summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-09-25 15:02:12 +0200
committerJakub Hrozek <jhrozek@redhat.com>2012-10-02 16:54:16 +0200
commit798a227df11f49147fa43e515910ec11e21e0caa (patch)
tree356c7503ea08a7e37a9e6aac73db2c1390e1df3b /src/providers/ldap
parentfa893b2796b002f709e9416f134bc8df8c08cf8d (diff)
downloadsssd-798a227df11f49147fa43e515910ec11e21e0caa.tar.gz
sssd-798a227df11f49147fa43e515910ec11e21e0caa.tar.xz
sssd-798a227df11f49147fa43e515910ec11e21e0caa.zip
remove left over principal selection
https://fedorahosted.org/sssd/ticket/1303 Domain start up was taking too long when there are many principals in a kerberos keytab. We were looking up in the keytab two times. The first time we try to select a proper principal and remember it. The second call happens almost right after the first one and it is just a check if the principal exists in the keytab, without any output information other than success/failure. It is probably a left over from https://fedorahosted.org/sssd/ticket/781. This patch removes the second call.
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_child_helpers.c21
1 files changed, 0 insertions, 21 deletions
diff --git a/src/providers/ldap/sdap_child_helpers.c b/src/providers/ldap/sdap_child_helpers.c
index eeb5e5f03..7a59a42ea 100644
--- a/src/providers/ldap/sdap_child_helpers.c
+++ b/src/providers/ldap/sdap_child_helpers.c
@@ -453,7 +453,6 @@ static errno_t set_tgt_child_timeout(struct tevent_req *req,
int setup_child(struct sdap_id_ctx *ctx)
{
int ret;
- const char *mech;
unsigned v;
FILE *debug_filep;
const char *realm;
@@ -463,26 +462,6 @@ int setup_child(struct sdap_id_ctx *ctx)
realm = dp_opt_get_string(ctx->opts->basic, SDAP_KRB5_REALM);
}
- mech = dp_opt_get_string(ctx->opts->basic,
- SDAP_SASL_MECH);
- if (!mech) {
- return EOK;
- }
-
- if (mech && (strcasecmp(mech, "GSSAPI") == 0)) {
- ret = sss_krb5_verify_keytab(dp_opt_get_string(ctx->opts->basic,
- SDAP_SASL_AUTHID),
- realm,
- dp_opt_get_string(ctx->opts->basic,
- SDAP_KRB5_KEYTAB));
-
- if (ret != EOK) {
- DEBUG(0, ("Could not verify keytab\n"));
- return ret;
- }
-
- }
-
if (debug_to_file != 0 && ldap_child_debug_fd == -1) {
ret = open_debug_file_ex("ldap_child", &debug_filep);
if (ret != EOK) {