From 53bd3c35c2f895d9c766143b19ea293cdb9bcba0 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Wed, 8 Nov 1995 07:55:51 +0000
Subject: [PATCH] * krb5.hin: Removed internal functions krb5_encrypt_tkt_part,
 	krb5_verify_padta, and krb5_obtain_padata from the public header 
 file.

* k5-int.h: Removed old preauthentication declarations and added new
	ones.  Changed function prototype of krb5_encrypt_tkt_part.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7057 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/include/ChangeLog |  10 ++++
 src/include/k5-int.h  | 103 +++++++++++++++++++++++++++++-------------
 src/include/krb5.hin  |  17 -------
 3 files changed, 81 insertions(+), 49 deletions(-)

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index c04fdf6ea..ac19cb61f 100644
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,13 @@
+Wed Nov  8 02:53:48 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* krb5.hin: Removed internal functions krb5_encrypt_tkt_part,
+		krb5_verify_padta, and krb5_obtain_padata from the public
+		header file.
+
+	* k5-int.h: Removed old preauthentication declarations and added
+		new ones.  Changed function prototype of
+		krb5_encrypt_tkt_part.
+
 Tue Nov 7 12:00:00 1995  John Rivlin <jrivlin@fusion.com>
 
 	* k5-int.h: Place stat declation inside #ifndef __MWERKS__ so
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 14cf58747..39187173f 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -809,14 +809,25 @@ error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
 #ifndef KRB5_PREAUTH__
 #define KRB5_PREAUTH__
 
-#define MAX_PREAUTH_SIZE 20	/* Maximum size of PreAuthenticator.data */
+typedef struct _krb5_pa_enc_ts {
+    krb5_timestamp	patimestamp;
+    krb5_int32		pausec;
+} krb5_pa_enc_ts;
 
-/*
- * Note: these typedefs are subject to change.... [tytso:19920903.1609EDT]
- */
 typedef krb5_error_code (krb5_preauth_obtain_proc)
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-	       krb5_pa_data *pa_data));
+    KRB5_PROTOTYPE((krb5_context,
+		    krb5_pa_data *,
+		    krb5_etype_info,
+		    krb5_keyblock *, 
+		    krb5_error_code ( * )(krb5_context,
+					  krb5_const krb5_enctype,
+					  krb5_data *,
+					  krb5_const_pointer,
+					  krb5_keyblock **),
+		    krb5_const_pointer,
+		    krb5_creds *,
+		    krb5_kdc_req *,
+		    krb5_pa_data **));
 
 typedef krb5_error_code (krb5_preauth_verify_proc)
     KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
@@ -830,38 +841,44 @@ typedef struct _krb5_preauth_ops {
     krb5_preauth_verify_proc	*verify;
 } krb5_preauth_ops;
 
+krb5_error_code krb5_obtain_padata
+    	KRB5_PROTOTYPE((krb5_context,
+		krb5_pa_data **,
+		krb5_etype_info,
+		krb5_error_code ( * )(krb5_context,
+	   			      krb5_const krb5_enctype,
+                                      krb5_data *,
+                                      krb5_const_pointer,
+                                      krb5_keyblock **),
+		krb5_const_pointer, 
+		krb5_creds *,
+		krb5_kdc_req *));
+
+krb5_error_code krb5_process_padata
+	KRB5_PROTOTYPE((krb5_context,
+		krb5_kdc_req *,
+		krb5_kdc_rep *,
+		krb5_error_code ( * )(krb5_context,
+	   			      krb5_const krb5_enctype,
+                                      krb5_data *,
+                                      krb5_const_pointer,
+                                      krb5_keyblock **),
+		krb5_const_pointer, 
+		krb5_creds *, 
+		krb5_int32 *));		
+
+krb5_error_code krb5_verify_padata
+    	KRB5_PROTOTYPE((krb5_context,
+		   krb5_pa_data * data, krb5_principal client,
+	       krb5_address **src_addr, krb5_keyblock *decrypt_key,
+	       int *req_id, int *flags));
+
 /*
  * Preauthentication property flags
  */
 #define KRB5_PREAUTH_FLAGS_ENCRYPT	0x00000001
 #define KRB5_PREAUTH_FLAGS_HARDWARE	0x00000002
 
