This commit was generated by cvs2svn to compensate for changes in r78527,

which included commits to RCS files with non-trunk default branches.

220 files changed, 12748 insertions, 1650 deletions

diff --git a/crypto/heimdal/lib/45/Makefile.in b/crypto/heimdal/lib/45/Makefile.in
index 66dfc0f..52341d5 100644
--- a/crypto/heimdal/lib/45/Makefile.in
+++ b/crypto/heimdal/lib/45/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 lib_LIBRARIES = @EXTRA_LIB45@
@@ -229,7 +232,7 @@ OBJECTS = $(am_lib45_a_OBJECTS)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/45/Makefile
 
@@ -327,6 +330,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/Makefile.in b/crypto/heimdal/lib/Makefile.in
index 22a350f..fec9b2c 100644
--- a/crypto/heimdal/lib/Makefile.in
+++ b/crypto/heimdal/lib/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 @KRB4_TRUE@dir_45 = @KRB4_TRUE@45
@@ -215,7 +218,7 @@ DIST_SUBDIRS =  @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \
 kafs hdb kadm5 gssapi auth 45 otp kdfs
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile
 
@@ -256,11 +259,16 @@ mostlyclean-recursive clean-recursive distclean-recursive \
 maintainer-clean-recursive:
 	@set fnord $(MAKEFLAGS); amf=$$2; \
 	dot_seen=no; \
-	rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
-	  rev="$$subdir $$rev"; \
-	  if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	rev=''; for subdir in $$list; do \
+	  if test "$$subdir" = "."; then :; else \
+	    rev="$$subdir $$rev"; \
+	  fi; \
 	done; \
-	test "$$dot_seen" = "no" && rev=". $$rev"; \
+	rev="$$rev ."; \
 	target=`echo $@ | sed s/-recursive//`; \
 	for subdir in $$rev; do \
 	  echo "Making $$target in $$subdir"; \
@@ -306,6 +314,11 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am
index 8f89441..e4f0149 100644
--- a/crypto/heimdal/lib/asn1/Makefile.am
+++ b/crypto/heimdal/lib/asn1/Makefile.am
@@ -1,11 +1,11 @@
-# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $
+# $Id: Makefile.am,v 1.63 2001/05/16 23:49:27 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
 YFLAGS = -d
 
 lib_LTLIBRARIES = libasn1.la
-libasn1_la_LDFLAGS = -version-info 4:0:2
+libasn1_la_LDFLAGS = -version-info 5:0:0
 
 BUILT_SOURCES =			\
 	$(gen_files:.x=.c)	\
@@ -22,6 +22,7 @@ gen_files =					\
 	asn1_AuthorizationData.x		\
 	asn1_CKSUMTYPE.x			\
 	asn1_Checksum.x				\
+	asn1_ENCTYPE.x				\
 	asn1_ETYPE_INFO.x			\
 	asn1_ETYPE_INFO_ENTRY.x			\
 	asn1_EncAPRepPart.x			\
@@ -47,6 +48,7 @@ gen_files =					\
 	asn1_KerberosTime.x			\
 	asn1_KrbCredInfo.x			\
 	asn1_LastReq.x				\
+	asn1_LR_TYPE.x				\
 	asn1_MESSAGE_TYPE.x			\
 	asn1_METHOD_DATA.x			\
 	asn1_NAME_TYPE.x			\
@@ -68,17 +70,27 @@ noinst_PROGRAMS = asn1_compile asn1_print
 check_PROGRAMS = check-der
 TESTS = check-der
 
-asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c \
-	gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c \
-	gen_glue.c
-
-libasn1_la_SOURCES = \
-	der_get.c \
-	der_put.c \
-	der_free.c \
-	der_length.c \
-	der_copy.c \
-	timegm.c \
+asn1_compile_SOURCES = 				\
+	gen.c					\
+	gen_copy.c				\
+	gen_decode.c				\
+	gen_encode.c				\
+	gen_free.c				\
+	gen_glue.c				\
+	gen_length.c				\
+	hash.c					\
+	lex.l					\
+	main.c					\
+	parse.y					\
+	symbol.c
+
+libasn1_la_SOURCES =				\
+	der_get.c				\
+	der_put.c				\
+	der_free.c				\
+	der_length.c				\
+	der_copy.c				\
+	timegm.c				\
 	$(BUILT_SOURCES)
 
 asn1_compile_LDADD = \
@@ -93,20 +105,20 @@ asn1_print_LDADD = $(check_der_LDADD)
 
 TESTS = check-der
 
-CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) \
+CLEANFILES = lex.c parse.c parse.h krb5_asn1.h $(BUILT_SOURCES) \
 	$(gen_files) asn1_files
 
-include_HEADERS = asn1.h asn1_err.h der.h
+include_HEADERS = krb5_asn1.h asn1_err.h der.h
 
 $(asn1_compile_OBJECTS): parse.h
 
-$(gen_files) asn1.h: asn1_files
+$(gen_files) krb5_asn1.h: asn1_files
 
 asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1
-	./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1
+	./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 krb5_asn1
 
-$(libasn1_la_OBJECTS): asn1.h asn1_err.h
+$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h
 
-$(asn1_print_OBJECTS): asn1.h
+$(asn1_print_OBJECTS): krb5_asn1.h
 
 EXTRA_DIST = asn1_err.et
diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in
index 7652c10..5717f31 100644
--- a/crypto/heimdal/lib/asn1/Makefile.in
+++ b/crypto/heimdal/lib/asn1/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $
+# $Id: Makefile.am,v 1.63 2001/05/16 23:49:27 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,12 +186,14 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 YFLAGS = -d
 
 lib_LTLIBRARIES = libasn1.la
-libasn1_la_LDFLAGS = -version-info 4:0:2
+libasn1_la_LDFLAGS = -version-info 5:0:0
 
 BUILT_SOURCES = \
 	$(gen_files:.x=.c)	\
@@ -208,6 +211,7 @@ gen_files = \
 	asn1_AuthorizationData.x		\
 	asn1_CKSUMTYPE.x			\
 	asn1_Checksum.x				\
+	asn1_ENCTYPE.x				\
 	asn1_ETYPE_INFO.x			\
 	asn1_ETYPE_INFO_ENTRY.x			\
 	asn1_EncAPRepPart.x			\
@@ -233,6 +237,7 @@ gen_files = \
 	asn1_KerberosTime.x			\
 	asn1_KrbCredInfo.x			\
 	asn1_LastReq.x				\
+	asn1_LR_TYPE.x				\
 	asn1_MESSAGE_TYPE.x			\
 	asn1_METHOD_DATA.x			\
 	asn1_NAME_TYPE.x			\
@@ -255,18 +260,28 @@ check_PROGRAMS = check-der
 
 TESTS = check-der
 
-asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c \
-	gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c \
-	gen_glue.c
+asn1_compile_SOURCES = \
+	gen.c					\
+	gen_copy.c				\
+	gen_decode.c				\
+	gen_encode.c				\
+	gen_free.c				\
+	gen_glue.c				\
+	gen_length.c				\
+	hash.c					\
+	lex.l					\
+	main.c					\
+	parse.y					\
+	symbol.c
 
 
 libasn1_la_SOURCES = \
-	der_get.c \
-	der_put.c \
-	der_free.c \
-	der_length.c \
-	der_copy.c \
-	timegm.c \
+	der_get.c				\
+	der_put.c				\
+	der_free.c				\
+	der_length.c				\
+	der_copy.c				\
+	timegm.c				\
 	$(BUILT_SOURCES)
 
 
@@ -282,11 +297,11 @@ check_der_LDADD = \
 
 asn1_print_LDADD = $(check_der_LDADD)
 
-CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) \
+CLEANFILES = lex.c parse.c parse.h krb5_asn1.h $(BUILT_SOURCES) \
 	$(gen_files) asn1_files
 
 
-include_HEADERS = asn1.h asn1_err.h der.h
+include_HEADERS = krb5_asn1.h asn1_err.h der.h
 
 EXTRA_DIST = asn1_err.et
 subdir = lib/asn1
@@ -308,28 +323,29 @@ am_libasn1_la_OBJECTS =  der_get.lo der_put.lo der_free.lo der_length.lo \
 der_copy.lo timegm.lo asn1_APOptions.lo asn1_AP_REP.lo asn1_AP_REQ.lo \
 asn1_AS_REP.lo asn1_AS_REQ.lo asn1_Authenticator.lo \
 asn1_AuthorizationData.lo asn1_CKSUMTYPE.lo asn1_Checksum.lo \
-asn1_ETYPE_INFO.lo asn1_ETYPE_INFO_ENTRY.lo asn1_EncAPRepPart.lo \
-asn1_EncASRepPart.lo asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \
-asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo asn1_EncTicketPart.lo \
-asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_HostAddress.lo \
-asn1_HostAddresses.lo asn1_KDCOptions.lo asn1_KDC_REP.lo \
-asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo asn1_KRB_ERROR.lo \
-asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo asn1_KRB_SAFE_BODY.lo \
-asn1_KerberosTime.lo asn1_KrbCredInfo.lo asn1_LastReq.lo \
-asn1_MESSAGE_TYPE.lo asn1_METHOD_DATA.lo asn1_NAME_TYPE.lo \
-asn1_PADATA_TYPE.lo asn1_PA_DATA.lo asn1_PA_ENC_TS_ENC.lo \
-asn1_Principal.lo asn1_PrincipalName.lo asn1_Realm.lo asn1_TGS_REP.lo \
-asn1_TGS_REQ.lo asn1_Ticket.lo asn1_TicketFlags.lo \
-asn1_TransitedEncoding.lo asn1_UNSIGNED.lo asn1_err.lo
+asn1_ENCTYPE.lo asn1_ETYPE_INFO.lo asn1_ETYPE_INFO_ENTRY.lo \
+asn1_EncAPRepPart.lo asn1_EncASRepPart.lo asn1_EncKDCRepPart.lo \
+asn1_EncKrbCredPart.lo asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo \
+asn1_EncTicketPart.lo asn1_EncryptedData.lo asn1_EncryptionKey.lo \
+asn1_HostAddress.lo asn1_HostAddresses.lo asn1_KDCOptions.lo \
+asn1_KDC_REP.lo asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo \
+asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \
+asn1_KRB_SAFE_BODY.lo asn1_KerberosTime.lo asn1_KrbCredInfo.lo \
+asn1_LastReq.lo asn1_LR_TYPE.lo asn1_MESSAGE_TYPE.lo \
+asn1_METHOD_DATA.lo asn1_NAME_TYPE.lo asn1_PADATA_TYPE.lo \
+asn1_PA_DATA.lo asn1_PA_ENC_TS_ENC.lo asn1_Principal.lo \
+asn1_PrincipalName.lo asn1_Realm.lo asn1_TGS_REP.lo asn1_TGS_REQ.lo \
+asn1_Ticket.lo asn1_TicketFlags.lo asn1_TransitedEncoding.lo \
+asn1_UNSIGNED.lo asn1_err.lo
 libasn1_la_OBJECTS =  $(am_libasn1_la_OBJECTS)
 check_PROGRAMS =  check-der$(EXEEXT)
 noinst_PROGRAMS =  asn1_compile$(EXEEXT) asn1_print$(EXEEXT)
 PROGRAMS =  $(noinst_PROGRAMS)
 
-am_asn1_compile_OBJECTS =  parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \
-hash.$(OBJEXT) symbol.$(OBJEXT) gen.$(OBJEXT) gen_encode.$(OBJEXT) \
-gen_decode.$(OBJEXT) gen_free.$(OBJEXT) gen_length.$(OBJEXT) \
-gen_copy.$(OBJEXT) gen_glue.$(OBJEXT)
+am_asn1_compile_OBJECTS =  gen.$(OBJEXT) gen_copy.$(OBJEXT) \
+gen_decode.$(OBJEXT) gen_encode.$(OBJEXT) gen_free.$(OBJEXT) \
+gen_glue.$(OBJEXT) gen_length.$(OBJEXT) hash.$(OBJEXT) lex.$(OBJEXT) \
+main.$(OBJEXT) parse.$(OBJEXT) symbol.$(OBJEXT)
 asn1_compile_OBJECTS =  $(am_asn1_compile_OBJECTS)
 asn1_compile_DEPENDENCIES = 
 asn1_compile_LDFLAGS = 
@@ -364,7 +380,7 @@ OBJECTS = $(am_libasn1_la_OBJECTS) $(am_asn1_compile_OBJECTS) asn1_print.$(OBJEX
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .l .lo .o .obj .y
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile
 
@@ -510,6 +526,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -598,6 +619,9 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+all-recursive-am: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
 install-exec-am: install-libLTLIBRARIES
 	@$(NORMAL_INSTALL)
 	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
@@ -674,12 +698,12 @@ distclean-noinstPROGRAMS clean-noinstPROGRAMS \
 maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
 install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
 maintainer-clean-tags check-TESTS distdir info-am info dvi-am dvi \
-check-local check check-am installcheck-am installcheck install-exec-am \
-install-exec install-data-local install-data-am install-data install-am \
-install uninstall-am uninstall all-local all-redirect all-am all \
-install-strip installdirs mostlyclean-generic distclean-generic \
-clean-generic maintainer-clean-generic clean mostlyclean distclean \
-maintainer-clean
+check-local check check-am installcheck-am installcheck \
+all-recursive-am install-exec-am install-exec install-data-local \
+install-data-am install-data install-am install uninstall-am uninstall \
+all-local all-redirect all-am all install-strip installdirs \
+mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
 
 
 install-suid-programs:
@@ -812,14 +836,14 @@ check-local::
 
 $(asn1_compile_OBJECTS): parse.h
 
-$(gen_files) asn1.h: asn1_files
+$(gen_files) krb5_asn1.h: asn1_files
 
 asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1
-	./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1
+	./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 krb5_asn1
 
-$(libasn1_la_OBJECTS): asn1.h asn1_err.h
+$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h
 
-$(asn1_print_OBJECTS): asn1.h
+$(asn1_print_OBJECTS): krb5_asn1.h
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c
index e66ac22..587d7e0 100644
--- a/crypto/heimdal/lib/asn1/asn1_print.c
+++ b/crypto/heimdal/lib/asn1/asn1_print.c
@@ -37,7 +37,7 @@
 #include <getarg.h>
 #include <err.h>
 
-RCSID("$Id: asn1_print.c,v 1.6 2000/12/29 03:34:16 assar Exp $");
+RCSID("$Id: asn1_print.c,v 1.7 2001/02/20 01:44:52 assar Exp $");
 
 static struct et_list *et_list;
 
@@ -224,7 +224,7 @@ main(int argc, char **argv)
 {
     int optind = 0;
 
-    set_progname (argv[0]);
+    setprogname (argv[0]);
     initialize_asn1_error_table_r (&et_list);
     if(getarg(args, num_args, argc, argv, &optind))
 	usage(1);
diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c
index bed19a9..9303698 100644
--- a/crypto/heimdal/lib/asn1/gen_decode.c
+++ b/crypto/heimdal/lib/asn1/gen_decode.c
@@ -33,7 +33,7 @@
 
 #include "gen_locl.h"
 
-RCSID("$Id: gen_decode.c,v 1.15 2001/01/29 08:36:45 assar Exp $");
+RCSID("$Id: gen_decode.c,v 1.16 2001/02/10 18:14:38 assar Exp $");
 
 static void
 decode_primitive (const char *typename, const char *name)
@@ -281,7 +281,7 @@ generate_type_decode (const Symbol *s)
 	   s->gen_name, s->gen_name);
 
   fprintf (codefile, "#define FORW "
-	   "if(e) return e; "
+	   "if(e) goto fail; "
 	   "p += l; "
 	   "len -= l; "
 	   "ret += l\n\n");
@@ -308,13 +308,19 @@ generate_type_decode (const Symbol *s)
 	     "size_t ret = 0, reallen;\n"
 	     "size_t l;\n"
 	     "int i, e;\n\n");
-    fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */
-    fprintf(codefile, "reallen = 0;\n"); /* hack to avoid `unused variable' */
+    fprintf (codefile, "memset(data, 0, sizeof(*data));\n");
+    fprintf (codefile, "i = 0;\n"); /* hack to avoid `unused variable' */
+    fprintf (codefile, "reallen = 0;\n"); /* hack to avoid `unused variable' */
 
     decode_type ("data", s->type);
     fprintf (codefile, 
 	     "if(size) *size = ret;\n"
 	     "return 0;\n");
+    fprintf (codefile,
+	     "fail:\n"
+	     "free_%s(data);\n"
+	     "return e;\n",
+	     s->gen_name);
     break;
   default:
     abort ();
diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1
index c5382f3..1fa8b7b 100644
--- a/crypto/heimdal/lib/asn1/k5.asn1
+++ b/crypto/heimdal/lib/asn1/k5.asn1
@@ -1,4 +1,4 @@
--- $Id: k5.asn1,v 1.23 2000/12/11 06:30:35 assar Exp $
+-- $Id: k5.asn1,v 1.25 2001/05/14 06:12:13 assar Exp $
 
 KERBEROS5 DEFINITIONS ::=
 BEGIN
@@ -77,6 +77,29 @@ CKSUMTYPE ::= INTEGER {
 	CKSUMTYPE_HMAC_MD5_ENC(-1138)	-- even more unofficial
 }
 
+--enctypes
+ENCTYPE ::= INTEGER {
+	ETYPE_NULL(0),
+	ETYPE_DES_CBC_CRC(1),
+	ETYPE_DES_CBC_MD4(2),
+	ETYPE_DES_CBC_MD5(3),
+	ETYPE_DES3_CBC_MD5(5),
+	ETYPE_OLD_DES3_CBC_SHA1(7),
+	ETYPE_SIGN_DSA_GENERATE(8),
+	ETYPE_ENCRYPT_RSA_PRIV(9),
+	ETYPE_ENCRYPT_RSA_PUB(10),
+	ETYPE_DES3_CBC_SHA1(16),	-- with key derivation
+	ETYPE_ARCFOUR_HMAC_MD5(23),
+	ETYPE_ARCFOUR_HMAC_MD5_56(24),
+	ETYPE_ENCTYPE_PK_CROSS(48),
+-- these are for Heimdal internal use
+	ETYPE_DES_CBC_NONE(-0x1000),
+	ETYPE_DES3_CBC_NONE(-0x1001),
+	ETYPE_DES_CFB64_NONE(-0x1002),
+	ETYPE_DES_PCBC_NONE(-0x1003),
+	ETYPE_DES3_CBC_NONE_IVEC(-0x1004)
+}
+
 -- this is sugar to make something ASN1 does not have: unsigned
 
 UNSIGNED ::= INTEGER (0..4294967295)
@@ -162,14 +185,25 @@ KDCOptions ::= BIT STRING {
 	validate(31)
 }
 
+LR-TYPE ::= INTEGER {
+	LR_NONE(0),		-- no information
+	LR_INITIAL_TGT(1),	-- last initial TGT request
+	LR_INITIAL(2),		-- last initial request
+	LR_ISSUE_USE_TGT(3),	-- time of newest TGT used
+	LR_RENEWAL(4),		-- time of last renewal
+	LR_REQUEST(5),		-- time of last request (of any type)
+	LR_PW_EXPTIME(6),	-- expiration time of password
+	LR_ACCT_EXPTIME(7)	-- expiration time of account
+}
 
 LastReq ::= SEQUENCE OF SEQUENCE {
-	lr-type[0]		INTEGER,
+	lr-type[0]		LR-TYPE,
 	lr-value[1]		KerberosTime
 }
 
+
 EncryptedData ::= SEQUENCE {
-	etype[0] 		INTEGER, -- EncryptionType
+	etype[0] 		ENCTYPE, -- EncryptionType
 	kvno[1]			INTEGER OPTIONAL,
 	cipher[2]		OCTET STRING -- ciphertext
 }
@@ -230,7 +264,7 @@ PA-DATA ::= SEQUENCE {
 }
 
 ETYPE-INFO-ENTRY ::= SEQUENCE {
-	etype[0]		INTEGER,
+	etype[0]		ENCTYPE,
 	salt[1]			OCTET STRING OPTIONAL,
 	salttype[2]		INTEGER OPTIONAL
 }
@@ -249,7 +283,7 @@ KDC-REQ-BODY ::= SEQUENCE {
 	till[5]			KerberosTime OPTIONAL,
 	rtime[6]		KerberosTime OPTIONAL,
 	nonce[7]		INTEGER,
-	etype[8]		SEQUENCE OF INTEGER, -- EncryptionType,
+	etype[8]		SEQUENCE OF ENCTYPE, -- EncryptionType,
 					-- in preference order
 	addresses[9]		HostAddresses OPTIONAL,
 	enc-authorization-data[10] EncryptedData OPTIONAL,
diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l
index ffb6fd5..21665fb 100644
--- a/crypto/heimdal/lib/asn1/lex.l
+++ b/crypto/heimdal/lib/asn1/lex.l
@@ -1,6 +1,6 @@
 %{
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: lex.l,v 1.15 2000/07/02 04:08:02 assar Exp $ */
+/* $Id: lex.l,v 1.16 2001/04/18 13:08:47 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -80,7 +80,10 @@ EXTERNAL		{ return EXTERNAL; }
 "]"			{ return *yytext; }
 ::=			{ return EEQUAL; }
 --[^\n]*\n		{ ++lineno; }
--?[0-9]+		{ yylval.constant = atoi(yytext); return CONSTANT; }
+-?(0x)?[0-9]+		{ char *e; yylval.constant = strtol(yytext, &e, 0); 
+			  if(e == yytext) 
+			    error_message("malformed constant (%s)", yytext); 
+			  else return CONSTANT; }
 [A-Za-z][-A-Za-z0-9_]*	{ yylval.name =  strdup (yytext); return IDENTIFIER; }
 [ \t]			;
 \n			{ ++lineno; }
diff --git a/crypto/heimdal/lib/asn1/libasn1.h b/crypto/heimdal/lib/asn1/libasn1.h
index 90eda60..8a4994a 100644
--- a/crypto/heimdal/lib/asn1/libasn1.h
+++ b/crypto/heimdal/lib/asn1/libasn1.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: libasn1.h,v 1.7 1999/12/02 17:05:02 joda Exp $ */
+/* $Id: libasn1.h,v 1.9 2001/04/18 13:10:24 joda Exp $ */
 
 #ifndef __LIBASN1_H__
 #define __LIBASN1_H__
@@ -41,8 +41,9 @@
 #endif
 
 #include <stdlib.h>
+#include <string.h>
 #include <errno.h>
-#include "asn1.h"
+#include "krb5_asn1.h"
 #include "der.h"
 #include "asn1_err.h"
 #include <parse_units.h>
diff --git a/crypto/heimdal/lib/asn1/main.c b/crypto/heimdal/lib/asn1/main.c
index 538af5a..8b1b409 100644
--- a/crypto/heimdal/lib/asn1/main.c
+++ b/crypto/heimdal/lib/asn1/main.c
@@ -34,7 +34,7 @@
 #include "gen_locl.h"
 #include <getarg.h>
 
-RCSID("$Id: main.c,v 1.10 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: main.c,v 1.11 2001/02/20 01:44:52 assar Exp $");
 
 extern FILE *yyin;
 
@@ -61,7 +61,7 @@ main(int argc, char **argv)
     char *name = NULL;
     int optind = 0;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
     if(getarg(args, num_args, argc, argv, &optind))
 	usage(1);
     if(help_flag)
diff --git a/crypto/heimdal/lib/asn1/parse.y b/crypto/heimdal/lib/asn1/parse.y
index 4b8e590..81b5cb1 100644
--- a/crypto/heimdal/lib/asn1/parse.y
+++ b/crypto/heimdal/lib/asn1/parse.y
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $ */
+/* $Id: parse.y,v 1.17 2001/03/26 04:09:55 assar Exp $ */
 
 %{
 #ifdef HAVE_CONFIG_H
@@ -44,7 +44,7 @@
 #include "lex.h"
 #include "gen_locl.h"
 
-RCSID("$Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $");
+RCSID("$Id: parse.y,v 1.17 2001/03/26 04:09:55 assar Exp $");
 
 static Type *new_type (Typetype t);
 void yyerror (char *);
@@ -232,7 +232,8 @@ new_type (Typetype tt)
 {
   Type *t = malloc(sizeof(*t));
   if (t == NULL) {
-      error_message ("out of memory in malloc(%u)", sizeof(*t));
+      error_message ("out of memory in malloc(%lu)", 
+		     (unsigned long)sizeof(*t));
       exit (1);
   }
   t->type = tt;
diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog
index 79d39e9..fcd790f 100644
--- a/crypto/heimdal/lib/auth/ChangeLog
+++ b/crypto/heimdal/lib/auth/ChangeLog
@@ -1,3 +1,12 @@
+2001-03-06  Assar Westerlund  <assar@sics.se>
+
+	* sia/Makefile.am: make sure of using -rpath and not -R when
+	calling ld
+
+2001-02-15  Assar Westerlund  <assar@sics.se>
+
+	* pam/pam.c (psyslog): do not log to console
+
 2001-01-29  Assar Westerlund  <assar@sics.se>
 
 	* sia/Makefile.am (libsia_krb5.so): actually run ld in the case
diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in
index 95673ac..95b2a6b 100644
--- a/crypto/heimdal/lib/auth/Makefile.in
+++ b/crypto/heimdal/lib/auth/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 SUBDIRS = @LIB_AUTH_SUBDIRS@
@@ -208,7 +211,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 GZIP_ENV = --best
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/Makefile
 
@@ -249,11 +252,16 @@ mostlyclean-recursive clean-recursive distclean-recursive \
 maintainer-clean-recursive:
 	@set fnord $(MAKEFLAGS); amf=$$2; \
 	dot_seen=no; \
-	rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
-	  rev="$$subdir $$rev"; \
-	  if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	rev=''; for subdir in $$list; do \
+	  if test "$$subdir" = "."; then :; else \
+	    rev="$$subdir $$rev"; \
+	  fi; \
 	done; \
-	test "$$dot_seen" = "no" && rev=". $$rev"; \
+	rev="$$rev ."; \
 	target=`echo $@ | sed s/-recursive//`; \
 	for subdir in $$rev; do \
 	  echo "Making $$target in $$subdir"; \
@@ -299,6 +307,11 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
index 7ba1c6e..8946cdf 100644
--- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
+++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 DEFS = @DEFS@
@@ -234,7 +237,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 GZIP_ENV = --best
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/afskauthlib/Makefile
 
diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in
index 87759de..54ca6e6 100644
--- a/crypto/heimdal/lib/auth/pam/Makefile.in
+++ b/crypto/heimdal/lib/auth/pam/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 subdir = lib/auth/pam
 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
@@ -205,7 +208,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 GZIP_ENV = --best
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/pam/Makefile
 
diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c
index c207756..eeb2d25 100644
--- a/crypto/heimdal/lib/auth/pam/pam.c
+++ b/crypto/heimdal/lib/auth/pam/pam.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include<config.h>
-RCSID("$Id: pam.c,v 1.26 2000/10/04 20:22:15 bg Exp $");
+RCSID("$Id: pam.c,v 1.27 2001/02/15 04:30:05 assar Exp $");
 #endif
 
 #include <stdio.h>
@@ -64,7 +64,7 @@ psyslog(int level, const char *format, ...)
 {
   va_list args;
   va_start(args, format);
-  openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH);
+  openlog("pam_krb4", LOG_PID, LOG_AUTH);
   vsyslog(level, format, args);
   va_end(args);
   closelog();
diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am
index 276da15..ae52155 100644
--- a/crypto/heimdal/lib/auth/sia/Makefile.am
+++ b/crypto/heimdal/lib/auth/sia/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $
+# $Id: Makefile.am,v 1.9 2001/03/06 16:57:09 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -81,10 +81,10 @@ OBJS = sia.o posix_getpw.o
 libsia_krb5.so: $(OBJS)
 	@if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
 		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`; \
 	elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`; \
 	else \
 		echo "missing libraries"; exit 1; \
 	fi
@@ -92,11 +92,11 @@ libsia_krb5.so: $(OBJS)
 
 libsia_krb4.so: $(OBJS)
 	@if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`; \
 	elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`; \
 	else \
 		echo "missing libraries"; exit 1; \
 	fi
diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in
index a93d31f..15bfc0a 100644
--- a/crypto/heimdal/lib/auth/sia/Makefile.in
+++ b/crypto/heimdal/lib/auth/sia/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -112,13 +113,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $
+# $Id: Makefile.am,v 1.9 2001/03/06 16:57:09 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -184,6 +185,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT)
@@ -269,7 +272,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 GZIP_ENV = --best
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/sia/Makefile
 
@@ -514,10 +517,10 @@ check-local::
 libsia_krb5.so: $(OBJS)
 	@if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
 		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`; \
 	elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`; \
 	else \
 		echo "missing libraries"; exit 1; \
 	fi
@@ -525,11 +528,11 @@ libsia_krb5.so: $(OBJS)
 
 libsia_krb4.so: $(OBJS)
 	@if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L) | sed 's,-R,-rpath,g'`; \
 	elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \
-		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
-		ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+		echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`"; \
+		ld -shared -o $@ $(LDFLAGS) $(OBJS) `echo $(L_shared) | sed 's,-R,-rpath,g'`; \
 	else \
 		echo "missing libraries"; exit 1; \
 	fi
diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c
index 0894591..6092a88 100644
--- a/crypto/heimdal/lib/auth/sia/sia.c
+++ b/crypto/heimdal/lib/auth/sia/sia.c
@@ -33,7 +33,7 @@
 
 #include "sia_locl.h"
 
-RCSID("$Id: sia.c,v 1.34 2000/12/31 07:57:46 assar Exp $");
+RCSID("$Id: sia.c,v 1.35 2001/02/20 01:44:53 assar Exp $");
 
 int 
 siad_init(void)
@@ -493,7 +493,7 @@ siad_chg_password (sia_collect_func_t *collect,
     char new_pw2[MAX_KPW_LEN+1];
     static struct et_list *et_list;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
 
     SIA_DEBUG(("DEBUG", "siad_chg_password"));
     if(collect == NULL)
diff --git a/crypto/heimdal/lib/com_err/ChangeLog b/crypto/heimdal/lib/com_err/ChangeLog
index 1ca005b..8291e78 100644
--- a/crypto/heimdal/lib/com_err/ChangeLog
+++ b/crypto/heimdal/lib/com_err/ChangeLog
@@ -1,3 +1,25 @@
+2001-05-17  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump version to 2:0:1
+
+2001-05-11  Assar Westerlund  <assar@sics.se>
+
+	* com_err.h (add_to_error_table): add prototype
+	* com_err.c (add_to_error_table): new function, from Derrick J
+	Brashear <shadow@dementia.org>
+
+2001-05-06  Assar Westerlund  <assar@sics.se>
+
+	* com_err.h: add printf formats for gcc
+
+2001-02-28  Johan Danielsson  <joda@pdc.kth.se>
+
+	* error.c (initialize_error_table_r): put table at end of the list
+
+2001-02-15  Assar Westerlund  <assar@sics.se>
+
+	* com_err.c (default_proc): add printf attributes
+
 2000-08-16  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am: bump version to 1:1:0
diff --git a/crypto/heimdal/lib/com_err/Makefile.am b/crypto/heimdal/lib/com_err/Makefile.am
index 8e18108..15fae4e 100644
--- a/crypto/heimdal/lib/com_err/Makefile.am
+++ b/crypto/heimdal/lib/com_err/Makefile.am
@@ -1,11 +1,11 @@
-# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $
+# $Id: Makefile.am,v 1.25 2001/05/17 00:01:26 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
 YFLAGS = -d
 
 lib_LTLIBRARIES = libcom_err.la
-libcom_err_la_LDFLAGS = -version-info 1:1:0
+libcom_err_la_LDFLAGS = -version-info 2:0:1
 
 bin_PROGRAMS = compile_et
 
diff --git a/crypto/heimdal/lib/com_err/Makefile.in b/crypto/heimdal/lib/com_err/Makefile.in
index 986e078..88f9ee7 100644
--- a/crypto/heimdal/lib/com_err/Makefile.in
+++ b/crypto/heimdal/lib/com_err/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $
+# $Id: Makefile.am,v 1.25 2001/05/17 00:01:26 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,12 +186,14 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 YFLAGS = -d
 
 lib_LTLIBRARIES = libcom_err.la
-libcom_err_la_LDFLAGS = -version-info 1:1:0
+libcom_err_la_LDFLAGS = -version-info 2:0:1
 
 bin_PROGRAMS = compile_et
 
@@ -253,7 +256,7 @@ OBJECTS = $(am_libcom_err_la_OBJECTS) $(am_compile_et_OBJECTS)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .l .lo .o .obj .y
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/com_err/Makefile
 
@@ -401,6 +404,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -434,6 +442,8 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+install-binPROGRAMS: install-libLTLIBRARIES
+
 install-exec-am: install-libLTLIBRARIES install-binPROGRAMS
 	@$(NORMAL_INSTALL)
 	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
diff --git a/crypto/heimdal/lib/com_err/com_err.c b/crypto/heimdal/lib/com_err/com_err.c
index 25c679e..7975739 100644
--- a/crypto/heimdal/lib/com_err/com_err.c
+++ b/crypto/heimdal/lib/com_err/com_err.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: com_err.c,v 1.15 2000/04/04 22:04:55 assar Exp $");
+RCSID("$Id: com_err.c,v 1.17 2001/05/11 20:02:34 assar Exp $");
 #endif
 #include <stdio.h>
 #include <stdlib.h>
@@ -68,6 +68,10 @@ init_error_table(const char **msgs, long base, int count)
 
 static void
 default_proc (const char *whoami, long code, const char *fmt, va_list args)
+    __attribute__((__format__(__printf__, 3, 0)));
+ 
+static void
+default_proc (const char *whoami, long code, const char *fmt, va_list args)
 {
     if (whoami)
       fprintf(stderr, "%s: ", whoami);
@@ -149,3 +153,17 @@ error_table_name(int num)
     *p = '\0';
     return(buf);
 }
+
+void
+add_to_error_table(struct et_list *new_table)
+{
+    struct et_list *et;
+
+    for (et = _et_list; et; et = et->next) {
+	if (et->table->base == new_table->table->base)
+	    return;
+    }
+
+    new_table->next = _et_list;
+    _et_list = new_table;
+}
diff --git a/crypto/heimdal/lib/com_err/com_err.h b/crypto/heimdal/lib/com_err/com_err.h
index 9703336..a76214b 100644
--- a/crypto/heimdal/lib/com_err/com_err.h
+++ b/crypto/heimdal/lib/com_err/com_err.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: com_err.h,v 1.6 2000/01/16 04:51:16 assar Exp $ */
+/* $Id: com_err.h,v 1.9 2001/05/11 20:03:36 assar Exp $ */
 
 /* MIT compatible com_err library */
 
@@ -40,17 +40,26 @@
 
 #include <com_right.h>
 
+#if !defined(__GNUC__) && !defined(__attribute__)
+#define __attribute__(X)
+#endif
+
 typedef void (*errf) __P((const char *, long, const char *, va_list));
 
 const char * error_message __P((long));
 int init_error_table __P((const char**, long, int));
 
-void com_err_va __P((const char *, long, const char *, va_list));
-void com_err __P((const char *, long, const char *, ...));
+void com_err_va __P((const char *, long, const char *, va_list))
+    __attribute__((format(printf, 3, 0)));
+
+void com_err __P((const char *, long, const char *, ...))
+    __attribute__((format(printf, 3, 4)));
 
 errf set_com_err_hook __P((errf));
 errf reset_com_err_hook __P((void));
 
 const char *error_table_name  __P((int num));
 
+void add_to_error_table __P((struct et_list *new_table));
+
 #endif /* __COM_ERR_H__ */
diff --git a/crypto/heimdal/lib/com_err/compile_et.c b/crypto/heimdal/lib/com_err/compile_et.c
index f982dcd..ab7fc2e 100644
--- a/crypto/heimdal/lib/com_err/compile_et.c
+++ b/crypto/heimdal/lib/com_err/compile_et.c
@@ -35,7 +35,7 @@
 #include "compile_et.h"
 #include <getarg.h>
 
-RCSID("$Id: compile_et.c,v 1.13 1999/12/02 16:58:38 joda Exp $");
+RCSID("$Id: compile_et.c,v 1.14 2001/02/20 01:44:53 assar Exp $");
 
 #include <roken.h>
 #include <err.h>
@@ -196,7 +196,7 @@ main(int argc, char **argv)
     char *p;
     int optind = 0;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
     if(getarg(args, num_args, argc, argv, &optind))
 	usage(1);
     if(help_flag)
diff --git a/crypto/heimdal/lib/com_err/error.c b/crypto/heimdal/lib/com_err/error.c
index d122007..b22f25b 100644
--- a/crypto/heimdal/lib/com_err/error.c
+++ b/crypto/heimdal/lib/com_err/error.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: error.c,v 1.14 1999/12/02 16:58:38 joda Exp $");
+RCSID("$Id: error.c,v 1.15 2001/02/28 20:00:13 joda Exp $");
 #endif
 #include <stdio.h>
 #include <stdlib.h>
@@ -62,9 +62,9 @@ initialize_error_table_r(struct et_list **list,
 			 int num_errors,
 			 long base)
 {
-    struct et_list *et;
+    struct et_list *et, **end;
     struct foobar *f;
-    for (et = *list; et; et = et->next)
+    for (end = list, et = *list; et; end = &et->next, et = et->next)
         if (et->table->msgs == messages)
             return;
     f = malloc(sizeof(*f));
@@ -75,8 +75,8 @@ initialize_error_table_r(struct et_list **list,
     et->table->msgs = messages;
     et->table->n_msgs = num_errors;
     et->table->base = base;
-    et->next = *list;
-    *list = et;
+    et->next = NULL;
+    *end = et;
 }
 			
