From 4c4090beb941bfeddbacdbe082c9e08823c02ec0 Mon Sep 17 00:00:00 2001
From: Benjamin Franzke <benjaminfranzke@googlemail.com>
Date: Tue, 15 Oct 2013 12:52:27 +0200
Subject: krb5: Add additional HAVE_PAC_RESONDER checks

This is since krb5_authdata_free and krb5_authdata:contents may not be
available if HAVE_PAC_RESPONDER is disabled.
---
 src/providers/krb5/krb5_child.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 42cfbbfe..e00c16ca 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -88,6 +88,7 @@ static krb5_error_code get_changepw_options(krb5_context ctx,
     return 0;
 }
 
+#ifdef HAVE_PAC_RESPONDER
 static errno_t sss_send_pac(krb5_authdata **pac_authdata)
 {
     struct sss_cli_req_data sss_data;
@@ -107,6 +108,7 @@ static errno_t sss_send_pac(krb5_authdata **pac_authdata)
 
     return EOK;
 }
+#endif /* HAVE_PAC_RESPONDER */
 
 static void sss_krb5_expire_callback_func(krb5_context context, void *data,
                                           krb5_timestamp password_expiration,
@@ -700,7 +702,9 @@ static krb5_error_code validate_tgt(struct krb5_req *kr)
     krb5_principal validation_princ = NULL;
     bool realm_entry_found = false;
     krb5_ccache validation_ccache = NULL;
+#ifdef HAVE_PAC_RESPONDER
     krb5_authdata **pac_authdata = NULL;
+#endif
 
     memset(&keytab, 0, sizeof(keytab));
     kerr = krb5_kt_resolve(kr->ctx, kr->keytab, &keytab);
@@ -794,6 +798,7 @@ static krb5_error_code validate_tgt(struct krb5_req *kr)
         goto done;
     }
 
+#ifdef HAVE_PAC_RESPONDER
     /* Try to find and send the PAC to the PAC responder.
      * Failures are not critical. */
     if (kr->send_pac) {
@@ -816,6 +821,7 @@ static krb5_error_code validate_tgt(struct krb5_req *kr)
             kerr = 0;
         }
     }
+#endif /* HAVE_PAC_RESPONDER */
 
 done:
     if (validation_ccache != NULL) {
-- 
cgit