From 8588cd9ebdfb9876905ba60da826a7b9a6bb9418 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 4 Jan 2007 12:42:51 +0000
Subject: [PATCH] Scope etype.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19684 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/krb5tgs.c | 53 +++++++++++++++++++++++++++------------------------
 1 file changed, 28 insertions(+), 25 deletions(-)

diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c
index e30e8a832..e41c54860 100644
--- a/kdc/krb5tgs.c
+++ b/kdc/krb5tgs.c
@@ -1254,7 +1254,6 @@ tgs_build_reply(krb5_context context,
     KRB5SignedPathPrincipals *spp = NULL;
     const EncryptionKey *ekey;
     krb5_keyblock sessionkey;
-    krb5_enctype etype;
     krb5_kvno kvno;
     krb5_data rspac;
 
@@ -1669,34 +1668,38 @@ server_lookup:
      * Select enctype, return key and kvno.
      */
 
-    if(b->kdc_options.enc_tkt_in_skey) {
-	int i;
-	ekey = &adtkt.key;
-	for(i = 0; i < b->etype.len; i++)
-	    if (b->etype.val[i] == adtkt.key.keytype)
-		break;
-	if(i == b->etype.len) {
-	    krb5_clear_error_string(context);
-	    return KRB5KDC_ERR_ETYPE_NOSUPP;
-	}
-	etype = b->etype.val[i];
-	kvno = 0;
-    }else{
-	Key *skey;
+    {
+	krb5_enctype etype;
 
-	ret = _kdc_find_etype(context, server, b->etype.val, b->etype.len,
-			      &skey, &etype);
-	if(ret) {
-	    kdc_log(context, config, 0, 
-		    "Server (%s) has no support for etypes", spp);
-	    return ret;
+	if(b->kdc_options.enc_tkt_in_skey) {
+	    int i;
+	    ekey = &adtkt.key;
+	    for(i = 0; i < b->etype.len; i++)
+		if (b->etype.val[i] == adtkt.key.keytype)
+		    break;
+	    if(i == b->etype.len) {
+		krb5_clear_error_string(context);
+		return KRB5KDC_ERR_ETYPE_NOSUPP;
+	    }
+	    etype = b->etype.val[i];
+	    kvno = 0;
+	} else {
+	    Key *skey;
+	    
+	    ret = _kdc_find_etype(context, server, b->etype.val, b->etype.len,
+				  &skey, &etype);
+	    if(ret) {
+		kdc_log(context, config, 0, 
+			"Server (%s) has no support for etypes", spp);
+		return ret;
+	    }
+	    ekey = &skey->key;
+	    kvno = server->entry.kvno;
 	}
-	ekey = &skey->key;
-	kvno = server->entry.kvno;
+	
+	krb5_generate_random_keyblock(context, etype, &sessionkey);
     }
 
-    krb5_generate_random_keyblock(context, etype, &sessionkey);
-
     /* check PAC if there is one */
     {
 	Key *tkey;