When searching for cached credentials, make sure we are also looking for

credentials that are matching a supported application keytype.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7169 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c
index ed7f145a1e3811e4122026ea4b948a8960ee7524..169e926c33fe8f6fbc8869556ccbb41cc2838fa9 100644 (file)
--- a/src/lib/krb5/krb/get_creds.c
+++ b/src/lib/krb5/krb/get_creds.c
@@ -72,7 +72,7 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds)
     mcreds.client = in_creds->client;
     
     fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */
-       | KRB5_TC_MATCH_AUTHDATA;
+       | KRB5_TC_MATCH_AUTHDATA | KRB5_TC_MATCH_KTYPE;
 
     if (options & KRB5_GC_USER_USER) {
        /* also match on identical 2nd tkt and tkt encrypted in a