From abad8d5700684dd95dc69b51f73cd418871e2259 Mon Sep 17 00:00:00 2001
From: Patrik Lundin <patrik.lundin@su.se>
Date: Fri, 20 May 2016 09:02:33 -0400
Subject: [PATCH] kdc: fix _kdc_db_fetch when non-zero kvno specified

Prior change 83011252d7be71d60aa23df8648c516a6148203e which fixed
cross-realm trusts from AD to Heimdal removed the assignment of
'*kvno_ptr' to 'kvno' in the case where a non-zero key version
number is supplied by the caller.  This breaks cross-realm trusts
from Heimdal to another realm.

This change restores the missing assignment.

Change-Id: Ic041d9d797ba4c8c0c567da55066ba5d3d1874bb
---
 kdc/misc.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/kdc/misc.c b/kdc/misc.c
index 5bd3e785d..62b1c356b 100644
--- a/kdc/misc.c
+++ b/kdc/misc.c
@@ -54,10 +54,12 @@ _kdc_db_fetch(krb5_context context,
     *h = NULL;
 
     if (kvno_ptr != NULL) {
-	if (*kvno_ptr != 0)
+	if (*kvno_ptr != 0) {
+	    kvno = *kvno_ptr;
 	    flags |= HDB_F_KVNO_SPECIFIED;
-	else
+	} else {
 	    flags |= HDB_F_ALL_KVNOS;
+	}
     }
 
     ent = calloc(1, sizeof (*ent));