aklog: Use HAVE_ENCODE_KRB5_ENC_TKT_PART for aklog impersonate 25/13825/6
authorYadavendra Yadav <yadayada@in.ibm.com>
Wed, 28 Aug 2019 10:55:49 +0000 (15:55 +0530)
committerBenjamin Kaduk <kaduk@mit.edu>
Mon, 9 Sep 2019 04:34:07 +0000 (00:34 -0400)
In get_credv5_akimpersonate we use HAVE_ENCODE_KRB5_ENC_TKT which is not
defined, due to this we always return -1 from this routine for non
Heimdal case. We have a another define i.e
HAVE_ENCODE_KRB5_ENC_TKT_PART which is defined if
encode_krb5_enc_tkt_part function is present. In current code
encode_krb5_enc_tkt_part is called from krb5_encrypt_tkt_part and
krb5_encrypt_tkt_part is called from get_credv5_akimpersonate for non
Heimdal case. So we should change HAVE_ENCODE_KRB5_ENC_TKT to
HAVE_ENCODE_KRB5_ENC_TKT_PART.
Also while we're here, add a declaration for the internal function
encode_krb5_ticket, so we can build this newly-enabled code without
warnings.

Change-Id: I8f740e319ad279e284efaa407e6f92d0dc7a1bf6
Reviewed-on: https://gerrit.openafs.org/13825
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>

src/aklog/aklog.c

index f141554..4f9050f 100644 (file)
@@ -167,6 +167,11 @@ static int get_user_realm(krb5_context, char **);
 #error "Must have either krb5_princ_size or krb5_principal_get_comp_string"
 #endif
 
+#if defined(HAVE_ENCODE_KRB5_TICKET)
+extern krb5_error_code encode_krb5_ticket (const krb5_ticket *rep,
+                                          krb5_data **code);
+#endif
+
 #if !defined(HAVE_KRB5_ENCRYPT_TKT_PART) && defined(HAVE_ENCODE_KRB5_ENC_TKT_PART) && defined(HAVE_KRB5_C_ENCRYPT)
 extern krb5_error_code encode_krb5_enc_tkt_part (const krb5_enc_tkt_part *rep,
                                                 krb5_data **code);
@@ -1830,7 +1835,7 @@ get_credv5_akimpersonate(krb5_context context,
                         int *paddress,
                         krb5_creds** out_creds /* out */ )
 {
-#if defined(USING_HEIMDAL) || (defined(HAVE_ENCODE_KRB5_ENC_TKT) && defined(HAVE_ENCODE_KRB5_TICKET) && defined(HAVE_KRB5_C_ENCRYPT))
+#if defined(USING_HEIMDAL) || (defined(HAVE_ENCODE_KRB5_ENC_TKT_PART) && defined(HAVE_ENCODE_KRB5_TICKET) && defined(HAVE_KRB5_C_ENCRYPT))
     krb5_error_code code;
     krb5_keytab kt = 0;
     krb5_kt_cursor cursor[1];