git: cec2adb0d3ef - main - heimdal: don't try to expose nonexistant symbols

From: Brooks Davis <brooks_at_FreeBSD.org>
Date: Thu, 07 Mar 2024 01:06:43 UTC
The branch main has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=cec2adb0d3ef91fc4279529a65975a934bcd2ff4

commit cec2adb0d3ef91fc4279529a65975a934bcd2ff4
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2024-03-07 00:55:11 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2024-03-07 00:55:11 +0000

    heimdal: don't try to expose nonexistant symbols
    
    For one reason or another these symbols aren't present so don't try to
    make them available for linkage.
    
    In the case of libroken these seem to be compatability bits we don't
    need a thus don't compile.  For others it seems to rot upstream, but
    I've not investigated deeply.
    
    Reviewed by:    cy
    Differential Revision:  https://reviews.freebsd.org/D44246
---
 crypto/heimdal/lib/hx509/version-script.map |  5 ---
 crypto/heimdal/lib/kadm5/version-script.map |  2 -
 crypto/heimdal/lib/krb5/version-script.map  | 22 ----------
 crypto/heimdal/lib/roken/version-script.map | 65 -----------------------------
 4 files changed, 94 deletions(-)

diff --git a/crypto/heimdal/lib/hx509/version-script.map b/crypto/heimdal/lib/hx509/version-script.map
index 7ee26dd91922..99ce18daf7b4 100644
--- a/crypto/heimdal/lib/hx509/version-script.map
+++ b/crypto/heimdal/lib/hx509/version-script.map
@@ -21,7 +21,6 @@ HEIMDAL_X509_1.2 {
 		_hx509_request_add_email;
 		_hx509_request_parse;
 		_hx509_request_print;
-		_hx509_request_set_email;
 		_hx509_request_to_pkcs10;
 		_hx509_unmap_file_os;
 		_hx509_write_file;
@@ -51,8 +50,6 @@ HEIMDAL_X509_1.2 {
 		hx509_ca_tbs_set_unique;
 		hx509_ca_tbs_subject_expand;
 		hx509_ca_tbs_template_units;
-		hx509_cert;
-		hx509_cert_attribute;
 		hx509_cert_binary;
 		hx509_cert_check_eku;
 		hx509_cert_cmp;
@@ -85,7 +82,6 @@ HEIMDAL_X509_1.2 {
 		hx509_certs_free;
 		hx509_certs_info;
 		hx509_certs_init;
-		hx509_certs_iter;
 		hx509_certs_iter_f;
 		hx509_certs_merge;
 		hx509_certs_next_cert;
@@ -133,7 +129,6 @@ HEIMDAL_X509_1.2 {
 		hx509_env_find;
 		hx509_env_find_binding;
 		hx509_env_free;
-		hx509_env_init;
 		hx509_env_lfind;
 		hx509_err;
 		hx509_free_error_string;
diff --git a/crypto/heimdal/lib/kadm5/version-script.map b/crypto/heimdal/lib/kadm5/version-script.map
index 90bd6fee10b1..51235b784254 100644
--- a/crypto/heimdal/lib/kadm5/version-script.map
+++ b/crypto/heimdal/lib/kadm5/version-script.map
@@ -2,8 +2,6 @@
 
 HEIMDAL_KAMD5_SERVER_1.0 {
 	global:
-		kadm5_ad_init_with_password;
-		kadm5_ad_init_with_password_ctx;
 		kadm5_add_passwd_quality_verifier;
 		kadm5_check_password_quality;
 		kadm5_chpass_principal;
diff --git a/crypto/heimdal/lib/krb5/version-script.map b/crypto/heimdal/lib/krb5/version-script.map
index 818e6e071cbd..05fc0cef1bd9 100644
--- a/crypto/heimdal/lib/krb5/version-script.map
+++ b/crypto/heimdal/lib/krb5/version-script.map
@@ -2,10 +2,6 @@ HEIMDAL_KRB5_2.0 {
 	global:
 		krb524_convert_creds_kdc;
 		krb524_convert_creds_kdc_ccache;
-		krb5_425_conv_principal;
-		krb5_425_conv_principal_ext2;
-		krb5_425_conv_principal_ext;
-		krb5_524_conv_principal;
 		krb5_abort;
 		krb5_abortx;
 		krb5_acl_match_file;
@@ -109,7 +105,6 @@ HEIMDAL_KRB5_2.0 {
 		krb5_cc_move;
 		krb5_cc_new_unique;
 		krb5_cc_next_cred;
-		krb5_cc_next_cred_match;
 		krb5_cc_register;
 		krb5_cc_remove_cred;
 		krb5_cc_resolve;
@@ -339,7 +334,6 @@ HEIMDAL_KRB5_2.0 {
 		krb5_get_in_tkt_with_keytab;
 		krb5_get_in_tkt_with_password;
 		krb5_get_in_tkt_with_skey;
-		krb5_get_init_creds;
 		krb5_get_init_creds_keyblock;
 		krb5_get_init_creds_keytab;
 		krb5_get_init_creds_opt_alloc;
@@ -705,7 +699,6 @@ HEIMDAL_KRB5_2.0 {
 		krb5_mcc_ops;
 		krb5_acc_ops;
 		krb5_fcc_ops;
-		krb5_scc_ops;
 		krb5_kcm_ops;
 		krb5_wrfkt_ops;
 		krb5_mkt_ops;
@@ -727,20 +720,6 @@ HEIMDAL_KRB5_2.0 {
 		_krb5_get_krbtgt;
 		_krb5_build_authenticator;
 
