rxkad: Free memory used to check rxkad response

Since its introduction with commit 7e4e06b87a09 "Derive DES/fcrypt
session key from other key types", rxkad_derive_des_key has failed to
free the memory associated with its HMAC context struct.

This results in a leak of at least 352 bytes for each rxkad challenge
response processed by an OpenAFS server when using rxkad-kdf.

Free the memory by calling HMAC_CTX_cleanup after each round of the
loop.

Discovered via Solaris libumem.so.1.

Reviewed-on: https://gerrit.openafs.org/15427
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 915c9ec007810f99a5ea8be73426fc8882f615fd)

Change-Id: I4710c1180cdca19cc963d7409ef15e74efd51498
Reviewed-on: https://gerrit.openafs.org/15516
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

src/rxkad/ticket5.c

@@ -672,6 +672,7 @@ rxkad_derive_des_key(const void *in, size_t insize,
 	HMAC_Update(&mctx, Lbuf, 4);
 	mdsize = sizeof(tmp);
 	HMAC_Final(&mctx, tmp, &mdsize);
+	HMAC_CTX_cleanup(&mctx);
 	memcpy(ktmp, tmp, 8);
 	DES_set_odd_parity(&ktmp);
 	if (!DES_is_weak_key(&ktmp)) {