lean client changes
authorZhanna Tsitkov <tsitkova@mit.edu>
Wed, 20 Aug 2008 21:09:14 +0000 (21:09 +0000)
committerZhanna Tsitkov <tsitkova@mit.edu>
Wed, 20 Aug 2008 21:09:14 +0000 (21:09 +0000)
All changes are under LEAN_CLIENT macro. Application server functionality is disabled.

Ticket:new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20680 dc483132-0cff-0310-8789-dd5450dbe970

35 files changed:
src/lib/gssapi/gss_libinit.c
src/lib/gssapi/krb5/accept_sec_context.c
src/lib/gssapi/krb5/acquire_cred.c
src/lib/gssapi/krb5/add_cred.c
src/lib/gssapi/krb5/export_sec_context.c
src/lib/gssapi/krb5/gssapiP_krb5.h
src/lib/gssapi/krb5/krb5_gss_glue.c
src/lib/gssapi/krb5/rel_cred.c
src/lib/gssapi/mechglue/g_accept_sec_context.c
src/lib/gssapi/mechglue/g_exp_sec_context.c
src/lib/gssapi/mechglue/g_imp_sec_context.c
src/lib/gssapi/spnego/gssapiP_spnego.h
src/lib/gssapi/spnego/spnego_mech.c
src/lib/kdb/kdb_default.c
src/lib/krb5/keytab/kt_file.c
src/lib/krb5/keytab/kt_memory.c
src/lib/krb5/keytab/kt_srvtab.c
src/lib/krb5/keytab/ktadd.c
src/lib/krb5/keytab/ktbase.c
src/lib/krb5/keytab/ktdefault.c
src/lib/krb5/keytab/ktfns.c
src/lib/krb5/keytab/ktfr_entry.c
src/lib/krb5/keytab/ktremove.c
src/lib/krb5/keytab/read_servi.c
src/lib/krb5/krb/gic_keytab.c
src/lib/krb5/krb/gic_pwd.c
src/lib/krb5/krb/in_tkt_sky.c
src/lib/krb5/krb/rd_req.c
src/lib/krb5/krb/rd_req_dec.c
src/lib/krb5/krb/ser_ctx.c
src/lib/krb5/krb/srv_dec_tkt.c
src/lib/krb5/krb5_libinit.c
src/lib/krb5/os/accessor.c
src/util/collected-client-lib/libcollected.exports
src/util/profile/prof_init.c

index bb90857132358f4f331f300f349b3e70a40313bc..4c1755fd26361ddf01f50653062585e0262726ab 100644 (file)
@@ -31,9 +31,11 @@ int gssint_lib_init(void)
     err = gssint_mechglue_init();
     if (err)
        return err;
+#ifndef LEAN_CLIENT
     err = k5_mutex_finish_init(&gssint_krb5_keytab_lock);
     if (err)
        return err;
+#endif /* LEAN_CLIENT */
     err = k5_key_register(K5_KEY_GSS_KRB5_SET_CCACHE_OLD_NAME, free);
     if (err)
        return err;
@@ -76,7 +78,9 @@ void gssint_lib_fini(void)
 #ifndef _WIN32
     k5_mutex_destroy(&kg_kdc_flag_mutex);
 #endif
+#ifndef LEAN_CLIENT
     k5_mutex_destroy(&gssint_krb5_keytab_lock);
+#endif /* LEAN_CLIENT */
     gssint_mecherrmap_destroy();
     gssint_mechglue_fini();
 }
index d7f1225137d204cde53668d343c9cc6da8ec78d7..6b3e0bf0eaad0d6e461ac269dda2b92fb15bfe53 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000, 2004, 2007  by the Massachusetts Institute of Technology.
+ * Copyright 2000, 2004, 2007, 2008  by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
 #endif
 #include <assert.h>
 
+
 #ifdef CFX_EXERCISE
 #define CFX_ACCEPTOR_SUBKEY (time(0) & 1)
 #else
 #define CFX_ACCEPTOR_SUBKEY 1
 #endif
 
+#ifndef LEAN_CLIENT 
+
 /* Decode, decrypt and store the forwarded creds in the local ccache. */
 static krb5_error_code
 rd_and_store_for_creds(context, auth_context, inbuf, out_cred)
@@ -206,6 +209,7 @@ cleanup:
     return retval;
 }
 
+
 OM_uint32
 krb5_gss_accept_sec_context(minor_status, context_handle, 
                            verifier_cred_handle, input_token,
@@ -1001,3 +1005,5 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
    }
    return (major_status);
 }
+#endif /* LEAN_CLIENT */
+
index 7754e2452e38f65cfca6f67784fc7cea169277cb..55d19fd5af759ce4208ca498e97434fcfd24d85f 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 2000, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -91,6 +91,7 @@ static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,
 static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
 #endif
 
+#ifndef LEAN_CLIENT
 k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 static char *krb5_gss_keytab = NULL;
 
@@ -204,6 +205,7 @@ acquire_accept_cred(context, minor_status, desired_name, output_princ, cred)
 
    return(GSS_S_COMPLETE);
 }
+#endif /* LEAN_CLIENT */
 
 /* get credentials corresponding to the default credential cache.
    If the default name is requested, return the name in output_princ.
@@ -507,7 +509,9 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
    cred->prerfc_mech = req_old;
    cred->rfc_mech = req_new;
 
+#ifndef LEAN_CLIENT
    cred->keytab = NULL;
+#endif /* LEAN_CLIENT */
    cred->ccache = NULL;
 
    code = k5_mutex_init(&cred->lock);
@@ -532,7 +536,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
 
    /* if requested, acquire credentials for accepting */
    /* this will fill in cred->princ if the desired_name is not specified */
-
+#ifndef LEAN_CLIENT
    if ((cred_usage == GSS_C_ACCEPT) ||
        (cred_usage == GSS_C_BOTH))
       if ((ret = acquire_accept_cred(context, minor_status, desired_name,
@@ -547,6 +551,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
         krb5_free_context(context);
         return(ret);
       }
+#endif /* LEAN_CLIENT */
 
