diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-07-07 11:11:57 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2017-07-25 13:51:10 +0200 |
commit | efacdf970e36b8d4aea553d84c1ef4c10cfbe75a (patch) | |
tree | d371f73b50180e0456220fee441de0e7f8c90c8b /auth/gensec | |
parent | ba9c51d51db4ba5663357fb0ef1b07db640b3428 (diff) | |
download | samba-efacdf970e36b8d4aea553d84c1ef4c10cfbe75a.tar.gz |
auth/spnego: remove more dead code from gensec_spnego_parse_negTokenInit()
Now we finally have a logic that someone can understand while reading it.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth/gensec')
-rw-r--r-- | auth/gensec/spnego.c | 40 |
1 files changed, 1 insertions, 39 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index 1a4c28be111..defffe40ab1 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -331,46 +331,8 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_ return nt_status; /* OK or MORE PROCESSING */ } - if (!spnego_state->sub_sec_security) { - DEBUG(1, ("SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - if (spnego_state->sub_sec_security) { - /* it is likely that a NULL input token will - * not be liked by most server mechs, but this - * does the right thing in the CIFS client. - * just push us along the merry-go-round - * again, and hope for better luck next - * time */ - - if (NT_STATUS_EQUAL(nt_status, NT_STATUS_INVALID_PARAMETER)) { - *unwrapped_out = data_blob_null; - nt_status = NT_STATUS_MORE_PROCESSING_REQUIRED; - } - - if (GENSEC_UPDATE_IS_NTERROR(nt_status)) { - DEBUG(1, ("SPNEGO(%s) NEG_TOKEN_INIT failed: %s\n", - spnego_state->sub_sec_security->ops->name, nt_errstr(nt_status))); - - /* We started the mech correctly, and the - * input from the other side was valid. - * Return the error (say bad password, invalid - * ticket) */ - gensec_spnego_update_sub_abort(spnego_state); - return nt_status; - } - - return nt_status; /* OK or MORE PROCESSING */ - } - DEBUG(1, ("SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT\n")); - /* we could re-negotiate here, but it would only work - * if the client or server lied about what it could - * support the first time. Lets keep this code to - * reality */ - - return nt_status; + return NT_STATUS_INVALID_PARAMETER; } /** create a negTokenInit |