krb5_util.c: In function 'realm_and_service_match':
krb5_util.c:617: warning: unused parameter 'context'
krb5_util.c: In function 'limit_krb5_enctypes':
krb5_util.c:1275: warning: unused parameter 'uid'
Signed-off-by: Steve Dickson <steved@redhat.com>
* Do this before creating rpc connection since we won't need
* rpc connection if it fails!
*/
* Do this before creating rpc connection since we won't need
* rpc connection if it fails!
*/
- if (limit_krb5_enctypes(&sec, uid)) {
+ if (limit_krb5_enctypes(&sec)) {
printerr(1, "WARNING: Failed while limiting krb5 "
"encryption types for user with uid %d\n",
uid);
printerr(1, "WARNING: Failed while limiting krb5 "
"encryption types for user with uid %d\n",
uid);
* and has *any* instance (hostname), return 1.
* Otherwise return 0, indicating no match.
*/
* and has *any* instance (hostname), return 1.
* Otherwise return 0, indicating no match.
*/
-realm_and_service_match(krb5_context context, krb5_principal p,
- const char *realm, const char *service)
+realm_and_service_match(krb5_principal p, const char *realm, const char *service)
/* Must have two components */
if (p->length != 2)
return 0;
/* Must have two components */
if (p->length != 2)
return 0;
if ((strlen(realm) == p->realm.length)
&& (strncmp(realm, p->realm.data, p->realm.length) == 0)
&& (strlen(service) == p->data[0].length)
&& (strncmp(service, p->data[0].data, p->data[0].length) == 0))
return 1;
if ((strlen(realm) == p->realm.length)
&& (strncmp(realm, p->realm.data, p->realm.length) == 0)
&& (strlen(service) == p->data[0].length)
&& (strncmp(service, p->data[0].data, p->data[0].length) == 0))
return 1;
+static int
+realm_and_service_match(krb5_context context, krb5_principal p,
+ const char *realm, const char *service)
+{
const char *name, *inst;
if (p->name.name_string.len != 2)
return 0;
const char *name, *inst;
if (p->name.name_string.len != 2)
return 0;
name = krb5_principal_get_comp_string(context, p, 0);
inst = krb5_principal_get_comp_string(context, p, 1);
if (name == NULL || inst == NULL)
name = krb5_principal_get_comp_string(context, p, 0);
inst = krb5_principal_get_comp_string(context, p, 1);
if (name == NULL || inst == NULL)
if ((strcmp(realm, p->realm) == 0)
&& (strcmp(service, name) == 0))
return 1;
if ((strcmp(realm, p->realm) == 0)
&& (strcmp(service, name) == 0))
return 1;
/*
* Search the given keytab file looking for an entry with the given
/*
* Search the given keytab file looking for an entry with the given
krb5_kt_cursor cursor;
krb5_error_code code;
struct gssd_k5_kt_princ *ple;
krb5_kt_cursor cursor;
krb5_error_code code;
struct gssd_k5_kt_princ *ple;
+ int retval = -1, status;
char kt_name[BUFSIZ];
char *pname;
char *k5err = NULL;
char kt_name[BUFSIZ];
char *pname;
char *k5err = NULL;
printerr(4, "Processing keytab entry for principal '%s'\n",
pname);
/* Use the first matching keytab entry found */
printerr(4, "Processing keytab entry for principal '%s'\n",
pname);
/* Use the first matching keytab entry found */
- if ((realm_and_service_match(context, kte->principal, realm,
- service))) {
+#ifdef HAVE_KRB5
+ status = realm_and_service_match(kte->principal, realm, service);
+#else
+ status = realm_and_service_match(context, kte->principal, realm, service);
+#endif
+ if (status) {
printerr(4, "We WILL use this entry (%s)\n", pname);
ple = get_ple_by_princ(context, kte->principal);
/*
printerr(4, "We WILL use this entry (%s)\n", pname);
ple = get_ple_by_princ(context, kte->principal);
/*
-limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid)
+limit_krb5_enctypes(struct rpc_gss_sec *sec)
{
u_int maj_stat, min_stat;
gss_cred_id_t credh;
{
u_int maj_stat, min_stat;
gss_cred_id_t credh;
void gssd_k5_get_default_realm(char **def_realm);
#ifdef HAVE_SET_ALLOWABLE_ENCTYPES
void gssd_k5_get_default_realm(char **def_realm);
#ifdef HAVE_SET_ALLOWABLE_ENCTYPES
-int limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid);
+int limit_krb5_enctypes(struct rpc_gss_sec *sec);