From 912209ac84395ef0e2fca0556b1e4bec34367b5c Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 1 Oct 2008 16:00:33 -0700
Subject: Use the trust password version as kvno for trusts in Kerberos.

---
 source4/kdc/hdb-samba4.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'source4/kdc/hdb-samba4.c')

diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index d7317f17d4..818c4a12fd 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -717,6 +717,7 @@ static krb5_error_code LDB_trust_message2entry(krb5_context context, HDB *db,
 
 	enum ndr_err_code ndr_err;
 	int i, ret, trust_direction_flags;
+	uint32_t kvno;
 
 	private = talloc(mem_ctx, struct hdb_ldb_private);
 	if (!private) {
@@ -764,6 +765,12 @@ static krb5_error_code LDB_trust_message2entry(krb5_context context, HDB *db,
 		goto out;
 	}
 
+	for (i=0; i < password_blob.count; i++) {
+		if (password_blob.current->array[i].AuthType == TRUST_AUTH_TYPE_VERSION) {
+			entry_ex->entry.kvno = password_blob.current->array[i].AuthInfo.version.version;
+		}
+	}
+
 	for (i=0; i < password_blob.count; i++) {
 		if (password_blob.current->array[i].AuthType == TRUST_AUTH_TYPE_CLEAR) {
 			password_utf16 = data_blob_const(password_blob.current->array[i].AuthInfo.clear.password,
-- 
cgit