_kdc_set_e_text(r, "Failed to build PK-INIT reply");
goto out;
}
+ r->reply_kvno = 0;
#if 0
ret = _kdc_add_initial_verified_cas(r->context, r->config,
pkp, &r->et);
if (ret)
goto out;
+ r->reply_kvno = 0;
+
/*
* Success
*/
if (ret)
return ret;
+ if (pa_key->mkvno != NULL) {
+ r->reply_kvno = *pa_key->mkvno;
+ } else {
+ r->reply_kvno = r->client->entry.kvno;
+ }
+
ret = krb5_enctype_to_string(r->context, pa_key->key.keytype, &str);
if (ret)
str = NULL;
ret = krb5_copy_keyblock_contents(r->context, &ckey->key, &r->reply_key);
if (ret)
goto out;
+
+ r->reply_kvno = 0;
}
if (r->clientdb->hdb_auth_status) {
r->armor_crypto, req->req_body.nonce,
&rep, &r->et, &r->ek, setype,
r->server->entry.kvno, &skey->key,
- r->client->entry.kvno,
+ r->reply_kvno,
&r->reply_key, 0, &r->e_text, r->reply);
if (ret)
goto out;