diff --git a/krb5/lib/crypto/Makefile b/krb5/lib/crypto/Makefile index 5087a2fb559b..5efe53d12aa8 100644 --- a/krb5/lib/crypto/Makefile +++ b/krb5/lib/crypto/Makefile @@ -1,51 +1,52 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= k5crypto # SHLIB_MAJOR= 3 LDFLAGS=-Wl,--no-undefined LIBADD= com_err krb5support crypto +VERSION_MAP= ${.CURDIR}/version.map # XXX The following doesn't work. Even though the pathnames are the same # XXX we need to use the alternative .include statements. # .include "${KRB5_CRYPTOLIBDIR}/krb/Makefile.inc" # .include "${KRB5_CRYPTOLIBDIR}/builtin/Makefile.inc" # .include "${KRB5_CRYPTOLIBDIR}/openssl/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/error_tables/Makefile.inc" SRCS+= ${GEN_ET} .include "${KRB5_SRCTOP}/lib/crypto/krb/Makefile.inc" .include "${KRB5_SRCTOP}/lib/crypto/builtin/Makefile.inc" .include "${KRB5_SRCTOP}/lib/crypto/openssl/Makefile.inc" # Not normally configured to use the openssl provider # .include "${KRB5_SRCTOP}/lib/crypto/openssl/Makefile.inc" CFLAGS+=-I${.CURDIR:H:H}/include \ -I${KRB5_DIR}/include \ -I${KRB5_DIR}/lib/crypto \ -I${KRB5_DIR}/lib/crypto/krb \ -I${KRB5_DIR}/lib/crypto/builtin/aes \ -I${KRB5_DIR}/lib/crypto/builtin/camellia \ -I${KRB5_DIR}/lib/crypto/builtin/des \ -I${KRB5_DIR}/lib/crypto/builtin/md4 \ -I${KRB5_DIR}/lib/crypto/builtin/md5 \ -I${KRB5_DIR}/lib/crypto/builtin/sha1 \ -I${KRB5_DIR}/lib/crypto/builtin/sha2 \ -I${SRCTOP}/crypto/openssl/include .include diff --git a/krb5/lib/crypto/version.map b/krb5/lib/crypto/version.map new file mode 100644 index 000000000000..bd4c2c1cd23f --- /dev/null +++ b/krb5/lib/crypto/version.map @@ -0,0 +1,108 @@ +KRB5_CRYPTO_1.0 { + global: + krb5_c_make_random_key; + krb5_c_encrypt_length; + krb5_process_key; + krb5_string_to_cksumtype; + krb5_c_valid_enctype; + krb5_c_valid_cksumtype; + krb5_string_to_key; + krb5_c_encrypt_iov; + krb5_c_checksum_length; + is_keyed_cksum; + krb5_c_padding_length; + is_coll_proof_cksum; + krb5_init_random_key; + krb5_c_string_to_key_with_params; + krb5_c_random_make_octets; + krb5_c_random_os_entropy; + krb5_c_decrypt; + krb5_c_crypto_length; + krb5_c_block_size; + krb5_cksumtype_to_string; + krb5_c_keyed_checksum_types; + krb5_c_is_keyed_cksum; + krb5_c_crypto_length_iov; + valid_cksumtype; + krb5_c_random_seed; + krb5_c_random_to_key; + krb5_verify_checksum; + krb5_c_free_state; + krb5_c_verify_checksum; + krb5_c_random_add_entropy; + krb5_c_decrypt_iov; + krb5_c_make_checksum; + krb5_checksum_size; + krb5_free_cksumtypes; + krb5_finish_key; + krb5_encrypt_size; + krb5_c_keylengths; + krb5_c_prf; + krb5_encrypt; + krb5_string_to_enctype; + krb5_c_is_coll_proof_cksum; + krb5_c_init_state; + krb5_eblock_enctype; + krb5_decrypt; + krb5_c_encrypt; + krb5_c_enctype_compare; + krb5_c_verify_checksum_iov; + valid_enctype; + krb5_enctype_to_string; + krb5_enctype_to_name; + krb5_c_make_checksum_iov; + krb5_calculate_checksum; + krb5_c_string_to_key; + krb5_use_enctype; + krb5_random_key; + krb5_finish_random_key; + krb5_c_prf_length; + krb5int_c_mandatory_cksumtype; + krb5_c_fx_cf2_simple; + krb5int_c_weak_enctype; + krb5_encrypt_data; + krb5int_c_copy_keyblock; + krb5int_c_copy_keyblock_contents; + krb5int_c_free_keyblock_contents; + krb5int_c_free_keyblock; + krb5int_c_init_keyblock; + krb5int_hash_md4; + krb5int_hash_md5; + krb5int_hash_sha256; + krb5int_hash_sha384; + krb5int_enc_arcfour; + krb5int_hmac; + krb5_k_create_key; + krb5_k_decrypt; + krb5_k_decrypt_iov; + krb5_k_encrypt; + krb5_k_encrypt_iov; + krb5_k_free_key; + krb5_k_key_enctype; + krb5_k_key_keyblock; + krb5_k_make_checksum; + krb5_k_make_checksum_iov; + krb5_k_prf; + krb5_k_reference_key; + krb5_k_verify_checksum; + krb5_k_verify_checksum_iov; + krb5int_aes_encrypt; + krb5int_aes_decrypt; + krb5int_enc_des3; + krb5int_arcfour_gsscrypt; + krb5int_camellia_encrypt; + krb5int_cmac_checksum; + krb5int_enc_aes128; + krb5int_enc_aes256; + krb5int_enc_camellia128; + krb5int_enc_camellia256; + krb5int_derive_key; + krb5int_derive_random; + k5_sha256; + krb5int_nfold; + k5_allow_weak_pbkdf2iter; + krb5_c_prfplus; + krb5_c_derive_prfplus; + k5_enctype_to_ssf; + krb5int_c_deprecated_enctype; +}; diff --git a/krb5/lib/gssapi/Makefile b/krb5/lib/gssapi/Makefile index 51ed6f162d65..569452cfb538 100644 --- a/krb5/lib/gssapi/Makefile +++ b/krb5/lib/gssapi/Makefile @@ -1,48 +1,49 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= gssapi_krb5 # SHLIB_MAJOR= 2 LDFLAGS=-Wl,--no-undefined LIBADD= krb5 k5crypto com_err krb5profile krb5support +VERSION_MAP= ${.CURDIR}/version.map # This is a contcatonation of: # crypto/krb5/src/lib/gssapi/libgssapi_krb5.exports # crypto/krb5/src/lib/gssapi/spnego/mech_spnego.exports .include "${KRB5_SRCTOP}/lib/gssapi/generic/Makefile.inc" .include "${KRB5_SRCTOP}/lib/gssapi/krb5/Makefile.inc" .include "${KRB5_SRCTOP}/lib/gssapi/spnego/Makefile.inc" .include "${KRB5_SRCTOP}/lib/gssapi/mechglue/Makefile.inc" DEFINES=-D_GSS_STATIC_LINK=1 CFLAGS+=${DEFINES} \ -I${KRB5_DIR}/lib/gssapi/generic \ -I${KRB5_DIR}/lib/gssapi/krb5 \ -I${KRB5_DIR}/lib/gssapi/spnego \ -I${KRB5_DIR}/lib/gssapi/mechglue \ -I${KRB5_DIR}/lib/gssapi \ -I${KRB5_DIR}/lib \ -I${KRB5_SRCTOP}/lib \ -I${KRB5_SRCTOP}/lib/gssapi \ -I${KRB5_OBJTOP}/lib/gssapi \ -I${KRB5_OBJTOP}/lib \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include .SUFFIXES: .h .c .et diff --git a/krb5/lib/gssapi/version.map b/krb5/lib/gssapi/version.map new file mode 100644 index 000000000000..95f7ed5151db --- /dev/null +++ b/krb5/lib/gssapi/version.map @@ -0,0 +1,173 @@ +KRB5_GSSAPI_1.0 { + global: + GSS_C_ATTR_LOCAL_LOGIN_USER; + GSS_C_INQ_NEGOEX_KEY; + GSS_C_INQ_NEGOEX_VERIFY_KEY; + GSS_C_INQ_SSPI_SESSION_KEY; + GSS_C_MA_AUTH_INIT; + GSS_C_MA_AUTH_INIT_ANON; + GSS_C_MA_AUTH_INIT_INIT; + GSS_C_MA_AUTH_TARG; + GSS_C_MA_AUTH_TARG_ANON; + GSS_C_MA_AUTH_TARG_INIT; + GSS_C_MA_CBINDINGS; + GSS_C_MA_COMPRESS; + GSS_C_MA_CONF_PROT; + GSS_C_MA_CTX_TRANS; + GSS_C_MA_DELEG_CRED; + GSS_C_MA_DEPRECATED; + GSS_C_MA_INTEG_PROT; + GSS_C_MA_ITOK_FRAMED; + GSS_C_MA_MECH_COMPOSITE; + GSS_C_MA_MECH_CONCRETE; + GSS_C_MA_MECH_GLUE; + GSS_C_MA_MECH_NEGO; + GSS_C_MA_MECH_PSEUDO; + GSS_C_MA_MIC; + GSS_C_MA_NEGOEX_AND_SPNEGO; + GSS_C_MA_NOT_DFLT_MECH; + GSS_C_MA_NOT_MECH; + GSS_C_MA_OOS_DET; + GSS_C_MA_PFS; + GSS_C_MA_PROT_READY; + GSS_C_MA_REPLAY_DET; + GSS_C_MA_WRAP; + GSS_C_NT_ANONYMOUS; + GSS_C_NT_COMPOSITE_EXPORT; + GSS_C_NT_EXPORT_NAME; + GSS_C_NT_HOSTBASED_SERVICE; + GSS_C_NT_HOSTBASED_SERVICE_X; + GSS_C_NT_MACHINE_UID_NAME; + GSS_C_NT_STRING_UID_NAME; + GSS_C_NT_USER_NAME; + GSS_C_SEC_CONTEXT_SASL_SSF; + GSS_KRB5_CRED_NO_CI_FLAGS_X; + GSS_KRB5_GET_CRED_IMPERSONATOR; + GSS_KRB5_NT_ENTERPRISE_NAME; + GSS_KRB5_NT_PRINCIPAL_NAME; + GSS_KRB5_NT_X509_CERT; + gss_accept_sec_context; + gss_acquire_cred; + gss_acquire_cred_from; + gss_acquire_cred_impersonate_name; + gss_acquire_cred_with_password; + gss_add_buffer_set_member; + gss_add_cred; + gss_add_cred_from; + gss_add_cred_impersonate_name; + gss_add_cred_with_password; + gss_add_oid_set_member; + gss_authorize_localname; + gss_canonicalize_name; + gss_compare_name; + gss_complete_auth_token; + gss_context_time; + gss_create_empty_buffer_set; + gss_create_empty_oid_set; + gss_decapsulate_token; + gss_delete_name_attribute; + gss_delete_sec_context; + gss_display_mech_attr; + gss_display_name; + gss_display_name_ext; + gss_display_status; + gss_duplicate_name; + gss_encapsulate_token; + gss_export_cred; + gss_export_name; + gss_export_name_composite; + gss_export_sec_context; + gss_get_mic; + gss_get_mic_iov; + gss_get_mic_iov_length; + gss_get_name_attribute; + gss_import_cred; + gss_