-		# V4 compat glue
-		_krb5_krb_tf_setup;
-		_krb5_krb_dest_tkt;
-		_krb5_krb_life_to_time;
-		_krb5_krb_decomp_ticket;
-		_krb5_krb_decomp_ticket;
-		_krb5_krb_create_ticket;
-		_krb5_krb_create_ciph;
-		_krb5_krb_create_auth_reply;
-		_krb5_krb_rd_req;
-		_krb5_krb_free_auth_data;
-		_krb5_krb_time_to_life;
-		_krb5_krb_cr_err_reply;
-
 		# Shared with libkdc
 		_krb5_AES_string_to_default_iterator;
 		_krb5_dh_group_ok;
@@ -766,7 +745,6 @@ HEIMDAL_KRB5_2.0 {
 		krb5_pk_enterprise_cert;
 
 		# testing
-		_krb5_aes_cts_encrypt;
 		_krb5_n_fold;
 		_krb5_expand_default_cc_name;
 	local:
diff --git a/crypto/heimdal/lib/roken/version-script.map b/crypto/heimdal/lib/roken/version-script.map
index bb2139ed74cc..94c8918b0eb1 100644
--- a/crypto/heimdal/lib/roken/version-script.map
+++ b/crypto/heimdal/lib/roken/version-script.map
@@ -4,23 +4,13 @@ HEIMDAL_ROKEN_1.0 {
 		arg_printusage_i18n;
 		base64_decode;
 		base64_encode;
-		cgetcap;
-		cgetclose;
-		cgetmatch;
-		cgetnum;
-		cgetset;
-		cgetustr;
 		ct_memcmp;
-		err;
-		errx;
 		fbsd_ossl_provider_load;
 		free_getarg_strings;
 		get_default_username;
 		get_window_size;
 		getarg;
 		getnameinfo_verified;
-		hex_decode;
-		hex_encode;
 		issuid;
 		k_getpwnam;
 		k_getpwuid;
@@ -36,15 +26,11 @@ HEIMDAL_ROKEN_1.0 {
 		print_time_table;
 		print_units_table;
 		rk_asnprintf;
-		rk_asprintf;
 		rk_bswap16;
 		rk_bswap32;
-		rk_cgetent;
-		rk_cgetstr;
 		rk_cloexec;
 		rk_cloexec_file;
                 rk_cloexec_dir;
-		rk_closefrom;
 		rk_copyhostent;
 		rk_dns_free_data;
 		rk_dns_lookup;
@@ -59,39 +45,17 @@ HEIMDAL_ROKEN_1.0 {
 		rk_esetenv;
 		rk_estrdup;
 		rk_ewrite;
-		rk_flock;
-		rk_fnmatch;
 		rk_free_environment;
-		rk_freeaddrinfo;
-		rk_freehostent;
-		rk_freeifaddrs;
-		rk_gai_strerror;
-		rk_getaddrinfo;
-		rk_getifaddrs;
-		rk_getipnodebyaddr;
-		rk_getipnodebyname;
-		rk_getnameinfo;
-		rk_getprogname;
-		rk_glob;
-		rk_globfree;
 		rk_hex_decode;
 		rk_hex_encode;
 		rk_hostent_find_fqdn;
-		rk_inet_ntop;
-		rk_inet_pton;
-		rk_localtime_r;
-		rk_mkstemp;
 		rk_pid_file_delete;
 		rk_pid_file_write;
 		rk_pidfile;
 		rk_pipe_execv;
 		rk_random_init;
 		rk_read_environment;
-		rk_readv;
 		rk_realloc;
-		rk_strerror;
-		rk_strerror_r;
-		rk_setprogname;
 		rk_simple_execle;
 		rk_simple_execlp;
 		rk_simple_execve;
@@ -112,39 +76,18 @@ HEIMDAL_ROKEN_1.0 {
 		rk_socket_set_tos;
 		rk_socket_sockaddr_size;
 		rk_strcollect;
-		rk_strftime;
-		rk_strlcat;
-		rk_strlcpy;
 		rk_strlwr;
-		rk_strndup;
-		rk_strnlen;
 		rk_strpoolcollect;
 		rk_strpoolfree;
 		rk_strpoolprintf;
-		rk_strptime;
 		rk_strsep_copy;
-		rk_strsvis;
-		rk_strsvisx;
-		rk_strunvis;
-		rk_strunvisx;
 		rk_strupr;
-		rk_strvis;
-		rk_strvisx;
-		rk_svis;
-		rk_timegm;
 		rk_timevaladd;
 		rk_timevalfix;
 		rk_timevalsub;
-		rk_tdelete;
-		rk_tfind;
-		rk_tsearch;
-		rk_twalk;
 		rk_undumpdata;
 		rk_unvis;
 		rk_vasnprintf;
-		rk_vasprintf;
-		rk_vis;
-		rk_vsnprintf;
 		rk_vstrcollect;
 		rk_wait_for_process;
 		rk_wait_for_process_timed;
@@ -176,7 +119,6 @@ HEIMDAL_ROKEN_1.0 {
 		rtbl_set_prefix;
 		rtbl_set_separator;
 		signal;
-		simple_execl;
 		tm2time;
 		unix_verify_user;
 		unparse_bytes;
@@ -186,13 +128,6 @@ HEIMDAL_ROKEN_1.0 {
 		unparse_time_approx;
 		unparse_units;
 		unparse_units_approx;
-		verr;
-		verrx;
-		vwarn;
-		vwarnx;
-		warn;
-		warnx;
-		writev;
 	local:
 		*;
 };