    /* if requested, acquire credentials for initiation */
    /* this will fill in cred->princ if it wasn't set above, and
@@ -559,8 +564,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
                             cred->princ?(gss_name_t)cred->princ:desired_name,
                             &(cred->princ), cred))
          != GSS_S_COMPLETE) {
+#ifndef LEAN_CLIENT
         if (cred->keytab)
            krb5_kt_close(context, cred->keytab);
+#endif /* LEAN_CLIENT */
         if (cred->princ)
            krb5_free_principal(context, cred->princ);
          k5_mutex_destroy(&cred->lock);
@@ -578,8 +585,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
                                      &(cred->princ)))) {
         if (cred->ccache)
            (void)krb5_cc_close(context, cred->ccache);
+#ifndef LEAN_CLIENT
         if (cred->keytab)
            (void)krb5_kt_close(context, cred->keytab);
+#endif /* LEAN_CLIENT */
          k5_mutex_destroy(&cred->lock);
          xfree(cred);
         *minor_status = code;
@@ -601,8 +610,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
       if ((code = krb5_timeofday(context, &now))) {
         if (cred->ccache)
            (void)krb5_cc_close(context, cred->ccache);
+#ifndef LEAN_CLIENT
         if (cred->keytab)
            (void)krb5_kt_close(context, cred->keytab);
+#endif /* LEAN_CLIENT */
         if (cred->princ)
            krb5_free_principal(context, cred->princ);
          k5_mutex_destroy(&cred->lock);
@@ -632,8 +643,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
                                                           &ret_mechs)))) {
           if (cred->ccache)
               (void)krb5_cc_close(context, cred->ccache);
+#ifndef LEAN_CLIENT
           if (cred->keytab)
               (void)krb5_kt_close(context, cred->keytab);
+#endif /* LEAN_CLIENT */
           if (cred->princ)
               krb5_free_principal(context, cred->princ);
            k5_mutex_destroy(&cred->lock);
@@ -651,8 +664,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
       free(ret_mechs);
       if (cred->ccache)
         (void)krb5_cc_close(context, cred->ccache);
+#ifndef LEAN_CLIENT
       if (cred->keytab)
         (void)krb5_kt_close(context, cred->keytab);
+#endif /* LEAN_CLIENT */
       if (cred->princ)
         krb5_free_principal(context, cred->princ);
       k5_mutex_destroy(&cred->lock);
index 3ac32fc2e76d724754c79f595371eab431a8abe0..fdcd9c0d33af0e695ab800d151c8f56dd8692e61 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 2000, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -209,7 +209,7 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
            krb5_free_context(context);
            return(GSS_S_FAILURE);
        }
-           
+#ifndef LEAN_CLIENT 
        if (cred->keytab) {
            kttype = krb5_kt_get_type(context, cred->keytab);
            if ((strlen(kttype)+2) > sizeof(ktboth)) {
@@ -252,16 +252,21 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
                return(GSS_S_FAILURE);
            }
        } else {
+#endif /* LEAN_CLIENT */
            new_cred->keytab = NULL;
+#ifndef LEAN_CLIENT 
        }
+#endif /* LEAN_CLIENT */
                
        if (cred->rcache) {
            /* Open the replay cache for this principal. */
            if ((code = krb5_get_server_rcache(context,
                                               krb5_princ_component(context, cred->princ, 0),
                                               &new_cred->rcache))) {
+#ifndef LEAN_CLIENT 
                if (new_cred->keytab)
                    krb5_kt_close(context, new_cred->keytab);
+#endif /* LEAN_CLIENT */
                if (new_cred->princ)
                    krb5_free_principal(context, new_cred->princ);
                xfree(new_cred);
@@ -282,8 +287,10 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
            if ((strlen(cctype)+strlen(ccname)+2) > sizeof(ccboth)) {
                if (new_cred->rcache)
                    krb5_rc_close(context, new_cred->rcache);
+#ifndef LEAN_CLIENT 
                if (new_cred->keytab)
                    krb5_kt_close(context, new_cred->keytab);
+#endif /* LEAN_CLIENT */
                if (new_cred->princ)
                krb5_free_principal(context, new_cred->princ);
                xfree(new_cred);
@@ -302,8 +309,10 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
            if (code) {
                if (new_cred->rcache)
                    krb5_rc_close(context, new_cred->rcache);
+#ifndef LEAN_CLIENT 
                if (new_cred->keytab)
                    krb5_kt_close(context, new_cred->keytab);
+#endif /* LEAN_CLIENT */
                if (new_cred->princ)
                    krb5_free_principal(context, new_cred->princ);
                xfree(new_cred);
@@ -324,8 +333,10 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
                krb5_cc_close(context, new_cred->ccache);
            if (new_cred->rcache)
                krb5_rc_close(context, new_cred->rcache);
+#ifndef LEAN_CLIENT 
            if (new_cred->keytab)
                krb5_kt_close(context, new_cred->keytab);
+#endif /* LEAN_CLIENT */
            if (new_cred->princ)
            krb5_free_principal(context, new_cred->princ);
            xfree(new_cred);
index 867d4d6f5027733713638ad515c01a135f90cd15..f20d853d05e7d15891d0f392cc616a5f66d981ac 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/gssapi/krb5/export_sec_context.c
  *
- * Copyright 1995, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 1995, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -29,7 +29,7 @@
  * export_sec_context.c        - Externalize the security context.
  */
 #include "gssapiP_krb5.h"
-
+#ifndef LEAN_CLIENT
 OM_uint32
 krb5_gss_export_sec_context(minor_status, context_handle, interprocess_token)
     OM_uint32          *minor_status;
@@ -103,3 +103,4 @@ error_out:
            *minor_status = (OM_uint32) kret;
     return(retval);
 }
+#endif /* LEAN_CLIENT */
index 57c2ed9ea6a835f32bc384af461eb10be2bb3677..33036fc534ab39ffb3660e5f4076b75ab722d448 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 2000, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -211,7 +211,9 @@ typedef struct _krb5_gss_ctx_id_rec {
 
 extern g_set kg_vdb;
 
+#ifndef LEAN_CLIENT
 extern k5_mutex_t gssint_krb5_keytab_lock;
+#endif /* LEAN_CLIENT */
 