 
diff --git a/crypto/heimdal/lib/editline/ChangeLog b/crypto/heimdal/lib/editline/ChangeLog
new file mode 100644
index 0000000..be78368
--- /dev/null
+++ b/crypto/heimdal/lib/editline/ChangeLog
@@ -0,0 +1,98 @@
+2000-11-15  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: make libeditline and libel_compat into libtool
+	libraries but always make them static
+
+2000-03-01  Assar Westerlund  <assar@sics.se>
+
+	* edit_compat.c (readline): be more liberal in what we accept from
+	el_gets.  if count == 0 -> interpret it as EOF.  also copy the
+	string first and then cut of the newline, it's cleaner
+
+1999-12-23  Assar Westerlund  <assar@sics.se>
+
+	* editline.c (TTYinfo): add fallback if we fail to find "le" in
+ 	termcap.
+
+1999-08-06  Assar Westerlund  <assar@sics.se>
+
+	* editline.c (TTYinfo): copy backspace string to avoid referencing
+ 	into a local variable.
+
+1999-08-04  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: don't run testit in `make check'
+
+1999-04-11  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: don't run testit as a check
+
+Sat Apr 10 23:01:18 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* complete.c (rl_complete_filename): return if there were no
+ 	matches
+
+Thu Apr  8 15:08:25 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.in: snprintf
+
+	* roken_rename.h: add snprintf, asprintf
+
+	* Makefile.am: build testit
+
+	* complete.c: nuke NEW, DISPOSE, RENEW, and COPYFROMTO macros;
+ 	(rl_complete): call rl_list_possib instead of doing the same
+
+	* editline.h: nuke NEW, DISPOSE, RENEW, and COPYFROMTO macros
+
+	* editline.c: nuke NEW, DISPOSE, RENEW, and COPYFROMTO macros
+
+	* sysunix.c: add some whitespace
+
+Thu Mar 18 11:22:55 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.am: include Makefile.am.common
+
+Tue Mar 16 17:10:34 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* editline.c: remove protos for read/write
+
+Sat Mar 13 22:23:22 1999  Assar Westerlund  <assar@sics.se>
+
+	* <roken.h>: add
+
+Sun Nov 22 10:40:28 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (WFLAGS): set
+
+Tue Sep 29 02:09:15 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (LIB_DEPS): add LIB_tgetent
+
+Thu Jul  2 15:10:08 1998  Johan Danielsson  <joda@blubb.pdc.kth.se>
+
+	* edit_compat.c: support for newer libedit
+
+Tue Jun 30 17:18:09 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (distclean): don't remove roken_rename.h
+
+Fri May 29 19:03:38 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (strdup.c): remove dependency
+
+Mon May 25 05:25:16 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (clean): try to remove shared library debris
+
+Sun Apr 19 09:53:46 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in: add symlink magic for linux
+
+Sat Feb  7 07:24:30 1998  Assar Westerlund  <assar@sics.se>
+
+	* editline.h: add prototypes
+
+Tue Feb  3 10:24:22 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
+
+	* editline.c: If read returns EINTR, try again.
diff --git a/crypto/heimdal/lib/editline/Makefile.am b/crypto/heimdal/lib/editline/Makefile.am
new file mode 100644
index 0000000..49e4885
--- /dev/null
+++ b/crypto/heimdal/lib/editline/Makefile.am
@@ -0,0 +1,54 @@
+# $Id: Makefile.am,v 1.12 2000/11/14 23:22:29 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+if do_roken_rename
+IS = -DROKEN_RENAME
+ES = snprintf.c strdup.c
+endif
+
+INCLUDES += $(IS)
+
+man_MANS = editline.3
+
+lib_LTLIBRARIES = libeditline.la
+if el_compat
+noinst_LTLIBRARIES = libel_compat.la
+else
+noinst_LTLIBRARIES =
+endif
+
+noinst_PROGRAMS = testit
+
+CHECK_LOCAL =
+
+testit_LDADD = \
+	libeditline.la \
+	$(LIB_tgetent) \
+	$(LIB_roken)
+
+include_HEADERS = editline.h
+
+libeditline_la_SOURCES = \
+	complete.c \
+	editline.c \
+	sysunix.c \
+	editline.h \
+	roken_rename.h \
+	unix.h \
+	$(EXTRA_SOURCE)
+
+libeditline_la_LDFLAGS = -static
+
+EXTRA_SOURCE = $(ES) 
+
+libel_compat_la_SOURCES = edit_compat.c
+
+libel_compat_la_LDFLAGS = -static
+
+EXTRA_DIST = $(man_MANS)
+
+snprintf.c:
+	$(LN_S) $(srcdir)/../roken/snprintf.c .
+strdup.c:
+	$(LN_S) $(srcdir)/../roken/strdup.c .
diff --git a/crypto/heimdal/lib/editline/Makefile.in b/crypto/heimdal/lib/editline/Makefile.in
new file mode 100644
index 0000000..4a06487
--- /dev/null
+++ b/crypto/heimdal/lib/editline/Makefile.in
@@ -0,0 +1,715 @@
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
+
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ../..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+
+@SET_MAKE@
+host_alias = @host_alias@
+host_triplet = @host@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+EXEEXT = @EXEEXT@
+EXTRA_LIB45 = @EXTRA_LIB45@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_ = @INCLUDE_@
+LEX = @LEX@
+LIBOBJS = @LIBOBJS@
+LIBTOOL = @LIBTOOL@
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
+LIB_kdb = @LIB_kdb@
+LIB_otp = @LIB_otp@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
+NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.12 2000/11/14 23:22:29 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
+
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(IS)
+
+AM_CFLAGS =  $(WFLAGS)
+
+CP = cp
+
+COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_crypt = @LIB_crypt@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_search = @LIB_res_search@
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+
+LIBS = @LIBS@
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+LIB_hesiod = @LIB_hesiod@
+
+INCLUDE_krb4 = @INCLUDE_krb4@
+LIB_krb4 = @LIB_krb4@
+
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
+INCLUDE_readline = @INCLUDE_readline@
+
+LEXLIB = @LEXLIB@
+
+NROFF_MAN = groff -mandoc -Tascii
+
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
+CHECK_LOCAL = 
+
+@do_roken_rename_TRUE@IS = @do_roken_rename_TRUE@-DROKEN_RENAME
+@do_roken_rename_TRUE@ES = @do_roken_rename_TRUE@snprintf.c strdup.c
+
+man_MANS = editline.3
+
+lib_LTLIBRARIES = libeditline.la
+@el_compat_TRUE@noinst_LTLIBRARIES = @el_compat_TRUE@libel_compat.la
+@el_compat_FALSE@noinst_LTLIBRARIES = 
+
+noinst_PROGRAMS = testit
+
+testit_LDADD = \
+	libeditline.la \
+	$(LIB_tgetent) \
+	$(LIB_roken)
+
+
+include_HEADERS = editline.h
+
+libeditline_la_SOURCES = \
+	complete.c \
+	editline.c \
+	sysunix.c \
+	editline.h \
+	roken_rename.h \
+	unix.h \
+	$(EXTRA_SOURCE)
+
+
+libeditline_la_LDFLAGS = -static
+
+EXTRA_SOURCE = $(ES) 
+
+libel_compat_la_SOURCES = edit_compat.c
+
+libel_compat_la_LDFLAGS = -static
+
+EXTRA_DIST = $(man_MANS)
+subdir = lib/editline
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = ../../include/config.h
+CONFIG_CLEAN_FILES = 
+LTLIBRARIES =  $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+X_CFLAGS = @X_CFLAGS@
+X_LIBS = @X_LIBS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+libeditline_la_LIBADD = 
+@do_roken_rename_FALSE@am_libeditline_la_OBJECTS =  complete.lo \
+@do_roken_rename_FALSE@editline.lo sysunix.lo
+@do_roken_rename_TRUE@am_libeditline_la_OBJECTS =  complete.lo \
+@do_roken_rename_TRUE@editline.lo sysunix.lo snprintf.lo strdup.lo
+libeditline_la_OBJECTS =  $(am_libeditline_la_OBJECTS)
+libel_compat_la_LIBADD = 
+am_libel_compat_la_OBJECTS =  edit_compat.lo
+libel_compat_la_OBJECTS =  $(am_libel_compat_la_OBJECTS)
+noinst_PROGRAMS =  testit$(EXEEXT)
+PROGRAMS =  $(noinst_PROGRAMS)
+
+testit_SOURCES = testit.c
+testit_OBJECTS =  testit.$(OBJEXT)
+testit_DEPENDENCIES =  libeditline.la
+testit_LDFLAGS = 
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =  $(libeditline_la_SOURCES) $(libel_compat_la_SOURCES) \
+testit.c
+man3dir = $(mandir)/man3
+MANS = $(man_MANS)
+HEADERS =  $(include_HEADERS)
+
+depcomp = 
+DIST_COMMON =  README $(include_HEADERS) ChangeLog Makefile.am \
+Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+GZIP_ENV = --best
+SOURCES = $(libeditline_la_SOURCES) $(libel_compat_la_SOURCES) testit.c
+OBJECTS = $(am_libeditline_la_OBJECTS) $(am_libel_compat_la_OBJECTS) testit.$(OBJEXT)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/editline/Makefile
+
+Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status
+	cd $(top_builddir) \
+	  && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-libLTLIBRARIES:
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+
+distclean-libLTLIBRARIES:
+
+maintainer-clean-libLTLIBRARIES:
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(libdir)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  if test -f $$p; then \
+	    echo " $(LIBTOOL)  --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+	    $(LIBTOOL)  --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
+	  else :; fi; \
+	done
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  echo " $(LIBTOOL)  --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
+	  $(LIBTOOL)  --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
+	done
+
+mostlyclean-noinstLTLIBRARIES:
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+
+distclean-noinstLTLIBRARIES:
+
+maintainer-clean-noinstLTLIBRARIES:
+
+mostlyclean-compile:
+	-rm -f *.o core *.core
+	-rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+	-rm -f *.tab.c
+
+maintainer-clean-compile:
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libeditline.la: $(libeditline_la_OBJECTS) $(libeditline_la_DEPENDENCIES)
+	$(LINK) -rpath $(libdir) $(libeditline_la_LDFLAGS) $(libeditline_la_OBJECTS) $(libeditline_la_LIBADD) $(LIBS)
+
+libel_compat.la: $(libel_compat_la_OBJECTS) $(libel_compat_la_DEPENDENCIES)
+	$(LINK)  $(libel_compat_la_LDFLAGS) $(libel_compat_la_OBJECTS) $(libel_compat_la_LIBADD) $(LIBS)
+
+mostlyclean-noinstPROGRAMS:
+
+clean-noinstPROGRAMS:
+	-test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
+
+distclean-noinstPROGRAMS:
+
+maintainer-clean-noinstPROGRAMS:
+
+testit$(EXEEXT): $(testit_OBJECTS) $(testit_DEPENDENCIES)
+	@rm -f testit$(EXEEXT)
+	$(LINK) $(testit_LDFLAGS) $(testit_OBJECTS) $(testit_LDADD) $(LIBS)
+.c.o:
+	$(COMPILE) -c $<
+.c.obj:
+	$(COMPILE) -c `cygpath -w $<`
+.c.lo:
+	$(LTCOMPILE) -c -o $@ $<
+
+install-man3:
+	$(mkinstalldirs) $(DESTDIR)$(man3dir)
+	@list='$(man3_MANS)'; \
+	l2='$(man_MANS)'; for i in $$l2; do \
+	  case "$$i" in \
+	    *.3*) list="$$list $$i" ;; \
+	  esac; \
+	done; \
+	for i in $$list; do \
+	  if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+	  else file=$$i; fi; \
+	  ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+	  inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+	  inst=`echo $$inst | sed -e 's/^.*\///'`; \
+	  inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+	  echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \
+	  $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \
+	done
+
+uninstall-man3:
+	@list='$(man3_MANS)'; \
+	l2='$(man_MANS)'; for i in $$l2; do \
+	  case "$$i" in \
+	    *.3*) list="$$list $$i" ;; \
+	  esac; \
+	done; \
+	for i in $$list; do \
+	  ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+	  inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+	  inst=`echo $$inst | sed -e 's/^.*\///'`; \
+	  inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+	  echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \
+	  rm -f $(DESTDIR)$(man3dir)/$$inst; \
+	done
+install-man: $(MANS)
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) install-man3
+uninstall-man:
+	@$(NORMAL_UNINSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) uninstall-man3
+
+install-includeHEADERS: $(include_HEADERS)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(includedir)
+	@list='$(include_HEADERS)'; for p in $$list; do \
+	  if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+	  f="`echo $$p | sed -e 's|^.*/||'`"; \
+	  echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+	  $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
+	done
+
+uninstall-includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(include_HEADERS)'; for p in $$list; do \
+	  f="`echo $$p | sed -e 's|^.*/||'`"; \
+	  echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+	  rm -f $(DESTDIR)$(includedir)/$$f; \
+	done
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+	list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	mkid -fID $$unique $(LISP)
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
+
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+	-rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+distdir: $(DISTFILES)
+	@for file in $(DISTFILES); do \
+	  d=$(srcdir); \
+	  if test -d $$d/$$file; then \
+	    cp -pR $$d/$$file $(distdir) \
+	    || exit 1; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || cp -p $$d/$$file $(distdir)/$$file \
+	    || exit 1; \
+	  fi; \
+	done
+	$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+	$(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-libLTLIBRARIES
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-exec: install-exec-am
+
+install-data-am: install-man install-includeHEADERS install-data-local
+install-data: install-data-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-libLTLIBRARIES uninstall-man \
+		uninstall-includeHEADERS
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) all-local
+all-redirect: all-am
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
+installdirs:
+	$(mkinstalldirs)  $(DESTDIR)$(libdir) $(DESTDIR)$(mandir)/man3 \
+		$(DESTDIR)$(includedir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-rm -f Makefile $(CONFIG_CLEAN_FILES)
+	-rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+	-rm -f Makefile.in
+mostlyclean-am:  mostlyclean-libLTLIBRARIES \
+		mostlyclean-noinstLTLIBRARIES mostlyclean-compile \
+		mostlyclean-libtool mostlyclean-noinstPROGRAMS \
+		mostlyclean-tags mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am:  clean-libLTLIBRARIES clean-noinstLTLIBRARIES clean-compile \
+		clean-libtool clean-noinstPROGRAMS clean-tags \
+		clean-generic mostlyclean-am
+
+clean: clean-am
+
+distclean-am:  distclean-libLTLIBRARIES distclean-noinstLTLIBRARIES \
+		distclean-compile distclean-libtool \
+		distclean-noinstPROGRAMS distclean-tags \
+		distclean-generic clean-am
+	-rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am:  maintainer-clean-libLTLIBRARIES \
+		maintainer-clean-noinstLTLIBRARIES \
+		maintainer-clean-compile maintainer-clean-libtool \
+		maintainer-clean-noinstPROGRAMS maintainer-clean-tags \
+		maintainer-clean-generic distclean-am
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \
+clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
+uninstall-libLTLIBRARIES install-libLTLIBRARIES \
+mostlyclean-noinstLTLIBRARIES distclean-noinstLTLIBRARIES \
+clean-noinstLTLIBRARIES maintainer-clean-noinstLTLIBRARIES \
+mostlyclean-compile distclean-compile clean-compile \
+maintainer-clean-compile mostlyclean-libtool distclean-libtool \
+clean-libtool maintainer-clean-libtool mostlyclean-noinstPROGRAMS \
+distclean-noinstPROGRAMS clean-noinstPROGRAMS \
+maintainer-clean-noinstPROGRAMS install-man3 uninstall-man3 install-man \
+uninstall-man uninstall-includeHEADERS install-includeHEADERS tags \
+mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \
+distdir info-am info dvi-am dvi check-local check check-am \
+installcheck-am installcheck install-exec-am install-exec \
+install-data-local install-data-am install-data install-am install \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+
+
+install-suid-programs:
+	@foo='$(bin_SUIDS)'; \
+	for file in $$foo; do \
+	x=$(DESTDIR)$(bindir)/$$file; \
+	if chown 0:0 $$x && chmod u+s $$x; then :; else \
+	echo "*"; \
+	echo "* Failed to install $$x setuid root"; \
+	echo "*"; \
+	fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+	@foo='$(include_HEADERS) $(build_HEADERZ)'; \
+	for f in $$foo; do \
+		f=`basename $$f`; \
+		if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+		else file="$$f"; fi; \
+		if cmp -s  $$file $(buildinclude)/$$f 2> /dev/null ; then \
+		: ; else \
+			echo " $(CP) $$file $(buildinclude)/$$f"; \
+			$(CP) $$file $(buildinclude)/$$f; \
+		fi ; \
+	done
+
+all-local: install-build-headers
+#NROFF_MAN = nroff -man
+.1.cat1:
+	$(NROFF_MAN) $< > $@
+.3.cat3:
+	$(NROFF_MAN) $< > $@
+.5.cat5:
+	$(NROFF_MAN) $< > $@
+.8.cat8:
+	$(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+	@foo='$(man1_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.1) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat3-mans:
+	@foo='$(man3_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.3) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat5-mans:
+	@foo='$(man5_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.5) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat8-mans:
+	@foo='$(man8_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.8) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+	$(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+	$(COMPILE_ET) $<
+.et.c:
+	$(COMPILE_ET) $<
+
+.x.c:
+	@cmp -s $< $@ 2> /dev/null || cp $< $@
+
+check-local::
+	@foo='$(CHECK_LOCAL)'; \
+	  if test "$$foo"; then \
+	  failed=0; all=0; \
+	  for i in $$foo; do \
+	    all=`expr $$all + 1`; \
+	    if ./$$i --version > /dev/null 2>&1; then \
+	      echo "PASS: $$i"; \
+	    else \
+	      echo "FAIL: $$i"; \
+	      failed=`expr $$failed + 1`; \
+	    fi; \
+	  done; \
+	  if test "$$failed" -eq 0; then \
+	    banner="All $$all tests passed"; \
+	  else \
+	    banner="$$failed of $$all tests failed"; \
+	  fi; \
+	  dashes=`echo "$$banner" | sed s/./=/g`; \
+	  echo "$$dashes"; \
+	  echo "$$banner"; \
+	  echo "$$dashes"; \
+	  test "$$failed" -eq 0; \
+	fi
+
+snprintf.c:
+	$(LN_S) $(srcdir)/../roken/snprintf.c .
+strdup.c:
+	$(LN_S) $(srcdir)/../roken/strdup.c .
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/editline/README b/crypto/heimdal/lib/editline/README
new file mode 100644
index 0000000..829db99
--- /dev/null
+++ b/crypto/heimdal/lib/editline/README
@@ -0,0 +1,45 @@
+$Revision: 1.1 $
+
+This is a line-editing library.  It can be linked into almost any
+program to provide command-line editing and recall.
+
+It is call-compatible with the FSF readline library, but it is a
+fraction of the size (and offers fewer features).  It does not use
+standard I/O.  It is distributed under a "C News-like" copyright.
+
+Configuration is done in the Makefile.  Type "make testit" to get
+a small slow shell for testing.
+
+An earlier version was distributed with Byron's rc.  Principal
+changes over that version include:
+	Faster.
+	Is eight-bit clean (thanks to brendan@cs.widener.edu)
+	Written in K&R C, but ANSI compliant (gcc all warnings)
+	Propagates EOF properly; rc trip test now passes
+	Doesn't need or use or provide memmove.
+	More robust
+	Calling sequence changed to be compatible with readline.
+	Test program, new manpage, better configuration
+	More system-independant; includes Unix and OS-9 support.
+
+Enjoy,
+	Rich $alz
+	<rsalz@osf.org>
+
+ Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved.
+
+ This software is not subject to any license of the American Telephone
+ and Telegraph Company or of the Regents of the University of California.
+
+ Permission is granted to anyone to use this software for any purpose on
+ any computer system, and to alter it and redistribute it freely, subject
+ to the following restrictions:
+ 1. The authors are not responsible for the consequences of use of this
+    software, no matter how awful, even if they arise from flaws in it.
+ 2. The origin of this software must not be misrepresented, either by
+    explicit claim or by omission.  Since few users ever read sources,
+    credits must appear in the documentation.
+ 3. Altered versions must be plainly marked as such, and must not be
+    misrepresented as being the original software.  Since few users
+    ever read sources, credits must appear in the documentation.
+ 4. This notice may not be removed or altered.
diff --git a/crypto/heimdal/lib/editline/complete.c b/crypto/heimdal/lib/editline/complete.c
new file mode 100644
index 0000000..d2a311d
--- /dev/null
+++ b/crypto/heimdal/lib/editline/complete.c
@@ -0,0 +1,243 @@
+/*  Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved. 
+ *
+ *  This software is not subject to any license of the American Telephone 
+ *  and Telegraph Company or of the Regents of the University of California. 
+ *
+ *  Permission is granted to anyone to use this software for any purpose on
+ *  any computer system, and to alter it and redistribute it freely, subject
+ *  to the following restrictions:
+ *  1. The authors are not responsible for the consequences of use of this
+ *     software, no matter how awful, even if they arise from flaws in it.
+ *  2. The origin of this software must not be misrepresented, either by
+ *     explicit claim or by omission.  Since few users ever read sources,
+ *     credits must appear in the documentation.
+ *  3. Altered versions must be plainly marked as such, and must not be
+ *     misrepresented as being the original software.  Since few users
+ *     ever read sources, credits must appear in the documentation.
+ *  4. This notice may not be removed or altered.
+ */
+
+/*
+**  History and file completion functions for editline library.
+*/
+#include <config.h>
+#include "editline.h"
+
+RCSID("$Id: complete.c,v 1.5 1999/04/10 21:01:16 joda Exp $");
+
+/*
+**  strcmp-like sorting predicate for qsort.
+*/
+static int
+compare(const void *p1, const void *p2)
+{
+    const char	**v1;
+    const char	**v2;
+    
+    v1 = (const char **)p1;
+    v2 = (const char **)p2;
+    return strcmp(*v1, *v2);
+}
+
+/*
+**  Fill in *avp with an array of names that match file, up to its length.
+**  Ignore . and .. .
+*/
+static int
+FindMatches(char *dir, char *file, char ***avp)
+{
+    char	**av;
+    char	**new;
+    char	*p;
+    DIR		*dp;
+    DIRENTRY	*ep;
+    size_t	ac;
+    size_t	len;
+
+    if ((dp = opendir(dir)) == NULL)
+	return 0;
+
+    av = NULL;
+    ac = 0;
+    len = strlen(file);
+    while ((ep = readdir(dp)) != NULL) {
+	p = ep->d_name;
+	if (p[0] == '.' && (p[1] == '\0' || (p[1] == '.' && p[2] == '\0')))
+	    continue;
+	if (len && strncmp(p, file, len) != 0)
+	    continue;
+
+	if ((ac % MEM_INC) == 0) {
+	    if ((new = malloc(sizeof(char*) * (ac + MEM_INC))) == NULL)
+		break;
+	    if (ac) {
+		memcpy(new, av, ac * sizeof (char **));
+		free(av);
+	    }
+	    *avp = av = new;
+	}
+
+	if ((av[ac] = strdup(p)) == NULL) {
+	    if (ac == 0)
+		free(av);
+	    break;
+	}
+	ac++;
+    }
+
+    /* Clean up and return. */
+    (void)closedir(dp);
+    if (ac)
+	qsort(av, ac, sizeof (char **), compare);
+    return ac;
+}
+
+/*
+**  Split a pathname into allocated directory and trailing filename parts.
+*/
+static int SplitPath(char *path, char **dirpart, char **filepart)
+{
+    static char	DOT[] = ".";
+    char	*dpart;
+    char	*fpart;
+
+    if ((fpart = strrchr(path, '/')) == NULL) {
+	if ((dpart = strdup(DOT)) == NULL)
+	    return -1;
+	if ((fpart = strdup(path)) == NULL) {
+	    free(dpart);
+	    return -1;
+	}
+    }
+    else {
+	if ((dpart = strdup(path)) == NULL)
+	    return -1;
+	dpart[fpart - path] = '\0';
+	if ((fpart = strdup(++fpart)) == NULL) {
+	    free(dpart);
+	    return -1;
+	}
+    }
+    *dirpart = dpart;
+    *filepart = fpart;
+    return 0;
+}
+
+/*
+**  Attempt to complete the pathname, returning an allocated copy.
+**  Fill in *unique if we completed it, or set it to 0 if ambiguous.
+*/
+
+static char *
+rl_complete_filename(char *pathname, int *unique)
+{
+    char	**av;
+    char	*new;
+    char	*p;
+    size_t	ac;
+    size_t	end;
+    size_t	i;
+    size_t	j;
+    size_t	len;
+    char *s;
+    
+    ac = rl_list_possib(pathname, &av);
+    if(ac == 0)
+	return NULL;
+
+    s = strrchr(pathname, '/');
+    if(s == NULL)
+	len = strlen(pathname);
+    else
+	len = strlen(s + 1);
+
+    p = NULL;
+    if (ac == 1) {
+	/* Exactly one match -- finish it off. */
+	*unique = 1;
+	j = strlen(av[0]) - len + 2;
+	if ((p = malloc(j + 1)) != NULL) {
+	    memcpy(p, av[0] + len, j);
+	    asprintf(&new, "%s%s", pathname, p);
+	    if(new != NULL) {
+		rl_add_slash(new, p);
+		free(new);
+	    }
+	}
+    }
+    else {
+	*unique = 0;
+	if (len) {
+	    /* Find largest matching substring. */
+	    for (i = len, end = strlen(av[0]); i < end; i++)
+		for (j = 1; j < ac; j++)
+		    if (av[0][i] != av[j][i])
+			goto breakout;
+  breakout:
+	    if (i > len) {
+		j = i - len + 1;
+		if ((p = malloc(j)) != NULL) {
+		    memcpy(p, av[0] + len, j);
+		    p[j - 1] = '\0';
+		}
+	    }
+	}
+    }
+
+    /* Clean up and return. */
+    for (i = 0; i < ac; i++)
+	free(av[i]);
+    free(av);
+    return p;
+}
+
+static rl_complete_func_t complete_func = rl_complete_filename;
+
+char *
+rl_complete(char *pathname, int *unique)
+{
+    return (*complete_func)(pathname, unique);
+}
+
+rl_complete_func_t
+rl_set_complete_func(rl_complete_func_t func)
+{
+    rl_complete_func_t old = complete_func;
+    complete_func = func;
+    return old;
+}
+
+
+/*
+**  Return all possible completions.
+*/
+static int
+rl_list_possib_filename(char *pathname, char ***avp)
+{
+    char	*dir;
+    char	*file;
+    int		ac;
+
+    if (SplitPath(pathname, &dir, &file) < 0)
+	return 0;
+    ac = FindMatches(dir, file, avp);
+    free(dir);
+    free(file);
+    return ac;
+}
+
+static rl_list_possib_func_t list_possib_func = rl_list_possib_filename;
+
+int
+rl_list_possib(char *pathname, char ***avp)
+{
+    return (*list_possib_func)(pathname, avp);
+}
+
+rl_list_possib_func_t
+rl_set_list_possib_func(rl_list_possib_func_t func)
+{
+    rl_list_possib_func_t old = list_possib_func;
+    list_possib_func = func;
+    return old;
+}
diff --git a/crypto/heimdal/lib/editline/edit_compat.c b/crypto/heimdal/lib/editline/edit_compat.c
new file mode 100644
index 0000000..9b1863e
--- /dev/null
+++ b/crypto/heimdal/lib/editline/edit_compat.c
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>
+#include <histedit.h>
+
+RCSID("$Id: edit_compat.c,v 1.8 2000/03/01 20:53:05 assar Exp $");
+
+void
+rl_reset_terminal(char *p)
+{
+}
+
+void
+rl_initialize()
+{
+}
+
+static const char *pr;
+static const char* ret_prompt(EditLine *e)
+{
+    return pr;
+}
+
+static History *h;
+
+#ifdef H_SETSIZE
+#define EL_INIT_FOUR 1
+#else
+#ifdef H_SETMAXSIZE
+/* backwards compatibility */
+#define H_SETSIZE H_SETMAXSIZE
+#endif
+#endif
+
+char *
+readline(const char* prompt)
+{
+    static EditLine *e;
+#ifdef H_SETSIZE
+    HistEvent ev;
+#endif
+    int count;
+    const char *str;
+
+    if(e == NULL){
+#ifdef EL_INIT_FOUR
+	e = el_init("", stdin, stdout, stderr);
+#else
+	e = el_init("", stdin, stdout);
+#endif
+	el_set(e, EL_PROMPT, ret_prompt);
+	h = history_init();
+#ifdef H_SETSIZE
+	history(h, &ev, H_SETSIZE, 25);
+#else
+	history(h, H_EVENT, 25);
+#endif
+	el_set(e, EL_HIST, history, h);
+	el_set(e, EL_EDITOR, "emacs"); /* XXX? */
+    }
+    pr = prompt ? prompt : "";
+    str = el_gets(e, &count);
+    if (str && count > 0) {
+	char *ret = strdup (str);
+
+	if (ret == NULL)
+	    return NULL;
+
+	if (ret[strlen(ret) - 1] == '\n')
+	    ret[strlen(ret) - 1] = '\0';
+	return ret;
+    } 
+    return NULL;
+}
+
+void
+add_history(char *p)
+{
+#ifdef H_SETSIZE
+    HistEvent ev;
+    history(h, &ev, H_ENTER, p);
+#else
+    history(h, H_ENTER, p);
+#endif
+}
diff --git a/crypto/heimdal/lib/editline/editline.3 b/crypto/heimdal/lib/editline/editline.3
new file mode 100644
index 0000000..6e30a09
--- /dev/null
+++ b/crypto/heimdal/lib/editline/editline.3
@@ -0,0 +1,175 @@
+.\" $Revision: 1.2 $
+.TH EDITLINE 3
+.SH NAME
+editline \- command-line editing library with history
+.SH SYNOPSIS
+.nf
+.B "char *"
+.B "readline(prompt)"
+.B "     char	*prompt;"
+
+.B "void"
+.B "add_history(line)"
+.B "    char	*line;"
+.fi
+.SH DESCRIPTION
+.I Editline
+is a library that provides an line-editing interface with text recall.
+It is intended to be compatible with the
+.I readline
+library provided by the Free Software Foundation, but much smaller.
+The bulk of this manual page describes the user interface.
+.PP
+The
+.I readline
+routine returns a line of text with the trailing newline removed.
+The data is returned in a buffer allocated with
+.IR malloc (3),
+so the space should be released with
+.IR free (3)
+when the calling program is done with it.
+Before accepting input from the user, the specified
+.I prompt
+is displayed on the terminal.
+.PP
+The
+.I add_history
+routine makes a copy of the specified
+.I line
+and adds it to the internal history list.
+.SS "User Interface"
+A program that uses this library provides a simple emacs-like editing
+interface to its users.
+A line may be edited before it is sent to the calling program by typing either
+control characters or escape sequences.
+A control character, shown as a caret followed by a letter, is typed by
+holding down the ``control'' key while the letter is typed.
+For example, ``^A'' is a control-A.
+An escape sequence is entered by typing the ``escape'' key followed by one or
+more characters.
+The escape key is abbreviated as ``ESC.''
+Note that unlike control keys, case matters in escape sequences; ``ESC\ F''
+is not the same as ``ESC\ f''.
+.PP
+An editing command may be typed anywhere on the line, not just at the
+beginning.
+In addition, a return may also be typed anywhere on the line, not just at
+the end.
+.PP
+Most editing commands may be given a repeat count,
+.IR n ,
+where
+.I n
+is a number.
+To enter a repeat count, type the escape key, the number, and then
+the command to execute.
+For example, ``ESC\ 4\ ^f'' moves forward four characters.
+If a command may be given a repeat count then the text ``[n]'' is given at the
+end of its description.
+.PP
+The following control characters are accepted:
+.RS
+.nf
+.ta \w'ESC DEL  'u
+^A	Move to the beginning of the line
+^B	Move left (backwards) [n]
+^D	Delete character [n]
+^E	Move to end of line
+^F	Move right (forwards) [n]
+^G	Ring the bell
+^H	Delete character before cursor (backspace key) [n]
+^I	Complete filename (tab key); see below
+^J	Done with line (return key)
+^K	Kill to end of line (or column [n])
+^L	Redisplay line
+^M	Done with line (alternate return key)
+^N	Get next line from history [n]
+^P	Get previous line from history [n]
+^R	Search backward (forward if [n]) through history for text;
+\&	must start line if text begins with an uparrow
+^T	Transpose characters
+^V	Insert next character, even if it is an edit command
+^W	Wipe to the mark
+^X^X	Exchange current location and mark
+^Y	Yank back last killed text
+^[	Start an escape sequence (escape key)
+^]c	Move forward to next character ``c''
+^?	Delete character before cursor (delete key) [n]
+.fi
+.RE
+.PP
+The following escape sequences are provided.
+.RS
+.nf
+.ta \w'ESC DEL  'u
+ESC\ ^H	Delete previous word (backspace key) [n]
+ESC\ DEL	Delete previous word (delete key) [n]
+ESC\ SP	Set the mark (space key); see ^X^X and ^Y above
+ESC\ \.	Get the last (or [n]'th) word from previous line
+ESC\ ?	Show possible completions; see below
+ESC\ <	Move to start of history
+ESC\ >	Move to end of history
+ESC\ b	Move backward a word [n]
+ESC\ d	Delete word under cursor [n]
+ESC\ f	Move forward a word [n]
+ESC\ l	Make word lowercase [n]
+ESC\ u	Make word uppercase [n]
+ESC\ y	Yank back last killed text
+ESC\ v	Show library version
+ESC\ w	Make area up to mark yankable
+ESC\ nn	Set repeat count to the number nn
+ESC\ C	Read from environment variable ``_C_'', where C is
+\&	an uppercase letter
+.fi
+.RE
+.PP
+The
+.I editline
+library has a small macro facility.
+If you type the escape key followed by an uppercase letter,
+.IR C ,
+then the contents of the environment variable
+.I _C_
+are read in as if you had typed them at the keyboard.
+For example, if the variable
+.I _L_
+contains the following:
+.RS
+^A^Kecho '^V^[[H^V^[[2J'^M
+.RE
+Then typing ``ESC L'' will move to the beginning of the line, kill the
+entire line, enter the echo command needed to clear the terminal (if your
+terminal is like a VT-100), and send the line back to the shell.
+.PP
+The
+.I editline
+library also does filename completion.
+Suppose the root directory has the following files in it:
+.RS
+.nf
+.ta \w'core   'u
+bin	vmunix
+core	vmunix.old
+.fi
+.RE
+If you type ``rm\ /v'' and then the tab key.
+.I Editline
+will then finish off as much of the name as possible by adding ``munix''.
+Because the name is not unique, it will then beep.
+If you type the escape key and a question mark, it will display the
+two choices.
+If you then type a period and a tab, the library will finish off the filename
+for you:
+.RS
+.nf
+.RI "rm /v[TAB]" munix .TAB old
+.fi
+.RE
+The tab key is shown by ``[TAB]'' and the automatically-entered text
+is shown in italics.
+.SH "BUGS AND LIMITATIONS"
+Cannot handle lines more than 80 columns.
+.SH AUTHORS
+Simmule R. Turner <uunet.uu.net!capitol!sysgo!simmy>
+and Rich $alz <rsalz@osf.org>.
+Original manual page by DaviD W. Sanderson <dws@ssec.wisc.edu>.
diff --git a/crypto/heimdal/lib/editline/editline.c b/crypto/heimdal/lib/editline/editline.c
new file mode 100644
index 0000000..43dd58a
--- /dev/null
+++ b/crypto/heimdal/lib/editline/editline.c
@@ -0,0 +1,1376 @@
+/*  Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved. 
+ *
+ *  This software is not subject to any license of the American Telephone 
+ *  and Telegraph Company or of the Regents of the University of California. 
+ *
+ *  Permission is granted to anyone to use this software for any purpose on
+ *  any computer system, and to alter it and redistribute it freely, subject
+ *  to the following restrictions:
+ *  1. The authors are not responsible for the consequences of use of this
+ *     software, no matter how awful, even if they arise from flaws in it.
+ *  2. The origin of this software must not be misrepresented, either by
+ *     explicit claim or by omission.  Since few users ever read sources,
+ *     credits must appear in the documentation.
+ *  3. Altered versions must be plainly marked as such, and must not be
+ *     misrepresented as being the original software.  Since few users
+ *     ever read sources, credits must appear in the documentation.
+ *  4. This notice may not be removed or altered.
+ */
+
+/*
+**  Main editing routines for editline library.
+*/
+#include <config.h>
+#include "editline.h"
+#include <ctype.h>
+#include <errno.h>
+
+RCSID("$Id: editline.c,v 1.9 1999/12/23 21:27:00 assar Exp $");
+
+/*
+**  Manifest constants.
+*/
+#define SCREEN_WIDTH	80
+#define SCREEN_ROWS	24
+#define NO_ARG		(-1)
+#define DEL		127
+#define CTL(x)		((x) & 0x1F)
+#define ISCTL(x)	((x) && (x) < ' ')
+#define UNCTL(x)	((x) + 64)
+#define META(x)		((x) | 0x80)
+#define ISMETA(x)	((x) & 0x80)
+#define UNMETA(x)	((x) & 0x7F)
+#if	!defined(HIST_SIZE)
+#define HIST_SIZE	20
+#endif	/* !defined(HIST_SIZE) */
+
+/*
+**  Command status codes.
+*/
+typedef enum _STATUS {
+    CSdone, CSeof, CSmove, CSdispatch, CSstay
+} STATUS;
+
+/*
+**  The type of case-changing to perform.
+*/
+typedef enum _CASE {
+    TOupper, TOlower
+} CASE;
+
+/*
+**  Key to command mapping.
+*/
+typedef struct _KEYMAP {
+    unsigned char	Key;
+    STATUS	(*Function)();
+} KEYMAP;
+
+/*
+**  Command history structure.
+*/
+typedef struct _HISTORY {
+    int		Size;
+    int		Pos;
+    unsigned char	*Lines[HIST_SIZE];
+} HISTORY;
+
+/*
+**  Globals.
+*/
+int		rl_eof;
+int		rl_erase;
+int		rl_intr;
+int		rl_kill;
+
+static unsigned char		NIL[] = "";
+static const unsigned char	*Input = NIL;
+static unsigned char		*Line;
+static const char	*Prompt;
+static unsigned char		*Yanked;
+static char		*Screen;
+static char		NEWLINE[]= CRLF;
+static HISTORY		H;
+int		rl_quit;
+static int		Repeat;
+static int		End;
+static int		Mark;
+static int		OldPoint;
+static int		Point;
+static int		PushBack;
+static int		Pushed;
+static KEYMAP		Map[33];
+static KEYMAP		MetaMap[16];
+static size_t		Length;
+static size_t		ScreenCount;
+static size_t		ScreenSize;
+static char		*backspace;
+static int		TTYwidth;
+static int		TTYrows;
+
+/* Display print 8-bit chars as `M-x' or as the actual 8-bit char? */
+int		rl_meta_chars = 1;
+
+/*
+**  Declarations.
+*/
+static unsigned char	*editinput(void);
+char	*tgetstr(const char*, char**);
+int	tgetent(char*, const char*);
+int	tgetnum(const char*);
+
+/*
+**  TTY input/output functions.
+*/
+
+static void
+TTYflush()
+{
+    if (ScreenCount) {
+	write(1, Screen, ScreenCount);
+	ScreenCount = 0;
+    }
+}
+
+static void
+TTYput(unsigned char c)
+{
+    Screen[ScreenCount] = c;
+    if (++ScreenCount >= ScreenSize - 1) {
+	ScreenSize += SCREEN_INC;
+	Screen = realloc(Screen, ScreenSize);
+    }
+}
+
+static void
+TTYputs(const char *p)
+{
+    while (*p)
+	TTYput(*p++);
+}
+
+static void
+TTYshow(unsigned char c)
+{
+    if (c == DEL) {
+	TTYput('^');
+	TTYput('?');
+    }
+    else if (ISCTL(c)) {
+	TTYput('^');
+	TTYput(UNCTL(c));
+    }
+    else if (rl_meta_chars && ISMETA(c)) {
+	TTYput('M');
+	TTYput('-');
+	TTYput(UNMETA(c));
+    }
+    else
+	TTYput(c);
+}
+
+static void
+TTYstring(unsigned char *p)
+{
+    while (*p)
+	TTYshow(*p++);
+}
+
+static int
+TTYget()
+{
+    char c;
+    int e;
+
+    TTYflush();
+    if (Pushed) {
+	Pushed = 0;
+	return PushBack;
+    }
+    if (*Input)
+	return *Input++;
+    do {
+	e = read(0, &c, 1);
+    } while(e < 0 && errno == EINTR);
+    if(e == 1)
+	return c;
+    return EOF;
+}
+
+static void
+TTYback(void)
+{
+    if (backspace)
+	TTYputs(backspace);
+    else
+	TTYput('\b');
+}
+
+static void
+TTYbackn(int n)
+{
+    while (--n >= 0)
+	TTYback();
+}
+
+static void
+TTYinfo()
+{
+    static int		init;
+    char		*term;
+    char		buff[2048];
+    char		*bp;
+    char		*tmp;
+#if	defined(TIOCGWINSZ)
+    struct winsize	W;
+#endif	/* defined(TIOCGWINSZ) */
+
+    if (init) {
+#if	defined(TIOCGWINSZ)
+	/* Perhaps we got resized. */
+	if (ioctl(0, TIOCGWINSZ, &W) >= 0
+	 && W.ws_col > 0 && W.ws_row > 0) {
+	    TTYwidth = (int)W.ws_col;
+	    TTYrows = (int)W.ws_row;
+	}
+#endif	/* defined(TIOCGWINSZ) */
+	return;
+    }
+    init++;
+
+    TTYwidth = TTYrows = 0;
+    bp = &buff[0];
+    if ((term = getenv("TERM")) == NULL)
+	term = "dumb";
+    if (tgetent(buff, term) < 0) {
+       TTYwidth = SCREEN_WIDTH;
+       TTYrows = SCREEN_ROWS;
+       return;
+    }
+    tmp = tgetstr("le", &bp);
+    if (tmp != NULL)
+	backspace = strdup(tmp);
+    else
+	backspace = "\b";
+    TTYwidth = tgetnum("co");
+    TTYrows = tgetnum("li");
+
+#if	defined(TIOCGWINSZ)
+    if (ioctl(0, TIOCGWINSZ, &W) >= 0) {
+	TTYwidth = (int)W.ws_col;
+	TTYrows = (int)W.ws_row;
+    }
+#endif	/* defined(TIOCGWINSZ) */
+
+    if (TTYwidth <= 0 || TTYrows <= 0) {
+	TTYwidth = SCREEN_WIDTH;
+	TTYrows = SCREEN_ROWS;
+    }
+}
+
+
+/*
+**  Print an array of words in columns.
+*/
+static void
+columns(int ac, unsigned char **av)
+{
+    unsigned char	*p;
+    int		i;
+    int		j;
+    int		k;
+    int		len;
+    int		skip;
+    int		longest;
+    int		cols;
+
+    /* Find longest name, determine column count from that. */
+    for (longest = 0, i = 0; i < ac; i++)
+	if ((j = strlen((char *)av[i])) > longest)
+	    longest = j;
+    cols = TTYwidth / (longest + 3);
+
+    TTYputs(NEWLINE);
+    for (skip = ac / cols + 1, i = 0; i < skip; i++) {
+	for (j = i; j < ac; j += skip) {
+	    for (p = av[j], len = strlen((char *)p), k = len; --k >= 0; p++)
+		TTYput(*p);
+	    if (j + skip < ac)
+		while (++len < longest + 3)
+		    TTYput(' ');
+	}
+	TTYputs(NEWLINE);
+    }
+}
+
+static void
+reposition()
+{
+    int		i;
+    unsigned char	*p;
+
+    TTYput('\r');
+    TTYputs(Prompt);
+    for (i = Point, p = Line; --i >= 0; p++)
+	TTYshow(*p);
+}
+
+static void
+left(STATUS Change)
+{
+    TTYback();
+    if (Point) {
+	if (ISCTL(Line[Point - 1]))
+	    TTYback();
+        else if (rl_meta_chars && ISMETA(Line[Point - 1])) {
+	    TTYback();
+	    TTYback();
+	}
+    }
+    if (Change == CSmove)
+	Point--;
+}
+
+static void
+right(STATUS Change)
+{
+    TTYshow(Line[Point]);
+    if (Change == CSmove)
+	Point++;
+}
+
+static STATUS
+ring_bell()
+{
+    TTYput('\07');
+    TTYflush();
+    return CSstay;
+}
+
+static STATUS
+do_macro(unsigned char c)
+{
+    unsigned char		name[4];
+
+    name[0] = '_';
+    name[1] = c;
+    name[2] = '_';
+    name[3] = '\0';
+
+    if ((Input = (unsigned char *)getenv((char *)name)) == NULL) {
+	Input = NIL;
+	return ring_bell();
+    }
+    return CSstay;
+}
+
+static STATUS
+do_forward(STATUS move)
+{
+    int		i;
+    unsigned char	*p;
+
+    i = 0;
+    do {
+	p = &Line[Point];
+	for ( ; Point < End && (*p == ' ' || !isalnum(*p)); Point++, p++)
+	    if (move == CSmove)
+		right(CSstay);
+
+	for (; Point < End && isalnum(*p); Point++, p++)
+	    if (move == CSmove)
+		right(CSstay);
+
+	if (Point == End)
+	    break;
+    } while (++i < Repeat);
+
+    return CSstay;
+}
+
+static STATUS
+do_case(CASE type)
+{
+    int		i;
+    int		end;
+    int		count;
+    unsigned char	*p;
+
+    do_forward(CSstay);
+    if (OldPoint != Point) {
+	if ((count = Point - OldPoint) < 0)
+	    count = -count;
+	Point = OldPoint;
+	if ((end = Point + count) > End)
+	    end = End;
+	for (i = Point, p = &Line[i]; i < end; i++, p++) {
+	    if (type == TOupper) {
+		if (islower(*p))
+		    *p = toupper(*p);
+	    }
+	    else if (isupper(*p))
+		*p = tolower(*p);
+	    right(CSmove);
+	}
+    }
+    return CSstay;
+}
+
+static STATUS
+case_down_word()
+{
+    return do_case(TOlower);
+}
+
+static STATUS
+case_up_word()
+{
+    return do_case(TOupper);
+}
+
+static void
+ceol()
+{
+    int		extras;
+    int		i;
+    unsigned char	*p;
+
+    for (extras = 0, i = Point, p = &Line[i]; i <= End; i++, p++) {
+	TTYput(' ');
+	if (ISCTL(*p)) {
+	    TTYput(' ');
+	    extras++;
+	}
+	else if (rl_meta_chars && ISMETA(*p)) {
+	    TTYput(' ');
+	    TTYput(' ');
+	    extras += 2;
+	}
+    }
+
+    for (i += extras; i > Point; i--)
+	TTYback();
+}
+
+static void
+clear_line()
+{
+    Point = -strlen(Prompt);
+    TTYput('\r');
+    ceol();
+    Point = 0;
+    End = 0;
+    Line[0] = '\0';
+}
+
+static STATUS
+insert_string(unsigned char *p)
+{
+    size_t	len;
+    int		i;
+    unsigned char	*new;
+    unsigned char	*q;
+
+    len = strlen((char *)p);
+    if (End + len >= Length) {
+	if ((new = malloc(sizeof(unsigned char) * (Length + len + MEM_INC))) == NULL)
+	    return CSstay;
+	if (Length) {
+	    memcpy(new, Line, Length);
+	    free(Line);
+	}
+	Line = new;
+	Length += len + MEM_INC;
+    }
+
+    for (q = &Line[Point], i = End - Point; --i >= 0; )
+	q[len + i] = q[i];
+    memcpy(&Line[Point], p, len);
+    End += len;
+    Line[End] = '\0';
+    TTYstring(&Line[Point]);
+    Point += len;
+
+    return Point == End ? CSstay : CSmove;
+}
+
+
+static unsigned char *
+next_hist()
+{
+    return H.Pos >= H.Size - 1 ? NULL : H.Lines[++H.Pos];
+}
+
+static unsigned char *
+prev_hist()
+{
+    return H.Pos == 0 ? NULL : H.Lines[--H.Pos];
+}
+
+static STATUS
+do_insert_hist(unsigned char *p)
+{
+    if (p == NULL)
+	return ring_bell();
+    Point = 0;
+    reposition();
+    ceol();
+    End = 0;
+    return insert_string(p);
+}
+
+static STATUS
+do_hist(unsigned char *(*move)())
+{
+    unsigned char	*p;
+    int		i;
+
+    i = 0;
+    do {
+	if ((p = (*move)()) == NULL)
+	    return ring_bell();
+    } while (++i < Repeat);
+    return do_insert_hist(p);
+}
+
+static STATUS
+h_next()
+{
+    return do_hist(next_hist);
+}
+
+static STATUS
+h_prev()
+{
+    return do_hist(prev_hist);
+}
+
+static STATUS
+h_first()
+{
+    return do_insert_hist(H.Lines[H.Pos = 0]);
+}
+
+static STATUS
+h_last()
+{
+    return do_insert_hist(H.Lines[H.Pos = H.Size - 1]);
+}
+
+/*
+**  Return zero if pat appears as a substring in text.
+*/
+static int
+substrcmp(char *text, char *pat, int len)
+{
+    unsigned char	c;
+
+    if ((c = *pat) == '\0')
+        return *text == '\0';
+    for ( ; *text; text++)
+        if (*text == c && strncmp(text, pat, len) == 0)
+            return 0;
+    return 1;
+}
+
+static unsigned char *
+search_hist(unsigned char *search, unsigned char *(*move)())
+{
+    static unsigned char	*old_search;
+    int		len;
+    int		pos;
+    int		(*match)();
+    char	*pat;
+
+    /* Save or get remembered search pattern. */
+    if (search && *search) {
+	if (old_search)
+	    free(old_search);
+	old_search = (unsigned char *)strdup((char *)search);
+    }
+    else {
+	if (old_search == NULL || *old_search == '\0')
+            return NULL;
+	search = old_search;
+    }
+
+    /* Set up pattern-finder. */
+    if (*search == '^') {
+	match = strncmp;
+	pat = (char *)(search + 1);
+    }
+    else {
+	match = substrcmp;
+	pat = (char *)search;
+    }
+    len = strlen(pat);
+
+    for (pos = H.Pos; (*move)() != NULL; )
+	if ((*match)((char *)H.Lines[H.Pos], pat, len) == 0)
+            return H.Lines[H.Pos];
+    H.Pos = pos;
+    return NULL;
+}
+
+static STATUS
+h_search()
+{
+    static int	Searching;
+    const char	*old_prompt;
+    unsigned char	*(*move)();
+    unsigned char	*p;
+
+    if (Searching)
+	return ring_bell();
+    Searching = 1;
+
+    clear_line();
+    old_prompt = Prompt;
+    Prompt = "Search: ";
+    TTYputs(Prompt);
+    move = Repeat == NO_ARG ? prev_hist : next_hist;
+    p = search_hist(editinput(), move);
+    clear_line();
+    Prompt = old_prompt;
+    TTYputs(Prompt);
+
+    Searching = 0;
+    return do_insert_hist(p);
+}
+
+static STATUS
+fd_char()
+{
+    int		i;
+
+    i = 0;
+    do {
+	if (Point >= End)
+	    break;
+	right(CSmove);
+    } while (++i < Repeat);
+    return CSstay;
+}
+
+static void
+save_yank(int begin, int i)
+{
+    if (Yanked) {
+	free(Yanked);
+	Yanked = NULL;
+    }
+
+    if (i < 1)
+	return;
+
+    if ((Yanked = malloc(sizeof(unsigned char) * (i + 1))) != NULL) {
+	memcpy(Yanked, &Line[begin], i);
+	Yanked[i+1] = '\0';
+    }
+}
+
+static STATUS
+delete_string(int count)
+{
+    int		i;
+    unsigned char	*p;
+
+    if (count <= 0 || End == Point)
+	return ring_bell();
+
+    if (count == 1 && Point == End - 1) {
+	/* Optimize common case of delete at end of line. */
+	End--;
+	p = &Line[Point];
+	i = 1;
+	TTYput(' ');
+	if (ISCTL(*p)) {
+	    i = 2;
+	    TTYput(' ');
+	}
+	else if (rl_meta_chars && ISMETA(*p)) {
+	    i = 3;
+	    TTYput(' ');
+	    TTYput(' ');
+	}
+	TTYbackn(i);
+	*p = '\0';
+	return CSmove;
+    }
+    if (Point + count > End && (count = End - Point) <= 0)
+	return CSstay;
+
+    if (count > 1)
+	save_yank(Point, count);
+
+    for (p = &Line[Point], i = End - (Point + count) + 1; --i >= 0; p++)
+	p[0] = p[count];
+    ceol();
+    End -= count;
+    TTYstring(&Line[Point]);
+    return CSmove;
+}
+
+static STATUS
+bk_char()
+{
+    int		i;
+
+    i = 0;
+    do {
+	if (Point == 0)
+	    break;
+	left(CSmove);
+    } while (++i < Repeat);
+
+    return CSstay;
+}
+
+static STATUS
+bk_del_char()
+{
+    int		i;
+
+    i = 0;
+    do {
+	if (Point == 0)
+	    break;
+	left(CSmove);
+    } while (++i < Repeat);
+
+    return delete_string(i);
+}
+
+static STATUS
+redisplay()
+{
+    TTYputs(NEWLINE);
+    TTYputs(Prompt);
+    TTYstring(Line);
+    return CSmove;
+}
+
+static STATUS
+kill_line()
+{
+    int		i;
+
+    if (Repeat != NO_ARG) {
+	if (Repeat < Point) {
+	    i = Point;
+	    Point = Repeat;
+	    reposition();
+	    delete_string(i - Point);
+	}
+	else if (Repeat > Point) {
+	    right(CSmove);
+	    delete_string(Repeat - Point - 1);
+	}
+	return CSmove;
+    }
+
+    save_yank(Point, End - Point);
+    Line[Point] = '\0';
+    ceol();
+    End = Point;
+    return CSstay;
+}
+
+static STATUS
+insert_char(int c)
+{
+    STATUS	s;
+    unsigned char	buff[2];
+    unsigned char	*p;
+    unsigned char	*q;
+    int		i;
+
+    if (Repeat == NO_ARG || Repeat < 2) {
+	buff[0] = c;
+	buff[1] = '\0';
+	return insert_string(buff);
+    }
+
+    if ((p = malloc(Repeat + 1)) == NULL)
+	return CSstay;
+    for (i = Repeat, q = p; --i >= 0; )
+	*q++ = c;
+    *q = '\0';
+    Repeat = 0;
+    s = insert_string(p);
+    free(p);
+    return s;
+}
+
+static STATUS
+meta()
+{
+    unsigned int	c;
+    KEYMAP		*kp;
+
+    if ((c = TTYget()) == EOF)
+	return CSeof;
+    /* Also include VT-100 arrows. */
+    if (c == '[' || c == 'O')
+	switch (c = TTYget()) {
+	default:	return ring_bell();
+	case EOF:	return CSeof;
+	case 'A':	return h_prev();
+	case 'B':	return h_next();
+	case 'C':	return fd_char();
+	case 'D':	return bk_char();
+	}
+
+    if (isdigit(c)) {
+	for (Repeat = c - '0'; (c = TTYget()) != EOF && isdigit(c); )
+	    Repeat = Repeat * 10 + c - '0';
+	Pushed = 1;
+	PushBack = c;
+	return CSstay;
+    }
+
+    if (isupper(c))
+	return do_macro(c);
+    for (OldPoint = Point, kp = MetaMap; kp->Function; kp++)
+	if (kp->Key == c)
+	    return (*kp->Function)();
+
+    return ring_bell();
+}
+
+static STATUS
+emacs(unsigned int c)
+{
+    STATUS		s;
+    KEYMAP		*kp;
+
+    if (ISMETA(c)) {
+	Pushed = 1;
+	PushBack = UNMETA(c);
+	return meta();
+    }
+    for (kp = Map; kp->Function; kp++)
+	if (kp->Key == c)
+	    break;
+    s = kp->Function ? (*kp->Function)() : insert_char((int)c);
+    if (!Pushed)
+	/* No pushback means no repeat count; hacky, but true. */
+	Repeat = NO_ARG;
+    return s;
+}
+
+static STATUS
+TTYspecial(unsigned int c)
+{
+    if (ISMETA(c))
+	return CSdispatch;
+
+    if (c == rl_erase || c == DEL)
+	return bk_del_char();
+    if (c == rl_kill) {
+	if (Point != 0) {
+	    Point = 0;
+	    reposition();
+	}
+	Repeat = NO_ARG;
+	return kill_line();
+    }
+    if (c == rl_intr || c == rl_quit) {
+	Point = End = 0;
+	Line[0] = '\0';
+	return redisplay();
+    }
+    if (c == rl_eof && Point == 0 && End == 0)
+	return CSeof;
+
+    return CSdispatch;
+}
+
+static unsigned char *
+editinput()
+{
+    unsigned int	c;
+
+    Repeat = NO_ARG;
+    OldPoint = Point = Mark = End = 0;
+    Line[0] = '\0';
+
+    while ((c = TTYget()) != EOF)
+	switch (TTYspecial(c)) {
+	case CSdone:
+	    return Line;
+	case CSeof:
+	    return NULL;
+	case CSmove:
+	    reposition();
+	    break;
+	case CSdispatch:
+	    switch (emacs(c)) {
+	    case CSdone:
+		return Line;
+	    case CSeof:
+		return NULL;
+	    case CSmove:
+		reposition();
+		break;
+	    case CSdispatch:
+	    case CSstay:
+		break;
+	    }
+	    break;
+	case CSstay:
+	    break;
+	}
+    return NULL;
+}
+
+static void
+hist_add(unsigned char *p)
+{
+    int		i;
+
+    if ((p = (unsigned char *)strdup((char *)p)) == NULL)
+	return;
+    if (H.Size < HIST_SIZE)
+	H.Lines[H.Size++] = p;
+    else {
+	free(H.Lines[0]);
+	for (i = 0; i < HIST_SIZE - 1; i++)
+	    H.Lines[i] = H.Lines[i + 1];
+	H.Lines[i] = p;
+    }
+    H.Pos = H.Size - 1;
+}
+
+/*
+**  For compatibility with FSF readline.
+*/
+/* ARGSUSED0 */
+void
+rl_reset_terminal(char *p)
+{
+}
+
+void
+rl_initialize(void)
+{
+}
+
+char *
+readline(const char* prompt)
+{
+    unsigned char	*line;
+
+    if (Line == NULL) {
+	Length = MEM_INC;
+	if ((Line = malloc(Length)) == NULL)
+	    return NULL;
+    }
+
+    TTYinfo();
+    rl_ttyset(0);
+    hist_add(NIL);
+    ScreenSize = SCREEN_INC;
+    Screen = malloc(ScreenSize);
+    Prompt = prompt ? prompt : (char *)NIL;
+    TTYputs(Prompt);
+    if ((line = editinput()) != NULL) {
+	line = (unsigned char *)strdup((char *)line);
+	TTYputs(NEWLINE);
+	TTYflush();
+    }
+    rl_ttyset(1);
+    free(Screen);
+    free(H.Lines[--H.Size]);
+    return (char *)line;
+}
+
+void
+add_history(char *p)
+{
+    if (p == NULL || *p == '\0')
+	return;
+
+#if	defined(UNIQUE_HISTORY)
+    if (H.Pos && strcmp(p, H.Lines[H.Pos - 1]) == 0)
+        return;
+#endif	/* defined(UNIQUE_HISTORY) */
+    hist_add((unsigned char *)p);
+}
+
+
+static STATUS
+beg_line()
+{
+    if (Point) {
+	Point = 0;
+	return CSmove;
+    }
+    return CSstay;
+}
+
+static STATUS
+del_char()
+{
+    return delete_string(Repeat == NO_ARG ? 1 : Repeat);
+}
+
+static STATUS
+end_line()
+{
+    if (Point != End) {
+	Point = End;
+	return CSmove;
+    }
+    return CSstay;
+}
+
+/*
+**  Move back to the beginning of the current word and return an
+**  allocated copy of it.
+*/
+static unsigned char *
+find_word()
+{
+    static char	SEPS[] = "#;&|^$=`'{}()<>\n\t ";
+    unsigned char	*p;
+    unsigned char	*new;
+    size_t	len;
+
+    for (p = &Line[Point]; p > Line && strchr(SEPS, (char)p[-1]) == NULL; p--)
+	continue;
+    len = Point - (p - Line) + 1;
+    if ((new = malloc(len)) == NULL)
+	return NULL;
+    memcpy(new, p, len);
+    new[len - 1] = '\0';
+    return new;
+}
+
+static STATUS
+c_complete()
+{
+    unsigned char	*p;
+    unsigned char	*word;
+    int		unique;
+    STATUS	s;
+
+    word = find_word();
+    p = (unsigned char *)rl_complete((char *)word, &unique);
+    if (word)
+	free(word);
+    if (p && *p) {
+	s = insert_string(p);
+	if (!unique)
+	    ring_bell();
+	free(p);
+	return s;
+    }
+    return ring_bell();
+}
+
+static STATUS
+c_possible()
+{
+    unsigned char	**av;
+    unsigned char	*word;
+    int		ac;
+
+    word = find_word();
+    ac = rl_list_possib((char *)word, (char ***)&av);
+    if (word)
+	free(word);
+    if (ac) {
+	columns(ac, av);
+	while (--ac >= 0)
+	    free(av[ac]);
+	free(av);
+	return CSmove;
+    }
+    return ring_bell();
+}
+
+static STATUS
+accept_line()
+{
+    Line[End] = '\0';
+    return CSdone;
+}
+
+static STATUS
+transpose()
+{
+    unsigned char	c;
+
+    if (Point) {
+	if (Point == End)
+	    left(CSmove);
+	c = Line[Point - 1];
+	left(CSstay);
+	Line[Point - 1] = Line[Point];
+	TTYshow(Line[Point - 1]);
+	Line[Point++] = c;
+	TTYshow(c);
+    }
+    return CSstay;
+}
+
+static STATUS
+quote()
+{
+    unsigned int	c;
+
+    return (c = TTYget()) == EOF ? CSeof : insert_char((int)c);
+}
+
+static STATUS
+wipe()
+{
+    int		i;
+
+    if (Mark > End)
+	return ring_bell();
+
+    if (Point > Mark) {
+	i = Point;
+	Point = Mark;
+	Mark = i;
+	reposition();
+    }
+
+    return delete_string(Mark - Point);
+}
+
+static STATUS
+mk_set()
+{
+    Mark = Point;
+    return CSstay;
+}
+
+static STATUS
+exchange()
+{
+    unsigned int	c;
+
+    if ((c = TTYget()) != CTL('X'))
+	return c == EOF ? CSeof : ring_bell();
+
+    if ((c = Mark) <= End) {
+	Mark = Point;
+	Point = c;
+	return CSmove;
+    }
+    return CSstay;
+}
+
+static STATUS
+yank()
+{
+    if (Yanked && *Yanked)
+	return insert_string(Yanked);
+    return CSstay;
+}
+
+static STATUS
+copy_region()
+{
+    if (Mark > End)
+	return ring_bell();
+
+    if (Point > Mark)
+	save_yank(Mark, Point - Mark);
+    else
+	save_yank(Point, Mark - Point);
+
+    return CSstay;
+}
+
+static STATUS
+move_to_char()
+{
+    unsigned int	c;
+    int			i;
+    unsigned char		*p;
+
+    if ((c = TTYget()) == EOF)
+	return CSeof;
+    for (i = Point + 1, p = &Line[i]; i < End; i++, p++)
+	if (*p == c) {
+	    Point = i;
+	    return CSmove;
+	}
+    return CSstay;
+}
+
+static STATUS
+fd_word()
+{
+    return do_forward(CSmove);
+}
+
+static STATUS
+fd_kill_word()
+{
+    int		i;
+
+    do_forward(CSstay);
+    if (OldPoint != Point) {
+	i = Point - OldPoint;
+	Point = OldPoint;
+	return delete_string(i);
+    }
+    return CSstay;
+}
+
+static STATUS
+bk_word()
+{
+    int		i;
+    unsigned char	*p;
+
+    i = 0;
+    do {
+	for (p = &Line[Point]; p > Line && !isalnum(p[-1]); p--)
+	    left(CSmove);
+
+	for (; p > Line && p[-1] != ' ' && isalnum(p[-1]); p--)
+	    left(CSmove);
+
+	if (Point == 0)
+	    break;
+    } while (++i < Repeat);
+
+    return CSstay;
+}
+
+static STATUS
+bk_kill_word()
+{
+    bk_word();
+    if (OldPoint != Point)
+	return delete_string(OldPoint - Point);
+    return CSstay;
+}
+
+static int
+argify(unsigned char *line, unsigned char ***avp)
+{
+    unsigned char	*c;
+    unsigned char	**p;
+    unsigned char	**new;
+    int		ac;
+    int		i;
+
+    i = MEM_INC;
+    if ((*avp = p = malloc(sizeof(unsigned char*) * i))== NULL)
+	 return 0;
+
+    for (c = line; isspace(*c); c++)
+	continue;
+    if (*c == '\n' || *c == '\0')
+	return 0;
+
+    for (ac = 0, p[ac++] = c; *c && *c != '\n'; ) {
+	if (isspace(*c)) {
+	    *c++ = '\0';
+	    if (*c && *c != '\n') {
+		if (ac + 1 == i) {
+		    new = malloc(sizeof(unsigned char*) * (i + MEM_INC));
+		    if (new == NULL) {
+			p[ac] = NULL;
+			return ac;
+		    }
+		    memcpy(new, p, i * sizeof (char **));
+		    i += MEM_INC;
+		    free(p);
+		    *avp = p = new;
+		}
+		p[ac++] = c;
+	    }
+	}
+	else
+	    c++;
+    }
+    *c = '\0';
+    p[ac] = NULL;
+    return ac;
+}
+
+static STATUS
+last_argument()
+{
+    unsigned char	**av;
+    unsigned char	*p;
+    STATUS	s;
+    int		ac;
+
+    if (H.Size == 1 || (p = H.Lines[H.Size - 2]) == NULL)
+	return ring_bell();
+
+    if ((p = (unsigned char *)strdup((char *)p)) == NULL)
+	return CSstay;
+    ac = argify(p, &av);
+
+    if (Repeat != NO_ARG)
+	s = Repeat < ac ? insert_string(av[Repeat]) : ring_bell();
+    else
+	s = ac ? insert_string(av[ac - 1]) : CSstay;
+
+    if (ac)
+	free(av);
+    free(p);
+    return s;
+}
+
+static KEYMAP	Map[33] = {
+    {	CTL('@'),	ring_bell	},
+    {	CTL('A'),	beg_line	},
+    {	CTL('B'),	bk_char		},
+    {	CTL('D'),	del_char	},
+    {	CTL('E'),	end_line	},
+    {	CTL('F'),	fd_char		},
+    {	CTL('G'),	ring_bell	},
+    {	CTL('H'),	bk_del_char	},
+    {	CTL('I'),	c_complete	},
+    {	CTL('J'),	accept_line	},
+    {	CTL('K'),	kill_line	},
+    {	CTL('L'),	redisplay	},
+    {	CTL('M'),	accept_line	},
+    {	CTL('N'),	h_next		},
+    {	CTL('O'),	ring_bell	},
+    {	CTL('P'),	h_prev		},
+    {	CTL('Q'),	ring_bell	},
+    {	CTL('R'),	h_search	},
+    {	CTL('S'),	ring_bell	},
+    {	CTL('T'),	transpose	},
+    {	CTL('U'),	ring_bell	},
+    {	CTL('V'),	quote		},
+    {	CTL('W'),	wipe		},
+    {	CTL('X'),	exchange	},
+    {	CTL('Y'),	yank		},
+    {	CTL('Z'),	ring_bell	},
+    {	CTL('['),	meta		},
+    {	CTL(']'),	move_to_char	},
+    {	CTL('^'),	ring_bell	},
+    {	CTL('_'),	ring_bell	},
+    {	0,		NULL		}
+};
+
+static KEYMAP	MetaMap[16]= {
+    {	CTL('H'),	bk_kill_word	},
+    {	DEL,		bk_kill_word	},
+    {	' ',		mk_set	},
+    {	'.',		last_argument	},
+    {	'<',		h_first		},
+    {	'>',		h_last		},
+    {	'?',		c_possible	},
+    {	'b',		bk_word		},
+    {	'd',		fd_kill_word	},
+    {	'f',		fd_word		},
+    {	'l',		case_down_word	},
+    {	'u',		case_up_word	},
+    {	'y',		yank		},
+    {	'w',		copy_region	},
+    {	0,		NULL		}
+};
diff --git a/crypto/heimdal/lib/editline/editline.cat3 b/crypto/heimdal/lib/editline/editline.cat3
new file mode 100644
index 0000000..6e7e63e
--- /dev/null
+++ b/crypto/heimdal/lib/editline/editline.cat3
@@ -0,0 +1,198 @@
+
+
+
+EDITLINE(3)                                                       EDITLINE(3)
+
+
+
+NAME
+  editline - command-line editing library with history
+
+SYNOPSIS
+  cchhaarr **
+  rreeaaddlliinnee((pprroommpptt))
+       cchhaarr       **pprroommpptt;;
+
+  vvooiidd
+  aadddd__hhiissttoorryy((lliinnee))
+      cchhaarr        **lliinnee;;
+
+DESCRIPTION
+  _E_d_i_t_l_i_n_e is a library that provides an line-editing interface with text
+  recall.  It is intended to be compatible with the _r_e_a_d_l_i_n_e library provided
+  by the Free Software Foundation, but much smaller.  The bulk of this manual
+  page describes the user interface.
+
+  The _r_e_a_d_l_i_n_e routine returns a line of text with the trailing newline
+  removed.  The data is returned in a buffer allocated with _m_a_l_l_o_c(3), so the
+  space should be released with _f_r_e_e(3) when the calling program is done with
+  it.  Before accepting input from the user, the specified _p_r_o_m_p_t is dis-
+  played on the terminal.
+
+  The _a_d_d___h_i_s_t_o_r_y routine makes a copy of the specified _l_i_n_e and adds it to
+  the internal history list.
+
+  User Interface
+
+  A program that uses this library provides a simple emacs-like editing
+  interface to its users.  A line may be edited before it is sent to the
+  calling program by typing either control characters or escape sequences.  A
+  control character, shown as a caret followed by a letter, is typed by hold-
+  ing down the ``control'' key while the letter is typed.  For example,
+  ``^A'' is a control-A.  An escape sequence is entered by typing the
+  ``escape'' key followed by one or more characters.  The escape key is
+  abbreviated as ``ESC.''  Note that unlike control keys, case matters in
+  escape sequences; ``ESC F'' is not the same as ``ESC f''.
+
+  An editing command may be typed anywhere on the line, not just at the
+  beginning.  In addition, a return may also be typed anywhere on the line,
+  not just at the end.
+
+  Most editing commands may be given a repeat count, _n, where _n is a number.
+  To enter a repeat count, type the escape key, the number, and then the com-
+  mand to execute.  For example, ``ESC 4 ^f'' moves forward four characters.
+  If a command may be given a repeat count then the text ``[n]'' is given at
+  the end of its description.
+
+  The following control characters are accepted:
+       ^A       Move to the beginning of the line
+       ^B       Move left (backwards) [n]
+       ^D       Delete character [n]
+       ^E       Move to end of line
+       ^F       Move right (forwards) [n]
+       ^G       Ring the bell
+       ^H       Delete character before cursor (backspace key) [n]
+       ^I       Complete filename (tab key); see below
+       ^J       Done with line (return key)
+       ^K       Kill to end of line (or column [n])
+       ^L       Redisplay line
+       ^M       Done with line (alternate return key)
+       ^N       Get next line from history [n]
+       ^P       Get previous line from history [n]
+       ^R       Search backward (forward if [n]) through history for text;
+                must start line if text begins with an uparrow
+       ^T       Transpose characters
+       ^V       Insert next character, even if it is an edit command
+       ^W       Wipe to the mark
+       ^X^X     Exchange current location and mark
+       ^Y       Yank back last killed text
+       ^[       Start an escape sequence (escape key)
+       ^]c      Move forward to next character ``c''
+       ^?       Delete character before cursor (delete key) [n]
+
+  The following escape sequences are provided.
+       ESC ^H   Delete previous word (backspace key) [n]
+       ESC DEL  Delete previous word (delete key) [n]
+       ESC SP   Set the mark (space key); see ^X^X and ^Y above
+       ESC .    Get the last (or [n]'th) word from previous line
+       ESC ?    Show possible completions; see below
+       ESC <    Move to start of history
+       ESC >    Move to end of history
+       ESC b    Move backward a word [n]
+       ESC d    Delete word under cursor [n]
+       ESC f    Move forward a word [n]
+       ESC l    Make word lowercase [n]
+       ESC u    Make word uppercase [n]
+       ESC y    Yank back last killed text
+       ESC v    Show library version
+       ESC w    Make area up to mark yankable
+       ESC nn   Set repeat count to the number nn
+       ESC C    Read from environment variable ``_C_'', where C is
+                an uppercase letter
+
+  The _e_d_i_t_l_i_n_e library has a small macro facility.  If you type the escape
+  key followed by an uppercase letter, _C, then the contents of the environ-
+  ment variable ___C__ are read in as if you had typed them at the keyboard.
+  For example, if the variable ___L__ contains the following:
+       ^A^Kecho '^V^[[H^V^[[2J'^M
+  Then typing ``ESC L'' will move to the beginning of the line, kill the
+  entire line, enter the echo command needed to clear the terminal (if your
+  terminal is like a VT-100), and send the line back to the shell.
+
+  The _e_d_i_t_l_i_n_e library also does filename completion.  Suppose the root
+  directory has the following files in it:
+       bin    vmunix
+       core   vmunix.old
+  If you type ``rm /v'' and then the tab key.  _E_d_i_t_l_i_n_e will then finish off
+  as much of the name as possible by adding ``munix''.  Because the name is
+  not unique, it will then beep.  If you type the escape key and a question
+  mark, it will display the two choices.  If you then type a period and a
+  tab, the library will finish off the filename for you:
+       rm /v[TAB]_m_u_n_i_x.TAB_o_l_d
+  The tab key is shown by ``[TAB]'' and the automatically-entered text is
+  shown in italics.
+
+
+
+BUGS AND LIMITATIONS
+  Cannot handle lines more than 80 columns.
+
+
+
+
+AUTHORS
+  Simmule R. Turner <uunet.uu.net!capitol!sysgo!simmy> and Rich $alz
+  <rsalz@osf.org>.  Original manual page by DaviD W. Sanderson
+  <dws@ssec.wisc.edu>.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/crypto/heimdal/lib/editline/editline.h b/crypto/heimdal/lib/editline/editline.h
new file mode 100644
index 0000000..a948ddc
--- /dev/null
+++ b/crypto/heimdal/lib/editline/editline.h
@@ -0,0 +1,64 @@
+/*  $Revision: 1.4 $
+**
+**  Internal header file for editline library.
+*/
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define CRLF		"\r\n"
+
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+
+#ifdef HAVE_DIRENT_H
+#include <dirent.h>
+typedef struct dirent	DIRENTRY;
+#else
+#include <sys/dir.h>
+typedef struct direct	DIRENTRY;
+#endif
+
+#include <roken.h>
+
+#if	!defined(S_ISDIR)
+#define S_ISDIR(m)		(((m) & S_IFMT) == S_IFDIR)
+#endif	/* !defined(S_ISDIR) */
+
+typedef unsigned char	CHAR;
+
+#define MEM_INC		64
+#define SCREEN_INC	256
+
+/*
+**  Variables and routines internal to this package.
+*/
+extern int	rl_eof;
+extern int	rl_erase;
+extern int	rl_intr;
+extern int	rl_kill;
+extern int	rl_quit;
+
+typedef char* (*rl_complete_func_t)(char*, int*);
+
+typedef int (*rl_list_possib_func_t)(char*, char***);
+
+void	add_history (char*);
+char*	readline (const char* prompt);
+void	rl_add_slash (char*, char*);
+char*	rl_complete (char*, int*);
+void	rl_initialize (void);
+int	rl_list_possib (char*, char***);
+void	rl_reset_terminal (char*);
+void	rl_ttyset (int);
+rl_complete_func_t	rl_set_complete_func (rl_complete_func_t);
+rl_list_possib_func_t	rl_set_list_possib_func (rl_list_possib_func_t);
+ 
diff --git a/crypto/heimdal/lib/editline/roken_rename.h b/crypto/heimdal/lib/editline/roken_rename.h
new file mode 100644
index 0000000..9ea278d
--- /dev/null
+++ b/crypto/heimdal/lib/editline/roken_rename.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/* $Id: roken_rename.h,v 1.4 1999/12/02 16:58:39 joda Exp $ */
+
+#ifndef __roken_rename_h__
+#define __roken_rename_h__
+
+#ifndef HAVE_STRDUP
+#define strdup _editline_strdup
+#endif
+#ifndef HAVE_SNPRINTF
+#define snprintf _editline_snprintf
+#endif
+#ifndef HAVE_VSNPRINTF
+#define vsnprintf _editline_vsnprintf
+#endif
+#ifndef HAVE_ASPRINTF
+#define asprintf _editline_asprintf
+#endif
+#ifndef HAVE_ASNPRINTF
+#define asnprintf _editline_asnprintf
+#endif
+#ifndef HAVE_VASPRINTF
+#define vasprintf _editline_vasprintf
+#endif
+#ifndef HAVE_VASNPRINTF
+#define vasnprintf _editline_vasnprintf
+#endif
+
+#endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/editline/sysunix.c b/crypto/heimdal/lib/editline/sysunix.c
new file mode 100644
index 0000000..bcd6def
--- /dev/null
+++ b/crypto/heimdal/lib/editline/sysunix.c
@@ -0,0 +1,92 @@
+/*  Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved. 
+ *
+ *  This software is not subject to any license of the American Telephone 
+ *  and Telegraph Company or of the Regents of the University of California. 
+ *
+ *  Permission is granted to anyone to use this software for any purpose on
+ *  any computer system, and to alter it and redistribute it freely, subject
+ *  to the following restrictions:
+ *  1. The authors are not responsible for the consequences of use of this
+ *     software, no matter how awful, even if they arise from flaws in it.
+ *  2. The origin of this software must not be misrepresented, either by
+ *     explicit claim or by omission.  Since few users ever read sources,
+ *     credits must appear in the documentation.
+ *  3. Altered versions must be plainly marked as such, and must not be
+ *     misrepresented as being the original software.  Since few users
+ *     ever read sources, credits must appear in the documentation.
+ *  4. This notice may not be removed or altered.
+ */
+
+/*
+**  Unix system-dependant routines for editline library.
+*/
+#include <config.h>
+#include "editline.h"
+
+#ifdef HAVE_TERMIOS_H
+#include <termios.h>
+#else
+#include <sgtty.h>
+#endif
+
+RCSID("$Id: sysunix.c,v 1.4 1999/04/08 13:08:24 joda Exp $");
+
+#ifdef HAVE_TERMIOS_H
+
+void
+rl_ttyset(int Reset)
+{
+    static struct termios	old;
+    struct termios		new;
+    
+    if (Reset == 0) {
+	tcgetattr(0, &old);
+	rl_erase = old.c_cc[VERASE];
+	rl_kill = old.c_cc[VKILL];
+	rl_eof = old.c_cc[VEOF];
+	rl_intr = old.c_cc[VINTR];
+	rl_quit = old.c_cc[VQUIT];
+
+	new = old;
+	new.c_cc[VINTR] = -1;
+	new.c_cc[VQUIT] = -1;
+	new.c_lflag &= ~(ECHO | ICANON);
+	new.c_iflag &= ~(ISTRIP | INPCK);
+	new.c_cc[VMIN] = 1;
+	new.c_cc[VTIME] = 0;
+	tcsetattr(0, TCSANOW, &new);
+    }
+    else
+	tcsetattr(0, TCSANOW, &old);
+}
+
+#else /* !HAVE_TERMIOS_H */
+
+void
+rl_ttyset(int Reset)
+{
+       static struct sgttyb old;
+       struct sgttyb new;
+
+       if (Reset == 0) {
+               ioctl(0, TIOCGETP, &old);
+               rl_erase = old.sg_erase;
+               rl_kill = old.sg_kill;
+               new = old;
+               new.sg_flags &= ~(ECHO | ICANON);
+               new.sg_flags &= ~(ISTRIP | INPCK);
+               ioctl(0, TIOCSETP, &new);
+       } else {
+               ioctl(0, TIOCSETP, &old);
+       }
+}
+#endif /* HAVE_TERMIOS_H */
+
+void
+rl_add_slash(char *path, char *p)
+{
+    struct stat	Sb;
+    
+    if (stat(path, &Sb) >= 0)
+	strcat(p, S_ISDIR(Sb.st_mode) ? "/" : " ");
+}
diff --git a/crypto/heimdal/lib/editline/testit.c b/crypto/heimdal/lib/editline/testit.c
new file mode 100644
index 0000000..4635e36
--- /dev/null
+++ b/crypto/heimdal/lib/editline/testit.c
@@ -0,0 +1,38 @@
+/*  $Revision: 1.2 $
+**
+**  A "micro-shell" to test editline library.
+**  If given any arguments, commands aren't executed.
+*/
+#if defined(HAVE_CONFIG_H)
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_ERRNO_H
+#include <errno.h>
+#endif
+
+#include "editline.h"
+
+int
+main(int ac, char **av)
+{
+    char	*p;
+    int		doit;
+
+    doit = ac == 1;
+    while ((p = readline("testit> ")) != NULL) {
+	(void)printf("\t\t\t|%s|\n", p);
+	if (doit)
+	    if (strncmp(p, "cd ", 3) == 0) {
+		if (chdir(&p[3]) < 0)
+		    perror(&p[3]);
+	    } else if (system(p) != 0) {
+		perror(p);
+	    }
+	add_history(p);
+	free(p);
+    }
+    exit(0);
+    /* NOTREACHED */
+}
diff --git a/crypto/heimdal/lib/editline/unix.h b/crypto/heimdal/lib/editline/unix.h
new file mode 100644
index 0000000..fe6beed
--- /dev/null
+++ b/crypto/heimdal/lib/editline/unix.h
@@ -0,0 +1,22 @@
+/*  $Revision: 1.1 $
+**
+**  Editline system header file for Unix.
+*/
+
+#define CRLF		"\r\n"
+#define FORWARD		STATIC
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#if	defined(USE_DIRENT)
+#include <dirent.h>
+typedef struct dirent	DIRENTRY;
+#else
+#include <sys/dir.h>
+typedef struct direct	DIRENTRY;
+#endif	/* defined(USE_DIRENT) */
+
+#if	!defined(S_ISDIR)
+#define S_ISDIR(m)		(((m) & S_IFMT) == S_IFDIR)
+#endif	/* !defined(S_ISDIR) */
diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog
index e335d4db..99ab271 100644
--- a/crypto/heimdal/lib/gssapi/ChangeLog
+++ b/crypto/heimdal/lib/gssapi/ChangeLog
@@ -1,3 +1,43 @@
+2001-05-17  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump version to 3:1:2
+
+2001-05-14  Assar Westerlund  <assar@sics.se>
+
+	* address_to_krb5addr.c: adapt to new address functions
+
+2001-05-11  Assar Westerlund  <assar@sics.se>
+
+	* try to return the error string from libkrb5 where applicable
+
+2001-05-08  Assar Westerlund  <assar@sics.se>
+
+	* delete_sec_context.c (gss_delete_sec_context): remember to free
+	the memory used by the ticket itself. from <tmartin@mirapoint.com>
+
+2001-05-04  Assar Westerlund  <assar@sics.se>
+
+	* gssapi_locl.h: add config.h for completeness
+	* gssapi.h: remove config.h, this is an installed header file
+	sys/types.h is not needed either
+	
+2001-03-12  Assar Westerlund  <assar@sics.se>
+
+	* acquire_cred.c (gss_acquire_cred): remove memory leaks.  from
+	Jason R Thorpe <thorpej@zembu.com>
+
+2001-02-18  Assar Westerlund  <assar@sics.se>
+
+	* accept_sec_context.c (gss_accept_sec_context): either return
+	gss_name NULL-ed or set
+
+	* import_name.c: set minor_status in some cases where it was not
+	done
+
+2001-02-15  Assar Westerlund  <assar@sics.se>
+
+	* wrap.c: use krb5_generate_random_block for the confounders
+
 2001-01-30  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2
diff --git a/crypto/heimdal/lib/gssapi/Makefile.am b/crypto/heimdal/lib/gssapi/Makefile.am
index a086e29..3132040 100644
--- a/crypto/heimdal/lib/gssapi/Makefile.am
+++ b/crypto/heimdal/lib/gssapi/Makefile.am
@@ -1,11 +1,11 @@
-# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $
+# $Id: Makefile.am,v 1.31 2001/05/16 23:52:27 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
 INCLUDES += -I$(srcdir)/../krb5 $(INCLUDE_krb4)
 
 lib_LTLIBRARIES = libgssapi.la
-libgssapi_la_LDFLAGS = -version-info 3:0:2
+libgssapi_la_LDFLAGS = -version-info 3:1:2
 
 include_HEADERS = gssapi.h
 
diff --git a/crypto/heimdal/lib/gssapi/Makefile.in b/crypto/heimdal/lib/gssapi/Makefile.in
index 4173934..a71a183 100644
--- a/crypto/heimdal/lib/gssapi/Makefile.in
+++ b/crypto/heimdal/lib/gssapi/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $
+# $Id: Makefile.am,v 1.31 2001/05/16 23:52:27 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,10 +186,12 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 lib_LTLIBRARIES = libgssapi.la
-libgssapi_la_LDFLAGS = -version-info 3:0:2
+libgssapi_la_LDFLAGS = -version-info 3:1:2
 
 include_HEADERS = gssapi.h
 
@@ -278,7 +281,7 @@ OBJECTS = $(am_libgssapi_la_OBJECTS)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/gssapi/Makefile
 
@@ -385,6 +388,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/gssapi/accept_sec_context.c b/crypto/heimdal/lib/gssapi/accept_sec_context.c
index a606c55..4cb2427 100644
--- a/crypto/heimdal/lib/gssapi/accept_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/accept_sec_context.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: accept_sec_context.c,v 1.21 2001/01/09 18:47:11 assar Exp $");
+RCSID("$Id: accept_sec_context.c,v 1.24 2001/05/11 09:16:45 assar Exp $");
 
 static krb5_keytab gss_keytab;
 
@@ -76,6 +76,7 @@ gss_accept_sec_context
   krb5_ticket *ticket = NULL;
   krb5_keytab keytab = NULL;
   krb5_data fwd_data;
+  OM_uint32 minor;
 
   gssapi_krb5_init ();
 
@@ -98,10 +99,15 @@ gss_accept_sec_context
   (*context_handle)->more_flags = 0;
   (*context_handle)->ticket = NULL;
 
+  if (src_name != NULL)
+      *src_name = NULL;
+
   kret = krb5_auth_con_init (gssapi_krb5_context,
 			     &(*context_handle)->auth_context);
   if (kret) {
     ret = GSS_S_FAILURE;
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     goto failure;
   }
 
@@ -131,6 +137,7 @@ gss_accept_sec_context
                                &acceptor_addr); 
      if (kret) {
         *minor_status = kret;
+	gssapi_krb5_set_error_string ();
         ret = GSS_S_BAD_BINDINGS;
         goto failure;
      }
@@ -142,6 +149,7 @@ gss_accept_sec_context
      if (kret) {
         krb5_free_address (gssapi_krb5_context, &acceptor_addr);
         *minor_status = kret;
+	gssapi_krb5_set_error_string ();
         ret = GSS_S_BAD_BINDINGS;
         goto failure;
      }
@@ -162,6 +170,7 @@ gss_accept_sec_context
      
      if (kret) {
         *minor_status = kret;
+	gssapi_krb5_set_error_string ();
         ret = GSS_S_BAD_BINDINGS;
         goto failure;
      }
@@ -207,6 +216,8 @@ gss_accept_sec_context
 		      &ticket);
   if (kret) {
     ret = GSS_S_FAILURE;
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     goto failure;
   }
 
@@ -215,6 +226,8 @@ gss_accept_sec_context
 			      &(*context_handle)->source);
   if (kret) {
     ret = GSS_S_FAILURE;
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     goto failure;
   }
 
@@ -223,15 +236,19 @@ gss_accept_sec_context
 			      &(*context_handle)->target);
   if (kret) {
     ret = GSS_S_FAILURE;
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     goto failure;
   }
 
-  if (src_name) {
+  if (src_name != NULL) {
     kret = krb5_copy_principal (gssapi_krb5_context,
 				ticket->client,
 				src_name);
     if (kret) {
       ret = GSS_S_FAILURE;
+      *minor_status = kret;
+      gssapi_krb5_set_error_string ();
       goto failure;
     }
   }
@@ -244,6 +261,8 @@ gss_accept_sec_context
 					&authenticator);
       if(kret) {
 	  ret = GSS_S_FAILURE;
+	  *minor_status = kret;
+	  gssapi_krb5_set_error_string ();
 	  goto failure;
       }
 
@@ -254,6 +273,8 @@ gss_accept_sec_context
       krb5_free_authenticator(gssapi_krb5_context, &authenticator);
       if (kret) {
 	  ret = GSS_S_FAILURE;
+	  *minor_status = kret;
+	  gssapi_krb5_set_error_string ();
 	  goto failure;
       }
   }
@@ -322,6 +343,8 @@ end_fwd:
 			&outbuf);
     if (kret) {
       ret = GSS_S_FAILURE;
+      *minor_status = kret;
+      gssapi_krb5_set_error_string ();
       goto failure;
     }
     ret = gssapi_krb5_encapsulate (&outbuf,
@@ -359,6 +382,10 @@ failure:
     krb5_free_principal (gssapi_krb5_context,
 			 (*context_handle)->target);
   free (*context_handle);
+  if (src_name != NULL) {
+      gss_release_name (&minor, src_name);
+      *src_name = NULL;
+  }
   *context_handle = GSS_C_NO_CONTEXT;
   *minor_status = kret;
   return GSS_S_FAILURE;
diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c
index 341d06d..acc60a2 100644
--- a/crypto/heimdal/lib/gssapi/acquire_cred.c
+++ b/crypto/heimdal/lib/gssapi/acquire_cred.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: acquire_cred.c,v 1.4 2001/01/30 00:49:05 assar Exp $");
+RCSID("$Id: acquire_cred.c,v 1.6 2001/05/11 09:16:45 assar Exp $");
 
 OM_uint32 gss_acquire_cred
            (OM_uint32 * minor_status,
@@ -48,95 +48,115 @@ OM_uint32 gss_acquire_cred
 {
     gss_cred_id_t handle;
     OM_uint32 ret;
-    krb5_principal def_princ;
+    krb5_error_code kret = 0;
     krb5_ccache ccache;
-    krb5_error_code pret = -1, kret = 0;
-    krb5_keytab kt;
-    krb5_creds cred;
-    krb5_get_init_creds_opt opt;
 
     handle = (gss_cred_id_t)malloc(sizeof(*handle));
-    if (handle == GSS_C_NO_CREDENTIAL) {
+    if (handle == GSS_C_NO_CREDENTIAL)
         return GSS_S_FAILURE;
-    }
+
     memset(handle, 0, sizeof (*handle));
 
     ret = gss_duplicate_name(minor_status, desired_name, &handle->principal);
     if (ret) {
+	free(handle);
         return ret;
     }
 
-    if (krb5_cc_default(gssapi_krb5_context, &ccache) == 0 &&
-      (pret = krb5_cc_get_principal(gssapi_krb5_context, ccache,
-					 &def_princ)) == 0 &&
-      krb5_principal_compare(gssapi_krb5_context, handle->principal,
-				 def_princ) == TRUE) {
+    if (krb5_cc_default(gssapi_krb5_context, &ccache) == 0) {
+	krb5_principal def_princ;
+
+	if (krb5_cc_get_principal(gssapi_krb5_context, ccache,
+				  &def_princ) != 0) {
+	    krb5_cc_close(gssapi_krb5_context, ccache);
+	    goto try_keytab;
+	}
+	if (krb5_principal_compare(gssapi_krb5_context, handle->principal,
+				   def_princ) == FALSE) {
+	    krb5_free_principal(gssapi_krb5_context, def_princ);
+	    krb5_cc_close(gssapi_krb5_context, ccache);
+	    goto try_keytab;
+	}
 	handle->ccache = ccache;
 	handle->keytab = NULL;
+	krb5_free_principal(gssapi_krb5_context, def_princ);
     } else {
-	kret = krb5_kt_default(gssapi_krb5_context, &kt);
+    	krb5_creds cred;
+    	krb5_get_init_creds_opt opt;
+
+ try_keytab:
+	kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
 	if (kret != 0)
-	    goto out;
+	    goto krb5_bad;
+
 	krb5_get_init_creds_opt_init(&opt);
 	memset(&cred, 0, sizeof(cred));
+
 	kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred,
-	  handle->principal, kt, 0, NULL, &opt);
+					  handle->principal, handle->keytab,
+					  0, NULL, &opt);
+	if (kret != 0)
+	    goto krb5_bad;
+
+	kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops,
+			       &handle->ccache);
 	if (kret != 0) {
-	    krb5_kt_close(gssapi_krb5_context, kt);
-	    goto out;
+	    krb5_free_creds_contents(gssapi_krb5_context, &cred);
+	    goto krb5_bad;
 	}
-	kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, &ccache);
+
+	kret = krb5_cc_initialize(gssapi_krb5_context, handle->ccache,
+				  cred.client);
 	if (kret != 0) {
-	    krb5_kt_close(gssapi_krb5_context, kt);
-	    goto out;
+	    krb5_free_creds_contents(gssapi_krb5_context, &cred);
+	    goto krb5_bad;
 	}
-	kret = krb5_cc_initialize(gssapi_krb5_context, ccache, cred.client);
+
+	kret = krb5_cc_store_cred(gssapi_krb5_context, handle->ccache, &cred);
 	if (kret != 0) {
-	    krb5_kt_close(gssapi_krb5_context, kt);
-	    krb5_cc_close(gssapi_krb5_context, ccache);
-	    goto out;
+	    krb5_free_creds_contents(gssapi_krb5_context, &cred);
+	    goto krb5_bad;
 	}
-	kret = krb5_cc_store_cred(gssapi_krb5_context, ccache, &cred);
-	if (kret != 0) {
-	    krb5_kt_close(gssapi_krb5_context, kt);
-	    krb5_cc_close(gssapi_krb5_context, ccache);
-	    goto out;
-	}
-	handle->ccache = ccache;
-	handle->keytab = kt;
-    }
 
+	krb5_free_creds_contents(gssapi_krb5_context, &cred);
+    }
 
     /* XXX */
     handle->lifetime = time_req;
     handle->usage = cred_usage;
 
     ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
-    if (ret) {
-        return ret;
-    }
+    if (ret)
+	goto gssapi_bad;
+
     ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM,
 				 &handle->mechanisms);
-    if (ret) {
-        return ret;
-    }
+    if (ret)
+	goto gssapi_bad;
 
     ret = gss_inquire_cred(minor_status, handle, NULL, time_rec, NULL,
 			   actual_mechs);
-    if (ret) {
-        return ret;
-    }
+    if (ret)
+	goto gssapi_bad;
 
     *output_cred_handle = handle;
+    return (GSS_S_COMPLETE);
 
-out:
-    if (pret == 0)
-	krb5_free_principal(gssapi_krb5_context, def_princ);
+ krb5_bad:
+    ret = GSS_S_FAILURE;
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
 
-    if (kret != 0) {
-	*minor_status = kret;
-	return GSS_S_FAILURE;
-    }
+ gssapi_bad:
+    krb5_free_principal(gssapi_krb5_context, handle->principal);
+    if (handle->ccache != NULL)
+	krb5_cc_close(gssapi_krb5_context, handle->ccache);
+    if (handle->keytab != NULL)
+	krb5_kt_close(gssapi_krb5_context, handle->keytab);
+    if (handle->mechanisms != NULL)
+	gss_release_oid_set(NULL, &handle->mechanisms);
+
+    free(handle);
 
-    return GSS_S_COMPLETE;
+    return (ret);
 }
diff --git a/crypto/heimdal/lib/gssapi/add_oid_set_member.c b/crypto/heimdal/lib/gssapi/add_oid_set_member.c
index b8144ff..baf70c5 100644
--- a/crypto/heimdal/lib/gssapi/add_oid_set_member.c
+++ b/crypto/heimdal/lib/gssapi/add_oid_set_member.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: add_oid_set_member.c,v 1.6 2000/07/02 04:44:11 assar Exp $");
+RCSID("$Id: add_oid_set_member.c,v 1.7 2001/02/18 03:39:08 assar Exp $");
 
 OM_uint32 gss_add_oid_set_member (
             OM_uint32 * minor_status,
@@ -55,8 +55,10 @@ OM_uint32 gss_add_oid_set_member (
 
   n = (*oid_set)->count + 1;
   tmp = realloc ((*oid_set)->elements, n * sizeof(gss_OID_desc));
-  if (tmp == NULL)
+  if (tmp == NULL) {
+    *minor_status = ENOMEM;
     return GSS_S_FAILURE;
+  }
   (*oid_set)->elements = tmp;
   (*oid_set)->count = n;
   (*oid_set)->elements[n-1] = *member_oid;
diff --git a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c
index 1d8c1b6..c8041aa 100644
--- a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c
+++ b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -61,7 +61,8 @@ gss_address_to_krb5addr(OM_uint32 gss_addr_type,
                            return GSS_S_FAILURE;
    }
                       
-   problem = krb5_h_addr2sockaddr (addr_type,
+   problem = krb5_h_addr2sockaddr (gssapi_krb5_context,
+				   addr_type,
                                    gss_addr->value, 
                                    &sa, 
                                    &sa_size, 
@@ -69,7 +70,7 @@ gss_address_to_krb5addr(OM_uint32 gss_addr_type,
    if (problem)
       return GSS_S_FAILURE;
 
-   problem = krb5_sockaddr2address (&sa, address);
+   problem = krb5_sockaddr2address (gssapi_krb5_context, &sa, address);
 
    return problem;  
 }
diff --git a/crypto/heimdal/lib/gssapi/context_time.c b/crypto/heimdal/lib/gssapi/context_time.c
index 1882eb3..f933f9e 100644
--- a/crypto/heimdal/lib/gssapi/context_time.c
+++ b/crypto/heimdal/lib/gssapi/context_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: context_time.c,v 1.3 2000/02/06 08:14:16 assar Exp $");
+RCSID("$Id: context_time.c,v 1.5 2001/05/11 09:16:45 assar Exp $");
 
 OM_uint32 gss_context_time
            (OM_uint32 * minor_status,
@@ -56,6 +56,8 @@ OM_uint32 gss_context_time
 
     kret = krb5_timeofday(gssapi_krb5_context, &timeret);
     if (kret) {
+	*minor_status = kret;
+	gssapi_krb5_set_error_string ();
         return GSS_S_FAILURE;
     }
 
diff --git a/crypto/heimdal/lib/gssapi/copy_ccache.c b/crypto/heimdal/lib/gssapi/copy_ccache.c
index f91acab..a6f53df 100644
--- a/crypto/heimdal/lib/gssapi/copy_ccache.c
+++ b/crypto/heimdal/lib/gssapi/copy_ccache.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: copy_ccache.c,v 1.1 2001/01/30 00:35:47 assar Exp $");
+RCSID("$Id: copy_ccache.c,v 1.2 2001/05/11 09:16:45 assar Exp $");
 
 OM_uint32
 gss_krb5_copy_ccache(OM_uint32 *minor,
@@ -50,6 +50,7 @@ gss_krb5_copy_ccache(OM_uint32 *minor,
     kret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, out);
     if (kret) {
 	*minor = kret;
+	gssapi_krb5_set_error_string ();
 	return GSS_S_FAILURE;
     }
     return GSS_S_COMPLETE;
diff --git a/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c b/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c
index acec30e..de71749 100644
--- a/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c
+++ b/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: create_emtpy_oid_set.c,v 1.3 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: create_emtpy_oid_set.c,v 1.4 2001/02/18 03:39:08 assar Exp $");
 
 OM_uint32 gss_create_empty_oid_set (
             OM_uint32 * minor_status,
@@ -42,6 +42,7 @@ OM_uint32 gss_create_empty_oid_set (
 {
   *oid_set = malloc(sizeof(**oid_set));
   if (*oid_set == NULL) {
+    *minor_status = ENOMEM;
     return GSS_S_FAILURE;
   }
   (*oid_set)->count = 0;
diff --git a/crypto/heimdal/lib/gssapi/delete_sec_context.c b/crypto/heimdal/lib/gssapi/delete_sec_context.c
index 15e3cfa..06f44e3 100644
--- a/crypto/heimdal/lib/gssapi/delete_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/delete_sec_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: delete_sec_context.c,v 1.7 2000/02/11 23:00:48 assar Exp $");
+RCSID("$Id: delete_sec_context.c,v 1.9 2001/05/10 15:23:04 assar Exp $");
 
 OM_uint32 gss_delete_sec_context
            (OM_uint32 * minor_status,
@@ -56,9 +56,12 @@ OM_uint32 gss_delete_sec_context
   if((*context_handle)->target)
     krb5_free_principal (gssapi_krb5_context,
 			 (*context_handle)->target);
-  if ((*context_handle)->ticket)
+  if ((*context_handle)->ticket) {
     krb5_free_ticket (gssapi_krb5_context,
 		      (*context_handle)->ticket);
+    free((*context_handle)->ticket);
+  }
+
   free (*context_handle);
   *context_handle = GSS_C_NO_CONTEXT;
   return GSS_S_COMPLETE;
diff --git a/crypto/heimdal/lib/gssapi/display_name.c b/crypto/heimdal/lib/gssapi/display_name.c
index 4efed14..1c25e67 100644
--- a/crypto/heimdal/lib/gssapi/display_name.c
+++ b/crypto/heimdal/lib/gssapi/display_name.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: display_name.c,v 1.5 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: display_name.c,v 1.7 2001/05/11 09:16:46 assar Exp $");
 
 OM_uint32 gss_display_name
            (OM_uint32 * minor_status,
@@ -50,13 +50,17 @@ OM_uint32 gss_display_name
   kret = krb5_unparse_name (gssapi_krb5_context,
 			    input_name,
 			    &buf);
-  if (kret)
+  if (kret) {
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     return GSS_S_FAILURE;
+  }
   len = strlen (buf);
   output_name_buffer->length = len;
   output_name_buffer->value  = malloc(len + 1);
   if (output_name_buffer->value == NULL) {
     free (buf);
+    *minor_status = ENOMEM;
     return GSS_S_FAILURE;
   }
   memcpy (output_name_buffer->value, buf, len);
diff --git a/crypto/heimdal/lib/gssapi/display_status.c b/crypto/heimdal/lib/gssapi/display_status.c
index f08c47e..1fa0531 100644
--- a/crypto/heimdal/lib/gssapi/display_status.c
+++ b/crypto/heimdal/lib/gssapi/display_status.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,9 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: display_status.c,v 1.5 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: display_status.c,v 1.6 2001/05/11 09:16:46 assar Exp $");
+
+static char *krb5_error_string;
 
 static char *
 calling_error(OM_uint32 v)
@@ -91,6 +93,20 @@ routine_error(OM_uint32 v)
 	return msgs[v];
 }
 
+void
+gssapi_krb5_set_error_string (void)
+{
+    krb5_error_string = krb5_get_error_string(gssapi_krb5_context);
+}
+
+char *
+gssapi_krb5_get_error_string (void)
+{
+    char *ret = krb5_error_string;
+    krb5_error_string = NULL;
+    return ret;
+}
+
 OM_uint32 gss_display_status
            (OM_uint32		*minor_status,
 	    OM_uint32		 status_value,
@@ -118,7 +134,9 @@ OM_uint32 gss_display_status
 	  return GSS_S_FAILURE;
       }
   } else if (status_type == GSS_C_MECH_CODE) {
-      buf = strdup(krb5_get_err_text (gssapi_krb5_context, status_value));
+      buf = gssapi_krb5_get_error_string ();
+      if (buf == NULL)
+	  buf = strdup(krb5_get_err_text (gssapi_krb5_context, status_value));
       if (buf == NULL) {
 	  *minor_status = ENOMEM;
 	  return GSS_S_FAILURE;
diff --git a/crypto/heimdal/lib/gssapi/duplicate_name.c b/crypto/heimdal/lib/gssapi/duplicate_name.c
index a3118d3..b0ecdf2 100644
--- a/crypto/heimdal/lib/gssapi/duplicate_name.c
+++ b/crypto/heimdal/lib/gssapi/duplicate_name.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: duplicate_name.c,v 1.3 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: duplicate_name.c,v 1.5 2001/05/11 09:16:46 assar Exp $");
 
 OM_uint32 gss_duplicate_name (
             OM_uint32 * minor_status,
@@ -48,8 +48,11 @@ OM_uint32 gss_duplicate_name (
   kret = krb5_copy_principal (gssapi_krb5_context,
 			      src_name,
 			      dest_name);
-  if (kret)
+  if (kret) {
+    *minor_status = kret;
+    gssapi_krb5_set_error_string ();
     return GSS_S_FAILURE;
-  else
+  } else {
     return GSS_S_COMPLETE;
+  }
 }
diff --git a/crypto/heimdal/lib/gssapi/export_sec_context.c b/crypto/heimdal/lib/gssapi/export_sec_context.c
index 7116f95..30c5a11 100644
--- a/crypto/heimdal/lib/gssapi/export_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/export_sec_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: export_sec_context.c,v 1.3 2000/07/08 11:42:22 assar Exp $");
+RCSID("$Id: export_sec_context.c,v 1.4 2001/02/18 03:39:09 assar Exp $");
 
 OM_uint32
 gss_export_sec_context (
@@ -44,10 +44,12 @@ gss_export_sec_context (
 {
     krb5_storage *sp;
     krb5_auth_context ac;
-    int ret;
+    OM_uint32 ret = GSS_S_COMPLETE;
     krb5_data data;
     gss_buffer_desc buffer;
     int flags;
+    OM_uint32 minor;
+    krb5_error_code kret;
 
     gssapi_krb5_init ();
     if (!((*context_handle)->flags & GSS_C_TRANS_FLAG))
@@ -74,25 +76,74 @@ gss_export_sec_context (
     if (ac->remote_subkey)
 	flags |= SC_REMOTE_SUBKEY;
 
-    krb5_store_int32 (sp, flags);
+    kret = krb5_store_int32 (sp, flags);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
 
     /* marshall auth context */
 
-    krb5_store_int32 (sp, ac->flags);
-    if (ac->local_address)
-	krb5_store_address (sp, *ac->local_address);
-    if (ac->remote_address)
-	krb5_store_address (sp, *ac->remote_address);
-    krb5_store_int16 (sp, ac->local_port);
-    krb5_store_int16 (sp, ac->remote_port);
-    if (ac->keyblock)
-	krb5_store_keyblock (sp, *ac->keyblock);
-    if (ac->local_subkey)
-	krb5_store_keyblock (sp, *ac->local_subkey);
-    if (ac->remote_subkey)
-	krb5_store_keyblock (sp, *ac->remote_subkey);
-    krb5_store_int32 (sp, ac->local_seqnumber);
-    krb5_store_int32 (sp, ac->remote_seqnumber);
+    kret = krb5_store_int32 (sp, ac->flags);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
+    if (ac->local_address) {
+	kret = krb5_store_address (sp, *ac->local_address);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    }
+    if (ac->remote_address) {
+	kret = krb5_store_address (sp, *ac->remote_address);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    }
+    kret = krb5_store_int16 (sp, ac->local_port);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
+    kret = krb5_store_int16 (sp, ac->remote_port);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
+    if (ac->keyblock) {
+	kret = krb5_store_keyblock (sp, *ac->keyblock);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    }
+    if (ac->local_subkey) {
+	kret = krb5_store_keyblock (sp, *ac->local_subkey);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    }
+    if (ac->remote_subkey) {
+	kret = krb5_store_keyblock (sp, *ac->remote_subkey);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    }
+    kret = krb5_store_int32 (sp, ac->local_seqnumber);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
+    kret = krb5_store_int32 (sp, ac->remote_seqnumber);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
 
 #if 0
     {
@@ -108,31 +159,65 @@ gss_export_sec_context (
 	}
 	data.data   = auth_buf;
 	data.length = sz;
-	krb5_store_data (sp, data);
+	kret = krb5_store_data (sp, data);
+	if (kret) {
+	    *minor_status = kret;
+	    goto failure;
+	}
     }
 #endif
-    krb5_store_int32 (sp, ac->keytype);
-    krb5_store_int32 (sp, ac->cksumtype);
+    kret = krb5_store_int32 (sp, ac->keytype);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
+    kret = krb5_store_int32 (sp, ac->cksumtype);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
 
     /* names */
 
-    gss_export_name (minor_status, (*context_handle)->source, &buffer);
+    ret = gss_export_name (minor_status, (*context_handle)->source, &buffer);
+    if (ret)
+	goto failure;
     data.data   = buffer.value;
     data.length = buffer.length;
-    krb5_store_data (sp, data);
+    kret = krb5_store_data (sp, data);
+    gss_release_buffer (&minor, &buffer);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
 
-    gss_export_name (minor_status, (*context_handle)->target, &buffer);
+    ret = gss_export_name (minor_status, (*context_handle)->target, &buffer);
+    if (ret)
+	goto failure;
     data.data   = buffer.value;
     data.length = buffer.length;
-    krb5_store_data (sp, data);
+    kret = krb5_store_data (sp, data);
+    gss_release_buffer (&minor, &buffer);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
 
-    krb5_store_int32 (sp, (*context_handle)->flags);
-    krb5_store_int32 (sp, (*context_handle)->more_flags);
+    kret = krb5_store_int32 (sp, (*context_handle)->flags);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
+    kret = krb5_store_int32 (sp, (*context_handle)->more_flags);
+    if (kret) {
+	*minor_status = kret;
+	goto failure;
+    }
 