import_name; + gss_import_sec_context; + gss_indicate_mechs; + gss_indicate_mechs_by_attrs; + gss_init_sec_context; + gss_inquire_attrs_for_mech; + gss_inquire_context; + gss_inquire_cred; + gss_inquire_cred_by_mech; + gss_inquire_cred_by_oid; + gss_inquire_mech_for_saslname; + gss_inquire_mechs_for_name; + gss_inquire_name; + gss_inquire_names_for_mech; + gss_inquire_saslname_for_mech; + gss_inquire_sec_context_by_oid; + gss_krb5_ccache_name; + gss_krb5_copy_ccache; + gss_krb5_export_lucid_sec_context; + gss_krb5_free_lucid_sec_context; + gss_krb5_get_tkt_flags; + gss_krb5_import_cred; + gss_krb5_set_allowable_enctypes; + gss_krb5_set_cred_rcache; + gss_krb5int_make_seal_token_v3; + gss_krb5int_unseal_token_v3; + gss_localname; + gss_map_name_to_any; + gss_mech_iakerb; + gss_mech_initialize; + gss_mech_krb5; + gss_mech_krb5_old; + gss_mech_krb5_wrong; + gss_mech_set_krb5; + gss_mech_set_krb5_both; + gss_mech_set_krb5_old; + gss_nt_exported_name; + gss_nt_krb5_name; + gss_nt_krb5_principal; + gss_nt_machine_uid_name; + gss_nt_service_name; + gss_nt_service_name_v2; + gss_nt_string_uid_name; + gss_nt_user_name; + gss_oid_equal; + gss_oid_to_str; + gss_pname_to_uid; + gss_process_context_token; + gss_pseudo_random; + gss_release_any_name_mapping; + gss_release_buffer; + gss_release_buffer_set; + gss_release_cred; + gss_release_iov_buffer; + gss_release_name; + gss_release_oid; + gss_release_oid_set; + gss_seal; + gss_set_cred_option; + gss_set_name_attribute; + gss_set_neg_mechs; + gss_set_sec_context_option; + gss_sign; + gss_store_cred; + gss_store_cred_into; + gss_str_to_oid; + gss_test_oid_set_member; + gss_unseal; + gss_unwrap; + gss_unwrap_aead; + gss_unwrap_iov; + gss_userok; + gss_verify; + gss_verify_mic; + gss_verify_mic_iov; + gss_wrap; + gss_wrap_aead; + gss_wrap_iov; + gss_wrap_iov_length; + gss_wrap_size_limit; + gssint_g_seqstate_init; + gsskrb5_extract_authtime_from_sec_context; + gsskrb5_extract_authz_data_from_sec_context; + gssspi_mech_invoke; + gssspi_set_cred_option; + krb5_gss_dbg_client_expcreds; + krb5_gss_register_acceptor_identity; + krb5_gss_use_kdc_context; +}; diff --git a/krb5/lib/kadm5clnt/Makefile b/krb5/lib/kadm5clnt/Makefile index ddb9b0e9fec5..c9f199bdaea3 100644 --- a/krb5/lib/kadm5clnt/Makefile +++ b/krb5/lib/kadm5clnt/Makefile @@ -1,97 +1,98 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= kadm5clnt_mit # SHLIB_MAJOR= 12 LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile gssrpc gssapi_krb5 krb5 k5crypto krb5support com_err +VERSION_MAP= ${.CURDIR}/version.map SRCS= alt_prof.c \ chpass_util.c \ logger.c \ kadm_rpc_xdr.c \ misc_free.c \ str_conv.c \ ${GEN} \ ${GENI} .include "${KRB5_SRCTOP}/lib/kadm5clnt/clnt/Makefile.inc" CFLAGS+=-I${KRB5_DIR}/lib/kadm5 \ -I${KRB5_DIR}/include \ -I${KRB5_OBJTOP}/include/krb5_private \ -I${KRB5_SRCTOP}/include \ -I${KRB5_OBJTOP}/lib INCSDIR=${INCLUDEDIR}/kadm5 INCS= admin.h \ admin_internal.h \ admin_xdr.h \ kadm_rpc.h \ server_internal.h \ ${GENI} KADM_ERR= kadm_err.et KADM_ERR_C= ${KADM_ERR:S/.et$/.c/} KADM_ERR_H= ${KADM_ERR:S/.et$/.h/} CLEANFILES+= ${KADM_ERR_C} ${KADM_ERR_H} GEN+= ${KADM_ERR_C} GENI+= ${KADM_ERR_H} ${KADM_ERR:[2..-1]}: .NOMETA ${KADM_ERR_H}: ${KADM_ERR} rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.c et-h-${.PREFIX}.h cp ${.ALLSRC} et-h-${.PREFIX}.et ${COMPILE_ET} et-h-${.PREFIX}.et mv et-h-${.PREFIX}.h ${.PREFIX}.h rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.h ${KADM_ERR_C}: ${KADM_ERR} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c et-c-${.PREFIX}.h cp ${.ALLSRC} et-c-${.PREFIX}.et ${COMPILE_ET} et-c-${.PREFIX}.et mv et-c-${.PREFIX}.c ${.PREFIX}.c rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c CHPASS_UTIL_STRINGS_ERR= chpass_util_strings.et CHPASS_UTIL_STRINGS_ERR_C= ${CHPASS_UTIL_STRINGS_ERR:S/.et$/.c/} CHPASS_UTIL_STRINGS_ERR_H= ${CHPASS_UTIL_STRINGS_ERR:S/.et$/.h/} CLEANFILES+= ${CHPASS_UTIL_STRINGS_ERR_C} ${CHPASS_UTIL_STRINGS_ERR_H} GEN+= ${CHPASS_UTIL_STRINGS_ERR_C} GENI+= ${CHPASS_UTIL_STRINGS_ERR_H} ${CHPASS_UTIL_STRINGS_ERR:[2..-1]}: .NOMETA ${CHPASS_UTIL_STRINGS_ERR_H}: ${CHPASS_UTIL_STRINGS_ERR} rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.c et-h-${.PREFIX}.h cp ${.ALLSRC} et-h-${.PREFIX}.et ${COMPILE_ET} et-h-${.PREFIX}.et mv et-h-${.PREFIX}.h ${.PREFIX}.h rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.h ${CHPASS_UTIL_STRINGS_ERR_C}: ${CHPASS_UTIL_STRINGS_ERR} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c et-c-${.PREFIX}.h cp ${.ALLSRC} et-c-${.PREFIX}.et ${COMPILE_ET} et-c-${.PREFIX}.et mv et-c-${.PREFIX}.c ${.PREFIX}.c rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c afterinstall: ${INSTALL_LIBSYMLINK} ${SHLIB_LINK} ${DESTDIR}${LIBDIR}/libkadm5clnt.so .include .SUFFIXES: .h .c .PATH: ${KRB5_DIR}/lib/kadm5 diff --git a/krb5/lib/kadm5clnt/version.map b/krb5/lib/kadm5clnt/version.map new file mode 100644 index 000000000000..9743c7cf6140 --- /dev/null +++ b/krb5/lib/kadm5clnt/version.map @@ -0,0 +1,118 @@ +KRB5_KADM5_CLNT_1.0 { + global: + _kadm5_check_handle; + _kadm5_chpass_principal_util; + kadm5_chpass_principal; + kadm5_chpass_principal_3; + kadm5_chpass_principal_util; + kadm5_create_policy; + kadm5_create_principal; + kadm5_create_principal_3; + kadm5_decrypt_key; + kadm5_delete_policy; + kadm5_delete_principal; + kadm5_destroy; + kadm5_flush; + kadm5_free_config_params; + kadm5_free_kadm5_key_data; + kadm5_free_key_data; + kadm5_free_name_list; + kadm5_free_policy_ent; + kadm5_free_principal_ent; + kadm5_free_strings; + kadm5_get_admin_service_name; + kadm5_get_config_params; + kadm5_get_policies; + kadm5_get_policy; + kadm5_get_principal; + kadm5_get_principal_keys; + kadm5_get_principals; + kadm5_get_privs; + kadm5_get_strings; + kadm5_init; + kadm5_init_anonymous; + kadm5_init_krb5_context; + kadm5_init_with_creds; + kadm5_init_with_password; + kadm5_init_with_skey; + kadm5_lock; + kadm5_modify_policy; + kadm5_modify_principal; + kadm5_purgekeys; + kadm5_randkey_principal; + kadm5_randkey_principal_3; + kadm5_rename_principal; + kadm5_set_string; + kadm5_setkey_principal; + kadm5_setkey_principal_3; + kadm5_setkey_principal_4; + kadm5_unlock; + krb5_aprof_get_boolean; + krb5_aprof_get_deltat; + krb5_aprof_get_int32; + krb5_aprof_get_string; + krb5_aprof_getvals; + krb5_flagnum_to_string; + krb5_flagspec_to_mask; + krb5_flags_to_strings; + krb5_free_key_data_contents; + krb5_keysalt_is_present; + krb5_keysalt_iterate; + krb5_klog_close; + krb5_klog_init; + krb5_klog_reopen; + krb5_klog_set_context; + krb5_klog_syslog; + krb5_string_to_keysalts; + xdr_chpass3_arg; + xdr_chpass_arg; + xdr_chrand3_arg; + xdr_chrand_arg; + xdr_chrand_ret; + xdr_cpol_arg; + xdr_cprinc3_arg; + xdr_cprinc_arg; + xdr_dpol_arg; + xdr_dprinc_arg; + xdr_generic_ret; + xdr_getpkeys_arg; + xdr_getpkeys_ret; + xdr_getprivs_ret; + xdr_gpol_arg; + xdr_gpol_ret; + xdr_gpols_arg; + xdr_gpols_ret; + xdr_gprinc_arg; + xdr_gprinc_ret; + xdr_gprincs_arg; + xdr_gprincs_ret; + xdr_kadm5_key_data; + xdr_kadm5_policy_ent_rec; + xdr_kadm5_principal_ent_rec; + xdr_kadm5_ret_t; + xdr_krb5_deltat; + xdr_krb5_enctype; + xdr_krb5_flags; + xdr_krb5_int16; + xdr_krb5_key_data_nocontents; + xdr_krb5_key_salt_tuple; + xdr_krb5_keyblock; + xdr_krb5_kvno; + xdr_krb5_octet; + xdr_krb5_principal; + xdr_krb5_salttype; + xdr_krb5_timestamp; + xdr_krb5_tl_data; + xdr_krb5_ui_2; + xdr_krb5_ui_4; + xdr_mpol_arg; + xdr_mprinc_arg; + xdr_nullstring; + xdr_nulltype; + xdr_rprinc_arg; + xdr_setkey3_arg; + xdr_setkey4_arg; + xdr_setkey_arg; + xdr_ui_4; + kadm5_init_iprop; +}; diff --git a/krb5/lib/kadm5srv/Makefile b/krb5/lib/kadm5srv/Makefile index