s4:kdc: make the logic between ZERO_STRUCTP(entry_ex) and sdb_free_entry(entry_ex...

samba_kdc_[trust_]message2entry() always starts with
ZERO_STRUCTP(entry_ex) and cleans up on error with
sdb_free_entry(entry_ex), leaving a cleared structure again.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14054

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 616c39c9c308ccce8931968a62ccfc36118eba6e..3c9540eb3488725f46f6fd91ca0744fd6e2adbd4 100644 (file)
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -507,10 +507,6 @@ static krb5_error_code samba_kdc_message2entry_keys(krb5_context context,
                }
        }
 
-       entry_ex->entry.keys.val = NULL;
-       entry_ex->entry.keys.len = 0;
-       entry_ex->entry.kvno = 0;
-
        if ((ent_type == SAMBA_KDC_ENT_TYPE_CLIENT)
            && (userAccountControl & UF_SMARTCARD_REQUIRED)) {
                ret = samba_kdc_set_random_keys(context,
@@ -919,6 +915,8 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
        struct ldb_val computer_val = data_blob_string_const("computer");
        const char *samAccountName = ldb_msg_find_attr_as_string(msg, "samAccountName", NULL);
 
+       ZERO_STRUCTP(entry_ex);
+
        if (ldb_msg_find_element(msg, "msDS-SecondaryKrbTgtNumber")) {
                is_rodc = true;
        }
@@ -935,8 +933,6 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
                is_computer = TRUE;
        }
 
-       ZERO_STRUCTP(entry_ex);
-
        p = talloc_zero(mem_ctx, struct samba_kdc_entry);
        if (!p) {
                ret = ENOMEM;
@@ -1339,7 +1335,6 @@ out:
        if (ret != 0) {
                /* This doesn't free ent itself, that is for the eventual caller to do */
                sdb_free_entry(entry_ex);
-               ZERO_STRUCTP(entry_ex);
        } else {
                talloc_steal(kdc_db_ctx, p);
        }
@@ -1389,6 +1384,8 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
        struct lsa_TrustDomainInfoInfoEx *tdo = NULL;
        NTSTATUS status;
 
+       ZERO_STRUCTP(entry_ex);
+
        if (dsdb_functional_level(kdc_db_ctx->samdb) >= DS_DOMAIN_FUNCTION_2008) {
                supported_enctypes = ldb_msg_find_attr_as_uint(msg,
                                        "msDS-SupportedEncryptionTypes",
@@ -1478,9 +1475,6 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
 
        talloc_set_destructor(p, samba_kdc_entry_destructor);
 
-       /* make sure we do not have bogus data in there */
-       memset(&entry_ex->entry, 0, sizeof(struct sdb_entry));
-
        entry_ex->entry.skdc_entry = p;
 
        /* use 'whenCreated' */