s4:kdc: let samba_kdc_update_pac() always call samba_kdc_get_logon_info_blob()

The logic in samba_kdc_get_logon_info_blob() also does
talloc_zero(tmp_ctx, DATA_BLOB) followed by calling
samba_get_logon_info_pac_blob().

So we can always just call samba_kdc_get_logon_info_blob().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index b4dd4a216e655d184e3477410a61f478c5d3a7e2..628b1d891aa5ac0573c97d0028815a7fd24bbc8e 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -2855,38 +2855,19 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
                user_info_dc_const = user_info_dc_shallow_copy;
        }
 
-       if (samba_krb5_pac_is_trusted(client)) {
-               pac_blob = talloc_zero(tmp_ctx, DATA_BLOB);
-               if (pac_blob == NULL) {
-                       code = ENOMEM;
-                       goto done;
-               }
-
-               nt_status = samba_get_logon_info_pac_blob(tmp_ctx,
-                                                         user_info_dc_const,
-                                                         _resource_groups,
-                                                         group_inclusion,
-                                                         pac_blob);
-               if (!NT_STATUS_IS_OK(nt_status)) {
-                       DBG_ERR("samba_get_logon_info_pac_blob failed: %s\n",
-                               nt_errstr(nt_status));
-
-                       code = map_errno_from_nt_status(nt_status);
-                       goto done;
-               }
-       } else {
-               nt_status = samba_kdc_get_logon_info_blob(tmp_ctx,
-                                                         user_info_dc_const,
-                                                         _resource_groups,
-                                                         group_inclusion,
-                                                         &pac_blob);
-               if (!NT_STATUS_IS_OK(nt_status)) {
-                       DBG_ERR("samba_kdc_get_logon_info_blob failed: %s\n",
-                               nt_errstr(nt_status));
-                       code = KRB5KDC_ERR_TGT_REVOKED;
-                       goto done;
-               }
+       nt_status = samba_kdc_get_logon_info_blob(tmp_ctx,
+                                                 user_info_dc_const,
+                                                 _resource_groups,
+                                                 group_inclusion,
+                                                 &pac_blob);
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DBG_ERR("samba_kdc_get_logon_info_blob failed: %s\n",
+                       nt_errstr(nt_status));
+               code = KRB5KDC_ERR_TGT_REVOKED;
+               goto done;
+       }
 
+       if (samba_krb5_pac_is_trusted(client)) {
                nt_status = samba_kdc_get_upn_info_blob(tmp_ctx,
                                                        user_info_dc_const,
                                                        &upn_blob);