s4-heimdal: Allow any kvno to match when searching the keytab.

Windows does not use a KVNO when it checks it's passwords, and MIT doesn't check the KVNO when no acceptor identity is specified (looping over all keys in the keytab). Andrew Bartlett
author: Andrew Bartlett <abartlet@samba.org> 2011-04-16 15:44:23 +1000
committer: Andrew Bartlett <abartlet@samba.org> 2011-04-16 11:43:05 +0200
commit: d1cbb9f5ceb40d0634891086ef1939b3b76daa4f (patch)
tree: ecd6d459f390979f9edc3e893600573669ffb2ed
parent: 1f534422cc09ca72f924643c7518c7f90241a732 (diff)
download: samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.tar.gz
samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.tar.bz2
samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/source4/heimdal/lib/krb5/rd_req.c b/source4/heimdal/lib/krb5/rd_req.c
index 8ce6570de2..25aa8674c7 100644
--- a/source4/heimdal/lib/krb5/rd_req.c
+++ b/source4/heimdal/lib/krb5/rd_req.c
@@ -983,8 +983,7 @@ krb5_rd_req_ctx(krb5_context context,
 		goto out;
 	    }
 
-	    if (entry.keyblock.keytype != ap_req.ticket.enc_part.etype ||
-		(kvno && kvno != entry.vno)) {
+	    if (entry.keyblock.keytype != ap_req.ticket.enc_part.etype) {
 		krb5_kt_free_entry (context, &entry);
 		continue;
 	    }
author	Andrew Bartlett <abartlet@samba.org>	2011-04-16 15:44:23 +1000
committer	Andrew Bartlett <abartlet@samba.org>	2011-04-16 11:43:05 +0200
commit	d1cbb9f5ceb40d0634891086ef1939b3b76daa4f (patch)
tree	ecd6d459f390979f9edc3e893600573669ffb2ed
parent	1f534422cc09ca72f924643c7518c7f90241a732 (diff)
download	samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.tar.gz samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.tar.bz2 samba-d1cbb9f5ceb40d0634891086ef1939b3b76daa4f.zip