make the kvno's in the krb4 universe by the real one % 256, since they

cannot only be 8 bit, and the v5 ones are actually 32 bits git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10864 ec53bebd-3082-4978-b11e-865c3cabbd6b
2002-03-10 23:05:57 +00:00
parent 2f0d78ac31
commit c672a244ba
1 changed files with 6 additions and 6 deletions
--- a/kdc/kerberos4.c
+++ b/kdc/kerberos4.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
 * (Royal Institute of Technology, Stockholm, Sweden). 
 * All rights reserved. 
 *
@@ -325,12 +325,12 @@ do_version4(unsigned char *buf,
 			      sname, sinst, skey->key.keyvalue.data);
 	    create_ciph(&cipher, session, sname, sinst, v4_realm,
-			life, server->kvno, &ticket, kdc_time, 
+			life, server->kvno % 256, &ticket, kdc_time, 
 			ckey->key.keyvalue.data);
 	    memset(&session, 0, sizeof(session));
 	    r = create_auth_reply(name, inst, realm, req_time, 0, 
 				  client->pw_end ? *client->pw_end : 0, 
-				  client->kvno, &cipher);
+				  client->kvno % 256, &cipher);
 	    krb5_data_copy(reply, r->dat, r->length);
 	    memset(&cipher, 0, sizeof(cipher));
 	    memset(&ticket, 0, sizeof(ticket));
@@ -373,9 +373,9 @@ do_version4(unsigned char *buf,
 	    goto out2;
 	}
-	if(tgt->kvno != kvno){
+	if(tgt->kvno % 256 != kvno){
 	    kdc_log(0, "tgs-req with old kvno %d (current %d) for "
-		    "krbtgt.%s@%s", kvno, tgt->kvno, realm, v4_realm);
+		    "krbtgt.%s@%s", kvno, tgt->kvno % 256, realm, v4_realm);
 	    make_err_reply(reply, KDC_AUTH_EXP,
 			   "old krbtgt kvno used");
 	    goto out2;
@@ -499,7 +499,7 @@ do_version4(unsigned char *buf,
 			      sname, sinst, skey->key.keyvalue.data);
 	    create_ciph(&cipher, session, sname, sinst, v4_realm,
-			life, server->kvno, &ticket,
+			life, server->kvno % 256, &ticket,
 			kdc_time, &ad.session);
 	    memset(&session, 0, sizeof(session));