s3:libads: remove dead code in ads_sasl_spnego_{gensec}_bind()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 7605de346390314fa461502641c3fe91b829eeac..2eaabcc97c56b0a298f6a782965eadee4736a70c 100644 (file)
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -125,8 +125,7 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
                                const char *sasl,
                                enum credentials_use_kerberos krb5_state,
                                const char *target_service,
-                               const char *target_hostname,
-                               const DATA_BLOB server_blob)
+                               const char *target_hostname)
 {
        DATA_BLOB blob_in = data_blob_null;
        DATA_BLOB blob_out = data_blob_null;
@@ -134,7 +133,6 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
        NTSTATUS nt_status;
        ADS_STATUS status;
        struct auth_generic_state *auth_generic_state;
-       bool use_spnego_principal = lp_client_use_spnego_principal();
        const char *sasl_list[] = { sasl, NULL };
        NTTIME end_nt_time;
        struct ads_saslwrap *wrap = &ads->ldap_wrap_data;
@@ -154,14 +152,6 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
                return ADS_ERROR_NT(nt_status);
        }
 
-       if (server_blob.length == 0) {
-               use_spnego_principal = false;
-       }
-
-       if (krb5_state == CRED_USE_KERBEROS_DISABLED) {
-               use_spnego_principal = false;
-       }
-
        cli_credentials_set_kerberos_state(auth_generic_state->credentials,
                                           krb5_state,
                                           CRED_SPECIFIED);
@@ -184,10 +174,6 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
                }
        }
 
-       if (target_service != NULL && target_hostname != NULL) {
-               use_spnego_principal = false;
-       }
-
        switch (wrap->wrap_type) {
        case ADS_SASLWRAP_TYPE_SEAL:
                gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
@@ -217,15 +203,7 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
        }
 
        rc = LDAP_SASL_BIND_IN_PROGRESS;
-       if (use_spnego_principal) {
-               blob_in = data_blob_dup_talloc(talloc_tos(), server_blob);
-               if (blob_in.length == 0) {
-                       TALLOC_FREE(auth_generic_state);
-                       return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
-               }
-       } else {
-               blob_in = data_blob_null;
-       }
+       blob_in = data_blob_null;
        blob_out = data_blob_null;
 
        while (true) {
@@ -504,7 +482,6 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
        TALLOC_CTX *frame = talloc_stackframe();
        struct ads_service_principal p = {0};
        ADS_STATUS status;
-       DATA_BLOB blob = data_blob_null;
        const char *mech = NULL;
 
        status = ads_generate_service_principal(ads, &p);
@@ -524,8 +501,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 
                        status = ads_sasl_spnego_gensec_bind(ads, "GSS-SPNEGO",
                                                             CRED_USE_KERBEROS_REQUIRED,
-                                                            p.service, p.hostname,
-                                                            blob);
+                                                            p.service, p.hostname);
                        if (ADS_ERR_OK(status)) {
                                ads_free_service_principal(&p);
                                goto done;
@@ -540,8 +516,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
                if (ADS_ERR_OK(status)) {
                        status = ads_sasl_spnego_gensec_bind(ads, "GSS-SPNEGO",
                                                        CRED_USE_KERBEROS_REQUIRED,
-                                                       p.service, p.hostname,
-                                                       blob);
+                                                       p.service, p.hostname);
                        if (!ADS_ERR_OK(status)) {
                                DBG_ERR("kinit succeeded but "
                                        "SPNEGO bind with Kerberos failed "
@@ -589,8 +564,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 
        status = ads_sasl_spnego_gensec_bind(ads, "GSS-SPNEGO",
                                             CRED_USE_KERBEROS_DISABLED,
-                                            p.service, p.hostname,
-                                            data_blob_null);
+                                            p.service, p.hostname);
 done:
        if (!ADS_ERR_OK(status)) {
                DEBUG(1,("ads_sasl_spnego_gensec_bind(%s) failed "
@@ -602,9 +576,6 @@ done:
        }
        ads_free_service_principal(&p);
        TALLOC_FREE(frame);
-       if (blob.data != NULL) {
-               data_blob_free(&blob);
-       }
        return status;
 }