kvno ASN.1 encoding interop with Windows RODCs

RFC 4120 defines the EncryptedData kvno field as an integer in the
range of unsigned 32-bit numbers.  Windows encodes and decodes the
field as a signed 32-bit integer.  Historically we do the same in our
encoder in 1.6 and prior, and in our decoder through 1.10.  (Actually,
our decoder through 1.10 decoded the value as a long and then cast the
result to unsigned int, so it would accept positive values >= 2^31 on
64-bit platforms but not on 32-bit platforms.)

kvno values that large (or negative) are only likely to appear in the
context of Windows read-only domain controllers.  So do what Windows
does instead of what RFC 4120 says.

ticket: 7092

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25703 dc483132-0cff-0310-8789-dd5450dbe970

0 files changed, 0 insertions, 0 deletions