From 3f1f6e03cd38e241060ff10f1f153cc266dca888 Mon Sep 17 00:00:00 2001 From: Uri Simchoni Date: Fri, 23 Sep 2016 19:28:10 +0300 Subject: [PATCH] heimdal: revert 1f90983324b9f5804dc57f87c5f7695b0e53db8d A different version has gone upstream, fixing the problem elsewhere. Signed-off-by: Uri Simchoni Reviewed-by: Andrew Bartlett Autobuild-User(master): Uri Simchoni Autobuild-Date(master): Mon Oct 3 11:12:29 CEST 2016 on sn-devel-144 --- source4/heimdal/lib/gssapi/krb5/init_sec_context.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/source4/heimdal/lib/gssapi/krb5/init_sec_context.c b/source4/heimdal/lib/gssapi/krb5/init_sec_context.c index efc421521ce9..0a89ae1f36cf 100644 --- a/source4/heimdal/lib/gssapi/krb5/init_sec_context.c +++ b/source4/heimdal/lib/gssapi/krb5/init_sec_context.c @@ -427,12 +427,15 @@ init_auth /* * This is hideous glue for (NFS) clients that wants to limit the * available enctypes to what it can support (encryption in - * kernel). + * kernel). If there is no enctypes selected for this credential, + * reset it to the default set of enctypes. */ { - if (cred && cred->enctypes) { - krb5_set_default_in_tkt_etypes(context, cred->enctypes); - } + krb5_enctype *enctypes = NULL; + + if (cred && cred->enctypes) + enctypes = cred->enctypes; + krb5_set_default_in_tkt_etypes(context, enctypes); } /* canon name if needed for client + target realm */ -- 2.34.1