int longhorn = 0; /* Talking to a Longhorn server? */
#endif
-krb5_error_code pkinit_client_process
- (krb5_context context, void *plugin_context, void *request_context,
- krb5_get_init_creds_opt *gic_opt,
- preauth_get_client_data_proc get_data_proc,
- struct _krb5_preauth_client_rock *rock,
- krb5_kdc_req * request, krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request, krb5_pa_data *in_padata,
- krb5_prompter_fct prompter, void *prompter_data,
- preauth_get_as_key_proc gak_fct, void *gak_data,
- krb5_data * salt, krb5_data * s2kparams,
- krb5_keyblock * as_key, krb5_pa_data *** out_padata);
-
-krb5_error_code pkinit_client_tryagain
- (krb5_context context, void *plugin_context, void *request_context,
- krb5_get_init_creds_opt *gic_opt,
- preauth_get_client_data_proc get_data_proc,
- struct _krb5_preauth_client_rock *rock,
- krb5_kdc_req * request, krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request,
- krb5_pa_data *in_padata, krb5_error *err_reply,
- krb5_prompter_fct prompter, void *prompter_data,
- preauth_get_as_key_proc gak_fct, void *gak_data,
- krb5_data * salt, krb5_data * s2kparams,
- krb5_keyblock * as_key, krb5_pa_data *** out_padata);
-
-void pkinit_client_req_init
- (krb5_context contex, void *plugin_context, void **request_context);
-
-void pkinit_client_req_fini
- (krb5_context context, void *plugin_context, void *request_context);
-
-krb5_error_code pa_pkinit_gen_req
- (krb5_context context, pkinit_context plgctx,
- pkinit_req_context reqctx, krb5_kdc_req * request,
- krb5_pa_data * in_padata, krb5_pa_data *** out_padata,
- krb5_prompter_fct prompter, void *prompter_data,
- krb5_get_init_creds_opt *gic_opt);
-
-krb5_error_code pkinit_as_req_create
+static krb5_error_code pkinit_as_req_create
(krb5_context context, pkinit_context plgctx,
pkinit_req_context reqctx, krb5_timestamp ctsec,
krb5_int32 cusec, krb5_ui_4 nonce,
const krb5_checksum * cksum, krb5_principal server,
krb5_data ** as_req);
-krb5_error_code pkinit_as_rep_parse
+static krb5_error_code pkinit_as_rep_parse
(krb5_context context, pkinit_context plgctx,
pkinit_req_context reqctx, krb5_preauthtype pa_type,
krb5_kdc_req * request, const krb5_data * as_rep,
krb5_keyblock * key_block, krb5_enctype etype, krb5_data *);
-krb5_error_code pa_pkinit_parse_rep
- (krb5_context context, pkinit_context plgctx,
- pkinit_req_context reqcxt, krb5_kdc_req * request,
- krb5_pa_data * in_padata, krb5_enctype etype,
- krb5_keyblock * as_key, krb5_data *);
-
-static int pkinit_client_plugin_init(krb5_context context, void **blob);
static void pkinit_client_plugin_fini(krb5_context context, void *blob);
-krb5_error_code
+static krb5_error_code
pa_pkinit_gen_req(krb5_context context,
pkinit_context plgctx,
pkinit_req_context reqctx,
return retval;
}
-krb5_error_code
+static krb5_error_code
pkinit_as_req_create(krb5_context context,
pkinit_context plgctx,
pkinit_req_context reqctx,
return retval;
}
-krb5_error_code
+static krb5_error_code
pa_pkinit_parse_rep(krb5_context context,
pkinit_context plgctx,
pkinit_req_context reqctx,
* certificate chain.
* Optionally returns various components.
*/
-krb5_error_code
+static krb5_error_code
pkinit_as_rep_parse(krb5_context context,
pkinit_context plgctx,
pkinit_req_context reqctx,
&reqctx->idopts->identity_alt);
}
-krb5_error_code
+static krb5_error_code
pkinit_client_process(krb5_context context,
void *plugin_context,
void *request_context,
return retval;
}
-krb5_error_code
+static krb5_error_code
pkinit_client_tryagain(krb5_context context,
void *plugin_context,
void *request_context,
0
};
-void
+static void
pkinit_client_req_init(krb5_context context,
void *plugin_context,
void **request_context)
return;
}
-void
+static void
pkinit_client_req_fini(krb5_context context,
void *plugin_context,
void *request_context)
return;
}
-static void
-pkinit_fini_client_profile(krb5_context context, pkinit_context plgctx)
-{
- /* This should clean up anything allocated in pkinit_init_client_profile */
-}
-
-static krb5_error_code
-pkinit_init_client_profile(krb5_context context, pkinit_context plgctx)
-{
- return 0;
-}
-
static int
pkinit_client_plugin_init(krb5_context context, void **blob)
{
if (retval)
goto errout;
- retval = pkinit_init_client_profile(context, ctx);
- if (retval)
- goto errout;
-
*blob = ctx;
pkiDebug("%s: returning plgctx at %p\n", __FUNCTION__, ctx);
}
pkiDebug("%s: got plgctx at %p\n", __FUNCTION__, ctx);
- pkinit_fini_client_profile(context, ctx);
pkinit_fini_identity_opts(ctx->idopts);
pkinit_fini_plg_crypto(ctx->cryptoctx);
pkinit_fini_plg_opts(ctx->opts);
/* Remove when FAST PKINIT is settled. */
#include "../fast_factor.h"
-static krb5_error_code
-pkinit_server_get_edata(krb5_context context,
- krb5_kdc_req * request,
- struct _krb5_db_entry_new * client,
- struct _krb5_db_entry_new * server,
- preauth_get_entry_data_proc server_get_entry_data,
- void *pa_plugin_context,
- krb5_pa_data * data);
-
-static krb5_error_code
-pkinit_server_verify_padata(krb5_context context,
- struct _krb5_db_entry_new * client,
- krb5_data *req_pkt,
- krb5_kdc_req * request,
- krb5_enc_tkt_part * enc_tkt_reply,
- krb5_pa_data * data,
- preauth_get_entry_data_proc server_get_entry_data,
- void *pa_plugin_context,
- void **pa_request_context,
- krb5_data **e_data,
- krb5_authdata ***authz_data);
-
-static krb5_error_code
-pkinit_server_return_padata(krb5_context context,
- krb5_pa_data * padata,
- struct _krb5_db_entry_new * client,
- krb5_data *req_pkt,
- krb5_kdc_req * request,
- krb5_kdc_rep * reply,
- struct _krb5_key_data * client_key,
- krb5_keyblock * encrypting_key,
- krb5_pa_data ** send_pa,
- preauth_get_entry_data_proc server_get_entry_data,
- void *pa_plugin_context,
- void **pa_request_context);
-
-static int pkinit_server_get_flags
- (krb5_context kcontext, krb5_preauthtype patype);
-
static krb5_error_code pkinit_init_kdc_req_context
(krb5_context, void **blob);
static void pkinit_fini_kdc_req_context
(krb5_context context, void *blob);
-static int pkinit_server_plugin_init_realm
- (krb5_context context, const char *realmname,
- pkinit_kdc_context *pplgctx);
-
static void pkinit_server_plugin_fini_realm
(krb5_context context, pkinit_kdc_context plgctx);
-static int pkinit_server_plugin_init
- (krb5_context context, void **blob, const char **realmnames);
-
static void pkinit_server_plugin_fini
(krb5_context context, void *blob);