[krbdev.mit.edu #7092] SVN Commit

Tom Yu via RT rt-comment at krbdev.mit.edu
Wed Mar 7 18:44:29 EST 2012


Pull up r25725 from trunk, along with backport of r25703.

 ------------------------------------------------------------------------
 r25725 | tlyu | 2012-03-02 17:24:38 -0500 (Fri, 02 Mar 2012) | 4 lines

 ticket: 7092

 Add test cases for Windows RODC kvno compatibility

 ------------------------------------------------------------------------
 r25703 | ghudson | 2012-02-21 13:57:44 -0500 (Tue, 21 Feb 2012) | 15 lines

 ticket: 7092
 subject: kvno ASN.1 encoding interop with Windows RODCs

 RFC 4120 defines the EncryptedData kvno field as an integer in the
 range of unsigned 32-bit numbers.  Windows encodes and decodes the
 field as a signed 32-bit integer.  Historically we do the same in our
 encoder in 1.6 and prior, and in our decoder through 1.10.  (Actually,
 our decoder through 1.10 decoded the value as a long and then cast the
 result to unsigned int, so it would accept positive values >= 2^31 on
 64-bit platforms but not on 32-bit platforms.)

 kvno values that large (or negative) are only likely to appear in the
 context of Windows read-only domain controllers.  So do what Windows
 does instead of what RFC 4120 says.

http://src.mit.edu/fisheye/changelog/krb5/?cs=25739
Commit By: tlyu
Revision: 25739
Changed Files:
U   branches/krb5-1-10/src/lib/krb5/asn.1/asn1_k_encode.c
U   branches/krb5-1-10/src/tests/asn.1/krb5_decode_test.c
U   branches/krb5-1-10/src/tests/asn.1/krb5_encode_test.c
U   branches/krb5-1-10/src/tests/asn.1/reference_encode.out
U   branches/krb5-1-10/src/tests/asn.1/trval_reference.out



More information about the krb5-bugs mailing list