 /* helper macros */
 
@@ -363,6 +365,7 @@ OM_uint32 krb5_gss_init_sec_context
             OM_uint32*        /* time_rec */
            );
 
+#ifndef LEAN_CLIENT
 OM_uint32 krb5_gss_accept_sec_context
 (OM_uint32*,       /* minor_status */
             gss_ctx_id_t*,    /* context_handle */
@@ -377,6 +380,7 @@ OM_uint32 krb5_gss_accept_sec_context
             OM_uint32*,       /* time_rec */
             gss_cred_id_t*    /* delegated_cred_handle */
            );
+#endif /* LEAN_CLIENT */
 
 OM_uint32 krb5_gss_process_context_token
 (OM_uint32*,       /* minor_status */
@@ -459,6 +463,7 @@ OM_uint32 krb5_gss_display_name
             gss_OID*         /* output_name_type */
            );
 
+
 OM_uint32 krb5_gss_import_name
 (OM_uint32*,       /* minor_status */
             gss_buffer_t,     /* input_name_buffer */
@@ -574,7 +579,7 @@ OM_uint32 krb5_gss_inquire_cred_by_mech
            OM_uint32 *,                /* acceptor_lifetime */
            gss_cred_usage_t *          /* cred_usage */
           );
-
+#ifndef LEAN_CLIENT
 OM_uint32 krb5_gss_export_sec_context
 (OM_uint32 *,          /* minor_status */
            gss_ctx_id_t *,             /* context_handle */
@@ -586,6 +591,7 @@ OM_uint32 krb5_gss_import_sec_context
            gss_buffer_t,               /* interprocess_token */
            gss_ctx_id_t *              /* context_handle */
            );
+#endif /* LEAN_CLIENT */
 
 krb5_error_code krb5_gss_ser_init(krb5_context);
 
index 77cf0da5eef4dd503f80badedb01a116d93c3678..3b2054bd6b7103d519682f9e36aa1d9dcf296c8f 100644 (file)
@@ -27,6 +27,7 @@
 #include "gssapiP_krb5.h"
 #include "mglueP.h"
 
+
 /** mechglue wrappers **/
 
 static OM_uint32 k5glue_acquire_cred
@@ -61,7 +62,8 @@ static OM_uint32 k5glue_init_sec_context
             OM_uint32*,       /* ret_flags */
             OM_uint32*        /* time_rec */
            );
-
+                  
+#ifndef LEAN_CLIENT
 static OM_uint32 k5glue_accept_sec_context
 (void *, OM_uint32*,       /* minor_status */
             gss_ctx_id_t*,    /* context_handle */
@@ -76,6 +78,7 @@ static OM_uint32 k5glue_accept_sec_context
             OM_uint32*,       /* time_rec */
             gss_cred_id_t*    /* delegated_cred_handle */
            );
+#endif   /* LEAN_CLIENT */
 
 static OM_uint32 k5glue_process_context_token
 (void *, OM_uint32*,       /* minor_status */
@@ -94,7 +97,7 @@ static OM_uint32 k5glue_context_time
             gss_ctx_id_t,     /* context_handle */
             OM_uint32*        /* time_rec */
            );
-
+                  
 static OM_uint32 k5glue_sign
 (void *, OM_uint32*,       /* minor_status */
             gss_ctx_id_t,     /* context_handle */
@@ -156,7 +159,7 @@ static OM_uint32 k5glue_display_name
             gss_name_t,      /* input_name */
             gss_buffer_t,    /* output_name_buffer */
             gss_OID*         /* output_name_type */
-           );
+          );
 
 static OM_uint32 k5glue_import_name
 (void *, OM_uint32*,       /* minor_status */
@@ -278,6 +281,7 @@ static OM_uint32 k5glue_inquire_cred_by_mech
            gss_cred_usage_t *          /* cred_usage */
           );
 
+#ifndef LEAN_CLIENT
 static OM_uint32 k5glue_export_sec_context
 (void *, OM_uint32 *,          /* minor_status */
            gss_ctx_id_t *,             /* context_handle */
@@ -289,6 +293,7 @@ static OM_uint32 k5glue_import_sec_context
            gss_buffer_t,               /* interprocess_token */
            gss_ctx_id_t *              /* context_handle */
            );
+#endif /* LEAN_CLIENT */
 
 krb5_error_code k5glue_ser_init(krb5_context);
 
@@ -338,13 +343,14 @@ static OM_uint32 k5glue_validate_cred
  * ensure that both dispatch tables contain identical function
  * pointers.
  */
+#ifndef LEAN_CLIENT    
 #define KRB5_GSS_CONFIG_INIT                           \
     NULL,                                              \
     k5glue_acquire_cred,                               \
     k5glue_release_cred,                               \
     k5glue_init_sec_context,                           \
     k5glue_accept_sec_context,                         \
-    k5glue_process_context_token,                      \
+       k5glue_process_context_token,                   \
     k5glue_delete_sec_context,                         \
     k5glue_context_time,                               \
     k5glue_sign,                                       \
@@ -369,6 +375,42 @@ static OM_uint32 k5glue_validate_cred
     k5glue_export_name,                                        \
     NULL                       /* store_cred */
 
+#else  /* LEAN_CLIENT */
+
+#define KRB5_GSS_CONFIG_INIT                           \
+    NULL,                                              \
+    k5glue_acquire_cred,                               \
+    k5glue_release_cred,                               \
+    k5glue_init_sec_context,                           \
+    NULL,                                              \
+       k5glue_process_context_token,                   \
+    k5glue_delete_sec_context,                         \
+    k5glue_context_time,                               \
+    k5glue_sign,                                       \
+    k5glue_verify,                                     \
+    k5glue_seal,                                       \
+    k5glue_unseal,                                     \
+    k5glue_display_status,                             \
+    k5glue_indicate_mechs,                             \
+    k5glue_compare_name,                               \
+    k5glue_display_name,                               \
+    k5glue_import_name,                                        \
+    k5glue_release_name,                               \
+    k5glue_inquire_cred,                               \
+    k5glue_add_cred,                                   \
+    NULL,                                              \
+    NULL,                                              \
+    k5glue_inquire_cred_by_mech,                       \
+    k5glue_inquire_names_for_mech,                     \
+    k5glue_inquire_context,                            \
+    k5glue_internal_release_oid,                       \
+    k5glue_wrap_size_limit,                            \
+    k5glue_export_name,                                        \
+    NULL                       /* store_cred */
+
+#endif /* LEAN_CLIENT */       
+
+
 static struct gss_config krb5_mechanism = {
     100, "kerberos_v5",
     { GSS_MECH_KRB5_OID_LENGTH, GSS_MECH_KRB5_OID },
@@ -414,6 +456,7 @@ gssint_get_mech_configs(void)
     return krb5_mech_configs;
 }
 
