From 5d92219788ff927a3c93157e06edc40489cb4204 Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Fri, 17 Dec 2021 13:27:31 +1100
Subject: [PATCH] kdc: set kvno to zero if reply key replaced

If the pre-authentication mechanism replaced the reply key, then the kvno in
the KDC-REP should be zero, as the reply is not encrypted in the client's
(versioned) long-term key.

Closes: #899
---
 kdc/kerberos5.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 81cfca9ea..ea9735554 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -2651,14 +2651,15 @@ _kdc_as_rep(astgs_request_t r)
     }
 
     /*
-     *
+     * Don't send kvno from client entry if the pre-authentication
+     * mechanism replaced the reply key.
      */
 
     ret = _kdc_encode_reply(r->context, config,
 			    r, req->req_body.nonce,
 			    &rep, &r->et, &r->ek, setype,
 			    r->server->entry.kvno, &skey->key,
-			    r->client->entry.kvno,
+			    r->replaced_reply_key ? 0 : r->client->entry.kvno,
 			    0, &r->e_text, r->reply);
     if (ret)
 	goto out;