s4:kdc: Fix comparison in samba_kdc_check_s4u2proxy()

CID 1502873:  Control flow issues  (NO_EFFECT)
>>> This greater-than-or-equal-to-zero comparison of an unsigned value is always
true. "el->num_values >= 0U".

This is probably just a paranoia check as num_values should be set to at least
1 if the we have an LDAP entry.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index ff1241f06b9609441ca2fe5007327c31370dea16..f79ff1b8c3c90da65634fe5c96e704284290761e 100644 (file)
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -2746,6 +2746,7 @@ samba_kdc_check_s4u2proxy(krb5_context context,
                ret = ENOENT;
                goto bad_option;
        }
+       SMB_ASSERT(el->num_values != 0);
 
        /*
         * This is the Microsoft forwardable flag behavior.
@@ -2753,7 +2754,7 @@ samba_kdc_check_s4u2proxy(krb5_context context,
         * If the proxy (target) principal is NULL, and we have any authorized
         * delegation target, allow to forward.
         */
-       if (el->num_values >= 0 && target_principal == NULL) {
+       if (target_principal == NULL) {
                return 0;
        }