Imported Upstream version 3.1.0

[debian/amanda] / common-src / krb5-security.c

diff --git a/common-src/krb5-security.c b/common-src/krb5-security.c
index 6c6572b619abcb557e532b64eafb7db5ff45279e..8a11ad675ad0afc8821ac02a432b01eae4e052b7 100644 (file)
--- a/common-src/krb5-security.c
+++ b/common-src/krb5-security.c
@@ -37,11 +37,9 @@
 #include "util.h"
 #include "event.h"
 #include "packet.h"
-#include "queue.h"
 #include "security.h"
 #include "security-util.h"
 #include "stream.h"
-#include "version.h"
 #include "sockaddr-util.h"
 
 #ifdef KRB5_HEIMDAL_INCLUDES
@@ -116,15 +114,10 @@
  */
 #define GSS_TIMEOUT                     30
 
-/*
- * The largest buffer we can send/receive.
- */
-#define AMANDA_MAX_TOK_SIZE             (MAX_TAPE_BLOCK_BYTES * 4)
-
 /*
  * This is the tcp stream buffer size
  */
-#define KRB5_STREAM_BUFSIZE     (MAX_TAPE_BLOCK_BYTES * 2)
+#define KRB5_STREAM_BUFSIZE     (32768 * 2)
 
 /*
  * This is the max number of outgoing connections we can have at once.
@@ -556,7 +549,6 @@ gss_server(
     gss_name_t gss_name;
     gss_cred_id_t gss_creds;
     char *p, *realm, *msg;
-    uid_t euid;
     int rval = -1;
     int rvalue;
     char errbuf[256];
@@ -571,16 +563,9 @@ gss_server(
      * out of the default keytab.  We also need to be root in
      * gss_accept_context() thanks to the replay cache code.
      */
-    euid = geteuid();
-    if (getuid() != 0) {
-       g_snprintf(errbuf, SIZEOF(errbuf),
-           _("real uid is %ld, needs to be 0 to read krb5 host key"),
-           (long)getuid());
-       goto out;
-    }
     if (!set_root_privs(0)) {
        g_snprintf(errbuf, SIZEOF(errbuf),
-           _("can't seteuid to uid 0: %s"), strerror(errno));
+           _("can't take root privileges to read krb5 host key: %s"), strerror(errno));
        goto out;
     }