diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-18 20:52:43 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-18 20:33:28 +0100 |
commit | 45aeb924ec3ac448bb8d174a5cc061ed98b147c7 (patch) | |
tree | 3d160f153780744319df584e9024bb8023d3cf44 /src/providers/krb5/krb5_auth.c | |
parent | 476b78b3f66abc7a0f805154ea1a29f54628224a (diff) | |
download | sssd-45aeb924ec3ac448bb8d174a5cc061ed98b147c7.tar.gz sssd-45aeb924ec3ac448bb8d174a5cc061ed98b147c7.tar.xz sssd-45aeb924ec3ac448bb8d174a5cc061ed98b147c7.zip |
KRB5: Move ccache-related functions to krb5_ccache.c
Add a new module krb5_ccache.c that contains all ccache-related
operations. The only user of this module shall be krb5_child.c as the
other modules will run unprivileged and accessing the ccache requires
either privileges of root or the ccache owner.
Related:
https://fedorahosted.org/sssd/ticket/2370
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/providers/krb5/krb5_auth.c')
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 16 |
1 files changed, 1 insertions, 15 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index c96b7aee9..bd8b51f47 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -39,21 +39,7 @@ #include "util/child_common.h" #include "providers/krb5/krb5_auth.h" #include "providers/krb5/krb5_utils.h" - -static errno_t safe_remove_old_ccache_file(const char *old_ccache, - const char *new_ccache, - uid_t uid, gid_t gid) -{ - if ((old_ccache == new_ccache) - || (old_ccache && new_ccache - && (strcmp(old_ccache, new_ccache) == 0))) { - DEBUG(SSSDBG_TRACE_FUNC, "New and old ccache file are the same, " - "none will be deleted.\n"); - return EOK; - } - - return sss_krb5_cc_destroy(old_ccache, uid, gid); -} +#include "providers/krb5/krb5_ccache.h" static errno_t check_old_ccache(const char *old_ccache, struct krb5child_req *kr, |