Don't require krb5.conf without KRB5_DNS_LOOKUP

For a long time we have allowed krb5 contexts to be initialized in the
absence of krb5.conf--but only if KRB5_DNS_LOOKUP is defined,
presumably on the theory that no KDCs could be contacted without
either DNS support or profile configuration.  But locate plugins could
provide the ability to find KDCs, and some libkrb5 operations (such as
IAKERB initiation) could succeed without needing to locate KDCs.

Also get rid of the profile_in_memory context flag, since we don't use
it any more.

1 files changed, 2 insertions, 11 deletions

diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c
index 2afe2e127b..ff6061a2ca 100644
--- a/src/lib/krb5/os/init_os_ctx.c
+++ b/src/lib/krb5/os/init_os_ctx.c
@@ -378,10 +378,6 @@ os_init_paths(krb5_context ctx, krb5_boolean kdc)
     profile_filespec_t *files = 0;
     krb5_boolean secure = ctx->profile_secure;
 
-#ifdef KRB5_DNS_LOOKUP
-    ctx->profile_in_memory = 0;
-#endif /* KRB5_DNS_LOOKUP */
-
     retval = os_get_default_config_files(&files, secure);
 
     if (retval == 0 && kdc)
@@ -391,14 +387,9 @@ os_init_paths(krb5_context ctx, krb5_boolean kdc)
         retval = profile_init_flags((const_profile_filespec_t *) files,
                                     PROFILE_INIT_ALLOW_MODULE, &ctx->profile);
 
-#ifdef KRB5_DNS_LOOKUP
-        /* if none of the filenames can be opened use an empty profile */
-        if (retval == ENOENT) {
+        /* If none of the filenames can be opened, use an empty profile. */
+        if (retval == ENOENT)
             retval = profile_init(NULL, &ctx->profile);
-            if (!retval)
-                ctx->profile_in_memory = 1;
-        }
-#endif /* KRB5_DNS_LOOKUP */
     }
 
     if (files)