1 files changed, 15 insertions, 30 deletions

diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index df7892153..6bf1cf610 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -157,24 +157,14 @@ done:
     return ret;
 }
 
-#define S_EXP_TEMP "{TEMP}"
-#define L_EXP_TEMP (sizeof(S_EXP_TEMP) - 1)
 #define S_EXP_UID "{uid}"
 #define L_EXP_UID (sizeof(S_EXP_UID) - 1)
 #define S_EXP_USERID "{USERID}"
 #define L_EXP_USERID (sizeof(S_EXP_USERID) - 1)
 #define S_EXP_EUID "{euid}"
 #define L_EXP_EUID (sizeof(S_EXP_EUID) - 1)
-#define S_EXP_NULL "{null}"
-#define L_EXP_NULL (sizeof(S_EXP_NULL) - 1)
 #define S_EXP_USERNAME "{username}"
 #define L_EXP_USERNAME (sizeof(S_EXP_USERNAME) - 1)
-#define S_EXP_LIBDIR "{LIBDIR}"
-#define L_EXP_LIBDIR (sizeof(S_EXP_LIBDIR) - 1)
-#define S_EXP_BINDIR "{BINDIR}"
-#define L_EXP_BINDIR (sizeof(S_EXP_BINDIR) - 1)
-#define S_EXP_SBINDIR "{SBINDIR}"
-#define L_EXP_SBINDIR (sizeof(S_EXP_SBINDIR) - 1)
 
 char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
                              const char *template, bool file_mode,
@@ -325,11 +315,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
 
             /* Additional syntax from krb5.conf default_ccache_name */
             case '{':
-                if (strncmp(n, S_EXP_TEMP, L_EXP_TEMP) == 0) {
-                    /* let the libkrb5 library resolve this */
-                    result = talloc_asprintf_append(result, "%%"S_EXP_TEMP);
-                    n += L_EXP_TEMP - 1;
-                } else if (strncmp(n , S_EXP_UID, L_EXP_UID) == 0) {
+                if (strncmp(n , S_EXP_UID, L_EXP_UID) == 0) {
                     action = 'U';
                     n += L_EXP_UID - 1;
                     rerun = true;
@@ -346,26 +332,25 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
                     n += L_EXP_EUID - 1;
                     rerun = true;
                     continue;
-                } else if (strncmp(n , S_EXP_NULL, L_EXP_NULL) == 0) {
-                    /* skip immediately */
-                    n += L_EXP_NULL - 1;
                 } else if (strncmp(n , S_EXP_USERNAME, L_EXP_USERNAME) == 0) {
                     action = 'u';
                     n += L_EXP_USERNAME - 1;
                     rerun = true;
                     continue;
-                } else if (strncmp(n , S_EXP_LIBDIR, L_EXP_LIBDIR) == 0) {
-                    /* skip, only the libkrb5 library can resolve this */
-                    result = talloc_asprintf_append(result, "%%"S_EXP_LIBDIR);
-                    n += L_EXP_LIBDIR - 1;
-                } else if (strncmp(n , S_EXP_BINDIR, L_EXP_BINDIR) == 0) {
-                    /* skip, only the libkrb5 library can resolve this */
-                    result = talloc_asprintf_append(result, "%%"S_EXP_BINDIR);
-                    n += L_EXP_BINDIR - 1;
-                } else if (strncmp(n , S_EXP_SBINDIR, L_EXP_SBINDIR) == 0) {
-                    /* skip, only the libkrb5 library can resolve this */
-                    result = talloc_asprintf_append(result, "%%"S_EXP_SBINDIR);
-                    n += L_EXP_SBINDIR - 1;
+                } else {
+                    /* ignore any expansion variable we do not understand and
+                     * let libkrb5 hndle it or fail */
+                    name = n;
+                    n = strchr(name, '}');
+                    if (!n) {
+                        DEBUG(SSSDBG_CRIT_FAILURE, (
+                              "Invalid substitution sequence in cache "
+                              "template. Missing closing '}' in [%s].\n",
+                              template));
+                        goto done;
+                    }
+                    result = talloc_asprintf_append(result, "%s%%%.*s", p,
+                                                    (int)(n - name + 1), name);
                 }
                 break;
             default: