When reading enctypes from ccaches, we need to sign-extend the 16-bit
value we read in order to properly read negative enctypes.
ticket: 6723
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24021
dc483132-0cff-0310-8789-
dd5450dbe970
keyblock->magic = KV5M_KEYBLOCK;
keyblock->contents = 0;
+ /* Enctype is signed, so sign-extend the 16-bit value we read. */
kret = krb5_fcc_read_ui_2(context, id, &ui2);
- keyblock->enctype = ui2;
+ keyblock->enctype = (krb5_int16) ui2;
CHECK(kret);
if (data->version == KRB5_FCC_FVNO_3) {
/* This works because the old etype is the same as the new enctype. */