diff --git a/kdc/524.c b/kdc/524.c index ca86e768d..29615672a 100644 --- a/kdc/524.c +++ b/kdc/524.c @@ -44,7 +44,7 @@ RCSID("$Id$"); static krb5_error_code fetch_server (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, const Ticket *t, char **spn, hdb_entry **server, @@ -66,7 +66,7 @@ fetch_server (krb5_context context, krb5_get_err_text(context, ret)); return ret; } - ret = db_fetch(context, config, sprinc, server); + ret = _kdc_db_fetch(context, config, sprinc, server); krb5_free_principal(context, sprinc); if (ret) { kdc_log(context, config, 0, @@ -81,7 +81,7 @@ fetch_server (krb5_context context, static krb5_error_code log_524 (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, const EncTicketPart *et, const char *from, const char *spn) @@ -111,7 +111,7 @@ log_524 (krb5_context context, static krb5_error_code verify_flags (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, const EncTicketPart *et, const char *spn) { @@ -133,7 +133,7 @@ verify_flags (krb5_context context, static krb5_error_code set_address (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, EncTicketPart *et, struct sockaddr *addr, const char *from) @@ -185,7 +185,7 @@ set_address (krb5_context context, static krb5_error_code encrypt_v4_ticket(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, void *buf, size_t len, krb5_keyblock *skey, @@ -219,9 +219,10 @@ encrypt_v4_ticket(krb5_context context, static krb5_error_code encode_524_response(krb5_context context, - struct krb5_kdc_configuration *config, - const char *spn, const EncTicketPart et, const Ticket *t, - hdb_entry *server, EncryptedData *ticket, int *kvno) + krb5_kdc_configuration *config, + const char *spn, const EncTicketPart et, + const Ticket *t, hdb_entry *server, + EncryptedData *ticket, int *kvno) { krb5_error_code ret; int use_2b; @@ -252,15 +253,15 @@ encode_524_response(krb5_context context, return KRB5KDC_ERR_POLICY; } - ret = encode_v4_ticket(context, config, - buf + sizeof(buf) - 1, sizeof(buf), - &et, &t->sname, &len); + ret = _kdc_encode_v4_ticket(context, config, + buf + sizeof(buf) - 1, sizeof(buf), + &et, &t->sname, &len); if(ret){ kdc_log(context, config, 0, "Failed to encode v4 ticket (%s)", spn); return ret; } - ret = get_des_key(context, server, TRUE, FALSE, &skey); + ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for server (%s)", spn); @@ -285,10 +286,10 @@ encode_524_response(krb5_context context, */ krb5_error_code -do_524(krb5_context context, - struct krb5_kdc_configuration *config, - const Ticket *t, krb5_data *reply, - const char *from, struct sockaddr *addr) +_kdc_do_524(krb5_context context, + krb5_kdc_configuration *config, + const Ticket *t, krb5_data *reply, + const char *from, struct sockaddr *addr) { krb5_error_code ret = 0; krb5_crypto crypto; @@ -369,7 +370,7 @@ do_524(krb5_context context, server, &ticket, &kvno); free_EncTicketPart(&et); -out: + out: /* make reply */ memset(buf, 0, sizeof(buf)); sp = krb5_storage_from_mem(buf, sizeof(buf)); @@ -389,6 +390,6 @@ out: if(spn) free(spn); if(server) - free_ent (context, server); + _kdc_free_ent (context, server); return ret; } diff --git a/kdc/Makefile.am b/kdc/Makefile.am index 479eabbd5..b65c80b80 100644 --- a/kdc/Makefile.am +++ b/kdc/Makefile.am @@ -35,11 +35,20 @@ libkdc_la_SOURCES = \ 524.c \ kerberos4.c \ kaserver.c \ - process.c \ + process.c \ rx.h + +$(libkdc_la_OBJECTS): $(srcdir)/kdc-protos.h + libkdc_la_LDFLAGS = -version-info 1:0:0 +CHECK_SYMBOLS = -lib kdc -version krb5_kdc kdc_ _kdc_ + +$(srcdir)/kdc-protos.h: + cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -o kdc-protos.h $(libkdc_la_SOURCES) || rm -f kdc-protos.h + + hprop_LDADD = \ $(top_builddir)/lib/hdb/libhdb.la \ $(LIB_openldap) \ @@ -81,4 +90,4 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \ kdc_LDADD = libkdc.la $(LIB_pidfile) -include_HEADERS = kdc.h +include_HEADERS = kdc.h kdc-protos.h diff --git a/kdc/config.c b/kdc/config.c index 9bfe3c21e..d9cc34894 100644 --- a/kdc/config.c +++ b/kdc/config.c @@ -132,7 +132,7 @@ usage(int ret) } static void -get_dbinfo(krb5_context context, struct krb5_kdc_configuration *config) +get_dbinfo(krb5_context context, krb5_kdc_configuration *config) { const krb5_config_binding *top_binding = NULL; const krb5_config_binding *db_binding; @@ -254,9 +254,9 @@ add_one_address (krb5_context context, const char *str, int first) krb5_free_addresses (context, &tmp); } -struct krb5_kdc_configuration *configure(krb5_context context, int argc, char **argv) +krb5_kdc_configuration *configure(krb5_context context, int argc, char **argv) { - struct krb5_kdc_configuration *config = malloc(sizeof(*config)); + krb5_kdc_configuration *config = malloc(sizeof(*config)); krb5_error_code ret; int optidx = 0; const char *p; @@ -516,7 +516,7 @@ struct krb5_kdc_configuration *configure(krb5_context context, int argc, char ** if (x509_anchors == NULL) krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); - pk_initialize(user_id, x509_anchors); + _pk_initialize(user_id, x509_anchors); config->enable_pkinit_princ_in_cert = krb5_config_get_bool_default(context, diff --git a/kdc/connect.c b/kdc/connect.c index 618e4fafa..1bf4a9f8f 100644 --- a/kdc/connect.c +++ b/kdc/connect.c @@ -137,7 +137,7 @@ add_port_string (krb5_context context, static void add_standard_ports (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int family) { add_port_service(context, family, "kerberos", 88, "udp"); @@ -166,7 +166,7 @@ add_standard_ports (krb5_context context, static void parse_ports(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, const char *str) { char *pos = NULL; @@ -248,7 +248,7 @@ reinit_descrs (struct descr *d, int n) static void init_socket(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d, krb5_address *a, int family, int type, int port) { krb5_error_code ret; @@ -313,7 +313,7 @@ init_socket(krb5_context context, static int init_sockets(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr **desc) { krb5_error_code ret; @@ -400,7 +400,7 @@ addr_to_string(krb5_context context, static void do_request(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, void *buf, size_t len, krb5_boolean prependlength, struct descr *d) { @@ -447,7 +447,7 @@ do_request(krb5_context context, static void handle_udp(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d) { unsigned char *buf; @@ -510,7 +510,7 @@ de_http(char *buf) static void add_new_tcp (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d, int parent, int child) { int s; @@ -546,7 +546,7 @@ add_new_tcp (krb5_context context, static int grow_descr (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d, size_t n) { if (d->size - d->len < n) { @@ -580,7 +580,7 @@ grow_descr (krb5_context context, static int handle_vanilla_tcp (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d) { krb5_storage *sp; @@ -607,7 +607,7 @@ handle_vanilla_tcp (krb5_context context, static int handle_http_tcp (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d) { char *s, *p, *t; @@ -714,7 +714,7 @@ handle_http_tcp (krb5_context context, static void handle_tcp(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct descr *d, int idx, int min_free) { unsigned char buf[1024]; @@ -773,7 +773,7 @@ handle_tcp(krb5_context context, void loop(krb5_context context, - struct krb5_kdc_configuration *config) + krb5_kdc_configuration *config) { struct descr *d; int ndescr; diff --git a/kdc/kaserver.c b/kdc/kaserver.c index d23384eb7..7d98566fa 100644 --- a/kdc/kaserver.c +++ b/kdc/kaserver.c @@ -390,7 +390,7 @@ unparse_auth_args (krb5_storage *sp, static void do_authenticate (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct rx_header *hdr, krb5_storage *sp, struct sockaddr_in *addr, @@ -432,7 +432,7 @@ do_authenticate (krb5_context context, kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s", client_name, from, server_name); - ret = db_fetch4 (context, config, name, instance, + ret = _kdc_db_fetch4 (context, config, name, instance, config->v4_realm, &client_entry); if (ret) { kdc_log(context, config, 0, "Client not found in database: %s: %s", @@ -441,7 +441,7 @@ do_authenticate (krb5_context context, goto out; } - ret = db_fetch4 (context, config, "krbtgt", + ret = _kdc_db_fetch4 (context, config, "krbtgt", config->v4_realm, config->v4_realm, &server_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s: %s", @@ -450,17 +450,17 @@ do_authenticate (krb5_context context, goto out; } - ret = check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - TRUE); + ret = _kdc_check_flags (context, config, + client_entry, client_name, + server_entry, server_name, + TRUE); if (ret) { make_error_reply (hdr, KAPWEXPIRED, reply); goto out; } /* find a DES key */ - ret = get_des_key(context, client_entry, FALSE, TRUE, &ckey); + ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for client"); make_error_reply (hdr, KANOKEYS, reply); @@ -468,7 +468,7 @@ do_authenticate (krb5_context context, } /* find a DES key */ - ret = get_des_key(context, server_entry, TRUE, TRUE, &skey); + ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for server"); make_error_reply (hdr, KANOKEYS, reply); @@ -530,7 +530,7 @@ do_authenticate (krb5_context context, chal + 1, "tgsT", &ckey->key, reply); -out: + out: if (request.length) { memset (request.data, 0, request.length); krb5_data_free (&request); @@ -540,9 +540,9 @@ out: if (instance) free (instance); if (client_entry) - free_ent (context, client_entry); + _kdc_free_ent (context, client_entry); if (server_entry) - free_ent (context, server_entry); + _kdc_free_ent (context, server_entry); } static krb5_error_code @@ -601,7 +601,7 @@ unparse_getticket_args (krb5_storage *sp, static void do_getticket (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, struct rx_header *hdr, krb5_storage *sp, struct sockaddr_in *addr, @@ -647,7 +647,7 @@ do_getticket (krb5_context context, snprintf (server_name, sizeof(server_name), "%s.