lib/krb5: let krb5_init_creds_step() return an allocated out buffer

It should not return pointers to the internal state,
this matches the way the krb5_init_creds_step() works in MIT.

NOTE: commit 1cdc9d5f3c
"krb5: export krb5_init_creds_step()" exported
krb5_init_creds_step() the first time, but that's
not in any released version, so it should be fine
to change the behavior as there can't be any
external users of the function.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

lib/krb5/init_creds_pw.c

@@ -3411,8 +3411,11 @@ init_creds_step(krb5_context context,
     if(len != ctx->req_buffer.length)
 	krb5_abortx(context, "internal error in ASN.1 encoder");
 
-    out->data = ctx->req_buffer.data;
+    ret = krb5_data_copy(out,
-    out->length = ctx->req_buffer.length;
+			 ctx->req_buffer.data,
+			 ctx->req_buffer.length);
+    if (ret)
+	goto out;
 
     *flags = KRB5_INIT_CREDS_STEP_FLAG_CONTINUE;
 
@@ -3434,8 +3437,8 @@ init_creds_step(krb5_context context,
  *
  * @param context a Kerberos 5 context.
  * @param ctx ctx krb5_init_creds_context context.
- * @param in input data from KDC, first round it should be reset by krb5_data_zer().
+ * @param in input data from KDC, first round it should be reset by krb5_data_zero().
- * @param out reply to KDC.
+ * @param out reply to KDC. The caller needs to call krb5_data_free()
  * @param flags status of the round, if
  *        KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round.
  *
@@ -3701,6 +3704,7 @@ krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx)
 
 	ret = krb5_sendto_context (context, stctx, &out,
 				   ctx->cred.client->realm, &in);
+	krb5_data_free(&out);
     	if (ret)
 	    goto out;