-#if 0
-krb5_error_code get_random_padata
-    KRB5_PROTOTYPE((krb5_principal client, krb5_address **src_addr,
-	       krb5_pa_data *data));
-
-krb5_error_code verify_random_padata
-    KRB5_PROTOTYPE((krb5_principal client, krb5_address **src_addr,
-	       krb5_data *data));
-#endif
-
-krb5_error_code get_unixtime_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, 
-	       krb5_address **src_addr, krb5_pa_data *data));
-
-krb5_error_code verify_unixtime_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-	       krb5_data *data));
-
-krb5_error_code get_securid_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-	       krb5_pa_data *data));
-
-krb5_error_code verify_securid_padata
-    KRB5_PROTOTYPE((krb5_context, krb5_principal client, krb5_address **src_addr,
-	       krb5_data *data));
-
 #endif /* KRB5_PREAUTH__ */
 /*
  * End "preauth.h"
@@ -1060,6 +1077,12 @@ krb5_error_code encode_krb5_alt_method
 krb5_error_code encode_krb5_etype_info
 	KRB5_PROTOTYPE((const krb5_etype_info_entry **, krb5_data **code));
 
+krb5_error_code encode_krb5_enc_data
+    	KRB5_PROTOTYPE((const krb5_enc_data *, krb5_data **));
+
+krb5_error_code encode_krb5_pa_enc_ts
+    	KRB5_PROTOTYPE((const krb5_pa_enc_ts *, krb5_data **));
+
 /*************************************************************************
  * End of prototypes for krb5_encode.c
  *************************************************************************/
@@ -1155,6 +1178,12 @@ krb5_error_code decode_krb5_alt_method
 krb5_error_code decode_krb5_etype_info
 	KRB5_PROTOTYPE((const krb5_data *output, krb5_etype_info_entry ***rep));
 
+krb5_error_code decode_krb5_enc_data
+	KRB5_PROTOTYPE((const krb5_data *output, krb5_enc_data **rep));
+
+krb5_error_code decode_krb5_pa_enc_ts
+	KRB5_PROTOTYPE((const krb5_data *output, krb5_pa_enc_ts **rep));
+
 /*************************************************************************
  * End of prototypes for krb5_decode.c
  *************************************************************************/
@@ -1164,6 +1193,16 @@ krb5_error_code decode_krb5_etype_info
  * End "asn1.h"
  */
 
+
+/*
+ * Internal krb5 library routines
+ */
+krb5_error_code krb5_encrypt_tkt_part
+	KRB5_PROTOTYPE((krb5_context,
+		   krb5_const krb5_keyblock *,
+		   krb5_ticket * ));
+
+
 /*
  * [De]Serialization Handle and operations.
  */
diff --git a/src/include/krb5.hin b/src/include/krb5.hin
index ff87f4ed4..a5997d4a5 100644
--- a/src/include/krb5.hin
+++ b/src/include/krb5.hin
@@ -432,7 +432,6 @@ extern int krb5_max_cryptosystem;		/* max entry in array */
 
 /* This array is indexed by key type, and has (should have) pointers to
    the same entries as krb5_csarray */
-/* XXX what if a given enctype works for several etypes? */
 extern krb5_cs_table_entry * NEAR krb5_enctype_array[];
 extern krb5_enctype krb5_max_enctype;		/* max entry in array */
 
@@ -1250,11 +1249,6 @@ krb5_error_code krb5_kdc_rep_decrypt_proc
 		   krb5_const krb5_keyblock *,
 		   krb5_const_pointer,
 		   krb5_kdc_rep * ));
-krb5_error_code krb5_encrypt_tkt_part
-	KRB5_PROTOTYPE((krb5_context,
-		   krb5_encrypt_block *,
-		   krb5_const krb5_keyblock *,
-		   krb5_ticket * ));
 krb5_error_code krb5_decrypt_tkt_part
 	KRB5_PROTOTYPE((krb5_context,
 		   krb5_const krb5_keyblock *,
@@ -1434,17 +1428,6 @@ krb5_524_conv_principal
 	KRB5_PROTOTYPE((krb5_context context, krb5_const krb5_principal princ, 
 		   char *name, char *inst, char *realm));
 
-krb5_error_code krb5_obtain_padata
-    	KRB5_PROTOTYPE((krb5_context,
-		   int type, krb5_principal client, krb5_address **src_addr,
-	           krb5_keyblock *encrypt_key, krb5_pa_data **data));
-
-krb5_error_code krb5_verify_padata
-    	KRB5_PROTOTYPE((krb5_context,
-		   krb5_pa_data * data, krb5_principal client,
-	       krb5_address **src_addr, krb5_keyblock *decrypt_key,
-	       int *req_id, int *flags));
-
 /* libkt.spec */
 krb5_error_code krb5_kt_register
 	KRB5_PROTOTYPE((krb5_context,
-- 
2.26.2