summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-08-30 12:27:49 -0400
committerSimo Sorce <simo@redhat.com>2013-09-09 15:11:45 -0400
commitc121e65ed592bf3611053ee38032fd33c8d1b285 (patch)
treeb17ab2dffe90794180e829db25399e3242c5f181 /src/util
parent5dc3b01fd9b2fa244e7c2820ce04602c9f059370 (diff)
downloadsssd-c121e65ed592bf3611053ee38032fd33c8d1b285.tar.gz
sssd-c121e65ed592bf3611053ee38032fd33c8d1b285.tar.bz2
sssd-c121e65ed592bf3611053ee38032fd33c8d1b285.zip
krb5: Make check_for_valid_tgt() static
check_for_valid_tgt() is used exclusively in krb5_uitls.c so move it there. Resolves: https://fedorahosted.org/sssd/ticket/2061
Diffstat (limited to 'src/util')
-rw-r--r--src/util/sss_krb5.c72
-rw-r--r--src/util/sss_krb5.h4
2 files changed, 0 insertions, 76 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index b25ed249..440edab8 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -546,78 +546,6 @@ void KRB5_CALLCONV sss_krb5_free_unparsed_name(krb5_context context, char *name)
}
-krb5_error_code check_for_valid_tgt(krb5_context context,
- krb5_ccache ccache, const char *realm,
- const char *client_princ_str, bool *result)
-{
- krb5_error_code krberr;
- TALLOC_CTX *tmp_ctx = NULL;
- krb5_creds mcred;
- krb5_creds cred;
- char *server_name = NULL;
- krb5_principal client_principal = NULL;
- krb5_principal server_principal = NULL;
-
- *result = false;
-
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
- DEBUG(1, ("talloc_new failed.\n"));
- return ENOMEM;
- }
-
- server_name = talloc_asprintf(tmp_ctx, "krbtgt/%s@%s", realm, realm);
- if (server_name == NULL) {
- DEBUG(1, ("talloc_asprintf failed.\n"));
- krberr = ENOMEM;
- goto done;
- }
-
- krberr = krb5_parse_name(context, server_name, &server_principal);
- if (krberr != 0) {
- DEBUG(1, ("krb5_parse_name failed.\n"));
- goto done;
- }
-
- krberr = krb5_parse_name(context, client_princ_str, &client_principal);
- if (krberr != 0) {
- DEBUG(1, ("krb5_parse_name failed.\n"));
- goto done;
- }
-
- memset(&mcred, 0, sizeof(mcred));
- memset(&cred, 0, sizeof(mcred));
- mcred.client = client_principal;
- mcred.server = server_principal;
-
- krberr = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred);
- if (krberr != 0) {
- DEBUG(1, ("krb5_cc_retrieve_cred failed.\n"));
- krberr = 0;
- goto done;
- }
-
- DEBUG(7, ("TGT end time [%d].\n", cred.times.endtime));
-
- if (cred.times.endtime > time(NULL)) {
- DEBUG(3, ("TGT is valid.\n"));
- *result = true;
- }
- krb5_free_cred_contents(context, &cred);
-
- krberr = 0;
-
-done:
- if (client_principal != NULL) {
- krb5_free_principal(context, client_principal);
- }
- if (server_principal != NULL) {
- krb5_free_principal(context, server_principal);
- }
- talloc_free(tmp_ctx);
- return krberr;
-}
-
krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback(
krb5_context context,
krb5_get_init_creds_opt *opt,
diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h
index b1074f81..aaf2a648 100644
--- a/src/util/sss_krb5.h
+++ b/src/util/sss_krb5.h
@@ -70,10 +70,6 @@ void KRB5_CALLCONV sss_krb5_get_init_creds_opt_free (krb5_context context,
void KRB5_CALLCONV sss_krb5_free_unparsed_name(krb5_context context, char *name);
-krb5_error_code check_for_valid_tgt(krb5_context context,
- krb5_ccache ccache, const char *realm,
- const char *client_princ_str, bool *result);
-
int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name,
krb5_context context, krb5_keytab keytab);