+#ifndef LEAN_CLIENT
 static OM_uint32
 k5glue_accept_sec_context(ctx, minor_status, context_handle, verifier_cred_handle,
                       input_token, input_chan_bindings, src_name, mech_type, 
@@ -443,6 +486,7 @@ k5glue_accept_sec_context(ctx, minor_status, context_handle, verifier_cred_handl
                                      time_rec,
                                      delegated_cred_handle));
 }
+#endif /* LEAN_CLIENT */
 
 static OM_uint32
 k5glue_acquire_cred(ctx, minor_status, desired_name, time_req, desired_mechs,
@@ -579,7 +623,7 @@ k5glue_display_status(ctx, minor_status, status_value, status_type,
                                  status_type, mech_type, message_context,
                                  status_string));
 }
-
+#ifndef LEAN_CLIENT
 /* V2 */
 static OM_uint32
 k5glue_export_sec_context(ctx, minor_status, context_handle, interprocess_token)
@@ -592,7 +636,7 @@ k5glue_export_sec_context(ctx, minor_status, context_handle, interprocess_token)
                                      context_handle,
                                      interprocess_token));
 }
-
+#endif /* LEAN_CLIENT */
 #if 0
 /* V2 */
 static OM_uint32
@@ -630,6 +674,7 @@ k5glue_import_name(ctx, minor_status, input_name_buffer, input_name_type, output
                                input_name_type, output_name));
 }
 
+#ifndef LEAN_CLIENT
 /* V2 */
 static OM_uint32
 k5glue_import_sec_context(ctx, minor_status, interprocess_token, context_handle)
@@ -642,6 +687,7 @@ k5glue_import_sec_context(ctx, minor_status, interprocess_token, context_handle)
                                      interprocess_token,
                                      context_handle));
 }
+#endif /* LEAN_CLIENT */
 
 static OM_uint32
 k5glue_indicate_mechs(ctx, minor_status, mech_set)
index efd9a4f4dc9770492badf96a1d69d19d00a66a9f..1b4a6ce55c8c8fcf1429bce956c4552ff41f5e45 100644 (file)
@@ -59,9 +59,11 @@ krb5_gss_release_cred(minor_status, cred_handle)
    else
       code1 = 0;
 
+#ifndef LEAN_CLIENT 
    if (cred->keytab)
       code2 = krb5_kt_close(context, cred->keytab);
    else
+#endif /* LEAN_CLIENT */
       code2 = 0;
 
    if (cred->rcache)
index c12e2bf4ff9becded1058e4a7bf4906de27c504a..9527895eee357477af3985db49cb1dd48d0fa068 100644 (file)
@@ -33,6 +33,7 @@
 #include <string.h>
 #include <errno.h>
 
+#ifndef LEAN_CLIENT
 static OM_uint32
 val_acc_sec_ctx_args(
     OM_uint32 *minor_status,
@@ -84,7 +85,6 @@ val_acc_sec_ctx_args(
     return (GSS_S_COMPLETE);
 }
 
-
 OM_uint32 KRB5_CALLCONV
 gss_accept_sec_context (minor_status,
                         context_handle,
@@ -361,4 +361,5 @@ error_out:
 
     return (status);
 }
+#endif /* LEAN_CLIENT */
 
index 28e25b325a37cbb5525e1fcdcf5e6c943843c802..cf9905f8306bfc456d4d4f9a9825385dffb1612b 100644 (file)
@@ -25,6 +25,7 @@
 /*
  *  glue routine for gss_export_sec_context
  */
+#ifndef LEAN_CLIENT
 
 #include "mglueP.h"
 #include <stdio.h>
@@ -135,3 +136,4 @@ gss_buffer_t                interprocess_token;
     
     return(GSS_S_COMPLETE);
 }
+#endif /*LEAN_CLIENT */
index f83d86170742360720a073d33283a2ac9cfa6e49..2b7aacf1027be2d9c1f6512ebbfcd2f75d82b85a 100644 (file)
@@ -26,6 +26,8 @@
  *  glue routine gss_export_sec_context
  */
 
+#ifndef LEAN_CLIENT
+
 #include "mglueP.h"
 #include <stdio.h>
 #include <errno.h>
@@ -162,3 +164,4 @@ error_out:
     }
     return status;
 }
+#endif /* LEAN_CLIENT */
index 1c8fd7a7b5e5f7ed597dd741c662fe9a78b7e0de..717181c6b2d1987390e2c265b86e7d042d5d4dca 100644 (file)
@@ -167,6 +167,7 @@ OM_uint32 spnego_gss_init_sec_context
        OM_uint32 *             /* time_rec */
 );
 
+#ifndef LEAN_CLIENT
 OM_uint32 spnego_gss_accept_sec_context
 (
        void *,                 /* spnego context */
@@ -183,6 +184,7 @@ OM_uint32 spnego_gss_accept_sec_context
        /* CSTYLED */
        gss_cred_id_t *         /* delegated_cred_handle */
 );
+#endif /* LEAN_CLIENT */
 
 OM_uint32 spnego_gss_display_name
 (
@@ -276,7 +278,7 @@ OM_uint32 spnego_gss_context_time
        const gss_ctx_id_t context_handle,
        OM_uint32       *time_rec
 );
-
+#ifndef LEAN_CLIENT
 OM_uint32 spnego_gss_export_sec_context
 (
        void *context,
@@ -292,6 +294,7 @@ OM_uint32 spnego_gss_import_sec_context
        const gss_buffer_t      interprocess_token,
        gss_ctx_id_t            *context_handle
 );
+#endif /* LEAN_CLIENT */
 
