if we are using PKINIT, strip of the highest bit to make windows

PK-INIT happy. Also make the nonces the same, again for windows, they
are using pk-init-9.

XXX check if it isn't the that nonce is an unsigned variable so its
just a asn1 mismatch.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15043 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-04-30 16:24:00 +00:00
parent ea7df6b1e6
commit a8f9738a23

View File

@@ -1209,13 +1209,12 @@ init_cred_loop(krb5_context context,
/* Set a new nonce. */
krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce));
ctx->nonce &= 0xffffffff;
ctx->as_req.req_body.nonce = ctx->nonce;
#if 0
krb5_generate_random_block (&ctx->pk_nonce, sizeof(ctx->pk_nonce));
ctx->pk_nonce &= 0xffffffff;
#else
ctx->pk_nonce = ctx->nonce;
#ifdef PKINIT
/* XXX check if it isn't the that nonce is an unsigned
* variable so its just a asn1 mismatch */
ctx->nonce &= 0x7fffffff;
#endif
ctx->pk_nonce = ctx->nonce;
#define MAX_PA_COUNTER 3