From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 11 Feb 2022 19:56:17 +0000 (+0100)
Subject: s4:kdc: call krb5_free_keyblock_contents() in free_sdb_key()
X-Git-Tag: tevent-0.12.0~333
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97dbdb48d857e49bcae2f5497414d94a1f14b684;p=thirdparty%2Fsamba.git

s4:kdc: call krb5_free_keyblock_contents() in free_sdb_key()

This is much clearer than doing it in sdb_free_entry() already.
It also simplifies the next cleanups.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/kdc/sdb.c b/source4/kdc/sdb.c
index 7ccd26578fa..5828c653f64 100644
--- a/source4/kdc/sdb.c
+++ b/source4/kdc/sdb.c
@@ -28,20 +28,6 @@
 
 void sdb_free_entry(struct sdb_entry_ex *ent)
 {
-	struct sdb_key *k;
-	size_t i;
-
-	for (i = 0; i < ent->entry.keys.len; i++) {
-		k = &ent->entry.keys.val[i];
-
-		/*
-		 * Passing NULL as the Kerberos context is intentional here, as
-		 * both Heimdal and MIT libraries don't use the context when
-		 * clearing the keyblocks.
-		 */
-		krb5_free_keyblock_contents(NULL, &k->key);
-	}
-
 	free_sdb_entry(&ent->entry);
 	ZERO_STRUCTP(ent);
 }
@@ -52,7 +38,12 @@ static void free_sdb_key(struct sdb_key *k)
 		return;
 	}
 
-	/* keyblock not alloced */
+	/*
+	 * Passing NULL as the Kerberos context is intentional here, as
+	 * both Heimdal and MIT libraries don't use the context when
+	 * clearing the keyblocks.
+	 */
+	krb5_free_keyblock_contents(NULL, &k->key);
 
 	if (k->salt) {
 		smb_krb5_free_data_contents(NULL, &k->salt->salt);