 OM_uint32 spnego_gss_inquire_context
 (
index 9f68a6ccdf865bba653047a5956f7aa5c012d3e3..775306f0bec7dff4e75e48c801eef970e9909f75 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006,2007 by the Massachusetts Institute of Technology.
+ * Copyright (C) 2006,2008 by the Massachusetts Institute of Technology.
  * All rights reserved.
  *
  * Export of this software from the United States of America may
@@ -45,6 +45,7 @@
 #include       "gssapiP_spnego.h"
 #include       <gssapi_err_generic.h>
 
+
 #undef g_token_size
 #undef g_verify_token_header
 #undef g_make_token_header
@@ -164,7 +165,11 @@ static struct gss_config spnego_mechanism =
        spnego_gss_acquire_cred,
        spnego_gss_release_cred,
        spnego_gss_init_sec_context,
+#ifndef LEAN_CLIENT
        spnego_gss_accept_sec_context,
+#else
+       NULL,                           
+#endif  /* LEAN_CLIENT */
        NULL,                           /* gss_process_context_token */
        spnego_gss_delete_sec_context,  /* gss_delete_sec_context */
        spnego_gss_context_time,        /* gss_context_time */
@@ -180,8 +185,13 @@ static struct gss_config spnego_mechanism =
        spnego_gss_release_name,
        NULL,                           /* gss_inquire_cred */
        NULL,                           /* gss_add_cred */
-       spnego_gss_export_sec_context,  /* gss_export_sec_context */
-       spnego_gss_import_sec_context,  /* gss_import_sec_context */
+#ifndef LEAN_CLIENT
+       spnego_gss_export_sec_context,          /* gss_export_sec_context */
+       spnego_gss_import_sec_context,          /* gss_import_sec_context */
+#else
+       NULL,                           /* gss_export_sec_context */
+       NULL,                           /* gss_import_sec_context */
+#endif /* LEAN_CLIENT */
        NULL,                           /* gss_inquire_cred_by_mech */
        spnego_gss_inquire_names_for_mech,
        spnego_gss_inquire_context,     /* gss_inquire_context */
@@ -1091,7 +1101,7 @@ cleanup:
        gss_release_oid_set(&tmpmin, &mech_set);
        return ret;
 }
-
+#ifndef LEAN_CLIENT
 /*
  * Wrap call to gss_accept_sec_context() and update state
  * accordingly.
@@ -1290,6 +1300,7 @@ cleanup:
        }
        return ret;
 }
+#endif /*  LEAN_CLIENT */
 
 
 /*ARGSUSED*/
@@ -1336,6 +1347,7 @@ spnego_gss_display_status(void *ctx,
        return (GSS_S_COMPLETE);
 }
 
+
 /*ARGSUSED*/
 OM_uint32
 spnego_gss_import_name(void *ctx,
@@ -1389,6 +1401,7 @@ spnego_gss_display_name(void *ctx,
        return (status);
 }
 
+
 /*ARGSUSED*/
 OM_uint32
 spnego_gss_inquire_names_for_mech(void *ctx,
@@ -1529,7 +1542,7 @@ spnego_gss_context_time(void *context,
                            time_rec);
        return (ret);
 }
-
+#ifndef LEAN_CLIENT
 OM_uint32
 spnego_gss_export_sec_context(void *context,
                            OM_uint32     *minor_status,
@@ -1555,6 +1568,7 @@ spnego_gss_import_sec_context(void *context,
                                    context_handle);
        return (ret);
 }
+#endif /* LEAN_CLIENT */
 
 OM_uint32
 spnego_gss_inquire_context(void *context,
index bf4ba358499f00b69d3717f6fb21cd3ce35a209b..b792b3846a640dd7f1e3d62f0b1086e328238fe7 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/kdb/kdb_helper.c
  *
- * Copyright 1995, 2007 by the Massachusetts Institute of Technology. 
+ * Copyright 1995, 2008 by the Massachusetts Institute of Technology. 
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -144,8 +144,10 @@ krb5_def_store_mkey(krb5_context   context,
     char defkeyfile[MAXPATHLEN+1];
     char *tmp_ktname = NULL, *tmp_ktpath;
     krb5_data *realm = krb5_princ_realm(context, mname);
+#ifndef LEAN_CLIENT 
     krb5_keytab kt;
     krb5_keytab_entry new_entry;
+#endif /* LEAN_CLIENT */
     struct stat stb;
     int statrc;
 
@@ -190,6 +192,7 @@ krb5_def_store_mkey(krb5_context   context,
         goto out;
     }
 
+#ifndef LEAN_CLIENT 
     /* create new stash keytab using temp file name */
     retval = krb5_kt_resolve(context, tmp_ktname, &kt);
     if (retval != 0)
@@ -199,7 +202,7 @@ krb5_def_store_mkey(krb5_context   context,
     new_entry.principal = mname;
     new_entry.key = *key;
     new_entry.vno = kvno;
-
+#endif /* LEAN_CLIENT */
     /*
      * Set tmp_ktpath to point to the keyfile path (skip WRFILE:).  Subtracting
      * 1 to account for NULL terminator in sizeof calculation of a string
@@ -207,6 +210,7 @@ krb5_def_store_mkey(krb5_context   context,
      */
     tmp_ktpath = tmp_ktname + (sizeof("WRFILE:") - 1);
 
+#ifndef LEAN_CLIENT 
     retval = krb5_kt_add_entry(context, kt, &new_entry);
     if (retval != 0) {
         /* delete tmp keyfile if it exists and an error occurrs */
@@ -221,6 +225,7 @@ krb5_def_store_mkey(krb5_context   context,
                 tmp_ktpath, keyfile, error_message(errno));
         }
     }
+#endif /* LEAN_CLIENT */
 
 out:
     if (tmp_ktname != NULL)
@@ -309,6 +314,7 @@ krb5_db_def_fetch_mkey_stash(krb5_context   context,
     return retval;
 }
 
