diff options
-rw-r--r-- | source3/include/krb5_protos.h | 1 | ||||
-rw-r--r-- | source3/libsmb/clikrb5.c | 66 |
2 files changed, 0 insertions, 67 deletions
diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h index 2b2019d853..392fafd08c 100644 --- a/source3/include/krb5_protos.h +++ b/source3/include/krb5_protos.h @@ -65,7 +65,6 @@ void krb5_free_unparsed_name(krb5_context ctx, char *val); /* Samba wrapper function for krb5 functionality. */ bool setup_kaddr( krb5_address *pkaddr, struct sockaddr_storage *paddr); int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype, bool no_salt); -bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt); krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes); bool get_krb5_smb_session_key(TALLOC_CTX *mem_ctx, krb5_context context, diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index ef1fed9f68..d83b1b685b 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -272,72 +272,6 @@ bool unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ return True; } - bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt) -{ - DATA_BLOB auth_data_wrapped; - bool got_auth_data_pac = False; - int i; - -#if defined(HAVE_KRB5_TKT_ENC_PART2) - if (tkt->enc_part2 && tkt->enc_part2->authorization_data && - tkt->enc_part2->authorization_data[0] && - tkt->enc_part2->authorization_data[0]->length) - { - for (i = 0; tkt->enc_part2->authorization_data[i] != NULL; i++) { - - if (tkt->enc_part2->authorization_data[i]->ad_type != - KRB5_AUTHDATA_IF_RELEVANT) { - DEBUG(10,("get_auth_data_from_tkt: ad_type is %d\n", - tkt->enc_part2->authorization_data[i]->ad_type)); - continue; - } - - auth_data_wrapped = data_blob(tkt->enc_part2->authorization_data[i]->contents, - tkt->enc_part2->authorization_data[i]->length); - - /* check if it is a PAC */ - got_auth_data_pac = unwrap_pac(mem_ctx, &auth_data_wrapped, auth_data); - data_blob_free(&auth_data_wrapped); - - if (got_auth_data_pac) { - return true; - } - } - - return got_auth_data_pac; - } - -#else - if (tkt->ticket.authorization_data && - tkt->ticket.authorization_data->len) - { - for (i = 0; i < tkt->ticket.authorization_data->len; i++) { - - if (tkt->ticket.authorization_data->val[i].ad_type != - KRB5_AUTHDATA_IF_RELEVANT) { - DEBUG(10,("get_auth_data_from_tkt: ad_type is %d\n", - tkt->ticket.authorization_data->val[i].ad_type)); - continue; - } - - auth_data_wrapped = data_blob(tkt->ticket.authorization_data->val[i].ad_data.data, - tkt->ticket.authorization_data->val[i].ad_data.length); - - /* check if it is a PAC */ - got_auth_data_pac = unwrap_pac(mem_ctx, &auth_data_wrapped, auth_data); - data_blob_free(&auth_data_wrapped); - - if (got_auth_data_pac) { - return true; - } - } - - return got_auth_data_pac; - } -#endif - return False; -} - static bool ads_cleanup_expired_creds(krb5_context context, krb5_ccache ccache, krb5_creds *credsp) |