When using sambaNTPassword, avoid adding more then one enctype 23 to

krb5EncryptionType.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21500 ec53bebd-3082-4978-b11e-865c3cabbd6b

lib/hdb/hdb-ldap.c

@@ -997,6 +997,7 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
     if (ret == 0 && have_arcfour == 0) {
 	unsigned *etypes;
 	Key *keys;
+	int i;
 
 	keys = realloc(ent->entry.keys.val,
 		       (ent->entry.keys.len + 1) * sizeof(ent->entry.keys.val[0]));
@@ -1031,17 +1032,25 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
 	    ent->entry.etypes->len = 0;
 	}
 
+	for (i = 0; i < ent->entry.etypes->len; i++)
+	    if (ent->entry.etypes->val[i] == ETYPE_ARCFOUR_HMAC_MD5)
+		break;
+	/* If there is no ARCFOUR enctype, add one */
+	if (i == ent->entry.etypes->len) {
 	    etypes = realloc(ent->entry.etypes->val, 
-			 (ent->entry.etypes->len + 1) * sizeof(ent->entry.etypes->val[0]));
+			     (ent->entry.etypes->len + 1) * 
+			     sizeof(ent->entry.etypes->val[0]));
 	    if (etypes == NULL) {
 		krb5_set_error_string(context, "malloc: out of memory");
 		ret = ENOMEM;
 		goto out;			    
 	    }
 	    ent->entry.etypes->val = etypes;
-	ent->entry.etypes->val[ent->entry.etypes->len] = ETYPE_ARCFOUR_HMAC_MD5;
+	    ent->entry.etypes->val[ent->entry.etypes->len] = 
+		ETYPE_ARCFOUR_HMAC_MD5;
 	    ent->entry.etypes->len++;
 	}
+    }
 
     ret = LDAP_get_generalized_time_value(db, msg, "createTimestamp",
 					  &ent->entry.created_by.time);