[OpenAFS] Zero lifetime tickets in Windows client?

[Kevin Coffman]

I thought I saw someone else complaining about this a while back, but I 
can't find it now.  We have windows clients running on XP that 
authenticate fine, but the tokens expire as soon as they get them.

These clients worked fine against the kaserver, but the cell was 
switched over to use a MIT K5 KDCs (and fakeka for the unix clients).  
Of course, the windows client doesn't use rx for authentication, but 
talks UDP to the KDC.

This works fine in our production cell that runs the KDCs on 
non-byte-swapped machines.  However, the failing case is in a different 
cell where the KDCs are on Intel machines running Linux.

Looking at the OpenAFS Windows code, it seems like it is incorrectly 
assuming that the returned packet has a one-byte expiration time.  
However, it is really 4 bytes in the packet returned from the KDC.  
>From the byte-swapped machine the byte that it uses is 0x00, and hence 
the zero lifetime token.  So it seems that the kaserver must build a 
different reply packet than the MIT K4 code.

Am I right, or just crazy?

Kevin