2025-03-27 22:50:26 +03:00 · 2012-01-05 11:16:24 +11:00 · 2012-01-05 11:16:24 +11:00 · 39d73e2420
commit 39d73e2420
parent a33d86a745
4 changed files with 14 additions and 52 deletions
--- a/source3/configure.in
+++ b/source3/configure.in
@ -3879,7 +3879,6 @@ if test x"$with_ads_support" != x"no"; then
  AC_CHECK_FUNC_EXT(krb5_princ_size, $KRB5_LIBS)
  AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_set_pac_request, $KRB5_LIBS)
  AC_CHECK_FUNC_EXT(krb5_get_renewed_creds, $KRB5_LIBS)
-  AC_CHECK_FUNC_EXT(krb5_get_kdc_cred, $KRB5_LIBS)
  AC_CHECK_FUNC_EXT(krb5_free_error_contents, $KRB5_LIBS)
  AC_CHECK_FUNC_EXT(initialize_krb5_error_table, $KRB5_LIBS)
  AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_alloc, $KRB5_LIBS)
@ -4442,6 +4441,12 @@ if test x"$with_ads_support" != x"no"; then
    use_ads=no
  fi

+  if test x"$ac_cv_func_ext_krb5_get_renewed_creds" != x"yes"
+  then
+    AC_MSG_WARN(krb5_get_renewed_creds not found in -lkrb5)
+    use_ads=no
+  fi
+
  if test x"$ac_cv_func_ext_krb5_principal2salt" != x"yes" -a \
          x"$ac_cv_func_ext_krb5_get_pw_salt" != x"yes"
  then
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@ -1156,56 +1156,11 @@ out:
 		}
 	}

-#ifdef HAVE_KRB5_GET_RENEWED_CREDS	/* MIT */
-	{
-		ret = krb5_get_renewed_creds(context, &creds, client, ccache, discard_const_p(char, service_string));
-		if (ret) {
-			DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
-			goto done;
-		}
+	ret = krb5_get_renewed_creds(context, &creds, client, ccache, discard_const_p(char, service_string));
+	if (ret) {
+		DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
+		goto done;
 	}
-#elif defined(HAVE_KRB5_GET_KDC_CRED)	/* Heimdal */
-	{
-		krb5_kdc_flags flags;
-		krb5_realm *client_realm = NULL;
-
-		ret = krb5_copy_principal(context, client, &creds_in.client);
-		if (ret) {
-			goto done;
-		}
-
-		if (service_string) {
-			ret = smb_krb5_parse_name(context, service_string, &creds_in.server);
-			if (ret) { 
-				goto done;
-			}
-		} else {
-			/* build tgt service by default */
-			client_realm = krb5_princ_realm(context, creds_in.client);
-			if (!client_realm) {
-				ret = ENOMEM;
-				goto done;
-			}
-			ret = krb5_make_principal(context, &creds_in.server, *client_realm, KRB5_TGS_NAME, *client_realm, NULL);
-			if (ret) {
-				goto done;
-			}
-		}
-
-		flags.i = 0;
-		flags.b.renewable = flags.b.renew = True;
-
-		ret = krb5_get_kdc_cred(context, ccache, flags, NULL, NULL, &creds_in, &creds_out);
-		if (ret) {
-			DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
-			goto done;
-		}
-
-		creds = *creds_out;
-	}
-#else
-#error NO_SUITABLE_KRB5_TICKET_RENEW_FUNCTION_AVAILABLE
-#endif

 	/* hm, doesn't that create a new one if the old one wasn't there? - Guenther */
 	ret = krb5_cc_initialize(context, ccache, client);
--- a/source3/wscript
+++ b/source3/wscript
@ -584,7 +584,7 @@ krb5_krbhst_get_addrinfo krb5_c_enctype_compare
 krb5_crypto_init krb5_crypto_destroy krb5_decode_ap_req free_AP_REQ
 krb5_c_verify_checksum krb5_principal_compare_any_realm
 krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
-krb5_get_renewed_creds krb5_get_kdc_cred krb5_free_error_contents
+krb5_get_renewed_creds krb5_free_error_contents
 initialize_krb5_error_table krb5_get_init_creds_opt_alloc
 krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
 krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
@ -765,6 +765,9 @@ return krb5_kt_resolve(context, "WRFILE:api", &keytab);
        if not conf.CONFIG_SET('KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT'):
            Logs.warn("krb5_get_init_creds_opt_free was not found or was too old in -lkrb5")
            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_GET_RENEWED_CREDS'):
+            Logs.warn("krb5_get_renewed_creds not found in -lkrb5")
+            use_ads=False
        if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL2SALT') and \
           not conf.CONFIG_SET('HAVE_KRB5_GET_PW_SALT'):
            Logs.warn("no CREATE_KEY_FUNCTIONS detected")
--- a/source4/heimdal_build/wscript_configure
+++ b/source4/heimdal_build/wscript_configure
@ -117,7 +117,6 @@ conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC', 1)
 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_FREE', 1)
 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_GET_ERROR', 1)
 conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST', 1)
-conf.define('HAVE_KRB5_GET_KDC_CRED', 1)
 conf.define('HAVE_KRB5_GET_PW_SALT', 1)
 conf.define('HAVE_KRB5_GET_RENEWED_CREDS', 1)
 conf.define('HAVE_KRB5_KEYBLOCK_KEYVALUE', 1)