Avoid Heimdal'isms introduced in the rev 1.32 rewrite of verify_krb_v5_tgt()

diff --git a/auth/kerb5.c b/auth/kerb5.c
index 5a6d7d5f7c2d539f2c5e0e5aa92970ed595901a1..69ab9da0a7c10c5bac0d479d1ef6e2f2bd05e563 100644 (file)
--- a/auth/kerb5.c
+++ b/auth/kerb5.c
@@ -185,8 +185,10 @@ kerb5_verify(pw, pass, auth)
                  error_message(error));
        goto done;
     }
+#ifdef HAVE_HEIMDAL
     krb5_get_init_creds_opt_set_default_flags(sudo_context, NULL,
        krb5_principal_get_realm(sudo_context, princ), opts);
+#endif
 
     /* Note that we always obtain a new TGT to verify the user */
     if ((error = krb5_get_init_creds_password(sudo_context, &credbuf, princ,
@@ -217,8 +219,13 @@ kerb5_verify(pw, pass, auth)
     }
 
 done:
-    if (opts)
+    if (opts) {
+#ifdef HAVE_HEIMDAL
        krb5_get_init_creds_opt_free(opts);
+#else
+       krb5_get_init_creds_opt_free(sudo_context, opts);
+#endif
+    }
     if (creds)
        krb5_free_cred_contents(sudo_context, creds);
     return (error ? AUTH_FAILURE : AUTH_SUCCESS);