krb5: move template check to initializzation

The randomized template check realy only makes sense for the FILE ccache
which is the only one that normally needs to use randomizing chars.
Also it is better to warn the admin early rather than to warn 'when it
is too late'.
So move the check at initialization time when we determine what the
template actually is.

Resolves:
https://fedorahosted.org/sssd/ticket/2061

1 files changed, 1 insertions, 4 deletions

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 178f18a3..ca00ce7a 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -60,7 +60,6 @@ check_old_ccache(const char *old_ccache, struct krb5child_req *kr,
                  const char *realm, bool *active, bool *valid)
 {
     struct sss_krb5_cc_be *old_cc_ops;
-    const char *cc_template;
     errno_t ret;
 
     /* ccache file might be of a different type if the user changed
@@ -73,10 +72,8 @@ check_old_ccache(const char *old_ccache, struct krb5child_req *kr,
         return EINVAL;
     }
 
-    cc_template = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL);
-
     ret = old_cc_ops->check_existing(old_ccache, kr->uid, realm, kr->upn,
-                                     cc_template, valid);
+                                     valid);
     if (ret == ENOENT) {
         DEBUG(SSSDBG_TRACE_FUNC,
               ("Saved ccache %s doesn't exist.\n", old_ccache));