krb5: always generate the acceptor subkey as the same enctype as the used service key

With this patch samba4 can use gsskrb5_get_subkey() to get the session key.

metze

diff --git a/source/heimdal/lib/krb5/rd_req.c b/source/heimdal/lib/krb5/rd_req.c
index ddf1f69ae44d02772360b8ec9e18140892e96223..e80aaa6789bb88b2a93b48e5297f2636d74e0394 100644 (file)
--- a/source/heimdal/lib/krb5/rd_req.c
+++ b/source/heimdal/lib/krb5/rd_req.c
@@ -463,6 +463,8 @@ krb5_verify_ap_req2(krb5_context context,
 
     ac->keytype = ETYPE_NULL;
 
+#if 0
+/* it's bad to use a different enctype as the client */
     if (etypes.val) {
        int i;
 
@@ -473,6 +475,7 @@ krb5_verify_ap_req2(krb5_context context,
            }
        }
     }
+#endif
 
     /* save key */
     ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock);