Remove KDC macros for realm config fields

Stop using macros to refer to kdc_realm_t fields, as they could
conflict with structure field names for the same.  Leave behind the
kdc_context and tgs_server macros for now.

src/kdc/do_as_req.c

@@ -702,7 +702,7 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
             min(rtime, state->enc_tkt_reply.times.starttime +
                 min(state->client->max_renewable_life,
                     min(state->server->max_renewable_life,
-                        max_renewable_life_for_realm)));
+                        kdc_active_realm->realm_maxrlife)));
     } else
         state->enc_tkt_reply.times.renew_till = 0; /* XXX */
 

src/kdc/do_tgs_req.c

@@ -462,7 +462,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
                 min(header_enc_tkt->times.renew_till,
                     enc_tkt_reply.times.starttime +
                     min(server->max_renewable_life,
-                        max_renewable_life_for_realm)));
+                        kdc_active_realm->realm_maxrlife)));
     } else {
         enc_tkt_reply.times.renew_till = 0;
     }
@@ -641,8 +641,8 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
         }
     } else
         krb5_klog_syslog(LOG_INFO, _("not checking transit path"));
-    if (reject_bad_transit
-        && !isflagset (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED)) {
+    if (kdc_active_realm->realm_reject_bad_transit &&
+        !isflagset(enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED)) {
         errcode = KRB5KDC_ERR_POLICY;
         status = "BAD_TRANSIT";
         goto cleanup;

src/kdc/kdc_util.c

@@ -568,7 +568,7 @@ check_anon(kdc_realm_t *kdc_active_realm,
 {
     /* If restrict_anon is set, reject requests from anonymous to principals
      * other than the local TGT. */
-    if (restrict_anon &&
+    if (kdc_active_realm->realm_restrict_anon &&
         krb5_principal_compare_any_realm(kdc_context, client,
                                          krb5_anonymous_principal()) &&
         !krb5_principal_compare(kdc_context, server, tgs_server))
@@ -909,7 +909,8 @@ dbentry_supports_enctype(kdc_realm_t *kdc_active_realm, krb5_db_entry *server,
 
     /* If configured to, assume every server without a session_enctypes
      * attribute supports DES_CBC_CRC. */
-    if (assume_des_crc_sess && enctype == ENCTYPE_DES_CBC_CRC)
+    if (kdc_active_realm->realm_assume_des_crc_sess &&
+        enctype == ENCTYPE_DES_CBC_CRC)
         return TRUE;
 
     /* Due to an ancient interop problem, assume nothing supports des-cbc-md5
@@ -1884,8 +1885,8 @@ kdc_get_ticket_endtime(kdc_realm_t *kdc_active_realm,
         life = min(life, client->max_life);
     if (server->max_life != 0)
         life = min(life, server->max_life);
-    if (max_life_for_realm != 0)
-        life = min(life, max_life_for_realm);
+    if (kdc_active_realm->realm_maxlife != 0)
+        life = min(life, kdc_active_realm->realm_maxlife);
 
     *out_endtime = starttime + life;
 }

src/kdc/realm_data.h

@@ -91,13 +91,6 @@ kdc_realm_t *setup_server_realm(struct server_handle *, krb5_principal);
  * properly declared in each function that uses these macros.
  */
 #define kdc_context                     kdc_active_realm->realm_context
-#define max_life_for_realm              kdc_active_realm->realm_maxlife
-#define max_renewable_life_for_realm    kdc_active_realm->realm_maxrlife
-#define master_keyblock                 kdc_active_realm->realm_mkey
-#define master_princ                    kdc_active_realm->realm_mprinc
 #define tgs_server                      kdc_active_realm->realm_tgsprinc
-#define reject_bad_transit              kdc_active_realm->realm_reject_bad_transit
-#define restrict_anon                   kdc_active_realm->realm_restrict_anon
-#define assume_des_crc_sess             kdc_active_realm->realm_assume_des_crc_sess
 
 #endif  /* REALM_DATA_H */