-    ret = krb5_storage_to_data (sp, &data);
+    kret = krb5_storage_to_data (sp, &data);
     krb5_storage_free (sp);
-    if (ret) {
-	*minor_status = ret;
+    if (kret) {
+	*minor_status = kret;
 	return GSS_S_FAILURE;
     }
     interprocess_token->length = data.length;
@@ -142,4 +227,7 @@ gss_export_sec_context (
     if (ret != GSS_S_COMPLETE)
 	gss_release_buffer (NULL, interprocess_token);
     return ret;
+ failure:
+    krb5_storage_free (sp);
+    return ret;
 }
diff --git a/crypto/heimdal/lib/gssapi/get_mic.c b/crypto/heimdal/lib/gssapi/get_mic.c
index a211004..751f56c 100644
--- a/crypto/heimdal/lib/gssapi/get_mic.c
+++ b/crypto/heimdal/lib/gssapi/get_mic.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: get_mic.c,v 1.15 2001/01/29 02:08:58 assar Exp $");
+RCSID("$Id: get_mic.c,v 1.17 2001/05/11 09:16:46 assar Exp $");
 
 static OM_uint32
 mic_des
@@ -174,6 +174,7 @@ mic_des3
   if (kret) {
       free (message_token->value);
       free (tmp);
+      gssapi_krb5_set_error_string ();
       *minor_status = kret;
       return GSS_S_FAILURE;
   }
@@ -181,6 +182,7 @@ mic_des3
   kret = krb5_create_checksum (gssapi_krb5_context,
 			       crypto,
 			       KRB5_KU_USAGE_SIGN,
+			       0,
 			       tmp,
 			       message_buffer->length + 8,
 			       &cksum);
@@ -188,6 +190,7 @@ mic_des3
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (kret) {
       free (message_token->value);
+      gssapi_krb5_set_error_string ();
       *minor_status = kret;
       return GSS_S_FAILURE;
   }
@@ -211,6 +214,7 @@ mic_des3
 			  ETYPE_DES3_CBC_NONE, &crypto);
   if (kret) {
       free (message_token->value);
+      gssapi_krb5_set_error_string ();
       *minor_status = kret;
       return GSS_S_FAILURE;
   }
@@ -222,6 +226,7 @@ mic_des3
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (kret) {
       free (message_token->value);
+      gssapi_krb5_set_error_string ();
       *minor_status = kret;
       return GSS_S_FAILURE;
   }
@@ -257,6 +262,7 @@ OM_uint32 gss_get_mic
 
   ret = gss_krb5_getsomekey(context_handle, &key);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
diff --git a/crypto/heimdal/lib/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi.h
index 156a511..82d4056 100644
--- a/crypto/heimdal/lib/gssapi/gssapi.h
+++ b/crypto/heimdal/lib/gssapi/gssapi.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: gssapi.h,v 1.20 2001/01/30 00:35:48 assar Exp $ */
+/* $Id: gssapi.h,v 1.21 2001/05/04 13:52:02 assar Exp $ */
 
 #ifndef GSSAPI_H_
 #define GSSAPI_H_
@@ -41,12 +41,6 @@
  */
 #include <stddef.h>
 
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <sys/types.h>
-
 #include <krb5-types.h>
 
 /*
diff --git a/crypto/heimdal/lib/gssapi/gssapi_locl.h b/crypto/heimdal/lib/gssapi/gssapi_locl.h
index d8d0624..e7450d4 100644
--- a/crypto/heimdal/lib/gssapi/gssapi_locl.h
+++ b/crypto/heimdal/lib/gssapi/gssapi_locl.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,11 +31,15 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: gssapi_locl.h,v 1.14 2000/08/27 04:19:00 assar Exp $ */
+/* $Id: gssapi_locl.h,v 1.16 2001/05/11 09:16:46 assar Exp $ */
 
 #ifndef GSSAPI_LOCL_H
 #define GSSAPI_LOCL_H
 
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
 #include <krb5_locl.h>
 #include <gssapi.h>
 #include <assert.h>
@@ -103,4 +107,10 @@ gss_address_to_krb5addr(OM_uint32 gss_addr_type,
 #define SC_LOCAL_SUBKEY	  0x08
 #define SC_REMOTE_SUBKEY  0x10
 
+void
+gssapi_krb5_set_error_string (void);
+
+char *
+gssapi_krb5_get_error_string (void);
+
 #endif
diff --git a/crypto/heimdal/lib/gssapi/import_name.c b/crypto/heimdal/lib/gssapi/import_name.c
index 6cb94c4..8ed55f1 100644
--- a/crypto/heimdal/lib/gssapi/import_name.c
+++ b/crypto/heimdal/lib/gssapi/import_name.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: import_name.c,v 1.8 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: import_name.c,v 1.10 2001/05/11 09:16:46 assar Exp $");
 
 static OM_uint32
 import_krb5_name (OM_uint32 *minor_status,
@@ -44,8 +44,10 @@ import_krb5_name (OM_uint32 *minor_status,
     char *tmp;
 
     tmp = malloc (input_name_buffer->length + 1);
-    if (tmp == NULL)
+    if (tmp == NULL) {
+	*minor_status = ENOMEM;
 	return GSS_S_FAILURE;
+    }
     memcpy (tmp,
 	    input_name_buffer->value,
 	    input_name_buffer->length);
@@ -57,10 +59,15 @@ import_krb5_name (OM_uint32 *minor_status,
     free (tmp);
     if (kerr == 0)
 	return GSS_S_COMPLETE;
-    else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED)
+    else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) {
+	gssapi_krb5_set_error_string ();
+	*minor_status = kerr;
 	return GSS_S_BAD_NAME;
-    else
+    } else {
+	gssapi_krb5_set_error_string ();
+	*minor_status = kerr;
 	return GSS_S_FAILURE;
+    }
 }
 
 static OM_uint32
@@ -106,10 +113,15 @@ import_hostbased_name (OM_uint32 *minor_status,
     *minor_status = kerr;
     if (kerr == 0)
 	return GSS_S_COMPLETE;
-    else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) 
+    else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) {
+	gssapi_krb5_set_error_string ();
+	*minor_status = kerr;
 	return GSS_S_BAD_NAME;
-    else
+    } else {
+	gssapi_krb5_set_error_string ();
+	*minor_status = kerr;
 	return GSS_S_FAILURE;
+    }
 }
 
 OM_uint32 gss_import_name
@@ -132,6 +144,8 @@ OM_uint32 gss_import_name
 	return import_krb5_name (minor_status,
 				 input_name_buffer,
 				 output_name);
-    else
+    else {
+	*minor_status = 0;
 	return GSS_S_BAD_NAMETYPE;
+    }
 }
diff --git a/crypto/heimdal/lib/gssapi/import_sec_context.c b/crypto/heimdal/lib/gssapi/import_sec_context.c
index 7d177a8..c84f3b6 100644
--- a/crypto/heimdal/lib/gssapi/import_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/import_sec_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: import_sec_context.c,v 1.3 2000/07/08 11:56:03 assar Exp $");
+RCSID("$Id: import_sec_context.c,v 1.5 2001/05/11 09:16:46 assar Exp $");
 
 OM_uint32
 gss_import_sec_context (
@@ -53,6 +53,7 @@ gss_import_sec_context (
     krb5_keyblock keyblock;
     int32_t tmp;
     int32_t flags;
+    OM_uint32 minor;
 
     gssapi_krb5_init ();
 
@@ -69,10 +70,12 @@ gss_import_sec_context (
 	krb5_storage_free (sp);
 	return GSS_S_FAILURE;
     }
+    memset (*context_handle, 0, sizeof(**context_handle));
 
     kret = krb5_auth_con_init (gssapi_krb5_context,
 			       &(*context_handle)->auth_context);
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -153,30 +156,36 @@ gss_import_sec_context (
     buffer.value  = data.data;
     buffer.length = data.length;
 
-    gss_import_name (minor_status, &buffer, GSS_C_NO_OID,
-		     &(*context_handle)->source);
+    ret = gss_import_name (minor_status, &buffer, GSS_C_NO_OID,
+			   &(*context_handle)->source);
     krb5_data_free (&data);
+    if (ret)
+	goto failure;
 
     krb5_ret_data (sp, &data);
     buffer.value  = data.data;
     buffer.length = data.length;
 
-    gss_import_name (minor_status, &buffer, GSS_C_NO_OID,
-		     &(*context_handle)->target);
+    ret = gss_import_name (minor_status, &buffer, GSS_C_NO_OID,
+			   &(*context_handle)->target);
     krb5_data_free (&data);
+    if (ret)
+	goto failure;
 
     krb5_ret_int32 (sp, &tmp);
     (*context_handle)->flags = tmp;
     krb5_ret_int32 (sp, &tmp);
     (*context_handle)->more_flags = tmp;
 
-    (*context_handle)->ticket = NULL;
-
     return GSS_S_COMPLETE;
 
 failure:
     krb5_auth_con_free (gssapi_krb5_context,
 			(*context_handle)->auth_context);
+    if ((*context_handle)->source != NULL)
+	gss_release_name(&minor, &(*context_handle)->source);
+    if ((*context_handle)->target != NULL)
+	gss_release_name(&minor, &(*context_handle)->target);
     free (*context_handle);
     *context_handle = GSS_C_NO_CONTEXT;
     return ret;
diff --git a/crypto/heimdal/lib/gssapi/indicate_mechs.c b/crypto/heimdal/lib/gssapi/indicate_mechs.c
index 26e018e..c77d177 100644
--- a/crypto/heimdal/lib/gssapi/indicate_mechs.c
+++ b/crypto/heimdal/lib/gssapi/indicate_mechs.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: indicate_mechs.c,v 1.3 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: indicate_mechs.c,v 1.4 2001/02/18 03:39:09 assar Exp $");
 
 OM_uint32 gss_indicate_mechs
            (OM_uint32 * minor_status,
@@ -42,12 +42,14 @@ OM_uint32 gss_indicate_mechs
 {
   *mech_set = malloc(sizeof(**mech_set));
   if (*mech_set == NULL) {
+    *minor_status = ENOMEM;
     return GSS_S_FAILURE;
   }
   (*mech_set)->count = 1;
   (*mech_set)->elements = malloc((*mech_set)->count * sizeof(gss_OID_desc));
   if ((*mech_set)->elements == NULL) {
     free (*mech_set);
+    *minor_status = ENOMEM;
     return GSS_S_FAILURE;
   }
   (*mech_set)->elements[0] = *GSS_KRB5_MECHANISM;
diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c
index 7b05d91..3928143 100644
--- a/crypto/heimdal/lib/gssapi/init_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/init_sec_context.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: init_sec_context.c,v 1.25 2001/01/30 22:49:56 assar Exp $");
+RCSID("$Id: init_sec_context.c,v 1.27 2001/05/11 09:16:46 assar Exp $");
 
 /*
  * copy the addresses from `input_chan_bindings' (if any) to
@@ -228,6 +228,7 @@ init_auth
     kret = krb5_auth_con_init (gssapi_krb5_context,
 			       &(*context_handle)->auth_context);
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -259,6 +260,7 @@ init_auth
     if (initiator_cred_handle == GSS_C_NO_CREDENTIAL) {
 	kret = krb5_cc_default (gssapi_krb5_context, &ccache);
 	if (kret) {
+	    gssapi_krb5_set_error_string ();
 	    *minor_status = kret;
 	    ret = GSS_S_FAILURE;
 	    goto failure;
@@ -270,6 +272,7 @@ init_auth
 				  ccache,
 				  &(*context_handle)->source);
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -279,6 +282,7 @@ init_auth
 				target_name,
 				&(*context_handle)->target);
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -303,6 +307,7 @@ init_auth
 				 &cred);
 
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -345,6 +350,7 @@ init_auth
 					     &cksum);
     krb5_data_free (&fwd_data);
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -374,6 +380,7 @@ init_auth
 				     KRB5_KU_AP_REQ_AUTH);
 
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -387,6 +394,7 @@ init_auth
 			      &outbuf);
 
     if (kret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = kret;
 	ret = GSS_S_FAILURE;
 	goto failure;
@@ -447,6 +455,7 @@ repl_mutual
     ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
     if (ret) {
 				/* XXX - Handle AP_ERROR */
+	*minor_status = 0;
 	return GSS_S_FAILURE;
     }
 
@@ -454,8 +463,11 @@ repl_mutual
 			(*context_handle)->auth_context,
 			&indata,
 			&repl);
-    if (kret)
+    if (kret) {
+	gssapi_krb5_set_error_string ();
+	*minor_status = kret;
 	return GSS_S_FAILURE;
+    }
     krb5_free_ap_rep_enc_part (gssapi_krb5_context,
 			       repl);
 
diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c
index 588517e..95f8e21 100644
--- a/crypto/heimdal/lib/gssapi/unwrap.c
+++ b/crypto/heimdal/lib/gssapi/unwrap.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: unwrap.c,v 1.15 2001/01/29 02:08:58 assar Exp $");
+RCSID("$Id: unwrap.c,v 1.17 2001/05/11 09:16:47 assar Exp $");
 
 OM_uint32
 gss_krb5_getsomekey(const gss_ctx_id_t context_handle,
@@ -86,8 +86,10 @@ unwrap_des
   ret = gssapi_krb5_verify_header (&p,
 				   input_message_buffer->length,
 				   "\x02\x01");
-  if (ret)
+  if (ret) {
+      *minor_status = 0;
       return ret;
+  }
 
   if (memcmp (p, "\x00\x00", 2) != 0)
     return GSS_S_BAD_SIG;
@@ -249,6 +251,7 @@ unwrap_des3
       ret = krb5_crypto_init(gssapi_krb5_context, key,
 			     ETYPE_DES3_CBC_NONE, &crypto);
       if (ret) {
+	  gssapi_krb5_set_error_string ();
 	  *minor_status = ret;
 	  return GSS_S_FAILURE;
       }
@@ -256,6 +259,7 @@ unwrap_des3
 			 p, input_message_buffer->length - len, &tmp);
       krb5_crypto_destroy(gssapi_krb5_context, crypto);
       if (ret) {
+	  gssapi_krb5_set_error_string ();
 	  *minor_status = ret;
 	  return GSS_S_FAILURE;
       }
@@ -292,6 +296,7 @@ unwrap_des3
   ret = krb5_crypto_init(gssapi_krb5_context, key,
 			 ETYPE_DES3_CBC_NONE_IVEC, &crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -307,6 +312,7 @@ unwrap_des3
   }
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -337,6 +343,7 @@ unwrap_des3
 
   ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -348,6 +355,7 @@ unwrap_des3
 			      &csum);
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -380,6 +388,7 @@ OM_uint32 gss_unwrap
 
   ret = gss_krb5_getsomekey(context_handle, &key);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
diff --git a/crypto/heimdal/lib/gssapi/verify_mic.c b/crypto/heimdal/lib/gssapi/verify_mic.c
index 608de67..b39ae73 100644
--- a/crypto/heimdal/lib/gssapi/verify_mic.c
+++ b/crypto/heimdal/lib/gssapi/verify_mic.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: verify_mic.c,v 1.12 2001/01/29 02:08:59 assar Exp $");
+RCSID("$Id: verify_mic.c,v 1.13 2001/05/11 09:16:47 assar Exp $");
 
 static OM_uint32
 verify_mic_des
@@ -157,6 +157,7 @@ verify_mic_des3
   ret = krb5_crypto_init(gssapi_krb5_context, key,
 			 ETYPE_DES3_CBC_NONE, &crypto);
   if (ret){
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -168,6 +169,7 @@ verify_mic_des3
 		      KRB5_KU_USAGE_SEQ,
 		      p, 8, &seq_data);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       krb5_crypto_destroy (gssapi_krb5_context, crypto);
       *minor_status = ret;
       return GSS_S_FAILURE;
@@ -218,6 +220,7 @@ verify_mic_des3
 			      &csum);
   free (tmp);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       krb5_crypto_destroy (gssapi_krb5_context, crypto);
       *minor_status = ret;
       return GSS_S_BAD_MIC;
@@ -248,6 +251,7 @@ gss_verify_mic
 					 context_handle->auth_context,
 					 &key);
     if (ret) {
+	gssapi_krb5_set_error_string ();
 	*minor_status = ret;
 	return GSS_S_FAILURE;
     }
diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c
index 1d9f51d..3d282fd 100644
--- a/crypto/heimdal/lib/gssapi/wrap.c
+++ b/crypto/heimdal/lib/gssapi/wrap.c
@@ -33,7 +33,7 @@
 
 #include "gssapi_locl.h"
 
-RCSID("$Id: wrap.c,v 1.15 2001/01/29 02:08:59 assar Exp $");
+RCSID("$Id: wrap.c,v 1.18 2001/05/11 09:16:47 assar Exp $");
 
 static OM_uint32
 sub_wrap_size (
@@ -67,6 +67,7 @@ gss_wrap_size_limit (
 
   ret = gss_krb5_getsomekey(context_handle, &key);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
@@ -142,7 +143,7 @@ wrap_des
   p += 16;
 
   /* confounder + data + pad */
-  des_new_random_key((des_cblock*)p);
+  krb5_generate_random_block(p, 8);
   memcpy (p + 8, input_message_buffer->value,
 	  input_message_buffer->length);
   memset (p + 8 + input_message_buffer->length, padlength, padlength);
@@ -258,13 +259,14 @@ wrap_des3
   /* calculate checksum (the above + confounder + data + pad) */
 
   memcpy (p + 20, p - 8, 8);
-  des_new_random_key((des_cblock*)(p + 28));
+  krb5_generate_random_block(p + 28, 8);
   memcpy (p + 28 + 8, input_message_buffer->value,
 	  input_message_buffer->length);
   memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength);
 
   ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       free (output_message_buffer->value);
       *minor_status = ret;
       return GSS_S_FAILURE;
@@ -273,11 +275,13 @@ wrap_des3
   ret = krb5_create_checksum (gssapi_krb5_context,
 			      crypto,
 			      KRB5_KU_USAGE_SIGN,
+			      0,
 			      p + 20,
 			      datalen + 8,
 			      &cksum);
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       free (output_message_buffer->value);
       *minor_status = ret;
       return GSS_S_FAILURE;
@@ -323,6 +327,7 @@ wrap_des3
   }
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       free (output_message_buffer->value);
       *minor_status = ret;
       return GSS_S_FAILURE;
@@ -346,6 +351,7 @@ wrap_des3
       ret = krb5_crypto_init(gssapi_krb5_context, key,
 			     ETYPE_DES3_CBC_NONE, &crypto);
       if (ret) {
+	  gssapi_krb5_set_error_string ();
 	  free (output_message_buffer->value);
 	  *minor_status = ret;
 	  return GSS_S_FAILURE;
@@ -354,6 +360,7 @@ wrap_des3
 			 p, datalen, &tmp);
       krb5_crypto_destroy(gssapi_krb5_context, crypto);
       if (ret) {
+	  gssapi_krb5_set_error_string ();
 	  free (output_message_buffer->value);
 	  *minor_status = ret;
 	  return GSS_S_FAILURE;
@@ -384,6 +391,7 @@ OM_uint32 gss_wrap
 
   ret = gss_krb5_getsomekey(context_handle, &key);
   if (ret) {
+      gssapi_krb5_set_error_string ();
       *minor_status = ret;
       return GSS_S_FAILURE;
   }
diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am
index f3aba3b..b860260 100644
--- a/crypto/heimdal/lib/hdb/Makefile.am
+++ b/crypto/heimdal/lib/hdb/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $
+# $Id: Makefile.am,v 1.44 2001/05/16 23:50:57 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -21,7 +21,7 @@ LDADD = libhdb.la \
 	$(DBLIB)
 
 lib_LTLIBRARIES = libhdb.la
-libhdb_la_LDFLAGS = -version-info 7:0:0
+libhdb_la_LDFLAGS = -version-info 7:1:0
 
 libhdb_la_SOURCES =				\
 	common.c				\
diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in
index ad12e78..4fbaf27 100644
--- a/crypto/heimdal/lib/hdb/Makefile.in
+++ b/crypto/heimdal/lib/hdb/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $
+# $Id: Makefile.am,v 1.44 2001/05/16 23:50:57 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c \
@@ -206,7 +209,7 @@ LDADD = libhdb.la \
 
 
 lib_LTLIBRARIES = libhdb.la
-libhdb_la_LDFLAGS = -version-info 7:0:0
+libhdb_la_LDFLAGS = -version-info 7:1:0
 
 libhdb_la_SOURCES = \
 	common.c				\
@@ -272,7 +275,7 @@ OBJECTS = $(am_libhdb_la_OBJECTS) convert_db.$(OBJEXT)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile
 
@@ -392,6 +395,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -425,6 +433,9 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+all-recursive-am: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
 install-exec-am: install-libLTLIBRARIES
 	@$(NORMAL_INSTALL)
 	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
@@ -496,11 +507,12 @@ distclean-noinstPROGRAMS clean-noinstPROGRAMS \
 maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
 install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
 maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \
-check-am installcheck-am installcheck install-exec-am install-exec \
-install-data-local install-data-am install-data install-am install \
-uninstall-am uninstall all-local all-redirect all-am all install-strip \
-installdirs mostlyclean-generic distclean-generic clean-generic \
-maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+check-am installcheck-am installcheck all-recursive-am install-exec-am \
+install-exec install-data-local install-data-am install-data install-am \
+install uninstall-am uninstall all-local all-redirect all-am all \
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
 
 
 install-suid-programs:
diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c
index 1a7ebb4..0b300a5 100644
--- a/crypto/heimdal/lib/hdb/convert_db.c
+++ b/crypto/heimdal/lib/hdb/convert_db.c
@@ -41,7 +41,7 @@
 #include <getarg.h>
 #include <err.h>
 
-RCSID("$Id: convert_db.c,v 1.11 2001/01/25 12:45:01 assar Exp $");
+RCSID("$Id: convert_db.c,v 1.12 2001/02/20 01:44:53 assar Exp $");
 
 static krb5_error_code
 update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data)
@@ -136,7 +136,7 @@ main(int argc, char **argv)
     int optind = 0;
     int master_key_set = 0;
     
-    set_progname(argv[0]);
+    setprogname(argv[0]);
 
     if(getarg(args, num_args, argc, argv, &optind))
 	krb5_std_usage(1, args, num_args);
diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c
index 6d264b4..db321cb 100644
--- a/crypto/heimdal/lib/hdb/hdb-ldap.c
+++ b/crypto/heimdal/lib/hdb/hdb-ldap.c
@@ -32,12 +32,12 @@
 
 #include "hdb_locl.h"
 
-RCSID("$Id: hdb-ldap.c,v 1.7 2001/01/30 16:59:08 assar Exp $");
+RCSID("$Id: hdb-ldap.c,v 1.8 2001/03/26 00:59:37 assar Exp $");
 
 #ifdef OPENLDAP
 
-#include <ldap.h>
 #include <lber.h>
+#include <ldap.h>
 #include <ctype.h>
 #include <sys/un.h>
 
diff --git a/crypto/heimdal/lib/hdb/libasn1.h b/crypto/heimdal/lib/hdb/libasn1.h
index 03d951a..ef02d7c 100644
--- a/crypto/heimdal/lib/hdb/libasn1.h
+++ b/crypto/heimdal/lib/hdb/libasn1.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: libasn1.h,v 1.4 1999/12/02 17:05:05 joda Exp $ */
+/* $Id: libasn1.h,v 1.5 2001/04/18 16:21:33 joda Exp $ */
 
 #ifndef __LIBASN1_H__
 #define __LIBASN1_H__
@@ -42,7 +42,7 @@
 
 #include <stdlib.h>
 #include <errno.h>
-#include <asn1.h>
+#include <krb5_asn1.h>
 #include <der.h>
 #include "hdb_asn1.h"
 #include <asn1_err.h>
diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog
index 0d2699d..605a970 100644
--- a/crypto/heimdal/lib/kadm5/ChangeLog
+++ b/crypto/heimdal/lib/kadm5/ChangeLog
@@ -1,3 +1,13 @@
+2001-02-19  Johan Danielsson  <joda@pdc.kth.se>
+
+	* replay_log.c: add --{start-end}-version flags to replay just
+	part of the log
+
+2001-02-15  Assar Westerlund  <assar@sics.se>
+
+	* ipropd_master.c (main): fix select-loop to decrement ret
+	correctly.  from "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
+
 2001-01-30  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am: bump versions
diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in
index a281b23..16f82a3 100644
--- a/crypto/heimdal/lib/kadm5/Makefile.in
+++ b/crypto/heimdal/lib/kadm5/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la
@@ -372,7 +375,7 @@ OBJECTS = $(am_libkadm5clnt_la_OBJECTS) $(am_libkadm5srv_la_OBJECTS) $(am_dump_l
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile
 
@@ -558,6 +561,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c
index 99cddc4..0eadf0b 100644
--- a/crypto/heimdal/lib/kadm5/ipropd_master.c
+++ b/crypto/heimdal/lib/kadm5/ipropd_master.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "iprop.h"
 
-RCSID("$Id: ipropd_master.c,v 1.21 2000/11/15 23:12:45 assar Exp $");
+RCSID("$Id: ipropd_master.c,v 1.22 2001/02/14 23:00:16 assar Exp $");
 
 static krb5_log_facility *log_facility;
 
@@ -472,8 +472,9 @@ main(int argc, char **argv)
 		send_diffs (context, p, log_fd, database, current_version);
 	}
 
-	for(p = slaves; p != NULL && ret--; p = p->next)
+	for(p = slaves; p != NULL; p = p->next)
 	    if (FD_ISSET(p->fd, &readset)) {
+		--ret;
 		if(process_msg (context, p, log_fd, database, current_version))
 		    remove_slave (context, p, &slaves);
 	    }
diff --git a/crypto/heimdal/lib/kadm5/replay_log.c b/crypto/heimdal/lib/kadm5/replay_log.c
index c0e05ee..8e5c31d 100644
--- a/crypto/heimdal/lib/kadm5/replay_log.c
+++ b/crypto/heimdal/lib/kadm5/replay_log.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 1999, 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,10 @@
 
 #include "iprop.h"
 
-RCSID("$Id: replay_log.c,v 1.7 1999/12/04 19:51:11 assar Exp $");
+RCSID("$Id: replay_log.c,v 1.8 2001/02/19 18:10:43 joda Exp $");
+
+int start_version = -1;
+int end_version = -1;
 
 static void
 apply_entry(kadm5_server_context *server_context,
@@ -45,6 +48,12 @@ apply_entry(kadm5_server_context *server_context,
 {
     krb5_error_code ret;
 
+    if((start_version != -1 && ver < start_version) ||
+       (end_version != -1 && ver > end_version)) {
+	/* XXX skip this entry */
+	(*sp->seek)(sp, len, SEEK_CUR);
+	return;
+    }
     printf ("ver %u... ", ver);
     fflush (stdout);
 
@@ -60,6 +69,8 @@ apply_entry(kadm5_server_context *server_context,
 int version_flag;
 int help_flag;
 struct getargs args[] = {
+    { "start-version", 0, arg_integer, &start_version, "start replay with this version" },
+    { "end-version", 0, arg_integer, &end_version, "end replay with this version" },
     { "version", 0, arg_flag, &version_flag },
     { "help", 0, arg_flag, &help_flag }
 };
diff --git a/crypto/heimdal/lib/kafs/ChangeLog b/crypto/heimdal/lib/kafs/ChangeLog
index 180f2c4..32b7728 100644
--- a/crypto/heimdal/lib/kafs/ChangeLog
+++ b/crypto/heimdal/lib/kafs/ChangeLog
@@ -1,3 +1,11 @@
+2001-05-18  Johan Danielsson  <joda@pdc.kth.se>
+
+	* Makefile.am: only build resolve.c if doing renaming
+
+2001-02-12  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am, roken_rename.h: add rename of dns functions
+
 2000-12-11  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am (libkafs_la_LDFLAGS): set version to 2:3:2
diff --git a/crypto/heimdal/lib/kafs/Makefile.am b/crypto/heimdal/lib/kafs/Makefile.am
index 9557588..5eda566 100644
--- a/crypto/heimdal/lib/kafs/Makefile.am
+++ b/crypto/heimdal/lib/kafs/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $
+# $Id: Makefile.am,v 1.25 2001/05/18 16:11:39 joda Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -46,7 +46,7 @@ foodir = $(libdir)
 foo_DATA = $(AFS_EXTRA_LIBS)
 # EXTRA_DATA = afslib.so
 
-CLEANFILES= $(AFS_EXTRA_LIBS)
+CLEANFILES= $(AFS_EXTRA_LIBS) $(ROKEN_SRCS)
 
 include_HEADERS = kafs.h
 
@@ -54,7 +54,20 @@ if KRB5
 afskrb5_c = afskrb5.c
 endif
 
-libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h
+if do_roken_rename
+ROKEN_SRCS = resolve.c
+endif
+
+libkafs_la_SOURCES =				\
+	afssys.c				\
+	afskrb.c				\
+	$(afskrb5_c)				\
+	common.c				\
+	$(AIX_SRC)				\
+	kafs_locl.h				\
+	afssysdefs.h				\
+	$(ROKEN_SRCS)
+
 #afslib_so_SOURCES = afslib.c
 
 EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h
@@ -69,3 +82,6 @@ afslib.so: afslib.o
 	ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc
 
 $(OBJECTS): ../../include/config.h
+
+resolve.c:
+	$(LN_S) $(srcdir)/../roken/resolve.c .
diff --git a/crypto/heimdal/lib/kafs/Makefile.in b/crypto/heimdal/lib/kafs/Makefile.in
index 147f327..be72b73 100644
--- a/crypto/heimdal/lib/kafs/Makefile.in
+++ b/crypto/heimdal/lib/kafs/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $
+# $Id: Makefile.am,v 1.25 2001/05/18 16:11:39 joda Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 @KRB4_TRUE@AFSLIBS = @KRB4_TRUE@libkafs.la
@@ -209,13 +212,25 @@ foodir = $(libdir)
 foo_DATA = $(AFS_EXTRA_LIBS)
 # EXTRA_DATA = afslib.so
 
-CLEANFILES = $(AFS_EXTRA_LIBS)
+CLEANFILES = $(AFS_EXTRA_LIBS) $(ROKEN_SRCS)
 
 include_HEADERS = kafs.h
 
 @KRB5_TRUE@afskrb5_c = @KRB5_TRUE@afskrb5.c
 
-libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h
+@do_roken_rename_TRUE@ROKEN_SRCS = @do_roken_rename_TRUE@resolve.c
+
+libkafs_la_SOURCES = \
+	afssys.c				\
+	afskrb.c				\
+	$(afskrb5_c)				\
+	common.c				\
+	$(AIX_SRC)				\
+	kafs_locl.h				\
+	afssysdefs.h				\
+	$(ROKEN_SRCS)
+
+
 #afslib_so_SOURCES = afslib.c
 
 EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h
@@ -238,156 +253,338 @@ X_LIBS = @X_LIBS@
 X_EXTRA_LIBS = @X_EXTRA_LIBS@
 X_PRE_LIBS = @X_PRE_LIBS@
 libkafs_la_LIBADD = 
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
-@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@dlfcn.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@dlfcn.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS =  \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
-@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afslib.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afslib.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afslib.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afslib.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@dlfcn.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@dlfcn.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@dlfcn.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@dlfcn.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@@do_roken_rename_TRUE@resolve.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@am_libkafs_la_OBJECTS =  \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@@do_roken_rename_TRUE@resolve.lo
 libkafs_la_OBJECTS =  $(am_libkafs_la_OBJECTS)
 COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
 LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -413,7 +610,7 @@ OBJECTS = $(am_libkafs_la_OBJECTS)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kafs/Makefile
 
@@ -579,6 +776,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -826,6 +1028,9 @@ afslib.so: afslib.o
 
 $(OBJECTS): ../../include/config.h
 
+resolve.c:
+	$(LN_S) $(srcdir)/../roken/resolve.c .
+
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
 .NOEXPORT:
diff --git a/crypto/heimdal/lib/kafs/kafs.cat3 b/crypto/heimdal/lib/kafs/kafs.cat3
new file mode 100644
index 0000000..78f5bd5
--- /dev/null
+++ b/crypto/heimdal/lib/kafs/kafs.cat3
@@ -0,0 +1,95 @@
+
+KAFS(3)                    UNIX Programmer's Manual                    KAFS(3)
+
+NNAAMMEE
+     kk__hhaassaaffss, kk__ppiiooccttll, kk__uunnlloogg, kk__sseettppaagg, kk__aaffss__cceellll__ooff__ffiillee, kkrrbb__aaffsslloogg,
+     kkrrbb__aaffsslloogg__uuiidd - AFS library
+
+SSYYNNOOPPSSIISS
+     ##iinncclluuddee <<kkaaffss..hh>>
+
+     _i_n_t
+     kk__aaffss__cceellll__ooff__ffiillee(_c_o_n_s_t _c_h_a_r _*_p_a_t_h, _c_h_a_r _*_c_e_l_l, _i_n_t _l_e_n)
+
+     _i_n_t
+     kk__hhaassaaffss()
+
+     _i_n_t
+     kk__ppiiooccttll(_c_h_a_r _*_a___p_a_t_h, _i_n_t _o___o_p_c_o_d_e, _s_t_r_u_c_t _V_i_c_e_I_o_c_t_l _*_a___p_a_r_a_m_s_P,
+             _i_n_t _a___f_o_l_l_o_w_S_y_m_l_i_n_k_s)
+
+     _i_n_t
+     kk__sseettppaagg()
+
+     _i_n_t
+     kk__uunnlloogg()
+
+     _i_n_t
+     kkrrbb__aaffsslloogg(_c_h_a_r _*_c_e_l_l, _c_h_a_r _*_r_e_a_l_m)
+
+     _i_n_t
+     kkrrbb__aaffsslloogg__uuiidd(_c_h_a_r _*_c_e_l_l, _c_h_a_r _*_r_e_a_l_m, _u_i_d___t _u_i_d)
+
+DDEESSCCRRIIPPTTIIOONN
+     kk__hhaassaaffss() initializes some library internal structures, and tests for
+     the presense of AFS in the kernel, none of the other functions should be
+     called before kk__hhaassaaffss() is called, or if it fails.
+
+     kkrrbb__aaffsslloogg(), and kkrrbb__aaffsslloogg__uuiidd() obtains new tokens (and possibly tick-
+     ets) for the specified _c_e_l_l and _r_e_a_l_m. If _c_e_l_l is NULL, the local cell is
+     used. If _r_e_a_l_m is NULL, the function tries to guess what realm to use.
+     Unless you  have some good knowledge of what cell or realm to use, you
+     should pass NULL. kkrrbb__aaffsslloogg() will use the real user-id for the ViceId
+     field in the token, kkrrbb__aaffsslloogg__uuiidd() will use _u_i_d.
+
+     kk__aaffss__cceellll__ooff__ffiillee() will in _c_e_l_l return the cell of a specified file, no
+     more than _l_e_n characters is put in _c_e_l_l.
+
+     kk__ppiiooccttll() does a ppiiooccttll() syscall with the specified arguments. This
+     function is equivalent to llppiiooccttll().
+
+     kk__sseettppaagg() initializes a new PAG.
+
+     kk__uunnlloogg() removes destroys all tokens in the current PAG.
+
+EENNVVIIRROONNMMEENNTT
+     The following environment variable affect the mode of operation of kkaaffss:
+
+     AFS_SYSCALL  Normally, kkaaffss will try to figure out the correct system
+                  call(s) that are used by AFS by itself.  If it does not man-
+                  age to do that, or does it incorrectly, you can set this
+                  variable to the system call number or list of system call
+                  numbers that should be used.
+
+RREETTUURRNN VVAALLUUEESS
+     kk__hhaassaaffss() returns 1 if AFS is present in the kernel, 0 otherwise.
+     kkrrbb__aaffsslloogg() and kkrrbb__aaffsslloogg__uuiidd() returns 0 on success, or a kerberos er-
+     ror number on failure.  kk__aaffss__cceellll__ooff__ffiillee(), kk__ppiiooccttll(), kk__sseettppaagg(), and
+     kk__uunnlloogg() all return the value of the underlaying system call, 0 on suc-
+     cess.
+
+EEXXAAMMPPLLEESS
+     The following code from llooggiinn will obtain a new PAG and tokens for the
+     local cell and the cell of the users home directory.
+
+     if (k_hasafs()) {
+             char cell[64];
+             k_setpag();
+             if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
+                     krb_afslog(cell, NULL);
+             krb_afslog(NULL, NULL);
+     }
+
+EERRRROORRSS
+     If any of these functions (appart from kk__hhaassaaffss()) is called without AFS
+     beeing present in the kernel, the process will usually (depending on the
+     operating system) receive a SIGSYS signal.
+
+SSEEEE AALLSSOO
+     Transarc Corporation, "File Server/Cache Manager Interface", _A_F_S_-_3
+     _P_r_o_g_r_a_m_m_e_r_'_s _R_e_f_e_r_e_n_c_e, 1991.
+
+BBUUGGSS
+     AFS_SYSCALL has no effect under AIX.
+
+ KTH-KRB                          May 7, 1997                                2
diff --git a/crypto/heimdal/lib/kafs/roken_rename.h b/crypto/heimdal/lib/kafs/roken_rename.h
new file mode 100644
index 0000000..4a7fb1d
--- /dev/null
+++ b/crypto/heimdal/lib/kafs/roken_rename.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/* $Id: roken_rename.h,v 1.1 2001/02/12 22:01:27 assar Exp $ */
+
+#ifndef __roken_rename_h__
+#define __roken_rename_h__
+
+/*
+ * Libroken routines that are added libkafs
+ */
+
+#define _resolve_debug _roken_resolve_debug
+
+#define dns_free_data _kafs_dns_free_data
+#define dns_lookup _kafs_dns_lookup
+#define dns_string_to_type _kafs_dns_string_to_type
+#define dns_type_to_string _kafs_dns_type_to_string
+
+#endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am
index 395f29d..bc3dd6e 100644
--- a/crypto/heimdal/lib/krb5/Makefile.am
+++ b/crypto/heimdal/lib/krb5/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $
+# $Id: Makefile.am,v 1.125 2001/05/16 23:51:50 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -6,8 +6,8 @@ bin_PROGRAMS = verify_krb5_conf
 
 noinst_PROGRAMS = dump_config test_get_addrs
 
-check_PROGRAMS = n-fold-test string-to-key-test
-TESTS = n-fold-test string-to-key-test
+check_PROGRAMS = n-fold-test string-to-key-test derived-key-test store-test
+TESTS = n-fold-test string-to-key-test derived-key-test store-test
 
 LDADD = libkrb5.la \
 	$(LIB_des) \
@@ -24,102 +24,104 @@ lib_LTLIBRARIES = libkrb5.la
 
 ERR_FILES = krb5_err.c heim_err.c
 
-libkrb5_la_SOURCES = \
-	acl.c \
-	add_et_list.c \
-	addr_families.c \
-	address.c \
-	aname_to_localname.c \
-	appdefault.c \
-	asn1_glue.c \
-	auth_context.c \
-	build_ap_req.c \
-	build_auth.c \
-	cache.c \
-	changepw.c \
-	codec.c \
-	config_file.c \
-	config_file_netinfo.c \
-	convert_creds.c \
-	constants.c \
-	context.c \
-	copy_host_realm.c \
-	crc.c \
-	creds.c \
-	crypto.c \
-	data.c \
-	eai_to_heim_errno.c \
-	expand_hostname.c \
-	fcache.c \
-	free.c \
-	free_host_realm.c \
-	generate_seq_number.c \
-	generate_subkey.c \
-	get_addrs.c \
-	get_cred.c \
-	get_default_principal.c \
-	get_default_realm.c \
-	get_for_creds.c \
-	get_host_realm.c \
-	get_in_tkt.c \
-	get_in_tkt_pw.c \
-	get_in_tkt_with_keytab.c \
-	get_in_tkt_with_skey.c \
-	get_port.c \
-	init_creds.c \
-	init_creds_pw.c \
-	keyblock.c \
-	keytab.c \
-	keytab_file.c \
-	keytab_memory.c \
-	keytab_keyfile.c \
-	keytab_krb4.c \
-	krbhst.c \
-	kuserok.c \
-	log.c \
-	mcache.c \
-	misc.c \
-	mk_error.c \
-	mk_priv.c \
-	mk_rep.c \
-	mk_req.c \
-	mk_req_ext.c \
-	mk_safe.c \
-	net_read.c \
-	net_write.c \
-	n-fold.c \
-	padata.c \
-	principal.c \
-	prog_setup.c \
-	prompter_posix.c \
-	rd_cred.c \
-	rd_error.c \
-	rd_priv.c \
-	rd_rep.c \
-	rd_req.c \
-	rd_safe.c \
-	read_message.c \
-	recvauth.c \
-	replay.c \
-	send_to_kdc.c \
-	sendauth.c \
-	set_default_realm.c \
-	sock_principal.c \
-	store.c \
-	store_emem.c \
-	store_fd.c \
-	store_mem.c \
-	ticket.c \
-	time.c \
-	transited.c \
-	verify_init.c \
-	verify_user.c \
-	version.c \
-	warn.c \
-	write_message.c \
+libkrb5_la_SOURCES =				\
+	acl.c					\
+	add_et_list.c				\
+	addr_families.c				\
+	address.c				\
+	aname_to_localname.c			\
+	appdefault.c				\
+	asn1_glue.c				\
+	auth_context.c				\
+	build_ap_req.c				\
+	build_auth.c				\
+	cache.c					\
+	changepw.c				\
+	codec.c					\
+	config_file.c				\
+	config_file_netinfo.c			\
+	convert_creds.c				\
+	constants.c				\
+	context.c				\
+	copy_host_realm.c			\
+	crc.c					\
+	creds.c					\
+	crypto.c				\
+	data.c					\
+	eai_to_heim_errno.c			\
+	error_string.c				\
+	expand_hostname.c			\
+	fcache.c				\
+	free.c					\
+	free_host_realm.c			\
+	generate_seq_number.c			\
+	generate_subkey.c			\
+	get_addrs.c				\
+	get_cred.c				\
+	get_default_principal.c			\
+	get_default_realm.c			\
+	get_for_creds.c				\
+	get_host_realm.c			\
+	get_in_tkt.c				\
+	get_in_tkt_pw.c				\
+	get_in_tkt_with_keytab.c		\
+	get_in_tkt_with_skey.c			\
+	get_port.c				\
+	init_creds.c				\
+	init_creds_pw.c				\
+	keyblock.c				\
+	keytab.c				\
+	keytab_any.c				\
+	keytab_file.c				\
+	keytab_memory.c				\
+	keytab_keyfile.c			\
+	keytab_krb4.c				\
+	krbhst.c				\
+	kuserok.c				\
+	log.c					\
+	mcache.c				\
+	misc.c					\
+	mk_error.c				\
+	mk_priv.c				\
+	mk_rep.c				\
+	mk_req.c				\
+	mk_req_ext.c				\
+	mk_safe.c				\
+	net_read.c				\
+	net_write.c				\
+	n-fold.c				\
+	padata.c				\
+	principal.c				\
+	prog_setup.c				\
+	prompter_posix.c			\
+	rd_cred.c				\
+	rd_error.c				\
+	rd_priv.c				\
+	rd_rep.c				\
+	rd_req.c				\
+	rd_safe.c				\
+	read_message.c				\
+	recvauth.c				\
+	replay.c				\
+	send_to_kdc.c				\
+	sendauth.c				\
+	set_default_realm.c			\
+	sock_principal.c			\
+	store.c					\
+	store_emem.c				\
+	store_fd.c				\
+	store_mem.c				\
+	ticket.c				\
+	time.c					\
+	transited.c				\
+	verify_init.c				\
+	verify_user.c				\
+	version.c				\
+	warn.c					\
+	write_message.c				\
 	$(ERR_FILES)
 
-libkrb5_la_LDFLAGS = -version-info 15:0:0
+libkrb5_la_LDFLAGS = -version-info 16:0:0
 
 $(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
 
@@ -147,7 +149,8 @@ man_MANS =					\
 	verify_krb5_conf.8			\
 	krb5_auth_context.3			\
 	krb5_context.3				\
-	krb5_init_context.3
+	krb5_init_context.3			\
+	krb5_keytab.3
 
 include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h
 
diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in
index be103d2..52925bb 100644
--- a/crypto/heimdal/lib/krb5/Makefile.in
+++ b/crypto/heimdal/lib/krb5/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,13 +114,13 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $
+# $Id: Makefile.am,v 1.125 2001/05/16 23:51:50 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,14 +186,16 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 bin_PROGRAMS = verify_krb5_conf
 
 noinst_PROGRAMS = dump_config test_get_addrs
 
-check_PROGRAMS = n-fold-test string-to-key-test
-TESTS = n-fold-test string-to-key-test
+check_PROGRAMS = n-fold-test string-to-key-test derived-key-test store-test
+TESTS = n-fold-test string-to-key-test derived-key-test store-test
 
 LDADD = libkrb5.la \
 	$(LIB_des) \
@@ -212,102 +215,104 @@ lib_LTLIBRARIES = libkrb5.la
 ERR_FILES = krb5_err.c heim_err.c
 
 libkrb5_la_SOURCES = \
-	acl.c \
-	add_et_list.c \
-	addr_families.c \
-	address.c \
-	aname_to_localname.c \
-	appdefault.c \
-	asn1_glue.c \
-	auth_context.c \
-	build_ap_req.c \
-	build_auth.c \
-	cache.c \
-	changepw.c \
-	codec.c \
-	config_file.c \
-	config_file_netinfo.c \
-	convert_creds.c \
-	constants.c \
-	context.c \
-	copy_host_realm.c \
-	crc.c \
-	creds.c \
-	crypto.c \
-	data.c \
-	eai_to_heim_errno.c \
-	expand_hostname.c \
-	fcache.c \
-	free.c \
-	free_host_realm.c \
-	generate_seq_number.c \
-	generate_subkey.c \
-	get_addrs.c \
-	get_cred.c \
-	get_default_principal.c \
-	get_default_realm.c \
-	get_for_creds.c \
-	get_host_realm.c \
-	get_in_tkt.c \
-	get_in_tkt_pw.c \
-	get_in_tkt_with_keytab.c \
-	get_in_tkt_with_skey.c \
-	get_port.c \
-	init_creds.c \
-	init_creds_pw.c \
-	keyblock.c \
-	keytab.c \
-	keytab_file.c \
-	keytab_memory.c \
-	keytab_keyfile.c \
-	keytab_krb4.c \
-	krbhst.c \
-	kuserok.c \
-	log.c \
-	mcache.c \
-	misc.c \
-	mk_error.c \
-	mk_priv.c \
-	mk_rep.c \
-	mk_req.c \
-	mk_req_ext.c \
-	mk_safe.c \
-	net_read.c \
-	net_write.c \
-	n-fold.c \
-	padata.c \
-	principal.c \
-	prog_setup.c \
-	prompter_posix.c \
-	rd_cred.c \
-	rd_error.c \
-	rd_priv.c \
-	rd_rep.c \
-	rd_req.c \
-	rd_safe.c \
-	read_message.c \
-	recvauth.c \
-	replay.c \
-	send_to_kdc.c \
-	sendauth.c \
-	set_default_realm.c \
-	sock_principal.c \
-	store.c \
-	store_emem.c \
-	store_fd.c \
-	store_mem.c \
-	ticket.c \
-	time.c \
-	transited.c \
-	verify_init.c \
-	verify_user.c \
-	version.c \
-	warn.c \
-	write_message.c \
+	acl.c					\
+	add_et_list.c				\
+	addr_families.c				\
+	address.c				\
+	aname_to_localname.c			\
+	appdefault.c				\
+	asn1_glue.c				\
+	auth_context.c				\
+	build_ap_req.c				\
+	build_auth.c				\
+	cache.c					\
+	changepw.c				\
+	codec.c					\
+	config_file.c				\
+	config_file_netinfo.c			\
+	convert_creds.c				\
+	constants.c				\
+	context.c				\
+	copy_host_realm.c			\
+	crc.c					\
+	creds.c					\
+	crypto.c				\
+	data.c					\
+	eai_to_heim_errno.c			\
+	error_string.c				\
+	expand_hostname.c			\
+	fcache.c				\
+	free.c					\
+	free_host_realm.c			\
+	generate_seq_number.c			\
+	generate_subkey.c			\
+	get_addrs.c				\
+	get_cred.c				\
+	get_default_principal.c			\
+	get_default_realm.c			\
+	get_for_creds.c				\
+	get_host_realm.c			\
+	get_in_tkt.c				\
+	get_in_tkt_pw.c				\
+	get_in_tkt_with_keytab.c		\
+	get_in_tkt_with_skey.c			\
+	get_port.c				\
+	init_creds.c				\
+	init_creds_pw.c				\
+	keyblock.c				\
+	keytab.c				\
+	keytab_any.c				\
+	keytab_file.c				\
+	keytab_memory.c				\
+	keytab_keyfile.c			\
+	keytab_krb4.c				\
+	krbhst.c				\
+	kuserok.c				\
+	log.c					\
+	mcache.c				\
+	misc.c					\
+	mk_error.c				\
+	mk_priv.c				\
+	mk_rep.c				\
+	mk_req.c				\
+	mk_req_ext.c				\
+	mk_safe.c				\
+	net_read.c				\
+	net_write.c				\
+	n-fold.c				\
+	padata.c				\
+	principal.c				\
+	prog_setup.c				\
+	prompter_posix.c			\
+	rd_cred.c				\
+	rd_error.c				\
+	rd_priv.c				\
+	rd_rep.c				\
+	rd_req.c				\
+	rd_safe.c				\
+	read_message.c				\
+	recvauth.c				\
+	replay.c				\
+	send_to_kdc.c				\
+	sendauth.c				\
+	set_default_realm.c			\
+	sock_principal.c			\
+	store.c					\
+	store_emem.c				\
+	store_fd.c				\
+	store_mem.c				\
+	ticket.c				\
+	time.c					\
+	transited.c				\
+	verify_init.c				\
+	verify_user.c				\
+	version.c				\
+	warn.c					\
+	write_message.c				\
 	$(ERR_FILES)
 
 
-libkrb5_la_LDFLAGS = -version-info 15:0:0
+libkrb5_la_LDFLAGS = -version-info 16:0:0
 
 #libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
 
@@ -327,7 +332,8 @@ man_MANS = \
 	verify_krb5_conf.8			\
 	krb5_auth_context.3			\
 	krb5_context.3				\
-	krb5_init_context.3
+	krb5_init_context.3			\
+	krb5_keytab.3
 
 
 include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h
@@ -354,27 +360,35 @@ address.lo aname_to_localname.lo appdefault.lo asn1_glue.lo \
 auth_context.lo build_ap_req.lo build_auth.lo cache.lo changepw.lo \
 codec.lo config_file.lo config_file_netinfo.lo convert_creds.lo \
 constants.lo context.lo copy_host_realm.lo crc.lo creds.lo crypto.lo \
-data.lo eai_to_heim_errno.lo expand_hostname.lo fcache.lo free.lo \
-free_host_realm.lo generate_seq_number.lo generate_subkey.lo \
-get_addrs.lo get_cred.lo get_default_principal.lo get_default_realm.lo \
-get_for_creds.lo get_host_realm.lo get_in_tkt.lo get_in_tkt_pw.lo \
-get_in_tkt_with_keytab.lo get_in_tkt_with_skey.lo get_port.lo \
-init_creds.lo init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \
-keytab_memory.lo keytab_keyfile.lo keytab_krb4.lo krbhst.lo kuserok.lo \
-log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo mk_req.lo \
-mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo n-fold.lo padata.lo \
-principal.lo prog_setup.lo prompter_posix.lo rd_cred.lo rd_error.lo \
-rd_priv.lo rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \
-replay.lo send_to_kdc.lo sendauth.lo set_default_realm.lo \
-sock_principal.lo store.lo store_emem.lo store_fd.lo store_mem.lo \
-ticket.lo time.lo transited.lo verify_init.lo verify_user.lo version.lo \
-warn.lo write_message.lo krb5_err.lo heim_err.lo
+data.lo eai_to_heim_errno.lo error_string.lo expand_hostname.lo \
+fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \
+generate_subkey.lo get_addrs.lo get_cred.lo get_default_principal.lo \
+get_default_realm.lo get_for_creds.lo get_host_realm.lo get_in_tkt.lo \
+get_in_tkt_pw.lo get_in_tkt_with_keytab.lo get_in_tkt_with_skey.lo \
+get_port.lo init_creds.lo init_creds_pw.lo keyblock.lo keytab.lo \
+keytab_any.lo keytab_file.lo keytab_memory.lo keytab_keyfile.lo \
+keytab_krb4.lo krbhst.lo kuserok.lo log.lo mcache.lo misc.lo \
+mk_error.lo mk_priv.lo mk_rep.lo mk_req.lo mk_req_ext.lo mk_safe.lo \
+net_read.lo net_write.lo n-fold.lo padata.lo principal.lo prog_setup.lo \
+prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo rd_rep.lo rd_req.lo \
+rd_safe.lo read_message.lo recvauth.lo replay.lo send_to_kdc.lo \
+sendauth.lo set_default_realm.lo sock_principal.lo store.lo \
+store_emem.lo store_fd.lo store_mem.lo ticket.lo time.lo transited.lo \
+verify_init.lo verify_user.lo version.lo warn.lo write_message.lo \
+krb5_err.lo heim_err.lo
 libkrb5_la_OBJECTS =  $(am_libkrb5_la_OBJECTS)
 bin_PROGRAMS =  verify_krb5_conf$(EXEEXT)
-check_PROGRAMS =  n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT)
+check_PROGRAMS =  n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT) \
+derived-key-test$(EXEEXT) store-test$(EXEEXT)
 noinst_PROGRAMS =  dump_config$(EXEEXT) test_get_addrs$(EXEEXT)
 PROGRAMS =  $(bin_PROGRAMS) $(noinst_PROGRAMS)
 
+derived_key_test_SOURCES = derived-key-test.c
+derived_key_test_OBJECTS =  derived-key-test.$(OBJEXT)
+derived_key_test_LDADD = $(LDADD)
+derived_key_test_DEPENDENCIES =  libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+derived_key_test_LDFLAGS = 
 dump_config_SOURCES = dump_config.c
 dump_config_OBJECTS =  dump_config.$(OBJEXT)
 dump_config_LDADD = $(LDADD)
@@ -387,6 +401,12 @@ n_fold_test_LDADD = $(LDADD)
 n_fold_test_DEPENDENCIES =  libkrb5.la \
 $(top_builddir)/lib/asn1/libasn1.la
 n_fold_test_LDFLAGS = 
+store_test_SOURCES = store-test.c
+store_test_OBJECTS =  store-test.$(OBJEXT)
+store_test_LDADD = $(LDADD)
+store_test_DEPENDENCIES =  libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+store_test_LDFLAGS = 
 string_to_key_test_SOURCES = string-to-key-test.c
 string_to_key_test_OBJECTS =  string-to-key-test.$(OBJEXT)
 string_to_key_test_LDADD = $(LDADD)
@@ -410,8 +430,9 @@ LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $
 CFLAGS = @CFLAGS@
 CCLD = $(CC)
 LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
-DIST_SOURCES =  $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c \
-string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+DIST_SOURCES =  $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c \
+n-fold-test.c store-test.c string-to-key-test.c test_get_addrs.c \
+verify_krb5_conf.c
 man3dir = $(mandir)/man3
 man5dir = $(mandir)/man5
 man8dir = $(mandir)/man8
@@ -425,12 +446,12 @@ DIST_COMMON =  $(include_HEADERS) Makefile.am Makefile.in
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 
 GZIP_ENV = --best
-SOURCES = $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
-OBJECTS = $(am_libkrb5_la_OBJECTS) dump_config.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) test_get_addrs.$(OBJEXT) verify_krb5_conf.$(OBJEXT)
+SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c n-fold-test.c store-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+OBJECTS = $(am_libkrb5_la_OBJECTS) derived-key-test.$(OBJEXT) dump_config.$(OBJEXT) n-fold-test.$(OBJEXT) store-test.$(OBJEXT) string-to-key-test.$(OBJEXT) test_get_addrs.$(OBJEXT) verify_krb5_conf.$(OBJEXT)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/krb5/Makefile
 
@@ -535,6 +556,10 @@ distclean-noinstPROGRAMS:
 
 maintainer-clean-noinstPROGRAMS:
 
+derived-key-test$(EXEEXT): $(derived_key_test_OBJECTS) $(derived_key_test_DEPENDENCIES)
+	@rm -f derived-key-test$(EXEEXT)
+	$(LINK) $(derived_key_test_LDFLAGS) $(derived_key_test_OBJECTS) $(derived_key_test_LDADD) $(LIBS)
+
 dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES)
 	@rm -f dump_config$(EXEEXT)
 	$(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS)
@@ -543,6 +568,10 @@ n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES)
 	@rm -f n-fold-test$(EXEEXT)
 	$(LINK) $(n_fold_test_LDFLAGS) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS)
 
+store-test$(EXEEXT): $(store_test_OBJECTS) $(store_test_DEPENDENCIES)
+	@rm -f store-test$(EXEEXT)
+	$(LINK) $(store_test_LDFLAGS) $(store_test_OBJECTS) $(store_test_LDADD) $(LIBS)
+
 string-to-key-test$(EXEEXT): $(string_to_key_test_OBJECTS) $(string_to_key_test_DEPENDENCIES)
 	@rm -f string-to-key-test$(EXEEXT)
 	$(LINK) $(string_to_key_test_LDFLAGS) $(string_to_key_test_OBJECTS) $(string_to_key_test_LDADD) $(LIBS)
@@ -714,6 +743,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -802,6 +836,8 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+install-binPROGRAMS: install-libLTLIBRARIES
+
 install-exec-am: install-libLTLIBRARIES install-binPROGRAMS
 	@$(NORMAL_INSTALL)
 	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
diff --git a/crypto/heimdal/lib/krb5/acl.c b/crypto/heimdal/lib/krb5/acl.c
index 0106251..fb22fbb 100644
--- a/crypto/heimdal/lib/krb5/acl.c
+++ b/crypto/heimdal/lib/krb5/acl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -34,7 +34,7 @@
 #include "krb5_locl.h"
 #include <fnmatch.h>
 
-RCSID("$Id: acl.c,v 1.1 2000/06/12 11:17:52 joda Exp $");
+RCSID("$Id: acl.c,v 1.2 2001/05/14 06:14:43 assar Exp $");
 
 struct acl_field {
     enum { acl_string, acl_fnmatch, acl_retval } type;
@@ -68,6 +68,7 @@ acl_parse_format(krb5_context context,
     for(p = format; *p != '\0'; p++) {
 	tmp = malloc(sizeof(*tmp));
 	if(tmp == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    acl_free_list(acl);
 	    return ENOMEM;
 	}
@@ -133,6 +134,7 @@ krb5_acl_match_string(krb5_context context,
 		      ...)
 {
     krb5_error_code ret;
+    krb5_boolean found;
     struct acl_field *acl;
 
     va_list ap;
@@ -142,10 +144,14 @@ krb5_acl_match_string(krb5_context context,
     if(ret)
 	return ret;
 
-    ret = acl_match_acl(context, acl, acl_string);
-
+    found = acl_match_acl(context, acl, acl_string);
     acl_free_list(acl);
-    return ret ? 0 : EACCES;
+    if (found) {
+	return 0;
+    } else {
+	krb5_set_error_string(context, "ACL did not match");
+	return EACCES;
+    }
 }
 	       
 krb5_error_code
@@ -159,10 +165,16 @@ krb5_acl_match_file(krb5_context context,
     char buf[256];
     va_list ap;
     FILE *f;
+    krb5_boolean found;
 
     f = fopen(file, "r");
-    if(f == NULL)
-	return errno;
+    if(f == NULL) {
+	int save_errno = errno;
+
+	krb5_set_error_string(context, "open(%s): %s", file,
+			      strerror(save_errno));
+	return save_errno;
+    }
 
     va_start(ap, format);
     ret = acl_parse_format(context, &acl, format, ap);
@@ -172,18 +184,22 @@ krb5_acl_match_file(krb5_context context,
 	return ret;
     }
 
-    ret = EACCES; /* XXX */
+    found = FALSE;
     while(fgets(buf, sizeof(buf), f)) {
 	if(buf[0] == '#')
 	    continue;
 	if(acl_match_acl(context, acl, buf)) {
-	    ret = 0;
-	    goto out;
+	    found = TRUE;
+	    break;
 	}
     }
 
-  out:
     fclose(f);
     acl_free_list(acl);
-    return ret;
+    if (found) {
+	return 0;
+    } else {
+	krb5_set_error_string(context, "ACL did not match");
+	return EACCES;
+    }
 }
diff --git a/crypto/heimdal/lib/krb5/addr_families.c b/crypto/heimdal/lib/krb5/addr_families.c
index 339d23b..430fd1e 100644
--- a/crypto/heimdal/lib/krb5/addr_families.c
+++ b/crypto/heimdal/lib/krb5/addr_families.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: addr_families.c,v 1.24 2000/07/08 13:05:43 joda Exp $");
+RCSID("$Id: addr_families.c,v 1.26 2001/05/14 22:49:55 assar Exp $");
 
 struct addr_operations {
     int af;
@@ -386,33 +386,45 @@ find_atype(int atype)
 }
 
 krb5_error_code
-krb5_sockaddr2address (const struct sockaddr *sa, krb5_address *addr)
+krb5_sockaddr2address (krb5_context context,
+		       const struct sockaddr *sa, krb5_address *addr)
 {
     struct addr_operations *a = find_af(sa->sa_family);
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address family %d not supported",
+			       sa->sa_family);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
     return (*a->sockaddr2addr)(sa, addr);
 }
 
 krb5_error_code
-krb5_sockaddr2port (const struct sockaddr *sa, int16_t *port)
+krb5_sockaddr2port (krb5_context context,
+		    const struct sockaddr *sa, int16_t *port)
 {
     struct addr_operations *a = find_af(sa->sa_family);
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address family %d not supported",
+			       sa->sa_family);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
     return (*a->sockaddr2port)(sa, port);
 }
 
 krb5_error_code
-krb5_addr2sockaddr (const krb5_address *addr,
+krb5_addr2sockaddr (krb5_context context,
+		    const krb5_address *addr,
 		    struct sockaddr *sa,
 		    int *sa_size,
 		    int port)
 {
     struct addr_operations *a = find_atype(addr->addr_type);
 
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address type %d not supported",
+			       addr->addr_type);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
     (*a->addr2sockaddr)(addr, sa, sa_size, port);
     return 0;
 }
@@ -439,37 +451,46 @@ krb5_sockaddr_uninteresting(const struct sockaddr *sa)
 }
 
 krb5_error_code
-krb5_h_addr2sockaddr (int af,
+krb5_h_addr2sockaddr (krb5_context context,
+		      int af,
 		      const char *addr, struct sockaddr *sa, int *sa_size,
 		      int port)
 {
     struct addr_operations *a = find_af(af);
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address family %d not supported", af);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
     (*a->h_addr2sockaddr)(addr, sa, sa_size, port);
     return 0;
 }
 
 krb5_error_code
-krb5_h_addr2addr (int af,
+krb5_h_addr2addr (krb5_context context,
+		  int af,
 		  const char *haddr, krb5_address *addr)
 {
     struct addr_operations *a = find_af(af);
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address family %d not supported", af);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
     return (*a->h_addr2addr)(haddr, addr);
 }
 
 krb5_error_code
-krb5_anyaddr (int af,
+krb5_anyaddr (krb5_context context,
+	      int af,
 	      struct sockaddr *sa,
 	      int *sa_size,
 	      int port)
 {
     struct addr_operations *a = find_af (af);
 
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string (context, "Address family %d not supported", af);
 	return KRB5_PROG_ATYPE_NOSUPP;
+    }
 
     (*a->anyaddr)(sa, sa_size, port);
     return 0;
@@ -509,6 +530,7 @@ krb5_parse_address(krb5_context context,
     int i, n;
     struct addrinfo *ai, *a;
     int error;
+    int save_errno;
 
     for(i = 0; i < num_addrs; i++) {
 	if(at[i].parse_addr) {
@@ -522,8 +544,11 @@ krb5_parse_address(krb5_context context,
     }
 
     error = getaddrinfo (string, NULL, NULL, &ai);
-    if (error)
-	return krb5_eai_to_heim_errno(error);
+    if (error) {
+	save_errno = errno;
+	krb5_set_error_string (context, "%s: %s", string, gai_strerror(error));
+	return krb5_eai_to_heim_errno(error, save_errno);
+    }
     
     n = 0;
     for (a = ai; a != NULL; a = a->ai_next)
@@ -532,7 +557,7 @@ krb5_parse_address(krb5_context context,
     ALLOC_SEQ(addresses, n);
 
     for (a = ai, i = 0; a != NULL; a = a->ai_next, ++i) {
-	krb5_sockaddr2address (ai->ai_addr, &addresses->val[i]);
+	krb5_sockaddr2address (context, ai->ai_addr, &addresses->val[i]);
     }
     freeaddrinfo (ai);
     return 0;
diff --git a/crypto/heimdal/lib/krb5/address.c b/crypto/heimdal/lib/krb5/address.c
index 8b0704f..5dc756a 100644
--- a/crypto/heimdal/lib/krb5/address.c
+++ b/crypto/heimdal/lib/krb5/address.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: address.c,v 1.14 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: address.c,v 1.15 2001/05/14 06:14:44 assar Exp $");
 
 #if 0
 /* This is the supposedly MIT-api version */
@@ -128,8 +128,10 @@ krb5_append_addresses(krb5_context context,
     int i;
     if(source->len > 0) {
 	tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp));
-	if(tmp == NULL)
+	if(tmp == NULL) {
+	    krb5_set_error_string(context, "realloc: out of memory");
 	    return ENOMEM;
+	}
 	dest->val = tmp;
 	for(i = 0; i < source->len; i++) {
 	    /* skip duplicates */
@@ -151,18 +153,22 @@ krb5_append_addresses(krb5_context context,
  */
 
 krb5_error_code
-krb5_make_addrport (krb5_address **res, const krb5_address *addr, int16_t port)
+krb5_make_addrport (krb5_context context,
+		    krb5_address **res, const krb5_address *addr, int16_t port)
 {
     krb5_error_code ret;
     size_t len = addr->address.length + 2 + 4 * 4;
     u_char *p;
 
     *res = malloc (sizeof(**res));
-    if (*res == NULL)
+    if (*res == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     (*res)->addr_type = KRB5_ADDRESS_ADDRPORT;
     ret = krb5_data_alloc (&(*res)->address, len);
     if (ret) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	free (*res);
 	return ret;
     }
diff --git a/crypto/heimdal/lib/krb5/appdefault.c b/crypto/heimdal/lib/krb5/appdefault.c
index 081dec0..12de150 100644
--- a/crypto/heimdal/lib/krb5/appdefault.c
+++ b/crypto/heimdal/lib/krb5/appdefault.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: appdefault.c,v 1.3 2001/01/10 00:19:58 assar Exp $");
+RCSID("$Id: appdefault.c,v 1.5 2001/05/14 06:14:44 assar Exp $");
 
 void
 krb5_appdefault_boolean(krb5_context context, const char *appname, 
@@ -42,7 +42,7 @@ krb5_appdefault_boolean(krb5_context context, const char *appname,
 {
     
     if(appname == NULL)
-	appname = __progname;
+	appname = getprogname();
     def_val = krb5_config_get_bool_default(context, NULL, def_val, 
 					   "appdefaults", 
 					   option, 
@@ -76,7 +76,7 @@ krb5_appdefault_string(krb5_context context, const char *appname,
 		       const char *def_val, char **ret_val)
 {
     if(appname == NULL)
-	appname = __progname;
+	appname = getprogname();
     def_val = krb5_config_get_string_default(context, NULL, def_val, 
 					     "appdefaults", 
 					     option, 
diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c
index a37c4dd..eca2e87 100644
--- a/crypto/heimdal/lib/krb5/auth_context.c
+++ b/crypto/heimdal/lib/krb5/auth_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: auth_context.c,v 1.55 2000/12/10 20:01:05 assar Exp $");
+RCSID("$Id: auth_context.c,v 1.56 2001/05/14 06:14:44 assar Exp $");
 
 krb5_error_code
 krb5_auth_con_init(krb5_context context,
@@ -42,11 +42,14 @@ krb5_auth_con_init(krb5_context context,
     krb5_auth_context p;
 
     ALLOC(p, 1);
-    if(!p)
+    if(!p) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memset(p, 0, sizeof(*p));
     ALLOC(p->authenticator, 1);
     if (!p->authenticator) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	free(p);
 	return ENOMEM;
     }
@@ -146,11 +149,13 @@ krb5_auth_con_genaddrs(krb5_context context,
 	    len = sizeof(ss_local);
 	    if(getsockname(fd, local, &len) < 0) {
 		ret = errno;
+		krb5_set_error_string (context, "getsockname: %s",
+				       strerror(ret));
 		goto out;
 	    }
-	    krb5_sockaddr2address (local, &local_k_address);
+	    krb5_sockaddr2address (context, local, &local_k_address);
 	    if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) {
-		krb5_sockaddr2port (local, &auth_context->local_port);
+		krb5_sockaddr2port (context, local, &auth_context->local_port);
 	    } else
 		auth_context->local_port = 0;
 	    lptr = &local_k_address;
@@ -160,11 +165,12 @@ krb5_auth_con_genaddrs(krb5_context context,
 	len = sizeof(ss_remote);
 	if(getpeername(fd, remote, &len) < 0) {
 	    ret = errno;
+	    krb5_set_error_string (context, "getpeername: %s", strerror(ret));
 	    goto out;
 	}
-	krb5_sockaddr2address (remote, &remote_k_address);
+	krb5_sockaddr2address (context, remote, &remote_k_address);
 	if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) {
-	    krb5_sockaddr2port (remote, &auth_context->remote_port);
+	    krb5_sockaddr2port (context, remote, &auth_context->remote_port);
 	} else
 	    auth_context->remote_port = 0;
 	rptr = &remote_k_address;
@@ -205,8 +211,10 @@ krb5_auth_con_getaddrs(krb5_context context,
     if(*local_addr)
 	krb5_free_address (context, *local_addr);
     *local_addr = malloc (sizeof(**local_addr));
-    if (*local_addr == NULL)
+    if (*local_addr == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     krb5_copy_address(context,
 		      auth_context->local_address,
 		      *local_addr);
@@ -214,8 +222,12 @@ krb5_auth_con_getaddrs(krb5_context context,
     if(*remote_addr)
 	krb5_free_address (context, *remote_addr);
     *remote_addr = malloc (sizeof(**remote_addr));
-    if (*remote_addr == NULL)
+    if (*remote_addr == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
+	krb5_free_address (context, *local_addr);
+	*local_addr = NULL;
 	return ENOMEM;
+    }
     krb5_copy_address(context,
 		      auth_context->remote_address,
 		      *remote_addr);
@@ -390,8 +402,10 @@ krb5_auth_getauthenticator(krb5_context context,
 			   krb5_authenticator *authenticator)
 {
     *authenticator = malloc(sizeof(**authenticator));
-    if (*authenticator == NULL)
+    if (*authenticator == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     copy_Authenticator(auth_context->authenticator,
 		       *authenticator);
diff --git a/crypto/heimdal/lib/krb5/build_ap_req.c b/crypto/heimdal/lib/krb5/build_ap_req.c
index c8a89ca..e4f7d4e 100644
--- a/crypto/heimdal/lib/krb5/build_ap_req.c
+++ b/crypto/heimdal/lib/krb5/build_ap_req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: build_ap_req.c,v 1.16 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: build_ap_req.c,v 1.17 2001/05/14 06:14:44 assar Exp $");
 
 krb5_error_code
 krb5_build_ap_req (krb5_context context,
@@ -68,9 +68,10 @@ krb5_build_ap_req (krb5_context context,
 
   retdata->length = length_AP_REQ(&ap);
   retdata->data   = malloc(retdata->length);
-  if(retdata->data == NULL)
+  if(retdata->data == NULL) {
+      krb5_set_error_string(context, "malloc: out of memory");
       ret = ENOMEM;
-  else
+  } else
       encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1,
 		    retdata->length, &ap, &len);
   free_AP_REQ(&ap);
diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c
index c75b2f1..b1650fd 100644
--- a/crypto/heimdal/lib/krb5/build_auth.c
+++ b/crypto/heimdal/lib/krb5/build_auth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: build_auth.c,v 1.34 2000/11/15 06:58:51 assar Exp $");
+RCSID("$Id: build_auth.c,v 1.35 2001/05/14 06:14:44 assar Exp $");
 
 krb5_error_code
 krb5_build_authenticator (krb5_context context,
@@ -53,8 +53,10 @@ krb5_build_authenticator (krb5_context context,
   krb5_crypto crypto;
 
   auth = malloc(sizeof(*auth));
-  if (auth == NULL)
+  if (auth == NULL) {
+      krb5_set_error_string(context, "malloc: out of memory");
       return ENOMEM;
+  }
 
   memset (auth, 0, sizeof(*auth));
   auth->authenticator_vno = 5;
@@ -100,6 +102,7 @@ krb5_build_authenticator (krb5_context context,
   buf_size = 1024;
   buf = malloc (buf_size);
   if (buf == NULL) {
+      krb5_set_error_string(context, "malloc: out of memory");
       ret = ENOMEM;
       goto fail;
   }
@@ -116,6 +119,7 @@ krb5_build_authenticator (krb5_context context,
 	      buf_size *= 2;
 	      tmp = realloc (buf, buf_size);
 	      if (tmp == NULL) {
+		  krb5_set_error_string(context, "malloc: out of memory");
 		  ret = ENOMEM;
 		  goto fail;
 	      }
diff --git a/crypto/heimdal/lib/krb5/cache.c b/crypto/heimdal/lib/krb5/cache.c
index 121f44f..141eb61 100644
--- a/crypto/heimdal/lib/krb5/cache.c
+++ b/crypto/heimdal/lib/krb5/cache.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: cache.c,v 1.45 2000/12/05 09:18:29 joda Exp $");
+RCSID("$Id: cache.c,v 1.47 2001/05/14 06:14:45 assar Exp $");
 
