diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 65 | ||||
-rw-r--r-- | src/lib/krb5/ccache/ccdefault.c | 46 | ||||
-rw-r--r-- | src/lib/krb5/krb/gic_pwd.c | 5 | ||||
-rw-r--r-- | src/lib/krb5/os/init_os_ctx.c | 11 |
4 files changed, 3 insertions, 124 deletions
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index a784dd37d9..d7daecb227 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -78,10 +78,7 @@ #include <strings.h> #endif -#if defined(USE_KIM) -#include <kim/kim.h> -#include "kim_library_private.h" -#elif defined(USE_LEASH) +#ifdef USE_LEASH #ifdef _WIN64 #define LEASH_DLL "leashw64.dll" #else @@ -270,62 +267,6 @@ acquire_accept_cred(krb5_context context, } #endif /* LEAN_CLIENT */ -#ifdef USE_KIM -krb5_error_code -get_ccache_kim(krb5_context context, krb5_principal desired_princ, - krb5_ccache *ccache_out) -{ - kim_error err; - kim_ccache kimccache = NULL; - kim_identity identity = NULL; - kim_credential_state state; - krb5_ccache ccache; - - *ccache_out = NULL; - - err = kim_identity_create_from_krb5_principal(&identity, context, - desired_princ); - if (err) - goto cleanup; - - err = kim_ccache_create_from_client_identity(&kimccache, identity); - if (err) - goto cleanup; - - err = kim_ccache_get_state(kimccache, &state); - if (err) - goto cleanup; - - if (state != kim_credentials_state_valid) { - if (state == kim_credentials_state_needs_validation) { - err = kim_ccache_validate(kimccache, KIM_OPTIONS_DEFAULT); - if (err) - goto cleanup; - } else { - kim_ccache_free(&kimccache); - } - } - - if (!kimccache && kim_library_allow_automatic_prompting()) { - /* ccache does not already exist, create a new one. */ - err = kim_ccache_create_new(&kimccache, identity, KIM_OPTIONS_DEFAULT); - if (err) - goto cleanup; - } - - err = kim_ccache_get_krb5_ccache(kimccache, context, &ccache); - if (err) - goto cleanup; - - *ccache_out = ccache; - -cleanup: - kim_ccache_free(&kimccache); - kim_identity_free(&identity); - return err; -} -#endif /* USE_KIM */ - #ifdef USE_LEASH static krb5_error_code get_ccache_leash(krb5_context context, krb5_principal desired_princ, @@ -575,9 +516,7 @@ acquire_init_cred(krb5_context context, code = krb5int_cc_default(context, &ccache); } else if (desired_princ) { /* Try to find an appropriate ccache for the desired name. */ -#if defined(USE_KIM) - code = get_ccache_kim(context, desired_princ, &ccache); -#elif defined(USE_LEASH) +#ifdef USE_LEASH code = get_ccache_leash(context, desired_princ, &ccache); #else code = krb5_cc_cache_match(context, desired_princ, &ccache); diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c index e43b1638b3..1d3625c4d9 100644 --- a/src/lib/krb5/ccache/ccdefault.c +++ b/src/lib/krb5/ccache/ccdefault.c @@ -26,10 +26,7 @@ #include "k5-int.h" -#if defined(USE_KIM) -#include <kim/kim.h> -#include "kim_library_private.h" -#elif defined(USE_LEASH) +#ifdef USE_LEASH static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL; static HANDLE hLeashDLL = INVALID_HANDLE_VALUE; #ifdef _WIN64 @@ -75,46 +72,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) return KV5M_CONTEXT; } -#ifdef USE_KIM - if (kim_library_allow_automatic_prompting ()) { - kim_error err = KIM_NO_ERROR; - kim_ccache kimccache = NULL; - kim_identity identity = KIM_IDENTITY_ANY; - kim_credential_state state; - kim_string name = NULL; - - err = kim_ccache_create_from_display_name (&kimccache, - krb5_cc_default_name (context)); - - if (!err) { - err = kim_ccache_get_client_identity (kimccache, &identity); - } - - if (!err) { - err = kim_ccache_get_state (kimccache, &state); - } - - if (err || state != kim_credentials_state_valid) { - /* Either the ccache is does not exist or is invalid. Get new - * tickets. Use the identity in the ccache if there was one. */ - kim_ccache_free (&kimccache); - err = kim_ccache_create_new (&kimccache, - identity, KIM_OPTIONS_DEFAULT); - } - - if (!err) { - err = kim_ccache_get_display_name (kimccache, &name); - } - - if (!err) { - krb5_cc_set_default_name (context, name); - } - - kim_identity_free (&identity); - kim_string_free (&name); - kim_ccache_free (&kimccache); - } -#else #ifdef USE_LEASH if ( hLeashDLL == INVALID_HANDLE_VALUE ) { hLeashDLL = LoadLibrary(LEASH_DLL); @@ -135,7 +92,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) } } #endif -#endif return krb5_cc_default (context, ccache); } diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index b8406a651e..f5c0b30278 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -310,11 +310,6 @@ krb5_get_init_creds_password(krb5_context context, use_master = 0; } -#ifdef USE_KIM - if (ret == KRB5KDC_ERR_KEY_EXP) - goto cleanup; /* Login library will deal appropriately with this error */ -#endif - /* at this point, we have an error from the master. if the error is not password expired, or if it is but there's no prompter, return this error */ diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index f7dc429944..7cded7ce52 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -30,10 +30,6 @@ #include "os-proto.h" #include "prof_int.h" /* XXX for profile_copy, not public yet */ -#ifdef USE_KIM -#include "kim_library_private.h" -#endif - #if defined(_WIN32) #include <winsock.h> #include <Shlobj.h> @@ -298,13 +294,6 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure) unsigned int ent_len; const char *s, *t; -#ifdef USE_KIM - /* If kim_library_allow_home_directory_access() == FALSE, we are probably - * trying to authenticate to a fileserver for the user's homedir. - */ - if (!kim_library_allow_home_directory_access ()) - secure = 1; -#endif if (secure) { filepath = DEFAULT_SECURE_PROFILE_PATH; } else { |