r14512: Guenther, This code breaks winbind with MIT krb1.3.

I'm disabling it for now until we have en effective
means of dealing with the ticket request flags for users
and computers.
(This used to be commit 635f0c9c01c2e389ca916e9004e9ea064bf69cbb)

1 files changed, 12 insertions, 2 deletions

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index c82310dd08..17e350d754 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -72,7 +72,9 @@ int kerberos_kinit_password(const char *principal,
 	krb5_ccache cc = NULL;
 	krb5_principal me;
 	krb5_creds my_creds;
+#if 0
 	krb5_get_init_creds_opt opt;
+#endif
 
 	initialize_krb5_error_table();
 	if ((code = krb5_init_context(&ctx)))
@@ -95,9 +97,12 @@ int kerberos_kinit_password(const char *principal,
 		return code;
 	}
 
+#if 0	/* This code causes problems with MIT krb5 1.3 when asking for a 
+	   TGT for the machine account */
 	krb5_get_init_creds_opt_init(&opt);
 	krb5_get_init_creds_opt_set_renew_life(&opt, renewable_time);
 	krb5_get_init_creds_opt_set_forwardable(&opt, 1);
+#endif
 	
 	if (request_pac) {
 #ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST
@@ -105,9 +110,14 @@ int kerberos_kinit_password(const char *principal,
 #endif
 	}
 
+#if 0
 	if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password), 
-						 kerb_prompter, 
-						 NULL, 0, NULL, &opt))) {
+						 kerb_prompter, NULL, 0, NULL, &opt)))
+#else
+	if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password), 
+						 kerb_prompter, NULL, 0, NULL, NULL))) 
+#endif
+	{
 		krb5_free_principal(ctx, me);
 		krb5_free_context(ctx);		
 		return code;