 /*
  * Add a new ccache type with operations `ops', overwriting any
@@ -46,32 +46,42 @@ krb5_cc_register(krb5_context context,
 		 const krb5_cc_ops *ops, 
 		 krb5_boolean override)
 {
+    char *prefix_copy;
     int i;
 
     for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) {
 	if(strcmp(context->cc_ops[i].prefix, ops->prefix) == 0) {
 	    if(override)
 		free(context->cc_ops[i].prefix);
-	    else
+	    else {
+		krb5_set_error_string(context,
+				      "ccache type %s already exists",
+				      ops->prefix);
 		return KRB5_CC_TYPE_EXISTS;
+	    }
 	}
     }
+    prefix_copy = strdup(ops->prefix);
+    if (prefix_copy == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
+	return KRB5_CC_NOMEM;
+    }
     if(i == context->num_cc_ops) {
 	krb5_cc_ops *o = realloc(context->cc_ops,
 				 (context->num_cc_ops + 1) *
 				 sizeof(*context->cc_ops));
-	if(o == NULL)
+	if(o == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
+	    free(prefix_copy);
 	    return KRB5_CC_NOMEM;
+	}
 	context->num_cc_ops++;
 	context->cc_ops = o;
 	memset(context->cc_ops + i, 0, 
 	       (context->num_cc_ops - i) * sizeof(*context->cc_ops));
     }
     memcpy(&context->cc_ops[i], ops, sizeof(context->cc_ops[i]));
-    context->cc_ops[i].prefix = strdup(ops->prefix);
-    if(context->cc_ops[i].prefix == NULL)
-	return KRB5_CC_NOMEM;
-    
+    context->cc_ops[i].prefix = prefix_copy;
     return 0;
 }
 
@@ -91,8 +101,10 @@ allocate_ccache (krb5_context context,
     krb5_ccache p;
 
     p = malloc(sizeof(*p));
-    if(p == NULL)
+    if(p == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     p->ops = ops;
     *id = p;
     ret = p->ops->resolve(context, id, residual);
@@ -126,8 +138,10 @@ krb5_cc_resolve(krb5_context context,
     }
     if (strchr (name, ':') == NULL)
 	return allocate_ccache (context, &krb5_fcc_ops, name, id);
-    else
+    else {
+	krb5_set_error_string(context, "unknown ccache type %s", name);
 	return KRB5_CC_UNKNOWN_TYPE;
+    }
 }
 
 /*
@@ -143,8 +157,10 @@ krb5_cc_gen_new(krb5_context context,
     krb5_ccache p;
 
     p = malloc (sizeof(*p));
-    if (p == NULL)
+    if (p == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     p->ops = ops;
     *id = p;
     return p->ops->gen_new(context, id);
@@ -281,7 +297,7 @@ krb5_cc_retrieve_cred(krb5_context context,
     krb5_error_code ret;
     krb5_cc_cursor cursor;
     krb5_cc_start_seq_get(context, id, &cursor);
-    while((ret = krb5_cc_next_cred(context, id, creds, &cursor)) == 0){
+    while((ret = krb5_cc_next_cred(context, id, &cursor, creds)) == 0){
 	if(krb5_compare_creds(context, whichfields, mcreds, creds)){
 	    ret = 0;
 	    break;
@@ -328,8 +344,8 @@ krb5_cc_start_seq_get (krb5_context context,
 krb5_error_code
 krb5_cc_next_cred (krb5_context context,
 		   const krb5_ccache id,
-		   krb5_creds *creds,
-		   krb5_cc_cursor *cursor)
+		   krb5_cc_cursor *cursor,
+		   krb5_creds *creds)
 {
     return id->ops->get_next(context, id, cursor, creds);
 }
@@ -356,8 +372,12 @@ krb5_cc_remove_cred(krb5_context context,
 		    krb5_flags which,
 		    krb5_creds *cred)
 {
-    if(id->ops->remove_cred == NULL)
+    if(id->ops->remove_cred == NULL) {
+	krb5_set_error_string(context,
+			      "ccache %s does not support remove_cred",
+			      id->ops->prefix);
 	return EACCES; /* XXX */
+    }
     return (*id->ops->remove_cred)(context, id, which, cred);
 }
 
@@ -400,7 +420,7 @@ krb5_cc_copy_cache(krb5_context context,
 	krb5_free_principal(context, princ);
 	return ret;
     }
-    while(ret == 0 && krb5_cc_next_cred(context, from, &cred, &cursor) == 0){
+    while(ret == 0 && krb5_cc_next_cred(context, from, &cursor, &cred) == 0){
 	ret = krb5_cc_store_cred(context, to, &cred);
 	krb5_free_creds_contents (context, &cred);
     }
diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c
index 407abf0..309e972 100644
--- a/crypto/heimdal/lib/krb5/changepw.c
+++ b/crypto/heimdal/lib/krb5/changepw.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,17 +33,20 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: changepw.c,v 1.30 2000/12/10 23:10:10 assar Exp $");
+RCSID("$Id: changepw.c,v 1.32 2001/05/14 22:49:55 assar Exp $");
 
 static krb5_error_code
 get_kdc_address (krb5_context context,
 		 krb5_realm realm,
-		 struct addrinfo **ai)
+		 struct addrinfo **ai,
+		 char **ret_host)
 {
     krb5_error_code ret;
     char **hostlist;
     int port = 0;
     int error;
+    char *host;
+    int save_errno;
 
     ret = krb5_get_krb_changepw_hst (context,
 				     &realm,
@@ -51,12 +54,23 @@ get_kdc_address (krb5_context context,
     if (ret)
 	return ret;
 
+    host = strdup(*hostlist);
+    krb5_free_krbhst(context, hostlist);
+    if (host == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
+    }
+
     port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT));
-    error = roken_getaddrinfo_hostspec2(*hostlist, SOCK_DGRAM, port, ai);
+    error = roken_getaddrinfo_hostspec2(host, SOCK_DGRAM, port, ai);
 
-    krb5_free_krbhst (context, hostlist);
-    if(error)
-	return krb5_eai_to_heim_errno(error);
+    if(error) {
+	save_errno = errno;
+	krb5_set_error_string(context, "resolving %s: %s",
+			      host, gai_strerror(error));
+	return krb5_eai_to_heim_errno(error, save_errno);
+    }
+    *ret_host = host;
     return 0;
 }
 
@@ -67,7 +81,8 @@ send_request (krb5_context context,
 	      int sock,
 	      struct sockaddr *sa,
 	      int sa_size,
-	      char *passwd)
+	      char *passwd,
+	      const char *host)
 {
     krb5_error_code ret;
     krb5_data ap_req_data;
@@ -129,8 +144,10 @@ send_request (krb5_context context,
     iov[2].iov_base    = krb_priv_data.data;
     iov[2].iov_len     = krb_priv_data.length;
 
-    if (sendmsg (sock, &msghdr, 0) < 0)
+    if (sendmsg (sock, &msghdr, 0) < 0) {
 	ret = errno;
+	krb5_set_error_string(context, "sendmsg %s: %s", host, strerror(ret));
+    }
 
     krb5_data_free (&krb_priv_data);
 out2:
@@ -161,17 +178,23 @@ process_reply (krb5_context context,
 	       int sock,
 	       int *result_code,
 	       krb5_data *result_code_string,
-	       krb5_data *result_string)
+	       krb5_data *result_string,
+	       const char *host)
 {
     krb5_error_code ret;
     u_char reply[BUFSIZ];
     size_t len;
     u_int16_t pkt_len, pkt_ver;
     krb5_data ap_rep_data;
+    int save_errno;
 
     ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL);
-    if (ret < 0)
-	return errno;
+    if (ret < 0) {
+	save_errno = errno;
+	krb5_set_error_string(context, "recvfrom %s: %s",
+			      host, strerror(save_errno));
+	return save_errno;
+    }
 
     len = ret;
     pkt_len = (reply[0] << 8) | (reply[1]);
@@ -243,7 +266,7 @@ process_reply (krb5_context context,
 	}
 	if (error.e_data->length < 2) {
 	    krb5_warnx (context, "too short e_data to print anything usable");
-	    return 1;
+	    return 1;		/* XXX */
 	}
 
 	p = error.e_data->data;
@@ -255,6 +278,12 @@ process_reply (krb5_context context,
     }
 }
 
+/*
+ * change the password using the credentials in `creds' (for the
+ * principal indicated in them) to `newpw', storing the result of
+ * the operation in `result_*' and an error code or 0.
+ */
+
 krb5_error_code
 krb5_change_password (krb5_context	context,
 		      krb5_creds	*creds,
@@ -269,12 +298,13 @@ krb5_change_password (krb5_context	context,
     int i;
     struct addrinfo *ai, *a;
     int done = 0;
+    char *host = NULL;
 
     ret = krb5_auth_con_init (context, &auth_context);
     if (ret)
 	return ret;
 
-    ret = get_kdc_address (context, creds->client->realm, &ai);
+    ret = get_kdc_address (context, creds->client->realm, &ai, &host);
     if (ret)
 	goto out;
 
@@ -297,7 +327,8 @@ krb5_change_password (krb5_context	context,
 				    sock,
 				    a->ai_addr,
 				    a->ai_addrlen,
-				    newpw);
+				    newpw,
+				    host);
 		if (ret) {
 		    close(sock);
 		    goto out;
@@ -305,6 +336,7 @@ krb5_change_password (krb5_context	context,
 	    }
 	    
 	    if (sock >= FD_SETSIZE) {
+		krb5_set_error_string(context, "fd %d too large", sock);
 		ret = ERANGE;
 		close (sock);
 		goto out;
@@ -326,7 +358,8 @@ krb5_change_password (krb5_context	context,
 				     sock,
 				     result_code,
 				     result_code_string,
-				     result_string);
+				     result_string,
+				     host);
 		if (ret == 0)
 		    done = 1;
 		else if (i > 0 && ret == KRB5KRB_AP_ERR_MUT_FAIL)
@@ -341,8 +374,16 @@ krb5_change_password (krb5_context	context,
 
 out:
     krb5_auth_con_free (context, auth_context);
+    free (host);
     if (done)
 	return 0;
-    else
+    else {
+	if (ret == KRB5_KDC_UNREACH)
+	    krb5_set_error_string(context,
+				  "failed to reach kpasswd server %s "
+				  "in realm %s",
+				  host, creds->client->realm);
+
 	return ret;
+    }
 }
diff --git a/crypto/heimdal/lib/krb5/codec.c b/crypto/heimdal/lib/krb5/codec.c
index 1d94613..6a49e68 100644
--- a/crypto/heimdal/lib/krb5/codec.c
+++ b/crypto/heimdal/lib/krb5/codec.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,36 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: codec.c,v 1.6 1999/12/02 17:05:08 joda Exp $");
-
-/* these functions does what the normal asn.1-functions does, but
-   converts the keytype to/from the on-the-wire enctypes */
-
-#if 1
-#define DECODE(T, K) return decode_ ## T(data, length, t, len)
-#define ENCODE(T, K) return encode_ ## T(data, length, t, len)
-#else
-#define DECODE(T, K)					\
-{							\
-    krb5_error_code ret;				\
-    ret = decode_ ## T((void*)data, length, t, len);	\
-    if(ret)						\
-	return ret;					\
-    if(K)						\
-	ret = krb5_decode_keyblock(context, (K), 1);	\
-    return ret;						\
-}
-
-#define ENCODE(T, K)					\
-{							\
-    krb5_error_code ret = 0;				\
-    if(K)						\
-	ret = krb5_decode_keyblock(context, (K), 0);	\
-    if(ret)						\
-	return ret;					\
-    return encode_ ## T(data, length, t, len);		\
-}
-#endif
+RCSID("$Id: codec.c,v 1.7 2001/05/16 22:08:08 assar Exp $");
 
 krb5_error_code
 krb5_decode_EncTicketPart (krb5_context context,
@@ -71,7 +42,7 @@ krb5_decode_EncTicketPart (krb5_context context,
 			   EncTicketPart *t,
 			   size_t *len)
 {
-    DECODE(EncTicketPart, &t->key);
+    return decode_EncTicketPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -81,7 +52,7 @@ krb5_encode_EncTicketPart (krb5_context context,
 			   EncTicketPart *t,
 			   size_t *len)
 {
-    ENCODE(EncTicketPart, &t->key);
+    return encode_EncTicketPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -91,7 +62,7 @@ krb5_decode_EncASRepPart (krb5_context context,
 			  EncASRepPart *t,
 			  size_t *len)
 {
-    DECODE(EncASRepPart, &t->key);
+    return decode_EncASRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -101,7 +72,7 @@ krb5_encode_EncASRepPart (krb5_context context,
 			  EncASRepPart *t,
 			  size_t *len)
 {
-    ENCODE(EncASRepPart, &t->key);
+    return encode_EncASRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -111,7 +82,7 @@ krb5_decode_EncTGSRepPart (krb5_context context,
 			   EncTGSRepPart *t,
 			   size_t *len)
 {
-    DECODE(EncTGSRepPart, &t->key);
+    return decode_EncTGSRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -121,7 +92,7 @@ krb5_encode_EncTGSRepPart (krb5_context context,
 			   EncTGSRepPart *t,
 			   size_t *len)
 {
-    ENCODE(EncTGSRepPart, &t->key);
+    return encode_EncTGSRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -131,7 +102,7 @@ krb5_decode_EncAPRepPart (krb5_context context,
 			  EncAPRepPart *t,
 			  size_t *len)
 {
-    DECODE(EncAPRepPart, t->subkey);
+    return decode_EncAPRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -141,7 +112,7 @@ krb5_encode_EncAPRepPart (krb5_context context,
 			  EncAPRepPart *t,
 			  size_t *len)
 {
-    ENCODE(EncAPRepPart, t->subkey);
+    return encode_EncAPRepPart(data, length, t, len);
 }
 
 krb5_error_code
@@ -151,7 +122,7 @@ krb5_decode_Authenticator (krb5_context context,
 			   Authenticator *t,
 			   size_t *len)
 {
-    DECODE(Authenticator, t->subkey);
+    return decode_Authenticator(data, length, t, len);
 }
 
 krb5_error_code
@@ -161,7 +132,7 @@ krb5_encode_Authenticator (krb5_context context,
 			   Authenticator *t,
 			   size_t *len)
 {
-    ENCODE(Authenticator, t->subkey);
+    return encode_Authenticator(data, length, t, len);
 }
 
 krb5_error_code
@@ -171,19 +142,7 @@ krb5_decode_EncKrbCredPart (krb5_context context,
 			    EncKrbCredPart *t,
 			    size_t *len)
 {
-#if 1
     return decode_EncKrbCredPart(data, length, t, len);
-#else
-    krb5_error_code ret;
-    int i;
-    ret = decode_EncKrbCredPart((void*)data, length, t, len);
-    if(ret)
-	return ret;
-    for(i = 0; i < t->ticket_info.len; i++)
-	if((ret = krb5_decode_keyblock(context, &t->ticket_info.val[i].key, 1)))
-	    break;
-    return ret;
-#endif
 }
 
 krb5_error_code
@@ -193,15 +152,6 @@ krb5_encode_EncKrbCredPart (krb5_context context,
 			    EncKrbCredPart *t,
 			    size_t *len)
 {
-#if 0
-    krb5_error_code ret = 0;
-    int i;
-
-    for(i = 0; i < t->ticket_info.len; i++)
-	if((ret = krb5_decode_keyblock(context, &t->ticket_info.val[i].key, 0)))
-	    break;
-    if(ret) return ret;
-#endif
     return encode_EncKrbCredPart (data, length, t, len);
 }
 
@@ -212,21 +162,7 @@ krb5_decode_ETYPE_INFO (krb5_context context,
 			ETYPE_INFO *t,
 			size_t *len)
 {
-#if 1
     return decode_ETYPE_INFO(data, length, t, len);
-#else
-    krb5_error_code ret;
-    int i;
-
-    ret = decode_ETYPE_INFO((void*)data, length, t, len);
-    if(ret)
-	return ret;
-    for(i = 0; i < t->len; i++) {
-	if((ret = krb5_decode_keytype(context, &t->val[i].etype, 1)))
-	    break;
-    }
-    return ret;
-#endif
 }
 
 krb5_error_code
@@ -236,16 +172,5 @@ krb5_encode_ETYPE_INFO (krb5_context context,
 			ETYPE_INFO *t,
 			size_t *len)
 {
-#if 0
-    krb5_error_code ret = 0;
-
-    int i;
-    /* XXX this will break, since we need one key-info for each enctype */
-    /* XXX or do we? */
-    for(i = 0; i < t->len; i++)
-	if((ret = krb5_decode_keytype(context, &t->val[i].etype, 0)))
-	    break;
-    if(ret) return ret;
-#endif
     return encode_ETYPE_INFO (data, length, t, len);
 }
diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c
index d5d8a42..b53b69c 100644
--- a/crypto/heimdal/lib/krb5/config_file.c
+++ b/crypto/heimdal/lib/krb5/config_file.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999, 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,19 +32,20 @@
  */
 
 #include "krb5_locl.h"
-RCSID("$Id: config_file.c,v 1.41 2000/08/16 07:40:36 assar Exp $");
+RCSID("$Id: config_file.c,v 1.42 2001/05/14 06:14:45 assar Exp $");
 
 #ifndef HAVE_NETINFO
 
-static int parse_section(char *p, krb5_config_section **s,
-			 krb5_config_section **res,
-			 char **error_message);
-static int parse_binding(FILE *f, unsigned *lineno, char *p,
-			 krb5_config_binding **b,
-			 krb5_config_binding **parent,
-			 char **error_message);
-static int parse_list(FILE *f, unsigned *lineno, krb5_config_binding **parent,
-		      char **error_message);
+static krb5_error_code parse_section(char *p, krb5_config_section **s,
+				     krb5_config_section **res,
+				     char **error_message);
+static krb5_error_code parse_binding(FILE *f, unsigned *lineno, char *p,
+				     krb5_config_binding **b,
+				     krb5_config_binding **parent,
+				     char **error_message);
+static krb5_error_code parse_list(FILE *f, unsigned *lineno,
+				  krb5_config_binding **parent,
+				  char **error_message);
 
 /*
  * Parse a section:
@@ -61,7 +62,7 @@ static int parse_list(FILE *f, unsigned *lineno, krb5_config_binding **parent,
  * Store the error message in `error_message'.
  */
 
-static int
+static krb5_error_code
 parse_section(char *p, krb5_config_section **s, krb5_config_section **parent,
 	      char **error_message)
 {
@@ -71,18 +72,18 @@ parse_section(char *p, krb5_config_section **s, krb5_config_section **parent,
     p1 = strchr (p + 1, ']');
     if (p1 == NULL) {
 	*error_message = "missing ]";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     *p1 = '\0';
     tmp = malloc(sizeof(*tmp));
     if (tmp == NULL) {
 	*error_message = "out of memory";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     tmp->name = strdup(p+1);
     if (tmp->name == NULL) {
 	*error_message = "out of memory";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     tmp->type = krb5_config_list;
     tmp->u.list = NULL;
@@ -133,7 +134,7 @@ parse_list(FILE *f, unsigned *lineno, krb5_config_binding **parent,
     }
     *lineno = beg_lineno;
     *error_message = "unclosed {";
-    return -1;
+    return KRB5_CONFIG_BADFORMAT;
 }
 
 /*
@@ -154,14 +155,14 @@ parse_binding(FILE *f, unsigned *lineno, char *p,
 	++p;
     if (*p == '\0') {
 	*error_message = "no =";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     p2 = p;
     while (isspace((unsigned char)*p))
 	++p;
     if (*p != '=') {
 	*error_message = "no =";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     ++p;
     while(isspace((unsigned char)*p))
@@ -169,7 +170,7 @@ parse_binding(FILE *f, unsigned *lineno, char *p,
     tmp = malloc(sizeof(*tmp));
     if (tmp == NULL) {
 	*error_message = "out of memory";
-	return -1;
+	return KRB5_CONFIG_BADFORMAT;
     }
     *p2 = '\0';
     tmp->name = strdup(p1);
@@ -200,7 +201,7 @@ parse_binding(FILE *f, unsigned *lineno, char *p,
  * returning error messages in `error_message'
  */
 
-krb5_error_code
+static krb5_error_code
 krb5_config_parse_file_debug (const char *fname,
 			      krb5_config_section **res,
 			      unsigned *lineno,
@@ -210,7 +211,7 @@ krb5_config_parse_file_debug (const char *fname,
     krb5_config_section *s;
     krb5_config_binding *b;
     char buf[BUFSIZ];
-    int ret = 0;
+    krb5_error_code ret = 0;
 
     s = NULL;
     b = NULL;
@@ -240,7 +241,7 @@ krb5_config_parse_file_debug (const char *fname,
 	    b = NULL;
 	} else if (*p == '}') {
 	    *error_message = "unmatched }";
-	    ret = -1;
+	    ret = EINVAL;	/* XXX */
 	    goto out;
 	} else if(*p != '\0') {
 	    ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message);
@@ -254,12 +255,20 @@ out:
 }
 
 krb5_error_code
-krb5_config_parse_file (const char *fname, krb5_config_section **res)
+krb5_config_parse_file (krb5_context context,
+			const char *fname,
+			krb5_config_section **res)
 {
-    char *foo;
+    char *str;
     unsigned lineno;
+    krb5_error_code ret;
 
-    return krb5_config_parse_file_debug (fname, res, &lineno, &foo);
+    ret = krb5_config_parse_file_debug (fname, res, &lineno, &str);
+    if (ret) {
+	krb5_set_error_string (context, "%s:%u: %s", fname, lineno, str);
+	return ret;
+    }
+    return 0;
 }
 
 #endif /* !HAVE_NETINFO */
diff --git a/crypto/heimdal/lib/krb5/config_file_netinfo.c b/crypto/heimdal/lib/krb5/config_file_netinfo.c
index aeb939a..a035e88 100644
--- a/crypto/heimdal/lib/krb5/config_file_netinfo.c
+++ b/crypto/heimdal/lib/krb5/config_file_netinfo.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
  */
 
 #include "krb5_locl.h"
-RCSID("$Id: config_file_netinfo.c,v 1.2 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: config_file_netinfo.c,v 1.3 2001/05/14 06:14:45 assar Exp $");
 
 /*
  * Netinfo implementation from Luke Howard <lukeh@xedoc.com.au>
@@ -131,7 +131,9 @@ ni_idlist2binding(void *ni, ni_idlist *idlist, krb5_config_section **ret)
 }
 
 krb5_error_code
-krb5_config_parse_file (const char *fname, krb5_config_section **res)
+krb5_config_parse_file (krb5_context context,
+			const char *fname,
+			krb5_config_section **res)
 {
     void *ni = NULL, *lastni = NULL;
     int i;
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index 0cfac9a..2ba194b 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: context.c,v 1.59 2000/12/15 17:11:51 joda Exp $");
+RCSID("$Id: context.c,v 1.64 2001/05/16 22:24:42 assar Exp $");
 
 #define INIT_FIELD(C, T, E, D, F)					\
     (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), 	\
@@ -60,6 +60,7 @@ set_etypes (krb5_context context,
 	etypes = malloc((i+1) * sizeof(*etypes));
 	if (etypes == NULL) {
 	    krb5_config_free_strings (etypes_str);
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
 	}
 	for(j = 0, k = 0; j < i; j++) {
@@ -94,6 +95,9 @@ init_context_from_config_file(krb5_context context)
     INIT_FIELD(context, string, default_keytab, 
 	       KEYTAB_DEFAULT, "default_keytab_name");
 
+    INIT_FIELD(context, string, default_keytab_modify, 
+	       KEYTAB_DEFAULT_MODIFY, "default_keytab_modify_name");
+
     INIT_FIELD(context, string, time_fmt, 
 	       "%Y-%m-%dT%H:%M:%S", "time_format");
 
@@ -144,6 +148,8 @@ init_context_from_config_file(krb5_context context)
     krb5_kt_register (context, &krb5_mkt_ops);
     krb5_kt_register (context, &krb5_akf_ops);
     krb5_kt_register (context, &krb4_fkt_ops);
+    krb5_kt_register (context, &krb5_srvtab_fkt_ops);
+    krb5_kt_register (context, &krb5_any_ops);
     return 0;
 }
 
@@ -168,7 +174,7 @@ krb5_init_context(krb5_context *context)
     if (config_file == NULL)
 	config_file = krb5_config_file;
 
-    ret = krb5_config_parse_file (config_file, &tmp_cf);
+    ret = krb5_config_parse_file (p, config_file, &tmp_cf);
 
     if (ret == 0)
 	p->cf = tmp_cf;
@@ -210,7 +216,7 @@ krb5_free_context(krb5_context context)
  */
 
 static krb5_error_code
-default_etypes(krb5_enctype **etype)
+default_etypes(krb5_context context, krb5_enctype **etype)
 {
     krb5_enctype p[] = {
 	ETYPE_DES3_CBC_SHA1,
@@ -221,9 +227,12 @@ default_etypes(krb5_enctype **etype)
 	ETYPE_DES_CBC_CRC,
 	ETYPE_NULL
     };
+
     *etype = malloc(sizeof(p));
-    if(*etype == NULL)
+    if(*etype == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memcpy(*etype, p, sizeof(p));
     return 0;
 }
@@ -236,14 +245,18 @@ krb5_set_default_in_tkt_etypes(krb5_context context,
     krb5_enctype *p = NULL;
 
     if(etypes) {
-	i = 0;
-	while(etypes[i])
-	    if(!krb5_enctype_valid(context, etypes[i++]))
+	for (i = 0; etypes[i]; ++i)
+	    if(!krb5_enctype_valid(context, etypes[i])) {
+		krb5_set_error_string(context, "enctype %d not supported",
+				      etypes[i]);
 		return KRB5_PROG_ETYPE_NOSUPP;
+	    }
 	++i;
 	ALLOC(p, i);
-	if(!p)
+	if(!p) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 	memmove(p, etypes, i * sizeof(krb5_enctype));
     }
     if(context->etypes)
@@ -259,17 +272,22 @@ krb5_get_default_in_tkt_etypes(krb5_context context,
 {
   krb5_enctype *p;
   int i;
+  krb5_error_code ret;
 
   if(context->etypes) {
     for(i = 0; context->etypes[i]; i++);
     ++i;
     ALLOC(p, i);
-    if(!p)
+    if(!p) {
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
+    }
     memmove(p, context->etypes, i * sizeof(krb5_enctype));
-  } else
-    if(default_etypes(&p))
-      return ENOMEM;
+  } else {
+    ret = default_etypes(context, &p);
+    if (ret)
+      return ret;
+  }
   *etypes = p;
   return 0;
 }
@@ -287,9 +305,9 @@ void
 krb5_init_ets(krb5_context context)
 {
     if(context->et_list == NULL){
-	initialize_krb5_error_table_r(&context->et_list);
-	initialize_asn1_error_table_r(&context->et_list);
-	initialize_heim_error_table_r(&context->et_list);
+	krb5_add_et_list(context, initialize_krb5_error_table_r);
+	krb5_add_et_list(context, initialize_asn1_error_table_r);
+	krb5_add_et_list(context, initialize_heim_error_table_r);
     }
 }
 
@@ -325,8 +343,10 @@ krb5_set_extra_addresses(krb5_context context, const krb5_addresses *addresses)
     }
     if(context->extra_addresses == NULL) {
 	context->extra_addresses = malloc(sizeof(*context->extra_addresses));
-	if(context->extra_addresses == NULL)
+	if(context->extra_addresses == NULL) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
+	}
     }
     return krb5_copy_addresses(context, addresses, context->extra_addresses);
 }
diff --git a/crypto/heimdal/lib/krb5/convert_creds.c b/crypto/heimdal/lib/krb5/convert_creds.c
index 8459ee3..f248cd0 100644
--- a/crypto/heimdal/lib/krb5/convert_creds.c
+++ b/crypto/heimdal/lib/krb5/convert_creds.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
  */
 
 #include "krb5_locl.h"
-RCSID("$Id: convert_creds.c,v 1.15 2000/07/11 19:30:04 joda Exp $");
+RCSID("$Id: convert_creds.c,v 1.17 2001/05/14 06:14:45 assar Exp $");
 
 static krb5_error_code
 check_ticket_flags(TicketFlags f)
@@ -134,16 +134,15 @@ krb524_convert_creds_kdc(krb5_context context,
     krb5_creds *v5_creds = in_cred;
     krb5_keytype keytype;
 
-    ret = krb5_enctype_to_keytype (context, v5_creds->session.keytype,
-				   &keytype);
-    if (ret)
-	return ret;
+    keytype = v5_creds->session.keytype;
 
-    if (keytype != KEYTYPE_DES) {
+    if (keytype != ENCTYPE_DES_CBC_CRC) {
+	/* MIT krb524d doesn't like nothing but des-cbc-crc tickets,
+           so go get one */
 	krb5_creds template;
 
 	memset (&template, 0, sizeof(template));
-	template.session.keytype = KEYTYPE_DES;
+	template.session.keytype = ENCTYPE_DES_CBC_CRC;
 	ret = krb5_copy_principal (context, in_cred->client, &template.client);
 	if (ret) {
 	    krb5_free_creds_contents (context, &template);
@@ -197,6 +196,7 @@ krb524_convert_creds_kdc(krb5_context context,
     sp = krb5_storage_from_mem(reply.data, reply.length);
     if(sp == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string (context, "malloc: out of memory");
 	goto out2;
     }
     krb5_ret_int32(sp, &tmp);
@@ -204,10 +204,12 @@ krb524_convert_creds_kdc(krb5_context context,
     if(ret == 0) {
 	memset(v4creds, 0, sizeof(*v4creds));
 	ret = krb5_ret_int32(sp, &tmp);
-	if(ret) goto out;
+	if(ret)
+	    goto out;
 	v4creds->kvno = tmp;
 	ret = krb5_ret_data(sp, &ticket);
-	if(ret) goto out;
+	if(ret)
+	    goto out;
 	v4creds->ticket_st.length = ticket.length;
 	memcpy(v4creds->ticket_st.dat, ticket.data, ticket.length);
 	krb5_data_free(&ticket);
@@ -216,7 +218,8 @@ krb524_convert_creds_kdc(krb5_context context,
 				      v4creds->service, 
 				      v4creds->instance, 
 				      v4creds->realm);
-	if(ret) goto out;
+	if(ret)
+	    goto out;
 	v4creds->issue_date = v5_creds->times.authtime;
 	v4creds->lifetime = _krb_time_to_life(v4creds->issue_date,
 					      v5_creds->times.endtime);
@@ -224,7 +227,8 @@ krb524_convert_creds_kdc(krb5_context context,
 				      v4creds->pname, 
 				      v4creds->pinst, 
 				      realm);
-	if(ret) goto out;
+	if(ret)
+	    goto out;
 	memcpy(v4creds->session, v5_creds->session.keyvalue.data, 8);
     }
 out:
diff --git a/crypto/heimdal/lib/krb5/copy_host_realm.c b/crypto/heimdal/lib/krb5/copy_host_realm.c
index 4a8f3ec..38fdfa8 100644
--- a/crypto/heimdal/lib/krb5/copy_host_realm.c
+++ b/crypto/heimdal/lib/krb5/copy_host_realm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: copy_host_realm.c,v 1.3 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: copy_host_realm.c,v 1.4 2001/05/14 06:14:45 assar Exp $");
 
 /*
  * Copy the list of realms from `from' to `to'.
@@ -51,14 +51,17 @@ krb5_copy_host_realm(krb5_context context,
 	++n;
     ++n;
     *to = malloc (n * sizeof(**to));
-    if (*to == NULL)
+    if (*to == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     for (i = 0; i < n; ++i)
 	(*to)[i] = NULL;
     for (i = 0, p = from; *p != NULL; ++p, ++i) {
 	(*to)[i] = strdup(*p);
 	if ((*to)[i] == NULL) {
 	    krb5_free_host_realm (context, *to);
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
 	}
     }
diff --git a/crypto/heimdal/lib/krb5/creds.c b/crypto/heimdal/lib/krb5/creds.c
index 7051168..01c1c30 100644
--- a/crypto/heimdal/lib/krb5/creds.c
+++ b/crypto/heimdal/lib/krb5/creds.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: creds.c,v 1.14 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: creds.c,v 1.15 2001/05/14 06:14:45 assar Exp $");
 
 krb5_error_code
 krb5_free_cred_contents (krb5_context context, krb5_creds *c)
@@ -108,8 +108,10 @@ krb5_copy_creds (krb5_context context,
     krb5_creds *c;
 
     c = malloc (sizeof (*c));
-    if (c == NULL)
+    if (c == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memset (c, 0, sizeof(*c));
     *outcred = c;
     return krb5_copy_creds_contents (context, incred, c);
diff --git a/crypto/heimdal/lib/krb5/data.c b/crypto/heimdal/lib/krb5/data.c
index 21191e2..c6a5d75 100644
--- a/crypto/heimdal/lib/krb5/data.c
+++ b/crypto/heimdal/lib/krb5/data.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: data.c,v 1.15 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: data.c,v 1.16 2001/05/14 06:14:46 assar Exp $");
 
 void
 krb5_data_zero(krb5_data *p)
@@ -100,10 +100,14 @@ krb5_copy_data(krb5_context context,
 {
     krb5_error_code ret;
     ALLOC(*outdata, 1);
-    if(*outdata == NULL)
+    if(*outdata == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = copy_octet_string(indata, *outdata);
-    if(ret)
+    if(ret) {
+	krb5_clear_error_string (context);
 	free(*outdata);
+    }
     return ret;
 }
diff --git a/crypto/heimdal/lib/krb5/derived-key-test.c b/crypto/heimdal/lib/krb5/derived-key-test.c
new file mode 100644
index 0000000..0a47dd3
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/derived-key-test.c
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: derived-key-test.c,v 1.1 2001/03/12 07:44:52 assar Exp $");
+
+enum { MAXSIZE = 24 };
+
+static struct testcase {
+    krb5_enctype enctype;
+    unsigned char constant[MAXSIZE];
+    size_t constant_len;
+    unsigned char key[MAXSIZE];
+    unsigned char res[MAXSIZE];
+} tests[] = {
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
+    {0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c, 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92},
+    {0x92, 0x51, 0x79, 0xd0, 0x45, 0x91, 0xa7, 0x9b, 0x5d, 0x31, 0x92, 0xc4, 0xa7, 0xe9, 0xc2, 0x89, 0xb0, 0x49, 0xc7, 0x1f, 0x6e, 0xe6, 0x04, 0xcd}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
+     {0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b, 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2},
+     {0x9e, 0x58, 0xe5, 0xa1, 0x46, 0xd9, 0x94, 0x2a, 0x10, 0x1c, 0x46, 0x98, 0x45, 0xd6, 0x7a, 0x20, 0xe3, 0xc4, 0x25, 0x9e, 0xd9, 0x13, 0xf2, 0x07}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
+     {0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52, 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc},
+     {0x13, 0xfe, 0xf8, 0x0d, 0x76, 0x3e, 0x94, 0xec, 0x6d, 0x13, 0xfd, 0x2c, 0xa1, 0xd0, 0x85, 0x07, 0x02, 0x49, 0xda, 0xd3, 0x98, 0x08, 0xea, 0xbf}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
+     {0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02, 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5},
+     {0xf8, 0xdf, 0xbf, 0x04, 0xb0, 0x97, 0xe6, 0xd9, 0xdc, 0x07, 0x02, 0x68, 0x6b, 0xcb, 0x34, 0x89, 0xd9, 0x1f, 0xd9, 0xa4, 0x51, 0x6b, 0x70, 0x3e}},
+    {ETYPE_DES3_CBC_SHA1, {0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73}, 8,
+     {0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92, 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb},
+     {0x23, 0x70, 0xda, 0x57, 0x5d, 0x2a, 0x3d, 0xa8, 0x64, 0xce, 0xbf, 0xdc, 0x52, 0x04, 0xd5, 0x6d, 0xf7, 0x79, 0xa7, 0xdf, 0x43, 0xd9, 0xda, 0x43}},
+    {ETYPE_DES3_CBC_SHA1, {0x63, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65}, 7,
+     {0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3, 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76, 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e},
+     {0x01, 0x26, 0x38, 0x8a, 0xad, 0xc8, 0x1a, 0x1f, 0x2a, 0x62, 0xbc, 0x45, 0xf8, 0xd5, 0xc1, 0x91, 0x51, 0xba, 0xcd, 0xd5, 0xcb, 0x79, 0x8a, 0x3e}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
+     {0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d, 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda},
+     {0x34, 0x80, 0x57, 0xec, 0x98, 0xfd, 0xc4, 0x80, 0x16, 0x16, 0x1c, 0x2a, 0x4c, 0x7a, 0x94, 0x3e, 0x92, 0xae, 0x49, 0x2c, 0x98, 0x91, 0x75, 0xf7}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
+     {0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79, 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c},
+     {0xa8, 0x80, 0x8a, 0xc2, 0x67, 0xda, 0xda, 0x3d, 0xcb, 0xe9, 0xa7, 0xc8, 0x46, 0x26, 0xfb, 0xc7, 0x61, 0xc2, 0x94, 0xb0, 0x13, 0x15, 0xe5, 0xc1}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
+     {0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43},
+     {0xc8, 0x13, 0xf8, 0x8a, 0x3b, 0xe3, 0xb3, 0x34, 0xf7, 0x54, 0x25, 0xce, 0x91, 0x75, 0xfb, 0xe3, 0xc8, 0x49, 0x3b, 0x89, 0xc8, 0x70, 0x3b, 0x49}},
+    {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
+     {0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16},
+     {0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94, 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37, 0xec, 0x5d}},
+    {0}
+};
+
+int
+main(int argc, char **argv)
+{
+    struct testcase *t;
+    krb5_context context;
+    krb5_error_code ret;
+    int val = 0;
+
+    ret = krb5_init_context (&context);
+    if (ret)
+	errx (1, "krb5_init_context failed: %d", ret);
+
+    for (t = tests; t->enctype != 0; ++t) {
+	krb5_keyblock key;
+	krb5_keyblock *dkey;
+
+	key.keytype = KEYTYPE_DES3;
+	key.keyvalue.length = MAXSIZE;
+	key.keyvalue.data   = t->key;
+
+	ret = krb5_derive_key(context, &key, t->enctype, t->constant,
+			      t->constant_len, &dkey);
+	if (ret)
+	    krb5_err (context, 1, ret, "krb5_derive_key");
+	if (memcmp (dkey->keyvalue.data, t->res, dkey->keyvalue.length) != 0) {
+	    const unsigned char *p = dkey->keyvalue.data;
+	    int i;
+
+	    printf ("derive_key failed\n");
+	    printf ("should be: ");
+	    for (i = 0; i < dkey->keyvalue.length; ++i)
+		printf ("%02x", t->res[i]);
+	    printf ("\nresult was: ");
+	    for (i = 0; i < dkey->keyvalue.length; ++i)
+		printf ("%02x", p[i]);
+	    printf ("\n");
+	    val = 1;
+	}
+    }
+    return val;
+}
diff --git a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c
index b9272dd..924be7c 100644
--- a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c
+++ b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,10 +33,16 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: eai_to_heim_errno.c,v 1.1 2000/07/08 13:03:36 joda Exp $");
+RCSID("$Id: eai_to_heim_errno.c,v 1.3 2001/05/14 22:48:33 assar Exp $");
+
+/*
+ * convert the getaddrinfo error code in `eai_errno' into a
+ * krb5_error_code. `system_error' should have the value of the errno
+ * after the failed call.
+ */
 
 krb5_error_code
-krb5_eai_to_heim_errno(int eai_errno)
+krb5_eai_to_heim_errno(int eai_errno, int system_error)
 {
     switch(eai_errno) {
     case EAI_NOERROR:
@@ -62,7 +68,26 @@ krb5_eai_to_heim_errno(int eai_errno)
     case EAI_SOCKTYPE:
 	return HEIM_EAI_SOCKTYPE;
     case EAI_SYSTEM:
-	return errno;
+	return system_error;
+    default:
+	return HEIM_EAI_UNKNOWN; /* XXX */
+    }
+}
+
+krb5_error_code
+krb5_h_errno_to_heim_errno(int eai_errno)
+{
+    switch(eai_errno) {
+    case 0:
+	return 0;
+    case HOST_NOT_FOUND:
+	return HEIM_EAI_NONAME;
+    case TRY_AGAIN:
+	return HEIM_EAI_AGAIN;
+    case NO_RECOVERY:
+	return HEIM_EAI_FAIL;
+    case NO_DATA:
+	return HEIM_EAI_NONAME;
     default:
 	return HEIM_EAI_UNKNOWN; /* XXX */
     }
diff --git a/crypto/heimdal/lib/krb5/error_string.c b/crypto/heimdal/lib/krb5/error_string.c
new file mode 100644
index 0000000..bf73448
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/error_string.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: error_string.c,v 1.1 2001/05/06 23:07:22 assar Exp $");
+
+#undef __attribute__
+#define __attribute__(X)
+
+void
+krb5_free_error_string(krb5_context context, char *str)
+{
+    if (str != context->error_buf)
+	free(str);
+}
+
+void
+krb5_clear_error_string(krb5_context context)
+{
+    if (context->error_string != NULL
+	&& context->error_string != context->error_buf)
+	free(context->error_string);
+    context->error_string = NULL;
+}
+
+krb5_error_code
+krb5_set_error_string(krb5_context context, const char *fmt, ...)
+    __attribute__((format (printf, 2, 3)))
+{
+    krb5_error_code ret;
+    va_list ap;
+
+    va_start(ap, fmt);
+    ret = krb5_vset_error_string (context, fmt, ap);
+    va_end(ap);
+    return ret;
+}
+
+krb5_error_code
+krb5_vset_error_string(krb5_context context, const char *fmt, va_list args)
+    __attribute__ ((format (printf, 2, 0)))
+{
+    krb5_clear_error_string(context);
+    vasprintf(&context->error_string, fmt, args);
+    if(context->error_string == NULL) {
+	vsnprintf (context->error_buf, sizeof(context->error_buf), fmt, args);
+	context->error_string = context->error_buf;
+    }
+    return 0;
+}
+
+char*
+krb5_get_error_string(krb5_context context)
+{
+    char *ret = context->error_string;
+    context->error_string = NULL;
+    return ret;
+}
+
+krb5_boolean
+krb5_have_error_string(krb5_context context)
+{
+    return context->error_string != NULL;
+}
diff --git a/crypto/heimdal/lib/krb5/expand_hostname.c b/crypto/heimdal/lib/krb5/expand_hostname.c
index 72c5718..848c8ab 100644
--- a/crypto/heimdal/lib/krb5/expand_hostname.c
+++ b/crypto/heimdal/lib/krb5/expand_hostname.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: expand_hostname.c,v 1.9 2000/02/23 03:12:07 assar Exp $");
+RCSID("$Id: expand_hostname.c,v 1.10 2001/05/14 06:14:46 assar Exp $");
 
 static krb5_error_code
 copy_hostname(krb5_context context,
@@ -41,8 +41,10 @@ copy_hostname(krb5_context context,
 	      char **new_hostname)
 {
     *new_hostname = strdup (orig_hostname);
-    if (*new_hostname == NULL)
+    if (*new_hostname == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     strlwr (*new_hostname);
     return 0;
 }
@@ -70,10 +72,12 @@ krb5_expand_hostname (krb5_context context,
 	if (a->ai_canonname != NULL) {
 	    *new_hostname = strdup (a->ai_canonname);
 	    freeaddrinfo (ai);
-	    if (*new_hostname == NULL)
+	    if (*new_hostname == NULL) {
+		krb5_set_error_string(context, "malloc: out of memory");
 		return ENOMEM;
-	    else
+	    } else {
 		return 0;
+	    }
 	}
     }
     freeaddrinfo (ai);
diff --git a/crypto/heimdal/lib/krb5/fcache.c b/crypto/heimdal/lib/krb5/fcache.c
index fbdb3a1..317f702 100644
--- a/crypto/heimdal/lib/krb5/fcache.c
+++ b/crypto/heimdal/lib/krb5/fcache.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: fcache.c,v 1.31 2000/12/05 09:15:10 joda Exp $");
+RCSID("$Id: fcache.c,v 1.33 2001/05/14 06:14:46 assar Exp $");
 
 typedef struct krb5_fcache{
     char *filename;
@@ -70,11 +70,14 @@ fcc_resolve(krb5_context context, krb5_ccache *id, const char *res)
 {
     krb5_fcache *f;
     f = malloc(sizeof(*f));
-    if(f == NULL)
+    if(f == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     f->filename = strdup(res);
     if(f->filename == NULL){
 	free(f);
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
     }
     f->version = 0;
@@ -171,18 +174,23 @@ fcc_gen_new(krb5_context context, krb5_ccache *id)
     krb5_fcache *f;
     int fd;
     char *file;
+
     f = malloc(sizeof(*f));
-    if(f == NULL)
+    if(f == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT);
     if(file == NULL) {
 	free(f);
+	krb5_set_error_string(context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
     }
     fd = mkstemp(file);
     if(fd < 0) {
 	free(f);
 	free(file);
+	krb5_set_error_string(context, "mkstemp %s", file);
 	return errno;
     }
     close(fd);
@@ -231,8 +239,12 @@ fcc_initialize(krb5_context context,
     unlink (filename);
   
     fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600);
-    if(fd == -1)
-	return errno;
+    if(fd == -1) {
+	ret = errno;
+	krb5_set_error_string(context, "open(%s): %s", filename,
+			      strerror(ret));
+	return ret;
+    }
     {
 	krb5_storage *sp;    
 	sp = krb5_storage_from_fd(fd);
@@ -259,8 +271,11 @@ fcc_initialize(krb5_context context,
 	krb5_storage_free(sp);
     }
     if(close(fd) < 0)
-	if (ret == 0)
+	if (ret == 0) {
 	    ret = errno;
+	    krb5_set_error_string (context, "close %s: %s", filename,
+				   strerror(ret));
+	}
 	
     return ret;
 }
@@ -298,8 +313,11 @@ fcc_store_cred(krb5_context context,
     f = FILENAME(id);
 
     fd = open(f, O_WRONLY | O_APPEND | O_BINARY);
-    if(fd < 0)
-	return errno;
+    if(fd < 0) {
+	ret = errno;
+	krb5_set_error_string (context, "open(%s): %s", f, strerror(ret));
+	return ret;
+    }
     {
 	krb5_storage *sp;
 	sp = krb5_storage_from_fd(fd);
@@ -308,8 +326,10 @@ fcc_store_cred(krb5_context context,
 	krb5_storage_free(sp);
     }
     if (close(fd) < 0)
-	if (ret == 0)
+	if (ret == 0) {
 	    ret = errno;
+	    krb5_set_error_string (context, "close %s: %s", f, strerror(ret));
+	}
     return ret;
 }
 
@@ -339,12 +359,18 @@ init_fcc (krb5_context context,
     krb5_error_code ret;
 
     fd = open(fcache->filename, O_RDONLY | O_BINARY);
-    if(fd < 0)
-	return errno;
+    if(fd < 0) {
+	ret = errno;
+	krb5_set_error_string(context, "open(%s): %s", fcache->filename,
+			      strerror(ret));
+	return ret;
+    }
     sp = krb5_storage_from_fd(fd);
     ret = krb5_ret_int8(sp, &pvno);
-    if(ret == KRB5_CC_END)
+    if(ret == KRB5_CC_END) {
+
 	return ENOENT;
+    }
     if(ret)
 	return ret;
     if(pvno != 5) {
diff --git a/crypto/heimdal/lib/krb5/generate_seq_number.c b/crypto/heimdal/lib/krb5/generate_seq_number.c
index 3ebe562..795c3f3 100644
--- a/crypto/heimdal/lib/krb5/generate_seq_number.c
+++ b/crypto/heimdal/lib/krb5/generate_seq_number.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: generate_seq_number.c,v 1.7 2000/04/08 21:20:45 assar Exp $");
+RCSID("$Id: generate_seq_number.c,v 1.8 2001/05/08 14:05:37 assar Exp $");
 
 krb5_error_code
 krb5_generate_seq_number(krb5_context context,
@@ -57,6 +57,6 @@ krb5_generate_seq_number(krb5_context context,
 	q = (q << 8) | *p;
     q &= 0xffffffff;
     *seqno = q;
-    krb5_free_keyblock_contents (context, subkey);
+    krb5_free_keyblock (context, subkey);
     return 0;
 }
diff --git a/crypto/heimdal/lib/krb5/generate_subkey.c b/crypto/heimdal/lib/krb5/generate_subkey.c
index a5b2e9e..3fb22f9 100644
--- a/crypto/heimdal/lib/krb5/generate_subkey.c
+++ b/crypto/heimdal/lib/krb5/generate_subkey.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: generate_subkey.c,v 1.7 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: generate_subkey.c,v 1.8 2001/05/14 06:14:46 assar Exp $");
 
 krb5_error_code
 krb5_generate_subkey(krb5_context context,
@@ -43,8 +43,10 @@ krb5_generate_subkey(krb5_context context,
     krb5_error_code ret;
 
     ALLOC(*subkey, 1);
-    if (*subkey == NULL)
+    if (*subkey == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = krb5_generate_random_keyblock(context, key->keytype, *subkey);
     if(ret)
 	free(*subkey);
diff --git a/crypto/heimdal/lib/krb5/get_addrs.c b/crypto/heimdal/lib/krb5/get_addrs.c
index 7b9d74c..c05569f 100644
--- a/crypto/heimdal/lib/krb5/get_addrs.c
+++ b/crypto/heimdal/lib/krb5/get_addrs.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_addrs.c,v 1.40 2000/12/10 20:07:05 assar Exp $");
+RCSID("$Id: get_addrs.c,v 1.41 2001/05/14 06:14:46 assar Exp $");
 
 #ifdef __osf__
 /* hate */
@@ -46,30 +46,39 @@ struct mbuf;
 #include <ifaddrs.h>
 
 static krb5_error_code
-gethostname_fallback (krb5_addresses *res)
+gethostname_fallback (krb5_context context, krb5_addresses *res)
 {
-    krb5_error_code err;
+    krb5_error_code ret;
     char hostname[MAXHOSTNAMELEN];
     struct hostent *hostent;
 
-    if (gethostname (hostname, sizeof(hostname)))
-	return errno;
+    if (gethostname (hostname, sizeof(hostname))) {
+	ret = errno;
+	krb5_set_error_string (context, "gethostname: %s", strerror(ret));
+	return ret;
+    }
     hostent = roken_gethostbyname (hostname);
-    if (hostent == NULL)
-	return errno;
+    if (hostent == NULL) {
+	ret = errno;
+	krb5_set_error_string (context, "gethostbyname %s: %s",
+			       hostname, strerror(ret));
+	return ret;
+    }
     res->len = 1;
     res->val = malloc (sizeof(*res->val));
-    if (res->val == NULL)
+    if (res->val == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     res->val[0].addr_type = hostent->h_addrtype;
     res->val[0].address.data = NULL;
     res->val[0].address.length = 0;
-    err = krb5_data_copy (&res->val[0].address,
+    ret = krb5_data_copy (&res->val[0].address,
 			  hostent->h_addr,
 			  hostent->h_length);
-    if (err) {
+    if (ret) {
 	free (res->val);
-	return err;
+	return ret;
     }
     return 0;
 }
@@ -96,8 +105,11 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
 
     res->val = NULL;
 
-    if (getifaddrs(&ifa0) == -1)
-	return (errno);
+    if (getifaddrs(&ifa0) == -1) {
+	ret = errno;
+	krb5_set_error_string(context, "getifaddrs: %s", strerror(ret));
+	return (ret);
+    }
 
     memset(&sa_zero, 0, sizeof(sa_zero));
 
@@ -107,6 +119,7 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
 
     if (num == 0) {
 	freeifaddrs(ifa0);
+	krb5_set_error_string(context, "no addresses found");
 	return (ENXIO);
     }
 
@@ -114,6 +127,7 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
     res->val = calloc(num, sizeof(*res->val));
     if (res->val == NULL) {
 	freeifaddrs(ifa0);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return (ENOMEM);
     }
 
@@ -132,7 +146,7 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
 		continue;
 	}
 
-	ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]);
+	ret = krb5_sockaddr2address(context, ifa->ifa_addr, &res->val[idx]);
 	if (ret) {
 	    /*
 	     * The most likely error here is going to be "Program
@@ -159,7 +173,8 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
 		continue;
 
 	    if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) {
-		ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]);
+		ret = krb5_sockaddr2address(context,
+					    ifa->ifa_addr, &res->val[idx]);
 		if (ret) {
 		    /*
 		     * See comment above.
@@ -187,7 +202,7 @@ get_addrs_int (krb5_context context, krb5_addresses *res, int flags)
     if (flags & SCAN_INTERFACES) {
 	ret = find_all_addresses (context, res, flags);
 	if(ret || res->len == 0)
-	    ret = gethostname_fallback (res);
+	    ret = gethostname_fallback (context, res);
     } else
 	ret = 0;
 
diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c
index e649cfe..2af940c 100644
--- a/crypto/heimdal/lib/krb5/get_cred.c
+++ b/crypto/heimdal/lib/krb5/get_cred.c
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: get_cred.c,v 1.82 2001/01/19 04:29:44 assar Exp $");
+RCSID("$Id: get_cred.c,v 1.85 2001/05/14 06:14:46 assar Exp $");
 
 /*
  * Take the `body' and encode it into `padata' using the credentials
@@ -45,7 +45,8 @@ make_pa_tgs_req(krb5_context context,
 		krb5_auth_context ac,
 		KDC_REQ_BODY *body,
 		PA_DATA *padata,
-		krb5_creds *creds)
+		krb5_creds *creds,
+		krb5_key_usage usage)
 {
     u_char *buf;
     size_t buf_size;
@@ -55,8 +56,10 @@ make_pa_tgs_req(krb5_context context,
 
     buf_size = 1024;
     buf = malloc (buf_size);
-    if (buf == NULL)
+    if (buf == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     do {
 	ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size,
@@ -68,6 +71,7 @@ make_pa_tgs_req(krb5_context context,
 		buf_size *= 2;
 		tmp = realloc (buf, buf_size);
 		if (tmp == NULL) {
+		    krb5_set_error_string(context, "malloc: out of memory");
 		    ret = ENOMEM;
 		    goto out;
 		}
@@ -83,7 +87,8 @@ make_pa_tgs_req(krb5_context context,
     ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
 			       &padata->padata_value,
 			       KRB5_KU_TGS_REQ_AUTH_CKSUM,
-			       KRB5_KU_TGS_REQ_AUTH);
+			       usage
+			       /* KRB5_KU_TGS_REQ_AUTH */);
 out:
     free (buf);
     if(ret)
@@ -110,8 +115,10 @@ set_auth_data (krb5_context context,
 
 	len = length_AuthorizationData(authdata);
 	buf = malloc(len);
-	if (buf == NULL)
+	if (buf == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 	ret = encode_AuthorizationData(buf + len - 1,
 				       len, authdata, &len);
 	if (ret) {
@@ -122,7 +129,8 @@ set_auth_data (krb5_context context,
 	ALLOC(req_body->enc_authorization_data, 1);
 	if (req_body->enc_authorization_data == NULL) {
 	    free (buf);
-	    return ret;
+	    krb5_set_error_string(context, "malloc: out of memory");
+	    return ENOMEM;
 	}
 	ret = krb5_crypto_init(context, key, 0, &crypto);
 	if (ret) {
@@ -162,7 +170,8 @@ init_tgs_req (krb5_context context,
 	      krb5_creds *krbtgt,
 	      unsigned nonce,
 	      krb5_keyblock **subkey,
-	      TGS_REQ *t)
+	      TGS_REQ *t,
+	      krb5_key_usage usage)
 {
     krb5_error_code ret;
 
@@ -190,6 +199,7 @@ init_tgs_req (krb5_context context,
     ALLOC(t->req_body.sname, 1);
     if (t->req_body.sname == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
 
@@ -205,6 +215,7 @@ init_tgs_req (krb5_context context,
     ALLOC(t->req_body.till, 1);
     if(t->req_body.till == NULL){
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
     *t->req_body.till = in_creds->times.endtime;
@@ -214,11 +225,13 @@ init_tgs_req (krb5_context context,
 	ALLOC(t->req_body.additional_tickets, 1);
 	if (t->req_body.additional_tickets == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	ALLOC_SEQ(t->req_body.additional_tickets, 1);
 	if (t->req_body.additional_tickets->val == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	ret = copy_Ticket(second_ticket, t->req_body.additional_tickets->val); 
@@ -228,11 +241,13 @@ init_tgs_req (krb5_context context,
     ALLOC(t->padata, 1);
     if (t->padata == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
     ALLOC_SEQ(t->padata, 1);
     if (t->padata->val == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
 
@@ -266,7 +281,8 @@ init_tgs_req (krb5_context context,
 			      ac,
 			      &t->req_body, 
 			      t->padata->val,
-			      krbtgt);
+			      krbtgt,
+			      usage);
 	if(ret) {
 	    krb5_free_keyblock (context, key);
 	    krb5_auth_con_free(context, ac);
@@ -366,13 +382,14 @@ decrypt_tkt_with_subkey (krb5_context context,
 }
 
 static krb5_error_code
-get_cred_kdc(krb5_context context, 
-	     krb5_ccache id, 
-	     krb5_kdc_flags flags,
-	     krb5_addresses *addresses, 
-	     krb5_creds *in_creds, 
-	     krb5_creds *krbtgt,
-	     krb5_creds *out_creds)
+get_cred_kdc_usage(krb5_context context, 
+		   krb5_ccache id, 
+		   krb5_kdc_flags flags,
+		   krb5_addresses *addresses, 
+		   krb5_creds *in_creds, 
+		   krb5_creds *krbtgt,
+		   krb5_creds *out_creds,
+		   krb5_key_usage usage)
 {
     TGS_REQ req;
     krb5_data enc;
@@ -407,7 +424,8 @@ get_cred_kdc(krb5_context context,
 			krbtgt,
 			nonce,
 			&subkey, 
-			&req);
+			&req,
+			usage);
     if(flags.b.enc_tkt_in_skey)
 	free_Ticket(&second_ticket);
     if (ret)
@@ -416,6 +434,7 @@ get_cred_kdc(krb5_context context,
     buf_size = 1024;
     buf = malloc (buf_size);
     if (buf == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto out;
     }
@@ -430,6 +449,7 @@ get_cred_kdc(krb5_context context,
 		buf_size *= 2;
 		tmp = realloc (buf, buf_size);
 		if (tmp == NULL) {
+		    krb5_set_error_string(context, "malloc: out of memory");
 		    ret = ENOMEM;
 		    goto out;
 		}
@@ -487,13 +507,16 @@ get_cred_kdc(krb5_context context,
 	krb5_free_kdc_rep(context, &rep);
 	if (ret)
 	    goto out;
-    }else if(krb5_rd_error(context, &resp, &error) == 0){
-	ret = error.error_code;
-	free_KRB_ERROR(&error);
-    }else if(resp.data && ((char*)resp.data)[0] == 4)
+    } else if(krb5_rd_error(context, &resp, &error) == 0) {
+	ret = krb5_error_from_rd_error(context, &error, in_creds);
+	krb5_free_error_contents(context, &error);
+    } else if(resp.data && ((char*)resp.data)[0] == 4) {
 	ret = KRB5KRB_AP_ERR_V4_REPLY;
-    else
+	krb5_clear_error_string(context);
+    } else {
 	ret = KRB5KRB_AP_ERR_MSG_TYPE;
+	krb5_clear_error_string(context);
+    }
     krb5_data_free(&resp);
 out:
     if(subkey){
@@ -506,6 +529,27 @@ out:
     
 }
 
+static krb5_error_code
+get_cred_kdc(krb5_context context, 
+	     krb5_ccache id, 
+	     krb5_kdc_flags flags,
+	     krb5_addresses *addresses, 
+	     krb5_creds *in_creds, 
+	     krb5_creds *krbtgt,
+	     krb5_creds *out_creds)
+{
+    krb5_error_code ret;
+
+    ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds,
+			     krbtgt, out_creds, KRB5_KU_TGS_REQ_AUTH);
+    if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
+	krb5_clear_error_string (context);
+	ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds,
+				 krbtgt, out_creds, KRB5_KU_AP_REQ_AUTH);
+    }
+    return ret;
+}
+
 /* same as above, just get local addresses first */
 
 static krb5_error_code
@@ -535,9 +579,12 @@ krb5_get_kdc_cred(krb5_context context,
 {
     krb5_error_code ret;
     krb5_creds *krbtgt;
+
     *out_creds = calloc(1, sizeof(**out_creds));
-    if(*out_creds == NULL)
+    if(*out_creds == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = get_krbtgt (context,
 		      id,
 		      in_creds->server->realm,
@@ -577,6 +624,7 @@ find_cred(krb5_context context,
 	}
 	tgts++;
     }
+    krb5_clear_error_string(context);
     return KRB5_CC_NOTFOUND;
 }
 
@@ -586,10 +634,13 @@ add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt)
     int i;
     krb5_error_code ret;
     krb5_creds **tmp = *tgts;
+
     for(i = 0; tmp && tmp[i]; i++); /* XXX */
     tmp = realloc(tmp, (i+2)*sizeof(*tmp));
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *tgts = tmp;
     ret = krb5_copy_creds(context, tkt, &tmp[i]);
     tmp[i+1] = NULL;
@@ -654,9 +705,10 @@ get_cred_from_kdc_flags(krb5_context context,
 			*ret_tgts, &tgts);
 	if(ret == 0){
 	    *out_creds = calloc(1, sizeof(**out_creds));
-	    if(*out_creds == NULL)
+	    if(*out_creds == NULL) {
+		krb5_set_error_string(context, "malloc: out of memory");
 		ret = ENOMEM;
-	    else {
+	    } else {
 		ret = get_cred_kdc_la(context, ccache, flags, 
 				      in_creds, &tgts, *out_creds);
 		if (ret) {
@@ -670,8 +722,10 @@ get_cred_from_kdc_flags(krb5_context context,
 	    return ret;
 	}
     }
-    if(krb5_realm_compare(context, in_creds->client, in_creds->server))
+    if(krb5_realm_compare(context, in_creds->client, in_creds->server)) {
+	krb5_clear_error_string (context);
 	return KRB5_CC_NOTFOUND;
+    }
     /* XXX this can loop forever */
     while(1){
 	general_string tgt_inst;
@@ -711,9 +765,10 @@ get_cred_from_kdc_flags(krb5_context context,
     krb5_free_principal(context, tmp_creds.server);
     krb5_free_principal(context, tmp_creds.client);
     *out_creds = calloc(1, sizeof(**out_creds));
-    if(*out_creds == NULL)
+    if(*out_creds == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	ret = ENOMEM;
-    else {
+    } else {
 	ret = get_cred_kdc_la(context, ccache, flags, 
 				      in_creds, tgt, *out_creds);
 	if (ret) {
@@ -726,16 +781,28 @@ get_cred_from_kdc_flags(krb5_context context,
 }
 
 krb5_error_code
+krb5_get_cred_from_kdc_opt(krb5_context context,
+			   krb5_ccache ccache,
+			   krb5_creds *in_creds,
+			   krb5_creds **out_creds,
+			   krb5_creds ***ret_tgts,
+			   krb5_flags flags)
+{
+    krb5_kdc_flags f;
+    f.i = flags;
+    return get_cred_from_kdc_flags(context, f, ccache, 
+				   in_creds, out_creds, ret_tgts);
+}
+
+krb5_error_code
 krb5_get_cred_from_kdc(krb5_context context,
 		       krb5_ccache ccache,
 		       krb5_creds *in_creds,
 		       krb5_creds **out_creds,
 		       krb5_creds ***ret_tgts)
 {
-    krb5_kdc_flags f;
-    f.i = 0;
-    return get_cred_from_kdc_flags(context, f, ccache, 
-				   in_creds, out_creds, ret_tgts);
+    return krb5_get_cred_from_kdc_opt(context, ccache, 
+				      in_creds, out_creds, ret_tgts, 0);
 }
      
 
@@ -754,8 +821,10 @@ krb5_get_credentials_with_flags(krb5_context context,
     
     *out_creds = NULL;
     res_creds = calloc(1, sizeof(*res_creds));
-    if (res_creds == NULL)
+    if (res_creds == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     ret = krb5_cc_retrieve_cred(context,
 				ccache,
@@ -769,8 +838,10 @@ krb5_get_credentials_with_flags(krb5_context context,
     free(res_creds);
     if(ret != KRB5_CC_END)
 	return ret;
-    if(options & KRB5_GC_CACHED)
+    if(options & KRB5_GC_CACHED) {
+	krb5_clear_error_string (context);
 	return KRB5_CC_NOTFOUND;
+    }
     if(options & KRB5_GC_USER_USER)
 	flags.b.enc_tkt_in_skey = 1;
     tgts = NULL;
diff --git a/crypto/heimdal/lib/krb5/get_default_principal.c b/crypto/heimdal/lib/krb5/get_default_principal.c
index 84d7a5e..f8ed48f 100644
--- a/crypto/heimdal/lib/krb5/get_default_principal.c
+++ b/crypto/heimdal/lib/krb5/get_default_principal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,12 +33,23 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_default_principal.c,v 1.5 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: get_default_principal.c,v 1.7 2001/05/14 06:14:46 assar Exp $");
 
 /*
  * Try to find out what's a reasonable default principal.
  */
 
+static const char*
+get_env_user(void)
+{
+    const char *user = getenv("USER");
+    if(user == NULL)
+	user = getenv("LOGNAME");
+    if(user == NULL)
+	user = getenv("USERNAME");
+    return user;
+}
+
 krb5_error_code
 krb5_get_default_principal (krb5_context context,
 			    krb5_principal *princ)
@@ -46,6 +57,7 @@ krb5_get_default_principal (krb5_context context,
     krb5_error_code ret;
     krb5_ccache id;
     const char *user;
+    uid_t uid;
 
     ret = krb5_cc_default (context, &id);
     if (ret == 0) {
@@ -55,13 +67,32 @@ krb5_get_default_principal (krb5_context context,
 	    return 0;
     }
 
-    user = get_default_username ();
-    if (user == NULL)
-	return ENOTTY;
-    if (getuid () == 0) {
-	ret = krb5_make_principal(context, princ, NULL, user, "root", NULL);
+
+    uid = getuid();    
+    if(uid == 0) {
+	user = getlogin();
+	if(user == NULL)
+	    user = get_env_user();
+	if(user != NULL && strcmp(user, "root") != 0)
+	    ret = krb5_make_principal(context, princ, NULL, user, "root", NULL);
+	else
+	    ret = krb5_make_principal(context, princ, NULL, "root", NULL);
     } else {
+	struct passwd *pw = getpwuid(uid);	
+	if(pw != NULL)
+	    user = pw->pw_name;
+	else {
+	    user = get_env_user();
+	    if(user == NULL)
+		user = getlogin();
+	}
+	if(user == NULL) {
+	    krb5_set_error_string(context,
+				  "unable to figure out current principal");
+	    return ENOTTY; /* XXX */
+	}
 	ret = krb5_make_principal(context, princ, NULL, user, NULL);
     }
+
     return ret;
 }
diff --git a/crypto/heimdal/lib/krb5/get_default_realm.c b/crypto/heimdal/lib/krb5/get_default_realm.c
index 3f9b901..c090cea 100644
--- a/crypto/heimdal/lib/krb5/get_default_realm.c
+++ b/crypto/heimdal/lib/krb5/get_default_realm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_default_realm.c,v 1.8 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: get_default_realm.c,v 1.9 2001/05/14 06:14:47 assar Exp $");
 
 /*
  * Return a NULL-terminated list of default realms in `realms'.
@@ -73,8 +73,10 @@ krb5_get_default_realm(krb5_context context,
     }
 
     res = strdup (context->default_realms[0]);
-    if (res == NULL)
+    if (res == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *realm = res;
     return 0;
 }
diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c
index 103b757..febd061 100644
--- a/crypto/heimdal/lib/krb5/get_for_creds.c
+++ b/crypto/heimdal/lib/krb5/get_for_creds.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: get_for_creds.c,v 1.27 2000/08/18 06:47:40 assar Exp $");
+RCSID("$Id: get_for_creds.c,v 1.29 2001/05/14 22:49:55 assar Exp $");
 
 static krb5_error_code
 add_addrs(krb5_context context,
@@ -53,6 +53,7 @@ add_addrs(krb5_context context,
     addr->len += n;
     tmp = realloc(addr->val, addr->len * sizeof(*addr->val));
     if (tmp == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto fail;
     }
@@ -62,10 +63,12 @@ add_addrs(krb5_context context,
 	krb5_data_zero(&addr->val[i].address);
     }
     for (a = ai; a != NULL; a = a->ai_next) {
-	ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i]);
+	ret = krb5_sockaddr2address (context, a->ai_addr, &addr->val[i]);
 	if (ret == 0)
 	    ++i;
-	else if (ret != KRB5_PROG_ATYPE_NOSUPP)
+	else if (ret == KRB5_PROG_ATYPE_NOSUPP)
+	    krb5_clear_error_string (context);
+	else
 	    goto fail;
     }
     addr->len = i;
@@ -138,13 +141,18 @@ krb5_get_forwarded_creds (krb5_context	    context,
     krb5_kdc_flags kdc_flags;
     krb5_crypto crypto;
     struct addrinfo *ai;
+    int save_errno;
 
     addrs.len = 0;
     addrs.val = NULL;
 
     ret = getaddrinfo (hostname, NULL, NULL, &ai);
-    if (ret)
-	return krb5_eai_to_heim_errno(ret);
+    if (ret) {
+	save_errno = errno;
+	krb5_set_error_string(context, "resolving %s: %s",
+			      hostname, gai_strerror(ret));
+	return krb5_eai_to_heim_errno(ret, save_errno);
+    }
 
     ret = add_addrs (context, &addrs, ai);
     freeaddrinfo (ai);
@@ -171,6 +179,7 @@ krb5_get_forwarded_creds (krb5_context	    context,
     ALLOC_SEQ(&cred.tickets, 1);
     if (cred.tickets.val == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto out2;
     }
     ret = decode_Ticket(out_creds->ticket.data,
@@ -183,6 +192,7 @@ krb5_get_forwarded_creds (krb5_context	    context,
     ALLOC_SEQ(&enc_krb_cred_part.ticket_info, 1);
     if (enc_krb_cred_part.ticket_info.val == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto out4;
     }
     
@@ -191,18 +201,21 @@ krb5_get_forwarded_creds (krb5_context	    context,
     ALLOC(enc_krb_cred_part.timestamp, 1);
     if (enc_krb_cred_part.timestamp == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto out4;
     }
     *enc_krb_cred_part.timestamp = sec;
     ALLOC(enc_krb_cred_part.usec, 1);
     if (enc_krb_cred_part.usec == NULL) {
  	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto out4;
     }
     *enc_krb_cred_part.usec      = usec;
 
     if (auth_context->local_address && auth_context->local_port) {
-	ret = krb5_make_addrport (&enc_krb_cred_part.s_address,
+	ret = krb5_make_addrport (context,
+				  &enc_krb_cred_part.s_address,
 				  auth_context->local_address,
 				  auth_context->local_port);
 	if (ret)
@@ -213,6 +226,7 @@ krb5_get_forwarded_creds (krb5_context	    context,
 	ALLOC(enc_krb_cred_part.r_address, 1);
 	if (enc_krb_cred_part.r_address == NULL) {
 	    ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	    goto out4;
 	}
 
@@ -288,8 +302,10 @@ krb5_get_forwarded_creds (krb5_context	    context,
 	return ret;
     out_data->length = len;
     out_data->data   = malloc(len);
-    if (out_data->data == NULL)
+    if (out_data->data == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memcpy (out_data->data, buf + sizeof(buf) - len, len);
     return 0;
 out4:
diff --git a/crypto/heimdal/lib/krb5/get_host_realm.c b/crypto/heimdal/lib/krb5/get_host_realm.c
index e8522cb..266072e 100644
--- a/crypto/heimdal/lib/krb5/get_host_realm.c
+++ b/crypto/heimdal/lib/krb5/get_host_realm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -34,7 +34,7 @@
 #include "krb5_locl.h"
 #include <resolve.h>
 
-RCSID("$Id: get_host_realm.c,v 1.25 1999/12/11 23:14:07 assar Exp $");
+RCSID("$Id: get_host_realm.c,v 1.28 2001/05/14 06:14:47 assar Exp $");
 
 /* To automagically find the correct realm of a host (without
  * [domain_realm] in krb5.conf) add a text record for your domain with
@@ -142,6 +142,7 @@ config_find_realm(krb5_context context,
 krb5_error_code
 krb5_get_host_realm_int (krb5_context context,
 			 const char *host,
+			 krb5_boolean use_dns,
 			 krb5_realm **realms)
 {
     const char *p;
@@ -149,27 +150,33 @@ krb5_get_host_realm_int (krb5_context context,
     for (p = host; p != NULL; p = strchr (p + 1, '.')) {
 	if(config_find_realm(context, p, realms) == 0)
 	    return 0;
-	else if(dns_find_realm(context, p, "krb5-realm", realms) == 0)
-	    return 0;
-	else if(dns_find_realm(context, p, "_kerberos", realms) == 0)
-	    return 0;
+	else if(use_dns) {
+	    if(dns_find_realm(context, p, "krb5-realm", realms) == 0)
+		return 0;
+	    if(dns_find_realm(context, p, "_kerberos", realms) == 0)
+		return 0;
+	}
     }
     p = strchr(host, '.');
     if(p != NULL) {
 	p++;
 	*realms = malloc(2 * sizeof(krb5_realm));
-	if (*realms == NULL)
+	if (*realms == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 
 	(*realms)[0] = strdup(p);
 	if((*realms)[0] == NULL) {
 	    free(*realms);
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    return ENOMEM;
 	}
 	strupr((*realms)[0]);
 	(*realms)[1] = NULL;
 	return 0;
     }
+    krb5_set_error_string(context, "unable to find realm of host %s", host);
     return KRB5_ERR_HOST_REALM_UNKNOWN;
 }
 
