2N/A * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 2N/A * Use is subject to license terms. 2N/A /* version == 0x0001 big-endian 2N/A * NOTE: when MS and MIT start supporting the latest 2N/A * version of the passwd change protocol (v2), 2N/A * this value will change to 2. 2N/A /* ap_req length, big-endian */ 2N/A /* krb-priv of password */ 2N/A /* either this, or the server is printing bad messages, 2N/A or the caller passed in garbage */ 2N/A * MS KDCs *may* send back a KRB_ERROR. Although 2N/A * not 100% correct via RFC3244, it's something 2N/A * we can workaround here. 2N/A /* verify version number */ 2N/A * when the servers update to v2 of the protocol, 2N/A * "2" will be a valid version number here 2N/A /* read, check ap-rep length */ 2N/A * Save send_subkey to later smash recv_subkey. 2N/A /* extract and decrypt the result */ 2N/A * Smash recv_subkey to be send_subkey, per spec. 2N/A * Make sure the result code is in range for this