+#ifndef LEAN_CLIENT 
 static krb5_error_code
 krb5_db_def_fetch_mkey_keytab(krb5_context   context,
                               const char     *keyfile,
@@ -369,6 +375,7 @@ krb5_db_def_fetch_mkey_keytab(krb5_context   context,
 errout:
     return retval;
 }
+#endif /* LEAN_CLIENT */
 
 krb5_error_code
 krb5_db_def_fetch_mkey(krb5_context   context,
@@ -394,15 +401,19 @@ krb5_db_def_fetch_mkey(krb5_context   context,
     /* null terminate no matter what */
     keyfile[sizeof(keyfile) - 1] = '\0';
 
+#ifndef LEAN_CLIENT 
     /* assume the master key is in a keytab */
     retval_kt = krb5_db_def_fetch_mkey_keytab(context, keyfile, mname, key, kvno);
     if (retval_kt != 0) {
+#endif /* LEAN_CLIENT */
         /*
          * If it's not in a keytab, fall back and try getting the mkey from the
          * older stash file format.
          */
         retval_ofs = krb5_db_def_fetch_mkey_stash(context, keyfile, key, kvno);
+#ifndef LEAN_CLIENT 
     }
+#endif /* LEAN_CLIENT */
 
     if (retval_kt != 0 && retval_ofs != 0) {
         /*
index 357bb124650b8cf299e9502eceb8c10e6c8d1fa8..cd2298ba546111900295f05cafff3e795a80952c 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/kt_file.c
  *
- * Copyright 1990,1991,1995,2007 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,1995,2007,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -25,6 +25,8 @@
  * 
  */
 
+#ifndef LEAN_CLIENT
+
 #include "k5-int.h"
 #include <stdio.h>
 
@@ -1768,3 +1770,5 @@ krb5_ktfileint_find_slot(krb5_context context, krb5_keytab id, krb5_int32 *size_
 
     return 0;
 }
+#endif /* LEAN_CLIENT */
+
index bf9634e53a90770fd507572308579d44482f3dd9..eb1dd77e03c1f24405235a73290e8c14a65dd6a0 100644 (file)
@@ -28,6 +28,8 @@
 #include "kt-int.h"
 #include <stdio.h>
 
+#ifndef LEAN_CLIENT
+
 #define HEIMDAL_COMPATIBLE
 
 /*
@@ -674,3 +676,5 @@ const struct _krb5_kt_ops krb5_mkt_ops = {
     NULL
 };
 
+#endif /* LEAN_CLIENT */
+
index 77546446e0925fe44e3e1dc55629bde120cd770a..2bc46034543337fb78be9ae8b31b966e1c9f2307 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/srvtab/kts_resolv.c
  *
- * Copyright 1990,1991,2002,2007 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2002,2007,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -27,6 +27,8 @@
 #include "k5-int.h"
 #include <stdio.h>
 
+#ifndef LEAN_CLIENT 
+
 /*
  * Constants
  */
@@ -472,3 +474,5 @@ krb5_ktsrvint_read_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry
 
     return 0;
 }
+#endif /* LEAN_CLIENT */
+
index b7c1b92164de346209a3dc1e30976e7f07340aab..360dd64cd7c519686068b6e0b6a991b37c2708e4 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktadd.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -29,6 +29,8 @@
 
 #include "k5-int.h"
 
+#ifndef LEAN_CLIENT
+
 krb5_error_code KRB5_CALLCONV
 krb5_kt_add_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry)
 {
@@ -37,3 +39,5 @@ krb5_kt_add_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entr
     else
        return KRB5_KT_NOWRITE;
 }
+#endif /* LEAN_CLIENT */
+
index 3e4f6a6be615789743231f4ccc6c9350f91cbeb5..b68b351c6a0ae2ac930578121bee6a13582718f7 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktbase.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -53,6 +53,8 @@
 #include "k5-thread.h"
 #include "kt-int.h"
 
+#ifndef LEAN_CLIENT
+
 extern const krb5_kt_ops krb5_ktf_ops;
 extern const krb5_kt_ops krb5_ktf_writable_ops;
 extern const krb5_kt_ops krb5_kts_ops;
@@ -283,3 +285,5 @@ krb5_ser_keytab_init(krb5_context kcontext)
 {
     return(krb5_register_serializer(kcontext, &krb5_keytab_ser_entry));
 }
+#endif /* LEAN_CLIENT */
+
index 971f29f599a2731fae6fcd32cce0a7dbbcbea03e..3d7ee0946c71a1888f3b063d52b6f1394970aaf2 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktdefault.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -30,6 +30,7 @@
 #include "k5-int.h"
 #include <stdio.h>
 
+#ifndef LEAN_CLIENT
 krb5_error_code KRB5_CALLCONV
 krb5_kt_default(krb5_context context, krb5_keytab *id)
 {
@@ -41,5 +42,5 @@ krb5_kt_default(krb5_context context, krb5_keytab *id)
     return krb5_kt_resolve(context, defname, id);
 }
 
-
+#endif /* LEAN_CLIENT */
 
index 24d8eb267b01bd5268135e00cedda567b56985df..9239f3d1678bdd64b45eb0192c43c2e799f36d4d 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktfns.c
  *
- * Copyright 2001 by the Massachusetts Institute of Technology.
+ * Copyright 2001,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -28,6 +28,8 @@
  * Dispatch methods for keytab code.
  */
 
+#ifndef LEAN_CLIENT 
+
 #include "k5-int.h"
 
 const char * KRB5_CALLCONV
@@ -94,3 +96,5 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab,
 {
     return krb5_x((keytab)->ops->end_get,(context, keytab, cursor));
 }
+#endif /* LEAN_CLIENT */
+
index b4305e21afe563a2c6e5c112255e8b6718bb21cc..e0462325464928be7c54d5cf43239ba797e14707 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktfr_entry.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -26,6 +26,7 @@
  *
  * krb5_kt_free_entry()
  */
+#ifndef LEAN_CLIENT 
 
 #include "k5-int.h"
 