@@ -190,5 +197,5 @@ krb5_get_host_realm(krb5_context context,
 	host = hostname;
     }
 
-    return krb5_get_host_realm_int (context, host, realms);
+    return krb5_get_host_realm_int (context, host, 1, realms);
 }
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c
index 84afe5e..bb023b1 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_in_tkt.c,v 1.97 2000/08/18 06:47:54 assar Exp $");
+RCSID("$Id: get_in_tkt.c,v 1.100 2001/05/14 06:14:48 assar Exp $");
 
 krb5_error_code
 krb5_init_etype (krb5_context context,
@@ -61,6 +61,7 @@ krb5_init_etype (krb5_context context,
     *val = malloc(i * sizeof(int));
     if (i != 0 && *val == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto cleanup;
     }
     memmove (*val,
@@ -148,6 +149,7 @@ _krb5_extract_ticket(krb5_context context,
 	tmp = krb5_principal_compare (context, tmp_principal, creds->client);
 	if (!tmp) {
 	    krb5_free_principal (context, tmp_principal);
+	    krb5_clear_error_string (context);
 	    ret = KRB5KRB_AP_ERR_MODIFIED;
 	    goto out;
 	}
@@ -163,6 +165,7 @@ _krb5_extract_ticket(krb5_context context,
 	len = length_Ticket(&rep->kdc_rep.ticket);
 	buf = malloc(len);
 	if(buf == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    ret = ENOMEM;
 	    goto out;
 	}
@@ -189,6 +192,7 @@ _krb5_extract_ticket(krb5_context context,
 	krb5_free_principal (context, tmp_principal);
 	if (!tmp) {
 	    ret = KRB5KRB_AP_ERR_MODIFIED;
+	    krb5_clear_error_string (context);
 	    goto out;
 	}
     }
@@ -213,6 +217,7 @@ _krb5_extract_ticket(krb5_context context,
 
     if (nonce != rep->enc_part.nonce) {
 	ret = KRB5KRB_AP_ERR_MODIFIED;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto out;
     }
 
@@ -238,11 +243,16 @@ _krb5_extract_ticket(krb5_context context,
     if (creds->times.starttime == 0
 	&& abs(tmp_time - sec_now) > context->max_skew) {
 	ret = KRB5KRB_AP_ERR_SKEW;
+	krb5_set_error_string (context,
+			       "time skew (%d) larger than max (%d)",
+			       abs(tmp_time - sec_now),
+			       (int)context->max_skew);
 	goto out;
     }
 
     if (creds->times.starttime != 0
 	&& tmp_time != creds->times.starttime) {
+	krb5_clear_error_string (context);
 	ret = KRB5KRB_AP_ERR_MODIFIED;
 	goto out;
     }
@@ -256,6 +266,7 @@ _krb5_extract_ticket(krb5_context context,
 
     if (creds->times.renew_till != 0
 	&& tmp_time > creds->times.renew_till) {
+	krb5_clear_error_string (context);
 	ret = KRB5KRB_AP_ERR_MODIFIED;
 	goto out;
     }
@@ -266,6 +277,7 @@ _krb5_extract_ticket(krb5_context context,
 
     if (creds->times.endtime != 0
 	&& rep->enc_part.endtime > creds->times.endtime) {
+	krb5_clear_error_string (context);
 	ret = KRB5KRB_AP_ERR_MODIFIED;
 	goto out;
     }
@@ -380,8 +392,10 @@ add_padata(krb5_context context,
 	    netypes++;
     }
     pa2 = realloc (md->val, (md->len + netypes) * sizeof(*md->val));
-    if (pa2 == NULL)
+    if (pa2 == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     md->val = pa2;
 
     for (i = 0; i < netypes; ++i) {
@@ -426,11 +440,13 @@ init_as_req (krb5_context context,
     a->req_body.cname = malloc(sizeof(*a->req_body.cname));
     if (a->req_body.cname == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
     a->req_body.sname = malloc(sizeof(*a->req_body.sname));
     if (a->req_body.sname == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string(context, "malloc: out of memory");
 	goto fail;
     }
     ret = krb5_principal2principalname (a->req_body.cname, creds->client);
@@ -447,6 +463,7 @@ init_as_req (krb5_context context,
 	a->req_body.from = malloc(sizeof(*a->req_body.from));
 	if (a->req_body.from == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	*a->req_body.from = creds->times.starttime;
@@ -459,6 +476,7 @@ init_as_req (krb5_context context,
 	a->req_body.rtime = malloc(sizeof(*a->req_body.rtime));
 	if (a->req_body.rtime == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	*a->req_body.rtime = creds->times.renew_till;
@@ -481,6 +499,7 @@ init_as_req (krb5_context context,
 	a->req_body.addresses = malloc(sizeof(*a->req_body.addresses));
 	if (a->req_body.addresses == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 
@@ -500,6 +519,7 @@ init_as_req (krb5_context context,
 	ALLOC(a->padata, 1);
 	if(a->padata == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	for(i = 0; i < preauth->len; i++) {
@@ -511,6 +531,7 @@ init_as_req (krb5_context context,
 				       sizeof(*a->padata->val));
 		if(tmp == NULL) {
 		    ret = ENOMEM;
+		    krb5_set_error_string(context, "malloc: out of memory");
 		    goto fail;
 		}
 		a->padata->val = tmp;
@@ -542,6 +563,7 @@ init_as_req (krb5_context context,
 	ALLOC(a->padata, 1);
 	if (a->padata == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    goto fail;
 	}
 	a->padata->len = 0;
@@ -559,6 +581,8 @@ init_as_req (krb5_context context,
 		   key_proc, keyseed, a->req_body.etype.val,
 		   a->req_body.etype.len, &salt);
     } else {
+	krb5_set_error_string (context, "pre-auth type %d not supported",
+			       *ptypes);
 	ret = KRB5_PREAUTH_BAD_TYPE;
 	goto fail;
     }
@@ -690,7 +714,7 @@ krb5_get_in_cred(krb5_context context,
 		ret = KRB5KRB_AP_ERR_V4_REPLY;
 	    krb5_data_free(&resp);
 	    if (ret2 == 0) {
-		ret = error.error_code;
+		ret = krb5_error_from_rd_error(context, &error, creds);
 		/* if no preauth was set and KDC requires it, give it
                    one more try */
 		if (!ptypes && !preauth
@@ -701,7 +725,7 @@ krb5_get_in_cred(krb5_context context,
 		    && set_ptypes(context, &error, &ptypes, &my_preauth)) {
 		    done = 0;
 		    preauth = my_preauth;
-		    free_KRB_ERROR(&error);
+		    krb5_free_error_contents(context, &error);
 		    continue;
 		}
 		if(ret_as_reply)
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_pw.c b/crypto/heimdal/lib/krb5/get_in_tkt_pw.c
index 4fb8800..a4f5c80 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt_pw.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt_pw.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_in_tkt_pw.c,v 1.15 1999/12/02 17:05:10 joda Exp $");
+RCSID("$Id: get_in_tkt_pw.c,v 1.16 2001/05/14 06:14:48 assar Exp $");
 
 krb5_error_code
 krb5_password_key_proc (krb5_context context,
@@ -47,11 +47,14 @@ krb5_password_key_proc (krb5_context context,
     char buf[BUFSIZ];
      
     *key = malloc (sizeof (**key));
-    if (*key == NULL)
+    if (*key == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     if (password == NULL) {
 	if(des_read_pw_string (buf, sizeof(buf), "Password: ", 0)) {
 	    free (*key);
+	    krb5_clear_error_string(context);
 	    return KRB5_LIBOS_PWDINTR;
 	}
 	password = buf;
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c b/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c
index d78ef35..c5feee4 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: get_in_tkt_with_keytab.c,v 1.5 1999/12/02 17:05:10 joda Exp $");
+RCSID("$Id: get_in_tkt_with_keytab.c,v 1.6 2001/05/14 06:14:48 assar Exp $");
 
 krb5_error_code
 krb5_keytab_key_proc (krb5_context context,
@@ -82,8 +82,10 @@ krb5_get_in_tkt_with_keytab (krb5_context context,
     krb5_keytab_key_proc_args *a;
 
     a = malloc(sizeof(*a));
-    if (a == NULL)
+    if (a == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     a->principal = creds->client;
     a->keytab    = keytab;
diff --git a/crypto/heimdal/lib/krb5/init_creds_pw.c b/crypto/heimdal/lib/krb5/init_creds_pw.c
index 8881d13..daa704f 100644
--- a/crypto/heimdal/lib/krb5/init_creds_pw.c
+++ b/crypto/heimdal/lib/krb5/init_creds_pw.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: init_creds_pw.c,v 1.44 2000/07/24 03:46:40 assar Exp $");
+RCSID("$Id: init_creds_pw.c,v 1.47 2001/05/14 06:14:48 assar Exp $");
 
 static int
 get_config_time (krb5_context context,
@@ -175,13 +175,13 @@ print_expire (krb5_context context,
 			       7 * 24 * 60 * 60);
 
     for (i = 0; i < lr->len; ++i) {
-	if (lr->val[i].lr_type == 6
+	if (abs(lr->val[i].lr_type) == LR_PW_EXPTIME
 	    && lr->val[i].lr_value <= t) {
 	    char *p;
 	    time_t tmp = lr->val[i].lr_value;
 	    
 	    asprintf (&p, "Your password will expire at %s", ctime(&tmp));
-	    (*prompter) (context, data, p, 0, NULL);
+	    (*prompter) (context, data, NULL, p, 0, NULL);
 	    free (p);
 	    return;
 	}
@@ -193,7 +193,7 @@ print_expire (krb5_context context,
 	time_t t = *rep->enc_part.key_expiration;
 
 	asprintf (&p, "Your password/account will expire at %s", ctime(&t));
-	(*prompter) (context, data, p, 0, NULL);
+	(*prompter) (context, data, NULL, p, 0, NULL);
 	free (p);
     }
 }
@@ -213,6 +213,12 @@ get_init_creds_common(krb5_context context,
 {
     krb5_error_code ret;
     krb5_realm *client_realm;
+    krb5_get_init_creds_opt default_opt;
+
+    if (options == NULL) {
+	krb5_get_init_creds_opt_init (&default_opt);
+	options = &default_opt;
+    }
 
     ret = init_cred (context, cred, client, start_time,
 		     in_tkt_service, options);
@@ -246,8 +252,10 @@ get_init_creds_common(krb5_context context,
     if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) {
 	*etypes = malloc((options->etype_list_length + 1)
 			* sizeof(krb5_enctype));
-	if (*etypes == NULL)
+	if (*etypes == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 	memcpy (*etypes, options->etype_list,
 		options->etype_list_length * sizeof(krb5_enctype));
 	(*etypes)[options->etype_list_length] = ETYPE_NULL;
@@ -255,8 +263,10 @@ get_init_creds_common(krb5_context context,
     if (options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) {
 	*pre_auth_types = malloc((options->preauth_list_length + 1)
 				 * sizeof(krb5_preauthtype));
-	if (*pre_auth_types == NULL)
+	if (*pre_auth_types == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 	memcpy (*pre_auth_types, options->preauth_list,
 		options->preauth_list_length * sizeof(krb5_preauthtype));
 	(*pre_auth_types)[options->preauth_list_length] = KRB5_PADATA_NONE;
@@ -278,7 +288,7 @@ change_password (krb5_context context,
 		 void *data,
 		 krb5_get_init_creds_opt *old_options)
 {
-    krb5_prompt prompt;
+    krb5_prompt prompts[2];
     krb5_error_code ret;
     krb5_creds cpw_cred;
     char buf1[BUFSIZ], buf2[BUFSIZ];
@@ -319,27 +329,31 @@ change_password (krb5_context context,
 	password_data.data   = buf1;
 	password_data.length = sizeof(buf1);
 
-	prompt.hidden = 1;
-	prompt.prompt = "New password: ";
-	prompt.reply  = &password_data;
-
-	ret = (*prompter) (context, data, "Changing password", 1, &prompt);
-	if (ret)
-	    goto out;
+	prompts[0].hidden = 1;
+	prompts[0].prompt = "New password: ";
+	prompts[0].reply  = &password_data;
+	prompts[0].type   = KRB5_PROMPT_TYPE_NEW_PASSWORD;
 
 	password_data.data   = buf2;
 	password_data.length = sizeof(buf2);
 
-	prompt.hidden = 1;
-	prompt.prompt = "Repeat new password: ";
-	prompt.reply  = &password_data;
+	prompts[1].hidden = 1;
+	prompts[1].prompt = "Repeat new password: ";
+	prompts[1].reply  = &password_data;
+	prompts[1].type   = KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN;
 
-	ret = (*prompter) (context, data, "Changing password", 1, &prompt);
-	if (ret)
+	ret = (*prompter) (context, data, NULL, "Changing password",
+			   2, prompts);
+	if (ret) {
+	    memset (buf1, 0, sizeof(buf1));
+	    memset (buf2, 0, sizeof(buf2));
 	    goto out;
+	}
 
 	if (strcmp (buf1, buf2) == 0)
 	    break;
+	memset (buf1, 0, sizeof(buf1));
+	memset (buf2, 0, sizeof(buf2));
     }
     
     ret = krb5_change_password (context,
@@ -355,13 +369,15 @@ change_password (krb5_context context,
 	      (int)result_string.length,
 	      (char*)result_string.data);
 
-    ret = (*prompter) (context, data, p, 0, NULL);
+    ret = (*prompter) (context, data, NULL, p, 0, NULL);
     free (p);
     if (result_code == 0) {
 	strlcpy (newpw, buf1, newpw_sz);
 	ret = 0;
-    } else
+    } else {
+	krb5_set_error_string (context, "failed changing password");
 	ret = ENOTTY;
+    }
 
 out:
     memset (buf1, 0, sizeof(buf1));
@@ -412,12 +428,14 @@ krb5_get_init_creds_password(krb5_context context,
 	password_data.length = sizeof(buf);
 	prompt.hidden = 1;
 	prompt.reply  = &password_data;
+	prompt.type   = KRB5_PROMPT_TYPE_PASSWORD;
 
-	ret = (*prompter) (context, data, NULL, 1, &prompt);
+	ret = (*prompter) (context, data, NULL, NULL, 1, &prompt);
 	free (prompt.prompt);
 	if (ret) {
 	    memset (buf, 0, sizeof(buf));
 	    ret = KRB5_LIBOS_PWDINTR;
+	    krb5_clear_error_string (context);
 	    goto out;
 	}
 	password = password_data.data;
@@ -445,6 +463,8 @@ krb5_get_init_creds_password(krb5_context context,
 	case KRB5KDC_ERR_KEY_EXPIRED :
 	    /* try to avoid recursion */
 
+	    krb5_clear_error_string (context);
+
 	    if (in_tkt_service != NULL
 		&& strcmp (in_tkt_service, "kadmin/changepw") == 0)
 		goto out;
@@ -522,6 +542,7 @@ krb5_get_init_creds_keytab(krb5_context context,
 
     a = malloc (sizeof(*a));
     if (a == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto out;
     }
diff --git a/crypto/heimdal/lib/krb5/kerberos.8 b/crypto/heimdal/lib/krb5/kerberos.8
index ac9d3d5..10f2dab 100644
--- a/crypto/heimdal/lib/krb5/kerberos.8
+++ b/crypto/heimdal/lib/krb5/kerberos.8
@@ -1,4 +1,4 @@
-.\" $Id: kerberos.8,v 1.1 2000/09/01 15:52:24 joda Exp $
+.\" $Id: kerberos.8,v 1.2 2001/05/02 08:59:23 assar Exp $
 .\"
 .Dd September 1, 2000
 .Dt KERBEROS 8
diff --git a/crypto/heimdal/lib/krb5/keyblock.c b/crypto/heimdal/lib/krb5/keyblock.c
index 124d9bc..7eb7067 100644
--- a/crypto/heimdal/lib/krb5/keyblock.c
+++ b/crypto/heimdal/lib/krb5/keyblock.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keyblock.c,v 1.11 2000/03/23 03:38:25 assar Exp $");
+RCSID("$Id: keyblock.c,v 1.12 2001/05/14 06:14:48 assar Exp $");
 
 void
 krb5_free_keyblock_contents(krb5_context context,
@@ -72,8 +72,10 @@ krb5_copy_keyblock (krb5_context context,
     krb5_keyblock *k;
 
     k = malloc (sizeof(*k));
-    if (k == NULL)
+    if (k == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *to = k;
     return krb5_copy_keyblock_contents (context, inblock, k);
 }
diff --git a/crypto/heimdal/lib/krb5/keytab.c b/crypto/heimdal/lib/krb5/keytab.c
index 36ef2f5..bde443a 100644
--- a/crypto/heimdal/lib/krb5/keytab.c
+++ b/crypto/heimdal/lib/krb5/keytab.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keytab.c,v 1.46 2000/02/07 03:18:05 assar Exp $");
+RCSID("$Id: keytab.c,v 1.50 2001/05/14 06:14:48 assar Exp $");
 
 /*
  * Register a new keytab in `ops'
@@ -48,8 +48,10 @@ krb5_kt_register(krb5_context context,
 
     tmp = realloc(context->kt_types,
 		  (context->num_kt_types + 1) * sizeof(*context->kt_types));
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memcpy(&tmp[context->num_kt_types], ops,
 	   sizeof(tmp[context->num_kt_types]));
     context->kt_types = tmp;
@@ -89,12 +91,17 @@ krb5_kt_resolve(krb5_context context,
 	if(strncmp(type, context->kt_types[i].prefix, type_len) == 0)
 	    break;
     }
-    if(i == context->num_kt_types)
+    if(i == context->num_kt_types) {
+	krb5_set_error_string(context, "unknown keytab type %.*s", 
+			      (int)type_len, type);
 	return KRB5_KT_UNKNOWN_TYPE;
+    }
     
     k = malloc (sizeof(*k));
-    if (k == NULL)
+    if (k == NULL) {
+	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memcpy(k, &context->kt_types[i], sizeof(*k));
     k->data = NULL;
     ret = (*k->resolve)(context, residual, k);
@@ -114,8 +121,25 @@ krb5_kt_resolve(krb5_context context,
 krb5_error_code
 krb5_kt_default_name(krb5_context context, char *name, size_t namesize)
 {
-    if (strlcpy (name, context->default_keytab, namesize) >= namesize)
+    if (strlcpy (name, context->default_keytab, namesize) >= namesize) {
+	krb5_clear_error_string (context);
 	return KRB5_CONFIG_NOTENUFSPACE;
+    }
+    return 0;
+}
+
+/*
+ * copy the name of the default modify keytab into `name'.
+ * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short.
+ */
+
+krb5_error_code
+krb5_kt_default_modify_name(krb5_context context, char *name, size_t namesize)
+{
+    if (strlcpy (name, context->default_keytab_modify, namesize) >= namesize) {
+	krb5_clear_error_string (context);
+	return KRB5_CONFIG_NOTENUFSPACE;
+    }
     return 0;
 }
 
@@ -261,10 +285,19 @@ krb5_kt_get_entry(krb5_context context,
 	krb5_kt_free_entry(context, &tmp);
     }
     krb5_kt_end_seq_get (context, id, &cursor);
-    if (entry->vno)
+    if (entry->vno) {
 	return 0;
-    else
+    } else {
+	char princ[256], kt_name[256];
+
+	krb5_unparse_name_fixed (context, principal, princ, sizeof(princ));
+	krb5_kt_get_name (context, id, kt_name, sizeof(kt_name));
+
+	krb5_set_error_string (context,
+ 			       "failed to find %s in keytab %s",
+			       princ, kt_name);
 	return KRB5_KT_NOTFOUND;
+    }
 }
 
 /*
@@ -339,8 +372,12 @@ krb5_kt_start_seq_get(krb5_context context,
 		      krb5_keytab id,
 		      krb5_kt_cursor *cursor)
 {
-    if(id->start_seq_get == NULL)
+    if(id->start_seq_get == NULL) {
+	krb5_set_error_string(context,
+			      "start_seq_get is not supported in the %s "
+			      " keytab", id->prefix);
 	return HEIM_ERR_OPNOTSUPP;
+    }
     return (*id->start_seq_get)(context, id, cursor);
 }
 
@@ -356,8 +393,12 @@ krb5_kt_next_entry(krb5_context context,
 		   krb5_keytab_entry *entry,
 		   krb5_kt_cursor *cursor)
 {
-    if(id->next_entry == NULL)
+    if(id->next_entry == NULL) {
+	krb5_set_error_string(context,
+			      "next_entry is not supported in the %s "
+			      " keytab", id->prefix);
 	return HEIM_ERR_OPNOTSUPP;
+    }
     return (*id->next_entry)(context, id, entry, cursor);
 }
 
@@ -370,8 +411,12 @@ krb5_kt_end_seq_get(krb5_context context,
 		    krb5_keytab id,
 		    krb5_kt_cursor *cursor)
 {
-    if(id->end_seq_get == NULL)
+    if(id->end_seq_get == NULL) {
+	krb5_set_error_string(context,
+			      "end_seq_get is not supported in the %s "
+			      " keytab", id->prefix);
 	return HEIM_ERR_OPNOTSUPP;
+    }
     return (*id->end_seq_get)(context, id, cursor);
 }
 
@@ -385,8 +430,11 @@ krb5_kt_add_entry(krb5_context context,
 		  krb5_keytab id,
 		  krb5_keytab_entry *entry)
 {
-    if(id->add == NULL)
+    if(id->add == NULL) {
+	krb5_set_error_string(context, "Add is not supported in the %s keytab",
+			      id->prefix);
 	return KRB5_KT_NOWRITE;
+    }
     entry->timestamp = time(NULL);
     return (*id->add)(context, id,entry);
 }
@@ -401,7 +449,11 @@ krb5_kt_remove_entry(krb5_context context,
 		     krb5_keytab id,
 		     krb5_keytab_entry *entry)
 {
-    if(id->remove == NULL)
+    if(id->remove == NULL) {
+	krb5_set_error_string(context,
+			      "Remove is not supported in the %s keytab",
+			      id->prefix);
 	return KRB5_KT_NOWRITE;
+    }
     return (*id->remove)(context, id, entry);
 }
diff --git a/crypto/heimdal/lib/krb5/keytab_any.c b/crypto/heimdal/lib/krb5/keytab_any.c
new file mode 100644
index 0000000..490a8f3
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/keytab_any.c
@@ -0,0 +1,210 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: keytab_any.c,v 1.2 2001/05/14 06:14:48 assar Exp $");
+
+struct any_data {
+    krb5_keytab kt;
+    char *name;
+    struct any_data *next;
+};
+
+static void
+free_list (struct any_data *a)
+{
+    struct any_data *next;
+
+    for (; a != NULL; a = next) {
+	next = a->next;
+	free (a->name);
+	free (a);
+    }
+}
+
+static krb5_error_code
+any_resolve(krb5_context context, const char *name, krb5_keytab id)
+{
+    struct any_data *a, *a0 = NULL, *prev = NULL;
+    krb5_error_code ret;
+    char buf[256];
+
+    while (strsep_copy(&name, ",", buf, sizeof(buf)) != -1) {
+	a = malloc(sizeof(*a));
+	if (a == NULL) {
+	    ret = ENOMEM;
+	    goto fail;
+	}
+	if (a0 == NULL) {
+	    a0 = a;
+	    a->name = strdup(name);
+	    if (a->name == NULL) {
+		krb5_set_error_string(context, "malloc: out of memory");
+		ret = ENOMEM;
+		goto fail;
+	    }
+	} else
+	    a->name = NULL;
+	if (prev != NULL)
+	    prev->next = a;
+	a->next = NULL;
+	ret = krb5_kt_resolve (context, buf, &a->kt);
+	if (ret)
+	    goto fail;
+	prev = a;
+    }
+    if (a0 == NULL) {
+	krb5_set_error_string(context, "empty ANY: keytab");
+	return ENOENT;
+    }
+    id->data = a0;
+    return 0;
+ fail:
+    free_list (a0);
+    return ret;
+}
+
+static krb5_error_code
+any_get_name (krb5_context context,
+	      krb5_keytab id,
+	      char *name,
+	      size_t namesize)
+{
+    struct any_data *a = id->data;
+    strlcpy(name, a->name, namesize);
+    return 0;
+}
+
+static krb5_error_code
+any_close (krb5_context context,
+	   krb5_keytab id)
+{
+    struct any_data *a = id->data;
+
+    free_list (a);
+    return 0;
+}
+
+struct any_cursor_extra_data {
+    struct any_data *a;
+    krb5_kt_cursor cursor;
+};
+
+static krb5_error_code
+any_start_seq_get(krb5_context context, 
+		  krb5_keytab id, 
+		  krb5_kt_cursor *c)
+{
+    struct any_data *a = id->data;
+    struct any_cursor_extra_data *ed;
+    krb5_error_code ret;
+
+    c->data = malloc (sizeof(struct any_cursor_extra_data));
+    if(c->data == NULL){
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
+    }
+    ed = (struct any_cursor_extra_data *)c->data;
+    ed->a = a;
+    ret = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor);
+    if (ret) {
+	free (ed);
+	free (c->data);
+	c->data = NULL;
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
+    }
+    return 0;
+}
+
+static krb5_error_code
+any_next_entry (krb5_context context,
+		krb5_keytab id,
+		krb5_keytab_entry *entry,
+		krb5_kt_cursor *cursor)
+{
+    krb5_error_code ret, ret2;
+    struct any_cursor_extra_data *ed;
+
+    ed = (struct any_cursor_extra_data *)cursor->data;
+    do {
+	ret = krb5_kt_next_entry(context, ed->a->kt, entry, &ed->cursor);
+	if (ret == 0)
+	    return 0;
+	else if (ret == KRB5_CC_END) {
+	    ret2 = krb5_kt_end_seq_get (context, ed->a->kt, &ed->cursor);
+	    if (ret2)
+		return ret2;
+	    ed->a = ed->a->next;
+	    if (ed->a == NULL) {
+		krb5_clear_error_string (context);
+		return KRB5_CC_END;
+	    }
+	    ret2 = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor);
+	    if (ret2)
+		return ret2;
+	} else
+	    return ret;
+    } while (ret == KRB5_CC_END);
+    return ret;
+}
+
+static krb5_error_code
+any_end_seq_get(krb5_context context,
+		krb5_keytab id,
+		krb5_kt_cursor *cursor)
+{
+    krb5_error_code ret = 0;
+    struct any_cursor_extra_data *ed;
+
+    ed = (struct any_cursor_extra_data *)cursor->data;
+    if (ed->a != NULL)
+	ret = krb5_kt_end_seq_get(context, ed->a->kt, &ed->cursor);
+    free (ed);
+    cursor->data = NULL;
+    return ret;
+}
+
+const krb5_kt_ops krb5_any_ops = {
+    "ANY",
+    any_resolve,
+    any_get_name,
+    any_close,
+    NULL, /* get */
+    any_start_seq_get,
+    any_next_entry,
+    any_end_seq_get,
+    NULL, /* add_entry */
+    NULL  /* remote_entry */
+};
diff --git a/crypto/heimdal/lib/krb5/keytab_file.c b/crypto/heimdal/lib/krb5/keytab_file.c
index c6c35e5..13b67c2 100644
--- a/crypto/heimdal/lib/krb5/keytab_file.c
+++ b/crypto/heimdal/lib/krb5/keytab_file.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keytab_file.c,v 1.6 2000/01/02 00:20:22 assar Exp $");
+RCSID("$Id: keytab_file.c,v 1.8 2001/05/14 06:14:48 assar Exp $");
 
 #define KRB5_KT_VNO_1 1
 #define KRB5_KT_VNO_2 2
@@ -46,7 +46,8 @@ struct fkt_data {
 };
 
 static krb5_error_code
-krb5_kt_ret_data(krb5_storage *sp,
+krb5_kt_ret_data(krb5_context context,
+		 krb5_storage *sp,
 		 krb5_data *data)
 {
     int ret;
@@ -56,8 +57,10 @@ krb5_kt_ret_data(krb5_storage *sp,
 	return ret;
     data->length = size;
     data->data = malloc(size);
-    if (data->data == NULL)
+    if (data->data == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = sp->fetch(sp, data->data, size);
     if(ret != size)
 	return (ret < 0)? errno : KRB5_KT_END;
@@ -65,7 +68,8 @@ krb5_kt_ret_data(krb5_storage *sp,
 }
 
 static krb5_error_code
-krb5_kt_ret_string(krb5_storage *sp,
+krb5_kt_ret_string(krb5_context context,
+		   krb5_storage *sp,
 		   general_string *data)
 {
     int ret;
@@ -74,8 +78,10 @@ krb5_kt_ret_string(krb5_storage *sp,
     if(ret)
 	return ret;
     *data = malloc(size + 1);
-    if (*data == NULL)
+    if (*data == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = sp->fetch(sp, *data, size);
     (*data)[size] = '\0';
     if(ret != size)
@@ -84,7 +90,8 @@ krb5_kt_ret_string(krb5_storage *sp,
 }
 
 static krb5_error_code
-krb5_kt_store_data(krb5_storage *sp,
+krb5_kt_store_data(krb5_context context,
+		   krb5_storage *sp,
 		   krb5_data data)
 {
     int ret;
@@ -119,7 +126,7 @@ krb5_kt_store_string(krb5_storage *sp,
 }
 
 static krb5_error_code
-krb5_kt_ret_keyblock(krb5_storage *sp, krb5_keyblock *p)
+krb5_kt_ret_keyblock(krb5_context context, krb5_storage *sp, krb5_keyblock *p)
 {
     int ret;
     int16_t tmp;
@@ -127,25 +134,27 @@ krb5_kt_ret_keyblock(krb5_storage *sp, krb5_keyblock *p)
     ret = krb5_ret_int16(sp, &tmp); /* keytype + etype */
     if(ret) return ret;
     p->keytype = tmp;
-    ret = krb5_kt_ret_data(sp, &p->keyvalue);
+    ret = krb5_kt_ret_data(context, sp, &p->keyvalue);
     return ret;
 }
 
 static krb5_error_code
-krb5_kt_store_keyblock(krb5_storage *sp, 
+krb5_kt_store_keyblock(krb5_context context,
+		       krb5_storage *sp, 
 		       krb5_keyblock *p)
 {
     int ret;
 
     ret = krb5_store_int16(sp, p->keytype); /* keytype + etype */
     if(ret) return ret;
-    ret = krb5_kt_store_data(sp, p->keyvalue);
+    ret = krb5_kt_store_data(context, sp, p->keyvalue);
     return ret;
 }
 
 
 static krb5_error_code
-krb5_kt_ret_principal(krb5_storage *sp,
+krb5_kt_ret_principal(krb5_context context,
+		      krb5_storage *sp,
 		      krb5_principal *princ)
 {
     int i;
@@ -154,8 +163,10 @@ krb5_kt_ret_principal(krb5_storage *sp,
     int16_t tmp;
     
     ALLOC(p, 1);
-    if(p == NULL)
+    if(p == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     ret = krb5_ret_int16(sp, &tmp);
     if(ret)
@@ -163,15 +174,19 @@ krb5_kt_ret_principal(krb5_storage *sp,
     if (sp->flags & KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)
 	tmp--;
     p->name.name_string.len = tmp;
-    ret = krb5_kt_ret_string(sp, &p->realm);
-    if(ret) return ret;
+    ret = krb5_kt_ret_string(context, sp, &p->realm);
+    if(ret)
+	return ret;
     p->name.name_string.val = calloc(p->name.name_string.len, 
 				     sizeof(*p->name.name_string.val));
-    if(p->name.name_string.val == NULL)
+    if(p->name.name_string.val == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     for(i = 0; i < p->name.name_string.len; i++){
-	ret = krb5_kt_ret_string(sp, p->name.name_string.val + i);
-	if(ret) return ret;
+	ret = krb5_kt_ret_string(context, sp, p->name.name_string.val + i);
+	if(ret)
+	    return ret;
     }
     if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
 	p->name.name_type = KRB5_NT_UNKNOWN;
@@ -187,7 +202,8 @@ krb5_kt_ret_principal(krb5_storage *sp,
 }
 
 static krb5_error_code
-krb5_kt_store_principal(krb5_storage *sp,
+krb5_kt_store_principal(krb5_context context,
+			krb5_storage *sp,
 			krb5_principal p)
 {
     int i;
@@ -202,7 +218,8 @@ krb5_kt_store_principal(krb5_storage *sp,
     if(ret) return ret;
     for(i = 0; i < p->name.name_string.len; i++){
 	ret = krb5_kt_store_string(sp, p->name.name_string.val[i]);
-	if(ret) return ret;
+	if(ret)
+	    return ret;
     }
     if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) {
 	ret = krb5_store_int32(sp, p->name.name_type);
@@ -217,12 +234,16 @@ static krb5_error_code
 fkt_resolve(krb5_context context, const char *name, krb5_keytab id)
 {
     struct fkt_data *d;
+
     d = malloc(sizeof(*d));
-    if(d == NULL)
+    if(d == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     d->filename = strdup(name);
     if(d->filename == NULL) {
 	free(d);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     id->data = d;
@@ -280,8 +301,12 @@ fkt_start_seq_get_int(krb5_context context,
     struct fkt_data *d = id->data;
     
     c->fd = open (d->filename, flags);
-    if (c->fd < 0)
-	return errno;
+    if (c->fd < 0) {
+	ret = errno;
+	krb5_set_error_string(context, "open(%s): %s", d->filename,
+			      strerror(ret));
+	return ret;
+    }
     c->sp = krb5_storage_from_fd(c->fd);
     ret = krb5_ret_int8(c->sp, &pvno);
     if(ret) {
@@ -292,6 +317,7 @@ fkt_start_seq_get_int(krb5_context context,
     if(pvno != 5) {
 	krb5_storage_free(c->sp);
 	close(c->fd);
+	krb5_clear_error_string (context);
 	return KRB5_KEYTAB_BADVNO;
     }
     ret = krb5_ret_int8(c->sp, &tag);
@@ -336,7 +362,7 @@ loop:
 	pos = cursor->sp->seek(cursor->sp, -len, SEEK_CUR);
 	goto loop;
     }
-    ret = krb5_kt_ret_principal (cursor->sp, &entry->principal);
+    ret = krb5_kt_ret_principal (context, cursor->sp, &entry->principal);
     if (ret)
 	goto out;
     ret = krb5_ret_int32(cursor->sp, &tmp32);
@@ -347,7 +373,7 @@ loop:
     if (ret)
 	goto out;
     entry->vno = tmp8;
-    ret = krb5_kt_ret_keyblock (cursor->sp, &entry->keyblock);
+    ret = krb5_kt_ret_keyblock (context, cursor->sp, &entry->keyblock);
     if (ret)
 	goto out;
     if(start) *start = pos;
@@ -391,8 +417,12 @@ fkt_add_entry(krb5_context context,
     fd = open (d->filename, O_RDWR | O_BINARY);
     if (fd < 0) {
 	fd = open (d->filename, O_RDWR | O_CREAT | O_BINARY, 0600);
-	if (fd < 0)
-	    return errno;
+	if (fd < 0) {
+	    ret = errno;
+	    krb5_set_error_string(context, "open(%s): %s", d->filename,
+				  strerror(ret));
+	    return ret;
+	}
 	sp = krb5_storage_from_fd(fd);
 	ret = krb5_store_int8(sp, 5);
 	if(ret) {
@@ -421,6 +451,7 @@ fkt_add_entry(krb5_context context,
 	if(pvno != 5) {
 	    krb5_storage_free(sp);
 	    close(fd);
+	    krb5_clear_error_string (context);
 	    return KRB5_KEYTAB_BADVNO;
 	}
 	ret = krb5_ret_int8 (sp, &tag);
@@ -438,9 +469,10 @@ fkt_add_entry(krb5_context context,
 	emem = krb5_storage_emem();
 	if(emem == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    goto out;
 	}
-	ret = krb5_kt_store_principal(emem, entry->principal);
+	ret = krb5_kt_store_principal(context, emem, entry->principal);
 	if(ret) {
 	    krb5_storage_free(emem);
 	    goto out;
@@ -455,7 +487,7 @@ fkt_add_entry(krb5_context context,
 	    krb5_storage_free(emem);
 	    goto out;
 	}
-	ret = krb5_kt_store_keyblock (emem, &entry->keyblock);
+	ret = krb5_kt_store_keyblock (context, emem, &entry->keyblock);
 	if(ret) {
 	    krb5_storage_free(emem);
 	    goto out;
@@ -521,8 +553,10 @@ fkt_remove_entry(krb5_context context,
 	}
     }
     krb5_kt_end_seq_get(context, id, &cursor);
-    if (!found)
+    if (!found) {
+	krb5_clear_error_string (context);
 	return KRB5_KT_NOTFOUND;
+    }
     return 0;
 }
 
diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c
index ffdf35c..2403412 100644
--- a/crypto/heimdal/lib/krb5/keytab_keyfile.c
+++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keytab_keyfile.c,v 1.9 2000/07/02 16:14:16 assar Exp $");
+RCSID("$Id: keytab_keyfile.c,v 1.11 2001/05/14 06:14:49 assar Exp $");
 
 /* afs keyfile operations --------------------------------------- */
 
@@ -63,16 +63,23 @@ struct akf_data {
  */
 
 static int
-get_cell_and_realm (struct akf_data *d)
+get_cell_and_realm (krb5_context context,
+		    struct akf_data *d)
 {
     FILE *f;
     char buf[BUFSIZ], *cp;
+    int ret;
 
     f = fopen (AFS_SERVERTHISCELL, "r");
-    if (f == NULL)
-	return errno;
+    if (f == NULL) {
+	ret = errno;
+	krb5_set_error_string (context, "open %s: %s", AFS_SERVERTHISCELL,
+			       strerror(ret));
+	return ret;
+    }
     if (fgets (buf, sizeof(buf), f) == NULL) {
 	fclose (f);
+	krb5_set_error_string (context, "no cell in %s", AFS_SERVERTHISCELL);
 	return EINVAL;
     }
     if (buf[strlen(buf) - 1] == '\n')
@@ -80,13 +87,17 @@ get_cell_and_realm (struct akf_data *d)
     fclose(f);
 
     d->cell = strdup (buf);
-    if (d->cell == NULL)
-	return errno;
+    if (d->cell == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
+    }
 
     f = fopen (AFS_SERVERMAGICKRBCONF, "r");
     if (f != NULL) {
 	if (fgets (buf, sizeof(buf), f) == NULL) {
 	    fclose (f);
+	    krb5_set_error_string (context, "no realm in %s",
+				   AFS_SERVERMAGICKRBCONF);
 	    return EINVAL;
 	}
 	if (buf[strlen(buf)-1] == '\n')
@@ -100,7 +111,8 @@ get_cell_and_realm (struct akf_data *d)
     d->realm = strdup (buf);
     if (d->realm == NULL) {
 	free (d->cell);
-	return errno;
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
     }
     return 0;
 }
@@ -115,11 +127,13 @@ akf_resolve(krb5_context context, const char *name, krb5_keytab id)
     int ret;
     struct akf_data *d = malloc(sizeof (struct akf_data));
 
-    if (d == NULL)
-	return errno;
+    if (d == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
+	return ENOMEM;
+    }
     
     d->num_entries = 0;
-    ret = get_cell_and_realm (d);
+    ret = get_cell_and_realm (context, d);
     if (ret) {
 	free (d);
 	return ret;
@@ -129,6 +143,7 @@ akf_resolve(krb5_context context, const char *name, krb5_keytab id)
 	free (d->cell);
 	free (d->realm);
 	free (d);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     id->data = d;
@@ -180,14 +195,21 @@ akf_start_seq_get(krb5_context context,
     struct akf_data *d = id->data;
 
     c->fd = open (d->filename, O_RDONLY|O_BINARY, 0600);
-    if (c->fd < 0)
-	return errno;
+    if (c->fd < 0) {
+	ret = errno;
+	krb5_set_error_string(context, "open(%s): %s", d->filename,
+			      strerror(ret));
+	return ret;
+    }
 
     c->sp = krb5_storage_from_fd(c->fd);
     ret = krb5_ret_int32(c->sp, &d->num_entries);
     if(ret) {
 	krb5_storage_free(c->sp);
 	close(c->fd);
+	krb5_clear_error_string (context);
+	if(ret == KRB5_CC_END)
+	    return KRB5_KT_NOTFOUND;
 	return ret;
     }
 
@@ -228,6 +250,7 @@ akf_next_entry(krb5_context context,
     entry->keyblock.keyvalue.data   = malloc (8);
     if (entry->keyblock.keyvalue.data == NULL) {
 	krb5_free_principal (context, entry->principal);
+	krb5_set_error_string (context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto out;
     }
@@ -268,8 +291,12 @@ akf_add_entry(krb5_context context,
     if (fd < 0) {
 	fd = open (d->filename,
 		   O_RDWR | O_BINARY | O_CREAT, 0600);
-	if (fd < 0)
-	    return errno;
+	if (fd < 0) {
+	    ret = errno;
+	    krb5_set_error_string(context, "open(%s): %s", d->filename,
+				  strerror(ret));
+	    return ret;
+	}
 	created = 1;
     }
 
@@ -282,15 +309,18 @@ akf_add_entry(krb5_context context,
 	sp = krb5_storage_from_fd(fd);
 	if(sp == NULL) {
 	    close(fd);
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
 	}
 	if (created)
 	    len = 0;
 	else {
 	    if((*sp->seek)(sp, 0, SEEK_SET) < 0) {
+		ret = errno;
 		krb5_storage_free(sp);
 		close(fd);
-		return errno;
+		krb5_set_error_string (context, "seek: %s", strerror(ret));
+		return ret;
 	    }
 	    
 	    ret = krb5_ret_int32(sp, &len);
@@ -303,9 +333,11 @@ akf_add_entry(krb5_context context,
 	len++;
 	
 	if((*sp->seek)(sp, 0, SEEK_SET) < 0) {
+	    ret = errno;
 	    krb5_storage_free(sp);
 	    close(fd);
-	    return errno;
+	    krb5_set_error_string (context, "seek: %s", strerror(ret));
+	    return ret;
 	}
 	
 	ret = krb5_store_int32(sp, len);
@@ -317,9 +349,11 @@ akf_add_entry(krb5_context context,
 		
 
 	if((*sp->seek)(sp, (len - 1) * (8 + 4), SEEK_CUR) < 0) {
+	    ret = errno;
 	    krb5_storage_free(sp);
 	    close(fd);
-	    return errno;
+	    krb5_set_error_string (context, "seek: %s", strerror(ret));
+	    return ret;
 	}
 	
 	ret = krb5_store_int32(sp, entry->vno);
diff --git a/crypto/heimdal/lib/krb5/keytab_krb4.c b/crypto/heimdal/lib/krb5/keytab_krb4.c
index e41f849..6915cac 100644
--- a/crypto/heimdal/lib/krb5/keytab_krb4.c
+++ b/crypto/heimdal/lib/krb5/keytab_krb4.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keytab_krb4.c,v 1.6 2000/12/15 17:10:40 joda Exp $");
+RCSID("$Id: keytab_krb4.c,v 1.8 2001/05/16 22:23:31 assar Exp $");
 
 struct krb4_kt_data {
     char *filename;
@@ -45,11 +45,14 @@ krb4_kt_resolve(krb5_context context, const char *name, krb5_keytab id)
     struct krb4_kt_data *d;
 
     d = malloc (sizeof(*d));
-    if (d == NULL)
+    if (d == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     d->filename = strdup (name);
     if (d->filename == NULL) {
 	free(d);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     id->data = d;
@@ -92,17 +95,23 @@ krb4_kt_start_seq_get_int (krb5_context context,
 {
     struct krb4_kt_data *d = id->data;
     struct krb4_cursor_extra_data *ed;
+    int ret;
 
     ed = malloc (sizeof(*ed));
-    if (ed == NULL)
+    if (ed == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ed->entry.principal = NULL;
     ed->num = -1;
     c->data = ed;
     c->fd = open (d->filename, flags);
     if (c->fd < 0) {
+	ret = errno;
 	free (ed);
-	return errno;
+	krb5_set_error_string(context, "open(%s): %s", d->filename,
+			      strerror(ret));
+	return ret;
     }
     c->sp = krb5_storage_from_fd(c->fd);
     return 0;
@@ -238,8 +247,12 @@ krb4_kt_add_entry (krb5_context context,
     if (fd < 0) {
 	fd = open (d->filename,
 		   O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600);
-	if (fd < 0)
-	    return errno;
+	if (fd < 0) {
+	    ret = errno;
+	    krb5_set_error_string(context, "open(%s): %s", d->filename,
+				  strerror(ret));
+	    return ret;
+	}
     }
     ret = krb5_524_conv_principal (context, entry->principal,
 				   service, instance, realm);
@@ -272,3 +285,16 @@ const krb5_kt_ops krb4_fkt_ops = {
     krb4_kt_add_entry,		/* add_entry */
     NULL			/* remove_entry */
 };
+
+const krb5_kt_ops krb5_srvtab_fkt_ops = {
+    "SRVTAB",
+    krb4_kt_resolve,
+    krb4_kt_get_name,
+    krb4_kt_close,
+    NULL,			/* get */
+    krb4_kt_start_seq_get,
+    krb4_kt_next_entry,
+    krb4_kt_end_seq_get,
+    krb4_kt_add_entry,		/* add_entry */
+    NULL			/* remove_entry */
+};
diff --git a/crypto/heimdal/lib/krb5/keytab_memory.c b/crypto/heimdal/lib/krb5/keytab_memory.c
index 9fde8d0..cde8943 100644
--- a/crypto/heimdal/lib/krb5/keytab_memory.c
+++ b/crypto/heimdal/lib/krb5/keytab_memory.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: keytab_memory.c,v 1.4 2000/02/07 03:18:39 assar Exp $");
+RCSID("$Id: keytab_memory.c,v 1.5 2001/05/14 06:14:49 assar Exp $");
 
 /* memory operations -------------------------------------------- */
 
@@ -47,8 +47,10 @@ mkt_resolve(krb5_context context, const char *name, krb5_keytab id)
 {
     struct mkt_data *d;
     d = malloc(sizeof(*d));
-    if(d == NULL)
+    if(d == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     d->entries = NULL;
     d->num_entries = 0;
     id->data = d;
@@ -115,8 +117,10 @@ mkt_add_entry(krb5_context context,
     struct mkt_data *d = id->data;
     krb5_keytab_entry *tmp;
     tmp = realloc(d->entries, (d->num_entries + 1) * sizeof(*d->entries));
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     d->entries = tmp;
     return krb5_kt_copy_entry_contents(context, entry, 
 				       &d->entries[d->num_entries++]);
diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h
index 628f560..1f0fdf9 100644
--- a/crypto/heimdal/lib/krb5/krb5-protos.h
+++ b/crypto/heimdal/lib/krb5/krb5-protos.h
@@ -93,7 +93,7 @@ krb5_error_code
 krb5_addlog_dest __P((
 	krb5_context context,
 	krb5_log_facility *f,
-	const char *p));
+	const char *orig));
 
 krb5_error_code
 krb5_addlog_func __P((
@@ -107,6 +107,7 @@ krb5_addlog_func __P((
 
 krb5_error_code
 krb5_addr2sockaddr __P((
+	krb5_context context,
 	const krb5_address *addr,
 	struct sockaddr *sa,
 	int *sa_size,
@@ -139,6 +140,7 @@ krb5_aname_to_localname __P((
 
 krb5_error_code
 krb5_anyaddr __P((
+	krb5_context context,
 	int af,
 	struct sockaddr *sa,
 	int *sa_size,
@@ -453,8 +455,8 @@ krb5_error_code
 krb5_cc_next_cred __P((
 	krb5_context context,
 	const krb5_ccache id,
-	krb5_creds *creds,
-	krb5_cc_cursor *cursor));
+	krb5_cc_cursor *cursor,
+	krb5_creds *creds));
 
 krb5_error_code
 krb5_cc_register __P((
@@ -533,6 +535,9 @@ krb5_checksumsize __P((
 	krb5_cksumtype type,
 	size_t *size));
 
+void
+krb5_clear_error_string __P((krb5_context context));
+
 krb5_error_code
 krb5_closelog __P((
 	krb5_context context,
@@ -634,16 +639,10 @@ krb5_config_get_time_default __P((
 
 krb5_error_code
 krb5_config_parse_file __P((
+	krb5_context context,
 	const char *fname,
 	krb5_config_section **res));
 
-krb5_error_code
-krb5_config_parse_file_debug __P((
-	const char *fname,
-	krb5_config_section **res,
-	unsigned *lineno,
-	char **error_message));
-
 const void *
 krb5_config_vget __P((
 	krb5_context context,
@@ -787,7 +786,8 @@ krb5_error_code
 krb5_create_checksum __P((
 	krb5_context context,
 	krb5_crypto crypto,
-	unsigned usage_or_type,
+	krb5_key_usage usage,
+	int type,
 	void *data,
 	size_t len,
 	Checksum *result));
@@ -800,7 +800,7 @@ krb5_crypto_destroy __P((
 krb5_error_code
 krb5_crypto_init __P((
 	krb5_context context,
-	krb5_keyblock *key,
+	const krb5_keyblock *key,
 	krb5_enctype etype,
 	krb5_crypto *crypto));
 
@@ -924,7 +924,17 @@ krb5_decrypt_ticket __P((
 	krb5_flags flags));
 
 krb5_error_code
+krb5_derive_key __P((
+	krb5_context context,
+	const krb5_keyblock *key,
+	krb5_enctype etype,
+	const void *constant,
+	size_t constant_len,
+	krb5_keyblock **derived_key));
+
+krb5_error_code
 krb5_domain_x500_decode __P((
+	krb5_context context,
 	krb5_data tr,
 	char ***realms,
 	int *num_realms,
@@ -938,7 +948,9 @@ krb5_domain_x500_encode __P((
 	krb5_data *encoding));
 
 krb5_error_code
-krb5_eai_to_heim_errno __P((int eai_errno));
+krb5_eai_to_heim_errno __P((
+	int eai_errno,
+	int system_error));
 
 krb5_error_code
 krb5_encode_Authenticator __P((
@@ -1058,6 +1070,12 @@ krb5_err __P((
     __attribute__ ((noreturn, format (printf, 4, 5)));
 
 krb5_error_code
+krb5_error_from_rd_error __P((
+	krb5_context context,
+	const krb5_error *error,
+	const krb5_creds *creds));
+
+krb5_error_code
 krb5_errx __P((
 	krb5_context context,
 	int eval,
@@ -1146,6 +1164,11 @@ krb5_free_error_contents __P((
 	krb5_context context,
 	krb5_error *error));
 
+void
+krb5_free_error_string __P((
+	krb5_context context,
+	char *str));
+
 krb5_error_code
 krb5_free_host_realm __P((
 	krb5_context context,
@@ -1239,6 +1262,15 @@ krb5_get_cred_from_kdc __P((
 	krb5_creds ***ret_tgts));
 
 krb5_error_code
+krb5_get_cred_from_kdc_opt __P((
+	krb5_context context,
+	krb5_ccache ccache,
+	krb5_creds *in_creds,
+	krb5_creds **out_creds,
+	krb5_creds ***ret_tgts,
+	krb5_flags flags));
+
+krb5_error_code
 krb5_get_credentials __P((
 	krb5_context context,
 	krb5_flags options,
@@ -1280,6 +1312,9 @@ krb5_get_err_text __P((
 	krb5_context context,
 	krb5_error_code code));
 
+char*
+krb5_get_error_string __P((krb5_context context));
+
 krb5_error_code
 krb5_get_extra_addresses __P((
 	krb5_context context,
@@ -1310,6 +1345,7 @@ krb5_error_code
 krb5_get_host_realm_int __P((
 	krb5_context context,
 	const char *host,
+	krb5_boolean use_dns,
 	krb5_realm **realms));
 
 krb5_error_code
@@ -1515,12 +1551,14 @@ krb5_getportbyname __P((
 
 krb5_error_code
 krb5_h_addr2addr __P((
+	krb5_context context,
 	int af,
 	const char *haddr,
 	krb5_address *addr));
 
 krb5_error_code
 krb5_h_addr2sockaddr __P((
+	krb5_context context,
 	int af,
 	const char *addr,
 	struct sockaddr *sa,
@@ -1528,6 +1566,12 @@ krb5_h_addr2sockaddr __P((
 	int port));
 
 krb5_error_code
+krb5_h_errno_to_heim_errno __P((int eai_errno));
+
+krb5_boolean
+krb5_have_error_string __P((krb5_context context));
+
+krb5_error_code
 krb5_init_context __P((krb5_context *context));
 
 void
@@ -1613,6 +1657,12 @@ krb5_kt_default __P((
 	krb5_keytab *id));
 
 krb5_error_code
+krb5_kt_default_modify_name __P((
+	krb5_context context,
+	char *name,
+	size_t namesize));
+
+krb5_error_code
 krb5_kt_default_name __P((
 	krb5_context context,
 	char *name,
@@ -1711,6 +1761,7 @@ krb5_log_msg __P((
 
 krb5_error_code
 krb5_make_addrport __P((
+	krb5_context context,
 	krb5_address **res,
 	const krb5_address *addr,
 	int16_t port));
@@ -1733,7 +1784,8 @@ krb5_mk_error __P((
 	const krb5_data *e_data,
 	const krb5_principal client,
 	const krb5_principal server,
-	time_t ctime,
+	time_t *ctime,
+	int *cusec,
 	krb5_data *reply));
 
 krb5_error_code
@@ -1893,6 +1945,7 @@ int
 krb5_prompter_posix __P((
 	krb5_context context,
 	void *data,
+	const char *name,
 	const char *banner,
 	int num_prompts,
 	krb5_prompt prompts[]));
@@ -2209,6 +2262,13 @@ krb5_set_default_realm __P((
 	char *realm));
 
 krb5_error_code
+krb5_set_error_string __P((
+	krb5_context context,
+	const char *fmt,
+	...))
+    __attribute__((format (printf, 2, 3)));
+
+krb5_error_code
 krb5_set_extra_addresses __P((
 	krb5_context context,
 	const krb5_addresses *addresses));
@@ -2246,11 +2306,13 @@ krb5_sock_to_principal __P((
 
 krb5_error_code
 krb5_sockaddr2address __P((
+	krb5_context context,
 	const struct sockaddr *sa,
 	krb5_address *addr));
 
 krb5_error_code
 krb5_sockaddr2port __P((
+	krb5_context context,
 	const struct sockaddr *sa,
 	int16_t *port));
 
@@ -2285,12 +2347,22 @@ krb5_storage_from_mem __P((
 	void *buf,
 	size_t len));
 
+krb5_flags
+krb5_storage_get_byteorder __P((
+	krb5_storage *sp,
+	krb5_flags byteorder));
+
 krb5_boolean
 krb5_storage_is_flags __P((
 	krb5_storage *sp,
 	krb5_flags flags));
 
 void
+krb5_storage_set_byteorder __P((
+	krb5_storage *sp,
+	krb5_flags byteorder));
+
+void
 krb5_storage_set_flags __P((
 	krb5_storage *sp,
 	krb5_flags flags));
@@ -2366,6 +2438,11 @@ krb5_store_times __P((
 	krb5_times times));
 
 krb5_error_code
+krb5_string_to_deltat __P((
+	const char *string,
+	krb5_deltat *deltat));
+
+krb5_error_code
 krb5_string_to_enctype __P((
 	krb5_context context,
 	const char *string,
@@ -2532,6 +2609,34 @@ krb5_verify_init_creds_opt_set_ap_req_nofail __P((
 	krb5_verify_init_creds_opt *options,
 	int ap_req_nofail));
 
+void
+krb5_verify_opt_init __P((krb5_verify_opt *opt));
+
+void
+krb5_verify_opt_set_ccache __P((
+	krb5_verify_opt *opt,
+	krb5_ccache ccache));
+
+void
+krb5_verify_opt_set_flags __P((
+	krb5_verify_opt *opt,
+	unsigned int flags));
+
+void
+krb5_verify_opt_set_keytab __P((
+	krb5_verify_opt *opt,
+	krb5_keytab keytab));
+
+void
+krb5_verify_opt_set_secure __P((
+	krb5_verify_opt *opt,
+	krb5_boolean secure));
+
+void
+krb5_verify_opt_set_service __P((
+	krb5_verify_opt *opt,
+	const char *service));
+
 krb5_error_code
 krb5_verify_user __P((
 	krb5_context context,
@@ -2551,6 +2656,13 @@ krb5_verify_user_lrealm __P((
 	const char *service));
 
 krb5_error_code
+krb5_verify_user_opt __P((
+	krb5_context context,
+	krb5_principal principal,
+	const char *password,
+	krb5_verify_opt *opt));
+
+krb5_error_code
 krb5_verr __P((
 	krb5_context context,
 	int eval,
@@ -2587,6 +2699,13 @@ krb5_vlog_msg __P((
     __attribute__((format (printf, 5, 0)));
 
 krb5_error_code
+krb5_vset_error_string __P((
+	krb5_context context,
+	const char *fmt,
+	va_list args))
+    __attribute__ ((format (printf, 2, 0)));
+
+krb5_error_code
 krb5_vwarn __P((
 	krb5_context context,
 	krb5_error_code code,
diff --git a/crypto/heimdal/lib/krb5/krb5.conf.5 b/crypto/heimdal/lib/krb5/krb5.conf.5
index 6ff4aef..ca2d1e59 100644
--- a/crypto/heimdal/lib/krb5/krb5.conf.5
+++ b/crypto/heimdal/lib/krb5/krb5.conf.5
@@ -1,4 +1,4 @@
-.\" $Id: krb5.conf.5,v 1.12 2001/01/19 04:53:24 assar Exp $
+.\" $Id: krb5.conf.5,v 1.17 2001/05/31 13:58:34 assar Exp $
 .\"
 .Dd April 11, 1999
 .Dt KRB5.CONF 5
@@ -46,6 +46,35 @@ name:
 consists of one or more non-white space characters.
 Currently recognised sections and bindings are:
 .Bl -tag -width "xxx" -offset indent
+.It Li [appdefaults]
+Specifies the default values to be used for Kerberos applications.
+You can specify defaults per application, realm, or a combination of
+these.  The preference order is:
+.Bl -enum -compact
+.It
+.Va application Va realm Va option
+.It
+.Va application Va option
+.It
+.Va realm Va option
+.It
+.Va option
+.El
+.Pp
+The supported options are:
+.Bl -tag -width "xxx" -offset indent
+.It Li forwardable = Va boolean
+When obtaining initial credentials, make the credentials forwardable.
+.It Li proxiable = Va boolean
+When obtaining initial credentials, make the credentials proxiable.
+.It Li no-addresses = Va boolean
+When obtaining initial credentials, request them for an empty set of
+addresses, making the tickets valid from any address.
+.It Li ticket_life = Va time
+Default ticket lifetime.
+.It Li renew_lifetime = Va time
+Default renewable ticket lifetime.
+.El
 .It Li [libdefaults]
 .Bl -tag -width "xxx" -offset indent
 .It Li default_realm = Va REALM
@@ -97,6 +126,12 @@ The max number of times to try to contact each KDC.
 Default ticket lifetime.
 .It Li renew_lifetime = Va time
 Default renewable ticket lifetime.
+.It Li forwardable = Va boolean
+When obtaining initial credentials, make the credentials forwardable.
+This option is also valid in the [realms] section.
+.It Li proxiable = Va boolean
+When obtaining initial credentials, make the credentials proxiable.
+This option is also valid in the [realms] section.
 .It Li verify_ap_req_nofail = Va boolean
 Enable to make a failure to verify obtained credentials
 non-fatal. This can be useful if there is no keytab on a host.
@@ -111,8 +146,25 @@ A list of addresses to get tickets for along with all local addresses.
 .It Li time_format = Va string
 How to print time strings in logs, this string is passed to
 .Xr strftime 3 .
+.It Li date_format = Va string
+How to print date strings in logs, this string is passed to
+.Xr strftime 3 .
 .It Li log_utc = Va boolean
 Write log-entries using UTC instead of your local time zone.
+.It Li srv_lookup = Va boolean
+Use DNS SRV records to lookup realm configuration information.
+.It Li srv_try_txt = Va boolean
+If a SRV lookup fails, try looking up the same info in a DNS TXT record.
+.It Li scan_interfaces = Va boolean
+Scan all network interfaces for addresses, as opposed to simply using
+the address associated with the system's host name.
+.It Li fcache_version = Va int
+Use file credential cache format version specified.
+.It Li krb4_get_tickets = Va boolean
+Also get Kerberos 4 tickets in
+.Nm kinit
+and other programs.
+This option is also valid in the [realms] section.
 .El
 .It Li [domain_realm]
 This is a list of mappings from DNS domain to Kerberos realm. Each
@@ -255,8 +307,8 @@ and is only left for backwards compatability.
 points to the configuration file to read.
 .Sh EXAMPLE
 .Bd -literal -offset indent
-[lib_defaults]
-	default_domain = FOO.SE
+[libdefaults]
+	default_realm = FOO.SE
 [domain_realm]
 	.foo.se = FOO.SE
 	.bar.se = FOO.SE
@@ -294,4 +346,5 @@ actually used and thus cannot warn about unknown or misspelt ones.
 .Xr krb5_openlog 3 ,
 .Xr krb5_425_conv_principal 3 ,
 .Xr strftime 3 ,
+.Xr kinit 1 ,
 .Xr Source tm
diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h
index 65a8a16..32be069 100644
--- a/crypto/heimdal/lib/krb5/krb5.h
+++ b/crypto/heimdal/lib/krb5/krb5.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: krb5.h,v 1.179 2000/12/15 17:11:12 joda Exp $ */
+/* $Id: krb5.h,v 1.190 2001/05/16 22:23:56 assar Exp $ */
 
 #ifndef __KRB5_H__
 #define __KRB5_H__
@@ -43,7 +43,7 @@
 #include <krb5_err.h>
 #include <heim_err.h>
 
-#include <asn1.h>
+#include <krb5_asn1.h>
 
 /* simple constants */
 
@@ -70,26 +70,31 @@ typedef struct krb5_crypto_data *krb5_crypto;
 
 typedef CKSUMTYPE krb5_cksumtype;
 
-typedef enum krb5_enctype { 
-  ETYPE_NULL			= 0,
-  ETYPE_DES_CBC_CRC		= 1,
-  ETYPE_DES_CBC_MD4		= 2,
-  ETYPE_DES_CBC_MD5		= 3,
-  ETYPE_DES3_CBC_MD5		= 5,
-  ETYPE_OLD_DES3_CBC_SHA1	= 7,
-  ETYPE_SIGN_DSA_GENERATE	= 8,
-  ETYPE_ENCRYPT_RSA_PRIV	= 9,
-  ETYPE_ENCRYPT_RSA_PUB		= 10,
-  ETYPE_DES3_CBC_SHA1		= 16, /* with key derivation */
-  ETYPE_ARCFOUR_HMAC_MD5	= 23,
-  ETYPE_ARCFOUR_HMAC_MD5_56	= 24,
-  ETYPE_ENCTYPE_PK_CROSS	= 48,
-  ETYPE_DES_CBC_NONE		= -0x1000,
-  ETYPE_DES3_CBC_NONE		= -0x1001,
-  ETYPE_DES_CFB64_NONE		= -0x1002,
-  ETYPE_DES_PCBC_NONE		= -0x1003,
-  ETYPE_DES3_CBC_NONE_IVEC	= -0x1004
-} krb5_enctype;
+typedef Checksum krb5_checksum;
+
+typedef ENCTYPE krb5_enctype;
+
+/* alternative names */
+enum {
+    ENCTYPE_NULL		= ETYPE_NULL,
+    ENCTYPE_DES_CBC_CRC		= ETYPE_DES_CBC_CRC,
+    ENCTYPE_DES_CBC_MD4		= ETYPE_DES_CBC_MD4,
+    ENCTYPE_DES_CBC_MD5		= ETYPE_DES_CBC_MD5,
+    ENCTYPE_DES3_CBC_MD5	= ETYPE_DES3_CBC_MD5,
+    ENCTYPE_OLD_DES3_CBC_SHA1	= ETYPE_OLD_DES3_CBC_SHA1,
+    ENCTYPE_SIGN_DSA_GENERATE	= ETYPE_SIGN_DSA_GENERATE,
+    ENCTYPE_ENCRYPT_RSA_PRIV	= ETYPE_ENCRYPT_RSA_PRIV,
+    ENCTYPE_ENCRYPT_RSA_PUB	= ETYPE_ENCRYPT_RSA_PUB,
+    ENCTYPE_DES3_CBC_SHA1	= ETYPE_DES3_CBC_SHA1,
+    ENCTYPE_ARCFOUR_HMAC_MD5	= ETYPE_ARCFOUR_HMAC_MD5,
+    ENCTYPE_ARCFOUR_HMAC_MD5_56	= ETYPE_ARCFOUR_HMAC_MD5_56,
+    ENCTYPE_ENCTYPE_PK_CROSS	= ETYPE_ENCTYPE_PK_CROSS,
+    ENCTYPE_DES_CBC_NONE	= ETYPE_DES_CBC_NONE,
+    ENCTYPE_DES3_CBC_NONE	= ETYPE_DES3_CBC_NONE,
+    ENCTYPE_DES_CFB64_NONE	= ETYPE_DES_CFB64_NONE,
+    ENCTYPE_DES_PCBC_NONE	= ETYPE_DES_PCBC_NONE,
+    ENCTYPE_DES3_CBC_NONE_IVEC	= ETYPE_DES3_CBC_NONE_IVEC
+};
 
 typedef PADATA_TYPE krb5_preauthtype;
 
@@ -164,6 +169,8 @@ typedef enum krb5_key_usage {
     /* SEQ in GSSAPI krb5 mechanism */
 } krb5_key_usage;
 
+typedef krb5_key_usage krb5_keyusage;
+
 typedef enum krb5_salttype {
     KRB5_PW_SALT = KRB5_PADATA_PW_SALT,
     KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT
@@ -364,6 +371,7 @@ typedef struct krb5_context_data {
     const char *time_fmt;
     krb5_boolean log_utc;
     const char *default_keytab;
+    const char *default_keytab_modify;
     krb5_boolean use_admin_kdc;
     krb5_addresses *extra_addresses;
     krb5_boolean scan_interfaces;	/* `ifconfig -a' */
@@ -375,6 +383,8 @@ typedef struct krb5_context_data {
     int num_kt_types;			/* # of registered keytab types */
     struct krb5_keytab_data *kt_types;  /* registered keytab types */
     const char *date_fmt;
+    char *error_string;
+    char error_buf[256];
 } krb5_context_data;
 
 typedef struct krb5_ticket {
@@ -391,10 +401,14 @@ struct krb5_rcache_data;
 typedef struct krb5_rcache_data *krb5_rcache;
 typedef Authenticator krb5_donot_replay;
 
-#define KRB5_STORAGE_HOST_BYTEORDER			0x01
+#define KRB5_STORAGE_HOST_BYTEORDER			0x01 /* old */
 #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS	0x02
 #define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE		0x04
 #define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE		0x08
+#define KRB5_STORAGE_BYTEORDER_MASK			0x60
+#define KRB5_STORAGE_BYTEORDER_BE			0x00 /* default */
+#define KRB5_STORAGE_BYTEORDER_LE			0x20
+#define KRB5_STORAGE_BYTEORDER_HOST			0x40
 
 typedef struct krb5_storage {
     void *data;
@@ -527,14 +541,23 @@ typedef EncAPRepPart krb5_ap_rep_enc_part;
 extern const char krb5_config_file[];
 extern const char krb5_defkeyname[];
 
+typedef enum {
+    KRB5_PROMPT_TYPE_PASSWORD		= 0x1,
+    KRB5_PROMPT_TYPE_NEW_PASSWORD	= 0x2,
+    KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN = 0x3,
+    KRB5_PROMPT_TYPE_PREAUTH		= 0x4
+} krb5_prompt_type;
+
 typedef struct _krb5_prompt {
     char *prompt;
     int hidden;
     krb5_data *reply;
+    krb5_prompt_type type;
 } krb5_prompt;
 
 typedef int (*krb5_prompter_fct)(krb5_context context,
 				 void *data,
+				 const char *name,
 				 const char *banner,
 				 int num_prompts,
 				 krb5_prompt prompts[]);
@@ -588,6 +611,16 @@ typedef struct _krb5_verify_init_creds_opt {
 
 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL	0x0001
 
+typedef struct krb5_verify_opt {
+    unsigned int flags;
+    krb5_ccache ccache;
+    krb5_keytab keytab;
+    krb5_boolean secure;
+    const char *service;
+} krb5_verify_opt;
+
+#define KRB5_VERIFY_LREALMS 1
+
 extern const krb5_cc_ops krb5_fcc_ops;
 extern const krb5_cc_ops krb5_mcc_ops;
 
@@ -595,6 +628,8 @@ extern const krb5_kt_ops krb5_fkt_ops;
 extern const krb5_kt_ops krb5_mkt_ops;
 extern const krb5_kt_ops krb5_akf_ops;
 extern const krb5_kt_ops krb4_fkt_ops;
+extern const krb5_kt_ops krb5_srvtab_fkt_ops;
+extern const krb5_kt_ops krb5_any_ops;
 
