Pull up r25725 from trunk, along with backport of r25703
------------------------------------------------------------------------
r25725 | tlyu | 2012-03-02 17:24:38 -0500 (Fri, 02 Mar 2012) | 4 lines
ticket: 7092
Add test cases for Windows RODC kvno compatibility
------------------------------------------------------------------------
r25703 | ghudson | 2012-02-21 13:57:44 -0500 (Tue, 21 Feb 2012) | 15 lines
ticket: 7092
subject: kvno ASN.1 encoding interop with Windows RODCs
RFC 4120 defines the EncryptedData kvno field as an integer in the
range of unsigned 32-bit numbers. Windows encodes and decodes the
field as a signed 32-bit integer. Historically we do the same in our
encoder in 1.6 and prior, and in our decoder through 1.10. (Actually,
our decoder through 1.10 decoded the value as a long and then cast the
result to unsigned int, so it would accept positive values >= 2^31 on
64-bit platforms but not on 32-bit platforms.)
kvno values that large (or negative) are only likely to appear in the
context of Windows read-only domain controllers. So do what Windows
does instead of what RFC 4120 says.
ticket: 7092
status: resolved
version_fixed: 1.10.1
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25739
dc483132-0cff-0310-8789-
dd5450dbe970
projects / krb5.git / commit