From: Joseph Sutton Date: Fri, 29 Sep 2023 00:50:51 +0000 (+1300) Subject: s4:kdc: Remove unused parameters from samba_kdc_verify_pac() X-Git-Tag: tevent-0.16.0~264 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=321e0ed675b4bf11319518f0c6f70ba87d987e7a;p=thirdparty%2Fsamba.git s4:kdc: Remove unused parameters from samba_kdc_verify_pac() Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index 4067e06dc61..2ca31676c61 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -675,8 +675,6 @@ krb5_error_code mit_samba_update_pac(struct mit_samba_context *ctx, flags, client_skdc_entry, krbtgt_skdc_entry, - NULL /* device */, - NULL /* device_pac */, old_pac); if (code != 0) { goto done; diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 5dab57c4e8a..4fb0f3f5d2b 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -2081,12 +2081,6 @@ static krb5_error_code samba_kdc_get_device_info_blob(TALLOC_CTX *mem_ctx, * @param krbtgt The krbtgt samba kdc entry. * - * @param device The computer's samba kdc entry; used for compound - * authentication. - - * @param device_pac The PAC from the computer's TGT; used - * for compound authentication. - * @param pac The PAC * @return A Kerberos error code. @@ -2096,8 +2090,6 @@ krb5_error_code samba_kdc_verify_pac(TALLOC_CTX *mem_ctx, uint32_t flags, struct samba_kdc_entry *client, const struct samba_kdc_entry *krbtgt, - const struct samba_kdc_entry *device, - const krb5_const_pac *device_pac, const krb5_const_pac pac) { TALLOC_CTX *tmp_ctx = NULL; diff --git a/source4/kdc/pac-glue.h b/source4/kdc/pac-glue.h index 6ddd77ad312..fcef7c3d7f1 100644 --- a/source4/kdc/pac-glue.h +++ b/source4/kdc/pac-glue.h @@ -100,8 +100,6 @@ krb5_error_code samba_kdc_verify_pac(TALLOC_CTX *mem_ctx, uint32_t flags, struct samba_kdc_entry *client, const struct samba_kdc_entry *krbtgt, - const struct samba_kdc_entry *device, - const krb5_const_pac *device_pac, krb5_const_pac pac); struct authn_audit_info; diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 1f3e3455c91..d78f3fa0ba3 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -271,13 +271,10 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r, const hdb_entry *krbtgt, const krb5_pac pac, krb5_cksumtype ctype, - const hdb_entry *device, - krb5_const_pac *device_pac, krb5_boolean *is_trusted_out) { krb5_context context = kdc_request_get_context((kdc_request_t)r); struct samba_kdc_entry *client_skdc_entry = NULL; - struct samba_kdc_entry *device_skdc_entry = NULL; struct samba_kdc_entry *krbtgt_skdc_entry = talloc_get_type_abort(krbtgt->context, struct samba_kdc_entry); TALLOC_CTX *mem_ctx = NULL; @@ -297,11 +294,6 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r, struct samba_kdc_entry); } - if (device != NULL) { - device_skdc_entry = talloc_get_type_abort(device->context, - struct samba_kdc_entry); - } - /* * If the krbtgt was generated by an RODC, and we are not that * RODC, then we need to regenerate the PAC - we can't trust @@ -376,8 +368,6 @@ static krb5_error_code samba_wdc_verify_pac2(astgs_request_t r, flags, client_skdc_entry, krbtgt_skdc_entry, - device_skdc_entry, - device_pac, pac); if (ret != 0) { goto out; @@ -540,10 +530,6 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r, krb5_error_code ret; krb5_cksumtype ctype = CKSUMTYPE_NONE; hdb_entry signing_krbtgt_hdb; - const hdb_entry *explicit_armor_client = - kdc_request_get_explicit_armor_client(r); - krb5_const_pac explicit_armor_pac = - kdc_request_get_explicit_armor_pac(r); if (delegated_proxy) { uint16_t pac_kdc_signature_rodc_id; @@ -666,8 +652,6 @@ static krb5_error_code samba_wdc_verify_pac(void *priv, astgs_request_t r, krbtgt, pac, ctype, - explicit_armor_client, - &explicit_armor_pac, is_trusted); if (krbtgt == &signing_krbtgt_hdb) {