f716dfcdaedc..90a2180d496a 100644 --- a/krb5/lib/kadm5srv/Makefile +++ b/krb5/lib/kadm5srv/Makefile @@ -1,107 +1,108 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= kadm5srv_mit # SHLIB_MAJOR= 12 LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile gssrpc gssapi_krb5 kdb5 krb5 k5crypto krb5support com_err +VERSION_MAP= ${.CURDIR}/version.map INCSDIR= ${INCLUDEDIR}/kadm5 SRCS= alt_prof.c \ chpass_util.c \ logger.c \ kadm_rpc_xdr.c \ misc_free.c \ str_conv.c \ ${SRCS_SRV} \ ${GEN} .include "${KRB5_SRCTOP}/lib/kadm5srv/srv/Makefile.inc" INCS= admin.h \ chpass_util_strings.h \ kadm_err.h GEN= kadm_err.c kadm_err.h chpass_util_strings.c chpass_util_strings.h CLEANFILES= ${GEN} ${GENI} CFLAGS+=-I${KRB5_DIR}/lib/kadm5 \ -I${KRB5_DIR}/include \ -I${KRB5_OBJTOP}/include/krb5_private \ -I${KRB5_SRCTOP}/include \ -I${KRB5_OBJTOP}/lib \ -I${KRB5_OBJTOP}/lib/gssapi \ -I${KRB5_DIR}/lib/gssapi/krb5 \ -I${KRB5_DIR}/lib/gssapi/generic HDRDIR= ${KRB5_OBJHDR}/kadm5 HDRS= ${HDRDIR}/admin.h \ ${HDRDIR}/admin_internal.h \ ${HDRDIR}/admin_xdr.h \ ${HDRDIR}/kadm_rpc.h \ ${HDRDIR}/server_internal.h \ ${HDRDIR}/chpass_util_strings.h \ ${HDRDIR}/kadm_err.h GEN_KADM_ERR= kadm_err.et GEN_KADM_ERR_C= ${GEN_KADM_ERR:S/.et$/.c/} GEN_KADM_ERR_H= ${GEN_KADM_ERR:S/.et$/.h/} CLEANFILES= ${GEN_KADM_ERR_C} ${GEN_KADM_ERR_H} GEN_ET= ${GEN_KADM_ERR_C} GENI_ET= ${GEN_KADM_ERR_H} ${GEN_KADM_ERR:[2..-1]}: .NOMETA ${GEN_KADM_ERR_H}: ${GEN_KADM_ERR} rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.c et-h-${.PREFIX}.h cp ${.ALLSRC} et-h-${.PREFIX}.et ${COMPILE_ET} et-h-${.PREFIX}.et mv et-h-${.PREFIX}.h ${.PREFIX}.h rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.h ${GEN_KADM_ERR_C}: ${GEN_KADM_ERR} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c et-c-${.PREFIX}.h cp ${.ALLSRC} et-c-${.PREFIX}.et ${COMPILE_ET} et-c-${.PREFIX}.et mv et-c-${.PREFIX}.c ${.PREFIX}.c rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c GEN_CHPASS_UTIL_STRINGS= chpass_util_strings.et GEN_CHPASS_UTIL_STRINGS_C= ${GEN_CHPASS_UTIL_STRINGS:S/.et$/.c/} GEN_CHPASS_UTIL_STRINGS_H= ${GEN_CHPASS_UTIL_STRINGS:S/.et$/.h/} CLEANFILES+= ${GEN_CHPASS_UTIL_STRINGS_C} ${GEN_CHPASS_UTIL_STRINGS_H} GEN_ET+= ${GEN_CHPASS_UTIL_STRINGS_C} GENI_ET+= ${GEN_CHPASS_UTIL_STRINGS_H} ${GEN_CHPASS_UTIL_STRINGS:[2..-1]}: .NOMETA ${GEN_CHPASS_UTIL_STRINGS_H}: ${GEN_CHPASS_UTIL_STRINGS} rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.c et-h-${.PREFIX}.h cp ${.ALLSRC} et-h-${.PREFIX}.et ${COMPILE_ET} et-h-${.PREFIX}.et mv et-h-${.PREFIX}.h ${.PREFIX}.h rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.h ${GEN_CHPASS_UTIL_STRINGS_C}: ${GEN_CHPASS_UTIL_STRINGS} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c et-c-${.PREFIX}.h cp ${.ALLSRC} et-c-${.PREFIX}.et ${COMPILE_ET} et-c-${.PREFIX}.et mv et-c-${.PREFIX}.c ${.PREFIX}.c rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c .include .SUFFIXES: .h .c .et .PATH: ${KRB5_DIR}/lib/kadm5 diff --git a/krb5/lib/kadm5srv/version.map b/krb5/lib/kadm5srv/version.map new file mode 100644 index 000000000000..a0e9da6daef2 --- /dev/null +++ b/krb5/lib/kadm5srv/version.map @@ -0,0 +1,137 @@ +KRB5_KADM5_SRV_1.0 { + global: + _kadm5_check_handle; + _kadm5_chpass_principal_util; + hist_princ; + kadm5_chpass_principal; + kadm5_chpass_principal_3; + kadm5_chpass_principal_util; + kadm5_create_policy; + kadm5_create_principal; + kadm5_create_principal_3; + kadm5_decrypt_key; + kadm5_delete_policy; + kadm5_delete_principal; + kadm5_destroy; + kadm5_flush; + kadm5_free_config_params; + kadm5_free_kadm5_key_data; + kadm5_free_key_data; + kadm5_free_name_list; + kadm5_free_policy_ent; + kadm5_free_principal_ent; + kadm5_free_strings; + kadm5_get_config_params; + kadm5_get_policies; + kadm5_get_policy; + kadm5_get_principal; + kadm5_get_principal_keys; + kadm5_get_principals; + kadm5_get_privs; + kadm5_get_strings; + kadm5_init; + kadm5_init_anonymous; + kadm5_init_krb5_context; + kadm5_init_with_creds; + kadm5_init_with_password; + kadm5_init_with_skey; + kadm5_lock; + kadm5_modify_policy; + kadm5_modify_principal; + kadm5_purgekeys; + kadm5_randkey_principal; + kadm5_randkey_principal_3; + kadm5_rename_principal; + kadm5_set_string; + kadm5_setkey_principal; + kadm5_setkey_principal_3; + kadm5_setkey_principal_4; + kadm5_unlock; + kdb_delete_entry; + kdb_free_entry; + kdb_init_hist; + kdb_init_master; + kdb_iter_entry; + kdb_put_entry; + krb5_aprof_get_boolean; + krb5_aprof_get_deltat; + krb5_aprof_get_int32; + krb5_aprof_get_string; + krb5_aprof_get_string_all; + krb5_aprof_getvals; + krb5_copy_key_data_contents; + krb5_flagnum_to_string; + krb5_flagspec_to_mask; + krb5_flags_to_strings; + krb5_free_key_data_contents; + krb5_keysalt_is_present; + krb5_keysalt_iterate; + krb5_klog_close; + krb5_klog_init; + krb5_klog_reopen; + krb5_klog_set_context; + krb5_klog_syslog; + krb5_string_to_keysalts; + master_db; + master_princ; + osa_free_princ_ent; + passwd_check; + xdr_chpass3_arg; + xdr_chpass_arg; + xdr_chrand3_arg; + xdr_chrand_arg; + xdr_chrand_ret; + xdr_cpol_arg; + xdr_cprinc3_arg; + xdr_cprinc_arg; + xdr_dpol_arg; + xdr_dprinc_arg; + xdr_generic_ret; + xdr_getpkeys_arg; + xdr_getpkeys_ret; + xdr_getprivs_ret; + xdr_gpol_arg; + xdr_gpol_ret; + xdr_gpols_arg; + xdr_gpols_ret; + xdr_gprinc_arg; + xdr_gprinc_ret; + xdr_gprincs_arg; + xdr_gprincs_ret; + xdr_gstrings_arg; + xdr_gstrings_ret; + xdr_kadm5_policy_ent_rec; + xdr_kadm5_principal_ent_rec; + xdr_kadm5_ret_t; + xdr_krb5_deltat; + xdr_krb5_enctype; + xdr_krb5_flags; + xdr_krb5_int16; + xdr_krb5_key_data; + xdr_krb5_key_data_nocontents; + xdr_krb5_key_salt_tuple; + xdr_krb5_keyblock; + xdr_krb5_kvno; + xdr_krb5_octet; + xdr_krb5_principal; + xdr_krb5_salttype; + xdr_krb5_string_attr; + xdr_krb5_timestamp; + xdr_krb5_tl_data; + xdr_krb5_ui_2; + xdr_krb5_ui_4; + xdr_mpol_arg; + xdr_mprinc_arg; + xdr_nullstring; + xdr_nulltype; + xdr_osa_princ_ent_rec; + xdr_osa_pw_hist_ent; + xdr_purgekeys_arg; + xdr_rprinc_arg; + xdr_setkey3_arg; + xdr_setkey4_arg; + xdr_setkey_arg; + xdr_sstring_arg; + xdr_ui_4; + kadm5_init_iprop; +}; diff --git a/krb5/lib/kdb/Makefile b/krb5/lib/kdb/Makefile index ac7f058a7f11..57fe32e39347 100644 --- a/krb5/lib/kdb/Makefile +++ b/krb5/lib/kdb/Makefile @@ -1,66 +1,67 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= kdb5 # SHLIB_MAJOR= 10 LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile gssrpc krb5 k5crypto com_err krb5support gssapi_krb5 +VERSION_MAP= ${.CURDIR}/version.map SRCS= decrypt_key.c \ encrypt_key.c \ iprop_xdr.c \ kdb5.c \ kdb_convert.c \ kdb_cpw.c \ kdb_default.c \ kdb_log.c \ keytab.c \ ${GEN} \ ${GENI} DEFINES=-DKDB5_USE_LIB_KDB_DB2 CFLAGS+=${DEFINES} \ -I${KRB5_DIR}/lib/kdb \ -I${KRB5_OBJTOP}/lib/kdb \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include ADB_ERR= adb_err.et ADB_ERR_C= ${ADB_ERR:S/.et$/.c/} ADB_ERR_H= ${ADB_ERR:S/.et$/.h/} CLEANFILES= ${ADB_ERR_C} ${ADB_ERR_H} GEN+= ${ADB_ERR_C} GENI+= ${ADB_ERR_H} ${ADB_ERR_H}: ${ADB_ERR} rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.c et-h-${.PREFIX}.h cp ${.ALLSRC} et-h-${.PREFIX}.et ${COMPILE_ET} et-h-${.PREFIX}.et mv et-h-${.PREFIX}.h ${.PREFIX}.h rm -f et-h-${.PREFIX}.et et-h-${.PREFIX}.h ${ADB_ERR_C}: ${ADB_ERR} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c et-c-${.PREFIX}.h cp ${.ALLSRC} et-c-${.PREFIX}.et ${COMPILE_ET} et-c-${.PREFIX}.et mv et-c-${.PREFIX}.c ${.PREFIX}.c rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c .include .SUFFIXES: .h .c .PATH: ${KRB5_DIR}/lib/kdb diff --git a/krb5/lib/kdb/version.map b/krb5/lib/kdb/version.map new file mode 100644 index 000000000000..9522af1e9edd --- /dev/null +++ b/krb5/lib/kdb/version.map @@ -0,0 +1,111 @@ +KRB5_KDB5_1.0 { + global: + krb5_db_setup_lib_handle; + krb5_db_open; + krb5_db_inited; + krb5_db_alloc; + krb5_db_free; + krb5_db_allowed_to_delegate_from; + krb5_db_audit_as_req; + krb5_db_check_allowed_to_delegate; + krb5_db_get_s4u_x509_principal; + krb5_db_check_policy_as; + krb5_db_check_policy_tgs; + krb5_db_check_transited_realms; + krb5_db_create; + krb5_db_delete_principal; + krb5_db_destroy; + krb5_db_fetch_mkey; + krb5_db_fetch_mkey_list; + krb5_db_fini; + krb5_db_free_principal; + krb5_db_get_age; + krb5_db_get_key_data_kvno; + krb5_db_get_context; + krb5_db_get_principal; + krb5_db_issue_pac; + krb5_db_iterate; + krb5_db_lock; + krb5_db_mkey_list_alias; + krb5_db_put_principal; + krb5_db_refresh_config; + krb5_db_rename_principal; + krb5_db_set_context; + krb5_db_setup_mkey_name; + krb5_db_unlock; + krb5_db_store_master_key; + krb5_db_store_master_key_list; + krb5_dbe_apw; + krb5_dbe_ark; + krb5_dbe_cpw; + krb5_dbe_create_key_data; + krb5_dbe_crk; + krb5_dbe_find_act_mkey; + krb5_dbe_fetch_act_key_list; + krb5_dbe_find_enctype; + krb5_dbe_find_mkey; + krb5_dbe_free_actkvno_list; + krb5_dbe_free_key_data_contents; + krb5_dbe_free_mkey_aux_list; + krb5_dbe_free_key_list; + krb5_dbe_free_string; + krb5_dbe_free_strings; + krb5_dbe_get_mkvno; + krb5_dbe_get_string; + krb5_dbe_get_strings; + krb5_dbe_compute_salt; + krb5_dbe_lookup_last_admin_unlock; + krb5_dbe_lookup_last_pwd_change; + krb5_dbe_lookup_actkvno; + krb5_dbe_lookup_mkey_aux; + krb5_dbe_lookup_mkvno; + krb5_dbe_lookup_mod_princ_data; + krb5_dbe_lookup_tl_data; + krb5_dbe_search_enctype; + krb5_dbe_set_string; + krb5_dbe_specialize_salt; + krb5_dbe_update_actkvno; + krb5_dbe_update_last_admin_unlock; + krb5_dbe_update_last_pwd_change; + krb5_dbe_update_mkey_aux; + krb5_dbe_update_mkvno; + krb5_dbe_update_mod_princ_data; + krb5_dbe_update_tl_data; + krb5_db_update_tl_data; + krb5_dbe_def_encrypt_key_data; + krb5_dbe_def_decrypt_key_data; + krb5_dbe_decrypt_key_data; + krb5_dbe_encrypt_key_data; + krb5_kt_kdb_ops; + krb5_ktkdb_close; + krb5_ktkdb_get_entry; + krb5_ktkdb_resolve; + krb5_ktkdb_set_context; + krb5_mkey_pwd_prompt1; + krb5_mkey_pwd_prompt2; + krb5_db_create_policy; + krb5_db_get_policy; + krb5_db_put_policy; + krb5_db_iter_policy; + krb5_db_delete_policy; + krb5_db_free_policy; + krb5_def_store_mkey_list; + krb5_db_promote; + krb5_db_register_keytab; + ulog_add_update; + ulog_init_header; + ulog_map; + ulog_set_role; + ulog_free_entries; + xdr_kdb_last_t; + xdr_kdb_incr_result_t; + xdr_kdb_fullresync_result_t; + ulog_fini; + ulog_get_entries; + ulog_get_last; + ulog_get_sno_status; + ulog_replay; + ulog_set_last; + xdr_kdb_incr_update_t; + krb5_dbe_sort_key_data; +}; diff --git a/krb5/lib/krad/Makefile b/krb5/lib/krad/Makefile index 4b18af482207..28751d9bf9b6 100644 --- a/krb5/lib/krad/Makefile +++ b/krb5/lib/krad/Makefile @@ -1,39 +1,40 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5-lib .include .include "../Makefile.inc" LIB= krad # SHLIB_MAJOR= 0 LDFLAGS=-Wl,--no-undefined LIBADD= krb5 k5crypto com_err krb5profile krb5support verto +VERSION_MAP= ${.CURDIR}/version.map SRCS= attr.c \ attrset.c \ client.c \ code.c \ packet.c \ remote.c INCS= internal.h \ t_daemon.h \ t_test.h CFLAGS+=-I${KRB5_DIR}/lib/krad \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include \ -I${.OBJDIR} .include .PATH: ${KRB5_DIR}/lib/krad diff --git a/krb5/lib/krad/version.map b/krb5/lib/krad/version.map new file mode 100644 index 000000000000..7e058d9bd494 --- /dev/null +++ b/krb5/lib/krad/version.map @@ -0,0 +1,26 @@ +KRB5_KRAD_1.0 { + global: + krad_code_name2num; + krad_code_num2name; + krad_attr_name2num; + krad_attr_num2name; + krad_attrset_new; + krad_attrset_copy; + krad_attrset_free; + krad_attrset_add; + krad_attrset_add_number; + krad_attrset_del; + krad_attrset_get; + krad_packet_bytes_needed; + krad_packet_free; + krad_packet_new_request; + krad_packet_new_response; + krad_packet_decode_request; + krad_packet_decode_response; + krad_packet_encode; + krad_packet_get_code; + krad_packet_get_attr; + krad_client_new; + krad_client_free; + krad_client_send; +}; diff --git a/krb5/lib/krb5/Makefile b/krb5/lib/krb5/Makefile index bf90c7fc80f7..76f40a3174cc 100644 --- a/krb5/lib/krb5/Makefile +++ b/krb5/lib/krb5/Makefile @@ -1,75 +1,76 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= krb5 LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile k5crypto com_err krb5support # SHLIB_MAJOR= 3 +VERSION_MAP= ${.CURDIR}/version.map SRCS= krb5_libinit.c .include "${KRB5_SRCTOP}/lib/krb5/error_tables/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/asn.1/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/ccache/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/keytab/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/krb/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/os/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/rcache/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/unicode/Makefile.inc" .include "${KRB5_SRCTOP}/lib/krb5/docs/Makefile.inc" DEFINES=-DHAS_STDARG \ -DLIBDIR=\"${KRB5_LIBDIR}\" \ -DBINDIR=\"${KRB5_BINDIR}\" \ -DSBINDIR=\"${KRB5_SBINDIR}\" \ -DLOCALEDIR=\"${KRB5_LOCALEDIR}\" CFLAGS+=${DEFINES} \ -I${KRB5_DIR}/lib/krb5/error_tables \ -I${KRB5_DIR}/lib/krb5/ccache \ -I${KRB5_DIR}/lib/krb5/keytab \ -I${KRB5_DIR}/lib/krb5/krb \ -I${KRB5_DIR}/lib/krb5/os \ -I${KRB5_DIR}/lib/krb5/rcache \ -I${KRB5_DIR}/lib/krb5/unicode \ -I${KRB5_DIR}/lib/krb5/unicode/ucdata \ -I${KRB5_DIR}/lib/krb5 \ -I${KRB5_DIR}/util/profile \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include \ -I${KRB5_DIR} MAN= k5identity.5 \ k5login.5 \ kadm5.acl.5 \ kdc.conf.5 \ krb5.conf.5 \ kerberos.7 MLINKS= k5identity.5 .k5identity.5 MLINKS+=k5login.5 .k5login.5 .include .SUFFIXES: .h .c .et .man .5 .7 .man.5: @cp ${.ALLSRC} ${.TARGET} .man.7: @cp ${.ALLSRC} ${.TARGET} .PATH: ${KRB5_DIR}/lib/krb5 \ ${KRB5_DIR}/man diff --git a/krb5/lib/krb5/version.map b/krb5/lib/krb5/version.map new file mode 100644 index 000000000000..bd852023ff6c --- /dev/null +++ b/krb5/lib/krb5/version.map @@ -0,0 +1,658 @@ +KRB5_KRB5_1.0 { + global: + _krb5_conf_boolean; + decode_krb5_ad_kdcissued; + decode_krb5_ap_rep; + decode_krb5_ap_rep_enc_part; + decode_krb5_ap_req; + decode_krb5_as_rep; + decode_krb5_as_req; + decode_krb5_authdata; + decode_krb5_authenticator; + decode_krb5_cammac; + decode_krb5_cred; + decode_krb5_enc_cred_part; + decode_krb5_enc_data; + decode_krb5_enc_kdc_rep_part; + decode_krb5_enc_priv_part; + decode_krb5_enc_sam_response_enc_2; + decode_krb5_enc_tkt_part; + decode_krb5_encryption_key; + decode_krb5_error; + decode_krb5_etype_info; + decode_krb5_etype_info2; + decode_krb5_fast_req; + decode_krb5_fast_response; + decode_krb5_iakerb_finished; + decode_krb5_iakerb_header; + decode_krb5_kdc_req_body; + decode_krb5_otp_tokeninfo; + decode_krb5_kkdcp_message; + decode_krb5_pa_enc_ts; + decode_krb5_pa_for_user; + decode_krb5_pa_fx_fast_reply; + decode_krb5_pa_fx_fast_request; + decode_krb5_pa_otp_challenge; + decode_krb5_pa_otp_req; + decode_krb5_pa_otp_enc_req; + decode_krb5_pa_pac_options; + decode_krb5_pa_pac_req; + decode_krb5_pa_s4u_x509_user; + decode_krb5_pa_spake; + decode_krb5_padata_sequence; + decode_krb5_priv; + decode_krb5_safe; + decode_krb5_sam_challenge_2; + decode_krb5_sam_challenge_2_body; + decode_krb5_sam_response_2; + decode_krb5_secure_cookie; + decode_krb5_setpw_req; + decode_krb5_spake_factor; + decode_krb5_tgs_rep; + decode_krb5_tgs_req; + decode_krb5_ticket; + decode_krb5_typed_data; + decode_utf8_strings; + encode_krb5_ad_kdcissued; + encode_krb5_ap_rep; + encode_krb5_ap_rep_enc_part; + encode_krb5_ap_req; + encode_krb5_as_rep; + encode_krb5_as_req; + encode_krb5_authdata; + encode_krb5_authenticator; + encode_krb5_cammac; + encode_krb5_checksum; + encode_krb5_cred; + encode_krb5_enc_cred_part; + encode_krb5_enc_data; + encode_krb5_enc_kdc_rep_part; + encode_krb5_enc_priv_part; + encode_krb5_enc_sam_response_enc_2; + encode_krb5_enc_tkt_part; + encode_krb5_encryption_key; + encode_krb5_error; + encode_krb5_etype_info; + encode_krb5_etype_info2; + encode_krb5_fast_response; + encode_krb5_iakerb_finished; + encode_krb5_iakerb_header; + encode_krb5_kdc_req_body; + encode_krb5_otp_tokeninfo; + encode_krb5_kkdcp_message; + encode_krb5_pa_enc_ts; + encode_krb5_pa_for_user; + encode_krb5_pa_fx_fast_reply; + encode_krb5_pa_otp_challenge; + encode_krb5_pa_otp_req; + encode_krb5_pa_otp_enc_req; + encode_krb5_pa_pac_options; + encode_krb5_pa_s4u_x509_user; + encode_krb5_pa_spake; + encode_krb5_padata_sequence; + encode_krb5_pkinit_supp_pub_info; + encode_krb5_priv; + encode_krb5_s4u_userid; + encode_krb5_safe; + encode_krb5_sam_challenge_2; + encode_krb5_sam_challenge_2_body; + encode_krb5_sam_response_2; + encode_krb5_secure_cookie; + encode_krb5_sp80056a_other_info; + encode_krb5_spake_factor; + encode_krb5_tgs_rep; + encode_krb5_tgs_req; + encode_krb5_ticket; + encode_krb5_typed_data; + encode_utf8_strings; + et_asn1_error_table; + et_k524_error_table; + et_kdb5_error_table; + et_krb5_error_table; + et_kv5m_error_table; + et_prof_error_table; + initialize_asn1_error_table; + initialize_k524_error_table; + initialize_kdb5_error_table; + initialize_krb5_error_table; + initialize_k5e1_error_table; + initialize_kv5m_error_table; + initialize_prof_error_table; + k5_add_empty_pa_data; + k5_add_pa_data_element; + k5_add_pa_data_from_data; + k5_alloc_pa_data; + k5_authind_decode; + k5_build_conf_principals; + k5_cc_store_primary_cred; + k5_ccselect_free_context; + k5_change_error_message_code; + k5_etypes_contains; + k5_expand_path_tokens; + k5_expand_path_tokens_extra; + k5_externalize_auth_context; + k5_externalize_authdata; + k5_externalize_authdata_context; + k5_externalize_context; + k5_externalize_keyblock; + k5_externalize_principal; + k5_free_algorithm_identifier; + k5_free_cammac; + k5_free_data_ptr_list; + k5_free_otp_tokeninfo; + k5_free_kkdcp_message; + k5_free_pa_data_element; + k5_free_pa_otp_challenge; + k5_free_pa_otp_req; + k5_free_secure_cookie; + k5_free_pa_spake; + k5_free_serverlist; + k5_free_spake_factor; + k5_hostrealm_free_context; + k5_init_trace; + k5_internalize_auth_context; + k5_internalize_authdata; + k5_internalize_authdata_context; + k5_internalize_context; + k5_internalize_keyblock; + k5_internalize_principal; + k5_is_string_numeric; + k5_kt_get_principal; + k5_kt_have_match; + k5_localauth_free_context; + k5_locate_kdc; + k5_marshal_cred; + k5_marshal_princ; + k5_os_free_context; + k5_os_init_context; + k5_parse_host_string; + k5_plugin_free_modules; + k5_plugin_load; + k5_plugin_load_all; + k5_plugin_register; + k5_plugin_register_dyn; + k5_rc_close; + k5_rc_get_name; + k5_rc_resolve; + k5_rc_store; + k5_size_auth_context; + k5_size_authdata; + k5_size_authdata_context; + k5_size_context; + k5_size_keyblock; + k5_size_principal; + k5_sname_compare; + k5_unmarshal_cred; + k5_unmarshal_princ; + k5_unwrap_cammac_svc; + k5_zapfree_pa_data; + krb524_convert_creds_kdc; + krb524_init_ets; + krb5_425_conv_principal; + krb5_524_conv_principal; + krb5_524_convert_creds; + krb5_address_compare; + krb5_address_order; + krb5_address_search; + krb5_allow_weak_crypto; + krb5_aname_to_localname; + krb5_anonymous_principal; + krb5_anonymous_realm; + krb5_appdefault_boolean; + krb5_appdefault_string; + krb5_auth_con_free; + krb5_auth_con_genaddrs; + krb5_auth_con_get_checksum_func; + krb5_auth_con_get_authdata_context; + krb5_auth_con_getaddrs; + krb5_auth_con_getauthenticator; + krb5_auth_con_getflags; + krb5_auth_con_getivector; + krb5_auth_con_getkey; + krb5_auth_con_getkey_k; + krb5_auth_con_getlocalseqnumber; + krb5_auth_con_getlocalsubkey; + krb5_auth_con_getpermetypes; + krb5_auth_con_getrcache; + krb5_auth_con_getrecvsubkey; + krb5_auth_con_getrecvsubkey_k; + krb5_auth_con_getremoteseqnumber; + krb5_auth_con_getremotesubkey; + krb5_auth_con_getsendsubkey; + krb5_auth_con_getsendsubkey_k; + krb5_auth_con_init; + krb5_auth_con_initivector; + krb5_auth_con_set_authdata_context; + krb5_auth_con_set_checksum_func; + krb5_auth_con_set_req_cksumtype; + krb5_auth_con_set_safe_cksumtype; + krb5_auth_con_setaddrs; + krb5_auth_con_setflags; + krb5_auth_con_setivector; + krb5_auth_con_setpermetypes; + krb5_auth_con_setports; + krb5_auth_con_setrcache; + krb5_auth_con_setrecvsubkey; + krb5_auth_con_setrecvsubkey_k; + krb5_auth_con_setsendsubkey; + krb5_auth_con_setsendsubkey_k; + krb5_auth_con_setuseruserkey; + krb5_authdata_context_copy; + krb5_authdata_context_free; + krb5_authdata_context_init; + krb5_authdata_delete_attribute; + krb5_authdata_get_attribute_types; + krb5_authdata_get_attribute; + krb5_authdata_set_attribute; + krb5_authdata_export_attributes; + krb5_authdata_export_authdata; + krb5_authdata_export_internal; + krb5_authdata_free_internal; + krb5_authdata_import_attributes; + krb5_build_principal; + krb5_build_principal_alloc_va; + krb5_build_principal_ext; + krb5_build_principal_va; + krb5_cc_cache_match; + krb5_cc_close; + krb5_cc_copy_creds; + krb5_cc_default; + krb5_cc_default_name; + krb5_cc_destroy; + krb5_cc_dfl_ops; + krb5_cc_dup; + krb5_cc_end_seq_get; + krb5_cc_file_ops; + krb5_cc_gen_new; + krb5_cc_get_config; + krb5_cc_get_full_name; + krb5_cc_get_name; + krb5_cc_get_principal; + krb5_cc_get_type; + krb5_cc_move; + krb5_cc_initialize; + krb5_cc_new_unique; + krb5_cc_next_cred; + krb5_cc_register; + krb5_cc_remove_cred; + krb5_cc_resolve; + krb5_cc_retrieve_cred; + krb5_cc_select; + krb5_cc_set_config; + krb5_cc_set_default_name; + krb5_cc_set_flags; + krb5_cc_start_seq_get; + krb5_cc_store_cred; + krb5_cc_support_switch; + krb5_cc_switch; + krb5_cccol_cursor_free; + krb5_cccol_cursor_new; + krb5_cccol_cursor_next; + krb5_cccol_have_content; + krb5_change_cache; + krb5_change_password; + krb5_check_clockskew; + krb5_check_transited_list; + krb5_chpw_message; + krb5_chpw_result_code_string; + krb5_clear_error_message; + krb5_copy_addr; + krb5_copy_addresses; + krb5_copy_authdata; + krb5_copy_authenticator; + krb5_copy_checksum; + krb5_copy_context; + krb5_copy_creds; + krb5_copy_data; + krb5_copy_error_message; + krb5_copy_keyblock; + krb5_copy_keyblock_contents; + krb5_copy_principal; + krb5_copy_ticket; + krb5_crypto_us_timeofday; + krb5_decode_authdata_container; + krb5_decode_ticket; + krb5_decrypt_tkt_part; + krb5_deltat_to_string; + krb5_encode_authdata_container; + krb5_encode_kdc_rep; + krb5_encrypt_helper; + krb5_encrypt_tkt_part; + krb5_expand_hostname; + krb5_fcc_ops; + krb5_find_authdata; + krb5_free_ad_kdcissued; + krb5_free_address; + krb5_free_addresses; + krb5_free_ap_rep; + krb5_free_ap_rep_enc_part; + krb5_free_ap_req; + krb5_free_authdata; + krb5_free_authenticator; + krb5_free_authenticator_contents; + krb5_free_checksum; + krb5_free_checksum_contents; + krb5_free_config_files; + krb5_free_context; + krb5_free_cred; + krb5_free_cred_contents; + krb5_free_cred_enc_part; + krb5_free_creds; + krb5_free_data; + krb5_free_data_contents; + krb5_free_default_realm; + krb5_free_enc_data; + krb5_free_enc_kdc_rep_part; + krb5_free_enc_sam_response_enc_2; + krb5_free_enc_sam_response_enc_2_contents; + krb5_free_enc_tkt_part; + krb5_free_enctypes; + krb5_free_error; + krb5_free_error_message; + krb5_free_etype_info; + krb5_free_fast_armored_req; + krb5_free_fast_req; + krb5_free_fast_response; + krb5_free_host_realm; + krb5_free_iakerb_finished; + krb5_free_iakerb_header; + krb5_free_kdc_rep; + krb5_free_kdc_req; + krb5_free_keyblock; + krb5_free_keyblock_contents; + krb5_free_keytab_entry_contents; + krb5_free_last_req; + krb5_free_octet_data; + krb5_free_pa_data; + krb5_free_pa_enc_ts; + krb5_free_pa_for_user; + krb5_free_pa_pac_req; + krb5_free_pa_s4u_x509_user; + krb5_free_principal; + krb5_free_priv; + krb5_free_priv_enc_part; + krb5_free_realm_tree; + krb5_free_safe; + krb5_free_sam_challenge_2; + krb5_free_sam_challenge_2_body; + krb5_free_sam_challenge_2_body_contents; + krb5_free_sam_challenge_2_contents; + krb5_free_sam_response_2; + krb5_free_sam_response_2_contents; + krb5_free_string; + krb5_free_tgt_creds; + krb5_free_ticket; + krb5_free_tickets; + krb5_free_tkt_authent; + krb5_free_unparsed_name; + krb5_fwd_tgt_creds; + krb5_gen_portaddr; + krb5_gen_replay_name; + krb5_generate_seq_number; + krb5_generate_subkey; + krb5_get_cred_via_tkt; + krb5_get_credentials; + krb5_get_credentials_for_proxy; + krb5_get_credentials_for_user; + krb5_get_credentials_renew; + krb5_get_credentials_validate; + krb5_get_default_config_files; + krb5_get_default_in_tkt_ktypes; + krb5_get_default_realm; + krb5_get_error_message; + krb5_get_etype_info; + krb5_get_fallback_host_realm; + krb5_get_host_realm; + krb5_get_in_tkt_with_keytab; + krb5_get_in_tkt_with_password; + krb5_get_in_tkt_with_skey; + krb5_get_init_creds_keytab; + krb5_get_init_creds_opt_alloc; + krb5_get_init_creds_opt_free; + krb5_get_init_creds_opt_free_pa; + krb5_get_init_creds_opt_get_fast_flags; + krb5_get_init_creds_opt_get_pa; + krb5_get_init_creds_opt_init; + krb5_get_init_creds_opt_set_address_list; + krb5_get_init_creds_opt_set_anonymous; + krb5_get_init_creds_opt_set_canonicalize; + krb5_get_init_creds_opt_set_change_password_prompt; + krb5_get_init_creds_opt_set_etype_list; + krb5_get_init_creds_opt_set_expire_callback; + krb5_get_init_creds_opt_set_fast_ccache; + krb5_get_init_creds_opt_set_fast_ccache_name; + krb5_get_init_creds_opt_set_fast_flags; + krb5_get_init_creds_opt_set_forwardable; + krb5_get_init_creds_opt_set_in_ccache; + krb5_get_init_creds_opt_set_out_ccache; + krb5_get_init_creds_opt_set_pa; + krb5_get_init_creds_opt_set_pac_request; + krb5_get_init_creds_opt_set_preauth_list; + krb5_get_init_creds_opt_set_proxiable; + krb5_get_init_creds_opt_set_renew_life; + krb5_get_init_creds_opt_set_responder; + krb5_get_init_creds_opt_set_salt; + krb5_get_init_creds_opt_set_tkt_life; + krb5_get_init_creds_password; + krb5_get_notification_message; + krb5_get_permitted_enctypes; + krb5_get_profile; + krb5_get_prompt_types; + krb5_get_realm_domain; + krb5_get_renewed_creds; + krb5_get_server_rcache; + krb5_get_tgs_ktypes; + krb5_get_time_offsets; + krb5_get_validated_creds; + krb5_init_context; + krb5_init_context_profile; + krb5_init_creds_free; + krb5_init_creds_get; + krb5_init_creds_get_creds; + krb5_init_creds_get_error; + krb5_init_creds_get_times; + krb5_init_creds_init; + krb5_init_creds_set_keytab; + krb5_init_creds_set_password; + krb5_init_creds_set_service; + krb5_init_creds_step; + krb5_init_keyblock; + krb5_init_secure_context; + krb5_is_config_principal; + krb5_is_permitted_enctype; + krb5_is_referral_realm; + krb5_is_thread_safe; + krb5_kdc_rep_decrypt_proc; + krb5_kdc_sign_ticket; + krb5_kdc_verify_ticket; + krb5_kt_add_entry; + krb5_kt_client_default; + krb5_kt_close; + krb5_kt_default; + krb5_kt_default_name; + krb5_kt_dfl_ops; + krb5_kt_dup; + krb5_kt_end_seq_get; + krb5_kt_free_entry; + krb5_kt_get_entry; + krb5_kt_get_name; + krb5_kt_get_type; + krb5_kt_have_content; + krb5_kt_next_entry; + krb5_kt_read_service_key; + krb5_kt_register; + krb5_kt_remove_entry; + krb5_kt_resolve; + krb5_kt_start_seq_get; + krb5_ktf_ops; + krb5_ktf_writable_ops; + krb5_kuserok; + krb5_lock_file; + krb5_make_authdata_kdc_issued; + krb5_make_full_ipaddr; + krb5_make_fulladdr; + krb5_marshal_credentials; + krb5_mcc_ops; + krb5_merge_authdata; + krb5_mk_1cred; + krb5_mk_error; + krb5_mk_ncred; + krb5_mk_priv; + krb5_mk_rep; + krb5_mk_rep_dce; + krb5_mk_req; + krb5_mk_req_extended; + krb5_mk_safe; + krb5_net_read; + krb5_net_write; + krb5_os_localaddr; + krb5_overridekeyname; + krb5_pac_add_buffer; + krb5_pac_free; + krb5_pac_get_buffer; + krb5_pac_get_types; + krb5_pac_init; + krb5_pac_parse; + krb5_pac_sign; + krb5_pac_sign_ext; + krb5_pac_verify; + krb5_pac_verify_ext; + krb5_pac_get_client_info; + krb5_parse_name; + krb5_parse_name_flags; + krb5_prepend_error_message; + krb5_principal2salt; + krb5_principal2salt_norealm; + krb5_principal_compare; + krb5_principal_compare_any_realm; + krb5_principal_compare_flags; + krb5_prompter_posix; + krb5_rc_default; + krb5_rc_destroy; + krb5_rc_get_lifespan; + krb5_rc_initialize; + krb5_rd_cred; + krb5_rd_error; + krb5_rd_priv; + krb5_rd_rep; + krb5_rd_rep_dce; + krb5_rd_req; + krb5_rd_req_decoded; + krb5_rd_req_decoded_anyflag; + krb5_rd_safe; + krb5_read_message; + krb5_read_password; + krb5_realm_compare; + krb5_recvauth; + krb5_recvauth_version; + krb5_responder_get_challenge; + krb5_responder_list_questions; + krb5_responder_set_answer; + krb5_responder_otp_get_challenge; + krb5_responder_otp_set_answer; + krb5_responder_otp_challenge_free; + krb5_responder_pkinit_get_challenge; + krb5_responder_pkinit_set_answer; + krb5_responder_pkinit_challenge_free; + krb5_salttype_to_string; + krb5_sendauth; + krb5_sendto_kdc; + krb5_ser_pack_bytes; + krb5_ser_pack_int32; + krb5_ser_pack_int64; + krb5_ser_unpack_bytes; + krb5_ser_unpack_int32; + krb5_ser_unpack_int64; + krb5_server_decrypt_ticket_keytab; + krb5_set_config_files; + krb5_set_debugging_time; + krb5_set_default_realm; + krb5_set_default_tgs_enctypes; + krb5_set_default_tgs_ktypes; + krb5_set_error_message; + krb5_set_password; + krb5_set_password_using_ccache; + krb5_set_principal_realm; + krb5_set_real_time; + krb5_set_kdc_send_hook; + krb5_set_kdc_recv_hook; + krb5_set_time_offsets; + krb5_set_trace_callback; + krb5_set_trace_filename; + krb5_sname_match; + krb5_sname_to_principal; + krb5_string_to_deltat; + krb5_string_to_salttype; + krb5_string_to_timestamp; + krb5int_tgtname; + krb5_tkt_creds_free; + krb5_tkt_creds_get; + krb5_tkt_creds_get_creds; + krb5_tkt_creds_get_times; + krb5_tkt_creds_init; + krb5_tkt_creds_step; + krb5_timeofday; + krb5_timestamp_to_sfstring; + krb5_timestamp_to_string; + krb5_unlock_file; + krb5_unmarshal_credentials; + krb5_unpack_full_ipaddr; + krb5_unparse_name; + krb5_unparse_name_ext; + krb5_unparse_name_flags; + krb5_unparse_name_flags_ext; + krb5_us_timeofday; + krb5_use_natural_time; + krb5_verify_authdata_kdc_issued; + krb5_verify_init_creds; + krb5_verify_init_creds_opt_init; + krb5_verify_init_creds_opt_set_ap_req_nofail; + krb5_vprepend_error_message; + krb5_vset_error_message; + krb5_vwrap_error_message; + krb5_walk_realm_tree; + krb5_wrap_error_message; + krb5_write_message; + krb5int_accessor; + krb5int_cc_default; + krb5int_cleanup_library; + krb5int_copy_data_contents; + krb5int_copy_data_contents_add0; + krb5int_find_pa_data; + krb5int_foreach_localaddr; + krb5int_free_data_list; + krb5int_get_authdata_containee_types; + krb5int_init_context_kdc; + krb5int_initialize_library; + krb5int_parse_enctype_list; + krb5int_random_string; + krb5int_trace; + profile_abandon; + profile_add_relation; + profile_clear_relation; + profile_flush; + profile_flush_to_buffer; + profile_flush_to_file; + profile_free_buffer; + profile_free_list; + profile_get_boolean; + profile_get_integer; + profile_get_relation_names; + profile_get_string; + profile_get_subsection_names; + profile_get_values; + profile_init; + profile_init_flags; + profile_init_path; + profile_init_vtable; + profile_iterator; + profile_iterator_create; + profile_iterator_free; + profile_release; + profile_release_string; + profile_rename_section; + profile_ser_externalize; + profile_ser_internalize; + profile_ser_size; + profile_update_relation; +}; diff --git a/krb5/lib/rpc/Makefile b/krb5/lib/rpc/Makefile index 13499b184d30..f6dfd014ca3c 100644 --- a/krb5/lib/rpc/Makefile +++ b/krb5/lib/rpc/Makefile @@ -1,85 +1,86 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= gssrpc # SHLIB_MAJOR= 4 LDFLAGS=-Wl,--no-undefined LIBADD= gssapi_krb5 krb5 k5crypto com_err krb5support +VERSION_MAP= ${.CURDIR}/version.map SRCS= auth_gss.c \ auth_gssapi.c \ auth_gssapi_misc.c \ auth_none.c \ auth_unix.c \ authgss_prot.c \ authunix_prot.c \ bindresvport.c \ clnt_generic.c \ clnt_perror.c \ clnt_raw.c \ clnt_simple.c \ clnt_tcp.c \ clnt_udp.c \ dyn.c \ get_myaddress.c \ getrpcport.c \ pmap_clnt.c \ pmap_getmaps.c \ pmap_getport.c \ pmap_prot.c \ pmap_prot2.c \ pmap_rmt.c \ rpc_callmsg.c \ rpc_commondata.c \ rpc_dtablesize.c \ rpc_prot.c \ svc.c \ svc_auth.c \ svc_auth_gss.c \ svc_auth_gssapi.c \ svc_auth_none.c \ svc_auth_unix.c \ svc_raw.c \ svc_run.c \ svc_simple.c \ svc_tcp.c \ svc_udp.c \ xdr.c \ xdr_alloc.c \ xdr_array.c \ xdr_float.c \ xdr_mem.c \ xdr_rec.c \ xdr_reference.c \ xdr_sizeof.c \ xdr_stdio.c INCS= dyn.h \ dynP.h \ gssrpcint.h CFLAGS+=-I${KRB5_DIR}/lib/rpc \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include \ -I${KRB5_OBJTOP}/lib \ -DGSSAPI_KRB5 \ -DDEBUG_GSSAPI=0 \ -DGSSRPC__IMPL .include .SUFFIXES: .h .c .PATH: ${KRB5_DIR}/lib/rpc diff --git a/krb5/lib/rpc/version.map b/krb5/lib/rpc/version.map new file mode 100644 index 000000000000..195808a93ca0 --- /dev/null +++ b/krb5/lib/rpc/version.map @@ -0,0 +1,147 @@ +KRB5_RPC_1.0 { + global: + gssrpc_auth_debug_gss + gssrpc_auth_debug_gssapi + gssrpc_auth_gssapi_create + gssrpc_auth_gssapi_create_default + gssrpc_auth_gssapi_display_status + gssrpc_auth_gssapi_seal_seq + gssrpc_auth_gssapi_unseal_seq + gssrpc_auth_gssapi_unwrap_data + gssrpc_auth_gssapi_wrap_data + gssrpc_authgss_create + gssrpc_authgss_create_default + gssrpc_authgss_get_private_data + gssrpc_authgss_service + gssrpc_authnone_create + gssrpc_authunix_create + gssrpc_authunix_create_default + gssrpc_bindresvport + gssrpc_bindresvport_sa + gssrpc_callrpc + gssrpc_clnt_broadcast + gssrpc_clnt_create + gssrpc_clnt_pcreateerror + gssrpc_clnt_perrno + gssrpc_clnt_perror + gssrpc_clnt_spcreateerror + gssrpc_clnt_sperrno + gssrpc_clnt_sperror + gssrpc_clntraw_create + gssrpc_clnttcp_create + gssrpc_clntudp_bufcreate + gssrpc_clntudp_create + gssrpc_get_myaddress + gssrpc_getrpcport + gssrpc_log_debug + gssrpc_log_hexdump + gssrpc_log_status + gssrpc_misc_debug_gss + gssrpc_misc_debug_gssapi + gssrpc_pmap_getmaps + gssrpc_pmap_getport + gssrpc_pmap_rmtcall + gssrpc_pmap_set + gssrpc_pmap_unset + gssrpc_registerrpc + gssrpc_rpc_createrr + gssrpc_svc_auth_gss_ops + gssrpc_svc_auth_gssapi_ops + gssrpc_svc_auth_none + gssrpc_svc_auth_none_ops + gssrpc_svc_debug_gss + gssrpc_svc_debug_gssapi + gssrpc_svc_fdset + gssrpc_svc_fdset_init + gssrpc_svc_getreq + gssrpc_svc_getreqset + gssrpc_svc_maxfd + gssrpc_svc_register + gssrpc_svc_run + gssrpc_svc_sendreply + gssrpc_svc_unregister + gssrpc_svcauth_gss_get_principal + gssrpc_svcauth_gss_set_log_badauth_func + gssrpc_svcauth_gss_set_log_badauth2_func + gssrpc_svcauth_gss_set_log_badverf_func + gssrpc_svcauth_gss_set_log_miscerr_func + gssrpc_svcauth_gss_set_svc_name + gssrpc_svcauth_gssapi_set_log_badauth_func + gssrpc_svcauth_gssapi_set_log_badauth2_func + gssrpc_svcauth_gssapi_set_log_badverf_func + gssrpc_svcauth_gssapi_set_log_miscerr_func + gssrpc_svcauth_gssapi_set_names + gssrpc_svcauth_gssapi_unset_names + gssrpc_svcerr_auth + gssrpc_svcerr_decode + gssrpc_svcerr_noproc + gssrpc_svcerr_noprog + gssrpc_svcerr_progvers + gssrpc_svcerr_systemerr + gssrpc_svcerr_weakauth + gssrpc_svcfd_create + gssrpc_svcraw_create + gssrpc_svctcp_create + gssrpc_svcudp_bufcreate + gssrpc_svcudp_create + gssrpc_svcudp_enablecache + gssrpc_xdr_accepted_reply + gssrpc_xdr_array + gssrpc_xdr_authgssapi_creds + gssrpc_xdr_authgssapi_init_arg + gssrpc_xdr_authgssapi_init_res + gssrpc_xdr_authunix_parms + gssrpc_xdr_bool + gssrpc_xdr_bytes + gssrpc_xdr_callhdr + gssrpc_xdr_callmsg + gssrpc_xdr_char + gssrpc_xdr_des_block + gssrpc_xdr_enum + gssrpc_xdr_free + gssrpc_xdr_gss_buf + gssrpc_xdr_int + gssrpc_xdr_int32 + gssrpc_xdr_long + gssrpc_xdr_netobj + gssrpc_xdr_opaque + gssrpc_xdr_opaque_auth + gssrpc_xdr_pmap + gssrpc_xdr_pmaplist + gssrpc_xdr_pointer + gssrpc_xdr_reference + gssrpc_xdr_rejected_reply + gssrpc_xdr_replymsg + gssrpc_xdr_rmtcall_args + gssrpc_xdr_rmtcallres + gssrpc_xdr_rpc_gss_buf + gssrpc_xdr_rpc_gss_cred + gssrpc_xdr_rpc_gss_data + gssrpc_xdr_rpc_gss_init_args + gssrpc_xdr_rpc_gss_init_res + gssrpc_xdr_rpc_gss_unwrap_data + gssrpc_xdr_rpc_gss_wrap_data + gssrpc_xdr_short + gssrpc_xdr_sizeof + gssrpc_xdr_string + gssrpc_xdr_u_char + gssrpc_xdr_u_int + gssrpc_xdr_u_int32 + gssrpc_xdr_u_long + gssrpc_xdr_u_short + gssrpc_xdr_union + gssrpc_xdr_vector + gssrpc_xdr_void + gssrpc_xdr_wrapstring + gssrpc_xdralloc_create + gssrpc_xdralloc_getdata + gssrpc_xdralloc_release + gssrpc_xdrmem_create + gssrpc_xdrrec_create + gssrpc_xdrrec_endofrecord + gssrpc_xdrrec_eof + gssrpc_xdrrec_skiprecord + gssrpc_xdrstdio_create + gssrpc_xprt_register + gssrpc_xprt_unregister +}; diff --git a/krb5/plugins/audit/Makefile b/krb5/plugins/audit/Makefile index 507cde261300..eb615a3b89f4 100644 --- a/krb5/plugins/audit/Makefile +++ b/krb5/plugins/audit/Makefile @@ -1,28 +1,29 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= kdc_j_encode LIBDIR= ${PLUGINSDIR}/audit LDFLAGS=-Wl,--no-undefined +VERSION_MAP= ${.CURDIR}/version.map .PATH: ${KRB5_DIR}/plugins/audit SRCS= kdc_j_encode.c CFLAGS+=-I${KRB5_DIR}/plugins/audit .include .SUFFIXES: .h .c diff --git a/krb5/plugins/audit/version.map b/krb5/plugins/audit/version.map new file mode 100644 index 000000000000..b6d3368df002 --- /dev/null +++ b/krb5/plugins/audit/version.map @@ -0,0 +1,10 @@ +KRB5_AUDIT_1.0 { + global: + kau_j_kdc_stop; + kau_j_kdc_start; + kau_j_as_req; + kau_j_tgs_req; + kau_j_tgs_s4u2self; + kau_j_tgs_s4u2proxy; + kau_j_tgs_u2u; +}; diff --git a/krb5/plugins/k5tls/Makefile b/krb5/plugins/k5tls/Makefile index 8af5efb06b80..790794d4744c 100644 --- a/krb5/plugins/k5tls/Makefile +++ b/krb5/plugins/k5tls/Makefile @@ -1,33 +1,34 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIBDIR= ${PLUGINSDIR}/tls SHLIBDIR= ${LIBDIR} LIB= k5tls LDFLAGS=-Wl,--no-undefined LIBADD= krb5 krb5profile krb5support ssl crypto k5crypto com_err sys +VERSION_MAP= ${.CURDIR}/version.map SRCS= notls.c \ openssl.c CFLAGS+=-I${KRB5_DIR}/plugins/tls/k5tls \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include .SUFFIXES: .h .c .PATH: ${KRB5_DIR}/plugins/tls/k5tls diff --git a/krb5/plugins/k5tls/version.map b/krb5/plugins/k5tls/version.map new file mode 100644 index 000000000000..802628aaaf63 --- /dev/null +++ b/krb5/plugins/k5tls/version.map @@ -0,0 +1,4 @@ +KRB5_K5TLS_1.0 { + global: + tls_k5tls_initvt; +}; diff --git a/krb5/plugins/kdb/db2/Makefile b/krb5/plugins/kdb/db2/Makefile index 7526283f37be..a91bea73677b 100644 --- a/krb5/plugins/kdb/db2/Makefile +++ b/krb5/plugins/kdb/db2/Makefile @@ -1,65 +1,66 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIBDIR= ${PLUGINSDIR}/kdb