@@ -48,3 +49,5 @@ krb5_kt_free_entry (krb5_context context, krb5_keytab_entry *entry)
 {
     return krb5_free_keytab_entry_contents (context, entry);
 }
+#endif /* LEAN_CLIENT */
+
index d101a70651e9408e6d9edcb643a067a6a5509822..4ba6063f72ff664007e7f07c6939bc3f760cfc78 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/ktremove.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -26,6 +26,7 @@
  *
  * krb5_kt_remove_entry()
  */
+#ifndef LEAN_CLIENT 
 
 #include "k5-int.h"
 
@@ -37,3 +38,5 @@ krb5_kt_remove_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *e
     else
        return KRB5_KT_NOWRITE;
 }
+#endif /* LEAN_CLIENT  */
+
index 3455300ab0c91fe50ee60beae305b4bfd58e2062..6638a5a9270bcfc928b582d82fc4ae2076813220 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/keytab/read_servi.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -29,6 +29,7 @@
  * It handles all of the opening and closing of the keytab 
  * internally. 
  */
+#ifndef LEAN_CLIENT 
 
 #include "k5-int.h"
 
@@ -79,3 +80,5 @@ krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, krb5_pri
 
     return (KSUCCESS);
 }
+#endif /* LEAN_CLIENT */
+
index cae04955aee5825838f4e5463ceb666d29560b79..7e60b2d198c1e9e337a32a0197ff586990d0424e 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/krb/gic_keytab.c
  *
- * Copyright (C) 2002, 2003 by the Massachusetts Institute of Technology.
+ * Copyright (C) 2002, 2003, 2008 by the Massachusetts Institute of Technology.
  * All rights reserved.
  *
  * Export of this software from the United States of America may
@@ -23,6 +23,7 @@
  * this software for any purpose.  It is provided "as is" without express
  * or implied warranty.
  */
+#ifndef LEAN_CLIENT 
 
 #include "k5-int.h"
 
@@ -217,3 +218,5 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options,
     return retval;
 }
 
+#endif /* LEAN_CLIENT */
+
index dd3f011d9aad17f441c077c39d6f250c7a3fdc9f..094eb79f5bbd4fff50f6c74d29ee8fe03e7d1de1 100644 (file)
@@ -378,7 +378,6 @@ cleanup:
                  break;
 
               delta = (*last_req)->value - now;
-
               if (delta < 3600)
                   snprintf(banner, sizeof(banner),
                            "Warning: Your password will expire in less than one hour on %s",
index 75edb55da4553420103fcd326437a13c48acc440..d98411fd7a4a53f849abbf60d6d2a06d4a9b1055 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/krb/in_tkt_sky.c
  *
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -98,8 +98,10 @@ krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options,
                               skey_keyproc, (krb5_const_pointer)key,
                               krb5_kdc_rep_decrypt_proc, 0, creds,
                               ccache, ret_as_reply);
+#ifndef LEAN_CLIENT 
     else 
        return krb5_get_in_tkt_with_keytab(context, options, addrs, ktypes,
                                           pre_auth_types, NULL, ccache,
                                           creds, ret_as_reply);
+#endif /* LEAN_CLIENT */
 }
index 28f4f93641be22eab2c8fc9c97ec8e4fcada37a7..6a479496fa10ef31113afbf695d6e581e43d0b71 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/krb/rd_req.c
  *
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -58,14 +58,16 @@ krb5_rd_req(krb5_context context, krb5_auth_context *auth_context,
 
     if (!krb5_is_ap_req(inbuf))
        return KRB5KRB_AP_ERR_MSG_TYPE;
+#ifndef LEAN_CLIENT 
     if ((retval = decode_krb5_ap_req(inbuf, &request))) {
        switch (retval) {
        case KRB5_BADMSGTYPE:
            return KRB5KRB_AP_ERR_BADVERSION; 
        default:
            return(retval);
-       }
+       } 
     }
+#endif /* LEAN_CLIENT */
 
     /* Get an auth context if necessary. */
     new_auth_context = NULL;
@@ -89,18 +91,22 @@ krb5_rd_req(krb5_context context, krb5_auth_context *auth_context,
            goto cleanup_auth_context;
     }
 
+#ifndef LEAN_CLIENT 
     /* Get a keytab if necessary. */
     if (keytab == NULL) {
        if ((retval = krb5_kt_default(context, &new_keytab)))
            goto cleanup_auth_context;
        keytab = new_keytab;
     }
+#endif /* LEAN_CLIENT */
 
     retval = krb5_rd_req_decoded(context, auth_context, request, server, 
                                 keytab, ap_req_options, ticket);
 
+#ifndef LEAN_CLIENT 
     if (new_keytab != NULL)
         (void) krb5_kt_close(context, new_keytab);
+#endif /* LEAN_CLIENT */
 
 cleanup_auth_context:
     if (new_auth_context && retval) {
index d672b8b7e9433ac273c1d1b560d8881551ccbb97..ed707d11ed3e1a03255213e2ac9770c1a4bea4e9 100644 (file)
@@ -87,15 +87,19 @@ krb5_rd_req_decrypt_tkt_part(krb5_context context, const krb5_ap_req *req,
 
     enctype = req->ticket->enc_part.enctype;
 
+#ifndef LEAN_CLIENT 
     if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server,
                                    req->ticket->enc_part.kvno,
                                    enctype, &ktent)))
        return retval;
+#endif /* LEAN_CLIENT */
 
     retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket);
     /* Upon error, Free keytab entry first, then return */
 
+#ifndef LEAN_CLIENT 
     (void) krb5_kt_free_entry(context, &ktent);
+#endif /* LEAN_CLIENT */
     return retval;
 }
 
index 322f1825b5f3aa149c0e069293f0c3b3ec2cc5e1..6a1fb1b49876ad693080158e629f204b7fbe6778 100644 (file)
@@ -62,12 +62,14 @@ static krb5_error_code krb5_oscontext_externalize
        (krb5_context, krb5_pointer, krb5_octet **, size_t *);
 static krb5_error_code krb5_oscontext_internalize
        (krb5_context,krb5_pointer *, krb5_octet **, size_t *);
+#ifndef LEAN_CLIENT
 krb5_error_code profile_ser_size
        (krb5_context, krb5_pointer, size_t *);
 krb5_error_code profile_ser_externalize
        (krb5_context, krb5_pointer, krb5_octet **, size_t *);
 krb5_error_code profile_ser_internalize
        (krb5_context,krb5_pointer *, krb5_octet **, size_t *);
+#endif /* LEAN_CLIENT */
 