%s@%s", name, instance, config->v4_realm); - ret = db_fetch4 (context, config, name, instance, config->v4_realm, &server_entry); + ret = _kdc_db_fetch4 (context, config, name, instance, config->v4_realm, &server_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -655,7 +655,7 @@ do_getticket (krb5_context context, goto out; } - ret = db_fetch4 (context, config, "krbtgt", + ret = _kdc_db_fetch4 (context, config, "krbtgt", config->v4_realm, config->v4_realm, &krbtgt_entry); if (ret) { kdc_log(context, config, 0, @@ -667,7 +667,7 @@ do_getticket (krb5_context context, } /* find a DES key */ - ret = get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey); + ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for krbtgt"); make_error_reply (hdr, KANOKEYS, reply); @@ -675,7 +675,7 @@ do_getticket (krb5_context context, } /* find a DES key */ - ret = get_des_key(context, server_entry, TRUE, TRUE, &skey); + ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for server"); make_error_reply (hdr, KANOKEYS, reply); @@ -728,7 +728,7 @@ do_getticket (krb5_context context, kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s", client_name, from, server_name); - ret = db_fetch4 (context, config, + ret = _kdc_db_fetch4 (context, config, ad.pname, ad.pinst, ad.prealm, &client_entry); if(ret && ret != HDB_ERR_NOENTRY) { kdc_log(context, config, 0, @@ -745,10 +745,10 @@ do_getticket (krb5_context context, goto out; } - ret = check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - FALSE); + ret = _kdc_check_flags (context, config, + client_entry, client_name, + server_entry, server_name, + FALSE); if (ret) { make_error_reply (hdr, KAPWEXPIRED, reply); goto out; @@ -803,7 +803,7 @@ do_getticket (krb5_context context, 0, "gtkt", &ad.session, reply); -out: + out: _krb5_krb_free_auth_data(context, &ad); if (aticket.length) { memset (aticket.data, 0, aticket.length); @@ -820,19 +820,19 @@ out: if (instance) free (instance); if (krbtgt_entry) - free_ent (context, krbtgt_entry); + _kdc_free_ent (context, krbtgt_entry); if (server_entry) - free_ent (context, server_entry); + _kdc_free_ent (context, server_entry); } krb5_error_code -do_kaserver(krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) +_kdc_do_kaserver(krb5_context context, + krb5_kdc_configuration *config, + unsigned char *buf, + size_t len, + krb5_data *reply, + const char *from, + struct sockaddr_in *addr) { krb5_error_code ret = 0; struct rx_header hdr; diff --git a/kdc/kdc-protos.h b/kdc/kdc-protos.h deleted file mode 100644 index 7761625bc..000000000 --- a/kdc/kdc-protos.h +++ /dev/null @@ -1,24 +0,0 @@ - -int -krb5_kdc_process_generic_request(krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - krb5_boolean *prependlength, - const char *from, - struct sockaddr *addr); - -int krb5_kdc_process_krb5_request(krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr *addr); - -void krb5_kdc_default_config(struct krb5_kdc_configuration *config); - -void -kdc_openlog(krb5_context context, - struct krb5_kdc_configuration *config); diff --git a/kdc/kdc.h b/kdc/kdc.h index 57c49fdc1..55d9e865d 100644 --- a/kdc/kdc.h +++ b/kdc/kdc.h @@ -49,7 +49,7 @@ enum krb5_kdc_trpolicy { TRPOLICY_ALWAYS_HONOUR_REQUEST }; -struct krb5_kdc_configuration { +typedef struct krb5_kdc_configuration { krb5_boolean require_preauth; /* require preauth for all principals */ time_t kdc_warn_pwexpire; /* time before expiration to print a warning */ @@ -74,7 +74,7 @@ struct krb5_kdc_configuration { krb5_boolean enable_pkinit_princ_in_cert; krb5_log_facility *logf; -}; +} krb5_kdc_configuration; #include diff --git a/kdc/kdc_locl.h b/kdc/kdc_locl.h index 18cd41132..cd73d05d5 100644 --- a/kdc/kdc_locl.h +++ b/kdc/kdc_locl.h @@ -55,59 +55,59 @@ extern int detach_from_console; #define _PATH_KDC_CONF HDB_DB_DIR "/kdc.conf" #define DEFAULT_LOG_DEST "0-1/FILE:" HDB_DB_DIR "/kdc.log" -extern struct timeval now; -#define kdc_time (now.tv_sec) +extern struct timeval _kdc_now; +#define kdc_time (_kdc_now.tv_sec) -krb5_error_code as_rep (krb5_context context, - struct krb5_kdc_configuration *config, +krb5_error_code _kdc_as_rep (krb5_context context, + krb5_kdc_configuration *config, KDC_REQ*, krb5_data*, const char*, struct sockaddr*); -struct krb5_kdc_configuration *configure(krb5_context context, int argc, char **argv); +krb5_kdc_configuration *configure(krb5_context context, int argc, char **argv); krb5_error_code -db_fetch(krb5_context, struct krb5_kdc_configuration *, +_kdc_db_fetch(krb5_context, krb5_kdc_configuration *, krb5_principal, hdb_entry **); -void free_ent(krb5_context context, hdb_entry *); +void _kdc_free_ent(krb5_context context, hdb_entry *); void kdc_log (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int, const char*, ...) __attribute__ ((format (printf, 4,5))); char* kdc_log_msg (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int, const char*, ...) __attribute__ ((format (printf, 4,5))); char* kdc_log_msg_va (krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int, const char*, va_list) __attribute__ ((format (printf, 4,0))); void kdc_openlog(krb5_context context, - struct krb5_kdc_configuration *config); + krb5_kdc_configuration *config); void loop(krb5_context context, - struct krb5_kdc_configuration *config); + krb5_kdc_configuration *config); void set_master_key (EncryptionKey); -krb5_error_code tgs_rep (krb5_context context, - struct krb5_kdc_configuration *config, +krb5_error_code _kdc_tgs_rep (krb5_context context, + krb5_kdc_configuration *config, KDC_REQ*, krb5_data*, const char*, struct sockaddr *); Key* unseal_key (Key*); krb5_error_code -check_flags(krb5_context context, - struct krb5_kdc_configuration *config, +_kdc_check_flags(krb5_context context, + krb5_kdc_configuration *config, hdb_entry *client, const char *client_name, hdb_entry *server, const char *server_name, krb5_boolean is_as_req); -krb5_error_code get_des_key(krb5_context context, hdb_entry*, krb5_boolean, krb5_boolean, Key**); +krb5_error_code _kdc_get_des_key(krb5_context context, hdb_entry*, krb5_boolean, krb5_boolean, Key**); krb5_error_code -encode_v4_ticket(krb5_context context, - struct krb5_kdc_configuration *config, - void *buf, size_t len, const EncTicketPart *et, - const PrincipalName *service, size_t *size); +_kdc_encode_v4_ticket(krb5_context context, + krb5_kdc_configuration *config, + void *buf, size_t len, const EncTicketPart *et, + const PrincipalName *service, size_t *size); krb5_error_code -do_524(krb5_context context, - struct krb5_kdc_configuration *config, - const Ticket *t, krb5_data *reply, - const char *from, struct sockaddr *addr); +_kdc_do_524(krb5_context context, + krb5_kdc_configuration *config, + const Ticket *t, krb5_data *reply, + const char *from, struct sockaddr *addr); #ifdef HAVE_OPENSSL #define des_new_random_key des_random_key @@ -115,41 +115,41 @@ do_524(krb5_context context, #ifdef PKINIT typedef struct pk_client_params pk_client_params; -krb5_error_code pk_initialize(const char *, const char *); -krb5_error_code pk_rd_padata(krb5_context, KDC_REQ *, - PA_DATA *, pk_client_params **); -krb5_error_code pk_mk_pa_reply(krb5_context, - pk_client_params *, - const hdb_entry *, - const KDC_REQ *, - krb5_keyblock **, - METHOD_DATA *); -krb5_error_code pk_check_client(krb5_context, krb5_principal, - const hdb_entry *, - pk_client_params *, char **); -void pk_free_client_param(krb5_context, pk_client_params *); +krb5_error_code _pk_initialize(const char *, const char *); +krb5_error_code _pk_rd_padata(krb5_context, KDC_REQ *, + PA_DATA *, pk_client_params **); +krb5_error_code _pk_mk_pa_reply(krb5_context, + pk_client_params *, + const hdb_entry *, + const KDC_REQ *, + krb5_keyblock **, + METHOD_DATA *); +krb5_error_code _pk_check_client(krb5_context, krb5_principal, + const hdb_entry *, + pk_client_params *, char **); +void _pk_free_client_param(krb5_context, pk_client_params *); #endif /* * Kerberos 4 */ -krb5_error_code db_fetch4 (krb5_context context, - struct krb5_kdc_configuration *config, +krb5_error_code _kdc_db_fetch4 (krb5_context context, + krb5_kdc_configuration *config, const char*, const char*, const char*, hdb_entry**); -krb5_error_code do_version4 (krb5_context context, - struct krb5_kdc_configuration *config, +krb5_error_code _kdc_do_version4 (krb5_context context, + krb5_kdc_configuration *config, unsigned char*, size_t, krb5_data*, const char*, struct sockaddr_in*); -int maybe_version4 (unsigned char*, int); +int _kdc_maybe_version4 (unsigned char*, int); -krb5_error_code do_kaserver (krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char*, size_t, krb5_data*, const char*, - struct sockaddr_in*); +krb5_error_code _kdc_do_kaserver (krb5_context context, + krb5_kdc_configuration *config, + unsigned char*, size_t, krb5_data*, + const char*, struct sockaddr_in*); int kdc_process_generic_request(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, unsigned char *buf, size_t len, krb5_data *reply, diff --git a/kdc/kerberos4.c b/kdc/kerberos4.c index 5c6d9d0fc..8fe9d9666 100644 --- a/kdc/kerberos4.c +++ b/kdc/kerberos4.c @@ -49,7 +49,7 @@ swap32(u_int32_t x) #endif /* swap32 */ int -maybe_version4(unsigned char *buf, int len) +_kdc_maybe_version4(unsigned char *buf, int len) { return len > 0 && *buf == 4; } @@ -67,7 +67,7 @@ valid_princ(krb5_context context, void *funcctx, krb5_principal princ) { - struct krb5_kdc_configuration *config = funcctx; + krb5_kdc_configuration *config = funcctx; krb5_error_code ret; char *s; hdb_entry *ent; @@ -75,7 +75,7 @@ valid_princ(krb5_context context, ret = krb5_unparse_name(context, princ, &s); if (ret) return FALSE; - ret = db_fetch(context, config, princ, &ent); + ret = _kdc_db_fetch(context, config, princ, &ent); if (ret) { kdc_log(context, config, 7, "Lookup %s failed: %s", s, krb5_get_err_text (context, ret)); @@ -84,13 +84,13 @@ valid_princ(krb5_context context, } kdc_log(context, config, 7, "Lookup %s succeeded", s); free(s); - free_ent(context, ent); + _kdc_free_ent(context, ent); return TRUE; } krb5_error_code -db_fetch4(krb5_context context, - struct krb5_kdc_configuration *config, +_kdc_db_fetch4(krb5_context context, + krb5_kdc_configuration *config, const char *name, const char *instance, const char *realm, hdb_entry **ent) { @@ -101,7 +101,7 @@ db_fetch4(krb5_context context, valid_princ, config, 0, &p); if(ret) return ret; - ret = db_fetch(context, config, p, ent); + ret = _kdc_db_fetch(context, config, p, ent); krb5_free_principal(context, p); return