From 1536e39c191a013bc50bb6fd4b8eaef11cf0d436 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 30 Aug 2013 00:58:24 -0400 Subject: krb5: Replace type-specific ccache/principal check Instead of having duplicate functions that are type custom use a signle common function that also performs access to the cache as the user owner, implicitly validating correctness of ownership. Resolves: https://fedorahosted.org/sssd/ticket/2061 --- src/providers/krb5/krb5_utils.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'src/providers/krb5/krb5_utils.h') diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h index ac29d61e..a73098d4 100644 --- a/src/providers/krb5/krb5_utils.h +++ b/src/providers/krb5/krb5_utils.h @@ -49,9 +49,6 @@ typedef errno_t (*cc_be_check_existing)(const char *location, uid_t uid, const char *realm, const char *princ, const char *cc_template, bool *active, bool *valid); -typedef const char * (*cc_be_ccache_for_princ)(TALLOC_CTX *mem_ctx, - const char *location, - const char *princ); /* A ccache back end */ struct sss_krb5_cc_be { @@ -59,7 +56,6 @@ struct sss_krb5_cc_be { cc_be_create_fn create; cc_be_check_existing check_existing; - cc_be_ccache_for_princ ccache_for_princ; }; extern struct sss_krb5_cc_be file_cc; @@ -86,6 +82,8 @@ errno_t switch_creds(TALLOC_CTX *mem_ctx, errno_t restore_creds(struct sss_creds *saved_creds); errno_t sss_krb5_cc_destroy(const char *ccname, uid_t uid, gid_t gid); +errno_t sss_krb5_check_ccache_princ(uid_t uid, gid_t gid, + const char *ccname, const char *principal); errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, struct tgt_times *tgtt); -- cgit