 /* Local data */
 static const krb5_ser_entry krb5_context_ser_entry = {
@@ -82,13 +84,14 @@ static const krb5_ser_entry krb5_oscontext_ser_entry = {
     krb5_oscontext_externalize,                /* Externalize routine  */
     krb5_oscontext_internalize         /* Internalize routine  */
 };
+#ifndef LEAN_CLIENT
 static const krb5_ser_entry krb5_profile_ser_entry = {
     PROF_MAGIC_PROFILE,                        /* Type                 */
     profile_ser_size,                  /* Sizer routine        */
     profile_ser_externalize,           /* Externalize routine  */
     profile_ser_internalize            /* Internalize routine  */
 };
-\f
+#endif /* LEAN_CLIENT */
 /*
  * krb5_context_size() - Determine the size required to externalize the
  *                       krb5_context.
@@ -610,7 +613,9 @@ krb5_ser_context_init(krb5_context kcontext)
     kret = krb5_register_serializer(kcontext, &krb5_context_ser_entry);
     if (!kret)
        kret = krb5_register_serializer(kcontext, &krb5_oscontext_ser_entry);
+#ifndef LEAN_CLIENT
     if (!kret)
        kret = krb5_register_serializer(kcontext, &krb5_profile_ser_entry);
+#endif /* LEAN_CLIENT */
     return(kret);
 }
index e994ac9950e151bad97c3f15b20f6560075a21d0..b5cf260f2c0a203bafb004682ee695c06ba6da0a 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * lib/krb5/krb/srv_dec_tkt.c
  *
- * Copyright 2006 by the Massachusetts Institute of Technology.
+ * Copyright 2006, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -38,6 +38,7 @@
 
 #include <k5-int.h>
 
+#ifndef LEAN_CLIENT 
 krb5_error_code KRB5_CALLCONV
 krb5int_server_decrypt_ticket_keyblock(krb5_context context,
                                       const krb5_keyblock *key,
@@ -92,3 +93,5 @@ krb5_server_decrypt_ticket_keytab(krb5_context context,
     (void) krb5_kt_free_entry(context, &ktent);
     return retval;
 }
+#endif /* LEAN_CLIENT */
+
index e82891a57d3a8c048190f50df4460e5c357fd8cd..94187781c8fb397ae42087ff4b9cf413440cd82a 100644 (file)
@@ -44,9 +44,11 @@ int krb5int_lib_init(void)
     err = krb5int_rc_finish_init();
     if (err)
        return err;
+#ifndef LEAN_CLIENT
     err = krb5int_kt_initialize();
     if (err)
        return err;
+#endif /* LEAN_CLIENT */
     err = krb5int_cc_initialize();
     if (err)
        return err;
@@ -83,7 +85,9 @@ void krb5int_lib_fini(void)
     k5_mutex_destroy(&krb5int_us_time_mutex);
 
     krb5int_cc_finalize();
+#ifndef LEAN_CLIENT
     krb5int_kt_finalize();
+#endif /* LEAN_CLIENT */
     krb5int_rc_terminate();
 
 #if defined(_WIN32) || defined(USE_CCAPI)
index c0cc495c61bc9dc0fa6082d1838c0f73b62717b3..1593468cd41ce20ca2a6e1b57168ff3b34c1215e 100644 (file)
@@ -79,8 +79,14 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version)
 #undef SC
 
            S (krb5int_c_mandatory_cksumtype, krb5int_c_mandatory_cksumtype),
-           S (krb5_ser_pack_int64, krb5_ser_pack_int64),
-           S (krb5_ser_unpack_int64, krb5_ser_unpack_int64),
+#ifndef LEAN_CLIENT
+#define SC(FIELD, VAL) S(FIELD, VAL)
+#else /* disable */
+#define SC(FIELD, VAL) S(FIELD, 0)
+#endif
+           SC (krb5_ser_pack_int64, krb5_ser_pack_int64),
+           SC (krb5_ser_unpack_int64, krb5_ser_unpack_int64),
+#undef SC
 
 #ifdef ENABLE_LDAP
 #define SC(FIELD, VAL) S(FIELD, VAL)
index f886fc5ca1ed70454e2e4e2a3b5d526f9287a8c1..fb91133fbb3bb10e57759f1cac49654285634fa7 100644 (file)
@@ -30,9 +30,6 @@ profile_update_relation
 profile_clear_relation
 profile_rename_section
 profile_add_relation
-profile_ser_internalize
-profile_ser_externalize
-profile_ser_size
 krb5_is_referral_realm
 krb5_c_encrypt
 krb5_c_decrypt
@@ -210,9 +207,6 @@ krb5_get_init_creds_opt_set_salt
 krb5_get_init_creds_opt_set_change_password_prompt
 krb5_get_init_creds_opt_set_pa
 krb5_get_init_creds_password
-krb5_get_init_creds_keytab
-krb5_verify_init_creds_opt_init
-krb5_verify_init_creds
 krb5_get_validated_creds
 krb5_get_renewed_creds
 krb5_decode_ticket
@@ -247,8 +241,6 @@ gss_add_cred
 gss_inquire_cred_by_mech
 gss_inquire_context
 gss_wrap_size_limit
-gss_export_sec_context
-gss_import_sec_context
 gss_release_oid
 gss_create_empty_oid_set
 gss_add_oid_set_member
index 6d05ce79be49785decc241dfbc42ee5354762f72..4048f88a9eb2d93d0d716c3454ce44ec15ac647f 100644 (file)
@@ -252,6 +252,7 @@ profile_release(profile_t profile)
        free(profile);
 }
 
+#ifndef  LEAN_CLIENT  
 /*
  * Here begins the profile serialization functions.
  */
@@ -397,3 +398,5 @@ cleanup:
        }
        return(retval);
 }
+#endif /* LEAN_CLIENT  */
+