ret; } @@ -115,13 +115,13 @@ db_fetch4(krb5_context context, */ krb5_error_code -do_version4(krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) +_kdc_do_version4(krb5_context context, + krb5_kdc_configuration *config, + unsigned char *buf, + size_t len, + krb5_data *reply, + const char *from, + struct sockaddr_in *addr) { krb5_storage *sp; krb5_error_code ret; @@ -181,7 +181,7 @@ do_version4(krb5_context context, kdc_log(context, config, 0, "AS-REQ (krb4) %s from %s for %s", client_name, from, server_name); - ret = db_fetch4(context, config, name, inst, realm, &client); + ret = _kdc_db_fetch4(context, config, name, inst, realm, &client); if(ret) { kdc_log(context, config, 0, "Client not found in database: %s: %s", client_name, krb5_get_err_text(context, ret)); @@ -189,7 +189,7 @@ do_version4(krb5_context context, "principal unknown"); goto out1; } - ret = db_fetch4(context, config, sname, sinst, + ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, &server); if(ret){ kdc_log(context, config, 0, "Server not found in database: %s: %s", @@ -199,10 +199,10 @@ do_version4(krb5_context context, goto out1; } - ret = check_flags (context, config, - client, client_name, - server, server_name, - TRUE); + ret = _kdc_check_flags (context, config, + client, client_name, + server, server_name, + TRUE); if (ret) { /* good error code? */ make_err_reply(context, reply, KERB_ERR_NAME_EXP, @@ -227,7 +227,7 @@ do_version4(krb5_context context, goto out1; } - ret = get_des_key(context, client, FALSE, FALSE, &ckey); + ret = _kdc_get_des_key(context, client, FALSE, FALSE, &ckey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for client"); make_err_reply(context, reply, KDC_NULL_KEY, @@ -249,7 +249,7 @@ do_version4(krb5_context context, } #endif - ret = get_des_key(context, server, TRUE, FALSE, &skey); + ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for server"); /* XXX */ @@ -360,7 +360,7 @@ do_version4(krb5_context context, goto out2; } - ret = db_fetch(context, config, tgt_princ, &tgt); + ret = _kdc_db_fetch(context, config, tgt_princ, &tgt); if(ret){ char *s; s = kdc_log_msg(context, config, 0, "Ticket-granting ticket not " @@ -382,7 +382,7 @@ do_version4(krb5_context context, goto out2; } - ret = get_des_key(context, tgt, TRUE, FALSE, &tkey); + ret = _kdc_get_des_key(context, tgt, TRUE, FALSE, &tkey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for krbtgt (krb4)"); @@ -455,7 +455,7 @@ do_version4(krb5_context context, goto out2; } - ret = db_fetch4(context, config, ad.pname, ad.pinst, ad.prealm, &client); + ret = _kdc_db_fetch4(context, config, ad.pname, ad.pinst, ad.prealm, &client); if(ret && ret != HDB_ERR_NOENTRY) { char *s; s = kdc_log_msg(context, config, 0, @@ -475,7 +475,7 @@ do_version4(krb5_context context, goto out2; } - ret = db_fetch4(context, config, sname, sinst, config->v4_realm, &server); + ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, &server); if(ret){ char *s; s = kdc_log_msg(context, config, 0, @@ -486,10 +486,10 @@ do_version4(krb5_context context, goto out2; } - ret = check_flags (context, config, - client, client_name, - server, server_name, - FALSE); + ret = _kdc_check_flags (context, config, + client, client_name, + server, server_name, + FALSE); if (ret) { /* good error code? */ make_err_reply(context, reply, KERB_ERR_NAME_EXP, @@ -497,7 +497,7 @@ do_version4(krb5_context context, goto out2; } - ret = get_des_key(context, server, TRUE, FALSE, &skey); + ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); if(ret){ kdc_log(context, config, 0, "no suitable DES key for server (krb4)"); @@ -598,7 +598,7 @@ do_version4(krb5_context context, if(tgt_princ) krb5_free_principal(context, tgt_princ); if(tgt) - free_ent(context, tgt); + _kdc_free_ent(context, tgt); break; } case AUTH_MSG_ERR_REPLY: @@ -621,18 +621,18 @@ do_version4(krb5_context context, if(sinst) free(sinst); if(client) - free_ent(context, client); + _kdc_free_ent(context, client); if(server) - free_ent(context, server); + _kdc_free_ent(context, server); krb5_storage_free(sp); return 0; } krb5_error_code -encode_v4_ticket(krb5_context context, - struct krb5_kdc_configuration *config, - void *buf, size_t len, const EncTicketPart *et, - const PrincipalName *service, size_t *size) +_kdc_encode_v4_ticket(krb5_context context, + krb5_kdc_configuration *config, + void *buf, size_t len, const EncTicketPart *et, + const PrincipalName *service, size_t *size) { krb5_storage *sp; krb5_error_code ret; @@ -718,9 +718,9 @@ encode_v4_ticket(krb5_context context, } krb5_error_code -get_des_key(krb5_context context, - hdb_entry *principal, krb5_boolean is_server, - krb5_boolean prefer_afs_key, Key **ret_key) +_kdc_get_des_key(krb5_context context, + hdb_entry *principal, krb5_boolean is_server, + krb5_boolean prefer_afs_key, Key **ret_key) { Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL; int i; diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c index ecde014d1..ac4c3a382 100644 --- a/kdc/kerberos5.c +++ b/kdc/kerberos5.c @@ -118,7 +118,7 @@ find_etype(krb5_context