Since plugins no longer have a way of accessing the 'ek' member of the
request structure, this function provides a way for a plugin to add
encrypted padata to the response.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Add libkdc wrappers for heimbase object accessors so plugins can use audit and
request attribute APIs without consuming libheimbase. Exposed API surface is
minimal and is limited to reading array collections, and reading/creating base
and custom types.
Add an internal-use setter accessor for use by mssfu.c when principal names are
replaced. This also fixes a leak where r->client_princ was not freed before
being replaced with the impersonated client name.
Remove hdb_entry_ex and revert to the original design of hdb_entry (except with
an additional context member in hdb_entry which is managed by the free_entry
method in HDB).
Add some notes about the KDC plugin API contract, and require plugins to
explicitly indicate which version of the API they support (remove the macro
alias for the current version).
Annotate libkdc APIs with KDC_LIB_{CALL,FUNCTION} to ensure correct calling
convention and optimized DLL importing on Windows.
Ensure Windows and libtool export tables are consistent.
Rename the "windc" plugin API to the more general "kdc" plugin API, for two
reasons: the Heimdal KDC uses the Windows PAC even when not emulating a domain
controller, and the plugin API has accreted methods that are not specific to
emulating a domain controller (such as referral_policy and finalize_reply).
