diff options
author | Simo Sorce <simo@redhat.com> | 2013-08-30 12:27:49 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-09-09 15:11:45 -0400 |
commit | c121e65ed592bf3611053ee38032fd33c8d1b285 (patch) | |
tree | b17ab2dffe90794180e829db25399e3242c5f181 /src/util | |
parent | 5dc3b01fd9b2fa244e7c2820ce04602c9f059370 (diff) | |
download | sssd-c121e65ed592bf3611053ee38032fd33c8d1b285.tar.gz sssd-c121e65ed592bf3611053ee38032fd33c8d1b285.tar.bz2 sssd-c121e65ed592bf3611053ee38032fd33c8d1b285.zip |
krb5: Make check_for_valid_tgt() static
check_for_valid_tgt() is used exclusively in krb5_uitls.c so move it there.
Resolves:
https://fedorahosted.org/sssd/ticket/2061
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/sss_krb5.c | 72 | ||||
-rw-r--r-- | src/util/sss_krb5.h | 4 |
2 files changed, 0 insertions, 76 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index b25ed249..440edab8 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -546,78 +546,6 @@ void KRB5_CALLCONV sss_krb5_free_unparsed_name(krb5_context context, char *name) } -krb5_error_code check_for_valid_tgt(krb5_context context, - krb5_ccache ccache, const char *realm, - const char *client_princ_str, bool *result) -{ - krb5_error_code krberr; - TALLOC_CTX *tmp_ctx = NULL; - krb5_creds mcred; - krb5_creds cred; - char *server_name = NULL; - krb5_principal client_principal = NULL; - krb5_principal server_principal = NULL; - - *result = false; - - tmp_ctx = talloc_new(NULL); - if (tmp_ctx == NULL) { - DEBUG(1, ("talloc_new failed.\n")); - return ENOMEM; - } - - server_name = talloc_asprintf(tmp_ctx, "krbtgt/%s@%s", realm, realm); - if (server_name == NULL) { - DEBUG(1, ("talloc_asprintf failed.\n")); - krberr = ENOMEM; - goto done; - } - - krberr = krb5_parse_name(context, server_name, &server_principal); - if (krberr != 0) { - DEBUG(1, ("krb5_parse_name failed.\n")); - goto done; - } - - krberr = krb5_parse_name(context, client_princ_str, &client_principal); - if (krberr != 0) { - DEBUG(1, ("krb5_parse_name failed.\n")); - goto done; - } - - memset(&mcred, 0, sizeof(mcred)); - memset(&cred, 0, sizeof(mcred)); - mcred.client = client_principal; - mcred.server = server_principal; - - krberr = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); - if (krberr != 0) { - DEBUG(1, ("krb5_cc_retrieve_cred failed.\n")); - krberr = 0; - goto done; - } - - DEBUG(7, ("TGT end time [%d].\n", cred.times.endtime)); - - if (cred.times.endtime > time(NULL)) { - DEBUG(3, ("TGT is valid.\n")); - *result = true; - } - krb5_free_cred_contents(context, &cred); - - krberr = 0; - -done: - if (client_principal != NULL) { - krb5_free_principal(context, client_principal); - } - if (server_principal != NULL) { - krb5_free_principal(context, server_principal); - } - talloc_free(tmp_ctx); - return krberr; -} - krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback( krb5_context context, krb5_get_init_creds_opt *opt, diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h index b1074f81..aaf2a648 100644 --- a/src/util/sss_krb5.h +++ b/src/util/sss_krb5.h @@ -70,10 +70,6 @@ void KRB5_CALLCONV sss_krb5_get_init_creds_opt_free (krb5_context context, void KRB5_CALLCONV sss_krb5_free_unparsed_name(krb5_context context, char *name); -krb5_error_code check_for_valid_tgt(krb5_context context, - krb5_ccache ccache, const char *realm, - const char *client_princ_str, bool *result); - int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name, krb5_context context, krb5_keytab keytab); |