context, hdb_entry *princ, static krb5_error_code find_keys(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, hdb_entry *client, hdb_entry *server, Key **ckey, @@ -181,7 +181,7 @@ make_anonymous_principalname (PrincipalName *pn) static void log_timestamp(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, const char *type, KerberosTime authtime, KerberosTime *starttime, KerberosTime endtime, KerberosTime *renew_till) @@ -206,7 +206,7 @@ log_timestamp(krb5_context context, static krb5_error_code encode_reply(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek, krb5_enctype etype, int skvno, EncryptionKey *skey, @@ -356,7 +356,7 @@ make_etype_info_entry(krb5_context context, ETYPE_INFO_ENTRY *ent, Key *key) static krb5_error_code get_pa_etype_info(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, METHOD_DATA *md, hdb_entry *client, ENCTYPE *etypes, unsigned int etypes_len) { @@ -519,7 +519,7 @@ only_older_enctype_p(const KDC_REQ *req) static krb5_error_code get_pa_etype_info2(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, METHOD_DATA *md, hdb_entry *client, ENCTYPE *etypes, unsigned int etypes_len) { @@ -604,21 +604,23 @@ get_pa_etype_info2(krb5_context context, */ krb5_error_code -check_flags(krb5_context context, - struct krb5_kdc_configuration *config, - hdb_entry *client, const char *client_name, - hdb_entry *server, const char *server_name, - krb5_boolean is_as_req) +_kdc_check_flags(krb5_context context, + krb5_kdc_configuration *config, + hdb_entry *client, const char *client_name, + hdb_entry *server, const char *server_name, + krb5_boolean is_as_req) { if(client != NULL) { /* check client */ if (client->flags.invalid) { - kdc_log(context, config, 0, "Client (%s) has invalid bit set", client_name); + kdc_log(context, config, 0, + "Client (%s) has invalid bit set", client_name); return KRB5KDC_ERR_POLICY; } if(!client->flags.client){ - kdc_log(context, config, 0, "Principal may not act as client -- %s", + kdc_log(context, config, 0, + "Principal may not act as client -- %s", client_name); return KRB5KDC_ERR_POLICY; } @@ -685,7 +687,7 @@ check_flags(krb5_context context, static krb5_boolean check_addresses(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, HostAddresses *addresses, const struct sockaddr *from) { krb5_error_code ret; @@ -708,12 +710,12 @@ check_addresses(krb5_context context, } krb5_error_code -as_rep(krb5_context context, - struct krb5_kdc_configuration *config, - KDC_REQ *req, - krb5_data *reply, - const char *from, - struct sockaddr *from_addr) +_kdc_as_rep(krb5_context context, + krb5_kdc_configuration *config, + KDC_REQ *req, + krb5_data *reply, + const char *from, + struct sockaddr *from_addr) { KDC_REQ_BODY *b = &req->req_body; AS_REP rep; @@ -764,7 +766,7 @@ as_rep(krb5_context context, kdc_log(context, config, 0, "AS-REQ %s from %s for %s", client_name, from, server_name); - ret = db_fetch(context, config, client_princ, &client); + ret = _kdc_db_fetch(context, config, client_princ, &client); if(ret){ kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, krb5_get_err_text(context, ret)); @@ -772,7 +774,7 @@ as_rep(krb5_context context, goto out; } - ret = db_fetch(context, config, server_princ, &server); + ret = _kdc_db_fetch(context, config, server_princ, &server); if(ret){ kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -780,8 +782,10 @@ as_rep(krb5_context context, goto out; } - ret = check_flags(context, config, - client, client_name, server, server_name, TRUE); + ret = _kdc_check_flags(context, config, + client, client_name, + server, server_name, + TRUE); if(ret) goto out; @@ -815,25 +819,26 @@ as_rep(krb5_context context, if (pa) { char *client_cert = NULL; - ret = pk_rd_padata(context, req, pa, &pkp); + ret = _pk_rd_padata(context, req, pa, &pkp); if (ret) { ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - kdc_log(context, config, 5, "Failed to decode PKINIT PA-DATA -- %s", + kdc_log(context, config, 5, + "Failed to decode PKINIT PA-DATA -- %s", client_name); goto ts_enc; } if (ret == 0 && pkp == NULL) goto ts_enc; - ret = pk_check_client(context, - client_princ, - client, - pkp, - &client_cert); + ret = _pk_check_client(context, + client_princ, + client, + pkp, + &client_cert); if (ret) { e_text = "PKINIT certificate not allowed to " "impersonate principal"; - pk_free_client_param(context, pkp); + _pk_free_client_param(context, pkp); pkp = NULL; goto ts_enc; } @@ -917,7 +922,7 @@ as_rep(krb5_context context, e_text = "Failed to decrypt PA-DATA"; kdc_log(context, config, 5, "Failed to decrypt PA-DATA -- %s", - client_name); + client_name); ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; continue; } @@ -932,7 +937,7 @@ as_rep(krb5_context context, ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; kdc_log(context, config, 5, "Failed to decode PA-ENC-TS_ENC -- %s", - client_name); + client_name); continue; } free_PA_ENC_TS_ENC(&p); @@ -1270,8 +1275,8 @@ as_rep(krb5_context context, reply_key = &ckey->key; #if PKINIT if (pkp) { - ret = pk_mk_pa_reply(context, pkp, client, req, - &reply_key, rep.padata); + ret = _pk_mk_pa_reply(context, pkp, client, req, + &reply_key, rep.padata); if (ret) goto out; } @@ -1309,7 +1314,7 @@ as_rep(krb5_context context, out2: #ifdef PKINIT if (pkp) - pk_free_client_param(context, pkp); + _pk_free_client_param(context, pkp); #endif if (client_princ) krb5_free_principal(context, client_princ); @@ -1318,16 +1323,16 @@ as_rep(krb5_context context, krb5_free_principal(context, server_princ); free(server_name); if(client) - free_ent(context, client); + _kdc_free_ent(context, client); if(server) - free_ent(context, server); + _kdc_free_ent(context, server); return ret; } static krb5_error_code check_tgs_flags(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, KDC_REQ_BODY *b, EncTicketPart *tgt, EncTicketPart *et) { KDCOptions f = b->kdc_options; @@ -1448,7 +1453,7 @@ check_tgs_flags(krb5_context context, static krb5_error_code fix_transited_encoding(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, krb5_boolean check_policy, TransitedEncoding *tr, EncTicketPart *et, @@ -1545,7 +1550,7 @@ fix_transited_encoding(krb5_context context, static krb5_error_code tgs_make_reply(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, KDC_REQ_BODY *b, EncTicketPart *tgt, EncTicketPart *adtkt, @@ -1755,7 +1760,7 @@ tgs_make_reply(krb5_context context, static krb5_error_code tgs_check_authenticator(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, krb5_auth_context ac, KDC_REQ_BODY *b, const char **e_text, @@ -1869,7 +1874,7 @@ need_referral(krb5_context context, krb5_principal server, krb5_realm **realms) static krb5_error_code tgs_rep2(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, KDC_REQ_BODY *b, PA_DATA *tgs_req, krb5_data *reply, @@ -1918,7 +1923,7 @@ tgs_rep2(krb5_context context, ap_req.ticket.sname, ap_req.ticket.realm); - ret = db_fetch(context, config, princ, &krbtgt); + ret = _kdc_db_fetch(context, config, princ, &krbtgt); if(ret) { char *p; @@ -2117,7 +2122,7 @@ tgs_rep2(krb5_context context, goto out2; } _krb5_principalname2krb5_principal(&p, t->sname, t->realm); - ret = db_fetch(context, config, p, &uu); + ret = _kdc_db_fetch(context, config, p, &uu); krb5_free_principal(context, p); if(ret){ if (ret == HDB_ERR_NOENTRY) @@ -2156,7 +2161,7 @@ tgs_rep2(krb5_context context, kdc_log(context, config, 0, "TGS-REQ %s from %s for %s", cpn, from, spn); server_lookup: - ret = db_fetch(context, config, sp, &server); + ret = _kdc_db_fetch(context, config, sp, &server); if(ret){ const char *new_rlm; @@ -2205,7 +2210,7 @@ tgs_rep2(krb5_context context, goto out; } - ret = db_fetch(context, config, cp, &client); + ret = _kdc_db_fetch(context, config, cp, &client); if(ret) kdc_log(context, config, 1, "Client not found in database: %s: %s", cpn, krb5_get_err_text(context, ret)); @@ -2235,8 +2240,10 @@ tgs_rep2(krb5_context context, } - ret = check_flags(context, config, - client, cpn, server, spn, FALSE); + ret = _kdc_check_flags(context, config, + client, cpn, + server, spn, + FALSE); if(ret) goto out; @@ -2274,11 +2281,11 @@ tgs_rep2(krb5_context context, free(cpn); if(server) - free_ent(context, server); + _kdc_free_ent(context, server); if(client) - free_ent(context, client); + _kdc_free_ent(context, client); } -out2: + out2: if(ret) { krb5_mk_error(context, ret, @@ -2305,19 +2312,19 @@ out2: } if(krbtgt) - free_ent(context, krbtgt); + _kdc_free_ent(context, krbtgt); return ret; } krb5_error_code -tgs_rep(krb5_context context, - struct krb5_kdc_configuration *config, - KDC_REQ *req, - krb5_data *data, - const char *from, - struct sockaddr *from_addr) +_kdc_tgs_rep(krb5_context context, + krb5_kdc_configuration *config, + KDC_REQ *req, + krb5_data *data, + const char *from, + struct sockaddr *from_addr) { krb5_error_code ret; int i = 0; diff --git a/kdc/log.c b/kdc/log.c index 8a2fec0a9..0af0dcda7 100644 --- a/kdc/log.c +++ b/kdc/log.c @@ -36,7 +36,7 @@ RCSID("$Id$"); void kdc_openlog(krb5_context context, - struct krb5_kdc_configuration *config) + krb5_kdc_configuration *config) { char **s = NULL, **p; krb5_initlog(context, "kdc", &config->logf); @@ -54,7 +54,7 @@ kdc_openlog(krb5_context context, char* kdc_log_msg_va(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int level, const char *fmt, va_list ap) { char *msg; @@ -64,7 +64,7 @@ kdc_log_msg_va(krb5_context context, char* kdc_log_msg(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int level, const char *fmt, ...) { va_list ap; @@ -77,7 +77,7 @@ kdc_log_msg(krb5_context context, void kdc_log(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, int level, const char *fmt, ...) { va_list ap; diff --git a/kdc/main.c b/kdc/main.c index 7074b84ec..6c07a38c6 100644 --- a/kdc/main.c +++ b/kdc/main.c @@ -53,7 +53,7 @@ main(int argc, char **argv) { krb5_error_code ret; krb5_context context; - struct krb5_kdc_configuration *config; + krb5_kdc_configuration *config; setprogname(argv[0]); diff --git a/kdc/misc.c b/kdc/misc.c index 3626cdc02..489ca65c2 100644 --- a/kdc/misc.c +++ b/kdc/misc.c @@ -35,13 +35,13 @@ RCSID("$Id$"); -struct timeval now; +struct timeval _kdc_now; krb5_error_code -db_fetch(krb5_context