_default(krb5_context context, krb5_ccache id,
krb5_flags flags, krb5_creds *mcreds,
krb5_creds *creds)
{
krb5_enctype *ktypes;
int nktypes;
Expand All @@ -288,92 +290,3 @@ krb5_cc_retrieve_cred_default (krb5_context context, krb5_ccache id, krb5_flags
0, 0);
}
}

/* The following function duplicates some of the functionality above and */
/* should probably be merged with it at some point. It is used by the */
/* CCAPI krb5_cc_remove to figure out if the opaque credentials object */
/* returned by the CCAPI is the same creds as the caller passed in. */
/* Unlike the code above it requires that all structures be identical. */

krb5_boolean KRB5_CALLCONV
krb5_creds_compare (krb5_context in_context,
krb5_creds *in_creds,
krb5_creds *in_compare_creds)
{
/* Set to 0 when we hit the first mismatch and then fall through */
int equal = 1;

if (equal) {
equal = krb5_principal_compare (in_context, in_creds->client,
in_compare_creds->client);
}

if (equal) {
equal = krb5_principal_compare (in_context, in_creds->server,
in_compare_creds->server);
}

if (equal) {
equal = (in_creds->keyblock.enctype == in_compare_creds->keyblock.enctype &&
in_creds->keyblock.length == in_compare_creds->keyblock.length &&
(!in_creds->keyblock.length ||
!memcmp (in_creds->keyblock.contents, in_compare_creds->keyblock.contents,
in_creds->keyblock.length)));
}

if (equal) {
equal = (in_creds->times.authtime == in_compare_creds->times.authtime &&
in_creds->times.starttime == in_compare_creds->times.starttime &&
in_creds->times.endtime == in_compare_creds->times.endtime &&
in_creds->times.renew_till == in_compare_creds->times.renew_till);
}

if (equal) {
equal = (in_creds->is_skey == in_compare_creds->is_skey);
}

if (equal) {
equal = (in_creds->ticket_flags == in_compare_creds->ticket_flags);
}

if (equal) {
krb5_address **addresses = in_creds->addresses;
krb5_address **compare_addresses = in_compare_creds->addresses;
unsigned int i;

if (addresses && compare_addresses) {
for (i = 0; (equal && addresses[i] && compare_addresses[i]); i++) {
equal = krb5_address_compare (in_context, addresses[i],
compare_addresses[i]);
}
if (equal) { equal = (!addresses[i] && !compare_addresses[i]); }
} else {
if (equal) { equal = (!addresses && !compare_addresses); }
}
}

if (equal) {
equal = data_eq(in_creds->ticket, in_compare_creds->ticket);
}

if (equal) {
equal = data_eq(in_creds->second_ticket, in_compare_creds->second_ticket);
}

if (equal) {
krb5_authdata **authdata = in_creds->authdata;
krb5_authdata **compare_authdata = in_compare_creds->authdata;
unsigned int i;

if (authdata && compare_authdata) {
for (i = 0; (equal && authdata[i] && compare_authdata[i]); i++) {
equal = authdata_eq(*authdata[i], *compare_authdata[i]);
}
if (equal) { equal = (!authdata[i] && !compare_authdata[i]); }
} else {
if (equal) { equal = (!authdata && !compare_authdata); }
}
}

return equal;
}
9 changes: 5 additions & 4 deletions src/lib/krb5/ccache/ccapi/stdcc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
#if defined(_WIN32) || defined(USE_CCAPI)

#include "k5-int.h"
#include "../cc-int.h"
#include "stdcc.h"
#include "stdcc_util.h"
#include "string.h"
Expand Down Expand Up @@ -620,8 +621,8 @@ krb5_stdccv3_retrieve (krb5_context context,
krb5_creds *mcreds,
krb5_creds *creds)
{
return krb5_cc_retrieve_cred_default (context, id, whichfields,
mcreds, creds);
return k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
}

/*
Expand Down Expand Up @@ -1487,8 +1488,8 @@ krb5_stdcc_retrieve(context, id, whichfields, mcreds, creds)
krb5_creds *mcreds;
krb5_creds *creds;
{
return krb5_cc_retrieve_cred_default (context, id, whichfields,
mcreds, creds);
return k5_cc_retrieve_cred_default(context, id, whichfields, mcreds,
creds);
}

#endif
Expand Down
12 changes: 7 additions & 5 deletions src/lib/krb5/ccache/ccfns.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@
*/

#include "k5-int.h"
#include "cc-int.h"
#include "../krb/int-proto.h"

const char * KRB5_CALLCONV
krb5_cc_get_name(krb5_context context, krb5_ccache cache)
Expand Down Expand Up @@ -213,9 +215,9 @@ static const char conf_realm[] = "X-CACHECONF:";
static const char conf_name[] = "krb5_ccache_conf_data";

krb5_error_code
krb5int_build_conf_principals(krb5_context context, krb5_ccache id,
krb5_const_principal principal,
const char *name, krb5_creds *cred)
k5_build_conf_principals(krb5_context context, krb5_ccache id,
krb5_const_principal principal,
const char *name, krb5_creds *cred)
{
krb5_principal client;
krb5_error_code ret;
Expand Down Expand Up @@ -277,7 +279,7 @@ krb5_cc_set_config(krb5_context context, krb5_ccache id,

TRACE_CC_SET_CONFIG(context, id, principal, key, data);

ret = krb5int_build_conf_principals(context, id, principal, key, &cred);
ret = k5_build_conf_principals(context, id, principal, key, &cred);
if (ret)
goto out;

Expand Down Expand Up @@ -311,7 +313,7 @@ krb5_cc_get_config(krb5_context context, krb5_ccache id,
memset(&cred, 0, sizeof(cred));
memset(data, 0, sizeof(*data));

ret = krb5int_build_conf_principals(context, id, principal, key, &mcred);
ret = k5_build_conf_principals(context, id, principal, key, &mcred);
if (ret)
goto out;

Expand Down
1 change: 1 addition & 0 deletions src/lib/krb5/ccache/ser_cc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
*/

#include "k5-int.h"
#include "cc-int.h"

/*
* Routines to deal with externalizing krb5_ccache.
Expand Down
1 change: 1 addition & 0 deletions src/lib/krb5/ccache/t_cc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
*/

#include "k5-int.h"
#include "cc-int.h"
#include <stdio.h>
#include <stdlib.h>
#include "autoconf.h"
Expand Down

0 comments on commit 6c8fed1

Please sign in to comment.