Revert "Add support for Kerberos credential delegation"

This reverts commit 3d4fa227bc.

Per discussion and buildfarm, this depends on APIs that seem to not
be available on at least one platform (NetBSD).  Should be certainly
possible to rework to be optional on that platform if necessary but bit
late for that at this point.

Discussion: https://postgr.es/m/3286097.1680922218@sss.pgh.pa.us

src/backend/libpq/be-secure-gssapi.c

@@ -497,7 +497,6 @@ secure_open_gssapi(Port *port)
 	bool		complete_next = false;
 	OM_uint32	major,
 				minor;
-	gss_cred_id_t delegated_creds;
 
 	/*
 	 * Allocate subsidiary Port data for GSSAPI operations.
@@ -505,9 +504,6 @@ secure_open_gssapi(Port *port)
 	port->gss = (pg_gssinfo *)
 		MemoryContextAllocZero(TopMemoryContext, sizeof(pg_gssinfo));
 
-	delegated_creds = GSS_C_NO_CREDENTIAL;
-	port->gss->delegated_creds = false;
-
 	/*
 	 * Allocate buffers and initialize state variables.  By malloc'ing the
 	 * buffers at this point, we avoid wasting static data space in processes
@@ -592,8 +588,7 @@ secure_open_gssapi(Port *port)
 									   GSS_C_NO_CREDENTIAL, &input,
 									   GSS_C_NO_CHANNEL_BINDINGS,
 									   &port->gss->name, NULL, &output, NULL,
-									   NULL, pg_gss_accept_deleg ? &delegated_creds : NULL);
-
+									   NULL, NULL);
 		if (GSS_ERROR(major))
 		{
 			pg_GSS_error(_("could not accept GSSAPI security context"),
@@ -610,12 +605,6 @@ secure_open_gssapi(Port *port)
 			complete_next = true;
 		}
 
-		if (delegated_creds != GSS_C_NO_CREDENTIAL)
-		{
-			pg_store_delegated_credential(delegated_creds);
-			port->gss->delegated_creds = true;
-		}
-
 		/* Done handling the incoming packet, reset our buffer */
 		PqGSSRecvLength = 0;
 
@@ -742,16 +731,3 @@ be_gssapi_get_princ(Port *port)
 
 	return port->gss->princ;
 }
-
-/*
- * Return if GSSAPI delegated credentials were included on this
- * connection.
- */
-bool
-be_gssapi_get_deleg(Port *port)
-{
-	if (!port || !port->gss)
-		return NULL;
-
-	return port->gss->delegated_creds;
-}