6 files changed, 10 insertions, 34 deletions

diff --git a/ChangeLog b/ChangeLog
index 5796787d5..1aaa41485 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -41,6 +41,9 @@
    - markus@cvs.openbsd.org 2003/09/01 13:52:18
      [ssh.h]
      rm whitespace
+   - markus@cvs.openbsd.org 2003/09/01 18:15:50
+     [readconf.c readconf.h servconf.c servconf.h ssh.c]
+     remove unused kerberos code; ok henning@
 
 20030829
  - (bal) openbsd-compat/ clean up.  Considate headers, add in Id on our
@@ -956,4 +959,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.2931 2003/09/02 12:57:54 djm Exp $
+$Id: ChangeLog,v 1.2932 2003/09/02 12:58:22 djm Exp $
diff --git a/readconf.c b/readconf.c
index d7ef58936..13987ffa7 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.120 2003/09/01 12:50:46 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -92,7 +92,6 @@ typedef enum {
         oForwardAgent, oForwardX11, oGatewayPorts,
         oPasswordAuthentication, oRSAAuthentication,
         oChallengeResponseAuthentication, oXAuthLocation,
-        oKerberosAuthentication, oKerberosTgtPassing,
         oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
         oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
         oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
@@ -383,14 +382,6 @@ parse_flag:
                 intptr = &options->challenge_response_authentication;
                 goto parse_flag;
 
-        case oKerberosAuthentication:
-                intptr = &options->kerberos_authentication;
-                goto parse_flag;
-
-        case oKerberosTgtPassing:
-                intptr = &options->kerberos_tgt_passing;
-                goto parse_flag;
-
         case oGssAuthentication:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
@@ -821,8 +812,6 @@ initialize_options(Options * options)
         options->rsa_authentication = -1;
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
-        options->kerberos_authentication = -1;
-        options->kerberos_tgt_passing = -1;
         options->gss_authentication = -1;
         options->gss_deleg_creds = -1;
         options->password_authentication = -1;
@@ -895,10 +884,6 @@ fill_default_options(Options * options)
                 options->pubkey_authentication = 1;
         if (options->challenge_response_authentication == -1)
                 options->challenge_response_authentication = 1;
-        if (options->kerberos_authentication == -1)
-                options->kerberos_authentication = 1;
-        if (options->kerberos_tgt_passing == -1)
-                options->kerberos_tgt_passing = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 1;
         if (options->gss_deleg_creds == -1)
diff --git a/readconf.h b/readconf.h
index 1100205b8..60287f710 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: readconf.h,v 1.54 2003/08/22 10:56:09 markus Exp $    */
+/*      $OpenBSD: readconf.h,v 1.55 2003/09/01 18:15:50 markus Exp $    */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -40,8 +40,6 @@ typedef struct {
         int     hostbased_authentication;       /* ssh2's rhosts_rsa */
         int     challenge_response_authentication;
                                         /* Try S/Key or TIS, authentication. */
-        int     kerberos_authentication;        /* Try Kerberos authentication. */
-        int     kerberos_tgt_passing;   /* Try Kerberos TGT passing. */
         int     gss_authentication;     /* Try GSS authentication */
         int     gss_deleg_creds;        /* Delegate GSS credentials */
         int     password_authentication;        /* Try password
diff --git a/servconf.c b/servconf.c
index 6051918c2..71e28b3cb 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.126 2003/08/28 12:54:34 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.127 2003/09/01 18:15:50 markus Exp $");
 
 #include "ssh.h"
 #include "log.h"
@@ -72,7 +72,6 @@ initialize_server_options(ServerOptions *options)
         options->kerberos_authentication = -1;
         options->kerberos_or_local_passwd = -1;
         options->kerberos_ticket_cleanup = -1;
-        options->kerberos_tgt_passing = -1;
         options->gss_authentication=-1;
         options->gss_cleanup_creds = -1;
         options->password_authentication = -1;
@@ -182,8 +181,6 @@ fill_default_server_options(ServerOptions *options)
                 options->kerberos_or_local_passwd = 1;
         if (options->kerberos_ticket_cleanup == -1)
                 options->kerberos_ticket_cleanup = 1;
-        if (options->kerberos_tgt_passing == -1)
-                options->kerberos_tgt_passing = 0;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
         if (options->gss_cleanup_creds == -1)
@@ -632,10 +629,6 @@ parse_flag:
                 intptr = &options->kerberos_ticket_cleanup;
                 goto parse_flag;
 
-        case sKerberosTgtPassing:
-                intptr = &options->kerberos_tgt_passing;
-                goto parse_flag;
-
         case sGssAuthentication:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
diff --git a/servconf.h b/servconf.h
index f86cb2209..828e94c5c 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: servconf.h,v 1.64 2003/08/22 10:56:09 markus Exp $    */
+/*      $OpenBSD: servconf.h,v 1.65 2003/09/01 18:15:50 markus Exp $    */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -80,8 +80,6 @@ typedef struct {
                                                  * /etc/passwd */
         int     kerberos_ticket_cleanup;        /* If true, destroy ticket
                                                  * file on logout. */
-        int     kerberos_tgt_passing;   /* If true, permit Kerberos TGT
-                                         * passing. */
         int     gss_authentication;     /* If true, permit GSSAPI authentication */
         int     gss_cleanup_creds;      /* If true, destroy cred cache on logout */
         int     password_authentication;        /* If true, permit password
diff --git a/ssh.c b/ssh.c
index 46640a857..35418f693 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.200 2003/08/13 09:07:10 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.201 2003/09/01 18:15:50 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -154,7 +154,6 @@ usage(void)
              _PATH_SSH_USER_CONFFILE);
         fprintf(stderr, "  -A          Enable authentication agent forwarding.\n");
         fprintf(stderr, "  -a          Disable authentication agent forwarding (default).\n");
-        fprintf(stderr, "  -k          Disable Kerberos ticket forwarding.\n");
         fprintf(stderr, "  -X          Enable X11 connection forwarding.\n");
         fprintf(stderr, "  -x          Disable X11 connection forwarding (default).\n");
         fprintf(stderr, "  -i file     Identity for public key authentication "
@@ -305,7 +304,7 @@ again:
                         options.forward_agent = 1;
                         break;
                 case 'k':
-                        options.kerberos_tgt_passing = 0;
+                        /* ignored for backward compatibility */
                         break;
                 case 'i':
                         if (stat(optarg, &st) < 0) {