 #define KRB5_KPASSWD_SUCCESS	0
 #define KRB5_KPASSWD_MALFORMED	0
diff --git a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
index 3a3bb85..edd2f47 100644
--- a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_425_conv_principal.3,v 1.4 2001/01/26 22:43:21 assar Exp $
+.\" $Id: krb5_425_conv_principal.3,v 1.5 2001/05/02 08:59:23 assar Exp $
 .Dd April 11, 1999
 .Dt KRB5_425_CONV_PRINCIPAL 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3
index 7c45925..975cc27 100644
--- a/crypto/heimdal/lib/krb5/krb5_appdefault.3
+++ b/crypto/heimdal/lib/krb5/krb5_appdefault.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 2000 Kungliga Tekniska Högskolan
-.\" $Id: krb5_appdefault.3,v 1.3 2001/01/05 16:29:42 joda Exp $
+.\" $Id: krb5_appdefault.3,v 1.4 2001/05/02 08:59:23 assar Exp $
 .Dd July 25, 2000
 .Dt KRB5_APPDEFAULT 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3
index d383c0a..92e25b0 100644
--- a/crypto/heimdal/lib/krb5/krb5_auth_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_auth_context.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_auth_context.3,v 1.1 2001/01/28 19:47:33 assar Exp $
+.\" $Id: krb5_auth_context.3,v 1.2 2001/05/02 08:59:23 assar Exp $
 .Dd Jan 21, 2001
 .Dt KRB5_AUTH_CONTEXT 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_build_principal.3 b/crypto/heimdal/lib/krb5/krb5_build_principal.3
index af01cd8..80ac5e1 100644
--- a/crypto/heimdal/lib/krb5/krb5_build_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_build_principal.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_build_principal.3,v 1.2 2001/01/26 22:43:21 assar Exp $
+.\" $Id: krb5_build_principal.3,v 1.3 2001/05/02 08:59:23 assar Exp $
 .Dd August 8, 1997
 .Dt KRB5_BUILD_PRINCIPAL 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_config.3 b/crypto/heimdal/lib/krb5/krb5_config.3
index 3f2de83..f847436 100644
--- a/crypto/heimdal/lib/krb5/krb5_config.3
+++ b/crypto/heimdal/lib/krb5/krb5_config.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 2000 Kungliga Tekniska Högskolan
-.\" $Id: krb5_config.3,v 1.1 2000/07/25 10:22:46 joda Exp $
+.\" $Id: krb5_config.3,v 1.2 2001/05/02 08:59:23 assar Exp $
 .Dd July 25, 2000
 .Dt KRB5_CONFIG 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_free_principal.3 b/crypto/heimdal/lib/krb5/krb5_free_principal.3
index 023853b..110c802 100644
--- a/crypto/heimdal/lib/krb5/krb5_free_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_free_principal.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_free_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $
+.\" $Id: krb5_free_principal.3,v 1.3 2001/05/02 08:59:23 assar Exp $
 .Dd August 8, 1997
 .Dt KRB5_FREE_PRINCIPAL 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3
index 7e27ec2..54690de 100644
--- a/crypto/heimdal/lib/krb5/krb5_init_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_init_context.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_init_context.3,v 1.1 2001/01/28 21:39:29 assar Exp $
+.\" $Id: krb5_init_context.3,v 1.2 2001/05/23 16:24:02 assar Exp $
 .Dd Jan 21, 2001
 .Dt KRB5_CONTEXT 3
 .Os HEIMDAL
@@ -11,7 +11,7 @@
 .Ft krb5_error_code
 .Fn krb5_init_context "krb5_context *context"
 .Ft void
-.Fn krb5_free_context "krb5_context *context"
+.Fn krb5_free_context "krb5_context context"
 .Sh DESCRIPTION
 The
 .Fn krb5_init_context
diff --git a/crypto/heimdal/lib/krb5/krb5_keytab.3 b/crypto/heimdal/lib/krb5/krb5_keytab.3
new file mode 100644
index 0000000..6dc524e
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_keytab.3
@@ -0,0 +1,358 @@
+.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
+.\" $Id: krb5_keytab.3,v 1.1 2001/02/05 18:17:46 assar Exp $
+.Dd Feb 5, 2001
+.Dt KRB5_KEYTAB 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_kt_ops,
+.Nm krb5_keytab_entry ,
+.Nm krb5_kt_cursor ,
+.Nm krb5_kt_add_entry ,
+.Nm krb5_kt_close ,
+.Nm krb5_kt_compare ,
+.Nm krb5_kt_copy_entry_contents ,
+.Nm krb5_kt_default ,
+.Nm krb5_kt_default_name ,
+.Nm krb5_kt_end_seq_get ,
+.Nm krb5_kt_free_entry ,
+.Nm krb5_kt_get_entry ,
+.Nm krb5_kt_get_name ,
+.Nm krb5_kt_next_entry ,
+.Nm krb5_kt_read_service_key ,
+.Nm krb5_kt_register ,
+.Nm krb5_kt_remove_entry ,
+.Nm krb5_kt_resolve ,
+.Nm krb5_kt_start_seq_get
+.Nd manage keytab (key storage) files
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+.Pp
+.Ft krb5_error_code
+.Fo krb5_kt_add_entry
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_keytab_entry *entry"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_close
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fc
+.Ft krb5_boolean
+.Fo krb5_kt_compare
+.Fa "krb5_context context"
+.Fa "krb5_keytab_entry *entry"
+.Fa "krb5_const_principal principal"
+.Fa "krb5_kvno vno"
+.Fa "krb5_enctype enctype"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_copy_entry_contents
+.Fa "krb5_context context"
+.Fa "const krb5_keytab_entry *in"
+.Fa "krb5_keytab_entry *out"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_default
+.Fa "krb5_context context"
+.Fa "krb5_keytab *id"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_default_name
+.Fa "krb5_context context"
+.Fa "char *name"
+.Fa "size_t namesize"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_end_seq_get
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_kt_cursor *cursor"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_free_entry
+.Fa "krb5_context context"
+.Fa "krb5_keytab_entry *entry"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_get_entry
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_const_principal principal"
+.Fa "krb5_kvno kvno"
+.Fa "krb5_enctype enctype"
+.Fa "krb5_keytab_entry *entry"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_get_name
+.Fa "krb5_context context"
+.Fa "krb5_keytab keytab"
+.Fa "char *name"
+.Fa "size_t namesize"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_next_entry
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_keytab_entry *entry"
+.Fa "krb5_kt_cursor *cursor"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_read_service_key
+.Fa "krb5_context context"
+.Fa "krb5_pointer keyprocarg"
+.Fa "krb5_principal principal"
+.Fa "krb5_kvno vno"
+.Fa "krb5_enctype enctype"
+.Fa "krb5_keyblock **key"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_register
+.Fa "krb5_context context"
+.Fa "const krb5_kt_ops *ops"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_remove_entry
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_keytab_entry *entry"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_resolve
+.Fa "krb5_context context"
+.Fa "const char *name"
+.Fa "krb5_keytab *id"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_kt_start_seq_get
+.Fa "krb5_context context"
+.Fa "krb5_keytab id"
+.Fa "krb5_kt_cursor *cursor"
+.Fc
+.Sh DESCRIPTION
+A keytab name is on the form
+.Li type:residual .
+The
+.Li residual
+part is specific to each keytab-type.
+.Pp
+When a keytab-name is resolved, the type is matched with an interal
+list of keytab types. If there is no matching keytab type,
+the default keytab is used. The current default type is
+.Nm file .
+The default value can be changed in the configuration file
+.Pa /etc/krb5.conf
+by setting the variable 
+.Li [defaults]default_keytab_name .
+.Pp
+The keytab types that are implemented in Heimdal
+are:
+.Bl -tag -width Ds
+.It Nm file
+store the keytab in a file, the type's name is
+.Li KEYFILE .
+The residual part is a filename.
+.It Nm keyfile
+store the keytab in a
+.Li AFS 
+keyfile (usually
+.Pa /usr/afs/etc/KeyFile ) ,
+the type's name is
+.Li AFSKEYFILE .
+The residual part is a filename.
+.It Nm krb4
+the keytab is a Kerberos 4
+.Pa srvtab
+that is on-the-fly converted to a keytab. The type's name is
+.Li krb4 .
+The residual part is a filename.
+.It Nm memory
+The keytab is stored in a memory segment. This allows sensitive and/or
+temporary data not to be stored on disk. The type's name is
+.Li MEMORY .
+There are no residual part, the only pointer back to the keytab is the
+.Fa id
+returned by
+.Fn krb5_kt_resolve .
+.El
+.Pp
+.Nm krb5_keytab_entry
+holds all data for an entry in a keytab file, like principal name,
+key-type, key, key-version number, etc.
+.Nm krb5_kt_cursor
+holds the current position that is used when iterating through a
+keytab entry with
+.Fn krb5_kt_start_seq_get , 
+.Fn krb5_kt_next_entry ,
+and
+.Fn krb5_kt_end_seq_get .
+.Pp
+.Nm krb5_kt_ops
+contains the different operations that can be done to a keytab. This
+structure is normally only used when doing a new keytab-type
+implementation.
+.Pp
+.Fn krb5_kt_resolve
+is the equvalent of an
+.Xr open 2
+on keytab. Resolve the keytab name in 
+.Fa name
+into a keytab in 
+.Fa id .
+Returns 0 or an error. The opposite of
+.Fn krb5_kt_resolve 
+is 
+.Fn krb5_kt_close .
+.Fn krb5_kt_close
+frees all resources allocated to the keytab.
+.Pp
+.Fn krb5_kt_default
+sets the argument 
+.Fa id
+to the default keytab.
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_default_name
+copy the name of the default keytab into
+.Fa name .
+Return 0 or KRB5_CONFIG_NOTENUFSPACE if 
+.Fa namesize
+is too short.
+.Pp
+.Fn krb5_kt_add_entry
+Add a new
+.Fa entry
+to the keytab 
+.Fa id .
+.Li KRB5_KT_NOWRITE
+is returned if the keytab is a readonly keytab.
+.Pp
+.Fn krb5_kt_compare
+compares the passed in 
+.Fa entry
+against
+.Fa principal ,
+.Fa vno ,
+and
+.Fa enctype .
+Any of 
+.Fa principal ,
+.Fa vno
+or
+.Fa enctype
+might be 0 which acts as a wildcard. Return TRUE if they compare the
+same, FALSE otherwise.
+.Pp
+.Fn krb5_kt_copy_entry_contents
+copies the contents of 
+.Fa in
+into 
+.Fa out .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_get_name
+retrieves the name of the keytab 
+.Fa keytab
+into 
+.Fa name ,
+.Fa namesize .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_free_entry
+frees the contents of 
+.Fa entry .
+.Pp
+.Fn krb5_kt_start_seq_get
+sets
+.Fa cursor
+to point at the beginning of 
+.Fa id.
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_next_entry
+gets the next entry from 
+.Fa id
+pointed to by 
+.Fa cursor
+and advance the
+.Fa cursor .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_end_seq_get
+releases all resources associated with 
+.Fa cursor .
+.Pp
+.Fn krb5_kt_get_entry
+retrieves the keytab entry for 
+.Fa principal,
+.Fa kvno, 
+.Fa enctype
+into 
+.Fa entry
+from the keytab 
+.Fa id .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_read_service_key
+reads the key identified by
+.Ns ( Fa principal ,
+.Fa vno ,
+.Fa enctype )
+from the keytab in 
+.Fa keyprocarg
+(the default if == NULL) into 
+.Fa *key .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_remove_entry
+removes the entry 
+.Fa entry
+from the keytab 
+.Fa id .
+Returns 0 or an error.
+.Pp
+.Fn krb5_kt_register
+registers a new keytab type
+.Fa ops .
+Returns 0 or an error.
+.Sh EXAMPLE
+This is a minimalistic version of
+.Nm ktutil .
+.Pp
+.Bd -literal
+int
+main (int argc, char **argv)
+{
+    krb5_context context;
+    krb5_keytab keytab;
+    krb5_kt_cursor cursor;
+    krb5_keytab_entry entry;
+    krb5_error_code ret;
+    char *principal;
+
+    if (krb5_init_context (&context) != 0)
+	errx(1, "krb5_context");
+    
+    ret = krb5_kt_default (context, &keytab);
+    if (ret)
+	krb5_err(context, 1, ret, "krb5_kt_default");
+
+    ret = krb5_kt_start_seq_get(context, keytab, &cursor);
+    if (ret)
+	krb5_err(context, 1, ret, "krb5_kt_start_seq_get");	
+    while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){
+	krb5_unparse_name_short(context, entry.principal, &principal);
+	printf("principal: %s\\n", principal);
+	free(principal);
+	krb5_kt_free_entry(context, &entry);
+    }
+    ret = krb5_kt_end_seq_get(context, keytab, &cursor);
+    if (ret)
+	krb5_err(context, 1, ret, "krb5_kt_end_seq_get");	
+    krb5_free_context(context);
+    return 0;
+}
+.Ed
+.Sh SEE ALSO
+.Xr kerberos 8 ,
+.Xr krb5.conf 5
diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3
index 05ba77b..c4f5acd 100644
--- a/crypto/heimdal/lib/krb5/krb5_parse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_parse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $
+.\" $Id: krb5_parse_name.3,v 1.3 2001/05/02 08:59:23 assar Exp $
 .Dd August 8, 1997
 .Dt KRB5_PARSE_NAME 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
index 5f7f096..1dee7de 100644
--- a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_sname_to_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $
+.\" $Id: krb5_sname_to_principal.3,v 1.3 2001/05/02 08:59:23 assar Exp $
 .Dd August 8, 1997
 .Dt KRB5_PRINCIPAL 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
index a335eb2..08409ae 100644
--- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
@@ -1,5 +1,5 @@
 .\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_unparse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $
+.\" $Id: krb5_unparse_name.3,v 1.3 2001/05/02 08:59:23 assar Exp $
 .Dd August 8, 1997
 .Dt KRB5_UNPARSE_NAME 3
 .Os HEIMDAL
diff --git a/crypto/heimdal/lib/krb5/krbhst.c b/crypto/heimdal/lib/krb5/krbhst.c
index b257e8b..86d67f6 100644
--- a/crypto/heimdal/lib/krb5/krbhst.c
+++ b/crypto/heimdal/lib/krb5/krbhst.c
@@ -34,24 +34,28 @@
 #include "krb5_locl.h"
 #include <resolve.h>
 
-RCSID("$Id: krbhst.c,v 1.25 2001/01/19 04:30:54 assar Exp $");
+RCSID("$Id: krbhst.c,v 1.26 2001/05/14 06:14:49 assar Exp $");
 
 /*
  * assuming that `*res' contains `*count' strings, add a copy of `string'.
  */
 
 static int
-add_string(char ***res, int *count, const char *string)
+add_string(krb5_context context, char ***res, int *count, const char *string)
 {
     char **tmp = realloc(*res, (*count + 1) * sizeof(**res));
 
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *res = tmp;
     if(string) {
 	tmp[*count] = strdup(string);
-	if(tmp[*count] == NULL)
+	if(tmp[*count] == NULL) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
+	}
     } else
 	tmp[*count] = NULL;
     (*count)++;
@@ -94,19 +98,21 @@ srv_find_realm(krb5_context context, char ***res, int *count,
 	    char **tmp;
 
 	    tmp = realloc(*res, (*count + 1) * sizeof(**res));
-	    if (tmp == NULL)
+	    if (tmp == NULL) {
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
+	    }
 	    *res = tmp;
 	    snprintf (buf, sizeof(buf),
 		      "%s/%s:%u",
 		      proto,
 		      rr->u.srv->target,
 		      rr->u.srv->port);
-	    ret = add_string(res, count, buf);
+	    ret = add_string(context, res, count, buf);
 	    if(ret)
 		return ret;
 	}else if(rr->type == T_TXT) {
-	    ret = add_string(res, count, rr->u.txt);
+	    ret = add_string(context, res, count, rr->u.txt);
 	    if(ret)
 		return ret;
 	}
@@ -151,13 +157,13 @@ get_krbhst (krb5_context context,
     if(count == 0) {
 	char buf[1024];
 	snprintf(buf, sizeof(buf), "kerberos.%s", *realm);
-	ret = add_string(&res, &count, buf);
+	ret = add_string(context, &res, &count, buf);
 	if(ret) {
 	    krb5_config_free_strings(res);
 	    return ret;
 	}
     }
-    add_string(&res, &count, NULL);
+    add_string(context, &res, &count, NULL);
     *hostlist = res;
     return 0;
 }
diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c
index 37bff1d..1a6d6b2 100644
--- a/crypto/heimdal/lib/krb5/log.c
+++ b/crypto/heimdal/lib/krb5/log.c
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: log.c,v 1.25 2000/09/17 21:46:07 assar Exp $");
+RCSID("$Id: log.c,v 1.26 2001/05/14 06:14:49 assar Exp $");
 
 struct facility {
     int min;
@@ -120,11 +120,14 @@ krb5_initlog(krb5_context context,
 	     krb5_log_facility **fac)
 {
     krb5_log_facility *f = calloc(1, sizeof(*f));
-    if(f == NULL)
+    if(f == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     f->program = strdup(program);
     if(f->program == NULL){
 	free(f);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     *fac = f;
@@ -141,8 +144,10 @@ krb5_addlog_func(krb5_context context,
 		 void *data)
 {
     struct facility *fp = log_realloc(fac);
-    if(fp == NULL)
+    if(fp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     fp->min = min;
     fp->max = max;
     fp->log = log;
@@ -181,8 +186,10 @@ open_syslog(krb5_context context,
     struct syslog_data *sd = malloc(sizeof(*sd));
     int i;
 
-    if(sd == NULL)
+    if(sd == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     i = find_value(sev, syslogvals);
     if(i == -1)
 	i = LOG_ERR;
@@ -232,8 +239,10 @@ open_file(krb5_context context, krb5_log_facility *fac, int min, int max,
 	  char *filename, char *mode, FILE *f, int keep_open)
 {
     struct file_data *fd = malloc(sizeof(*fd));
-    if(fd == NULL)
+    if(fd == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     fd->filename = filename;
     fd->mode = mode;
     fd->fd = f;
@@ -245,11 +254,13 @@ open_file(krb5_context context, krb5_log_facility *fac, int min, int max,
 
 
 krb5_error_code
-krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *p)
+krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig)
 {
     krb5_error_code ret = 0;
     int min = 0, max = -1, n;
     char c;
+    const char *p = orig;
+
     n = sscanf(p, "%d%c%d/", &min, &c, &max);
     if(n == 2){
 	if(c == '/') {
@@ -263,7 +274,10 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *p)
     }
     if(n){
 	p = strchr(p, '/');
-	if(p == NULL) return HEIM_ERR_LOG_PARSE;
+	if(p == NULL) {
+	    krb5_set_error_string (context, "failed to parse \"%s\"", orig);
+	    return HEIM_ERR_LOG_PARSE;
+	}
 	p++;
     }
     if(strcmp(p, "STDERR") == 0){
@@ -275,17 +289,26 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *p)
 	FILE *file = NULL;
 	int keep_open = 0;
 	fn = strdup(p + 5);
-	if(fn == NULL)
+	if(fn == NULL) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    return ENOMEM;
+	}
 	if(p[4] == '='){
 	    int i = open(fn, O_WRONLY | O_CREAT | 
 			 O_TRUNC | O_APPEND, 0666);
-	    if(i < 0)
-		return errno;
+	    if(i < 0) {
+		ret = errno;
+		krb5_set_error_string (context, "open(%s): %s", fn,
+				       strerror(ret));
+		return ret;
+	    }
 	    file = fdopen(i, "a");
 	    if(file == NULL){
+		ret = errno;
 		close(i);
-		return errno;
+		krb5_set_error_string (context, "fdopen(%s): %s", fn,
+				       strerror(ret));
+		return ret;
 	    }
 	    keep_open = 1;
 	}
@@ -303,6 +326,7 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *p)
 	    facility = "AUTH";
 	ret = open_syslog(context, f, min, max, severity, facility);
     }else{
+	krb5_set_error_string (context, "unknown log type: %s", p);
 	ret = HEIM_ERR_LOG_PARSE; /* XXX */
     }
     return ret;
diff --git a/crypto/heimdal/lib/krb5/mcache.c b/crypto/heimdal/lib/krb5/mcache.c
index 29c5cfd..8c44b6e 100644
--- a/crypto/heimdal/lib/krb5/mcache.c
+++ b/crypto/heimdal/lib/krb5/mcache.c
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: mcache.c,v 1.12 2000/11/15 02:12:51 assar Exp $");
+RCSID("$Id: mcache.c,v 1.13 2001/05/14 06:14:49 assar Exp $");
 
 typedef struct krb5_mcache {
     char *name;
@@ -65,6 +65,7 @@ static krb5_mcache *
 mcc_alloc(const char *name)
 {
     krb5_mcache *m;
+
     ALLOC(m, 1);
     if(m == NULL)
 	return NULL;
@@ -101,8 +102,10 @@ mcc_resolve(krb5_context context, krb5_ccache *id, const char *res)
     }
 
     m = mcc_alloc(res);
-    if (m == NULL)
+    if (m == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     
     (*id)->data.data = m;
     (*id)->data.length = sizeof(*m);
@@ -118,8 +121,10 @@ mcc_gen_new(krb5_context context, krb5_ccache *id)
 
     m = mcc_alloc(NULL);
 
-    if (m == NULL)
+    if (m == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
 
     (*id)->data.data = m;
     (*id)->data.length = sizeof(*m);
@@ -203,8 +208,10 @@ mcc_store_cred(krb5_context context,
 	return ENOENT;
 
     l = malloc (sizeof(*l));
-    if (l == NULL)
+    if (l == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return KRB5_CC_NOMEM;
+    }
     l->next = m->creds;
     m->creds = l;
     memset (&l->cred, 0, sizeof(l->cred));
diff --git a/crypto/heimdal/lib/krb5/mk_error.c b/crypto/heimdal/lib/krb5/mk_error.c
index 2b173db..0015f45 100644
--- a/crypto/heimdal/lib/krb5/mk_error.c
+++ b/crypto/heimdal/lib/krb5/mk_error.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: mk_error.c,v 1.14 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mk_error.c,v 1.16 2001/05/14 06:14:49 assar Exp $");
 
 krb5_error_code
 krb5_mk_error(krb5_context context,
@@ -42,7 +42,8 @@ krb5_mk_error(krb5_context context,
 	      const krb5_data *e_data,
 	      const krb5_principal client,
 	      const krb5_principal server,
-	      time_t ctime,
+	      time_t *ctime,
+	      int *cusec,
 	      krb5_data *reply)
 {
     KRB_ERROR msg;
@@ -59,9 +60,8 @@ krb5_mk_error(krb5_context context,
     msg.msg_type = krb_error;
     msg.stime    = sec;
     msg.susec    = usec;
-    if(ctime) {
-	msg.ctime = &ctime;
-    }
+    msg.ctime    = ctime;
+    msg.cusec    = cusec;
     /* Make sure we only send `protocol' error codes */
     if(error_code < KRB5KDC_ERR_NONE || error_code >= KRB5_ERR_RCSID) {
 	if(e_text == NULL)
@@ -86,8 +86,10 @@ krb5_mk_error(krb5_context context,
 
     buf_size = 1024;
     buf = malloc (buf_size);
-    if (buf == NULL)
+    if (buf == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     do {
 	ret = encode_KRB_ERROR(buf + buf_size - 1,
@@ -101,6 +103,7 @@ krb5_mk_error(krb5_context context,
 		buf_size *= 2;
 		tmp = realloc (buf, buf_size);
 		if (tmp == NULL) {
+		    krb5_set_error_string (context, "malloc: out of memory");
 		    ret = ENOMEM;
 		    goto out;
 		}
@@ -114,6 +117,7 @@ krb5_mk_error(krb5_context context,
     reply->length = len;
     reply->data = malloc(len);
     if (reply->data == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto out;
     }
diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c
index c880f10..1de4a5c 100644
--- a/crypto/heimdal/lib/krb5/mk_priv.c
+++ b/crypto/heimdal/lib/krb5/mk_priv.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: mk_priv.c,v 1.28 2000/08/18 06:48:07 assar Exp $");
+RCSID("$Id: mk_priv.c,v 1.29 2001/05/14 06:14:49 assar Exp $");
 
 /*
  *
@@ -87,8 +87,10 @@ krb5_mk_priv(krb5_context context,
 
   buf_size = 1024;
   buf = malloc (buf_size);
-  if (buf == NULL)
+  if (buf == NULL) {
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
+  }
 
   krb5_data_zero (&s.enc_part.cipher);
 
@@ -102,6 +104,7 @@ krb5_mk_priv(krb5_context context,
 	      buf_size *= 2;
 	      tmp = realloc (buf, buf_size);
 	      if (tmp == NULL) {
+		  krb5_set_error_string (context, "malloc: out of memory");
 		  ret = ENOMEM;
 		  goto fail;
 	      }
@@ -144,6 +147,7 @@ krb5_mk_priv(krb5_context context,
 	      buf_size *= 2;
 	      tmp = realloc (buf, buf_size);
 	      if (tmp == NULL) {
+		  krb5_set_error_string (context, "malloc: out of memory");
 		  ret = ENOMEM;
 		  goto fail;
 	      }
@@ -158,6 +162,7 @@ krb5_mk_priv(krb5_context context,
   outbuf->length = len;
   outbuf->data   = malloc (len);
   if (outbuf->data == NULL) {
+      krb5_set_error_string (context, "malloc: out of memory");
       free(buf);
       return ENOMEM;
   }
diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c
index ad750b0..fc6b4f2 100644
--- a/crypto/heimdal/lib/krb5/mk_rep.c
+++ b/crypto/heimdal/lib/krb5/mk_rep.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: mk_rep.c,v 1.18 2000/12/06 20:57:23 joda Exp $");
+RCSID("$Id: mk_rep.c,v 1.19 2001/05/14 06:14:49 assar Exp $");
 
 krb5_error_code
 krb5_mk_rep(krb5_context context,
@@ -61,8 +61,10 @@ krb5_mk_rep(krb5_context context,
 			      auth_context->keyblock,
 			      &auth_context->local_seqnumber);
     body.seq_number = malloc (sizeof(*body.seq_number));
-    if (body.seq_number == NULL)
+    if (body.seq_number == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *(body.seq_number) = auth_context->local_seqnumber;
   } else
     body.seq_number = NULL;
@@ -74,6 +76,7 @@ krb5_mk_rep(krb5_context context,
   buf = malloc (buf_size);
   if (buf == NULL) {
       free_EncAPRepPart (&body);
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
   }
 
@@ -106,6 +109,7 @@ krb5_mk_rep(krb5_context context,
   buf = realloc(buf, buf_size);
   if(buf == NULL) {
       free_AP_REP (&ap);
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
   }
   ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len);
diff --git a/crypto/heimdal/lib/krb5/mk_req.c b/crypto/heimdal/lib/krb5/mk_req.c
index a30c19e..dbe7f3d 100644
--- a/crypto/heimdal/lib/krb5/mk_req.c
+++ b/crypto/heimdal/lib/krb5/mk_req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: mk_req.c,v 1.22 2000/11/15 06:50:53 assar Exp $");
+RCSID("$Id: mk_req.c,v 1.23 2001/05/14 06:14:49 assar Exp $");
 
 krb5_error_code
 krb5_mk_req_exact(krb5_context context,
diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c
index f0f572c..5ab7a1c 100644
--- a/crypto/heimdal/lib/krb5/mk_req_ext.c
+++ b/crypto/heimdal/lib/krb5/mk_req_ext.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: mk_req_ext.c,v 1.24 2000/11/15 07:01:26 assar Exp $");
+RCSID("$Id: mk_req_ext.c,v 1.25 2001/05/09 07:15:00 assar Exp $");
 
 krb5_error_code
 krb5_mk_req_internal(krb5_context context,
@@ -99,6 +99,7 @@ krb5_mk_req_internal(krb5_context context,
 	  /* this is to make DCE secd (and older MIT kdcs?) happy */
 	  ret = krb5_create_checksum(context, 
 				     NULL,
+				     0,
 				     CKSUMTYPE_RSA_MD4,
 				     in_data->data,
 				     in_data->length,
@@ -112,6 +113,7 @@ krb5_mk_req_internal(krb5_context context,
 	  ret = krb5_create_checksum(context, 
 				     crypto,
 				     checksum_usage,
+				     0,
 				     in_data->data,
 				     in_data->length,
 				     &c);
diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c
index 2803d38..085ebaf 100644
--- a/crypto/heimdal/lib/krb5/mk_safe.c
+++ b/crypto/heimdal/lib/krb5/mk_safe.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: mk_safe.c,v 1.24 2000/08/18 06:48:40 assar Exp $");
+RCSID("$Id: mk_safe.c,v 1.26 2001/05/14 06:14:50 assar Exp $");
 
 krb5_error_code
 krb5_mk_safe(krb5_context context,
@@ -48,6 +48,7 @@ krb5_mk_safe(krb5_context context,
   KerberosTime sec2;
   int usec2;
   u_char *buf = NULL;
+  void *tmp;
   size_t buf_size;
   size_t len;
   u_int32_t tmp_seq;
@@ -78,8 +79,10 @@ krb5_mk_safe(krb5_context context,
 
   buf_size = length_KRB_SAFE(&s);
   buf = malloc(buf_size + 128); /* add some for checksum */
-  if(buf == NULL)
+  if(buf == NULL) {
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
+  }
   ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
   if (ret) {
       free (buf);
@@ -93,6 +96,7 @@ krb5_mk_safe(krb5_context context,
   ret = krb5_create_checksum(context, 
 			     crypto,
 			     KRB5_KU_KRB_SAFE_CKSUM,
+			     0,
 			     buf + buf_size - len,
 			     len,
 			     &s.cksum);
@@ -103,9 +107,13 @@ krb5_mk_safe(krb5_context context,
   }
 
   buf_size = length_KRB_SAFE(&s);
-  buf = realloc(buf, buf_size);
-  if(buf == NULL)
+  tmp = realloc(buf, buf_size);
+  if(tmp == NULL) {
+      free(buf);
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
+  }
+  buf = tmp;
   
   ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
   free_Checksum (&s.cksum);
@@ -114,6 +122,7 @@ krb5_mk_safe(krb5_context context,
   outbuf->data   = malloc (len);
   if (outbuf->data == NULL) {
       free (buf);
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
   }
   memcpy (outbuf->data, buf + buf_size - len, len);
diff --git a/crypto/heimdal/lib/krb5/n-fold-test.c b/crypto/heimdal/lib/krb5/n-fold-test.c
index 814dc6f..7cf4905 100644
--- a/crypto/heimdal/lib/krb5/n-fold-test.c
+++ b/crypto/heimdal/lib/krb5/n-fold-test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: n-fold-test.c,v 1.3 1999/07/22 11:45:33 assar Exp $");
+RCSID("$Id: n-fold-test.c,v 1.4 2001/03/12 07:42:30 assar Exp $");
 
 enum { MAXSIZE = 24 };
 
@@ -74,6 +74,21 @@ static struct testcase {
       0xbd, 0x22, 0x28, 0x91, 0x56, 0xc0, 0x06, 0xa0, 0xdc, 0xf5, 0xb6,
       0xc2, 0xda, 0x6c}
     },
+    {"password", 7,
+     {0x78, 0xa0, 0x7b, 0x6c, 0xaf, 0x85, 0xfa}
+    },
+    {"Rough Consensus, and Running Code", 8,
+     {0xbb, 0x6e, 0xd3, 0x08, 0x70, 0xb7, 0xf0, 0xe0},
+    },
+    {"password", 21,
+     {0x59, 0xe4, 0xa8, 0xca, 0x7c, 0x03, 0x85, 0xc3, 0xc3, 0x7b, 0x3f,
+      0x6d, 0x20, 0x00, 0x24, 0x7c, 0xb6, 0xe6, 0xbd, 0x5b, 0x3e},
+    },
+    {"MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 24,
+     {0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3,
+      0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54,
+      0x0c, 0x1b}
+    },
     {NULL, 0}
 };
 
diff --git a/crypto/heimdal/lib/krb5/principal.c b/crypto/heimdal/lib/krb5/principal.c
index 7be1d93..0bffef4 100644
--- a/crypto/heimdal/lib/krb5/principal.c
+++ b/crypto/heimdal/lib/krb5/principal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -41,7 +41,7 @@
 #include <fnmatch.h>
 #include "resolve.h"
 
-RCSID("$Id: principal.c,v 1.73 2000/10/16 03:42:14 assar Exp $");
+RCSID("$Id: principal.c,v 1.74 2001/05/14 06:14:50 assar Exp $");
 
 #define princ_num_comp(P) ((P)->name.name_string.len)
 #define princ_type(P) ((P)->name.name_type)
@@ -82,20 +82,26 @@ krb5_parse_name(krb5_context context,
     ncomp = 1;
     for(p = (char*)name; *p; p++){
 	if(*p=='\\'){
-	    if(!p[1])
+	    if(!p[1]) {
+		krb5_set_error_string (context,
+				       "trailing \\ in principal name");
 		return KRB5_PARSE_MALFORMED;
+	    }
 	    p++;
 	} else if(*p == '/')
 	    ncomp++;
     }
     comp = calloc(ncomp, sizeof(*comp));
-    if (comp == NULL)
+    if (comp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
   
     n = 0;
     start = q = p = s = strdup(name);
     if (start == NULL) {
 	free (comp);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     while(*p){
@@ -112,11 +118,14 @@ krb5_parse_name(krb5_context context,
 		c = '\0';
 	}else if(c == '/' || c == '@'){
 	    if(got_realm){
+		krb5_set_error_string (context,
+				       "part after realm in principal name");
 		ret = KRB5_PARSE_MALFORMED;
 		goto exit;
 	    }else{
 		comp[n] = malloc(q - start + 1);
 		if (comp[n] == NULL) {
+		    krb5_set_error_string (context, "malloc: out of memory");
 		    ret = ENOMEM;
 		    goto exit;
 		}
@@ -130,6 +139,8 @@ krb5_parse_name(krb5_context context,
 	    continue;
 	}
 	if(got_realm && (c == ':' || c == '/' || c == '\0')) {
+	    krb5_set_error_string (context,
+				   "part after realm in principal name");
 	    ret = KRB5_PARSE_MALFORMED;
 	    goto exit;
 	}
@@ -138,6 +149,7 @@ krb5_parse_name(krb5_context context,
     if(got_realm){
 	realm = malloc(q - start + 1);
 	if (realm == NULL) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    ret = ENOMEM;
 	    goto exit;
 	}
@@ -150,6 +162,7 @@ krb5_parse_name(krb5_context context,
 
 	comp[n] = malloc(q - start + 1);
 	if (comp[n] == NULL) {
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    ret = ENOMEM;
 	    goto exit;
 	}
@@ -159,6 +172,7 @@ krb5_parse_name(krb5_context context,
     }
     *principal = malloc(sizeof(**principal));
     if (*principal == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	ret = ENOMEM;
 	goto exit;
     }
@@ -278,8 +292,10 @@ unparse_name(krb5_context context,
 	len++;
     }
     *name = malloc(len);
-    if(len != 0 && *name == NULL)
+    if(len != 0 && *name == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     ret = unparse_name_fixed(context, principal, *name, len, short_flag);
     if(ret)
 	free(*name);
@@ -356,12 +372,16 @@ append_component(krb5_context context, krb5_principal p,
     size_t len = princ_num_comp(p);
 
     tmp = realloc(princ_comp(p), (len + 1) * sizeof(*tmp));
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     princ_comp(p) = tmp;
     princ_ncomp(p, len) = malloc(comp_len + 1);
-    if (princ_ncomp(p, len) == NULL)
+    if (princ_ncomp(p, len) == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     memcpy (princ_ncomp(p, len), comp, comp_len);
     princ_ncomp(p, len)[comp_len] = '\0';
     princ_num_comp(p)++;
@@ -406,13 +426,16 @@ build_principal(krb5_context context,
     krb5_principal p;
   
     p = calloc(1, sizeof(*p));
-    if (p == NULL)
+    if (p == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     princ_type(p) = KRB5_NT_PRINCIPAL;
 
     princ_realm(p) = strdup(realm);
     if(p->realm == NULL){
 	free(p);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
   
@@ -487,10 +510,15 @@ krb5_copy_principal(krb5_context context,
 		    krb5_principal *outprinc)
 {
     krb5_principal p = malloc(sizeof(*p));
-    if (p == NULL)
+    if (p == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
-    if(copy_Principal(inprinc, p))
+    }
+    if(copy_Principal(inprinc, p)) {
+	free(p);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     *outprinc = p;
     return 0;
 }
@@ -667,6 +695,7 @@ krb5_425_conv_principal_ext(krb5_context context,
 	}
 	krb5_free_principal(context, pr);
 	*princ = NULL;
+	krb5_clear_error_string (context);
 	return HEIM_ERR_V4_PRINC_NO_CONV;
     }
     if(resolve){
@@ -688,6 +717,7 @@ krb5_425_conv_principal_ext(krb5_context context,
 #ifdef USE_RESOLVER
 		dns_free_data(r);
 #endif
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    ret = krb5_make_principal(context, &pr, realm, name, low_inst,
@@ -731,6 +761,7 @@ krb5_425_conv_principal_ext(krb5_context context,
 			       "default_domain", NULL);
     if(p == NULL){
 	/* this should be an error, just faking a name is not good */
+	krb5_clear_error_string (context);
 	return HEIM_ERR_V4_PRINC_NO_CONV;
     }
 	
@@ -743,6 +774,7 @@ krb5_425_conv_principal_ext(krb5_context context,
 	return 0;
     }
     krb5_free_principal(context, pr);
+    krb5_clear_error_string (context);
     return HEIM_ERR_V4_PRINC_NO_CONV;
 no_host:
     p = krb5_config_get_string(context, NULL,
@@ -768,6 +800,7 @@ no_host:
 	return 0;
     }
     krb5_free_principal(context, pr);
+    krb5_clear_error_string (context);
     return HEIM_ERR_V4_PRINC_NO_CONV;
 }
 
@@ -888,6 +921,9 @@ krb5_524_conv_principal(krb5_context context,
 	i = principal->name.name_string.val[1];
 	break;
     default:
+	krb5_set_error_string (context,
+			       "cannot convert a %d component principal",
+			       principal->name.name_string.len);
 	return KRB5_PARSE_MALFORMED;
     }
 
@@ -910,12 +946,21 @@ krb5_524_conv_principal(krb5_context context,
 	i = tmpinst;
     }
     
-    if (strlcpy (name, n, aname_sz) >= aname_sz)
+    if (strlcpy (name, n, aname_sz) >= aname_sz) {
+	krb5_set_error_string (context,
+			       "too long name component to convert");
 	return KRB5_PARSE_MALFORMED;
-    if (strlcpy (instance, i, aname_sz) >= aname_sz)
+    }
+    if (strlcpy (instance, i, aname_sz) >= aname_sz) {
+	krb5_set_error_string (context,
+			       "too long instance component to convert");
 	return KRB5_PARSE_MALFORMED;
-    if (strlcpy (realm, r, aname_sz) >= aname_sz)
+    }
+    if (strlcpy (realm, r, aname_sz) >= aname_sz) {
+	krb5_set_error_string (context,
+			       "too long realm component to convert");
 	return KRB5_PARSE_MALFORMED;
+    }
     return 0;
 }
 
@@ -934,8 +979,11 @@ krb5_sname_to_principal (krb5_context context,
     char localhost[MAXHOSTNAMELEN];
     char **realms, *host = NULL;
 	
-    if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN)
+    if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) {
+	krb5_set_error_string (context, "unsupported name type %d",
+			       type);
 	return KRB5_SNAME_UNSUPP_NAMETYPE;
+    }
     if(hostname == NULL) {
 	gethostname(localhost, sizeof(localhost));
 	hostname = localhost;
diff --git a/crypto/heimdal/lib/krb5/prog_setup.c b/crypto/heimdal/lib/krb5/prog_setup.c
index dc3b119..3f5efb6 100644
--- a/crypto/heimdal/lib/krb5/prog_setup.c
+++ b/crypto/heimdal/lib/krb5/prog_setup.c
@@ -35,7 +35,7 @@
 #include <getarg.h>
 #include <err.h>
 
-RCSID("$Id: prog_setup.c,v 1.8 2001/01/25 11:20:32 assar Exp $");
+RCSID("$Id: prog_setup.c,v 1.9 2001/02/20 01:44:54 assar Exp $");
 
 void
 krb5_std_usage(int code, struct getargs *args, int num_args)
@@ -55,7 +55,7 @@ krb5_program_setup(krb5_context *context, int argc, char **argv,
     if(usage == NULL)
 	usage = krb5_std_usage;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
     ret = krb5_init_context(context);
     if (ret)
 	errx (1, "krb5_init_context failed: %d", ret);
diff --git a/crypto/heimdal/lib/krb5/prompter_posix.c b/crypto/heimdal/lib/krb5/prompter_posix.c
index a849254..4b9c573 100644
--- a/crypto/heimdal/lib/krb5/prompter_posix.c
+++ b/crypto/heimdal/lib/krb5/prompter_posix.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,17 +33,20 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: prompter_posix.c,v 1.5 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: prompter_posix.c,v 1.6 2001/05/11 20:26:49 assar Exp $");
 
 int
 krb5_prompter_posix (krb5_context context,
 		     void *data,
+		     const char *name,
 		     const char *banner,
 		     int num_prompts,
 		     krb5_prompt prompts[])
 {
     int i;
 
+    if (name)
+	fprintf (stderr, "%s\n", name);
     if (banner)
 	fprintf (stderr, "%s\n", banner);
     for (i = 0; i < num_prompts; ++i) {
diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c
index ca8ff02..c7729b1 100644
--- a/crypto/heimdal/lib/krb5/rd_cred.c
+++ b/crypto/heimdal/lib/krb5/rd_cred.c
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: rd_cred.c,v 1.12 2001/01/04 16:19:00 joda Exp $");
+RCSID("$Id: rd_cred.c,v 1.14 2001/05/14 06:14:50 assar Exp $");
 
 krb5_error_code
 krb5_rd_cred(krb5_context context,
@@ -50,6 +50,8 @@ krb5_rd_cred(krb5_context context,
     krb5_crypto crypto;
     int i;
 
+    *ret_creds = NULL;
+
     ret = decode_KRB_CRED(in_data->data, in_data->length, 
 			  &cred, &len);
     if(ret)
@@ -57,11 +59,13 @@ krb5_rd_cred(krb5_context context,
 
     if (cred.pvno != 5) {
 	ret = KRB5KRB_AP_ERR_BADVERSION;
+	krb5_clear_error_string (context);
 	goto out;
     }
 
     if (cred.msg_type != krb_cred) {
 	ret = KRB5KRB_AP_ERR_MSG_TYPE;
+	krb5_clear_error_string (context);
 	goto out;
     }
 
@@ -108,7 +112,7 @@ krb5_rd_cred(krb5_context context,
 	krb5_address *a;
 	int cmp;
 
-	ret = krb5_make_addrport (&a,
+	ret = krb5_make_addrport (context, &a,
 				  auth_context->remote_address,
 				  auth_context->remote_port);
 	if (ret)
@@ -123,6 +127,7 @@ krb5_rd_cred(krb5_context context,
 	free (a);
 
 	if (cmp == 0) {
+	    krb5_clear_error_string (context);
 	    ret = KRB5KRB_AP_ERR_BADADDR;
 	    goto out;
 	}
@@ -135,6 +140,7 @@ krb5_rd_cred(krb5_context context,
 	&& !krb5_address_compare (context,
 				  auth_context->local_address,
 				  enc_krb_cred_part.r_address)) {
+	krb5_clear_error_string (context);
 	ret = KRB5KRB_AP_ERR_BADADDR;
 	goto out;
     }
@@ -149,6 +155,7 @@ krb5_rd_cred(krb5_context context,
 	    enc_krb_cred_part.usec      == NULL ||
 	    abs(*enc_krb_cred_part.timestamp - sec)
 	    > context->max_skew) {
+	    krb5_clear_error_string (context);
 	    ret = KRB5KRB_AP_ERR_SKEW;
 	    goto out;
 	}
@@ -183,6 +190,7 @@ krb5_rd_cred(krb5_context context,
 	creds = calloc(1, sizeof(*creds));
 	if(creds == NULL) {
 	    ret = ENOMEM;
+	    krb5_set_error_string (context, "malloc: out of memory");
 	    goto out;
 	}
 
diff --git a/crypto/heimdal/lib/krb5/rd_error.c b/crypto/heimdal/lib/krb5/rd_error.c
index df9b45e..ca02f3d 100644
--- a/crypto/heimdal/lib/krb5/rd_error.c
+++ b/crypto/heimdal/lib/krb5/rd_error.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: rd_error.c,v 1.4 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: rd_error.c,v 1.6 2001/05/15 06:35:10 assar Exp $");
 
 krb5_error_code
 krb5_rd_error(krb5_context context,
@@ -43,11 +43,12 @@ krb5_rd_error(krb5_context context,
     
     size_t len;
     krb5_error_code ret;
+
     ret = decode_KRB_ERROR(msg->data, msg->length, result, &len);
     if(ret)
 	return ret;
     result->error_code += KRB5KDC_ERR_NONE;
-    return 0;    
+    return 0;
 }
 
 void
@@ -64,3 +65,56 @@ krb5_free_error (krb5_context context,
     krb5_free_error_contents (context, error);
     free (error);
 }
+
+krb5_error_code
+krb5_error_from_rd_error(krb5_context context,
+			 const krb5_error *error,
+			 const krb5_creds *creds)
+{
+    krb5_error_code ret;
+
+    ret = error->error_code;
+    if (error->e_text != NULL) {
+	krb5_set_error_string(context, "%s", *error->e_text);
+    } else {
+	char clientname[256], servername[256];
+
+	if (creds != NULL) {
+	    krb5_unparse_name_fixed(context, creds->client,
+				    clientname, sizeof(clientname));
+	    krb5_unparse_name_fixed(context, creds->server,
+				    servername, sizeof(servername));
+	}
+
+	switch (ret) {
+	case KRB5KDC_ERR_NAME_EXP :
+	    krb5_set_error_string(context, "Client %s%s%s expired",
+				  creds ? "(" : "",
+				  creds ? clientname : "",
+				  creds ? ")" : "");
+	    break;
+	case KRB5KDC_ERR_SERVICE_EXP :
+	    krb5_set_error_string(context, "Server %s%s%s expired",
+				  creds ? "(" : "",
+				  creds ? servername : "",
+				  creds ? ")" : "");
+	    break;
+	case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN :
+	    krb5_set_error_string(context, "Client %s%s%s unknown",
+				  creds ? "(" : "",
+				  creds ? clientname : "",
+				  creds ? ")" : "");
+	    break;
+	case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN :
+	    krb5_set_error_string(context, "Server %s%s%s unknown",
+				  creds ? "(" : "",
+				  creds ? servername : "",
+				  creds ? ")" : "");
+	    break;
+	default :
+	    krb5_clear_error_string(context);
+	    break;
+	}
+    }
+    return ret;
+}
diff --git a/crypto/heimdal/lib/krb5/rd_priv.c b/crypto/heimdal/lib/krb5/rd_priv.c
index 62350ba..1447c14 100644
--- a/crypto/heimdal/lib/krb5/rd_priv.c
+++ b/crypto/heimdal/lib/krb5/rd_priv.c
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: rd_priv.c,v 1.27 2001/01/19 04:27:09 assar Exp $");
+RCSID("$Id: rd_priv.c,v 1.28 2001/05/14 06:14:50 assar Exp $");
 
 krb5_error_code
 krb5_rd_priv(krb5_context context,
@@ -55,10 +55,12 @@ krb5_rd_priv(krb5_context context,
   if (ret) 
       goto failure;
   if (priv.pvno != 5) {
+      krb5_clear_error_string (context);
       ret = KRB5KRB_AP_ERR_BADVERSION;
       goto failure;
   }
   if (priv.msg_type != krb_priv) {
+      krb5_clear_error_string (context);
       ret = KRB5KRB_AP_ERR_MSG_TYPE;
       goto failure;
   }
@@ -96,6 +98,7 @@ krb5_rd_priv(krb5_context context,
       && !krb5_address_compare (context,
 				auth_context->remote_address,
 				part.s_address)) {
+      krb5_clear_error_string (context);
       ret = KRB5KRB_AP_ERR_BADADDR;
       goto failure_part;
   }
@@ -107,6 +110,7 @@ krb5_rd_priv(krb5_context context,
       && !krb5_address_compare (context,
 				auth_context->local_address,
 				part.r_address)) {
+      krb5_clear_error_string (context);
       ret = KRB5KRB_AP_ERR_BADADDR;
       goto failure_part;
   }
@@ -119,6 +123,7 @@ krb5_rd_priv(krb5_context context,
       if (part.timestamp == NULL ||
 	  part.usec      == NULL ||
 	  abs(*part.timestamp - sec) > context->max_skew) {
+	  krb5_clear_error_string (context);
 	  ret = KRB5KRB_AP_ERR_SKEW;
 	  goto failure_part;
       }
@@ -135,6 +140,7 @@ krb5_rd_priv(krb5_context context,
 	   && auth_context->remote_seqnumber != 0)
 	  || (part.seq_number != NULL
 	      && *part.seq_number != auth_context->remote_seqnumber)) {
+	  krb5_clear_error_string (context);
 	  ret = KRB5KRB_AP_ERR_BADORDER;
 	  goto failure_part;
       }
diff --git a/crypto/heimdal/lib/krb5/rd_rep.c b/crypto/heimdal/lib/krb5/rd_rep.c
index 20f2033..7462b3d 100644
--- a/crypto/heimdal/lib/krb5/rd_rep.c
+++ b/crypto/heimdal/lib/krb5/rd_rep.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: rd_rep.c,v 1.20 2000/08/18 06:49:03 assar Exp $");
+RCSID("$Id: rd_rep.c,v 1.21 2001/05/14 06:14:50 assar Exp $");
 
 krb5_error_code
 krb5_rd_rep(krb5_context context,
@@ -55,10 +55,12 @@ krb5_rd_rep(krb5_context context,
       return ret;
   if (ap_rep.pvno != 5) {
     ret = KRB5KRB_AP_ERR_BADVERSION;
+    krb5_clear_error_string (context);
     goto out;
   }
   if (ap_rep.msg_type != krb_ap_rep) {
     ret = KRB5KRB_AP_ERR_MSG_TYPE;
+    krb5_clear_error_string (context);
     goto out;
   }
 
@@ -77,6 +79,7 @@ krb5_rd_rep(krb5_context context,
   *repl = malloc(sizeof(**repl));
   if (*repl == NULL) {
     ret = ENOMEM;
+    krb5_set_error_string (context, "malloc: out of memory");
     goto out;
   }
   ret = krb5_decode_EncAPRepPart(context,
@@ -90,6 +93,7 @@ krb5_rd_rep(krb5_context context,
   if ((*repl)->ctime != auth_context->authenticator->ctime ||
       (*repl)->cusec != auth_context->authenticator->cusec) {
     ret = KRB5KRB_AP_ERR_MUT_FAIL;
+    krb5_clear_error_string (context);
     goto out;
   }
   if ((*repl)->seq_number)
diff --git a/crypto/heimdal/lib/krb5/rd_req.c b/crypto/heimdal/lib/krb5/rd_req.c
index 922137a..b7059e1 100644
--- a/crypto/heimdal/lib/krb5/rd_req.c
+++ b/crypto/heimdal/lib/krb5/rd_req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: rd_req.c,v 1.44 2000/11/15 23:16:28 assar Exp $");
+RCSID("$Id: rd_req.c,v 1.45 2001/05/14 06:14:50 assar Exp $");
 
 static krb5_error_code
 decrypt_tkt_enc_part (krb5_context context,
@@ -113,14 +113,17 @@ krb5_decode_ap_req(krb5_context context,
 	return ret;
     if (ap_req->pvno != 5){
 	free_AP_REQ(ap_req);
+	krb5_clear_error_string (context);
 	return KRB5KRB_AP_ERR_BADVERSION;
     }
     if (ap_req->msg_type != krb_ap_req){
 	free_AP_REQ(ap_req);
+	krb5_clear_error_string (context);
 	return KRB5KRB_AP_ERR_MSG_TYPE;
     }
     if (ap_req->ticket.tkt_vno != 5){
 	free_AP_REQ(ap_req);
+	krb5_clear_error_string (context);
 	return KRB5KRB_AP_ERR_BADVERSION;
     }
     return 0;
@@ -150,10 +153,12 @@ krb5_decrypt_ticket(krb5_context context,
 	   || (t.flags.invalid
 	       && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) {
 	    free_EncTicketPart(&t);
+	    krb5_clear_error_string (context);
 	    return KRB5KRB_AP_ERR_TKT_NYV;
 	}
 	if(now - t.endtime > context->max_skew) {
 	    free_EncTicketPart(&t);
+	    krb5_clear_error_string (context);
 	    return KRB5KRB_AP_ERR_TKT_EXPIRED;
 	}
     }
@@ -320,6 +325,7 @@ krb5_verify_ap_req2(krb5_context context,
 	krb5_free_principal (context, p2);
 	if (!res) {
 	    ret = KRB5KRB_AP_ERR_BADMATCH;
+	    krb5_clear_error_string (context);
 	    goto out2;
 	}
     }
@@ -332,6 +338,7 @@ krb5_verify_ap_req2(krb5_context context,
 				 ac->remote_address,
 				 t.ticket.caddr)) {
 	ret = KRB5KRB_AP_ERR_BADADDR;
+	krb5_clear_error_string (context);
 	goto out2;
     }
 
diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c
index 07628d9..62d3646 100644
--- a/crypto/heimdal/lib/krb5/rd_safe.c
+++ b/crypto/heimdal/lib/krb5/rd_safe.c
@@ -33,7 +33,7 @@
 
 #include <krb5_locl.h>
 
-RCSID("$Id: rd_safe.c,v 1.23 2001/01/19 04:25:37 assar Exp $");
+RCSID("$Id: rd_safe.c,v 1.24 2001/05/14 06:14:51 assar Exp $");
 
 static krb5_error_code
 verify_checksum(krb5_context context,
@@ -58,6 +58,7 @@ verify_checksum(krb5_context context,
 
     if (buf == NULL) {
 	ret = ENOMEM;
+	krb5_set_error_string (context, "malloc: out of memory");
 	goto out;
     }
 
@@ -97,15 +98,18 @@ krb5_rd_safe(krb5_context context,
       return ret;
   if (safe.pvno != 5) {
       ret = KRB5KRB_AP_ERR_BADVERSION;
+      krb5_clear_error_string (context);
       goto failure;
   }
   if (safe.msg_type != krb_safe) {
       ret = KRB5KRB_AP_ERR_MSG_TYPE;
+      krb5_clear_error_string (context);
       goto failure;
   }
   if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype)
       || !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) {
       ret = KRB5KRB_AP_ERR_INAPP_CKSUM;
+      krb5_clear_error_string (context);
       goto failure;
   }
 
@@ -117,6 +121,7 @@ krb5_rd_safe(krb5_context context,
 				auth_context->remote_address,
 				safe.safe_body.s_address)) {
       ret = KRB5KRB_AP_ERR_BADADDR;
+      krb5_clear_error_string (context);
       goto failure;
   }
 
@@ -128,6 +133,7 @@ krb5_rd_safe(krb5_context context,
 				auth_context->local_address,
 				safe.safe_body.r_address)) {
       ret = KRB5KRB_AP_ERR_BADADDR;
+      krb5_clear_error_string (context);
       goto failure;
   }
 
@@ -141,6 +147,7 @@ krb5_rd_safe(krb5_context context,
 	  safe.safe_body.usec      == NULL ||
 	  abs(*safe.safe_body.timestamp - sec) > context->max_skew) {
 	  ret = KRB5KRB_AP_ERR_SKEW;
+	  krb5_clear_error_string (context);
 	  goto failure;
       }
   }
@@ -157,6 +164,7 @@ krb5_rd_safe(krb5_context context,
 	      && *safe.safe_body.seq_number !=
 	      auth_context->remote_seqnumber)) {
 	  ret = KRB5KRB_AP_ERR_BADORDER;
+	  krb5_clear_error_string (context);
 	  goto failure;
       }
       auth_context->remote_seqnumber++;
@@ -170,6 +178,7 @@ krb5_rd_safe(krb5_context context,
   outbuf->data   = malloc(outbuf->length);
   if (outbuf->data == NULL) {
       ret = ENOMEM;
+      krb5_set_error_string (context, "malloc: out of memory");
       goto failure;
   }
   memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length);
diff --git a/crypto/heimdal/lib/krb5/read_message.c b/crypto/heimdal/lib/krb5/read_message.c
index 45d6b62..124499a 100644
--- a/crypto/heimdal/lib/krb5/read_message.c
+++ b/crypto/heimdal/lib/krb5/read_message.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: read_message.c,v 1.7 2000/07/21 22:54:09 joda Exp $");
+RCSID("$Id: read_message.c,v 1.8 2001/05/14 06:14:51 assar Exp $");
 
 krb5_error_code
 krb5_read_message (krb5_context context,
@@ -45,8 +45,11 @@ krb5_read_message (krb5_context context,
     u_int8_t buf[4];
 
     ret = krb5_net_read (context, p_fd, buf, 4);
-    if(ret == -1)
-	return errno;
+    if(ret == -1) {
+	ret = errno;
+	krb5_clear_error_string (context);
+	return ret;
+    }
     if(ret < 4) {
 	data->length = 0;
 	return HEIM_ERR_EOF;
@@ -56,8 +59,10 @@ krb5_read_message (krb5_context context,
     if (ret)
 	return ret;
     if (krb5_net_read (context, p_fd, data->data, len) != len) {
+	ret = errno;
 	krb5_data_free (data);
-	return errno;
+	krb5_clear_error_string (context);
+	return ret;
     }
     return 0;
 }
@@ -76,8 +81,6 @@ krb5_read_priv_message(krb5_context context,
 	return ret;
     ret = krb5_rd_priv (context, ac, &packet, data, NULL);
     krb5_data_free(&packet);
-    if(ret)
-	return ret;
     return ret;
 }
 
@@ -95,7 +98,5 @@ krb5_read_safe_message(krb5_context context,
 	return ret;
     ret = krb5_rd_safe (context, ac, &packet, data, NULL);
     krb5_data_free(&packet);
-    if(ret)
-	return ret;
     return ret;
 }
diff --git a/crypto/heimdal/lib/krb5/recvauth.c b/crypto/heimdal/lib/krb5/recvauth.c
index 3c11254..806a765 100644
--- a/crypto/heimdal/lib/krb5/recvauth.c
+++ b/crypto/heimdal/lib/krb5/recvauth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: recvauth.c,v 1.13 2000/12/06 20:59:05 joda Exp $");
+RCSID("$Id: recvauth.c,v 1.15 2001/05/14 06:14:51 assar Exp $");
 
 /*
  * See `sendauth.c' for the format.
@@ -101,44 +101,61 @@ krb5_recvauth_match_version(krb5_context context,
 
   if(!(flags & KRB5_RECVAUTH_IGNORE_VERSION)) {
     n = krb5_net_read (context, p_fd, &len, 4);
-    if (n < 0)
-	return errno;
-    if (n == 0)
+    if (n < 0) {
+	ret = errno;
+	krb5_set_error_string (context, "read: %s", strerror(errno));
+	return ret;
+    }
+    if (n == 0) {
+	krb5_clear_error_string (context);
 	return KRB5_SENDAUTH_BADAUTHVERS;
+    }
     len = ntohl(len);
     if (len != sizeof(her_version)
 	|| krb5_net_read (context, p_fd, her_version, len) != len
 	|| strncmp (version, her_version, len)) {
       repl = 1;
       krb5_net_write (context, p_fd, &repl, 1);
+	krb5_clear_error_string (context);
       return KRB5_SENDAUTH_BADAUTHVERS;
     }
   }
 
   n = krb5_net_read (context, p_fd, &len, 4);
-  if (n < 0)
-      return errno;
-  if (n == 0)
+  if (n < 0) {
+      ret = errno;
+      krb5_set_error_string (context, "read: %s", strerror(errno));
+      return ret;
+  }
+  if (n == 0) {
+      krb5_clear_error_string (context);
       return KRB5_SENDAUTH_BADAPPLVERS;
+  }
   len = ntohl(len);
   her_appl_version = malloc (len);
   if (her_appl_version == NULL) {
       repl = 2;
       krb5_net_write (context, p_fd, &repl, 1);
+      krb5_set_error_string (context, "malloc: out of memory");
       return ENOMEM;
   }
   if (krb5_net_read (context, p_fd, her_appl_version, len) != len
       || !(*match_appl_version)(match_data, her_appl_version)) {
     repl = 2;
     krb5_net_write (context, p_fd, &repl, 1);
+    krb5_set_error_string (context, "wrong sendauth version (%s)",
+			   her_appl_version);
     free (her_appl_version);
     return KRB5_SENDAUTH_BADAPPLVERS;
   }
   free (her_appl_version);
 
   repl = 0;
-  if (krb5_net_write (context, p_fd, &repl, 1) != 1)
-    return errno;
+  if (krb5_net_write (context, p_fd, &repl, 1) != 1) {
+    ret = errno;
+    krb5_set_error_string (context, "write: %s", strerror(errno));
+    return ret;
+  }
 
   krb5_data_zero (&data);
   ret = krb5_read_message (context, p_fd, &data);
@@ -163,7 +180,8 @@ krb5_recvauth_match_version(krb5_context context,
 			    NULL,
 			    NULL,
 			    server,
-			    0,
+			    NULL,
+			    NULL,
 			    &error_data);
       if (ret2 == 0) {
 	  krb5_write_message (context, p_fd, &error_data);
@@ -173,8 +191,11 @@ krb5_recvauth_match_version(krb5_context context,
   }      
 
   len = 0;
-  if (krb5_net_write (context, p_fd, &len, 4) != 4)
-    return errno;
+  if (krb5_net_write (context, p_fd, &len, 4) != 4) {
+      ret = errno;
+      krb5_set_error_string (context, "write: %s", strerror(errno));
+      return ret;
+  }
 
   if (ap_options & AP_OPTS_MUTUAL_REQUIRED) {
     ret = krb5_mk_rep (context, *auth_context, &data);
diff --git a/crypto/heimdal/lib/krb5/replay.c b/crypto/heimdal/lib/krb5/replay.c
index 2935cfc..d4f5569 100644
--- a/crypto/heimdal/lib/krb5/replay.c
+++ b/crypto/heimdal/lib/krb5/replay.c
@@ -34,7 +34,7 @@
 #include "krb5_locl.h"
 #include <vis.h>
 
-RCSID("$Id: replay.c,v 1.7 2001/01/29 02:09:00 assar Exp $");
+RCSID("$Id: replay.c,v 1.8 2001/05/14 06:14:51 assar Exp $");
 
 struct krb5_rcache_data {
     char *name;
@@ -46,8 +46,10 @@ krb5_rc_resolve(krb5_context context,
 		const char *name)
 {
     id->name = strdup(name);
-    if(id->name == NULL)
+    if(id->name == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return KRB5_RC_MALLOC;
+    }
     return 0;
 }
 
@@ -56,11 +58,16 @@ krb5_rc_resolve_type(krb5_context context,
 		     krb5_rcache *id,
 		     const char *type)
 {
-    if(strcmp(type, "FILE"))
+    if(strcmp(type, "FILE")) {
+	krb5_set_error_string (context, "replay cache type %s not supported",
+			       type);
 	return KRB5_RC_TYPE_NOTFOUND;
+    }
     *id = calloc(1, sizeof(**id));
-    if(*id == NULL)
+    if(*id == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return KRB5_RC_MALLOC;
+    }
     return 0;
 }
 
@@ -70,8 +77,11 @@ krb5_rc_resolve_full(krb5_context context,
 		     const char *string_name)
 {
     krb5_error_code ret;
-    if(strncmp(string_name, "FILE:", 5))
+    if(strncmp(string_name, "FILE:", 5)) {
+	krb5_set_error_string (context, "replay cache type %s not supported",
+			       string_name);
 	return KRB5_RC_TYPE_NOTFOUND;
+    }
     ret = krb5_rc_resolve_type(context, id, "FILE");
     if(ret)
 	return ret;
@@ -110,8 +120,14 @@ krb5_rc_initialize(krb5_context context,
 {
     FILE *f = fopen(id->name, "w");
     struct rc_entry tmp;
-    if(f == NULL)
-	return errno;
+    int ret;
+
+    if(f == NULL) {
+	ret = errno;
+	krb5_set_error_string (context, "open(%s): %s", id->name,
+			       strerror(ret));
+	return ret;
+    }
     tmp.stamp = auth_lifespan;
     fwrite(&tmp, 1, sizeof(tmp), f);
     fclose(f);
@@ -129,8 +145,14 @@ krb5_error_code
 krb5_rc_destroy(krb5_context context,
 		krb5_rcache id)
 {
-    if(remove(id->name) < 0)
-	return errno;
+    int ret;
+
+    if(remove(id->name) < 0) {
+	ret = errno;
+	krb5_set_error_string (context, "remove(%s): %s", id->name,
+			       strerror(ret));
+	return ret;
+    }
     return krb5_rc_close(context, id);
 }
 
@@ -167,11 +189,17 @@ krb5_rc_store(krb5_context context,
     struct rc_entry ent, tmp;
     time_t t;
     FILE *f;
+    int ret;
+
     ent.stamp = time(NULL);
     checksum_authenticator(rep, ent.data);
     f = fopen(id->name, "r");
-    if(f == NULL)
-	return errno;
+    if(f == NULL) {
+	ret = errno;
+	krb5_set_error_string (context, "open(%s): %s", id->name,
+			       strerror(ret));
+	return ret;
+    }
     fread(&tmp, sizeof(ent), 1, f);
     t = ent.stamp - tmp.stamp;
     while(fread(&tmp, sizeof(ent), 1, f)){
@@ -179,17 +207,23 @@ krb5_rc_store(krb5_context context,
 	    continue;
 	if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){
 	    fclose(f);
+	    krb5_clear_error_string (context);
 	    return KRB5_RC_REPLAY;
 	}
     }
     if(ferror(f)){
+	ret = errno;
 	fclose(f);
-	return errno;
+	krb5_set_error_string (context, "%s: %s", id->name, strerror(ret));
+	return ret;
     }
     fclose(f);
     f = fopen(id->name, "a");
-    if(f == NULL)
+    if(f == NULL) {
+	krb5_set_error_string (context, "open(%s): %s", id->name,
+			       strerror(errno));
 	return KRB5_RC_IO_UNKNOWN;
+    }
     fwrite(&ent, 1, sizeof(ent), f);
     fclose(f);
     return 0;
@@ -216,6 +250,7 @@ krb5_rc_get_lifespan(krb5_context context,
 	*auth_lifespan = ent.stamp;
 	return 0;
     }
+    krb5_clear_error_string (context);
     return KRB5_RC_IO_UNKNOWN;
 }
 
@@ -243,8 +278,11 @@ krb5_get_server_rcache(krb5_context context,
 
     char *tmp = malloc(4 * piece->length + 1);
     char *name;
-    if(tmp == NULL)
+
+    if(tmp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL);
 #ifdef HAVE_GETEUID
     asprintf(&name, "FILE:rc_%s_%u", tmp, geteuid());
@@ -252,8 +290,10 @@ krb5_get_server_rcache(krb5_context context,
     asprintf(&name, "FILE:rc_%s", tmp);
 #endif
     free(tmp);
-    if(name == NULL)
+    if(name == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
 
     ret = krb5_rc_resolve_full(context, &rcache, name);
     free(name);
diff --git a/crypto/heimdal/lib/krb5/send_to_kdc.c b/crypto/heimdal/lib/krb5/send_to_kdc.c
index e2b884d..5a66f02 100644
--- a/crypto/heimdal/lib/krb5/send_to_kdc.c
+++ b/crypto/heimdal/lib/krb5/send_to_kdc.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: send_to_kdc.c,v 1.40 2000/11/15 01:48:23 assar Exp $");
+RCSID("$Id: send_to_kdc.c,v 1.44 2001/05/14 22:49:56 assar Exp $");
 
 /*
  * send the data in `req' on the socket `fd' (which is datagram iff udp)
@@ -267,7 +267,7 @@ send_via_proxy (krb5_context context,
     ret = getaddrinfo (proxy, portstr, &hints, &ai);
     free (proxy2);
     if (ret)
-	return krb5_eai_to_heim_errno(ret);
+	return krb5_eai_to_heim_errno(ret, errno);
 
     for (a = ai; a != NULL; a = a->ai_next) {
 	s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
@@ -300,7 +300,7 @@ send_via_proxy (krb5_context context,
 }
 
 /*
- * Send the data `send' to one KDC in `realm' and get back the reply
+ * Send the data `send' to one hots in `hostlist' and get back the reply
  * in `receive'.
  */
 
@@ -316,7 +316,7 @@ krb5_sendto (krb5_context context,
      int fd;
      int i;
 
-     for (i = 0; i < context->max_retries; ++i)
+     for (i = 0; i < context->max_retries; ++i) {
 	 for (hp = hostlist; (p = *hp); ++hp) {
 	     char *colon;
 	     int http_flag = 0;
@@ -368,27 +368,25 @@ krb5_sendto (krb5_context context,
 		     close (fd);
 		     continue;
 		 }
-		 break;
-	     }
-	     if (a == NULL) {
-		 freeaddrinfo (ai);
-		 continue;
+		 if(http_flag)
+		     ret = send_and_recv_http(fd, context->kdc_timeout,
+					      "", send, receive);
+		 else if(tcp_flag)
+		     ret = send_and_recv_tcp (fd, context->kdc_timeout,
+					      send, receive);
+		 else
+		     ret = send_and_recv_udp (fd, context->kdc_timeout,
+					      send, receive);
+		 close (fd);
+		 if(ret == 0 && receive->length != 0) {
+		     freeaddrinfo(ai);
+		     goto out;
+		 }
 	     }
-	     freeaddrinfo (ai);
-
-	     if(http_flag)
-		 ret = send_and_recv_http(fd, context->kdc_timeout,
-					  "", send, receive);
-	     else if(tcp_flag)
-		 ret = send_and_recv_tcp (fd, context->kdc_timeout,
-					  send, receive);
-	     else
-		 ret = send_and_recv_udp (fd, context->kdc_timeout,
-					  send, receive);
-	     close (fd);
-	     if(ret == 0 && receive->length != 0)
-		 goto out;
+	     freeaddrinfo(ai);
 	 }
+     }
+     krb5_clear_error_string (context);
      ret = KRB5_KDC_UNREACH;
 out:
      return ret;
@@ -415,6 +413,9 @@ krb5_sendto_kdc2(krb5_context context,
 	return ret;
     ret = krb5_sendto(context, send, hostlist, port, receive);
     krb5_free_krbhst (context, hostlist);
+    if (ret == KRB5_KDC_UNREACH)
+	krb5_set_error_string(context,
+			      "unable to reach any KDC in realm %s", *realm);
     return ret;
 }
 
diff --git a/crypto/heimdal/lib/krb5/sendauth.c b/crypto/heimdal/lib/krb5/sendauth.c
index b9e8dd0..8f2c544 100644
--- a/crypto/heimdal/lib/krb5/sendauth.c
+++ b/crypto/heimdal/lib/krb5/sendauth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: sendauth.c,v 1.17 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: sendauth.c,v 1.18 2001/05/14 06:14:51 assar Exp $");
 
 /*
  * The format seems to be:
@@ -90,23 +90,35 @@ krb5_sendauth(krb5_context context,
     len = strlen(version) + 1;
     net_len = htonl(len);
     if (krb5_net_write (context, p_fd, &net_len, 4) != 4
-	|| krb5_net_write (context, p_fd, version, len) != len)
-	return errno;
+	|| krb5_net_write (context, p_fd, version, len) != len) {
+	ret = errno;
+	krb5_set_error_string (context, "write: %s", strerror(ret));
+	return ret;
+    }
 
     len = strlen(appl_version) + 1;
     net_len = htonl(len);
     if (krb5_net_write (context, p_fd, &net_len, 4) != 4
-	|| krb5_net_write (context, p_fd, appl_version, len) != len)
-	return errno;
+	|| krb5_net_write (context, p_fd, appl_version, len) != len) {
+	ret = errno;
+	krb5_set_error_string (context, "write: %s", strerror(ret));
+	return ret;
+    }
 
     sret = krb5_net_read (context, p_fd, &repl, sizeof(repl));
-    if (sret < 0)
-	return errno;
-    else if (sret != sizeof(repl))
+    if (sret < 0) {
+	ret = errno;
+	krb5_set_error_string (context, "read: %s", strerror(ret));
+	return ret;
+    } else if (sret != sizeof(repl)) {
+	krb5_clear_error_string (context);
 	return KRB5_SENDAUTH_BADRESPONSE;
+    }
 
-    if (repl != 0)
+    if (repl != 0) {
+	krb5_clear_error_string (context);
 	return KRB5_SENDAUTH_REJECTED;
+    }
 
     if (in_creds == NULL) {
 	if (ccache == NULL) {
@@ -170,19 +182,22 @@ krb5_sendauth(krb5_context context,
 	ret = krb5_rd_error (context, &error_data, &error);
 	krb5_data_free (&error_data);
 	if (ret == 0) {
+	    ret = krb5_error_from_rd_error(context, &error, NULL);
 	    if (ret_error != NULL) {
 		*ret_error = malloc (sizeof(krb5_error));
 		if (*ret_error == NULL) {
-		    free_KRB_ERROR(&error);
+		    krb5_free_error_contents (context, &error);
 		} else {
 		    **ret_error = error;
 		}
 	    } else {
-		free_KRB_ERROR(&error);
+		krb5_free_error_contents (context, &error);
 	    }
-	    return error.error_code;
-	} else
 	    return ret;
+	} else {
+	    krb5_clear_error_string(context);
+	    return ret;
+	}
     }
 
     if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) {
diff --git a/crypto/heimdal/lib/krb5/set_default_realm.c b/crypto/heimdal/lib/krb5/set_default_realm.c
index b917a92..9cb49c3 100644
--- a/crypto/heimdal/lib/krb5/set_default_realm.c
+++ b/crypto/heimdal/lib/krb5/set_default_realm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: set_default_realm.c,v 1.11 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: set_default_realm.c,v 1.12 2001/05/14 06:14:51 assar Exp $");
 
 /*
  * Convert the simple string `s' into a NULL-terminated and freshly allocated 
@@ -41,15 +41,18 @@ RCSID("$Id: set_default_realm.c,v 1.11 1999/12/02 17:05:12 joda Exp $");
  */
 
 static krb5_error_code
-string_to_list (const char *s, krb5_realm **list)
+string_to_list (krb5_context context, const char *s, krb5_realm **list)
 {
 
     *list = malloc (2 * sizeof(**list));
-    if (*list == NULL)
+    if (*list == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     (*list)[0] = strdup (s);
     if ((*list)[0] == NULL) {
 	free (*list);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     (*list)[1] = NULL;
@@ -77,7 +80,7 @@ krb5_set_default_realm(krb5_context context,
 	if (realms == NULL)
 	    ret = krb5_get_host_realm(context, NULL, &realms);
     } else {
-	ret = string_to_list (realm, &realms);
+	ret = string_to_list (context, realm, &realms);
     }
     if (ret)
 	return ret;
diff --git a/crypto/heimdal/lib/krb5/sock_principal.c b/crypto/heimdal/lib/krb5/sock_principal.c
index 477622d..d7a77a4 100644
--- a/crypto/heimdal/lib/krb5/sock_principal.c
+++ b/crypto/heimdal/lib/krb5/sock_principal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: sock_principal.c,v 1.11 2000/08/09 20:53:11 assar Exp $");
+RCSID("$Id: sock_principal.c,v 1.13 2001/05/14 06:14:51 assar Exp $");
 			
 krb5_error_code
 krb5_sock_to_principal (krb5_context context,
@@ -49,14 +49,16 @@ krb5_sock_to_principal (krb5_context context,
     socklen_t len = sizeof(__ss);
     struct hostent *hostent;
     int family;
-    char hname[256];
-    char *tmp;
+    char *hname = NULL;
 
-    if (getsockname (sock, sa, &len) < 0)
-	return errno;
+    if (getsockname (sock, sa, &len) < 0) {
+	ret = errno;
+	krb5_set_error_string (context, "getsockname: %s", strerror(ret));
+	return ret;
+    }
     family = sa->sa_family;
     
-    ret = krb5_sockaddr2address (sa, &address);
+    ret = krb5_sockaddr2address (context, sa, &address);
     if (ret)
 	return ret;
 
@@ -64,20 +66,22 @@ krb5_sock_to_principal (krb5_context context,
 				   address.address.length,
 				   family);
 
-    if (hostent == NULL)
-	return h_errno;
-    tmp = hostent->h_name;
-    if (strchr(tmp, '.') == NULL) {
+    if (hostent == NULL) {
+	krb5_set_error_string (context, "gethostbyaddr: %s",
+			       hstrerror(h_errno));
+	return krb5_h_errno_to_heim_errno(h_errno);
+    }
+    hname = hostent->h_name;
+    if (strchr(hname, '.') == NULL) {
 	char **a;
 
 	for (a = hostent->h_aliases; a != NULL && *a != NULL; ++a)
 	    if (strchr(*a, '.') != NULL) {
-		tmp = *a;
+		hname = *a;
 		break;
 	    }
     }
 
