s4-gensec Remove special case 'for SASL' that is not required any more.

I've examined the code paths involved, and it appears an alternative
fix has been made in the ldap_server/ldap_bind.c code, and there is no
code path that uses this behaviour.

Andrew Bartlett

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index e807f774a5e906be55b638a76c9721e6421e0db4..132ea7d8aec4f218805f4dfc7f9e1802c3c8c5d6 100644 (file)
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -535,19 +535,6 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
                        /* We may have been invoked as SASL, so there
                         * is more work to do */
                        if (gensec_gssapi_state->sasl) {
-                               /* Due to a very subtle interaction
-                                * with SASL and the LDAP libs, we
-                                * must ensure the data pointer is 
-                                * != NULL, but the length is 0.  
-                                *
-                                * This ensures we send a 'zero
-                                * length' (rather than NULL) response 
-                                */
-                               
-                               if (!out->data) {
-                                       out->data = (uint8_t *)talloc_strdup(out_mem_ctx, "\0");
-                               }
-
                                gensec_gssapi_state->sasl_state = STAGE_SASL_SSF_NEG;
                                return NT_STATUS_MORE_PROCESSING_REQUIRED;
                        } else {