From: Greg Hudson Date: Wed, 21 Dec 2011 22:52:52 +0000 (+0000) Subject: Stop using krb5_typed_data structure type X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=edc26c35049615ec634979738ca4d3e3759e9ad8;p=krb5.git Stop using krb5_typed_data structure type Use the krb5_pa_data structure type when encoding or decoding TYPED-DATA. Leave the krb5_typed_data structure definition in krb5.h with a comment saying not to use it. Remove krb5_free_typed_data (which was never declared in krb5.h). Remove some vestigial accessor stuff related to PKINIT encoding and decoding TYPED-DATA, which was unneeded since r25483. Bump the accessor structure version to 19 accordingly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25601 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/k5-int-pkinit.h b/src/include/k5-int-pkinit.h index 481d6b126..3ad5f5106 100644 --- a/src/include/k5-int-pkinit.h +++ b/src/include/k5-int-pkinit.h @@ -229,9 +229,6 @@ krb5_error_code encode_krb5_reply_key_pack_draft9(const krb5_reply_key_pack_draft9 *, krb5_data **code); -krb5_error_code -encode_krb5_typed_data(const krb5_typed_data **, krb5_data **code); - krb5_error_code encode_krb5_td_trusted_certifiers(const krb5_external_principal_identifier **, krb5_data **code); @@ -285,9 +282,6 @@ krb5_error_code decode_krb5_reply_key_pack_draft9(const krb5_data *, krb5_reply_key_pack_draft9 **); -krb5_error_code -decode_krb5_typed_data(const krb5_data *, krb5_typed_data ***); - krb5_error_code decode_krb5_td_trusted_certifiers(const krb5_data *, krb5_external_principal_identifier ***); @@ -295,8 +289,6 @@ decode_krb5_td_trusted_certifiers(const krb5_data *, krb5_error_code decode_krb5_td_dh_parameters(const krb5_data *, krb5_algorithm_identifier ***); -void krb5_free_typed_data(krb5_context, krb5_typed_data **); - krb5_error_code encode_krb5_enc_data(const krb5_enc_data *, krb5_data **); diff --git a/src/include/k5-int.h b/src/include/k5-int.h index b25c159a7..906fb24ee 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -1676,6 +1676,9 @@ encode_krb5_pwd_data(const krb5_pwd_data *rep, krb5_data **code); krb5_error_code encode_krb5_padata_sequence(krb5_pa_data *const *rep, krb5_data **code); +krb5_error_code +encode_krb5_typed_data(const krb5_pa_data *const *rep, krb5_data **code); + krb5_error_code encode_krb5_alt_method(const krb5_alt_method *, krb5_data **code); @@ -1903,6 +1906,9 @@ decode_krb5_pwd_data(const krb5_data *output, krb5_pwd_data **rep); krb5_error_code decode_krb5_padata_sequence(const krb5_data *output, krb5_pa_data ***rep); +krb5_error_code +decode_krb5_typed_data(const krb5_data *, krb5_pa_data ***); + krb5_error_code decode_krb5_alt_method(const krb5_data *output, krb5_alt_method **rep); @@ -2141,7 +2147,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *); /* To keep happy libraries which are (for now) accessing internal stuff */ /* Make sure to increment by one when changing the struct */ -#define KRB5INT_ACCESS_STRUCT_VERSION 18 +#define KRB5INT_ACCESS_STRUCT_VERSION 19 #ifndef ANAME_SZ struct ktext; /* from krb.h, for krb524 support */ @@ -2224,9 +2230,6 @@ typedef struct _krb5int_access { krb5_external_principal_identifier **, krb5_data **code); - krb5_error_code - (*encode_krb5_typed_data)(const krb5_typed_data **, krb5_data **code); - krb5_error_code (*decode_krb5_auth_pack)(const krb5_data *, krb5_auth_pack **); @@ -2270,9 +2273,6 @@ typedef struct _krb5int_access { krb5_external_principal_identifier ***); - krb5_error_code - (*decode_krb5_typed_data)(const krb5_data *, krb5_typed_data ***); - krb5_error_code (*decode_krb5_as_req)(const krb5_data *output, krb5_kdc_req **rep); diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index d5524255e..a363eaff4 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -1972,12 +1972,7 @@ typedef struct _krb5_pa_data { krb5_octet *contents; /**< Data */ } krb5_pa_data; -/* - * The FAST error handling logic currently assumes that pointers to this - * structure and krb5_pa_data can be safely cast to each other. If this - * structure changes, that code needs to be updated to copy. - */ -/** Typed data */ +/* Don't use this; use krb5_pa_data instead. */ typedef struct _krb5_typed_data { krb5_magic magic; krb5_int32 type; diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 61d088eb6..5e696532d 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -800,10 +800,9 @@ prepare_error_as (struct kdc_request_state *rstate, krb5_kdc_req *request, errpkt.text = string2data((char *)status); if (e_data != NULL) { - if (typed_e_data) { - retval = encode_krb5_typed_data((const krb5_typed_data **)e_data, - &e_data_asn1); - } else + if (typed_e_data) + retval = encode_krb5_typed_data(e_data, &e_data_asn1); + else retval = encode_krb5_padata_sequence(e_data, &e_data_asn1); if (retval) goto cleanup; diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c index 9d052ca37..f05d9dfe7 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.c +++ b/src/lib/krb5/asn.1/asn1_k_decode.c @@ -1725,38 +1725,32 @@ asn1_decode_sequence_of_kdf_alg_id(asn1buf *buf, krb5_data ***val) #endif /* DISABLE_PKINIT */ -static void free_typed_data(void *dummy, krb5_typed_data *val) -{ - free(val->data); - free(val); -} - asn1_error_code -asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data ***val) +asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_pa_data ***val) { - decode_array_body(krb5_typed_data,asn1_decode_typed_data_ptr, - free_typed_data); + decode_array_body(krb5_pa_data,asn1_decode_typed_data_ptr, + free_pa_data); } asn1_error_code -asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val) +asn1_decode_typed_data(asn1buf *buf, krb5_pa_data *val) { setup(); - val->data = NULL; + val->contents = NULL; { begin_structure(); - get_field(val->type,0,asn1_decode_int32); - get_lenfield(val->length,val->data,1,asn1_decode_octetstring); + get_field(val->pa_type,0,asn1_decode_int32); + get_lenfield(val->length,val->contents,1,asn1_decode_octetstring); end_structure(); } return 0; error_out: - free(val->data); - val->data = NULL; + free(val->contents); + val->contents = NULL; return retval; } asn1_error_code -asn1_decode_typed_data_ptr(asn1buf *buf, krb5_typed_data **valptr) +asn1_decode_typed_data_ptr(asn1buf *buf, krb5_pa_data **valptr) { - decode_ptr(krb5_typed_data *, asn1_decode_typed_data); + decode_ptr(krb5_pa_data *, asn1_decode_typed_data); } diff --git a/src/lib/krb5/asn.1/asn1_k_decode.h b/src/lib/krb5/asn.1/asn1_k_decode.h index 71eebb14a..34055eadd 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.h +++ b/src/lib/krb5/asn.1/asn1_k_decode.h @@ -205,10 +205,10 @@ asn1_error_code asn1_decode_reply_key_pack_draft9(asn1buf *buf, krb5_reply_key_pack_draft9 *val); asn1_error_code -asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data ***val); -asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val); +asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_pa_data ***val); +asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_pa_data *val); asn1_error_code asn1_decode_typed_data_ptr(asn1buf *buf, - krb5_typed_data **valptr); + krb5_pa_data **valptr); /* arrays */ asn1_error_code asn1_decode_authorization_data(asn1buf *buf, diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c index 351281eeb..82f99b12b 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.c +++ b/src/lib/krb5/asn.1/asn1_k_encode.c @@ -2128,7 +2128,8 @@ encode_krb5_pkinit_supp_pub_info(const krb5_pkinit_supp_pub_info *rep, #endif /* not DISABLE_PKINIT */ asn1_error_code -asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_typed_data **val, +asn1_encode_sequence_of_typed_data(asn1buf *buf, + const krb5_pa_data *const *val, unsigned int *retlen) { asn1_setup(); @@ -2150,12 +2151,12 @@ asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_typed_data **val, } asn1_error_code -asn1_encode_typed_data(asn1buf *buf, const krb5_typed_data *val, +asn1_encode_typed_data(asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen) { asn1_setup(); - asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring); - asn1_addfield(val->type, 0, asn1_encode_integer); + asn1_addlenfield(val->length, val->contents, 1, asn1_encode_octetstring); + asn1_addfield(val->pa_type, 0, asn1_encode_integer); asn1_makeseq(); asn1_cleanup(); } diff --git a/src/lib/krb5/asn.1/asn1_k_encode.h b/src/lib/krb5/asn.1/asn1_k_encode.h index 604ca6a21..634105fce 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.h +++ b/src/lib/krb5/asn.1/asn1_k_encode.h @@ -150,11 +150,10 @@ asn1_error_code asn1_encode_td_trusted_certifiers( unsigned int *retlen); asn1_error_code asn1_encode_typed_data(asn1buf *buf, - const krb5_typed_data *val, + const krb5_pa_data *val, unsigned int *retlen); -asn1_error_code asn1_encode_sequence_of_typed_data(asn1buf *buf, - const krb5_typed_data **val, - unsigned int *retlen); +asn1_error_code asn1_encode_sequence_of_typed_data( + asn1buf *buf, const krb5_pa_data *const *val, unsigned int *retlen); #endif diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index 10ebcac1c..5ac6db999 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -1077,9 +1077,9 @@ decode_krb5_td_dh_parameters(const krb5_data *code, #endif /* DISABLE_PKINIT */ krb5_error_code -decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***repptr) +decode_krb5_typed_data(const krb5_data *code, krb5_pa_data ***repptr) { - setup_buf_only(krb5_typed_data **); + setup_buf_only(krb5_pa_data **); retval = asn1_decode_sequence_of_typed_data(&buf, &rep); if (retval) clean_return(retval); diff --git a/src/lib/krb5/asn.1/krb5_encode.c b/src/lib/krb5/asn.1/krb5_encode.c index 159407c6d..f88968353 100644 --- a/src/lib/krb5/asn.1/krb5_encode.c +++ b/src/lib/krb5/asn.1/krb5_encode.c @@ -169,7 +169,7 @@ encode_krb5_td_dh_parameters(const krb5_algorithm_identifier **rep, #endif /* DISABLE_PKINIT */ krb5_error_code -encode_krb5_typed_data(const krb5_typed_data **rep, krb5_data **code) +encode_krb5_typed_data(const krb5_pa_data *const *rep, krb5_data **code) { krb5_setup(); retval = asn1_encode_sequence_of_typed_data(buf,rep,&length); diff --git a/src/lib/krb5/krb/fast.c b/src/lib/krb5/krb/fast.c index 7de338b12..612fffda3 100644 --- a/src/lib/krb5/krb/fast.c +++ b/src/lib/krb5/krb/fast.c @@ -478,10 +478,7 @@ krb5int_fast_process_error(krb5_context context, retval = decode_krb5_padata_sequence(&err_reply->e_data, out_padata); if (retval != 0) { - krb5_typed_data **tdata; - /* krb5_typed data and krb5_pa_data are compatible. */ - if (decode_krb5_typed_data(&err_reply->e_data, &tdata) == 0) - *out_padata = (krb5_pa_data **)tdata; + (void)decode_krb5_typed_data(&err_reply->e_data, out_padata); retval = 0; } } diff --git a/src/lib/krb5/krb/kfree.c b/src/lib/krb5/krb/kfree.c index 2a323ec6f..c6dd0debe 100644 --- a/src/lib/krb5/krb/kfree.c +++ b/src/lib/krb5/krb/kfree.c @@ -858,20 +858,6 @@ krb5_free_fast_finished(krb5_context context, krb5_fast_finished *val) free(val); } -void -krb5_free_typed_data(krb5_context context, krb5_typed_data **in) -{ - int i = 0; - if (in == NULL) return; - while (in[i] != NULL) { - if (in[i]->data != NULL) - free(in[i]->data); - free(in[i]); - i++; - } - free(in); -} - void KRB5_CALLCONV krb5_free_fast_armored_req(krb5_context context, krb5_fast_armored_req *val) { diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index 5da2d2360..183d5ee76 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -339,7 +339,6 @@ krb5_free_tgt_creds krb5_free_ticket krb5_free_tickets krb5_free_tkt_authent -krb5_free_typed_data krb5_free_unparsed_name krb5_fwd_tgt_creds