summaryrefslogtreecommitdiffstats
path: root/src/providers
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/krb5/krb5_child.c40
1 files changed, 6 insertions, 34 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index bd937e808..e9febe475 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -65,27 +65,14 @@ struct krb5_req {
static krb5_context krb5_error_ctx;
#define KRB5_CHILD_DEBUG(level, error) KRB5_DEBUG(level, krb5_error_ctx, error)
-static krb5_error_code get_changepw_options(krb5_context ctx,
- krb5_get_init_creds_opt **_options)
+static void set_changepw_options(krb5_context ctx,
+ krb5_get_init_creds_opt *options)
{
- krb5_get_init_creds_opt *options;
- krb5_error_code kerr;
-
- kerr = sss_krb5_get_init_creds_opt_alloc(ctx, &options);
- if (kerr != 0) {
- KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
- return kerr;
- }
-
sss_krb5_get_init_creds_opt_set_canonicalize(options, 0);
krb5_get_init_creds_opt_set_forwardable(options, 0);
krb5_get_init_creds_opt_set_proxiable(options, 0);
krb5_get_init_creds_opt_set_renew_life(options, 0);
krb5_get_init_creds_opt_set_tkt_life(options, 5*60);
-
- *_options = options;
-
- return 0;
}
static errno_t sss_send_pac(krb5_authdata **pac_authdata)
@@ -1023,7 +1010,6 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
krb5_prompter_fct prompter = NULL;
const char *realm_name;
int realm_length;
- krb5_get_init_creds_opt *chagepw_options;
size_t msg_len;
uint8_t *msg;
@@ -1041,12 +1027,7 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
prompter = sss_krb5_prompter;
}
- kerr = get_changepw_options(kr->ctx, &chagepw_options);
- if (kerr != 0) {
- DEBUG(SSSDBG_OP_FAILURE, ("get_changepw_options failed.\n"));
- return kerr;
- }
-
+ set_changepw_options(kr->ctx, kr->options);
sss_krb5_princ_realm(kr->ctx, kr->princ, &realm_name, &realm_length);
DEBUG(SSSDBG_TRACE_FUNC,
@@ -1055,8 +1036,7 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
discard_const(password),
prompter, kr, 0,
SSSD_KRB5_CHANGEPW_PRINCIPAL,
- chagepw_options);
- sss_krb5_get_init_creds_opt_free(kr->ctx, chagepw_options);
+ kr->options);
if (kerr != 0) {
ret = pack_user_info_chpass_error(kr->pd, "Old password not accepted.",
&msg_len, &msg);
@@ -1164,7 +1144,6 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
static errno_t tgt_req_child(struct krb5_req *kr)
{
- krb5_get_init_creds_opt *chagepw_options;
const char *password = NULL;
krb5_error_code kerr;
int ret;
@@ -1210,19 +1189,12 @@ static errno_t tgt_req_child(struct krb5_req *kr)
DEBUG(1, ("Failed to unset expire callback, continue ...\n"));
}
- kerr = get_changepw_options(kr->ctx, &chagepw_options);
- if (kerr != 0) {
- DEBUG(SSSDBG_OP_FAILURE, ("get_changepw_options failed.\n"));
- return kerr;
- }
-
+ set_changepw_options(kr->ctx, kr->options);
kerr = krb5_get_init_creds_password(kr->ctx, kr->creds, kr->princ,
discard_const(password),
sss_krb5_prompter, kr, 0,
SSSD_KRB5_CHANGEPW_PRINCIPAL,
- chagepw_options);
-
- sss_krb5_get_init_creds_opt_free(kr->ctx, chagepw_options);
+ kr->options);
krb5_free_cred_contents(kr->ctx, kr->creds);
if (kerr == 0) {