if we are using PKINIT, strip of the highest bit to make windows
PK-INIT happy. Also make the nonces the same, again for windows, they are using pk-init-9. XXX check if it isn't the that nonce is an unsigned variable so its just a asn1 mismatch. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15043 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -1209,13 +1209,12 @@ init_cred_loop(krb5_context context,
|
||||
/* Set a new nonce. */
|
||||
krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce));
|
||||
ctx->nonce &= 0xffffffff;
|
||||
ctx->as_req.req_body.nonce = ctx->nonce;
|
||||
#if 0
|
||||
krb5_generate_random_block (&ctx->pk_nonce, sizeof(ctx->pk_nonce));
|
||||
ctx->pk_nonce &= 0xffffffff;
|
||||
#else
|
||||
ctx->pk_nonce = ctx->nonce;
|
||||
#ifdef PKINIT
|
||||
/* XXX check if it isn't the that nonce is an unsigned
|
||||
* variable so its just a asn1 mismatch */
|
||||
ctx->nonce &= 0x7fffffff;
|
||||
#endif
|
||||
ctx->pk_nonce = ctx->nonce;
|
||||
|
||||
#define MAX_PA_COUNTER 3
|
||||
|
||||
|
Reference in New Issue
Block a user