SHLIBDIR= ${LIBDIR} LIB= db2 LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile krb5 com_err k5crypto kadm5srv_mit kdb5 gssrpc gssapi_krb5 krb5support +VERSION_MAP= ${.CURDIR}/version.map SRCS= \ adb_openclose.c \ adb_policy.c \ db2_exp.c \ kdb_db2.c \ kdb_xdr.c \ lockout.c \ pol_xdr.c .include "${KRB5_SRCTOP}/plugins/kdb/db2/libdb2/Makefile.inc" MAN= db_btree.3 \ db_hash.3 \ db_lock.3 \ db_log.3 \ db_mpool.3 \ db_open.3 \ db_recno.3 \ db_txn.3 CFLAGS+=-I${KRB5_DIR}/plugins/kdb/db2 \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2 \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/include \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/btree \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/db \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/hash \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/mpool \ -I${KRB5_DIR}/plugins/kdb/db2/libdb2/recno \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include \ -I${KRB5_DIR}/lib/kdb \ -I${KRB5_OBJTOP}/plugins/kdb/db2 \ -I${KRB5_OBJTOP}/lib/kdb .include .SUFFIXES: .h .c .man .3 .man.3: @cp ${.ALLSRC} ${.TARGET} .PATH: ${KRB5_DIR}/plugins/kdb/db2 \ ${KRB5_DIR}/plugins/kdb/db2/libdb2 \ ${KRB5_DIR}/plugins/kdb/db2/libdb2/man diff --git a/krb5/plugins/kdb/db2/version.map b/krb5/plugins/kdb/db2/version.map new file mode 100644 index 000000000000..aa524e506fb8 --- /dev/null +++ b/krb5/plugins/kdb/db2/version.map @@ -0,0 +1,109 @@ +KRB5_DB2_1.0 { + global: + __default_hash; + __kdb2_add_bigpage; + __kdb2_add_ovflpage; + __kdb2_addel; + __kdb2_big_delete; + __kdb2_big_insert; + __kdb2_big_keydata; + __kdb2_big_return; + __kdb2_bt_close; + __kdb2_bt_cmp; + __kdb2_bt_defcmp; + __kdb2_bt_defpfx; + __kdb2_bt_deleaf; + __kdb2_bt_delete; + __kdb2_bt_dmpage; + __kdb2_bt_dnpage; + __kdb2_bt_dpage; + __kdb2_bt_dump; + __kdb2_bt_fd; + __kdb2_bt_free; + __kdb2_bt_get; + __kdb2_bt_new; + __kdb2_bt_open; + __kdb2_bt_pgin; + __kdb2_bt_pgout; + __kdb2_bt_put; + __kdb2_bt_relink; + __kdb2_bt_ret; + __kdb2_bt_search; + __kdb2_bt_seq; + __kdb2_bt_setcur; + __kdb2_bt_split; + __kdb2_bt_stat; + __kdb2_bt_sync; + __kdb2_call_hash; + __kdb2_cursor_creat; + __kdb2_dbpanic; + __kdb2_delete_page; + __kdb2_delpair; + __kdb2_expand_table; + __kdb2_find_bigpair; + __kdb2_free_ovflpage; + __kdb2_get_bigkey; + __kdb2_get_item; + __kdb2_get_item_done; + __kdb2_get_item_first; + __kdb2_get_item_next; + __kdb2_get_item_reset; + __kdb2_get_page; + __kdb2_hash_open; + __kdb2_ibitmap; + __kdb2_log2; + __kdb2_new_page; + __kdb2_ovfl_delete; + __kdb2_ovfl_get; + __kdb2_ovfl_put; + __kdb2_pgin_routine; + __kdb2_pgout_routine; + __kdb2_put_page; + __kdb2_rec_close; + __kdb2_rec_delete; + __kdb2_rec_dleaf; + __kdb2_rec_fd; + __kdb2_rec_fmap; + __kdb2_rec_fpipe; + __kdb2_rec_get; + __kdb2_rec_iput; + __kdb2_rec_open; + __kdb2_rec_put; + __kdb2_rec_ret; + __kdb2_rec_search; + __kdb2_rec_seq; + __kdb2_rec_sync; + __kdb2_rec_vmap; + __kdb2_rec_vpipe; + __kdb2_split_page; + kdb2_dbm_clearerr; + kdb2_dbm_close; + kdb2_dbm_delete; + kdb2_dbm_dirfno; + kdb2_dbm_error; + kdb2_dbm_fetch; + kdb2_dbm_firstkey; + kdb2_dbm_nextkey; + kdb2_dbm_open; + kdb2_dbm_store; + kdb2_dbminit; + kdb2_dbopen; + kdb2_delete; + kdb2_fetch; + kdb2_firstkey; + kdb2_hcreate; + kdb2_hdestroy; + kdb2_hsearch; + kdb2_mpool_close; + kdb2_mpool_delete; + kdb2_mpool_filter; + kdb2_mpool_get; + kdb2_mpool_new; + kdb2_mpool_open; + kdb2_mpool_put; + kdb2_mpool_stat; + kdb2_mpool_sync; + kdb2_nextkey; + kdb2_store; + kdb_function_table; +}; diff --git a/krb5/plugins/preauth/otp/Makefile b/krb5/plugins/preauth/otp/Makefile index 9222f9785a80..724d8df16230 100644 --- a/krb5/plugins/preauth/otp/Makefile +++ b/krb5/plugins/preauth/otp/Makefile @@ -1,30 +1,31 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= otp LIBDIR= ${PLUGINSDIR}/preauth LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile krad verto krb5 k5crypto com_err krb5support m +VERSION_MAP= ${.CURDIR}/version.map .PATH: ${KRB5_DIR}/plugins/preauth/otp SRCS= main.c \ otp_state.c CFLAGS+=-I${KRB5_DIR}/plugins/preauth/otp \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include diff --git a/krb5/plugins/preauth/otp/version.map b/krb5/plugins/preauth/otp/version.map new file mode 100644 index 000000000000..9d2ee5ea7213 --- /dev/null +++ b/krb5/plugins/preauth/otp/version.map @@ -0,0 +1,4 @@ +KRB5_PREAUTH_OTP { + global: + kdcpreauth_otp_initvt; +}; diff --git a/krb5/plugins/preauth/pkinit/Makefile b/krb5/plugins/preauth/pkinit/Makefile index f2a76d1e33da..600b02b02346 100644 --- a/krb5/plugins/preauth/pkinit/Makefile +++ b/krb5/plugins/preauth/pkinit/Makefile @@ -1,38 +1,39 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= pkinit LIBDIR= ${PLUGINSDIR}/preauth LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile krb5 com_err k5crypto crypto krb5support +VERSION_MAP= ${.CURDIR}/version.map .PATH: ${KRB5_DIR}/plugins/preauth/pkinit SRCS= pkinit_accessor.c \ pkinit_clnt.c \ pkinit_constants.c \ pkinit_crypto_openssl.c \ pkinit_identity.c \ pkinit_kdf_test.c \ pkinit_lib.c \ pkinit_matching.c \ pkinit_profile.c \ pkinit_srv.c CFLAGS+=-I${KRB5_DIR}/plugins/preauth/pkinit \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include diff --git a/krb5/plugins/preauth/pkinit/version.map b/krb5/plugins/preauth/pkinit/version.map new file mode 100644 index 000000000000..39a9f81f83ef --- /dev/null +++ b/krb5/plugins/preauth/pkinit/version.map @@ -0,0 +1,5 @@ +KRB5_PREAUTH_PKINIT_1.0 { + global: + clpreauth_pkinit_initvt; + kdcpreauth_pkinit_initvt; +}; diff --git a/krb5/plugins/preauth/spake/Makefile b/krb5/plugins/preauth/spake/Makefile index a5d9179f8adc..62d8a5aa9574 100644 --- a/krb5/plugins/preauth/spake/Makefile +++ b/krb5/plugins/preauth/spake/Makefile @@ -1,35 +1,36 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= spake LIBDIR= ${PLUGINSDIR}/preauth LDFLAGS=-Wl,--no-undefined LIBADD= krb5profile krb5 k5crypto com_err krb5support crypto sys +VERSION_MAP= ${.CURDIR}/version.map .PATH: ${KRB5_DIR}/plugins/preauth/spake SRCS= edwards25519.c \ groups.c \ iana.c \ openssl.c \ spake_client.c \ spake_kdc.c \ util.c CFLAGS+=-I${KRB5_DIR}/plugins/preauth/spake \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include diff --git a/krb5/plugins/preauth/spake/version.map b/krb5/plugins/preauth/spake/version.map new file mode 100644 index 000000000000..7763f289c80d --- /dev/null +++ b/krb5/plugins/preauth/spake/version.map @@ -0,0 +1,5 @@ +KRB5_PLUGINS_SPAKE_1.0 { + global: + clpreauth_spake_initvt; + kdcpreauth_spake_initvt; +}; diff --git a/krb5/plugins/preauth/test/Makefile b/krb5/plugins/preauth/test/Makefile index 71b7200b2039..411868e9a1d1 100644 --- a/krb5/plugins/preauth/test/Makefile +++ b/krb5/plugins/preauth/test/Makefile @@ -1,31 +1,32 @@ # # SPDX-License-Idendifier: BSD-2-Clause # # Copyright (c) 2025 FreeBSD Foundation # # This sofware was developed by Cy Schubert # under sponsorship from the FreeBSD Foundation. # PACKAGE= krb5 .include .include "../Makefile.inc" LIB= test LIBDIR= ${PLUGINSDIR}/preauth LDFLAGS=-Wl,--no-undefined LIBADD= krb5 k5crypto com_err krb5support +VERSION_MAP= ${.CURDIR}/version.map .PATH: ${KRB5_DIR}/plugins/preauth/test SRCS= cltest.c \ common.c \ kdctest.c CFLAGS+=-I${KRB5_DIR}/plugins/preauth/test \ -I${KRB5_DIR}/include \ -I${KRB5_SRCTOP}/include .include diff --git a/krb5/plugins/preauth/test/version.map b/krb5/plugins/preauth/test/version.map new file mode 100644 index 000000000000..e27e14869833 --- /dev/null +++ b/krb5/plugins/preauth/test/version.map @@ -0,0 +1,5 @@ +KRB5_PREAUTH_TEST_1.0 { + global: + clpreauth_test_initvt; + kdcpreauth_test_initvt; +};