export internal functions so we dont need private headers

kuser/kinit.c

@@ -39,12 +39,6 @@
 #include <Security/Security.h>
 #endif
 
-struct krb5_dh_moduli;
-struct AlgorithmIdentifier;
-struct _krb5_krb_auth_data;
-struct hx509_certs_data;
-#include <krb5-private.h>
-
 #ifndef NO_NTLM
 #include "heimntlm.h"
 #endif
@@ -457,7 +451,7 @@ get_new_tickets(krb5_context context,
 	if (ret)
 	    krb5_err(context, 1, ret, "krb5_get_init_creds_opt_set_pkinit");
 	if (ent_user_id)
-	    _krb5_get_init_creds_opt_set_pkinit_user_certs(context, opt, ent_user_id);
+	    krb5_get_init_creds_opt_set_pkinit_user_certs(context, opt, ent_user_id);
     }
 
     if (addrs_flag != -1)
@@ -768,7 +762,7 @@ main (int argc, char **argv)
 	parseflags |= KRB5_PRINCIPAL_PARSE_ENTERPRISE;
 
     if (pk_enterprise_flag) {
-	ret = _krb5_pk_enterprise_cert(context, pk_user_id,
+	ret = krb5_pk_enterprise_cert(context, pk_user_id,
 				      argv[0], &principal,
 				      &ent_user_id);
 	if (ret)

lib/krb5/krb5.h

@@ -847,6 +847,8 @@ typedef krb5_error_code
  *
  */
 
+struct hx509_certs_data;
+
 #include <krb5-protos.h>
 
 /* variables */

lib/krb5/libkrb5-exports.def.in

@@ -766,8 +766,8 @@ EXPORTS
 	_krb5_expand_path_tokens	;!
 
         ; kinit helper
-	_krb5_get_init_creds_opt_set_pkinit_user_certs
+	krb5_get_init_creds_opt_set_pkinit_user_certs
-	_krb5_pk_enterprise_cert
+	krb5_pk_enterprise_cert
 
 	; testing
 ;!	_krb5_aes_cts_encrypt

lib/krb5/pkinit.c

@@ -2455,7 +2455,7 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
 }
 
 krb5_error_code KRB5_LIB_FUNCTION
-_krb5_get_init_creds_opt_set_pkinit_user_certs(krb5_context context,
+krb5_get_init_creds_opt_set_pkinit_user_certs(krb5_context context,
 					      krb5_get_init_creds_opt *opt,
 					      struct hx509_certs_data *certs)
 {
@@ -2529,7 +2529,7 @@ find_ms_san(hx509_context context, hx509_cert cert, void *ctx)
  */
 
 KRB5_LIB_FUNCTION krb5_error_code  KRB5_LIB_CALL
-_krb5_pk_enterprise_cert(krb5_context context,
+krb5_pk_enterprise_cert(krb5_context context,
 			const char *user_id,
 			krb5_const_realm realm,
 			krb5_principal *principal,

lib/krb5/version-script.map

@@ -756,8 +756,8 @@ HEIMDAL_KRB5_2.0 {
 		_krb5_s4u2self_to_checksumdata;
 
 		# kinit helper
-		_krb5_get_init_creds_opt_set_pkinit_user_certs;
+		krb5_get_init_creds_opt_set_pkinit_user_certs;
-		_krb5_pk_enterprise_cert;
+		krb5_pk_enterprise_cert;
 
 		# testing
 		_krb5_aes_cts_encrypt;