krb5_gen_portaddr diff --git a/src/lib/krb5/os/accessor.c b/src/lib/krb5/os/accessor.c index 5914e2b3f..52df8bccf 100644 --- a/src/lib/krb5/os/accessor.c +++ b/src/lib/krb5/os/accessor.c @@ -88,7 +88,6 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version) SC (encode_krb5_kdc_dh_key_info, encode_krb5_kdc_dh_key_info), SC (encode_krb5_reply_key_pack, encode_krb5_reply_key_pack), SC (encode_krb5_reply_key_pack_draft9, encode_krb5_reply_key_pack_draft9), - SC (encode_krb5_typed_data, encode_krb5_typed_data), SC (encode_krb5_td_trusted_certifiers, encode_krb5_td_trusted_certifiers), SC (encode_krb5_td_dh_parameters, encode_krb5_td_dh_parameters), SC (decode_krb5_pa_pk_as_req, decode_krb5_pa_pk_as_req), @@ -101,7 +100,6 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version) SC (decode_krb5_principal_name, decode_krb5_principal_name), SC (decode_krb5_reply_key_pack, decode_krb5_reply_key_pack), SC (decode_krb5_reply_key_pack_draft9, decode_krb5_reply_key_pack_draft9), - SC (decode_krb5_typed_data, decode_krb5_typed_data), SC (decode_krb5_td_trusted_certifiers, decode_krb5_td_trusted_certifiers), SC (decode_krb5_td_dh_parameters, decode_krb5_td_dh_parameters), SC (decode_krb5_as_req, decode_krb5_as_req), diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h index 7970746d9..8c75f1fd7 100644 --- a/src/plugins/preauth/pkinit/pkinit.h +++ b/src/plugins/preauth/pkinit/pkinit.h @@ -317,7 +317,6 @@ void free_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep **in); void free_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 **in); void free_krb5_external_principal_identifier(krb5_external_principal_identifier ***in); void free_krb5_trusted_ca(krb5_trusted_ca ***in); -void free_krb5_typed_data(krb5_typed_data ***in); void free_krb5_algorithm_identifiers(krb5_algorithm_identifier ***in); void free_krb5_algorithm_identifier(krb5_algorithm_identifier *in); void free_krb5_kdc_dh_key_info(krb5_kdc_dh_key_info **in); diff --git a/src/plugins/preauth/pkinit/pkinit_accessor.c b/src/plugins/preauth/pkinit/pkinit_accessor.c index acfbde624..cf8a2f530 100644 --- a/src/plugins/preauth/pkinit/pkinit_accessor.c +++ b/src/plugins/preauth/pkinit/pkinit_accessor.c @@ -49,7 +49,6 @@ DEF_FUNC_PTRS(krb5_pa_pk_as_req); DEF_FUNC_PTRS(krb5_pa_pk_as_req_draft9); DEF_FUNC_PTRS(krb5_reply_key_pack); DEF_FUNC_PTRS(krb5_reply_key_pack_draft9); -DEF_FUNC_PTRS_ARRAY(krb5_typed_data); /* special cases... */ krb5_error_code @@ -116,7 +115,6 @@ pkinit_accessor_init(void) SET_PTRS(krb5_reply_key_pack_draft9); SET_PTRS(krb5_td_dh_parameters); SET_PTRS(krb5_td_trusted_certifiers); - SET_PTRS(krb5_typed_data); /* special cases... */ k5int_decode_krb5_principal_name = k5int.decode_krb5_principal_name; diff --git a/src/plugins/preauth/pkinit/pkinit_accessor.h b/src/plugins/preauth/pkinit/pkinit_accessor.h index ba82533c8..df40ab9eb 100644 --- a/src/plugins/preauth/pkinit/pkinit_accessor.h +++ b/src/plugins/preauth/pkinit/pkinit_accessor.h @@ -53,7 +53,6 @@ DEF_EXT_FUNC_PTRS(krb5_pa_pk_as_req); DEF_EXT_FUNC_PTRS(krb5_pa_pk_as_req_draft9); DEF_EXT_FUNC_PTRS(krb5_reply_key_pack); DEF_EXT_FUNC_PTRS(krb5_reply_key_pack_draft9); -DEF_EXT_FUNC_PTRS_ARRAY(krb5_typed_data); /* special cases... */ extern krb5_error_code (*k5int_decode_krb5_principal_name) diff --git a/src/plugins/preauth/pkinit/pkinit_lib.c b/src/plugins/preauth/pkinit/pkinit_lib.c index 34416142e..50ee044a7 100644 --- a/src/plugins/preauth/pkinit/pkinit_lib.c +++ b/src/plugins/preauth/pkinit/pkinit_lib.c @@ -246,19 +246,6 @@ free_krb5_trusted_ca(krb5_trusted_ca ***in) free(*in); } -void -free_krb5_typed_data(krb5_typed_data ***in) -{ - int i = 0; - if (*in == NULL) return; - while ((*in)[i] != NULL) { - free((*in)[i]->data); - free((*in)[i]); - i++; - } - free(*in); -} - void free_krb5_algorithm_identifier(krb5_algorithm_identifier *in) {