heimdal: revert 1f90983324b9f5804dc57f87c5f7695b0e53db8d

A different version has gone upstream, fixing the problem
elsewhere.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Oct  3 11:12:29 CEST 2016 on sn-devel-144

diff --git a/source4/heimdal/lib/gssapi/krb5/init_sec_context.c b/source4/heimdal/lib/gssapi/krb5/init_sec_context.c
index efc421521ce933212925c34c4bb89a3486516bf1..0a89ae1f36cfbb04f78763c8b0a064d82c788939 100644 (file)
--- a/source4/heimdal/lib/gssapi/krb5/init_sec_context.c
+++ b/source4/heimdal/lib/gssapi/krb5/init_sec_context.c
@@ -427,12 +427,15 @@ init_auth
     /*
      * This is hideous glue for (NFS) clients that wants to limit the
      * available enctypes to what it can support (encryption in
-     * kernel).
+     * kernel). If there is no enctypes selected for this credential,
+     * reset it to the default set of enctypes.
      */
     {
-       if (cred && cred->enctypes) {
-           krb5_set_default_in_tkt_etypes(context, cred->enctypes);
-       }
+       krb5_enctype *enctypes = NULL;
+
+       if (cred && cred->enctypes)
+           enctypes = cred->enctypes;
+       krb5_set_default_in_tkt_etypes(context, enctypes);
     }
 
     /* canon name if needed for client + target realm */