diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-07-07 10:57:52 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2017-07-25 13:51:09 +0200 |
commit | f2044028fcd1d756085067190045ee87a4ea3537 (patch) | |
tree | d76a689ed5ad35f4bbd4c4540f9cfa6b54d650e3 /auth | |
parent | 1c2ed3dec96cb201cd78b7a324dbe96ab7ac26e9 (diff) | |
download | samba-f2044028fcd1d756085067190045ee87a4ea3537.tar.gz |
auth/spnego: remove dead code from gensec_spnego_parse_negTokenInit()
Check with git show -U15
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/gensec/spnego.c | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index f943463ba30..17cf911e4aa 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -325,91 +325,6 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_ return NT_STATUS_INVALID_PARAMETER; } - /* Having tried any optimistic token from the client (if we - * were the server), if we didn't get anywhere, walk our list - * in our preference order */ - unwrapped_in = data_blob_null; - - if (!spnego_state->sub_sec_security) { - for (i=0; all_sec && all_sec[i].op; i++) { - nt_status = gensec_subcontext_start(spnego_state, - gensec_security, - &spnego_state->sub_sec_security); - if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } - /* select the sub context */ - nt_status = gensec_start_mech_by_ops(spnego_state->sub_sec_security, - all_sec[i].op); - if (!NT_STATUS_IS_OK(nt_status)) { - /* - * Pretend we never started it. - */ - gensec_spnego_update_sub_abort(spnego_state); - continue; - } - - spnego_state->neg_oid = all_sec[i].oid; - - /* only get the helping start blob for the first OID */ - nt_status = gensec_update_ev(spnego_state->sub_sec_security, - out_mem_ctx, - ev, - unwrapped_in, - unwrapped_out); - if (NT_STATUS_IS_OK(nt_status)) { - spnego_state->sub_sec_ready = true; - } - - /* it is likely that a NULL input token will - * not be liked by most server mechs, but if - * we are in the client, we want the first - * update packet to be able to abort the use - * of this mech */ - if (spnego_state->state_position != SPNEGO_SERVER_START) { - if (NT_STATUS_EQUAL(nt_status, NT_STATUS_INVALID_PARAMETER) || - NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_LOGON_SERVERS) || - NT_STATUS_EQUAL(nt_status, NT_STATUS_TIME_DIFFERENCE_AT_DC) || - NT_STATUS_EQUAL(nt_status, NT_STATUS_CANT_ACCESS_DOMAIN_INFO)) { - const char *next = NULL; - const char *principal = NULL; - int dbg_level = DBGLVL_WARNING; - - if (all_sec[i+1].op != NULL) { - next = all_sec[i+1].op->name; - dbg_level = DBGLVL_NOTICE; - } - - if (gensec_security->target.principal != NULL) { - principal = gensec_security->target.principal; - } else if (gensec_security->target.service != NULL && - gensec_security->target.hostname != NULL) - { - principal = talloc_asprintf(spnego_state->sub_sec_security, - "%s/%s", - gensec_security->target.service, - gensec_security->target.hostname); - } else { - principal = gensec_security->target.hostname; - } - - DEBUG(dbg_level, ("SPNEGO(%s) creating NEG_TOKEN_INIT for %s failed (next[%s]): %s\n", - spnego_state->sub_sec_security->ops->name, - principal, - next, nt_errstr(nt_status))); - - /* - * Pretend we never started it. - */ - gensec_spnego_update_sub_abort(spnego_state); - continue; - } - } - - break; - } - } - if (spnego_state->sub_sec_security) { /* it is likely that a NULL input token will * not be liked by most server mechs, but this |