-    strlcpy(hname, tmp, sizeof(hname));
     return krb5_sname_to_principal (context,
 				    hname,
 				    sname,
diff --git a/crypto/heimdal/lib/krb5/store-test.c b/crypto/heimdal/lib/krb5/store-test.c
new file mode 100644
index 0000000..512d2a5
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/store-test.c
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: store-test.c,v 1.1 2001/05/11 16:06:25 joda Exp $");
+
+static void
+print_data(unsigned char *data, size_t len)
+{
+    int i;
+    for(i = 0; i < len; i++) {
+	if(i > 0 && (i % 16) == 0)
+	    printf("\n            ");
+	printf("%02x ", data[i]);
+    }
+    printf("\n");
+}
+
+static int
+compare(const char *name, krb5_storage *sp, void *expected, size_t len)
+{
+    int ret = 0;
+    krb5_data data;
+    krb5_storage_to_data(sp, &data);
+    krb5_storage_free(sp);
+    if(data.length != len || memcmp(data.data, expected, len) != 0) {
+	printf("%s mismatch\n", name);
+	printf("  Expected: ");
+	print_data(expected, len);
+	printf("  Actual:   ");
+	print_data(data.data, data.length);
+	ret++;
+    }
+    krb5_data_free(&data);
+    return ret;
+}
+
+int
+main(int argc, char **argv)
+{
+    int nerr = 0;
+    krb5_storage *sp;
+    krb5_context context;
+    krb5_principal principal;
+	
+
+    krb5_init_context(&context);
+
+    sp = krb5_storage_emem();
+    krb5_store_int32(sp, 0x01020304);
+    nerr += compare("Integer", sp, "\x1\x2\x3\x4", 4);
+
+    sp = krb5_storage_emem();
+    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
+    krb5_store_int32(sp, 0x01020304);
+    nerr += compare("Integer (LE)", sp, "\x4\x3\x2\x1", 4);
+
+    sp = krb5_storage_emem();
+    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
+    krb5_store_int32(sp, 0x01020304);
+    nerr += compare("Integer (BE)", sp, "\x1\x2\x3\x4", 4);
+
+    sp = krb5_storage_emem();
+    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST);
+    krb5_store_int32(sp, 0x01020304);
+    {
+	int test = 1;
+	void *data;
+	if(*(char*)&test) 
+	    data = "\x4\x3\x2\x1";
+	else 
+	    data = "\x1\x2\x3\x4";
+	nerr += compare("Integer (host)", sp, data, 4);
+    }
+
+    sp = krb5_storage_emem();
+    krb5_make_principal(context, &principal, "TEST", "foobar", NULL);
+    krb5_store_principal(sp, principal);
+    nerr += compare("Principal", sp, "\x0\x0\x0\x1"
+		    "\x0\x0\x0\x1"
+		    "\x0\x0\x0\x4TEST"
+		    "\x0\x0\x0\x6""foobar", 26);
+    
+    return nerr ? 1 : 0;
+}
diff --git a/crypto/heimdal/lib/krb5/store.c b/crypto/heimdal/lib/krb5/store.c
index 5f9d659..4dd96a8 100644
--- a/crypto/heimdal/lib/krb5/store.c
+++ b/crypto/heimdal/lib/krb5/store.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,13 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: store.c,v 1.34 2000/04/11 00:46:09 assar Exp $");
+RCSID("$Id: store.c,v 1.35 2001/05/11 13:01:43 joda Exp $");
+
+#define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V))
+#define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE)
+#define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE)
+#define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \
+			       krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER))
 
 void
 krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags)
@@ -53,6 +59,20 @@ krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags)
     return (sp->flags & flags) == flags;
 }
 
+void
+krb5_storage_set_byteorder(krb5_storage *sp, krb5_flags byteorder)
+{
+    sp->flags &= ~KRB5_STORAGE_BYTEORDER_MASK;
+    sp->flags |= byteorder;
+}
+
+krb5_flags
+krb5_storage_get_byteorder(krb5_storage *sp, krb5_flags byteorder)
+{
+    return sp->flags & KRB5_STORAGE_BYTEORDER_MASK;
+}
+
+
 ssize_t
 _krb5_put_int(void *buffer, unsigned long value, size_t size)
 {
@@ -115,8 +135,10 @@ krb5_store_int(krb5_storage *sp,
 	       size_t len)
 {
     int ret;
-    unsigned char v[4];
+    unsigned char v[16];
 
+    if(len > sizeof(v))
+	return EINVAL;
     _krb5_put_int(v, value, len);
     ret = sp->store(sp, v, len);
     if (ret != len)
@@ -128,8 +150,10 @@ krb5_error_code
 krb5_store_int32(krb5_storage *sp,
 		 int32_t value)
 {
-    if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER))
+    if(BYTEORDER_IS_HOST(sp))
 	value = htonl(value);
+    else if(BYTEORDER_IS_LE(sp))
+	value = bswap32(value);
     return krb5_store_int(sp, value, 4);
 }
 
@@ -156,8 +180,10 @@ krb5_ret_int32(krb5_storage *sp,
     krb5_error_code ret = krb5_ret_int(sp, value, 4);
     if(ret)
 	return ret;
-    if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER))
-	*value = ntohl(*value);
+    if(BYTEORDER_IS_HOST(sp))
+	*value = htonl(*value);
+    else if(BYTEORDER_IS_LE(sp))
+	*value = bswap32(*value);
     return 0;
 }
 
@@ -165,8 +191,10 @@ krb5_error_code
 krb5_store_int16(krb5_storage *sp,
 		 int16_t value)
 {
-    if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER))
+    if(BYTEORDER_IS_HOST(sp))
 	value = htons(value);
+    else if(BYTEORDER_IS_LE(sp))
+	value = bswap16(value);
     return krb5_store_int(sp, value, 2);
 }
 
@@ -180,8 +208,10 @@ krb5_ret_int16(krb5_storage *sp,
     if(ret)
 	return ret;
     *value = v;
-    if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER))
-	*value = ntohs(*value);
+    if(BYTEORDER_IS_HOST(sp))
+	*value = htons(*value);
+    else if(BYTEORDER_IS_LE(sp))
+	*value = bswap16(*value);
     return 0;
 }
 
diff --git a/crypto/heimdal/lib/krb5/string-to-key-test.c b/crypto/heimdal/lib/krb5/string-to-key-test.c
index 6e6c0b6..0ea5cd1 100644
--- a/crypto/heimdal/lib/krb5/string-to-key-test.c
+++ b/crypto/heimdal/lib/krb5/string-to-key-test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: string-to-key-test.c,v 1.4 2000/12/31 08:03:54 assar Exp $");
+RCSID("$Id: string-to-key-test.c,v 1.7 2001/05/11 16:15:27 joda Exp $");
 
 enum { MAXSIZE = 24 };
 
@@ -43,7 +43,7 @@ static struct testcase {
     unsigned char res[MAXSIZE];
 } tests[] = {
     {"@", "", ETYPE_DES_CBC_MD5,
-     {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}},
+     {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0xf1}},
     {"nisse@FOO.SE", "hej", ETYPE_DES_CBC_MD5,
      {0xfe, 0x67, 0xbf, 0x9e, 0x57, 0x6b, 0xfe, 0x52}},
     {"assar/liten@FOO.SE", "hemligt", ETYPE_DES_CBC_MD5,
@@ -63,6 +63,26 @@ static struct testcase {
     {"does/not@MATTER", "foo", ETYPE_ARCFOUR_HMAC_MD5,
      {0xac, 0x8e, 0x65, 0x7f, 0x83, 0xdf, 0x82, 0xbe,
       0xea, 0x5d, 0x43, 0xbd, 0xaf, 0x78, 0x00, 0xcc}},
+    {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES_CBC_MD5,
+     {0xcb, 0xc2, 0x2f, 0xae, 0x23, 0x52, 0x98, 0xe3}},
+    {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES_CBC_MD5,
+     {0xdf, 0x3d, 0x32, 0xa7, 0x4f, 0xd9, 0x2a, 0x01}},
+    {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES_CBC_MD5,
+     {0x94, 0x43, 0xa2, 0xe5, 0x32, 0xfd, 0xc4, 0xf1}},
+    {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES_CBC_MD5,
+     {0x62, 0xc8, 0x1a, 0x52, 0x32, 0xb5, 0xe6, 0x9d}},
+    {"AAAAAAAA", "11119999", ETYPE_DES_CBC_MD5,
+     {0x98, 0x40, 0x54, 0xd0, 0xf1, 0xa7, 0x3e, 0x31}},
+    {"FFFFAAAA", "NNNN6666", ETYPE_DES_CBC_MD5,
+     {0xc4, 0xbf, 0x6b, 0x25, 0xad, 0xf7, 0xa4, 0xf8}},
+    {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES3_CBC_SHA1,
+     {0x85, 0x0b, 0xb5, 0x13, 0x58, 0x54, 0x8c, 0xd0, 0x5e, 0x86, 0x76, 0x8c, 0x31, 0x3e, 0x3b, 0xfe, 0xf7, 0x51, 0x19, 0x37, 0xdc, 0xf7, 0x2c, 0x3e}},
+    {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES3_CBC_SHA1,
+     {0xdf, 0xcd, 0x23, 0x3d, 0xd0, 0xa4, 0x32, 0x04, 0xea, 0x6d, 0xc4, 0x37, 0xfb, 0x15, 0xe0, 0x61, 0xb0, 0x29, 0x79, 0xc1, 0xf7, 0x4f, 0x37, 0x7a}},
+    {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES3_CBC_SHA1,
+     {0x6d, 0x2f, 0xcd, 0xf2, 0xd6, 0xfb, 0xbc, 0x3d, 0xdc, 0xad, 0xb5, 0xda, 0x57, 0x10, 0xa2, 0x34, 0x89, 0xb0, 0xd3, 0xb6, 0x9d, 0x5d, 0x9d, 0x4a}},
+    {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES3_CBC_SHA1,
+     {0x16, 0xd5, 0xa4, 0x0e, 0x1c, 0xe3, 0xba, 0xcb, 0x61, 0xb9, 0xdc, 0xe0, 0x04, 0x70, 0x32, 0x4c, 0x83, 0x19, 0x73, 0xa7, 0xb9, 0x52, 0xfe, 0xb0}},
     {NULL}
 };
 
@@ -78,6 +98,10 @@ main(int argc, char **argv)
     if (ret)
 	errx (1, "krb5_init_context failed: %d", ret);
 
+    /* to enable realm-less principal name above */
+
+    krb5_set_default_realm(context, "");
+
     for (t = tests; t->principal_name; ++t) {
 	krb5_keyblock key;
 	krb5_principal principal;
diff --git a/crypto/heimdal/lib/krb5/ticket.c b/crypto/heimdal/lib/krb5/ticket.c
index ecb5821..8d2397b 100644
--- a/crypto/heimdal/lib/krb5/ticket.c
+++ b/crypto/heimdal/lib/krb5/ticket.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: ticket.c,v 1.4 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: ticket.c,v 1.5 2001/05/14 06:14:51 assar Exp $");
 
 krb5_error_code
 krb5_free_ticket(krb5_context context,
@@ -52,8 +52,10 @@ krb5_copy_ticket(krb5_context context,
 {
     krb5_error_code ret;
     krb5_ticket *tmp = malloc(sizeof(*tmp));
-    if(tmp == NULL)
+    if(tmp == NULL) {
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
+    }
     if((ret = copy_EncTicketPart(&from->ticket, &tmp->ticket))){
 	free(tmp);
 	return ret;
diff --git a/crypto/heimdal/lib/krb5/time.c b/crypto/heimdal/lib/krb5/time.c
index 98121b4..9346546 100644
--- a/crypto/heimdal/lib/krb5/time.c
+++ b/crypto/heimdal/lib/krb5/time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: time.c,v 1.4 2000/06/29 08:20:52 joda Exp $");
+RCSID("$Id: time.c,v 1.5 2001/05/02 10:06:11 joda Exp $");
 
 /*
  * return ``corrected'' time in `timeret'.
@@ -77,3 +77,11 @@ krb5_format_time(krb5_context context, time_t t,
     strftime(s, len, include_time ? context->time_fmt : context->date_fmt, tm);
     return 0;
 }
+
+krb5_error_code
+krb5_string_to_deltat(const char *string, krb5_deltat *deltat)
+{
+    if((*deltat = parse_time(string, "s")) == -1)
+	return EINVAL;
+    return 0;
+}
diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c
index 1faf378..dbe6c80 100644
--- a/crypto/heimdal/lib/krb5/transited.c
+++ b/crypto/heimdal/lib/krb5/transited.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: transited.c,v 1.7 2000/02/07 13:30:41 joda Exp $");
+RCSID("$Id: transited.c,v 1.8 2001/05/14 06:14:52 assar Exp $");
 
 /* this is an attempt at one of the most horrible `compression'
    schemes that has ever been invented; it's so amazingly brain-dead
@@ -61,7 +61,8 @@ free_realms(struct tr_realm *r)
 }
 
 static int
-make_path(struct tr_realm *r, const char *from, const char *to)
+make_path(krb5_context context, struct tr_realm *r,
+	  const char *from, const char *to)
 {
     const char *p;
     struct tr_realm *path = r->next;
@@ -78,8 +79,10 @@ make_path(struct tr_realm *r, const char *from, const char *to)
 	p = from;
 	while(1){
 	    p = strchr(p, '.');
-	    if(p == NULL)
+	    if(p == NULL) {
+		krb5_clear_error_string (context);
 		return KRB5KDC_ERR_POLICY;
+	    }
 	    p++;
 	    if(strcmp(p, to) == 0)
 		break;
@@ -89,6 +92,7 @@ make_path(struct tr_realm *r, const char *from, const char *to)
 	    path->realm = strdup(p);
 	    if(path->realm == NULL){
 		r->next = path; /* XXX */
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;;
 	    }
 	}
@@ -106,21 +110,25 @@ make_path(struct tr_realm *r, const char *from, const char *to)
 	    path->realm = malloc(p - from + 1);
 	    if(path->realm == NULL){
 		r->next = path; /* XXX */
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    memcpy(path->realm, from, p - from);
 	    path->realm[p - from] = '\0';
 	    p--;
 	}
-    }else
+    } else {
+	krb5_clear_error_string (context);
 	return KRB5KDC_ERR_POLICY;
+    }
     r->next = path;
     
     return 0;
 }
 
 static int
-make_paths(struct tr_realm *realms, const char *client_realm, 
+make_paths(krb5_context context,
+	   struct tr_realm *realms, const char *client_realm, 
 	   const char *server_realm)
 {
     struct tr_realm *r;
@@ -138,7 +146,7 @@ make_paths(struct tr_realm *realms, const char *client_realm,
 		next_realm = r->next->realm;
 	    else
 		next_realm = server_realm;
-	    ret = make_path(r, prev_realm, next_realm);
+	    ret = make_path(context, r, prev_realm, next_realm);
 	    if(ret){
 		free_realms(realms);
 		return ret;
@@ -150,7 +158,8 @@ make_paths(struct tr_realm *realms, const char *client_realm,
 }
 
 static int
-expand_realms(struct tr_realm *realms, const char *client_realm)
+expand_realms(krb5_context context,
+	      struct tr_realm *realms, const char *client_realm)
 {
     struct tr_realm *r;
     const char *prev_realm = NULL;
@@ -162,6 +171,7 @@ expand_realms(struct tr_realm *realms, const char *client_realm)
 	    tmp = realloc(r->realm, strlen(r->realm) + strlen(prev_realm) + 1);
 	    if(tmp == NULL){
 		free_realms(realms);
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    r->realm = tmp;
@@ -173,6 +183,7 @@ expand_realms(struct tr_realm *realms, const char *client_realm)
 	    tmp = malloc(strlen(r->realm) + strlen(prev_realm) + 1);
 	    if(tmp == NULL){
 		free_realms(realms);
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    strcpy(tmp, prev_realm);
@@ -236,7 +247,8 @@ append_realm(struct tr_realm *head, struct tr_realm *r)
 }
 
 static int
-decode_realms(const char *tr, int length, struct tr_realm **realms)
+decode_realms(krb5_context context,
+	      const char *tr, int length, struct tr_realm **realms)
 {
     struct tr_realm *r = NULL;
 
@@ -261,6 +273,7 @@ decode_realms(const char *tr, int length, struct tr_realm **realms)
 	    r = make_realm(tmp);
 	    if(r == NULL){
 		free_realms(*realms);
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    *realms = append_realm(*realms, r);
@@ -273,6 +286,7 @@ decode_realms(const char *tr, int length, struct tr_realm **realms)
     r = make_realm(tmp);
     if(r == NULL){
 	free_realms(*realms);
+	krb5_set_error_string (context, "malloc: out of memory");
 	return ENOMEM;
     }
     *realms = append_realm(*realms, r);
@@ -282,7 +296,8 @@ decode_realms(const char *tr, int length, struct tr_realm **realms)
 
 
 krb5_error_code
-krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms, 
+krb5_domain_x500_decode(krb5_context context,
+			krb5_data tr, char ***realms, int *num_realms, 
 			const char *client_realm, const char *server_realm)
 {
     struct tr_realm *r = NULL;
@@ -290,16 +305,16 @@ krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms,
     int ret;
     
     /* split string in components */
-    ret = decode_realms(tr.data, tr.length, &r);
+    ret = decode_realms(context, tr.data, tr.length, &r);
     if(ret)
 	return ret;
     
     /* apply prefix rule */
-    ret = expand_realms(r, client_realm);
+    ret = expand_realms(context, r, client_realm);
     if(ret)
 	return ret;
     
-    ret = make_paths(r, client_realm, server_realm);
+    ret = make_paths(context, r, client_realm, server_realm);
     if(ret)
 	return ret;
     
@@ -324,6 +339,7 @@ krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms,
 	    R = realloc(*realms, (*num_realms + 1) * sizeof(**realms));
 	    if(R == NULL) {
 		free(*realms);
+		krb5_set_error_string (context, "malloc: out of memory");
 		return ENOMEM;
 	    }
 	    R[*num_realms] = r->realm;
@@ -382,6 +398,8 @@ krb5_check_transited_realms(krb5_context context,
 	char **p;
 	for(p = bad_realms; *p; p++)
 	    if(strcmp(*p, realms[i]) == 0) {
+		krb5_set_error_string (context, "no transit through realm %s",
+				       *p);
 		ret = KRB5KRB_AP_ERR_ILL_CR_TKT;
 		if(bad_realm)
 		    *bad_realm = i;
diff --git a/crypto/heimdal/lib/krb5/verify_init.c b/crypto/heimdal/lib/krb5/verify_init.c
index e7945ad..7e4618e 100644
--- a/crypto/heimdal/lib/krb5/verify_init.c
+++ b/crypto/heimdal/lib/krb5/verify_init.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: verify_init.c,v 1.12 2000/01/21 05:47:35 assar Exp $");
+RCSID("$Id: verify_init.c,v 1.14 2001/05/14 06:14:52 assar Exp $");
 
 void
 krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *options)
@@ -79,7 +79,7 @@ krb5_verify_init_creds(krb5_context context,
 {
     krb5_error_code ret;
     krb5_data req;
-    krb5_ccache local_ccache;
+    krb5_ccache local_ccache = NULL;
     krb5_keytab_entry entry;
     krb5_creds *new_creds = NULL;
     krb5_auth_context auth_context = NULL;
@@ -92,8 +92,12 @@ krb5_verify_init_creds(krb5_context context,
     if (ap_req_server == NULL) {
 	char local_hostname[MAXHOSTNAMELEN];
 
-	if (gethostname (local_hostname, sizeof(local_hostname)) < 0)
-	    return errno;
+	if (gethostname (local_hostname, sizeof(local_hostname)) < 0) {
+	    ret = errno;
+	    krb5_set_error_string (context, "getsockname: %s",
+				   strerror(ret));
+	    return ret;
+	}
 
 	ret = krb5_sname_to_principal (context,
 				       local_hostname,
@@ -185,8 +189,10 @@ cleanup:
 	krb5_free_principal (context, server);
     if (ap_req_keytab == NULL && keytab)
 	krb5_kt_close (context, keytab);
-    if (ccache == NULL
-	|| (ret != 0 && *ccache == NULL))
+    if (local_ccache != NULL
+	&&
+	(ccache == NULL
+	 || (ret != 0 && *ccache == NULL)))
 	krb5_cc_destroy (context, local_ccache);
 
     if (ret == 0 && ccache != NULL && *ccache == NULL)
diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.8 b/crypto/heimdal/lib/krb5/verify_krb5_conf.8
index c071d24..5aba5d8 100644
--- a/crypto/heimdal/lib/krb5/verify_krb5_conf.8
+++ b/crypto/heimdal/lib/krb5/verify_krb5_conf.8
@@ -1,4 +1,4 @@
-.\" $Id: verify_krb5_conf.8,v 1.2 2000/03/04 14:07:50 assar Exp $
+.\" $Id: verify_krb5_conf.8,v 1.3 2001/05/02 08:59:23 assar Exp $
 .\"
 .Dd March  4, 2000
 .Dt VERIFY_KRB5_CONF 8
diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.c b/crypto/heimdal/lib/krb5/verify_krb5_conf.c
index 2b9ce28..e480324 100644
--- a/crypto/heimdal/lib/krb5/verify_krb5_conf.c
+++ b/crypto/heimdal/lib/krb5/verify_krb5_conf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 #include <getarg.h>
-RCSID("$Id: verify_krb5_conf.c,v 1.3 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: verify_krb5_conf.c,v 1.5 2001/05/14 06:14:52 assar Exp $");
 
 /* verify krb5.conf */
 
@@ -60,14 +60,17 @@ usage (int ret)
 int
 main(int argc, char **argv)
 {
+    krb5_context context;
     const char *config_file = NULL;
     krb5_error_code ret;
     krb5_config_section *tmp_cf;
-    unsigned lineno;
-    char *error_message;
     int optind = 0;
 
-    set_progname (argv[0]);
+    setprogname (argv[0]);
+
+    ret = krb5_init_context(&context);
+    if (ret)
+	errx (1, "krb5_init_context failed");
 
     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
 	usage(1);
@@ -93,10 +96,9 @@ main(int argc, char **argv)
 	usage (1);
     }
     
-    ret = krb5_config_parse_file_debug (config_file, &tmp_cf, &lineno,
-					&error_message);
+    ret = krb5_config_parse_file (context, config_file, &tmp_cf);
     if (ret == 0)
 	return 0;
-    fprintf (stderr, "%s:%u: %s\n", config_file, lineno, error_message);
+    krb5_warn (context, ret, "krb5_config_parse_file");
     return 1;
 }
diff --git a/crypto/heimdal/lib/krb5/verify_user.c b/crypto/heimdal/lib/krb5/verify_user.c
index 758bc60..25cd77b 100644
--- a/crypto/heimdal/lib/krb5/verify_user.c
+++ b/crypto/heimdal/lib/krb5/verify_user.c
@@ -33,12 +33,13 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: verify_user.c,v 1.12 2001/01/04 17:40:00 joda Exp $");
+RCSID("$Id: verify_user.c,v 1.14 2001/05/14 09:06:53 joda Exp $");
 
 static krb5_error_code
 verify_common (krb5_context context,
 	       krb5_principal principal,
 	       krb5_ccache ccache,
+	       krb5_keytab keytab,
 	       krb5_boolean secure,
 	       const char *service,
 	       krb5_creds cred)
@@ -50,7 +51,8 @@ verify_common (krb5_context context,
 
     ret = krb5_sname_to_principal (context, NULL, service, KRB5_NT_SRV_HST,
 				   &server);
-    if(ret) return ret;
+    if(ret)
+	return ret;
 
     krb5_verify_init_creds_opt_init(&vopt);
     krb5_verify_init_creds_opt_set_ap_req_nofail(&vopt, secure);
@@ -58,11 +60,12 @@ verify_common (krb5_context context,
     ret = krb5_verify_init_creds(context,
 				 &cred,
 				 server,
-				 NULL,
+				 keytab,
 				 NULL,
 				 &vopt);
     krb5_free_principal(context, server);
-    if(ret) return ret;
+    if(ret)
+	return ret;
     if(ccache == NULL)
 	ret = krb5_cc_default (context, &id);
     else
@@ -87,24 +90,59 @@ verify_common (krb5_context context,
  * As a side effect, fresh tickets are obtained and stored in `ccache'.
  */
 
-krb5_error_code
-krb5_verify_user(krb5_context context, 
-		 krb5_principal principal,
-		 krb5_ccache ccache,
-		 const char *password,
-		 krb5_boolean secure,
-		 const char *service)
+void
+krb5_verify_opt_init(krb5_verify_opt *opt)
+{
+    memset(opt, 0, sizeof(*opt));
+    opt->secure = TRUE;
+    opt->service = "host";
+}
+
+void
+krb5_verify_opt_set_ccache(krb5_verify_opt *opt, krb5_ccache ccache)
+{
+    opt->ccache = ccache;
+}
+
+void
+krb5_verify_opt_set_keytab(krb5_verify_opt *opt, krb5_keytab keytab)
 {
+    opt->keytab = keytab;
+}
+
+void
+krb5_verify_opt_set_secure(krb5_verify_opt *opt, krb5_boolean secure)
+{
+    opt->secure = secure;
+}
+
+void
+krb5_verify_opt_set_service(krb5_verify_opt *opt, const char *service)
+{
+    opt->service = service;
+}
+
+void
+krb5_verify_opt_set_flags(krb5_verify_opt *opt, unsigned int flags)
+{
+    opt->flags |= flags;
+}
+
+static krb5_error_code
+verify_user_opt_int(krb5_context context,
+		    krb5_principal principal,
+		    const char *password,
+		    krb5_verify_opt *vopt)
 
+{
     krb5_error_code ret;
     krb5_get_init_creds_opt opt;
     krb5_creds cred;
-    
+
     krb5_get_init_creds_opt_init (&opt);
     krb5_get_init_creds_opt_set_default_flags(context, NULL, 
 					      *krb5_princ_realm(context, principal), 
 					      &opt);
-
     ret = krb5_get_init_creds_password (context,
 					&cred,
 					principal,
@@ -114,10 +152,70 @@ krb5_verify_user(krb5_context context,
 					0,
 					NULL,
 					&opt);
-    
     if(ret)
 	return ret;
-    return verify_common (context, principal, ccache, secure, service, cred);
+#define OPT(V, D) ((vopt && (vopt->V)) ? (vopt->V) : (D))
+    return verify_common (context, principal, OPT(ccache, NULL), 
+			  OPT(keytab, NULL), vopt ? vopt->secure : TRUE, 
+			  OPT(service, "host"), cred);
+#undef OPT
+}
+
+krb5_error_code
+krb5_verify_user_opt(krb5_context context,
+		     krb5_principal principal,
+		     const char *password,
+		     krb5_verify_opt *opt)
+{
+    krb5_error_code ret;
+
+    if(opt && (opt->flags & KRB5_VERIFY_LREALMS)) {
+	krb5_realm *realms, *r;
+	ret = krb5_get_default_realms (context, &realms);
+	if (ret)
+	    return ret;
+	ret = KRB5_CONFIG_NODEFREALM;
+	
+	for (r = realms; *r != NULL && ret != 0; ++r) {
+	    char *tmp = strdup (*r);
+	    
+	    if (tmp == NULL) {
+		krb5_free_host_realm (context, realms);
+		krb5_set_error_string (context, "malloc: out of memory");
+		return ENOMEM;
+	    }
+	    free (*krb5_princ_realm (context, principal));
+	    krb5_princ_set_realm (context, principal, &tmp);
+	    
+	    ret = verify_user_opt_int(context, principal, password, opt);
+	}
+	krb5_free_host_realm (context, realms);
+	if(ret)
+	    return ret;
+    } else
+	ret = verify_user_opt_int(context, principal, password, opt);
+    return ret;
+}
+
+/* compat function that calls above */
+
+krb5_error_code
+krb5_verify_user(krb5_context context, 
+		 krb5_principal principal,
+		 krb5_ccache ccache,
+		 const char *password,
+		 krb5_boolean secure,
+		 const char *service)
+{
+    krb5_verify_opt opt;
+    
+    krb5_verify_opt_init(&opt);
+    
+    krb5_verify_opt_set_ccache(&opt, ccache);
+    krb5_verify_opt_set_secure(&opt, secure);
+    krb5_verify_opt_set_service(&opt, service);
+    
+    return krb5_verify_user_opt(context, principal, password, &opt);
 }
 
 /*
@@ -133,44 +231,14 @@ krb5_verify_user_lrealm(krb5_context context,
 			krb5_boolean secure,
 			const char *service)
 {
-    krb5_error_code ret;
-    krb5_get_init_creds_opt opt;
-    krb5_realm *realms, *r;
-    krb5_creds cred;
+    krb5_verify_opt opt;
     
-    krb5_get_init_creds_opt_init (&opt);
-
-    ret = krb5_get_default_realms (context, &realms);
-    if (ret)
-	return ret;
-    ret = KRB5_CONFIG_NODEFREALM;
-
-    for (r = realms; *r != NULL && ret != 0; ++r) {
-	char *tmp = strdup (*r);
-
-	if (tmp == NULL) {
-	    krb5_free_host_realm (context, realms);
-	    return ENOMEM;
-	}
-	free (*krb5_princ_realm (context, principal));
-	krb5_princ_set_realm (context, principal, &tmp);
-
-	krb5_get_init_creds_opt_set_default_flags(context, NULL, 
-						  *krb5_princ_realm(context, principal), 
-						  &opt);
-	ret = krb5_get_init_creds_password (context,
-					    &cred,
-					    principal,
-					    (char*)password,
-					    krb5_prompter_posix,
-					    NULL,
-					    0,
-					    NULL,
-					    &opt);
-    }
-    krb5_free_host_realm (context, realms);
-    if(ret)
-	return ret;
-
-    return verify_common (context, principal, ccache, secure, service, cred);
+    krb5_verify_opt_init(&opt);
+    
+    krb5_verify_opt_set_ccache(&opt, ccache);
+    krb5_verify_opt_set_secure(&opt, secure);
+    krb5_verify_opt_set_service(&opt, service);
+    krb5_verify_opt_set_flags(&opt, KRB5_VERIFY_LREALMS);
+    
+    return krb5_verify_user_opt(context, principal, password, &opt);
 }
diff --git a/crypto/heimdal/lib/krb5/warn.c b/crypto/heimdal/lib/krb5/warn.c
index 1f594fb..ec009b2 100644
--- a/crypto/heimdal/lib/krb5/warn.c
+++ b/crypto/heimdal/lib/krb5/warn.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -34,8 +34,12 @@
 #include "krb5_locl.h"
 #include <err.h>
 
-RCSID("$Id: warn.c,v 1.11 2000/08/16 07:37:41 assar Exp $");
+RCSID("$Id: warn.c,v 1.13 2001/05/07 21:04:34 assar Exp $");
 
+static krb5_error_code _warnerr(krb5_context context, int do_errtext, 
+	 krb5_error_code code, int level, const char *fmt, va_list ap)
+	__attribute__((__format__(__printf__, 5, 0)));
+	
 static krb5_error_code
 _warnerr(krb5_context context, int do_errtext, 
 	 krb5_error_code code, int level, const char *fmt, va_list ap)
@@ -43,6 +47,7 @@ _warnerr(krb5_context context, int do_errtext,
     char xfmt[7] = "";
     const char *args[2], **arg;
     char *msg = NULL;
+    char *err_str = NULL;
     
     args[0] = args[1] = NULL;
     arg = args;
@@ -60,11 +65,16 @@ _warnerr(krb5_context context, int do_errtext,
 
 	strcat(xfmt, "%s");
 
-	err_msg = krb5_get_err_text(context, code);
-	if (err_msg)
-	    *arg++ = err_msg;
-	else
-	    *arg++ = "<unknown error>";
+	err_str = krb5_get_error_string(context);
+	if (err_str != NULL) {
+	    *arg++ = err_str;
+	} else {
+	    err_msg = krb5_get_err_text(context, code);
+	    if (err_msg)
+		*arg++ = err_msg;
+	    else
+		*arg++ = "<unknown error>";
+	}
     }
 	
     if(context && context->warn_dest)
@@ -72,6 +82,7 @@ _warnerr(krb5_context context, int do_errtext,
     else
 	warnx(xfmt, args[0], args[1]);
     free(msg);
+    free(err_str);
     return 0;
 }
 
diff --git a/crypto/heimdal/lib/krb5/write_message.c b/crypto/heimdal/lib/krb5/write_message.c
index 2e394b6..16a40f0 100644
--- a/crypto/heimdal/lib/krb5/write_message.c
+++ b/crypto/heimdal/lib/krb5/write_message.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "krb5_locl.h"
 
-RCSID("$Id: write_message.c,v 1.6 2000/07/21 23:49:09 joda Exp $");
+RCSID("$Id: write_message.c,v 1.7 2001/05/14 06:14:52 assar Exp $");
 
 krb5_error_code
 krb5_write_message (krb5_context context,
@@ -42,12 +42,16 @@ krb5_write_message (krb5_context context,
 {
     u_int32_t len;
     u_int8_t buf[4];
+    int ret;
 
     len = data->length;
     _krb5_put_int(buf, len, 4);
     if (krb5_net_write (context, p_fd, buf, 4) != 4
-	|| krb5_net_write (context, p_fd, data->data, len) != len)
-	return errno;
+	|| krb5_net_write (context, p_fd, data->data, len) != len) {
+	ret = errno;
+	krb5_set_error_string (context, "write: %s", strerror(ret));
+	return ret;
+    }
     return 0;
 }
 
