kdc: honor PAC_ATTRIBUTES in presented TGT

PACs are included when issuing TGTs, if there is no PAC_ATTRIBUTES buffer
(legacy behavior) or if the attributes buffer indicates the AS client requested
one.

kdc/fast.c

@@ -848,7 +848,8 @@ _kdc_fast_check_armor_pac(astgs_request_t r)
 			 armor_client, r->armor_server,
 			 r->armor_server, r->armor_server,
 			 &r->armor_key->key, &r->armor_key->key,
-			 &r->armor_ticket->ticket, &ad_kdc_issued, &mspac, NULL, NULL);
+			 &r->armor_ticket->ticket, &ad_kdc_issued, &mspac,
+			 NULL, NULL, NULL);
     if (ret) {
 	const char *msg = krb5_get_error_message(r->context, ret);