context, - struct krb5_kdc_configuration *config, - krb5_principal principal, - hdb_entry **h) +_kdc_db_fetch(krb5_context context, + krb5_kdc_configuration *config, + krb5_principal principal, + hdb_entry **h) { hdb_entry *ent; krb5_error_code ret = HDB_ERR_NOENTRY; @@ -74,7 +74,7 @@ db_fetch(krb5_context context, } void -free_ent(krb5_context context, hdb_entry *ent) +_kdc_free_ent(krb5_context context, hdb_entry *ent) { hdb_free_entry (context, ent); free (ent); diff --git a/kdc/pkinit.c b/kdc/pkinit.c index 381050ca7..98ff57ad6 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -271,7 +271,7 @@ pk_encrypt_key(krb5_context context, } void -pk_free_client_param(krb5_context context, pk_client_params *client_params) +_pk_free_client_param(krb5_context context, pk_client_params *client_params) { if (client_params->certificate) _krb5_pk_cert_free(client_params->certificate); @@ -508,10 +508,10 @@ verify_trusted_ca(PA_PK_AS_REQ_19 *r) #endif /* 0 */ krb5_error_code -pk_rd_padata(krb5_context context, - KDC_REQ *req, - PA_DATA *pa, - pk_client_params **ret_params) +_pk_rd_padata(krb5_context context, + KDC_REQ *req, + PA_DATA *pa, + pk_client_params **ret_params) { pk_client_params *client_params; krb5_error_code ret; @@ -1169,12 +1169,12 @@ pk_mk_pa_reply_dh(krb5_context context, */ krb5_error_code -pk_mk_pa_reply(krb5_context context, - pk_client_params *client_params, - const hdb_entry *client, - const KDC_REQ *req, - krb5_keyblock **reply_key, - METHOD_DATA *md) +_pk_mk_pa_reply(krb5_context context, + pk_client_params *client_params, + const hdb_entry *client, + const KDC_REQ *req, + krb5_keyblock **reply_key, + METHOD_DATA *md) { krb5_error_code ret; void *buf; @@ -1432,11 +1432,11 @@ pk_principal_from_X509(krb5_context context, /* XXX match with issuer too ? */ krb5_error_code -pk_check_client(krb5_context context, - krb5_principal client_princ, - const hdb_entry *client, - pk_client_params *client_params, - char **subject_name) +_pk_check_client(krb5_context context, + krb5_principal client_princ, + const hdb_entry *client, + pk_client_params *client_params, + char **subject_name) { struct krb5_pk_cert *client_cert = client_params->certificate; krb5_principal cert_princ; @@ -1522,7 +1522,7 @@ add_principal_mapping(const char *principal_name, const char * subject) krb5_error_code -pk_initialize(const char *user_id, const char *x509_anchors) +_pk_initialize(const char *user_id, const char *x509_anchors) { const char *mapping_file; krb5_error_code ret; diff --git a/kdc/process.c b/kdc/process.c index ef4727019..c9fdd15ad 100644 --- a/kdc/process.c +++ b/kdc/process.c @@ -43,7 +43,7 @@ RCSID("$Id$"); int krb5_kdc_process_generic_request(krb5_context context, - struct krb5_kdc_configuration *config, + krb5_kdc_configuration *config, unsigned char *buf, size_t len, krb5_data *reply, @@ -56,27 +56,27 @@ krb5_kdc_process_generic_request(krb5_context context, krb5_error_code ret; size_t i; - gettimeofday(&now, NULL); + gettimeofday(&_kdc_now, NULL); if(decode_AS_REQ(buf, len, &req, &i) == 0){ - ret = as_rep(context, config, &req, reply, from, addr); + ret = _kdc_as_rep(context, config, &req, reply, from, addr); free_AS_REQ(&req); return ret; }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = tgs_rep(context, config, &req, reply, from, addr); + ret = _kdc_tgs_rep(context, config, &req, reply, from, addr); free_TGS_REQ(&req); return ret; }else if(decode_Ticket(buf, len, &ticket, &i) == 0){ - ret = do_524(context, config, &ticket, reply, from, addr); + ret = _kdc_do_524(context, config, &ticket, reply, from, addr); free_Ticket(&ticket); return ret; - } else if(maybe_version4(buf, len)){ + } else if(_kdc_maybe_version4(buf, len)){ *prependlength = FALSE; /* elbitapmoc sdrawkcab XXX */ - do_version4(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); + _kdc_do_version4(context, config, buf, len, reply, from, + (struct sockaddr_in*)addr); return 0; } else if (config->enable_kaserver) { - ret = do_kaserver(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); + ret = _kdc_do_kaserver(context, config, buf, len, reply, from, + (struct sockaddr_in*)addr); return ret; } @@ -90,25 +90,26 @@ krb5_kdc_process_generic_request(krb5_context context, * This only processes krb5 requests */ -int krb5_kdc_process_krb5_request(krb5_context context, - struct krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr *addr) +int +krb5_kdc_process_krb5_request(krb5_context context, + krb5_kdc_configuration *config, + unsigned char *buf, + size_t len, + krb5_data *reply, + const char *from, + struct sockaddr *addr) { KDC_REQ req; krb5_error_code ret; size_t i; - gettimeofday(&now, NULL); + gettimeofday(&_kdc_now, NULL); if(decode_AS_REQ(buf, len, &req, &i) == 0){ - ret = as_rep(context, config, &req, reply, from, addr); + ret = _kdc_as_rep(context, config, &req, reply, from, addr); free_AS_REQ(&req); return ret; }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = tgs_rep(context, config, &req, reply, from, addr); + ret = _kdc_tgs_rep(context, config, &req, reply, from, addr); free_TGS_REQ(&req); return ret; }