s4:kdc: Inline some variables

IMO, this code is easier to read if the reader can tell at a glance what
the values of these enumerations are, rather than having to think about
where the values come from.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

source4/kdc/mit_samba.c

@@ -485,8 +485,6 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
 		(flags & KRB5_KDB_FLAG_PROTOCOL_TRANSITION) ?
 			SAMBA_ASSERTED_IDENTITY_SERVICE :
 			SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY;
-	const enum samba_claims_valid claims_valid = SAMBA_CLAIMS_VALID_INCLUDE;
-	const enum samba_compounded_auth compounded_auth = SAMBA_COMPOUNDED_AUTH_EXCLUDE;
 
 	if (client == NULL) {
 		return EINVAL;
@@ -525,8 +523,8 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
 	nt_status = samba_kdc_get_user_info_dc(tmp_ctx,
 					       skdc_entry,
 					       asserted_identity,
-					       claims_valid,
+					       SAMBA_CLAIMS_VALID_INCLUDE,
-					       compounded_auth,
+					       SAMBA_COMPOUNDED_AUTH_EXCLUDE,
 					       &user_info_dc);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(tmp_ctx);

source4/kdc/pac-glue.c

@@ -1276,6 +1276,11 @@ static krb5_error_code samba_kdc_obtain_user_info_dc(TALLOC_CTX *mem_ctx,
 			goto out;
 		}
 	} else {
+		if (skdc_entry == NULL) {
+			ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
+			goto out;
+		}
+
 		/*
 		 * In this case the RWDC discards the PAC an RODC generated.
 		 * Windows adds the asserted_identity in this case too.
@@ -1286,22 +1291,11 @@ static krb5_error_code samba_kdc_obtain_user_info_dc(TALLOC_CTX *mem_ctx,
 		 * SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY
 		 * here.
 		 */
-		enum samba_asserted_identity asserted_identity =
-			SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY;
-		const enum samba_claims_valid claims_valid = SAMBA_CLAIMS_VALID_EXCLUDE;
-		const enum samba_compounded_auth compounded_auth =
-			SAMBA_COMPOUNDED_AUTH_EXCLUDE;
-
-		if (skdc_entry == NULL) {
-			ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
-			goto out;
-		}
-
 		nt_status = samba_kdc_get_user_info_dc(mem_ctx,
 						       skdc_entry,
-						       asserted_identity,
+						       SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY,
-						       claims_valid,
+						       SAMBA_CLAIMS_VALID_EXCLUDE,
-						       compounded_auth,
+						       SAMBA_COMPOUNDED_AUTH_EXCLUDE,
 						       &user_info_dc);
 		if (!NT_STATUS_IS_OK(nt_status)) {
 			DBG_ERR("samba_kdc_get_user_info_dc failed: %s\n",
@@ -2055,18 +2049,13 @@ static krb5_error_code samba_kdc_get_device_info_blob(TALLOC_CTX *mem_ctx,
 
 	union PAC_INFO info;
 
-	enum samba_asserted_identity asserted_identity =
-		SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY;
-	const enum samba_claims_valid claims_valid = SAMBA_CLAIMS_VALID_INCLUDE;
-	const enum samba_compounded_auth compounded_auth = SAMBA_COMPOUNDED_AUTH_EXCLUDE;
-
 	frame = talloc_stackframe();
 
 	nt_status = samba_kdc_get_user_info_dc(frame,
 					       device,
-					       asserted_identity,
+					       SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY,
-					       claims_valid,
+					       SAMBA_CLAIMS_VALID_INCLUDE,
-					       compounded_auth,
+					       SAMBA_COMPOUNDED_AUTH_EXCLUDE,
 					       &device_info_dc);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		DBG_ERR("samba_kdc_get_user_info_dc failed: %s\n",

source4/kdc/wdc-samba4.c

@@ -122,8 +122,6 @@ static krb5_error_code samba_wdc_get_pac(void *priv,
 		(is_s4u2self) ?
 			SAMBA_ASSERTED_IDENTITY_SERVICE :
 			SAMBA_ASSERTED_IDENTITY_AUTHENTICATION_AUTHORITY;
-	const enum samba_claims_valid claims_valid = SAMBA_CLAIMS_VALID_INCLUDE;
-	const enum samba_compounded_auth compounded_auth = SAMBA_COMPOUNDED_AUTH_EXCLUDE;
 	struct authn_audit_info *server_audit_info = NULL;
 	NTSTATUS status = NT_STATUS_OK;
 
@@ -150,8 +148,8 @@ static krb5_error_code samba_wdc_get_pac(void *priv,
 	nt_status = samba_kdc_get_user_info_dc(mem_ctx,
 					       skdc_entry,
 					       asserted_identity,
-					       claims_valid,
+					       SAMBA_CLAIMS_VALID_INCLUDE,
-					       compounded_auth,
+					       SAMBA_COMPOUNDED_AUTH_EXCLUDE,
 					       &user_info_dc);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(mem_ctx);