2 files changed, 25 insertions, 1 deletions

diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c
index b48ad04b5..6c4228947 100644
--- a/src/kdc/kerberos_v4.c
+++ b/src/kdc/kerberos_v4.c
@@ -93,7 +93,8 @@ static C_Block session_key;
 static C_Block user_key;
 static C_Block service_key;
 */
-static u_char master_key_version;
+extern u_char master_key_version;
+u_char master_key_version;
 /*
 static char k_instance[INST_SZ];
 */
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 55106f8a6..a3da6cf41 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -291,6 +291,9 @@ krb5_keyblock *masterkeyblock;
     int nprincs;
     krb5_boolean more;
     krb5_db_entry server;
+#ifdef KRB4
+    extern unsigned char master_key_version;
+#endif
 
     /* set db name if appropriate */
     if (dbname && (retval = krb5_db_set_name(dbname)))
@@ -306,6 +309,26 @@ krb5_keyblock *masterkeyblock;
 	return(retval);
     }
 
+#ifdef KRB4    
+    /* get the master key, to extract the master key version number */
+    nprincs = 1;
+    if (retval = krb5_db_get_principal(masterkeyname,
+				       &server, &nprincs,
+				       &more)) {
+	return(retval);
+    }
+    if (nprincs != 1) {
+	if (nprincs)
+	    krb5_db_free_principal(&server, nprincs);
+	return(KRB5_KDB_NOMASTERKEY);
+    } else if (more) {
+	krb5_db_free_principal(&server, nprincs);
+	return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
+    }
+    master_key_version = server.kvno;
+    krb5_db_free_principal(&server, nprincs);
+#endif
+    
     /* do any necessary key pre-processing */
     if (retval = krb5_process_key(&master_encblock, masterkeyblock)) {
 	master_encblock.crypto_entry = 0;