* krb5.hin: Removed internal functions krb5_encrypt_tkt_part,

	krb5_verify_padta, and krb5_obtain_padata from the public header
	file.

* k5-int.h: Removed old preauthentication declarations and added new
	ones.  Changed function prototype of krb5_encrypt_tkt_part.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7057 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index c04fdf6ea87b4391397998630f1c1c1bc0c4ae97..ac19cb61fa14faafd9705c78dc14ed6443a04942 100644 (file)
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,13 @@
+Wed Nov  8 02:53:48 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+       * krb5.hin: Removed internal functions krb5_encrypt_tkt_part,
+               krb5_verify_padta, and krb5_obtain_padata from the public
+               header file.
+
+       * k5-int.h: Removed old preauthentication declarations and added
+               new ones.  Changed function prototype of
+               krb5_encrypt_tkt_part.
+
 Tue Nov 7 12:00:00 1995  John Rivlin <jrivlin@fusion.com>
 
        * k5-int.h: Place stat declation inside #ifndef __MWERKS__ so

diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 14cf58747877bafaf6afeba1a4fff3b4c15f83a2..39187173fb5c17058c3eb4f93305ef5a86171dbf 100644 (file)
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -809,14 +809,25 @@ error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
 #ifndef KRB5_PREAUTH__
 #define KRB5_PREAUTH__
 
-#define MAX_PREAUTH_SIZE 20    /* Maximum size of PreAuthenticator.data */
+typedef struct _krb5_pa_enc_ts {
+    krb5_timestamp     patimestamp;
+    krb5_int32         pausec;
+} krb5_pa_enc_ts;
 
-/*
- * Note: these typedefs are subject to change.... [tytso:19920903.1609EDT]
- */
 typedef krb5_error_code (krb5_preauth_obtain_proc)
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-              krb5_pa_data *pa_data));
+    KRB5_PROTOTYPE((krb5_context,
+                   krb5_pa_data *,
+                   krb5_etype_info,
+                   krb5_keyblock *, 
+                   krb5_error_code ( * )(krb5_context,
+                                         krb5_const krb5_enctype,
+                                         krb5_data *,
+                                         krb5_const_pointer,
+                                         krb5_keyblock **),
+                   krb5_const_pointer,
+                   krb5_creds *,
+                   krb5_kdc_req *,
+                   krb5_pa_data **));
 
 typedef krb5_error_code (krb5_preauth_verify_proc)
     KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
@@ -830,38 +841,44 @@ typedef struct _krb5_preauth_ops {
     krb5_preauth_verify_proc   *verify;
 } krb5_preauth_ops;
 
+krb5_error_code krb5_obtain_padata
+       KRB5_PROTOTYPE((krb5_context,
+               krb5_pa_data **,
+               krb5_etype_info,
+               krb5_error_code ( * )(krb5_context,
+                                     krb5_const krb5_enctype,
+                                      krb5_data *,
+                                      krb5_const_pointer,
+                                      krb5_keyblock **),
+               krb5_const_pointer, 
+               krb5_creds *,
+               krb5_kdc_req *));
+
+krb5_error_code krb5_process_padata
+       KRB5_PROTOTYPE((krb5_context,
+               krb5_kdc_req *,
+               krb5_kdc_rep *,
+               krb5_error_code ( * )(krb5_context,
+                                     krb5_const krb5_enctype,
+                                      krb5_data *,
+                                      krb5_const_pointer,
+                                      krb5_keyblock **),
+               krb5_const_pointer, 
+               krb5_creds *, 
+               krb5_int32 *));         
+
+krb5_error_code krb5_verify_padata
+       KRB5_PROTOTYPE((krb5_context,
+                  krb5_pa_data * data, krb5_principal client,
+              krb5_address **src_addr, krb5_keyblock *decrypt_key,
+              int *req_id, int *flags));
+
 /*
  * Preauthentication property flags
  */
 #define KRB5_PREAUTH_FLAGS_ENCRYPT     0x00000001
 #define KRB5_PREAUTH_FLAGS_HARDWARE    0x00000002
 
