heimdal make kvno unisgned internally

author Uri Simchoni <uri@samba.org>

Tue, 17 May 2016 10:45:11 +0000 (13:45 +0300)

committer Jeremy Allison <jra@samba.org>

Tue, 24 May 2016 01:00:39 +0000 (03:00 +0200)
author Uri Simchoni <uri@samba.org>
Tue, 17 May 2016 10:45:11 +0000 (13:45 +0300)
committer Jeremy Allison <jra@samba.org>
Tue, 24 May 2016 01:00:39 +0000 (03:00 +0200)
diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c

index 1d0d1ddc3fa6ffc802be0edd28316bf8173ff1c7..c221c90346142b838759c6d9655e9722ee8767e6 100644 (file)
--- a/source4/heimdal/kdc/krb5tgs.c
+++ b/source4/heimdal/kdc/krb5tgs.c
@@ -1174,6 +1174,8 @@ tgs_parse_request(krb5_context context,
      Key *tkey;
      krb5_keyblock *subkey = NULL;
      unsigned usage;
+    krb5uint32 kvno = 0;
+    krb5uint32 *kvno_ptr = NULL;
  
      *auth_data = NULL;
      *csec  = NULL;
@@ -1201,7 +1203,12 @@ tgs_parse_request(krb5_context context,
                                        ap_req.ticket.sname,
                                        ap_req.ticket.realm);
  
-    ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, ap_req.ticket.enc_part.kvno, NULL, krbtgt);
+    if (ap_req.ticket.enc_part.kvno) {
+           kvno = *ap_req.ticket.enc_part.kvno;
+           kvno_ptr = &kvno;
+    }
+    ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, kvno_ptr,
+                       NULL, krbtgt);
  
      if(ret == HDB_ERR_NOT_FOUND_HERE) {
         char *p;
@@ -1541,6 +1548,8 @@ tgs_build_reply(krb5_context context,
         hdb_entry_ex *uu;
         krb5_principal p;
         Key *uukey;
+       krb5uint32 second_kvno = 0;
+       krb5uint32 *kvno_ptr = NULL;
  
         if(b->additional_tickets == NULL ||
            b->additional_tickets->len == 0){
@@ -1557,8 +1566,12 @@ tgs_build_reply(krb5_context context,
             goto out;
         }
         _krb5_principalname2krb5_principal(context, &p, t->sname, t->realm);
+       if(t->enc_part.kvno){
+           second_kvno = *t->enc_part.kvno;
+           kvno_ptr = &second_kvno;
+       }
         ret = _kdc_db_fetch(context, config, p,
-                           HDB_F_GET_KRBTGT, t->enc_part.kvno,
+                           HDB_F_GET_KRBTGT, kvno_ptr,
                             NULL, &uu);
         krb5_free_principal(context, p);
         if(ret){
diff --git a/source4/heimdal/kdc/misc.c b/source4/heimdal/kdc/misc.c

index 6fd5119decaced2e795eec1a93babd633575ba06..b0bc38a2b6f6ce5411744e491ab1be43846092f0 100644 (file)
--- a/source4/heimdal/kdc/misc.c
+++ b/source4/heimdal/kdc/misc.c
@@ -40,7 +40,7 @@ _kdc_db_fetch(krb5_context context,
               krb5_kdc_configuration *config,
               krb5_const_principal principal,
               unsigned flags,
-             krb5int32 *kvno_ptr,
+             krb5uint32 *kvno_ptr,
               HDB **db,
               hdb_entry_ex **h)
  {
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c

index 4d0084bd42df32d82ee7ba46f121d98eb12a440a..fa884fb17ee89ca2c3626bbcf184ff4feb67312a 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -3183,7 +3183,7 @@ static bool check_pw_with_krb5(struct torture_context *tctx,
         const char *old_password = cli_credentials_get_old_password(credentials);
         int kvno = cli_credentials_get_kvno(credentials);
         int expected_kvno = 0;
-       krb5int32 t_kvno = 0;
+       krb5uint32 t_kvno = 0;
         const char *host = torture_setting_string(tctx, "host", NULL);
         krb5_error_code k5ret;
         krb5_boolean k5ok;
author	Uri Simchoni <uri@samba.org>
	Tue, 17 May 2016 10:45:11 +0000 (13:45 +0300)
committer	Jeremy Allison <jra@samba.org>
	Tue, 24 May 2016 01:00:39 +0000 (03:00 +0200)
source4/heimdal/kdc/krb5tgs.c		patch \| blob \| history
source4/heimdal/kdc/misc.c		patch \| blob \| history
source4/torture/rpc/lsa.c		patch \| blob \| history