remove left over principal selection

https://fedorahosted.org/sssd/ticket/1303

Domain start up was taking too long when there are many principals
in a kerberos keytab. We were looking up in the keytab two times.

The first time we try to select a proper principal and remember it.
The second call happens almost right after the first one and
it is just a check if the principal exists in the keytab, without
any output information other than success/failure. It is
probably a left over from https://fedorahosted.org/sssd/ticket/781.

This patch removes the second call.

1 files changed, 0 insertions, 21 deletions

diff --git a/src/providers/ldap/sdap_child_helpers.c b/src/providers/ldap/sdap_child_helpers.c
index eeb5e5f0..7a59a42e 100644
--- a/src/providers/ldap/sdap_child_helpers.c
+++ b/src/providers/ldap/sdap_child_helpers.c
@@ -453,7 +453,6 @@ static errno_t set_tgt_child_timeout(struct tevent_req *req,
 int setup_child(struct sdap_id_ctx *ctx)
 {
     int ret;
-    const char *mech;
     unsigned v;
     FILE *debug_filep;
     const char *realm;
@@ -463,26 +462,6 @@ int setup_child(struct sdap_id_ctx *ctx)
         realm = dp_opt_get_string(ctx->opts->basic, SDAP_KRB5_REALM);
     }
 
-    mech = dp_opt_get_string(ctx->opts->basic,
-                             SDAP_SASL_MECH);
-    if (!mech) {
-        return EOK;
-    }
-
-    if (mech && (strcasecmp(mech, "GSSAPI") == 0)) {
-        ret = sss_krb5_verify_keytab(dp_opt_get_string(ctx->opts->basic,
-                                                       SDAP_SASL_AUTHID),
-                                     realm,
-                                     dp_opt_get_string(ctx->opts->basic,
-                                                       SDAP_KRB5_KEYTAB));
-
-        if (ret != EOK) {
-            DEBUG(0, ("Could not verify keytab\n"));
-            return ret;
-        }
-
-    }
-
     if (debug_to_file != 0 && ldap_child_debug_fd == -1) {
         ret = open_debug_file_ex("ldap_child", &debug_filep);
         if (ret != EOK) {