s4:kdc: Remove unused parameters from samba_kdc_verify_pac()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index 4067e06dc61355f2df0d68c63a44b1ec2f6bf690..2ca31676c6141d5b7aab9748016da8dff66f8c77 100644 (file)
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -675,8 +675,6 @@ krb5_error_code mit_samba_update_pac(struct mit_samba_context *ctx,
                                    flags,
                                    client_skdc_entry,
                                    krbtgt_skdc_entry,
-                                   NULL /* device */,
-                                   NULL /* device_pac */,
                                    old_pac);
        if (code != 0) {
                goto done;

diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 5dab57c4e8aeabcaaf8c6534e65edbe2c51b5760..4fb0f3f5d2b1659b414f833edfe452bbd65c1fd7 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -2081,12 +2081,6 @@ static krb5_error_code samba_kdc_get_device_info_blob(TALLOC_CTX *mem_ctx,
 
  * @param krbtgt    The krbtgt samba kdc entry.
  *
- * @param device    The computer's samba kdc entry; used for compound
- *                  authentication.
-
- * @param device_pac        The PAC from the computer's TGT; used
- *                          for compound authentication.
-
  * @param pac                       The PAC
 
  * @return A Kerberos error code.
@@ -2096,8 +2090,6 @@ krb5_error_code samba_kdc_verify_pac(TALLOC_CTX *mem_ctx,
                                     uint32_t flags,
                                     struct samba_kdc_entry *client,
                                     const struct samba_kdc_entry *krbtgt,
-                                    const struct samba_kdc_entry *device,
-                                    const krb5_const_pac *device_pac,
                                     const krb5_const_pac pac)
 {
        TALLOC_CTX *tmp_ctx = NULL;

diff --git a/source4/kdc/pac-glue.h b/source4/kdc/pac-glue.h
index 6ddd77ad31236bc65d4e0224eb7883f241ad6c0c..fcef7c3d7f167a5e35a11ba5902df8b40d9d3446 100644 (file)
--- a/source4/kdc/pac-glue.h
+++ b/source4/kdc/pac-glue.h
@@ -100,8 +100,6 @@ krb5_error_code samba_kdc_verify_pac(TALLOC_CTX *mem_ctx,
                                     uint32_t flags,
                                     struct samba_kdc_entry *client,
                                     const struct samba_kdc_entry *krbtgt,
-                                    const struct samba_kdc_entry *device,
-                                    const krb5_const_pac *device_pac,
                                     krb5_const_pac pac);
 
 struct authn_audit_info;

diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c
index 1f3e3455c91cb00e6c292d5de2f3c832f5051c1b..d78f3fa0ba3c39a7cb8c36af560d860721f660f1 100644 (file)
--- a/source4/kdc/wdc-samba4.c
+++ b/source4/kdc/wdc-samba4.c
@@ -271,13 +271,10 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r,
                                             const hdb_entry *krbtgt,
                                             const krb5_pac pac,
                                             krb5_cksumtype ctype,
-                                            const hdb_entry *device,
-                                            krb5_const_pac *device_pac,
                                             krb5_boolean *is_trusted_out)
 {
        krb5_context context = kdc_request_get_context((kdc_request_t)r);
        struct samba_kdc_entry *client_skdc_entry = NULL;
-       struct samba_kdc_entry *device_skdc_entry = NULL;
        struct samba_kdc_entry *krbtgt_skdc_entry =
                talloc_get_type_abort(krbtgt->context, struct samba_kdc_entry);
        TALLOC_CTX *mem_ctx = NULL;
@@ -297,11 +294,6 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r,
                                                          struct samba_kdc_entry);
        }
 
-       if (device != NULL) {
-               device_skdc_entry = talloc_get_type_abort(device->context,
-                                                         struct samba_kdc_entry);
-       }
-
        /*
         * If the krbtgt was generated by an RODC, and we are not that
         * RODC, then we need to regenerate the PAC - we can't trust
@@ -376,8 +368,6 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r,
                                   flags,
                                   client_skdc_entry,
                                   krbtgt_skdc_entry,
-                                  device_skdc_entry,
-                                  device_pac,
                                   pac);
        if (ret != 0) {
                goto out;
@@ -540,10 +530,6 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r,
        krb5_error_code ret;
        krb5_cksumtype ctype = CKSUMTYPE_NONE;
        hdb_entry signing_krbtgt_hdb;
-       const hdb_entry *explicit_armor_client =
-               kdc_request_get_explicit_armor_client(r);
-       krb5_const_pac explicit_armor_pac =
-               kdc_request_get_explicit_armor_pac(r);
 
        if (delegated_proxy) {
                uint16_t pac_kdc_signature_rodc_id;
@@ -666,8 +652,6 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r,
                                    krbtgt,
                                    pac,
                                    ctype,
-                                   explicit_armor_client,
-                                   &explicit_armor_pac,
                                    is_trusted);
 
        if (krbtgt == &signing_krbtgt_hdb) {