From 798a227df11f49147fa43e515910ec11e21e0caa Mon Sep 17 00:00:00 2001 From: Pavel Březina Date: Tue, 25 Sep 2012 15:02:12 +0200 Subject: remove left over principal selection https://fedorahosted.org/sssd/ticket/1303 Domain start up was taking too long when there are many principals in a kerberos keytab. We were looking up in the keytab two times. The first time we try to select a proper principal and remember it. The second call happens almost right after the first one and it is just a check if the principal exists in the keytab, without any output information other than success/failure. It is probably a left over from https://fedorahosted.org/sssd/ticket/781. This patch removes the second call. --- src/providers/ldap/sdap_child_helpers.c | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'src/providers') diff --git a/src/providers/ldap/sdap_child_helpers.c b/src/providers/ldap/sdap_child_helpers.c index eeb5e5f03..7a59a42ea 100644 --- a/src/providers/ldap/sdap_child_helpers.c +++ b/src/providers/ldap/sdap_child_helpers.c @@ -453,7 +453,6 @@ static errno_t set_tgt_child_timeout(struct tevent_req *req, int setup_child(struct sdap_id_ctx *ctx) { int ret; - const char *mech; unsigned v; FILE *debug_filep; const char *realm; @@ -463,26 +462,6 @@ int setup_child(struct sdap_id_ctx *ctx) realm = dp_opt_get_string(ctx->opts->basic, SDAP_KRB5_REALM); } - mech = dp_opt_get_string(ctx->opts->basic, - SDAP_SASL_MECH); - if (!mech) { - return EOK; - } - - if (mech && (strcasecmp(mech, "GSSAPI") == 0)) { - ret = sss_krb5_verify_keytab(dp_opt_get_string(ctx->opts->basic, - SDAP_SASL_AUTHID), - realm, - dp_opt_get_string(ctx->opts->basic, - SDAP_KRB5_KEYTAB)); - - if (ret != EOK) { - DEBUG(0, ("Could not verify keytab\n")); - return ret; - } - - } - if (debug_to_file != 0 && ldap_child_debug_fd == -1) { ret = open_debug_file_ex("ldap_child", &debug_filep); if (ret != EOK) { -- cgit