From 1e5120ac0232569580ddabdff554255da05cf6ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Mon, 28 Nov 2005 20:33:57 +0000
Subject: [PATCH] (_kdc_as_rep): add comment when we send ETYPE-INFO and
 ETYPE-INFO2, from Andrew Bartlett

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16298 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 40ed58777..154ca9efb 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -1077,6 +1077,14 @@ _kdc_as_rep(krb5_context context,
 	pa->padata_value.data	= NULL;
 #endif
 
+	/* 
+	 * RFC4120 requires: 
+	 * - If the client only knows about old enctypes, then send
+	 *   both info replies (we send 'info' first in the list).
+	 * - If the client is 'modern', because it knows about 'new'
+	 *   enctype types, then only send the 'info2' reply.
+	*/
+
 	/* XXX check ret */
 	if (only_older_enctype_p(req))
 	    ret = get_pa_etype_info(context, config, &method_data, client,