--- old/lib/krb5/krb/get_in_tkt.c	Thu Jun 29 22:28:13 2000
+++ new/lib/krb5/krb/get_in_tkt.c	Tue Jul  4 17:16:03 2000
@@ -31,6 +31,9 @@
 
 #include "k5-int.h"
 
+#ifdef KRBSC
+#include "krbsc_extern.h"
+#endif /* KRBSC */
 /*
  All-purpose initial ticket routine, usually called via
  krb5_get_in_tkt_with_password or krb5_get_in_tkt_with_skey.
@@ -757,8 +760,8 @@
     as_key.length = 0;
     salt.length = 0;
     salt.data = NULL;
-
-	local_as_reply = 0;
+    
+    local_as_reply = 0;
 
     /*
      * Set up the basic request structure
@@ -871,10 +874,11 @@
     }
 
     /* nonce is filled in by send_as_request */
-
     if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST)) {
 	request.ktype = options->etype_list;
 	request.nktypes = options->etype_list_length;
+
+
     } else if ((ret = krb5_get_default_in_tkt_ktypes(context,
 						     &request.ktype)) == 0) {
 	for (request.nktypes = 0;
@@ -1000,7 +1004,7 @@
        again.  */
 
     if (as_key.length)
-	ret = decrypt_as_reply(context, NULL, local_as_reply, NULL,
+      ret = decrypt_as_reply(context, NULL, local_as_reply, NULL,
 			       NULL, &as_key, krb5_kdc_rep_decrypt_proc,
 			       NULL);
     else
@@ -1009,11 +1013,22 @@
     if (ret) {
 	/* if we haven't get gotten a key, get it now */
 
+#ifdef KRBSC
+      if (KRB5_USE_SC) goto skip_password_input; 
+#endif /* KRBSC */
 	if (ret = ((*gak_fct)(context, request.client,
 			      local_as_reply->enc_part.enctype,
 			      prompter, prompter_data, &salt,
 			      &as_key, gak_data)))
 	    goto cleanup;
+
+#ifdef KRBSC
+    skip_password_input:
+	if (KRB5_USE_SC) {
+	  as_key.enctype = ENCTYPE_DES_CBC_MD5;
+	  as_key.length = 8;
+	}
+#endif /* KRBSC */
 
 	if (ret = decrypt_as_reply(context, NULL, local_as_reply, NULL,
 				   NULL, &as_key, krb5_kdc_rep_decrypt_proc,