-#if 0
-krb5_error_code get_random_padata
-    KRB5_PROTOTYPE((krb5_principal client, krb5_address **src_addr,
-              krb5_pa_data *data));
-
-krb5_error_code verify_random_padata
-    KRB5_PROTOTYPE((krb5_principal client, krb5_address **src_addr,
-              krb5_data *data));
-#endif
-
-krb5_error_code get_unixtime_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, 
-              krb5_address **src_addr, krb5_pa_data *data));
-
-krb5_error_code verify_unixtime_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-              krb5_data *data));
-
-krb5_error_code get_securid_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-              krb5_pa_data *data));
-
-krb5_error_code verify_securid_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-              krb5_data *data));
-
 #endif /* KRB5_PREAUTH__ */
 /*
  * End "preauth.h"
@@ -1060,6 +1077,12 @@ krb5_error_code encode_krb5_alt_method
 krb5_error_code encode_krb5_etype_info
        KRB5_PROTOTYPE((const krb5_etype_info_entry **, krb5_data **code));
 
+krb5_error_code encode_krb5_enc_data
+       KRB5_PROTOTYPE((const krb5_enc_data *, krb5_data **));
+
+krb5_error_code encode_krb5_pa_enc_ts
+       KRB5_PROTOTYPE((const krb5_pa_enc_ts *, krb5_data **));
+
 /*************************************************************************
  * End of prototypes for krb5_encode.c
  *************************************************************************/
@@ -1155,6 +1178,12 @@ krb5_error_code decode_krb5_alt_method
 krb5_error_code decode_krb5_etype_info
        KRB5_PROTOTYPE((const krb5_data *output, krb5_etype_info_entry ***rep));
 
+krb5_error_code decode_krb5_enc_data
+       KRB5_PROTOTYPE((const krb5_data *output, krb5_enc_data **rep));
+
+krb5_error_code decode_krb5_pa_enc_ts
+       KRB5_PROTOTYPE((const krb5_data *output, krb5_pa_enc_ts **rep));
+
 /*************************************************************************
  * End of prototypes for krb5_decode.c
  *************************************************************************/
@@ -1164,6 +1193,16 @@ krb5_error_code decode_krb5_etype_info
  * End "asn1.h"
  */
 
+
+/*
+ * Internal krb5 library routines
+ */
+krb5_error_code krb5_encrypt_tkt_part
+       KRB5_PROTOTYPE((krb5_context,
+                  krb5_const krb5_keyblock *,
+                  krb5_ticket * ));
+
+
 /*
  * [De]Serialization Handle and operations.
  */

diff --git a/src/include/krb5.hin b/src/include/krb5.hin
index ff87f4ed4a00e003f7ba2de9f539d5bc9889c6aa..a5997d4a5d958a40165745aac3d6dacf28583c57 100644 (file)
--- a/src/include/krb5.hin
+++ b/src/include/krb5.hin
@@ -432,7 +432,6 @@ extern int krb5_max_cryptosystem;           /* max entry in array */
 
 /* This array is indexed by key type, and has (should have) pointers to
    the same entries as krb5_csarray */
-/* XXX what if a given enctype works for several etypes? */
 extern krb5_cs_table_entry * NEAR krb5_enctype_array[];
 extern krb5_enctype krb5_max_enctype;          /* max entry in array */
 
@@ -1250,11 +1249,6 @@ krb5_error_code krb5_kdc_rep_decrypt_proc
                   krb5_const krb5_keyblock *,
                   krb5_const_pointer,
                   krb5_kdc_rep * ));
-krb5_error_code krb5_encrypt_tkt_part
-       KRB5_PROTOTYPE((krb5_context,
-                  krb5_encrypt_block *,
-                  krb5_const krb5_keyblock *,
-                  krb5_ticket * ));
 krb5_error_code krb5_decrypt_tkt_part
        KRB5_PROTOTYPE((krb5_context,
                   krb5_const krb5_keyblock *,
@@ -1434,17 +1428,6 @@ krb5_524_conv_principal
        KRB5_PROTOTYPE((krb5_context context, krb5_const krb5_principal princ, 
                   char *name, char *inst, char *realm));
 
-krb5_error_code krb5_obtain_padata
-       KRB5_PROTOTYPE((krb5_context,
-                  int type, krb5_principal client, krb5_address **src_addr,
-                  krb5_keyblock *encrypt_key, krb5_pa_data **data));
-
-krb5_error_code krb5_verify_padata
-       KRB5_PROTOTYPE((krb5_context,
-                  krb5_pa_data * data, krb5_principal client,
-              krb5_address **src_addr, krb5_keyblock *decrypt_key,
-              int *req_id, int *flags));
-
 /* libkt.spec */
 krb5_error_code krb5_kt_register
        KRB5_PROTOTYPE((krb5_context,