diff --git a/lib/krb5/fcache.c b/lib/krb5/fcache.c index 4a16ff9f5..9eb25ab38 100644 --- a/lib/krb5/fcache.c +++ b/lib/krb5/fcache.c @@ -616,11 +616,6 @@ fcc_store_cred(krb5_context context, sp = krb5_storage_emem(); krb5_storage_set_eof_code(sp, KRB5_CC_END); storage_set_flags(context, sp, FCACHE(id)->version); - if (!krb5_config_get_bool_default(context, NULL, TRUE, - "libdefaults", - "fcc-mit-ticketflags", - NULL)) - krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER); ret = krb5_store_creds(sp, creds); if (ret == 0) ret = write_storage(context, sp, fd); @@ -915,7 +910,6 @@ cred_delete(krb5_context context, struct stat sb1, sb2; int fd = -1; ssize_t bytes; - krb5_flags flags = 0; krb5_const_realm srealm = krb5_principal_get_realm(context, cred->server); /* This is best-effort code; if we lose track of errors here it's OK */ @@ -924,19 +918,12 @@ cred_delete(krb5_context context, "fcache internal error"); krb5_data_zero(&orig_cred_data); - if (!krb5_config_get_bool_default(context, NULL, TRUE, - "libdefaults", - "fcc-mit-ticketflags", - NULL)) - flags = KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER; sp = krb5_storage_emem(); if (sp == NULL) return; krb5_storage_set_eof_code(sp, KRB5_CC_END); storage_set_flags(context, sp, FCACHE(id)->version); - if (flags) - krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER); /* Get a copy of what the cred should look like in the file; see below */ ret = krb5_store_creds(sp, cred); @@ -970,8 +957,6 @@ cred_delete(krb5_context context, return; krb5_storage_set_eof_code(sp, KRB5_CC_END); storage_set_flags(context, sp, FCACHE(id)->version); - if (flags) - krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER); ret = krb5_store_creds(sp, cred); diff --git a/lib/krb5/store.c b/lib/krb5/store.c index 21536f7b4..da1e517e9 100644 --- a/lib/krb5/store.c +++ b/lib/krb5/store.c @@ -1347,14 +1347,9 @@ krb5_store_creds(krb5_storage *sp, krb5_creds *creds) ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */ if(ret) return ret; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER)) - ret = krb5_store_int32(sp, creds->flags.i); - else - ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b))); + ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b))); if(ret) return ret; - ret = krb5_store_addrs(sp, creds->addresses); if(ret) return ret; @@ -1399,23 +1394,7 @@ krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) if(ret) goto cleanup; ret = krb5_ret_int32 (sp, &dummy32); if(ret) goto cleanup; - /* - * Runtime detect the what is the higher bits of the bitfield. If - * any of the higher bits are set in the input data, it's either a - * new ticket flag (and this code need to be removed), or it's a - * MIT cache (or new Heimdal cache), lets change it to our current - * format. - */ - { - uint32_t mask = 0xffff0000; - creds->flags.i = 0; - creds->flags.b.anonymous = 1; - if (creds->flags.i & mask) - mask = ~mask; - if (dummy32 & mask) - dummy32 = bitswap32(dummy32); - } - creds->flags.i = dummy32; + creds->flags.b = int2TicketFlags(bitswap32(dummy32)); ret = krb5_ret_addrs (sp, &creds->addresses); if(ret) goto cleanup; ret = krb5_ret_authdata (sp, &creds->authdata); @@ -1574,23 +1553,7 @@ krb5_ret_creds_tag(krb5_storage *sp, if(ret) goto cleanup; ret = krb5_ret_int32 (sp, &dummy32); if(ret) goto cleanup; - /* - * Runtime detect the what is the higher bits of the bitfield. If - * any of the higher bits are set in the input data, it's either a - * new ticket flag (and this code need to be removed), or it's a - * MIT cache (or new Heimdal cache), lets change it to our current - * format. - */ - { - uint32_t mask = 0xffff0000; - creds->flags.i = 0; - creds->flags.b.anonymous = 1; - if (creds->flags.i & mask) - mask = ~mask; - if (dummy32 & mask) - dummy32 = bitswap32(dummy32); - } - creds->flags.i = dummy32; + creds->flags.b = int2TicketFlags(bitswap32(dummy32)); if (header & SC_ADDRESSES) { ret = krb5_ret_addrs (sp, &creds->addresses); if(ret) goto cleanup;