@@ -59,6 +63,7 @@ krb5_write_priv_message(krb5_context context,
 {
     krb5_error_code ret;
     krb5_data packet;
+
     ret = krb5_mk_priv (context, ac, data, &packet, NULL);
     if(ret)
 	return ret;
diff --git a/crypto/heimdal/lib/otp/ChangeLog b/crypto/heimdal/lib/otp/ChangeLog
new file mode 100644
index 0000000..064d9b9
--- /dev/null
+++ b/crypto/heimdal/lib/otp/ChangeLog
@@ -0,0 +1,71 @@
+2001-01-30  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am (libotp_la_LDFLAGS): bump version to 1:2:1
+
+2001-01-29  Assar Westerlund  <assar@sics.se>
+
+	* otp_md.c: update to new md4/md5/sha API
+
+2000-12-11  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am (INCLUDES): add krb4 includes here, which are
+	somewhat bogusly used when linking against libdes supplied by krb4
+
+2000-07-25  Johan Danielsson  <joda@pdc.kth.se>
+
+	* Makefile.am: bump version to 1:1:1
+
+2000-07-01  Assar Westerlund  <assar@sics.se>
+
+	*  const-ify
+
+2000-02-07  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: update version to 1:0:1
+
+2000-01-26  Assar Westerlund  <assar@sics.se>
+
+	* otp_md.c: update to pseudo-standard APIs for md4,md5,sha.
+	* otp_md.c: start using the pseudo-standard APIs for the hash
+	functions
+
+1999-10-20  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: set version to 0:1:0
+
+Fri Mar 19 14:52:48 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.am: add version-info
+
+Thu Mar 18 11:24:19 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.am: include Makefile.am.common
+
+Sat Mar 13 22:27:10 1999  Assar Westerlund  <assar@sics.se>
+
+	* otp_parse.c: unsigned-ify
+
+Sun Nov 22 10:44:16 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (WFLAGS): set
+
+Mon May 25 05:27:07 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (clean): try to remove shared library debris
+
+Sat May 23 20:54:28 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: link with DBLIB
+
+Sun Apr 19 09:59:46 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in: add symlink magic for linux
+
+Sat Feb  7 07:27:18 1998  Assar Westerlund  <assar@sics.se>
+
+	* otp_db.c (otp_put): make sure we don't overrun `buf'
+
+Sun Nov  9 07:14:59 1997  Assar Westerlund  <assar@sics.se>
+
+	* otp_locl.h: use xdbm.h
+
diff --git a/crypto/heimdal/lib/otp/Makefile.am b/crypto/heimdal/lib/otp/Makefile.am
new file mode 100644
index 0000000..b2bbed4
--- /dev/null
+++ b/crypto/heimdal/lib/otp/Makefile.am
@@ -0,0 +1,29 @@
+# $Id: Makefile.am,v 1.16 2001/01/30 01:54:48 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += $(INCLUDE_krb4)
+
+noinst_PROGRAMS = otptest
+
+otptest_LDADD = libotp.la \
+	$(LIB_des) \
+	$(LIB_roken) \
+	$(DBLIB)
+
+include_HEADERS = otp.h
+
+lib_LTLIBRARIES = libotp.la
+libotp_la_LDFLAGS = -version-info 1:2:1
+
+libotp_la_SOURCES = \
+	otp.c \
+	otp_challenge.c \
+	otp_db.c \
+	otp_md.c \
+	otp_parse.c \
+	otp_print.c \
+	otp_verify.c \
+	otp_locl.h \
+	otp_md.h \
+	roken_rename.h
diff --git a/crypto/heimdal/lib/otp/Makefile.in b/crypto/heimdal/lib/otp/Makefile.in
new file mode 100644
index 0000000..221fbd2
--- /dev/null
+++ b/crypto/heimdal/lib/otp/Makefile.in
@@ -0,0 +1,627 @@
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
+
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ../..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+
+@SET_MAKE@
+host_alias = @host_alias@
+host_triplet = @host@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+EXEEXT = @EXEEXT@
+EXTRA_LIB45 = @EXTRA_LIB45@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_ = @INCLUDE_@
+LEX = @LEX@
+LIBOBJS = @LIBOBJS@
+LIBTOOL = @LIBTOOL@
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
+LIB_kdb = @LIB_kdb@
+LIB_otp = @LIB_otp@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
+NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.16 2001/01/30 01:54:48 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
+
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4)
+
+AM_CFLAGS =  $(WFLAGS)
+
+CP = cp
+
+COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_crypt = @LIB_crypt@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_search = @LIB_res_search@
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+
+LIBS = @LIBS@
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+LIB_hesiod = @LIB_hesiod@
+
+INCLUDE_krb4 = @INCLUDE_krb4@
+LIB_krb4 = @LIB_krb4@
+
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
+INCLUDE_readline = @INCLUDE_readline@
+
+LEXLIB = @LEXLIB@
+
+NROFF_MAN = groff -mandoc -Tascii
+
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
+CHECK_LOCAL = $(PROGRAMS)
+
+noinst_PROGRAMS = otptest
+
+otptest_LDADD = libotp.la \
+	$(LIB_des) \
+	$(LIB_roken) \
+	$(DBLIB)
+
+
+include_HEADERS = otp.h
+
+lib_LTLIBRARIES = libotp.la
+libotp_la_LDFLAGS = -version-info 1:2:1
+
+libotp_la_SOURCES = \
+	otp.c \
+	otp_challenge.c \
+	otp_db.c \
+	otp_md.c \
+	otp_parse.c \
+	otp_print.c \
+	otp_verify.c \
+	otp_locl.h \
+	otp_md.h \
+	roken_rename.h
+
+subdir = lib/otp
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = ../../include/config.h
+CONFIG_CLEAN_FILES = 
+LTLIBRARIES =  $(lib_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+X_CFLAGS = @X_CFLAGS@
+X_LIBS = @X_LIBS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+libotp_la_LIBADD = 
+am_libotp_la_OBJECTS =  otp.lo otp_challenge.lo otp_db.lo otp_md.lo \
+otp_parse.lo otp_print.lo otp_verify.lo
+libotp_la_OBJECTS =  $(am_libotp_la_OBJECTS)
+noinst_PROGRAMS =  otptest$(EXEEXT)
+PROGRAMS =  $(noinst_PROGRAMS)
+
+otptest_SOURCES = otptest.c
+otptest_OBJECTS =  otptest.$(OBJEXT)
+otptest_DEPENDENCIES =  libotp.la
+otptest_LDFLAGS = 
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =  $(libotp_la_SOURCES) otptest.c
+HEADERS =  $(include_HEADERS)
+
+depcomp = 
+DIST_COMMON =  $(include_HEADERS) ChangeLog Makefile.am Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+GZIP_ENV = --best
+SOURCES = $(libotp_la_SOURCES) otptest.c
+OBJECTS = $(am_libotp_la_OBJECTS) otptest.$(OBJEXT)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/otp/Makefile
+
+Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status
+	cd $(top_builddir) \
+	  && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-libLTLIBRARIES:
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+
+distclean-libLTLIBRARIES:
+
+maintainer-clean-libLTLIBRARIES:
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(libdir)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  if test -f $$p; then \
+	    echo " $(LIBTOOL)  --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+	    $(LIBTOOL)  --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
+	  else :; fi; \
+	done
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  echo " $(LIBTOOL)  --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
+	  $(LIBTOOL)  --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
+	done
+
+mostlyclean-compile:
+	-rm -f *.o core *.core
+	-rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+	-rm -f *.tab.c
+
+maintainer-clean-compile:
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libotp.la: $(libotp_la_OBJECTS) $(libotp_la_DEPENDENCIES)
+	$(LINK) -rpath $(libdir) $(libotp_la_LDFLAGS) $(libotp_la_OBJECTS) $(libotp_la_LIBADD) $(LIBS)
+
+mostlyclean-noinstPROGRAMS:
+
+clean-noinstPROGRAMS:
+	-test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
+
+distclean-noinstPROGRAMS:
+
+maintainer-clean-noinstPROGRAMS:
+
+otptest$(EXEEXT): $(otptest_OBJECTS) $(otptest_DEPENDENCIES)
+	@rm -f otptest$(EXEEXT)
+	$(LINK) $(otptest_LDFLAGS) $(otptest_OBJECTS) $(otptest_LDADD) $(LIBS)
+.c.o:
+	$(COMPILE) -c $<
+.c.obj:
+	$(COMPILE) -c `cygpath -w $<`
+.c.lo:
+	$(LTCOMPILE) -c -o $@ $<
+
+install-includeHEADERS: $(include_HEADERS)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(includedir)
+	@list='$(include_HEADERS)'; for p in $$list; do \
+	  if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+	  f="`echo $$p | sed -e 's|^.*/||'`"; \
+	  echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+	  $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
+	done
+
+uninstall-includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(include_HEADERS)'; for p in $$list; do \
+	  f="`echo $$p | sed -e 's|^.*/||'`"; \
+	  echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+	  rm -f $(DESTDIR)$(includedir)/$$f; \
+	done
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+	list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	mkid -fID $$unique $(LISP)
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
+
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+	-rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+distdir: $(DISTFILES)
+	@for file in $(DISTFILES); do \
+	  d=$(srcdir); \
+	  if test -d $$d/$$file; then \
+	    cp -pR $$d/$$file $(distdir) \
+	    || exit 1; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || cp -p $$d/$$file $(distdir)/$$file \
+	    || exit 1; \
+	  fi; \
+	done
+	$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+	$(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-libLTLIBRARIES
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-exec: install-exec-am
+
+install-data-am: install-includeHEADERS install-data-local
+install-data: install-data-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
+all-redirect: all-am
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
+installdirs:
+	$(mkinstalldirs)  $(DESTDIR)$(libdir) $(DESTDIR)$(includedir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-rm -f Makefile $(CONFIG_CLEAN_FILES)
+	-rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+	-rm -f Makefile.in
+mostlyclean-am:  mostlyclean-libLTLIBRARIES mostlyclean-compile \
+		mostlyclean-libtool mostlyclean-noinstPROGRAMS \
+		mostlyclean-tags mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am:  clean-libLTLIBRARIES clean-compile clean-libtool \
+		clean-noinstPROGRAMS clean-tags clean-generic \
+		mostlyclean-am
+
+clean: clean-am
+
+distclean-am:  distclean-libLTLIBRARIES distclean-compile \
+		distclean-libtool distclean-noinstPROGRAMS \
+		distclean-tags distclean-generic clean-am
+	-rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am:  maintainer-clean-libLTLIBRARIES \
+		maintainer-clean-compile maintainer-clean-libtool \
+		maintainer-clean-noinstPROGRAMS maintainer-clean-tags \
+		maintainer-clean-generic distclean-am
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \
+clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
+uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \
+distclean-compile clean-compile maintainer-clean-compile \
+mostlyclean-libtool distclean-libtool clean-libtool \
+maintainer-clean-libtool mostlyclean-noinstPROGRAMS \
+distclean-noinstPROGRAMS clean-noinstPROGRAMS \
+maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
+install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
+maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \
+check-am installcheck-am installcheck install-exec-am install-exec \
+install-data-local install-data-am install-data install-am install \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+
+
+install-suid-programs:
+	@foo='$(bin_SUIDS)'; \
+	for file in $$foo; do \
+	x=$(DESTDIR)$(bindir)/$$file; \
+	if chown 0:0 $$x && chmod u+s $$x; then :; else \
+	echo "*"; \
+	echo "* Failed to install $$x setuid root"; \
+	echo "*"; \
+	fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+	@foo='$(include_HEADERS) $(build_HEADERZ)'; \
+	for f in $$foo; do \
+		f=`basename $$f`; \
+		if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+		else file="$$f"; fi; \
+		if cmp -s  $$file $(buildinclude)/$$f 2> /dev/null ; then \
+		: ; else \
+			echo " $(CP) $$file $(buildinclude)/$$f"; \
+			$(CP) $$file $(buildinclude)/$$f; \
+		fi ; \
+	done
+
+all-local: install-build-headers
+#NROFF_MAN = nroff -man
+.1.cat1:
+	$(NROFF_MAN) $< > $@
+.3.cat3:
+	$(NROFF_MAN) $< > $@
+.5.cat5:
+	$(NROFF_MAN) $< > $@
+.8.cat8:
+	$(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+	@foo='$(man1_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.1) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat3-mans:
+	@foo='$(man3_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.3) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat5-mans:
+	@foo='$(man5_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.5) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-cat8-mans:
+	@foo='$(man8_MANS)'; \
+	bar='$(man_MANS)'; \
+	for i in $$bar; do \
+	case $$i in \
+	*.8) foo="$$foo $$i";; \
+	esac; done ;\
+	for i in $$foo; do \
+		x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+		echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+		$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+	done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+	$(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+	$(COMPILE_ET) $<
+.et.c:
+	$(COMPILE_ET) $<
+
+.x.c:
+	@cmp -s $< $@ 2> /dev/null || cp $< $@
+
+check-local::
+	@foo='$(CHECK_LOCAL)'; \
+	  if test "$$foo"; then \
+	  failed=0; all=0; \
+	  for i in $$foo; do \
+	    all=`expr $$all + 1`; \
+	    if ./$$i --version > /dev/null 2>&1; then \
+	      echo "PASS: $$i"; \
+	    else \
+	      echo "FAIL: $$i"; \
+	      failed=`expr $$failed + 1`; \
+	    fi; \
+	  done; \
+	  if test "$$failed" -eq 0; then \
+	    banner="All $$all tests passed"; \
+	  else \
+	    banner="$$failed of $$all tests failed"; \
+	  fi; \
+	  dashes=`echo "$$banner" | sed s/./=/g`; \
+	  echo "$$dashes"; \
+	  echo "$$banner"; \
+	  echo "$$dashes"; \
+	  test "$$failed" -eq 0; \
+	fi
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/otp/otp.c b/crypto/heimdal/lib/otp/otp.c
new file mode 100644
index 0000000..746f3cb
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp.c,v 1.8 2000/07/12 00:26:43 assar Exp $");
+#endif
+
+#include "otp_locl.h"
+#include "otp_md.h"
+
+static OtpAlgorithm algorithms[] = {
+  {OTP_ALG_MD4, "md4", 16, otp_md4_hash, otp_md4_init, otp_md4_next},
+  {OTP_ALG_MD5, "md5", 16, otp_md5_hash, otp_md5_init, otp_md5_next},
+  {OTP_ALG_SHA, "sha", 20, otp_sha_hash, otp_sha_init, otp_sha_next}
+};
+
+OtpAlgorithm *
+otp_find_alg (char *name)
+{
+  int i;
+
+  for (i = 0; i < sizeof(algorithms)/sizeof(*algorithms); ++i)
+    if (strcmp (name, algorithms[i].name) == 0)
+      return &algorithms[i];
+  return NULL;
+}
+
+char *
+otp_error (OtpContext *o)
+{
+  return o->err;
+}
diff --git a/crypto/heimdal/lib/otp/otp.h b/crypto/heimdal/lib/otp/otp.h
new file mode 100644
index 0000000..e813458
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp.h
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: otp.h,v 1.19 2000/07/12 00:26:43 assar Exp $ */
+
+#ifndef _OTP_H
+#define _OTP_H
+
+#include <stdlib.h>
+#include <time.h>
+
+enum {OTPKEYSIZE = 8};
+
+typedef unsigned char OtpKey[OTPKEYSIZE];
+
+#define OTP_MIN_PASSPHRASE 10
+#define OTP_MAX_PASSPHRASE 63
+
+#define OTP_USER_TIMEOUT   120
+#define OTP_DB_TIMEOUT      60
+
+#define OTP_HEXPREFIX "hex:"
+#define OTP_WORDPREFIX "word:"
+
+typedef enum { OTP_ALG_MD4, OTP_ALG_MD5, OTP_ALG_SHA } OtpAlgID;
+
+#define OTP_ALG_DEFAULT "md5"
+
+typedef struct {
+  OtpAlgID id;
+  char *name;
+  int hashsize;
+  int (*hash)(const char *s, size_t len, unsigned char *res);
+  int (*init)(OtpKey key, const char *pwd, const char *seed);
+  int (*next)(OtpKey key);
+} OtpAlgorithm;
+
+typedef struct {
+  char *user;
+  OtpAlgorithm *alg;
+  unsigned n;
+  char seed[17];
+  OtpKey key;
+  int challengep;
+  time_t lock_time;
+  char *err;
+} OtpContext;
+
+OtpAlgorithm *otp_find_alg (char *name);
+void otp_print_stddict (OtpKey key, char *str, size_t sz);
+void otp_print_hex (OtpKey key, char *str, size_t sz);
+void otp_print_stddict_extended (OtpKey key, char *str, size_t sz);
+void otp_print_hex_extended (OtpKey key, char *str, size_t sz);
+unsigned otp_checksum (OtpKey key);
+int otp_parse_hex (OtpKey key, const char *);
+int otp_parse_stddict (OtpKey key, const char *);
+int otp_parse_altdict (OtpKey key, const char *, OtpAlgorithm *);
+int otp_parse (OtpKey key, const char *, OtpAlgorithm *);
+int otp_challenge (OtpContext *ctx, char *user, char *str, size_t len);
+int otp_verify_user (OtpContext *ctx, const char *passwd);
+int otp_verify_user_1 (OtpContext *ctx, const char *passwd);
+char *otp_error (OtpContext *ctx);
+
+void *otp_db_open (void);
+void otp_db_close (void *);
+int otp_put (void *, OtpContext *ctx);
+int otp_get (void *, OtpContext *ctx);
+int otp_simple_get (void *, OtpContext *ctx);
+int otp_delete (void *, OtpContext *ctx);
+
+#endif /* _OTP_H */
diff --git a/crypto/heimdal/lib/otp/otp_challenge.c b/crypto/heimdal/lib/otp/otp_challenge.c
new file mode 100644
index 0000000..3507c4f
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_challenge.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_challenge.c,v 1.10 1999/12/02 16:58:44 joda Exp $");
+#endif
+
+#include "otp_locl.h"
+
+int
+otp_challenge (OtpContext *ctx, char *user, char *str, size_t len)
+{
+  void *dbm;
+  int ret;
+
+  ctx->challengep = 0;
+  ctx->err = NULL;
+  ctx->user = malloc(strlen(user) + 1);
+  if (ctx->user == NULL) {
+    ctx->err = "Out of memory";
+    return -1;
+  }
+  strcpy(ctx->user, user);
+  dbm = otp_db_open ();
+  if (dbm == NULL) {
+    ctx->err = "Cannot open database";
+    return -1;
+  }
+  ret = otp_get (dbm, ctx);
+  otp_db_close (dbm);
+  if (ret)
+    return ret;
+  snprintf (str, len,
+	    "[ otp-%s %u %s ]",
+	    ctx->alg->name, ctx->n-1, ctx->seed);
+  ctx->challengep = 1;
+  return 0;
+}
diff --git a/crypto/heimdal/lib/otp/otp_db.c b/crypto/heimdal/lib/otp/otp_db.c
new file mode 100644
index 0000000..3cc5d849
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_db.c
@@ -0,0 +1,229 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_db.c,v 1.17 1999/12/02 16:58:44 joda Exp $");
+#endif
+
+#include "otp_locl.h"
+
+#define RETRIES 5
+
+void *
+otp_db_open (void)
+{
+  int lock;
+  int i;
+  void *ret;
+
+  for(i = 0; i < RETRIES; ++i) {
+    struct stat statbuf;
+
+    lock = open (OTP_DB_LOCK, O_WRONLY | O_CREAT | O_EXCL, 0666);
+    if (lock >= 0) {
+      close(lock);
+      break;
+    }
+    if (stat (OTP_DB_LOCK, &statbuf) == 0) {
+      if (time(NULL) - statbuf.st_mtime > OTP_DB_TIMEOUT)
+	unlink (OTP_DB_LOCK);
+      else
+	sleep (1);
+    }
+  }
+  if (i == RETRIES)
+    return NULL;
+  ret = dbm_open (OTP_DB, O_RDWR | O_CREAT, 0600);
+  if (ret == NULL)
+    unlink (OTP_DB_LOCK);
+  return ret;
+}
+
+void
+otp_db_close (void *dbm)
+{
+  dbm_close ((DBM *)dbm);
+  unlink (OTP_DB_LOCK);
+}
+
+/*
+ * Remove this entry from the database.
+ * return 0 if ok.
+ */
+
+int 
+otp_delete (void *v, OtpContext *ctx)
+{
+  DBM *dbm = (DBM *)v;
+  datum key;
+
+  key.dsize = strlen(ctx->user);
+  key.dptr  = ctx->user;
+ 
+  return dbm_delete(dbm, key);
+}
+
+/*
+ * Read this entry from the database and lock it if lockp.
+ */
+
+static int
+otp_get_internal (void *v, OtpContext *ctx, int lockp)
+{
+  DBM *dbm = (DBM *)v;
+  datum dat, key;
+  char *p;
+  time_t now, then;
+
+  key.dsize = strlen(ctx->user);
+  key.dptr  = ctx->user;
+
+  dat = dbm_fetch (dbm, key);
+  if (dat.dptr == NULL) {
+    ctx->err = "Entry not found";
+    return -1;
+  }
+  p = dat.dptr;
+
+  memcpy (&then, p, sizeof(then));
+  ctx->lock_time = then;
+  if (lockp) {
+    time(&now);
+    if (then && now - then < OTP_USER_TIMEOUT) {
+      ctx->err = "Entry locked";
+      return -1;
+    }
+    memcpy (p, &now, sizeof(now));
+  }
+  p += sizeof(now);
+  ctx->alg = otp_find_alg (p);
+  if (ctx->alg == NULL) {
+    ctx->err = "Bad algorithm";
+    return -1;
+  }
+  p += strlen(p) + 1;
+  {
+    unsigned char *up = (unsigned char *)p;
+    ctx->n = (up[0] << 24) | (up[1] << 16) | (up[2] << 8) | up[3];
+  }
+  p += 4;
+  memcpy (ctx->key, p, OTPKEYSIZE);
+  p += OTPKEYSIZE;
+  strlcpy (ctx->seed, p, sizeof(ctx->seed));
+  if (lockp)
+    return dbm_store (dbm, key, dat, DBM_REPLACE);
+  else
+    return 0;
+}
+
+/*
+ * Get and lock.
+ */
+
+int
+otp_get (void *v, OtpContext *ctx)
+{
+  return otp_get_internal (v, ctx, 1);
+}
+
+/*
+ * Get and don't lock.
+ */
+
+int
+otp_simple_get (void *v, OtpContext *ctx)
+{
+  return otp_get_internal (v, ctx, 0);
+}
+
+/*
+ * Write this entry to the database.
+ */
+
+int
+otp_put (void *v, OtpContext *ctx)
+{
+  DBM *dbm = (DBM *)v;
+  datum dat, key;
+  char buf[1024], *p;
+  time_t zero = 0;
+  size_t len, rem;
+
+  key.dsize = strlen(ctx->user);
+  key.dptr  = ctx->user;
+
+  p = buf;
+  rem = sizeof(buf);
+
+  if (rem < sizeof(zero))
+      return -1;
+  memcpy (p, &zero, sizeof(zero));
+  p += sizeof(zero);
+  rem -= sizeof(zero);
+  len = strlen(ctx->alg->name) + 1;
+
+  if (rem < len)
+      return -1;
+  strcpy (p, ctx->alg->name);
+  p += len;
+  rem -= len;
+
+  if (rem < 4)
+      return -1;
+  {
+    unsigned char *up = (unsigned char *)p;
+    *up++ = (ctx->n >> 24) & 0xFF;
+    *up++ = (ctx->n >> 16) & 0xFF;
+    *up++ = (ctx->n >>  8) & 0xFF;
+    *up++ = (ctx->n >>  0) & 0xFF;
+  }
+  p += 4;
+  rem -= 4;
+
+  if (rem < OTPKEYSIZE)
+      return -1;
+  memcpy (p, ctx->key, OTPKEYSIZE);
+  p += OTPKEYSIZE;
+  rem -= OTPKEYSIZE;
+
+  len = strlen(ctx->seed) + 1;
+  if (rem < len)
+      return -1;
+  strcpy (p, ctx->seed);
+  p += len;
+  rem -= len;
+  dat.dptr  = buf;
+  dat.dsize = p - buf;
+  return dbm_store (dbm, key, dat, DBM_REPLACE);
+}
diff --git a/crypto/heimdal/lib/otp/otp_locl.h b/crypto/heimdal/lib/otp/otp_locl.h
new file mode 100644
index 0000000..391d04e
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_locl.h
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: otp_locl.h,v 1.11 1999/12/02 16:58:44 joda Exp $ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include <time.h>
+#include <errno.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_IO_H
+#include <io.h>
+#endif
+
+#include <roken.h>
+
+#include <otp.h>
+
+#include <xdbm.h>
+
+#define OTPKEYS "/.otpkeys"
+
+#define OTP_DB "/etc/otp"
+#define OTP_DB_LOCK "/etc/otp-lock"
diff --git a/crypto/heimdal/lib/otp/otp_md.c b/crypto/heimdal/lib/otp/otp_md.c
new file mode 100644
index 0000000..d408fcd
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_md.c
@@ -0,0 +1,280 @@
+/*
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_md.c,v 1.14 2001/01/29 05:55:18 assar Exp $");
+#endif
+#include "otp_locl.h"
+
+#include "otp_md.h"
+#ifdef HAVE_OPENSSL_MD4_H
+#include <openssl/md4.h>
+#else
+#include <md4.h>
+#endif
+#ifdef HAVE_OPENSSL_MD5_H
+#include <openssl/md5.h>
+#else
+#include <md5.h>
+#endif
+#ifdef HAVE_OPENSSL_SHA_H
+#include <openssl/sha.h>
+#else
+#include <sha.h>
+#endif
+
+/*
+ * Compress len bytes from md into key
+ */
+
+static void
+compressmd (OtpKey key, unsigned char *md, size_t len)
+{
+  u_char *p = key;
+
+  memset (p, 0, OTPKEYSIZE);
+  while(len) {
+    *p++ ^= *md++;
+    *p++ ^= *md++;
+    *p++ ^= *md++;
+    *p++ ^= *md++;
+    len -= 4;
+    if (p == key + OTPKEYSIZE)
+      p = key;
+  }
+}
+
+static int
+otp_md_init (OtpKey key,
+	     const char *pwd,
+	     const char *seed,
+	     void (*init)(void *),
+	     void (*update)(void *, const void *, size_t),
+	     void (*final)(void *, void *),
+	     void *arg,
+	     unsigned char *res,
+	     size_t ressz)
+{
+  char *p;
+  int len;
+
+  len = strlen(pwd) + strlen(seed);
+  p = malloc (len + 1);
+  if (p == NULL)
+    return -1;
+  strcpy (p, seed);
+  strlwr (p);
+  strcat (p, pwd);
+  (*init)(arg);
+  (*update)(arg, p, len);
+  (*final)(res, arg);
+  free (p);
+  compressmd (key, res, ressz);
+  return 0;
+}
+
+static int
+otp_md_next (OtpKey key,
+	     void (*init)(void *),
+	     void (*update)(void *, const void *, size_t),
+	     void (*final)(void *, void *),
+	     void *arg,
+	     unsigned char *res,
+	     size_t ressz)
+{
+  (*init)(arg);
+  (*update)(arg, key, OTPKEYSIZE);
+  (*final)(res, arg);
+  compressmd (key, res, ressz);
+  return 0;
+}
+
+static int
+otp_md_hash (const char *data,
+	     size_t len,
+	     void (*init)(void *),
+	     void (*update)(void *, const void *, size_t),
+	     void (*final)(void *, void *),
+	     void *arg,
+	     unsigned char *res,
+	     size_t ressz)
+{
+  (*init)(arg);
+  (*update)(arg, data, len);
+  (*final)(res, arg);
+  return 0;
+}
+
+int
+otp_md4_init (OtpKey key, const char *pwd, const char *seed)
+{
+  unsigned char res[16];
+  MD4_CTX md4;
+
+  return otp_md_init (key, pwd, seed,
+		      (void (*)(void *))MD4_Init,
+		      (void (*)(void *, const void *, size_t))MD4_Update, 
+		      (void (*)(void *, void *))MD4_Final,
+		      &md4, res, sizeof(res));
+}
+
+int
+otp_md4_hash (const char *data,
+	      size_t len,
+	      unsigned char *res)
+{
+  MD4_CTX md4;
+
+  return otp_md_hash (data, len,
+		      (void (*)(void *))MD4_Init,
+		      (void (*)(void *, const void *, size_t))MD4_Update, 
+		      (void (*)(void *, void *))MD4_Final,
+		      &md4, res, 16);
+}
+
+int
+otp_md4_next (OtpKey key)
+{
+  unsigned char res[16];
+  MD4_CTX md4;
+
+  return otp_md_next (key, 
+		      (void (*)(void *))MD4_Init, 
+		      (void (*)(void *, const void *, size_t))MD4_Update, 
+		      (void (*)(void *, void *))MD4_Final,
+		      &md4, res, sizeof(res));
+}
+
+
+int
+otp_md5_init (OtpKey key, const char *pwd, const char *seed)
+{
+  unsigned char res[16];
+  MD5_CTX md5;
+
+  return otp_md_init (key, pwd, seed, 
+		      (void (*)(void *))MD5_Init, 
+		      (void (*)(void *, const void *, size_t))MD5_Update, 
+		      (void (*)(void *, void *))MD5_Final,
+		      &md5, res, sizeof(res));
+}
+
+int
+otp_md5_hash (const char *data,
+	      size_t len,
+	      unsigned char *res)
+{
+  MD5_CTX md5;
+
+  return otp_md_hash (data, len,
+		      (void (*)(void *))MD5_Init,
+		      (void (*)(void *, const void *, size_t))MD5_Update, 
+		      (void (*)(void *, void *))MD5_Final,
+		      &md5, res, 16);
+}
+
+int
+otp_md5_next (OtpKey key)
+{
+  unsigned char res[16];
+  MD5_CTX md5;
+
+  return otp_md_next (key, 
+		      (void (*)(void *))MD5_Init, 
+		      (void (*)(void *, const void *, size_t))MD5_Update, 
+		      (void (*)(void *, void *))MD5_Final,
+		      &md5, res, sizeof(res));
+}
+
+/* 
+ * For histerical reasons, in the OTP definition it's said that the
+ * result from SHA must be stored in little-endian order.  See
+ * draft-ietf-otp-01.txt.
+ */
+
+static void
+SHA1_Final_little_endian (void *res, SHA_CTX *m)
+{
+  unsigned char tmp[20];
+  unsigned char *p = res;
+  int j;
+
+  SHA1_Final (tmp, m);
+  for (j = 0; j < 20; j += 4) {
+    p[j]   = tmp[j+3];
+    p[j+1] = tmp[j+2];
+    p[j+2] = tmp[j+1];
+    p[j+3] = tmp[j];
+  }
+}
+
+int
+otp_sha_init (OtpKey key, const char *pwd, const char *seed)
+{
+  unsigned char res[20];
+  SHA_CTX sha1;
+
+  return otp_md_init (key, pwd, seed, 
+		      (void (*)(void *))SHA1_Init, 
+		      (void (*)(void *, const void *, size_t))SHA1_Update, 
+		      (void (*)(void *, void *))SHA1_Final_little_endian,
+		      &sha1, res, sizeof(res));
+}
+
+int
+otp_sha_hash (const char *data,
+	      size_t len,
+	      unsigned char *res)
+{
+  SHA_CTX sha1;
+
+  return otp_md_hash (data, len,
+		      (void (*)(void *))SHA1_Init,
+		      (void (*)(void *, const void *, size_t))SHA1_Update, 
+		      (void (*)(void *, void *))SHA1_Final_little_endian,
+		      &sha1, res, 20);
+}
+
+int
+otp_sha_next (OtpKey key)
+{
+  unsigned char res[20];
+  SHA_CTX sha1;
+
+  return otp_md_next (key, 
+		      (void (*)(void *))SHA1_Init,
+		      (void (*)(void *, const void *, size_t))SHA1_Update,
+		      (void (*)(void *, void *))SHA1_Final_little_endian,
+		      &sha1, res, sizeof(res));
+}
diff --git a/crypto/heimdal/lib/otp/otp_md.h b/crypto/heimdal/lib/otp/otp_md.h
new file mode 100644
index 0000000..5732606
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_md.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: otp_md.h,v 1.7 2000/07/12 00:26:44 assar Exp $ */
+
+int otp_md4_init (OtpKey key, const char *pwd, const char *seed);
+int otp_md4_hash (const char *, size_t, unsigned char *res);
+int otp_md4_next (OtpKey key);
+
+int otp_md5_init (OtpKey key, const char *pwd, const char *seed);
+int otp_md5_hash (const char *, size_t, unsigned char *res);
+int otp_md5_next (OtpKey key);
+
+int otp_sha_init (OtpKey key, const char *pwd, const char *seed);
+int otp_sha_hash (const char *, size_t, unsigned char *res);
+int otp_sha_next (OtpKey key);
diff --git a/crypto/heimdal/lib/otp/otp_parse.c b/crypto/heimdal/lib/otp/otp_parse.c
new file mode 100644
index 0000000..cc69de5
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_parse.c
@@ -0,0 +1,2515 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_parse.c,v 1.20 2000/07/01 13:58:38 assar Exp $");
+#endif
+
+#include "otp_locl.h"
+
+struct e {
+  char *s;
+  unsigned n;
+};
+
+extern const struct e inv_std_dict[2048];
+
+static int
+cmp(const void *a, const void *b)
+{
+  struct e *e1, *e2;
+  
+  e1 = (struct e *)a;
+  e2 = (struct e *)b;
+  return strcasecmp (e1->s, e2->s);
+}
+
+static int
+get_stdword (const char *s, void *v)
+{
+  struct e e, *r;
+
+  e.s = (char *)s;
+  e.n = -1;
+  r = (struct e *) bsearch (&e, inv_std_dict,
+			    sizeof(inv_std_dict)/sizeof(*inv_std_dict),
+			    sizeof(*inv_std_dict), cmp);
+  if (r)
+    return r->n;
+  else
+    return -1;
+}
+
+static void
+compress (OtpKey key, unsigned wn[])
+{
+  key[0] = wn[0] >> 3;
+  key[1] = ((wn[0] & 0x07) << 5) | (wn[1] >> 6);
+  key[2] = ((wn[1] & 0x3F) << 2) | (wn[2] >> 9);
+  key[3] = ((wn[2] >> 1) & 0xFF);
+  key[4] = ((wn[2] & 0x01) << 7) | (wn[3] >> 4);
+  key[5] = ((wn[3] & 0x0F) << 4) | (wn[4] >> 7);
+  key[6] = ((wn[4] & 0x7F) << 1) | (wn[5] >> 10);
+  key[7] = ((wn[5] >> 2) & 0xFF);
+}
+
+static int
+get_altword (const char *s, void *a)
+{
+  OtpAlgorithm *alg = (OtpAlgorithm *)a;
+  int ret;
+  unsigned char *res = malloc(alg->hashsize);
+
+  if (res == NULL)
+    return -1;
+  alg->hash (s, strlen(s), res);
+  ret = (unsigned)(res[alg->hashsize - 1]) | 
+      ((res[alg->hashsize - 2] & 0x03) << 8);
+  free (res);
+  return ret;
+}
+
+static int
+parse_words(unsigned wn[],
+	    const char *str,
+	    int (*convert)(const char *, void *),
+	    void *arg)
+{
+  unsigned char *w, *wend, c;
+  int i;
+  int tmp;
+
+  w = (unsigned char *)str;
+  for (i = 0; i < 6; ++i) {
+    while (isspace(*w))
+      ++w;
+    wend = w;
+    while (isalpha (*wend))
+      ++wend;
+    c = *wend;
+    *wend = '\0';
+    tmp = (*convert)((char *)w, arg);
+    *wend = c;
+    w = wend;
+    if (tmp < 0)
+      return -1;
+    wn[i] = tmp;
+  }
+  return 0;
+}
+
+static int
+otp_parse_internal (OtpKey key, const char *str,
+		    OtpAlgorithm *alg,
+		    int (*convert)(const char *, void *))
+{
+  unsigned wn[6];
+
+  if (parse_words (wn, str, convert, alg))
+    return -1;
+  compress (key, wn);
+  if (otp_checksum (key) != (wn[5] & 0x03))
+    return -1;
+  return 0;
+}
+
+int
+otp_parse_stddict (OtpKey key, const char *str)
+{
+  return otp_parse_internal (key, str, NULL, get_stdword);
+}
+
+int
+otp_parse_altdict (OtpKey key, const char *str, OtpAlgorithm *alg)
+{
+  return otp_parse_internal (key, str, alg, get_altword);
+}
+
+int
+otp_parse_hex (OtpKey key, const char *s)
+{
+  char buf[17], *b;
+  int is[8];
+  int i;
+
+  b = buf;
+  while (*s) {
+    if (strchr ("0123456789ABCDEFabcdef", *s)) {
+      if (b - buf >= 16)
+	return -1;
+      else
+	*b++ = tolower(*s);
+    }
+    s++;
+  }
+  *b = '\0';
+  if (sscanf (buf, "%2x%2x%2x%2x%2x%2x%2x%2x",
+	      &is[0], &is[1], &is[2], &is[3], &is[4],
+	      &is[5], &is[6], &is[7]) != 8)
+    return -1;
+  for (i = 0; i < OTPKEYSIZE; ++i)
+    key[i] = is[i];
+  return 0;
+}
+
+int
+otp_parse (OtpKey key, const char *s, OtpAlgorithm *alg)
+{
+  int ret;
+  int dohex = 1;
+
+  if (strncmp (s, OTP_HEXPREFIX, strlen(OTP_HEXPREFIX)) == 0)
+    return otp_parse_hex (key, s + strlen(OTP_HEXPREFIX));
+  if (strncmp (s, OTP_WORDPREFIX, strlen(OTP_WORDPREFIX)) == 0) {
+    s += strlen(OTP_WORDPREFIX);
+    dohex = 0;
+  }
+
+  ret = otp_parse_stddict (key, s);
+  if (ret)
+    ret = otp_parse_altdict (key, s, alg);
+  if (ret && dohex)
+    ret = otp_parse_hex (key, s);
+  return ret;
+}
+
+const char *const std_dict[2048] =
+{        "A",    "ABE",   "ACE",   "ACT",   "AD",    "ADA",   "ADD",
+"AGO",   "AID",  "AIM",   "AIR",   "ALL",   "ALP",   "AM",    "AMY",
+"AN",    "ANA",  "AND",   "ANN",   "ANT",   "ANY",   "APE",   "APS",
+"APT",   "ARC",  "ARE",   "ARK",   "ARM",   "ART",   "AS",    "ASH",
+"ASK",   "AT",   "ATE",   "AUG",   "AUK",   "AVE",   "AWE",   "AWK",
+"AWL",   "AWN",  "AX",    "AYE",   "BAD",   "BAG",   "BAH",   "BAM",
+"BAN",   "BAR",  "BAT",   "BAY",   "BE",    "BED",   "BEE",   "BEG",
+"BEN",   "BET",  "BEY",   "BIB",   "BID",   "BIG",   "BIN",   "BIT",
+"BOB",   "BOG",  "BON",   "BOO",   "BOP",   "BOW",   "BOY",   "BUB",
+"BUD",   "BUG",  "BUM",   "BUN",   "BUS",   "BUT",   "BUY",   "BY",
+"BYE",   "CAB",  "CAL",   "CAM",   "CAN",   "CAP",   "CAR",   "CAT",
+"CAW",   "COD",  "COG",   "COL",   "CON",   "COO",   "COP",   "COT",
+"COW",   "COY",  "CRY",   "CUB",   "CUE",   "CUP",   "CUR",   "CUT",
+"DAB",   "DAD",  "DAM",   "DAN",   "DAR",   "DAY",   "DEE",   "DEL",
+"DEN",   "DES",  "DEW",   "DID",   "DIE",   "DIG",   "DIN",   "DIP",
+"DO",    "DOE",  "DOG",   "DON",   "DOT",   "DOW",   "DRY",   "DUB",
+"DUD",   "DUE",  "DUG",   "DUN",   "EAR",   "EAT",   "ED",    "EEL",
+"EGG",   "EGO",  "ELI",   "ELK",   "ELM",   "ELY",   "EM",    "END",
+"EST",   "ETC",  "EVA",   "EVE",   "EWE",   "EYE",   "FAD",   "FAN",
+"FAR",   "FAT",  "FAY",   "FED",   "FEE",   "FEW",   "FIB",   "FIG",
+"FIN",   "FIR",  "FIT",   "FLO",   "FLY",   "FOE",   "FOG",   "FOR",
+"FRY",   "FUM",  "FUN",   "FUR",   "GAB",   "GAD",   "GAG",   "GAL",
+"GAM",   "GAP",  "GAS",   "GAY",   "GEE",   "GEL",   "GEM",   "GET",
+"GIG",   "GIL",  "GIN",   "GO",    "GOT",   "GUM",   "GUN",   "GUS",
+"GUT",   "GUY",  "GYM",   "GYP",   "HA",    "HAD",   "HAL",   "HAM",
+"HAN",   "HAP",  "HAS",   "HAT",   "HAW",   "HAY",   "HE",    "HEM",
+"HEN",   "HER",  "HEW",   "HEY",   "HI",    "HID",   "HIM",   "HIP",
+"HIS",   "HIT",  "HO",    "HOB",   "HOC",   "HOE",   "HOG",   "HOP",
+"HOT",   "HOW",  "HUB",   "HUE",   "HUG",   "HUH",   "HUM",   "HUT",
+"I",     "ICY",  "IDA",   "IF",    "IKE",   "ILL",   "INK",   "INN",
+"IO",    "ION",  "IQ",    "IRA",   "IRE",   "IRK",   "IS",    "IT",
+"ITS",   "IVY",  "JAB",   "JAG",   "JAM",   "JAN",   "JAR",   "JAW",
+"JAY",   "JET",  "JIG",   "JIM",   "JO",    "JOB",   "JOE",   "JOG",
+"JOT",   "JOY",  "JUG",   "JUT",   "KAY",   "KEG",   "KEN",   "KEY",
+"KID",   "KIM",  "KIN",   "KIT",   "LA",    "LAB",   "LAC",   "LAD",
+"LAG",   "LAM",  "LAP",   "LAW",   "LAY",   "LEA",   "LED",   "LEE",
+"LEG",   "LEN",  "LEO",   "LET",   "LEW",   "LID",   "LIE",   "LIN",
+"LIP",   "LIT",  "LO",    "LOB",   "LOG",   "LOP",   "LOS",   "LOT",
+"LOU",   "LOW",  "LOY",   "LUG",   "LYE",   "MA",    "MAC",   "MAD",
+"MAE",   "MAN",  "MAO",   "MAP",   "MAT",   "MAW",   "MAY",   "ME",
+"MEG",   "MEL",  "MEN",   "MET",   "MEW",   "MID",   "MIN",   "MIT",
+"MOB",   "MOD",  "MOE",   "MOO",   "MOP",   "MOS",   "MOT",   "MOW",
+"MUD",   "MUG",  "MUM",   "MY",    "NAB",   "NAG",   "NAN",   "NAP",
+"NAT",   "NAY",  "NE",    "NED",   "NEE",   "NET",   "NEW",   "NIB",
+"NIIL",  "NIP",  "NIT",   "NO",    "NOB",   "NOD",   "NON",   "NOR",
+"NOT",   "NOV",  "NOW",   "NU",    "NUN",   "NUT",   "O",     "OAF",
+"OAK",   "OAR",  "OAT",   "ODD",   "ODE",   "OF",    "OFF",   "OFT",
+"OH",    "OIL",  "OK",    "OLD",   "ON",    "ONE",   "OR",    "ORB",
+"ORE",   "ORR",  "OS",    "OTT",   "OUR",   "OUT",   "OVA",   "OW",
+"OWE",   "OWL",  "OWN",   "OX",    "PA",    "PAD",   "PAL",   "PAM",
+"PAN",   "PAP",  "PAR",   "PAT",   "PAW",   "PAY",   "PEA",   "PEG",
+"PEN",   "PEP",  "PER",   "PET",   "PEW",   "PHI",   "PI",    "PIE",
+"PIN",   "PIT",  "PLY",   "PO",    "POD",   "POE",   "POP",   "POT",
+"POW",   "PRO",  "PRY",   "PUB",   "PUG",   "PUN",   "PUP",   "PUT",
+"QUO",   "RAG",  "RAM",   "RAN",   "RAP",   "RAT",   "RAW",   "RAY",
+"REB",   "RED",  "REP",   "RET",   "RIB",   "RID",   "RIG",   "RIM",
+"RIO",   "RIP",  "ROB",   "ROD",   "ROE",   "RON",   "ROT",   "ROW",
+"ROY",   "RUB",  "RUE",   "RUG",   "RUM",   "RUN",   "RYE",   "SAC",
+"SAD",   "SAG",  "SAL",   "SAM",   "SAN",   "SAP",   "SAT",   "SAW",
+"SAY",   "SEA",  "SEC",   "SEE",   "SEN",   "SET",   "SEW",   "SHE",
+"SHY",   "SIN",  "SIP",   "SIR",   "SIS",   "SIT",   "SKI",   "SKY",
+"SLY",   "SO",   "SOB",   "SOD",   "SON",   "SOP",   "SOW",   "SOY",
+"SPA",   "SPY",  "SUB",   "SUD",   "SUE",   "SUM",   "SUN",   "SUP",
+"TAB",   "TAD",  "TAG",   "TAN",   "TAP",   "TAR",   "TEA",   "TED",
+"TEE",   "TEN",  "THE",   "THY",   "TIC",   "TIE",   "TIM",   "TIN",
+"TIP",   "TO",   "TOE",   "TOG",   "TOM",   "TON",   "TOO",   "TOP",
+"TOW",   "TOY",  "TRY",   "TUB",   "TUG",   "TUM",   "TUN",   "TWO",
+"UN",    "UP",   "US",    "USE",   "VAN",   "VAT",   "VET",   "VIE",
+"WAD",   "WAG",  "WAR",   "WAS",   "WAY",   "WE",    "WEB",   "WED",
+"WEE",   "WET",  "WHO",   "WHY",   "WIN",   "WIT",   "WOK",   "WON",
+"WOO",   "WOW",  "WRY",   "WU",    "YAM",   "YAP",   "YAW",   "YE",
+"YEA",   "YES",  "YET",   "YOU",   "ABED",  "ABEL",  "ABET",  "ABLE",
+"ABUT",  "ACHE",  "ACID", "ACME",  "ACRE",  "ACTA",  "ACTS",  "ADAM",
+"ADDS",  "ADEN",  "AFAR", "AFRO",  "AGEE",  "AHEM",  "AHOY",  "AIDA",
+"AIDE",  "AIDS",  "AIRY", "AJAR",  "AKIN",  "ALAN",  "ALEC",  "ALGA",
+"ALIA",  "ALLY",  "ALMA", "ALOE",  "ALSO",  "ALTO",  "ALUM",  "ALVA",
+"AMEN",  "AMES",  "AMID", "AMMO",  "AMOK",  "AMOS",  "AMRA",  "ANDY",
+"ANEW",  "ANNA",  "ANNE", "ANTE",  "ANTI",  "AQUA",  "ARAB",  "ARCH",
+"AREA",  "ARGO",  "ARID", "ARMY",  "ARTS",  "ARTY",  "ASIA",  "ASKS",
+"ATOM",  "AUNT",  "AURA", "AUTO",  "AVER",  "AVID",  "AVIS",  "AVON",
+"AVOW",  "AWAY",  "AWRY", "BABE",  "BABY",  "BACH",  "BACK",  "BADE",
+"BAIL",  "BAIT",  "BAKE", "BALD",  "BALE",  "BALI",  "BALK",  "BALL",
+"BALM",  "BAND",  "BANE", "BANG",  "BANK",  "BARB",  "BARD",  "BARE",
+"BARK",  "BARN",  "BARR", "BASE",  "BASH",  "BASK",  "BASS",  "BATE",
+"BATH",  "BAWD",  "BAWL", "BEAD",  "BEAK",  "BEAM",  "BEAN",  "BEAR",
+"BEAT",  "BEAU",  "BECK", "BEEF",  "BEEN",  "BEER",  "BEET",  "BELA",
+"BELL",  "BELT",  "BEND", "BENT",  "BERG",  "BERN",  "BERT",  "BESS",
+"BEST",  "BETA",  "BETH", "BHOY",  "BIAS",  "BIDE",  "BIEN",  "BILE",
+"BILK",  "BILL",  "BIND", "BING",  "BIRD",  "BITE",  "BITS",  "BLAB",
+"BLAT",  "BLED",  "BLEW", "BLOB",  "BLOC",  "BLOT",  "BLOW",  "BLUE",
+"BLUM",  "BLUR",  "BOAR", "BOAT",  "BOCA",  "BOCK",  "BODE",  "BODY",
+"BOGY",  "BOHR",  "BOIL", "BOLD",  "BOLO",  "BOLT",  "BOMB",  "BONA",
+"BOND",  "BONE",  "BONG", "BONN",  "BONY",  "BOOK",  "BOOM",  "BOON",
+"BOOT",  "BORE",  "BORG", "BORN",  "BOSE",  "BOSS",  "BOTH",  "BOUT",
+"BOWL",  "BOYD",  "BRAD", "BRAE",  "BRAG",  "BRAN",  "BRAY",  "BRED",
+"BREW",  "BRIG",  "BRIM", "BROW",  "BUCK",  "BUDD",  "BUFF",  "BULB",
+"BULK",  "BULL",  "BUNK", "BUNT",  "BUOY",  "BURG",  "BURL",  "BURN",
+"BURR",  "BURT",  "BURY", "BUSH",  "BUSS",  "BUST",  "BUSY",  "BYTE",
+"CADY",  "CAFE",  "CAGE", "CAIN",  "CAKE",  "CALF",  "CALL",  "CALM",
+"CAME",  "CANE",  "CANT", "CARD",  "CARE",  "CARL",  "CARR",  "CART",
+"CASE",  "CASH",  "CASK", "CAST",  "CAVE",  "CEIL",  "CELL",  "CENT",
+"CERN",  "CHAD",  "CHAR", "CHAT",  "CHAW",  "CHEF",  "CHEN",  "CHEW",
+"CHIC",  "CHIN",  "CHOU", "CHOW",  "CHUB",  "CHUG",  "CHUM",  "CITE",
+"CITY",  "CLAD",  "CLAM", "CLAN",  "CLAW",  "CLAY",  "CLOD",  "CLOG",
+"CLOT",  "CLUB",  "CLUE", "COAL",  "COAT",  "COCA",  "COCK",  "COCO",
+"CODA",  "CODE",  "CODY", "COED",  "COIL",  "COIN",  "COKE",  "COLA",
+"COLD",  "COLT",  "COMA", "COMB",  "COME",  "COOK",  "COOL",  "COON",
+"COOT",  "CORD",  "CORE", "CORK",  "CORN",  "COST",  "COVE",  "COWL",
+"CRAB",  "CRAG",  "CRAM", "CRAY",  "CREW",  "CRIB",  "CROW",  "CRUD",
+"CUBA",  "CUBE",  "CUFF", "CULL",  "CULT",  "CUNY",  "CURB",  "CURD",
+"CURE",  "CURL",  "CURT", "CUTS",  "DADE",  "DALE",  "DAME",  "DANA",
+"DANE",  "DANG",  "DANK", "DARE",  "DARK",  "DARN",  "DART",  "DASH",
+"DATA",  "DATE",  "DAVE", "DAVY",  "DAWN",  "DAYS",  "DEAD",  "DEAF",
+"DEAL",  "DEAN",  "DEAR", "DEBT",  "DECK",  "DEED",  "DEEM",  "DEER",
+"DEFT",  "DEFY",  "DELL", "DENT",  "DENY",  "DESK",  "DIAL",  "DICE",
+"DIED",  "DIET",  "DIME", "DINE",  "DING",  "DINT",  "DIRE",  "DIRT",
+"DISC",  "DISH",  "DISK", "DIVE",  "DOCK",  "DOES",  "DOLE",  "DOLL",
+"DOLT",  "DOME",  "DONE", "DOOM",  "DOOR",  "DORA",  "DOSE",  "DOTE",
+"DOUG",  "DOUR",  "DOVE", "DOWN",  "DRAB",  "DRAG",  "DRAM",  "DRAW",
+"DREW",  "DRUB",  "DRUG", "DRUM",  "DUAL",  "DUCK",  "DUCT",  "DUEL",
+"DUET",  "DUKE",  "DULL", "DUMB",  "DUNE",  "DUNK",  "DUSK",  "DUST",
+"DUTY",  "EACH",  "EARL", "EARN",  "EASE",  "EAST",  "EASY",  "EBEN",
+"ECHO",  "EDDY",  "EDEN", "EDGE",  "EDGY",  "EDIT",  "EDNA",  "EGAN",
+"ELAN",  "ELBA",  "ELLA", "ELSE",  "EMIL",  "EMIT",  "EMMA",  "ENDS",
+"ERIC",  "EROS",  "EVEN", "EVER",  "EVIL",  "EYED",  "FACE",  "FACT",
+"FADE",  "FAIL",  "FAIN", "FAIR",  "FAKE",  "FALL",  "FAME",  "FANG",
+"FARM",  "FAST",  "FATE", "FAWN",  "FEAR",  "FEAT",  "FEED",  "FEEL",
+"FEET",  "FELL",  "FELT", "FEND",  "FERN",  "FEST",  "FEUD",  "FIEF",
+"FIGS",  "FILE",  "FILL", "FILM",  "FIND",  "FINE",  "FINK",  "FIRE",
+"FIRM",  "FISH",  "FISK", "FIST",  "FITS",  "FIVE",  "FLAG",  "FLAK",
+"FLAM",  "FLAT",  "FLAW", "FLEA",  "FLED",  "FLEW",  "FLIT",  "FLOC",
+"FLOG",  "FLOW",  "FLUB", "FLUE",  "FOAL",  "FOAM",  "FOGY",  "FOIL",
+"FOLD",  "FOLK",  "FOND", "FONT",  "FOOD",  "FOOL",  "FOOT",  "FORD",
+"FORE",  "FORK",  "FORM", "FORT",  "FOSS",  "FOUL",  "FOUR",  "FOWL",
+"FRAU",  "FRAY",  "FRED", "FREE",  "FRET",  "FREY",  "FROG",  "FROM",
+"FUEL",  "FULL",  "FUME", "FUND",  "FUNK",  "FURY",  "FUSE",  "FUSS",
+"GAFF",  "GAGE",  "GAIL", "GAIN",  "GAIT",  "GALA",  "GALE",  "GALL",
+"GALT",  "GAME",  "GANG", "GARB",  "GARY",  "GASH",  "GATE",  "GAUL",
+"GAUR",  "GAVE",  "GAWK", "GEAR",  "GELD",  "GENE",  "GENT",  "GERM",
+"GETS",  "GIBE",  "GIFT", "GILD",  "GILL",  "GILT",  "GINA",  "GIRD",
+"GIRL",  "GIST",  "GIVE", "GLAD",  "GLEE",  "GLEN",  "GLIB",  "GLOB",
+"GLOM",  "GLOW",  "GLUE", "GLUM",  "GLUT",  "GOAD",  "GOAL",  "GOAT",
+"GOER",  "GOES",  "GOLD", "GOLF",  "GONE",  "GONG",  "GOOD",  "GOOF",
+"GORE",  "GORY",  "GOSH", "GOUT",  "GOWN",  "GRAB",  "GRAD",  "GRAY",
+"GREG",  "GREW",  "GREY", "GRID",  "GRIM",  "GRIN",  "GRIT",  "GROW",
+"GRUB",  "GULF",  "GULL", "GUNK",  "GURU",  "GUSH",  "GUST",  "GWEN",
+"GWYN",  "HAAG",  "HAAS", "HACK",  "HAIL",  "HAIR",  "HALE",  "HALF",
+"HALL",  "HALO",  "HALT", "HAND",  "HANG",  "HANK",  "HANS",  "HARD",
+"HARK",  "HARM",  "HART", "HASH",  "HAST",  "HATE",  "HATH",  "HAUL",
+"HAVE",  "HAWK",  "HAYS", "HEAD",  "HEAL",  "HEAR",  "HEAT",  "HEBE",
+"HECK",  "HEED",  "HEEL", "HEFT",  "HELD",  "HELL",  "HELM",  "HERB",
+"HERD",  "HERE",  "HERO", "HERS",  "HESS",  "HEWN",  "HICK",  "HIDE",
+"HIGH",  "HIKE",  "HILL", "HILT",  "HIND",  "HINT",  "HIRE",  "HISS",
+"HIVE",  "HOBO",  "HOCK", "HOFF",  "HOLD",  "HOLE",  "HOLM",  "HOLT",
+"HOME",  "HONE",  "HONK", "HOOD",  "HOOF",  "HOOK",  "HOOT",  "HORN",
+"HOSE",  "HOST",  "HOUR", "HOVE",  "HOWE",  "HOWL",  "HOYT",  "HUCK",
+"HUED",  "HUFF",  "HUGE", "HUGH",  "HUGO",  "HULK",  "HULL",  "HUNK",
+"HUNT",  "HURD",  "HURL", "HURT",  "HUSH",  "HYDE",  "HYMN",  "IBIS",
+"ICON",  "IDEA",  "IDLE", "IFFY",  "INCA",  "INCH",  "INTO",  "IONS",
+"IOTA",  "IOWA",  "IRIS", "IRMA",  "IRON",  "ISLE",  "ITCH",  "ITEM",
+"IVAN",  "JACK",  "JADE", "JAIL",  "JAKE",  "JANE",  "JAVA",  "JEAN",
+"JEFF",  "JERK",  "JESS", "JEST",  "JIBE",  "JILL",  "JILT",  "JIVE",
+"JOAN",  "JOBS",  "JOCK", "JOEL",  "JOEY",  "JOHN",  "JOIN",  "JOKE",
+"JOLT",  "JOVE",  "JUDD", "JUDE",  "JUDO",  "JUDY",  "JUJU",  "JUKE",
+"JULY",  "JUNE",  "JUNK", "JUNO",  "JURY",  "JUST",  "JUTE",  "KAHN",
+"KALE",  "KANE",  "KANT", "KARL",  "KATE",  "KEEL",  "KEEN",  "KENO",
+"KENT",  "KERN",  "KERR", "KEYS",  "KICK",  "KILL",  "KIND",  "KING",
+"KIRK",  "KISS",  "KITE", "KLAN",  "KNEE",  "KNEW",  "KNIT",  "KNOB",
+"KNOT",  "KNOW",  "KOCH", "KONG",  "KUDO",  "KURD",  "KURT",  "KYLE",
+"LACE",  "LACK",  "LACY", "LADY",  "LAID",  "LAIN",  "LAIR",  "LAKE",
+"LAMB",  "LAME",  "LAND", "LANE",  "LANG",  "LARD",  "LARK",  "LASS",
+"LAST",  "LATE",  "LAUD", "LAVA",  "LAWN",  "LAWS",  "LAYS",  "LEAD",
+"LEAF",  "LEAK",  "LEAN", "LEAR",  "LEEK",  "LEER",  "LEFT",  "LEND",
+"LENS",  "LENT",  "LEON", "LESK",  "LESS",  "LEST",  "LETS",  "LIAR",
+"LICE",  "LICK",  "LIED", "LIEN",  "LIES",  "LIEU",  "LIFE",  "LIFT",
+"LIKE",  "LILA",  "LILT", "LILY",  "LIMA",  "LIMB",  "LIME",  "LIND",
+"LINE",  "LINK",  "LINT", "LION",  "LISA",  "LIST",  "LIVE",  "LOAD",
+"LOAF",  "LOAM",  "LOAN", "LOCK",  "LOFT",  "LOGE",  "LOIS",  "LOLA",
+"LONE",  "LONG",  "LOOK", "LOON",  "LOOT",  "LORD",  "LORE",  "LOSE",
+"LOSS",  "LOST",  "LOUD", "LOVE",  "LOWE",  "LUCK",  "LUCY",  "LUGE",
+"LUKE",  "LULU",  "LUND", "LUNG",  "LURA",  "LURE",  "LURK",  "LUSH",
+"LUST",  "LYLE",  "LYNN", "LYON",  "LYRA",  "MACE",  "MADE",  "MAGI",
+"MAID",  "MAIL",  "MAIN", "MAKE",  "MALE",  "MALI",  "MALL",  "MALT",
+"MANA",  "MANN",  "MANY", "MARC",  "MARE",  "MARK",  "MARS",  "MART",
+"MARY",  "MASH",  "MASK", "MASS",  "MAST",  "MATE",  "MATH",  "MAUL",
+"MAYO",  "MEAD",  "MEAL", "MEAN",  "MEAT",  "MEEK",  "MEET",  "MELD",
+"MELT",  "MEMO",  "MEND", "MENU",  "MERT",  "MESH",  "MESS",  "MICE",
+"MIKE",  "MILD",  "MILE", "MILK",  "MILL",  "MILT",  "MIMI",  "MIND",
+"MINE",  "MINI",  "MINK", "MINT",  "MIRE",  "MISS",  "MIST",  "MITE",
+"MITT",  "MOAN",  "MOAT", "MOCK",  "MODE",  "MOLD",  "MOLE",  "MOLL",
+"MOLT",  "MONA",  "MONK", "MONT",  "MOOD",  "MOON",  "MOOR",  "MOOT",
+"MORE",  "MORN",  "MORT", "MOSS",  "MOST",  "MOTH",  "MOVE",  "MUCH",
+"MUCK",  "MUDD",  "MUFF", "MULE",  "MULL",  "MURK",  "MUSH",  "MUST",
+"MUTE",  "MUTT",  "MYRA", "MYTH",  "NAGY",  "NAIL",  "NAIR",  "NAME",
+"NARY",  "NASH",  "NAVE", "NAVY",  "NEAL",  "NEAR",  "NEAT",  "NECK",
+"NEED",  "NEIL",  "NELL", "NEON",  "NERO",  "NESS",  "NEST",  "NEWS",
+"NEWT",  "NIBS",  "NICE", "NICK",  "NILE",  "NINA",  "NINE",  "NOAH",
+"NODE",  "NOEL",  "NOLL", "NONE",  "NOOK",  "NOON",  "NORM",  "NOSE",
+"NOTE",  "NOUN",  "NOVA", "NUDE",  "NULL",  "NUMB",  "OATH",  "OBEY",
+"OBOE",  "ODIN",  "OHIO", "OILY",  "OINT",  "OKAY",  "OLAF",  "OLDY",
+"OLGA",  "OLIN",  "OMAN", "OMEN",  "OMIT",  "ONCE",  "ONES",  "ONLY",
+"ONTO",  "ONUS",  "ORAL", "ORGY",  "OSLO",  "OTIS",  "OTTO",  "OUCH",
+"OUST",  "OUTS",  "OVAL", "OVEN",  "OVER",  "OWLY",  "OWNS",  "QUAD",
+"QUIT",  "QUOD",  "RACE", "RACK",  "RACY",  "RAFT",  "RAGE",  "RAID",
+"RAIL",  "RAIN",  "RAKE", "RANK",  "RANT",  "RARE",  "RASH",  "RATE",
+"RAVE",  "RAYS",  "READ", "REAL",  "REAM",  "REAR",  "RECK",  "REED",
+"REEF",  "REEK",  "REEL", "REID",  "REIN",  "RENA",  "REND",  "RENT",
+"REST",  "RICE",  "RICH", "RICK",  "RIDE",  "RIFT",  "RILL",  "RIME",
+"RING",  "RINK",  "RISE", "RISK",  "RITE",  "ROAD",  "ROAM",  "ROAR",
+"ROBE",  "ROCK",  "RODE", "ROIL",  "ROLL",  "ROME",  "ROOD",  "ROOF",
+"ROOK",  "ROOM",  "ROOT", "ROSA",  "ROSE",  "ROSS",  "ROSY",  "ROTH",
+"ROUT",  "ROVE",  "ROWE", "ROWS",  "RUBE",  "RUBY",  "RUDE",  "RUDY",
+"RUIN",  "RULE",  "RUNG", "RUNS",  "RUNT",  "RUSE",  "RUSH",  "RUSK",
+"RUSS",  "RUST",  "RUTH", "SACK",  "SAFE",  "SAGE",  "SAID",  "SAIL",
+"SALE",  "SALK",  "SALT", "SAME",  "SAND",  "SANE",  "SANG",  "SANK",
+"SARA",  "SAUL",  "SAVE", "SAYS",  "SCAN",  "SCAR",  "SCAT",  "SCOT",
+"SEAL",  "SEAM",  "SEAR", "SEAT",  "SEED",  "SEEK",  "SEEM",  "SEEN",
+"SEES",  "SELF",  "SELL", "SEND",  "SENT",  "SETS",  "SEWN",  "SHAG",
+"SHAM",  "SHAW",  "SHAY", "SHED",  "SHIM",  "SHIN",  "SHOD",  "SHOE",
+"SHOT",  "SHOW",  "SHUN", "SHUT",  "SICK",  "SIDE",  "SIFT",  "SIGH",
+"SIGN",  "SILK",  "SILL", "SILO",  "SILT",  "SINE",  "SING",  "SINK",
+"SIRE",  "SITE",  "SITS", "SITU",  "SKAT",  "SKEW",  "SKID",  "SKIM",
+"SKIN",  "SKIT",  "SLAB", "SLAM",  "SLAT",  "SLAY",  "SLED",  "SLEW",
+"SLID",  "SLIM",  "SLIT", "SLOB",  "SLOG",  "SLOT",  "SLOW",  "SLUG",
+"SLUM",  "SLUR",  "SMOG", "SMUG",  "SNAG",  "SNOB",  "SNOW",  "SNUB",
+"SNUG",  "SOAK",  "SOAR", "SOCK",  "SODA",  "SOFA",  "SOFT",  "SOIL",
+"SOLD",  "SOME",  "SONG", "SOON",  "SOOT",  "SORE",  "SORT",  "SOUL",
+"SOUR",  "SOWN",  "STAB", "STAG",  "STAN",  "STAR",  "STAY",  "STEM",
+"STEW",  "STIR",  "STOW", "STUB",  "STUN",  "SUCH",  "SUDS",  "SUIT",
+"SULK",  "SUMS",  "SUNG", "SUNK",  "SURE",  "SURF",  "SWAB",  "SWAG",
+"SWAM",  "SWAN",  "SWAT", "SWAY",  "SWIM",  "SWUM",  "TACK",  "TACT",
+"TAIL",  "TAKE",  "TALE", "TALK",  "TALL",  "TANK",  "TASK",  "TATE",
+"TAUT",  "TEAL",  "TEAM", "TEAR",  "TECH",  "TEEM",  "TEEN",  "TEET",
+"TELL",  "TEND",  "TENT", "TERM",  "TERN",  "TESS",  "TEST",  "THAN",
+"THAT",  "THEE",  "THEM", "THEN",  "THEY",  "THIN",  "THIS",  "THUD",
+"THUG",  "TICK",  "TIDE", "TIDY",  "TIED",  "TIER",  "TILE",  "TILL",
+"TILT",  "TIME",  "TINA", "TINE",  "TINT",  "TINY",  "TIRE",  "TOAD",
+"TOGO",  "TOIL",  "TOLD", "TOLL",  "TONE",  "TONG",  "TONY",  "TOOK",
+"TOOL",  "TOOT",  "TORE", "TORN",  "TOTE",  "TOUR",  "TOUT",  "TOWN",
+"TRAG",  "TRAM",  "TRAY", "TREE",  "TREK",  "TRIG",  "TRIM",  "TRIO",
+"TROD",  "TROT",  "TROY", "TRUE",  "TUBA",  "TUBE",  "TUCK",  "TUFT",
+"TUNA",  "TUNE",  "TUNG", "TURF",  "TURN",  "TUSK",  "TWIG",  "TWIN",
+"TWIT",  "ULAN",  "UNIT", "URGE",  "USED",  "USER",  "USES",  "UTAH",
+"VAIL",  "VAIN",  "VALE", "VARY",  "VASE",  "VAST",  "VEAL",  "VEDA",
+"VEIL",  "VEIN",  "VEND", "VENT",  "VERB",  "VERY",  "VETO",  "VICE",
+"VIEW",  "VINE",  "VISE", "VOID",  "VOLT",  "VOTE",  "WACK",  "WADE",
+"WAGE",  "WAIL",  "WAIT", "WAKE",  "WALE",  "WALK",  "WALL",  "WALT",
+"WAND",  "WANE",  "WANG", "WANT",  "WARD",  "WARM",  "WARN",  "WART",
+"WASH",  "WAST",  "WATS", "WATT",  "WAVE",  "WAVY",  "WAYS",  "WEAK",
+"WEAL",  "WEAN",  "WEAR", "WEED",  "WEEK",  "WEIR",  "WELD",  "WELL",
+"WELT",  "WENT",  "WERE", "WERT",  "WEST",  "WHAM",  "WHAT",  "WHEE",
+"WHEN",  "WHET",  "WHOA", "WHOM",  "WICK",  "WIFE",  "WILD",  "WILL",
+"WIND",  "WINE",  "WING", "WINK",  "WINO",  "WIRE",  "WISE",  "WISH",
+"WITH",  "WOLF",  "WONT", "WOOD",  "WOOL",  "WORD",  "WORE",  "WORK",
+"WORM",  "WORN",  "WOVE", "WRIT",  "WYNN",  "YALE",  "YANG",  "YANK",
+"YARD",  "YARN",  "YAWL", "YAWN",  "YEAH",  "YEAR",  "YELL",  "YOGA",
+"YOKE"                         };
+
+const struct e inv_std_dict[2048] = {
+{"A", 0},
+{"ABE", 1},
+{"ABED", 571},
+{"ABEL", 572},
+{"ABET", 573},
+{"ABLE", 574},
+{"ABUT", 575},
+{"ACE", 2},
+{"ACHE", 576},
+{"ACID", 577},
+{"ACME", 578},
+{"ACRE", 579},
+{"ACT", 3},
+{"ACTA", 580},
+{"ACTS", 581},
+{"AD", 4},
+{"ADA", 5},
+{"ADAM", 582},
+{"ADD", 6},
+{"ADDS", 583},
+{"ADEN", 584},
+{"AFAR", 585},
+{"AFRO", 586},
+{"AGEE", 587},
+{"AGO", 7},
+{"AHEM", 588},
+{"AHOY", 589},
+{"AID", 8},
+{"AIDA", 590},
+{"AIDE", 591},
+{"AIDS", 592},
+{"AIM", 9},
+{"AIR", 10},
+{"AIRY", 593},
+{"AJAR", 594},
+{"AKIN", 595},
+{"ALAN", 596},
+{"ALEC", 597},
+{"ALGA", 598},
+{"ALIA", 599},
+{"ALL", 11},
+{"ALLY", 600},
+{"ALMA", 601},
+{"ALOE", 602},
+{"ALP", 12},
+{"ALSO", 603},
+{"ALTO", 604},
+{"ALUM", 605},
+{"ALVA", 606},
+{"AM", 13},
+{"AMEN", 607},
+{"AMES", 608},
+{"AMID", 609},
+{"AMMO", 610},
+{"AMOK", 611},
+{"AMOS", 612},
+{"AMRA", 613},
+{"AMY", 14},
+{"AN", 15},
+{"ANA", 16},
+{"AND", 17},
+{"ANDY", 614},
+{"ANEW", 615},
+{"ANN", 18},
+{"ANNA", 616},
+{"ANNE", 617},
+{"ANT", 19},
+{"ANTE", 618},
+{"ANTI", 619},
+{"ANY", 20},
+{"APE", 21},
+{"APS", 22},
+{"APT", 23},
+{"AQUA", 620},
+{"ARAB", 621},
+{"ARC", 24},
+{"ARCH", 622},
+{"ARE", 25},
+{"AREA", 623},
+{"ARGO", 624},
+{"ARID", 625},
+{"ARK", 26},
+{"ARM", 27},
+{"ARMY", 626},
+{"ART", 28},
+{"ARTS", 627},
+{"ARTY", 628},
+{"AS", 29},
+{"ASH", 30},
+{"ASIA", 629},
+{"ASK", 31},
+{"ASKS", 630},
+{"AT", 32},
+{"ATE", 33},
+{"ATOM", 631},
+{"AUG", 34},
+{"AUK", 35},
+{"AUNT", 632},
+{"AURA", 633},
+{"AUTO", 634},
+{"AVE", 36},
+{"AVER", 635},
+{"AVID", 636},
+{"AVIS", 637},
+{"AVON", 638},
+{"AVOW", 639},
+{"AWAY", 640},
+{"AWE", 37},
+{"AWK", 38},
+{"AWL", 39},
+{"AWN", 40},
+{"AWRY", 641},
+{"AX", 41},
+{"AYE", 42},
+{"BABE", 642},
+{"BABY", 643},
+{"BACH", 644},
+{"BACK", 645},
+{"BAD", 43},
+{"BADE", 646},
+{"BAG", 44},
+{"BAH", 45},
+{"BAIL", 647},
+{"BAIT", 648},
+{"BAKE", 649},
+{"BALD", 650},
+{"BALE", 651},
+{"BALI", 652},
+{"BALK", 653},
+{"BALL", 654},
+{"BALM", 655},
+{"BAM", 46},
+{"BAN", 47},
+{"BAND", 656},
+{"BANE", 657},
+{"BANG", 658},
+{"BANK", 659},
+{"BAR", 48},
+{"BARB", 660},
+{"BARD", 661},
+{"BARE", 662},
+{"BARK", 663},
+{"BARN", 664},
+{"BARR", 665},
+{"BASE", 666},
+{"BASH", 667},
+{"BASK", 668},
+{"BASS", 669},
+{"BAT", 49},
+{"BATE", 670},
+{"BATH", 671},
+{"BAWD", 672},
+{"BAWL", 673},
+{"BAY", 50},
+{"BE", 51},
+{"BEAD", 674},
+{"BEAK", 675},
+{"BEAM", 676},
+{"BEAN", 677},
+{"BEAR", 678},
+{"BEAT", 679},
+{"BEAU", 680},
+{"BECK", 681},
+{"BED", 52},
+{"BEE", 53},
+{"BEEF", 682},
+{"BEEN", 683},
+{"BEER", 684},
+{"BEET", 685},
+{"BEG", 54},
+{"BELA", 686},
+{"BELL", 687},
+{"BELT", 688},
+{"BEN", 55},
+{"BEND", 689},
+{"BENT", 690},
+{"BERG", 691},
+{"BERN", 692},
+{"BERT", 693},
+{"BESS", 694},
+{"BEST", 695},
+{"BET", 56},
+{"BETA", 696},
+{"BETH", 697},
+{"BEY", 57},
+{"BHOY", 698},
+{"BIAS", 699},
+{"BIB", 58},
+{"BID", 59},
+{"BIDE", 700},
+{"BIEN", 701},
+{"BIG", 60},
+{"BILE", 702},
+{"BILK", 703},
+{"BILL", 704},
+{"BIN", 61},
+{"BIND", 705},
+{"BING", 706},
+{"BIRD", 707},
+{"BIT", 62},
+{"BITE", 708},
+{"BITS", 709},
+{"BLAB", 710},
+{"BLAT", 711},
+{"BLED", 712},
+{"BLEW", 713},
+{"BLOB", 714},
+{"BLOC", 715},
+{"BLOT", 716},
+{"BLOW", 717},
+{"BLUE", 718},
+{"BLUM", 719},
+{"BLUR", 720},
+{"BOAR", 721},
+{"BOAT", 722},
+{"BOB", 63},
+{"BOCA", 723},
+{"BOCK", 724},
+{"BODE", 725},
+{"BODY", 726},
+{"BOG", 64},
+{"BOGY", 727},
+{"BOHR", 728},
+{"BOIL", 729},
+{"BOLD", 730},
+{"BOLO", 731},
+{"BOLT", 732},
+{"BOMB", 733},
+{"BON", 65},
+{"BONA", 734},
+{"BOND", 735},
+{"BONE", 736},
+{"BONG", 737},
+{"BONN", 738},
+{"BONY", 739},
+{"BOO", 66},
+{"BOOK", 740},
+{"BOOM", 741},
+{"BOON", 742},
+{"BOOT", 743},
+{"BOP", 67},
+{"BORE", 744},
+{"BORG", 745},
+{"BORN", 746},
+{"BOSE", 747},
+{"BOSS", 748},
+{"BOTH", 749},
+{"BOUT", 750},
+{"BOW", 68},
+{"BOWL", 751},
+{"BOY", 69},
+{"BOYD", 752},
+{"BRAD", 753},
+{"BRAE", 754},
+{"BRAG", 755},
+{"BRAN", 756},
+{"BRAY", 757},
+{"BRED", 758},
+{"BREW", 759},
+{"BRIG", 760},
+{"BRIM", 761},
+{"BROW", 762},
+{"BUB", 70},
+{"BUCK", 763},
+{"BUD", 71},
+{"BUDD", 764},
+{"BUFF", 765},
+{"BUG", 72},
+{"BULB", 766},
+{"BULK", 767},
+{"BULL", 768},
+{"BUM", 73},
+{"BUN", 74},
+{"BUNK", 769},
+{"BUNT", 770},
+{"BUOY", 771},
+{"BURG", 772},
+{"BURL", 773},
+{"BURN", 774},
+{"BURR", 775},
+{"BURT", 776},
+{"BURY", 777},
+{"BUS", 75},
+{"BUSH", 778},
+{"BUSS", 779},
+{"BUST", 780},
+{"BUSY", 781},
+{"BUT", 76},
+{"BUY", 77},
+{"BY", 78},
+{"BYE", 79},
+{"BYTE", 782},
+{"CAB", 80},
+{"CADY", 783},
+{"CAFE", 784},
+{"CAGE", 785},
+{"CAIN", 786},
+{"CAKE", 787},
+{"CAL", 81},
+{"CALF", 788},
+{"CALL", 789},
+{"CALM", 790},
+{"CAM", 82},
+{"CAME", 791},
+{"CAN", 83},
+{"CANE", 792},
+{"CANT", 793},
+{"CAP", 84},
+{"CAR", 85},
+{"CARD", 794},
+{"CARE", 795},
+{"CARL", 796},
+{"CARR", 797},
+{"CART", 798},
+{"CASE", 799},
+{"CASH", 800},
+{"CASK", 801},
+{"CAST", 802},
+{"CAT", 86},
+{"CAVE", 803},
+{"CAW", 87},
+{"CEIL", 804},
+{"CELL", 805},
+{"CENT", 806},
+{"CERN", 807},
+{"CHAD", 808},
+{"CHAR", 809},
+{"CHAT", 810},
+{"CHAW", 811},
+{"CHEF", 812},
+{"CHEN", 813},
+{"CHEW", 814},
+{"CHIC", 815},
+{"CHIN", 816},
+{"CHOU", 817},
+{"CHOW", 818},
+{"CHUB", 819},
+{"CHUG", 820},
+{"CHUM", 821},
+{"CITE", 822},
+{"CITY", 823},
+{"CLAD", 824},
+{"CLAM", 825},
+{"CLAN", 826},
+{"CLAW", 827},
+{"CLAY", 828},
+{"CLOD", 829},
+{"CLOG", 830},
+{"CLOT", 831},
+{"CLUB", 832},
+{"CLUE", 833},
+{"COAL", 834},
+{"COAT", 835},
+{"COCA", 836},
+{"COCK", 837},
+{"COCO", 838},
+{"COD", 88},
+{"CODA", 839},
+{"CODE", 840},
+{"CODY", 841},
+{"COED", 842},
+{"COG", 89},
+{"COIL", 843},
+{"COIN", 844},
+{"COKE", 845},
+{"COL", 90},
+{"COLA", 846},
+{"COLD", 847},
+{"COLT", 848},
+{"COMA", 849},
+{"COMB", 850},
+{"COME", 851},
+{"CON", 91},
+{"COO", 92},
+{"COOK", 852},
+{"COOL", 853},
+{"COON", 854},
+{"COOT", 855},
+{"COP", 93},
+{"CORD", 856},
+{"CORE", 857},
+{"CORK", 858},
+{"CORN", 859},
+{"COST", 860},
+{"COT", 94},
+{"COVE", 861},
+{"COW", 95},
+{"COWL", 862},
+{"COY", 96},
+{"CRAB", 863},
+{"CRAG", 864},
+{"CRAM", 865},
+{"CRAY", 866},
+{"CREW", 867},
+{"CRIB", 868},
+{"CROW", 869},
+{"CRUD", 870},
+{"CRY", 97},
+{"CUB", 98},
+{"CUBA", 871},
+{"CUBE", 872},
+{"CUE", 99},
+{"CUFF", 873},
+{"CULL", 874},
+{"CULT", 875},
+{"CUNY", 876},
+{"CUP", 100},
+{"CUR", 101},
+{"CURB", 877},
+{"CURD", 878},
+{"CURE", 879},
+{"CURL", 880},
+{"CURT", 881},
+{"CUT", 102},
+{"CUTS", 882},
+{"DAB", 103},
+{"DAD", 104},
+{"DADE", 883},
+{"DALE", 884},
+{"DAM", 105},
+{"DAME", 885},
+{"DAN", 106},
+{"DANA", 886},
+{"DANE", 887},
+{"DANG", 888},
+{"DANK", 889},
+{"DAR", 107},
+{"DARE", 890},
+{"DARK", 891},
+{"DARN", 892},
+{"DART", 893},
+{"DASH", 894},
+{"DATA", 895},
+{"DATE", 896},
+{"DAVE", 897},
+{"DAVY", 898},
+{"DAWN", 899},
+{"DAY", 108},
+{"DAYS", 900},
+{"DEAD", 901},
+{"DEAF", 902},
+{"DEAL", 903},
+{"DEAN", 904},
+{"DEAR", 905},
+{"DEBT", 906},
+{"DECK", 907},
+{"DEE", 109},
+{"DEED", 908},
+{"DEEM", 909},
+{"DEER", 910},
+{"DEFT", 911},
+{"DEFY", 912},
+{"DEL", 110},
+{"DELL", 913},
+{"DEN", 111},
+{"DENT", 914},
+{"DENY", 915},
+{"DES", 112},
+{"DESK", 916},
+{"DEW", 113},
+{"DIAL", 917},
+{"DICE", 918},
+{"DID", 114},
+{"DIE", 115},
+{"DIED", 919},
+{"DIET", 920},
+{"DIG", 116},
+{"DIME", 921},
+{"DIN", 117},
+{"DINE", 922},
+{"DING", 923},
+{"DINT", 924},
+{"DIP", 118},
+{"DIRE", 925},
+{"DIRT", 926},
+{"DISC", 927},
+{"DISH", 928},
+{"DISK", 929},
+{"DIVE", 930},
+{"DO", 119},
+{"DOCK", 931},
+{"DOE", 120},
+{"DOES", 932},
+{"DOG", 121},
+{"DOLE", 933},
+{"DOLL", 934},
+{"DOLT", 935},
+{"DOME", 936},
+{"DON", 122},
+{"DONE", 937},
+{"DOOM", 938},
+{"DOOR", 939},
+{"DORA", 940},
+{"DOSE", 941},
+{"DOT", 123},
+{"DOTE", 942},
+{"DOUG", 943},
+{"DOUR", 944},
+{"DOVE", 945},
+{"DOW", 124},
+{"DOWN", 946},
+{"DRAB", 947},
+{"DRAG", 948},
+{"DRAM", 949},
+{"DRAW", 950},
+{"DREW", 951},
+{"DRUB", 952},
+{"DRUG", 953},
+{"DRUM", 954},
+{"DRY", 125},
+{"DUAL", 955},
+{"DUB", 126},
+{"DUCK", 956},
+{"DUCT", 957},
+{"DUD", 127},
+{"DUE", 128},
+{"DUEL", 958},
+{"DUET", 959},
+{"DUG", 129},
+{"DUKE", 960},
+{"DULL", 961},
+{"DUMB", 962},
+{"DUN", 130},
+{"DUNE", 963},
+{"DUNK", 964},
+{"DUSK", 965},
+{"DUST", 966},
+{"DUTY", 967},
+{"EACH", 968},
+{"EAR", 131},
+{"EARL", 969},
+{"EARN", 970},
+{"EASE", 971},
+{"EAST", 972},
+{"EASY", 973},
+{"EAT", 132},
+{"EBEN", 974},
+{"ECHO", 975},
+{"ED", 133},
+{"EDDY", 976},
+{"EDEN", 977},
+{"EDGE", 978},
+{"EDGY", 979},
+{"EDIT", 980},
+{"EDNA", 981},
+{"EEL", 134},
+{"EGAN", 982},
+{"EGG", 135},
+{"EGO", 136},
+{"ELAN", 983},
+{"ELBA", 984},
+{"ELI", 137},
+{"ELK", 138},
+{"ELLA", 985},
+{"ELM", 139},
+{"ELSE", 986},
+{"ELY", 140},
+{"EM", 141},
+{"EMIL", 987},
+{"EMIT", 988},
+{"EMMA", 989},
+{"END", 142},
+{"ENDS", 990},
+{"ERIC", 991},
+{"EROS", 992},
+{"EST", 143},
+{"ETC", 144},
+{"EVA", 145},
+{"EVE", 146},
+{"EVEN", 993},
+{"EVER", 994},
+{"EVIL", 995},
+{"EWE", 147},
+{"EYE", 148},
+{"EYED", 996},
+{"FACE", 997},
+{"FACT", 998},
+{"FAD", 149},
+{"FADE", 999},
+{"FAIL", 1000},
+{"FAIN", 1001},
+{"FAIR", 1002},
+{"FAKE", 1003},
+{"FALL", 1004},
+{"FAME", 1005},
+{"FAN", 150},
+{"FANG", 1006},
+{"FAR", 151},
+{"FARM", 1007},
+{"FAST", 1008},
+{"FAT", 152},
+{"FATE", 1009},
+{"FAWN", 1010},
+{"FAY", 153},
+{"FEAR", 1011},
+{"FEAT", 1012},
+{"FED", 154},
+{"FEE", 155},
+{"FEED", 1013},
+{"FEEL", 1014},
+{"FEET", 1015},
+{"FELL", 1016},
+{"FELT", 1017},
+{"FEND", 1018},
+{"FERN", 1019},
+{"FEST", 1020},
+{"FEUD", 1021},
+{"FEW", 156},
+{"FIB", 157},
+{"FIEF", 1022},
+{"FIG", 158},
+{"FIGS", 1023},
+{"FILE", 1024},
+{"FILL", 1025},
+{"FILM", 1026},
+{"FIN", 159},
+{"FIND", 1027},
+{"FINE", 1028},
+{"FINK", 1029},
+{"FIR", 160},
+{"FIRE", 1030},
+{"FIRM", 1031},
+{"FISH", 1032},
+{"FISK", 1033},
+{"FIST", 1034},
+{"FIT", 161},
+{"FITS", 1035},
+{"FIVE", 1036},
+{"FLAG", 1037},
+{"FLAK", 1038},
+{"FLAM", 1039},
+{"FLAT", 1040},
+{"FLAW", 1041},
+{"FLEA", 1042},
+{"FLED", 1043},
+{"FLEW", 1044},
+{"FLIT", 1045},
+{"FLO", 162},
+{"FLOC", 1046},
+{"FLOG", 1047},
+{"FLOW", 1048},
+{"FLUB", 1049},
+{"FLUE", 1050},
+{"FLY", 163},
+{"FOAL", 1051},
+{"FOAM", 1052},
+{"FOE", 164},
+{"FOG", 165},
+{"FOGY", 1053},
+{"FOIL", 1054},
+{"FOLD", 1055},
+{"FOLK", 1056},
+{"FOND", 1057},
+{"FONT", 1058},
+{"FOOD", 1059},
+{"FOOL", 1060},
+{"FOOT", 1061},
+{"FOR", 166},
+{"FORD", 1062},
+{"FORE", 1063},
+{"FORK", 1064},
+{"FORM", 1065},
+{"FORT", 1066},
+{"FOSS", 1067},
+{"FOUL", 1068},
+{"FOUR", 1069},
+{"FOWL", 1070},
+{"FRAU", 1071},
+{"FRAY", 1072},
+{"FRED", 1073},
+{"FREE", 1074},
+{"FRET", 1075},
+{"FREY", 1076},
+{"FROG", 1077},
+{"FROM", 1078},
+{"FRY", 167},
+{"FUEL", 1079},
+{"FULL", 1080},
+{"FUM", 168},
+{"FUME", 1081},
+{"FUN", 169},
+{"FUND", 1082},
+{"FUNK", 1083},
+{"FUR", 170},
+{"FURY", 1084},
+{"FUSE", 1085},
+{"FUSS", 1086},
+{"GAB", 171},
+{"GAD", 172},
+{"GAFF", 1087},
+{"GAG", 173},
+{"GAGE", 1088},
+{"GAIL", 1089},
+{"GAIN", 1090},
+{"GAIT", 1091},
+{"GAL", 174},
+{"GALA", 1092},
+{"GALE", 1093},
+{"GALL", 1094},
+{"GALT", 1095},
+{"GAM", 175},
+{"GAME", 1096},
+{"GANG", 1097},
+{"GAP", 176},
+{"GARB", 1098},
+{"GARY", 1099},
+{"GAS", 177},
+{"GASH", 1100},
+{"GATE", 1101},
+{"GAUL", 1102},
+{"GAUR", 1103},
+{"GAVE", 1104},
+{"GAWK", 1105},
+{"GAY", 178},
+{"GEAR", 1106},
+{"GEE", 179},
+{"GEL", 180},
+{"GELD", 1107},
+{"GEM", 181},
+{"GENE", 1108},
+{"GENT", 1109},
+{"GERM", 1110},
+{"GET", 182},
+{"GETS", 1111},
+{"GIBE", 1112},
+{"GIFT", 1113},
+{"GIG", 183},
+{"GIL", 184},
+{"GILD", 1114},
+{"GILL", 1115},
+{"GILT", 1116},
+{"GIN", 185},
+{"GINA", 1117},
+{"GIRD", 1118},
+{"GIRL", 1119},
+{"GIST", 1120},
+{"GIVE", 1121},
+{"GLAD", 1122},
+{"GLEE", 1123},
+{"GLEN", 1124},
+{"GLIB", 1125},
+{"GLOB", 1126},
+{"GLOM", 1127},
+{"GLOW", 1128},
+{"GLUE", 1129},
+{"GLUM", 1130},
+{"GLUT", 1131},
+{"GO", 186},
+{"GOAD", 1132},
+{"GOAL", 1133},
+{"GOAT", 1134},
+{"GOER", 1135},
+{"GOES", 1136},
+{"GOLD", 1137},
+{"GOLF", 1138},
+{"GONE", 1139},
+{"GONG", 1140},
+{"GOOD", 1141},
+{"GOOF", 1142},
+{"GORE", 1143},
+{"GORY", 1144},
+{"GOSH", 1145},
+{"GOT", 187},
+{"GOUT", 1146},
+{"GOWN", 1147},
+{"GRAB", 1148},
+{"GRAD", 1149},
+{"GRAY", 1150},
+{"GREG", 1151},
+{"GREW", 1152},
+{"GREY", 1153},
+{"GRID", 1154},
+{"GRIM", 1155},
+{"GRIN", 1156},
+{"GRIT", 1157},
+{"GROW", 1158},
+{"GRUB", 1159},
+{"GULF", 1160},
+{"GULL", 1161},
+{"GUM", 188},
+{"GUN", 189},
+{"GUNK", 1162},
+{"GURU", 1163},
+{"GUS", 190},
+{"GUSH", 1164},
+{"GUST", 1165},
+{"GUT", 191},
+{"GUY", 192},
+{"GWEN", 1166},
+{"GWYN", 1167},
+{"GYM", 193},
+{"GYP", 194},
+{"HA", 195},
+{"HAAG", 1168},
+{"HAAS", 1169},
+{"HACK", 1170},
+{"HAD", 196},
+{"HAIL", 1171},
+{"HAIR", 1172},
+{"HAL", 197},
+{"HALE", 1173},
+{"HALF", 1174},
+{"HALL", 1175},
+{"HALO", 1176},
+{"HALT", 1177},
+{"HAM", 198},
+{"HAN", 199},
+{"HAND", 1178},
+{"HANG", 1179},
+{"HANK", 1180},
+{"HANS", 1181},
+{"HAP", 200},
+{"HARD", 1182},
+{"HARK", 1183},
+{"HARM", 1184},
+{"HART", 1185},
+{"HAS", 201},
+{"HASH", 1186},
+{"HAST", 1187},
+{"HAT", 202},
+{"HATE", 1188},
+{"HATH", 1189},
+{"HAUL", 1190},
+{"HAVE", 1191},
+{"HAW", 203},
+{"HAWK", 1192},
+{"HAY", 204},
+{"HAYS", 1193},
+{"HE", 205},
+{"HEAD", 1194},
+{"HEAL", 1195},
+{"HEAR", 1196},
+{"HEAT", 1197},
+{"HEBE", 1198},
+{"HECK", 1199},
+{"HEED", 1200},
+{"HEEL", 1201},
+{"HEFT", 1202},
+{"HELD", 1203},
+{"HELL", 1204},
+{"HELM", 1205},
+{"HEM", 206},
+{"HEN", 207},
+{"HER", 208},
+{"HERB", 1206},
+{"HERD", 1207},
+{"HERE", 1208},
+{"HERO", 1209},
+{"HERS", 1210},
+{"HESS", 1211},
+{"HEW", 209},
+{"HEWN", 1212},
+{"HEY", 210},
+{"HI", 211},
+{"HICK", 1213},
+{"HID", 212},
+{"HIDE", 1214},
+{"HIGH", 1215},
+{"HIKE", 1216},
+{"HILL", 1217},
+{"HILT", 1218},
+{"HIM", 213},
+{"HIND", 1219},
+{"HINT", 1220},
+{"HIP", 214},
+{"HIRE", 1221},
+{"HIS", 215},
+{"HISS", 1222},
+{"HIT", 216},
+{"HIVE", 1223},
+{"HO", 217},
+{"HOB", 218},
+{"HOBO", 1224},
+{"HOC", 219},
+{"HOCK", 1225},
+{"HOE", 220},
+{"HOFF", 1226},
+{"HOG", 221},
+{"HOLD", 1227},
+{"HOLE", 1228},
+{"HOLM", 1229},
+{"HOLT", 1230},
+{"HOME", 1231},
+{"HONE", 1232},
+{"HONK", 1233},
+{"HOOD", 1234},
+{"HOOF", 1235},
+{"HOOK", 1236},
+{"HOOT", 1237},
+{"HOP", 222},
+{"HORN", 1238},
+{"HOSE", 1239},
+{"HOST", 1240},
+{"HOT", 223},
+{"HOUR", 1241},
+{"HOVE", 1242},
+{"HOW", 224},
+{"HOWE", 1243},
+{"HOWL", 1244},
+{"HOYT", 1245},
+{"HUB", 225},
+{"HUCK", 1246},
+{"HUE", 226},
+{"HUED", 1247},
+{"HUFF", 1248},
+{"HUG", 227},
+{"HUGE", 1249},
+{"HUGH", 1250},
+{"HUGO", 1251},
+{"HUH", 228},
+{"HULK", 1252},
+{"HULL", 1253},
+{"HUM", 229},
+{"HUNK", 1254},
+{"HUNT", 1255},
+{"HURD", 1256},
+{"HURL", 1257},
+{"HURT", 1258},
+{"HUSH", 1259},
+{"HUT", 230},
+{"HYDE", 1260},
+{"HYMN", 1261},
+{"I", 231},
+{"IBIS", 1262},
+{"ICON", 1263},
+{"ICY", 232},
+{"IDA", 233},
+{"IDEA", 1264},
+{"IDLE", 1265},
+{"IF", 234},
+{"IFFY", 1266},
+{"IKE", 235},
+{"ILL", 236},
+{"INCA", 1267},
+{"INCH", 1268},
+{"INK", 237},
+{"INN", 238},
+{"INTO", 1269},
+{"IO", 239},
+{"ION", 240},
+{"IONS", 1270},
+{"IOTA", 1271},
+{"IOWA", 1272},
+{"IQ", 241},
+{"IRA", 242},
+{"IRE", 243},
+{"IRIS", 1273},
+{"IRK", 244},
+{"IRMA", 1274},
+{"IRON", 1275},
+{"IS", 245},
+{"ISLE", 1276},
+{"IT", 246},
+{"ITCH", 1277},
+{"ITEM", 1278},
+{"ITS", 247},
+{"IVAN", 1279},
+{"IVY", 248},
+{"JAB", 249},
+{"JACK", 1280},
+{"JADE", 1281},
+{"JAG", 250},
+{"JAIL", 1282},
+{"JAKE", 1283},
+{"JAM", 251},
+{"JAN", 252},
+{"JANE", 1284},
+{"JAR", 253},
+{"JAVA", 1285},
+{"JAW", 254},
+{"JAY", 255},
+{"JEAN", 1286},
+{"JEFF", 1287},
+{"JERK", 1288},
+{"JESS", 1289},
+{"JEST", 1290},
+{"JET", 256},
+{"JIBE", 1291},
+{"JIG", 257},
+{"JILL", 1292},
+{"JILT", 1293},
+{"JIM", 258},
+{"JIVE", 1294},
+{"JO", 259},
+{"JOAN", 1295},
+{"JOB", 260},
+{"JOBS", 1296},
+{"JOCK", 1297},
+{"JOE", 261},
+{"JOEL", 1298},
+{"JOEY", 1299},
+{"JOG", 262},
+{"JOHN", 1300},
+{"JOIN", 1301},
+{"JOKE", 1302},
+{"JOLT", 1303},
+{"JOT", 263},
+{"JOVE", 1304},
+{"JOY", 264},
+{"JUDD", 1305},
+{"JUDE", 1306},
+{"JUDO", 1307},
+{"JUDY", 1308},
+{"JUG", 265},
+{"JUJU", 1309},
+{"JUKE", 1310},
+{"JULY", 1311},
+{"JUNE", 1312},
+{"JUNK", 1313},
+{"JUNO", 1314},
+{"JURY", 1315},
+{"JUST", 1316},
+{"JUT", 266},
+{"JUTE", 1317},
+{"KAHN", 1318},
+{"KALE", 1319},
+{"KANE", 1320},
+{"KANT", 1321},
+{"KARL", 1322},
+{"KATE", 1323},
+{"KAY", 267},
+{"KEEL", 1324},
+{"KEEN", 1325},
+{"KEG", 268},
+{"KEN", 269},
+{"KENO", 1326},
+{"KENT", 1327},
+{"KERN", 1328},
+{"KERR", 1329},
+{"KEY", 270},
+{"KEYS", 1330},
+{"KICK", 1331},
+{"KID", 271},
+{"KILL", 1332},
+{"KIM", 272},
+{"KIN", 273},
+{"KIND", 1333},
+{"KING", 1334},
+{"KIRK", 1335},
+{"KISS", 1336},
+{"KIT", 274},
+{"KITE", 1337},
+{"KLAN", 1338},
+{"KNEE", 1339},
+{"KNEW", 1340},
+{"KNIT", 1341},
+{"KNOB", 1342},
+{"KNOT", 1343},
+{"KNOW", 1344},
+{"KOCH", 1345},
+{"KONG", 1346},
+{"KUDO", 1347},
+{"KURD", 1348},
+{"KURT", 1349},
+{"KYLE", 1350},
+{"LA", 275},
+{"LAB", 276},
+{"LAC", 277},
+{"LACE", 1351},
+{"LACK", 1352},
+{"LACY", 1353},
+{"LAD", 278},
+{"LADY", 1354},
+{"LAG", 279},
+{"LAID", 1355},
+{"LAIN", 1356},
+{"LAIR", 1357},
+{"LAKE", 1358},
+{"LAM", 280},
+{"LAMB", 1359},
+{"LAME", 1360},
+{"LAND", 1361},
+{"LANE", 1362},
+{"LANG", 1363},
+{"LAP", 281},
+{"LARD", 1364},
+{"LARK", 1365},
+{"LASS", 1366},
+{"LAST", 1367},
+{"LATE", 1368},
+{"LAUD", 1369},
+{"LAVA", 1370},
+{"LAW", 282},
+{"LAWN", 1371},
+{"LAWS", 1372},
+{"LAY", 283},
+{"LAYS", 1373},
+{"LEA", 284},
+{"LEAD", 1374},
+{"LEAF", 1375},
+{"LEAK", 1376},
+{"LEAN", 1377},
+{"LEAR", 1378},
+{"LED", 285},
+{"LEE", 286},
+{"LEEK", 1379},
+{"LEER", 1380},
+{"LEFT", 1381},
+{"LEG", 287},
+{"LEN", 288},
+{"LEND", 1382},
+{"LENS", 1383},
+{"LENT", 1384},
+{"LEO", 289},
+{"LEON", 1385},
+{"LESK", 1386},
+{"LESS", 1387},
+{"LEST", 1388},
+{"LET", 290},
+{"LETS", 1389},
+{"LEW", 291},
+{"LIAR", 1390},
+{"LICE", 1391},
+{"LICK", 1392},
+{"LID", 292},
+{"LIE", 293},
+{"LIED", 1393},
+{"LIEN", 1394},
+{"LIES", 1395},
+{"LIEU", 1396},
+{"LIFE", 1397},
+{"LIFT", 1398},
+{"LIKE", 1399},
+{"LILA", 1400},
+{"LILT", 1401},
+{"LILY", 1402},
+{"LIMA", 1403},
+{"LIMB", 1404},
+{"LIME", 1405},
+{"LIN", 294},
+{"LIND", 1406},
+{"LINE", 1407},
+{"LINK", 1408},
+{"LINT", 1409},
+{"LION", 1410},
+{"LIP", 295},
+{"LISA", 1411},
+{"LIST", 1412},
+{"LIT", 296},
+{"LIVE", 1413},
+{"LO", 297},
+{"LOAD", 1414},
+{"LOAF", 1415},
+{"LOAM", 1416},
+{"LOAN", 1417},
+{"LOB", 298},
+{"LOCK", 1418},
+{"LOFT", 1419},
+{"LOG", 299},
+{"LOGE", 1420},
+{"LOIS", 1421},
+{"LOLA", 1422},
+{"LONE", 1423},
+{"LONG", 1424},
+{"LOOK", 1425},
+{"LOON", 1426},
+{"LOOT", 1427},
+{"LOP", 300},
+{"LORD", 1428},
+{"LORE", 1429},
+{"LOS", 301},
+{"LOSE", 1430},
+{"LOSS", 1431},
+{"LOST", 1432},
+{"LOT", 302},
+{"LOU", 303},
+{"LOUD", 1433},
+{"LOVE", 1434},
+{"LOW", 304},
+{"LOWE", 1435},
+{"LOY", 305},
+{"LUCK", 1436},
+{"LUCY", 1437},
+{"LUG", 306},
+{"LUGE", 1438},
+{"LUKE", 1439},
+{"LULU", 1440},
+{"LUND", 1441},
+{"LUNG", 1442},
+{"LURA", 1443},
+{"LURE", 1444},
+{"LURK", 1445},
+{"LUSH", 1446},
+{"LUST", 1447},
+{"LYE", 307},
+{"LYLE", 1448},
+{"LYNN", 1449},
+{"LYON", 1450},
+{"LYRA", 1451},
+{"MA", 308},
+{"MAC", 309},
+{"MACE", 1452},
+{"MAD", 310},
+{"MADE", 1453},
+{"MAE", 311},
+{"MAGI", 1454},
+{"MAID", 1455},
+{"MAIL", 1456},
+{"MAIN", 1457},
+{"MAKE", 1458},
+{"MALE", 1459},
+{"MALI", 1460},
+{"MALL", 1461},
+{"MALT", 1462},
+{"MAN", 312},
+{"MANA", 1463},
+{"MANN", 1464},
+{"MANY", 1465},
+{"MAO", 313},
+{"MAP", 314},
+{"MARC", 1466},
+{"MARE", 1467},
+{"MARK", 1468},
+{"MARS", 1469},
+{"MART", 1470},
+{"MARY", 1471},
+{"MASH", 1472},
+{"MASK", 1473},
+{"MASS", 1474},
+{"MAST", 1475},
+{"MAT", 315},
+{"MATE", 1476},
+{"MATH", 1477},
+{"MAUL", 1478},
+{"MAW", 316},
+{"MAY", 317},
+{"MAYO", 1479},
+{"ME", 318},
+{"MEAD", 1480},
+{"MEAL", 1481},
+{"MEAN", 1482},
+{"MEAT", 1483},
+{"MEEK", 1484},
+{"MEET", 1485},
+{"MEG", 319},
+{"MEL", 320},
+{"MELD", 1486},
+{"MELT", 1487},
+{"MEMO", 1488},
+{"MEN", 321},
+{"MEND", 1489},
+{"MENU", 1490},
+{"MERT", 1491},
+{"MESH", 1492},
+{"MESS", 1493},
+{"MET", 322},
+{"MEW", 323},
+{"MICE", 1494},
+{"MID", 324},
+{"MIKE", 1495},
+{"MILD", 1496},
+{"MILE", 1497},
+{"MILK", 1498},
+{"MILL", 1499},
+{"MILT", 1500},
+{"MIMI", 1501},
+{"MIN", 325},
+{"MIND", 1502},
+{"MINE", 1503},
+{"MINI", 1504},
+{"MINK", 1505},
+{"MINT", 1506},
+{"MIRE", 1507},
+{"MISS", 1508},
+{"MIST", 1509},
+{"MIT", 326},
+{"MITE", 1510},
+{"MITT", 1511},
+{"MOAN", 1512},
+{"MOAT", 1513},
+{"MOB", 327},
+{"MOCK", 1514},
+{"MOD", 328},
+{"MODE", 1515},
+{"MOE", 329},
+{"MOLD", 1516},
+{"MOLE", 1517},
+{"MOLL", 1518},
+{"MOLT", 1519},
+{"MONA", 1520},
+{"MONK", 1521},
+{"MONT", 1522},
+{"MOO", 330},
+{"MOOD", 1523},
+{"MOON", 1524},
+{"MOOR", 1525},
+{"MOOT", 1526},
+{"MOP", 331},
+{"MORE", 1527},
+{"MORN", 1528},
+{"MORT", 1529},
+{"MOS", 332},
+{"MOSS", 1530},
+{"MOST", 1531},
+{"MOT", 333},
+{"MOTH", 1532},
+{"MOVE", 1533},
+{"MOW", 334},
+{"MUCH", 1534},
+{"MUCK", 1535},
+{"MUD", 335},
+{"MUDD", 1536},
+{"MUFF", 1537},
+{"MUG", 336},
+{"MULE", 1538},
+{"MULL", 1539},
+{"MUM", 337},
+{"MURK", 1540},
+{"MUSH", 1541},
+{"MUST", 1542},
+{"MUTE", 1543},
+{"MUTT", 1544},
+{"MY", 338},
+{"MYRA", 1545},
+{"MYTH", 1546},
+{"NAB", 339},
+{"NAG", 340},
+{"NAGY", 1547},
+{"NAIL", 1548},
+{"NAIR", 1549},
+{"NAME", 1550},
+{"NAN", 341},
+{"NAP", 342},
+{"NARY", 1551},
+{"NASH", 1552},
+{"NAT", 343},
+{"NAVE", 1553},
+{"NAVY", 1554},
+{"NAY", 344},
+{"NE", 345},
+{"NEAL", 1555},
+{"NEAR", 1556},
+{"NEAT", 1557},
+{"NECK", 1558},
+{"NED", 346},
+{"NEE", 347},
+{"NEED", 1559},
+{"NEIL", 1560},
+{"NELL", 1561},
+{"NEON", 1562},
+{"NERO", 1563},
+{"NESS", 1564},
+{"NEST", 1565},
+{"NET", 348},
+{"NEW", 349},
+{"NEWS", 1566},
+{"NEWT", 1567},
+{"NIB", 350},
+{"NIBS", 1568},
+{"NICE", 1569},
+{"NICK", 1570},
+{"NIIL", 351},
+{"NILE", 1571},
+{"NINA", 1572},
+{"NINE", 1573},
+{"NIP", 352},
+{"NIT", 353},
+{"NO", 354},
+{"NOAH", 1574},
+{"NOB", 355},
+{"NOD", 356},
+{"NODE", 1575},
+{"NOEL", 1576},
+{"NOLL", 1577},
+{"NON", 357},
+{"NONE", 1578},
+{"NOOK", 1579},
+{"NOON", 1580},
+{"NOR", 358},
+{"NORM", 1581},
+{"NOSE", 1582},
+{"NOT", 359},
+{"NOTE", 1583},
+{"NOUN", 1584},
+{"NOV", 360},
+{"NOVA", 1585},
+{"NOW", 361},
+{"NU", 362},
+{"NUDE", 1586},
+{"NULL", 1587},
+{"NUMB", 1588},
+{"NUN", 363},
+{"NUT", 364},
+{"O", 365},
+{"OAF", 366},
+{"OAK", 367},
+{"OAR", 368},
+{"OAT", 369},
+{"OATH", 1589},
+{"OBEY", 1590},
+{"OBOE", 1591},
+{"ODD", 370},
+{"ODE", 371},
+{"ODIN", 1592},
+{"OF", 372},
+{"OFF", 373},
+{"OFT", 374},
+{"OH", 375},
+{"OHIO", 1593},
+{"OIL", 376},
+{"OILY", 1594},
+{"OINT", 1595},
+{"OK", 377},
+{"OKAY", 1596},
+{"OLAF", 1597},
+{"OLD", 378},
+{"OLDY", 1598},
+{"OLGA", 1599},
+{"OLIN", 1600},
+{"OMAN", 1601},
+{"OMEN", 1602},
+{"OMIT", 1603},
+{"ON", 379},
+{"ONCE", 1604},
+{"ONE", 380},
+{"ONES", 1605},
+{"ONLY", 1606},
+{"ONTO", 1607},
+{"ONUS", 1608},
+{"OR", 381},
+{"ORAL", 1609},
+{"ORB", 382},
+{"ORE", 383},
+{"ORGY", 1610},
+{"ORR", 384},
+{"OS", 385},
+{"OSLO", 1611},
+{"OTIS", 1612},
+{"OTT", 386},
+{"OTTO", 1613},
+{"OUCH", 1614},
+{"OUR", 387},
+{"OUST", 1615},
+{"OUT", 388},
+{"OUTS", 1616},
+{"OVA", 389},
+{"OVAL", 1617},
+{"OVEN", 1618},
+{"OVER", 1619},
+{"OW", 390},
+{"OWE", 391},
+{"OWL", 392},
+{"OWLY", 1620},
+{"OWN", 393},
+{"OWNS", 1621},
+{"OX", 394},
+{"PA", 395},
+{"PAD", 396},
+{"PAL", 397},
+{"PAM", 398},
+{"PAN", 399},
+{"PAP", 400},
+{"PAR", 401},
+{"PAT", 402},
+{"PAW", 403},
+{"PAY", 404},
+{"PEA", 405},
+{"PEG", 406},
+{"PEN", 407},
+{"PEP", 408},
+{"PER", 409},
+{"PET", 410},
+{"PEW", 411},
+{"PHI", 412},
+{"PI", 413},
+{"PIE", 414},
+{"PIN", 415},
+{"PIT", 416},
+{"PLY", 417},
+{"PO", 418},
+{"POD", 419},
+{"POE", 420},
+{"POP", 421},
+{"POT", 422},
+{"POW", 423},
+{"PRO", 424},
+{"PRY", 425},
+{"PUB", 426},
+{"PUG", 427},
+{"PUN", 428},
+{"PUP", 429},
+{"PUT", 430},
+{"QUAD", 1622},
+{"QUIT", 1623},
+{"QUO", 431},
+{"QUOD", 1624},
+{"RACE", 1625},
+{"RACK", 1626},
+{"RACY", 1627},
+{"RAFT", 1628},
+{"RAG", 432},
+{"RAGE", 1629},
+{"RAID", 1630},
+{"RAIL", 1631},
+{"RAIN", 1632},
+{"RAKE", 1633},
+{"RAM", 433},
+{"RAN", 434},
+{"RANK", 1634},
+{"RANT", 1635},
+{"RAP", 435},
+{"RARE", 1636},
+{"RASH", 1637},
+{"RAT", 436},
+{"RATE", 1638},
+{"RAVE", 1639},
+{"RAW", 437},
+{"RAY", 438},
+{"RAYS", 1640},
+{"READ", 1641},
+{"REAL", 1642},
+{"REAM", 1643},
+{"REAR", 1644},
+{"REB", 439},
+{"RECK", 1645},
+{"RED", 440},
+{"REED", 1646},
+{"REEF", 1647},
+{"REEK", 1648},
+{"REEL", 1649},
+{"REID", 1650},
+{"REIN", 1651},
+{"RENA", 1652},
+{"REND", 1653},
+{"RENT", 1654},
+{"REP", 441},
+{"REST", 1655},
+{"RET", 442},
+{"RIB", 443},
+{"RICE", 1656},
+{"RICH", 1657},
+{"RICK", 1658},
+{"RID", 444},
+{"RIDE", 1659},
+{"RIFT", 1660},
+{"RIG", 445},
+{"RILL", 1661},
+{"RIM", 446},
+{"RIME", 1662},
+{"RING", 1663},
+{"RINK", 1664},
+{"RIO", 447},
+{"RIP", 448},
+{"RISE", 1665},
+{"RISK", 1666},
+{"RITE", 1667},
+{"ROAD", 1668},
+{"ROAM", 1669},
+{"ROAR", 1670},
+{"ROB", 449},
+{"ROBE", 1671},
+{"ROCK", 1672},
+{"ROD", 450},
+{"RODE", 1673},
+{"ROE", 451},
+{"ROIL", 1674},
+{"ROLL", 1675},
+{"ROME", 1676},
+{"RON", 452},
+{"ROOD", 1677},
+{"ROOF", 1678},
+{"ROOK", 1679},
+{"ROOM", 1680},
+{"ROOT", 1681},
+{"ROSA", 1682},
+{"ROSE", 1683},
+{"ROSS", 1684},
+{"ROSY", 1685},
+{"ROT", 453},
+{"ROTH", 1686},
+{"ROUT", 1687},
+{"ROVE", 1688},
+{"ROW", 454},
+{"ROWE", 1689},
+{"ROWS", 1690},
+{"ROY", 455},
+{"RUB", 456},
+{"RUBE", 1691},
+{"RUBY", 1692},
+{"RUDE", 1693},
+{"RUDY", 1694},
+{"RUE", 457},
+{"RUG", 458},
+{"RUIN", 1695},
+{"RULE", 1696},
+{"RUM", 459},
+{"RUN", 460},
+{"RUNG", 1697},
+{"RUNS", 1698},
+{"RUNT", 1699},
+{"RUSE", 1700},
+{"RUSH", 1701},
+{"RUSK", 1702},
+{"RUSS", 1703},
+{"RUST", 1704},
+{"RUTH", 1705},
+{"RYE", 461},
+{"SAC", 462},
+{"SACK", 1706},
+{"SAD", 463},
+{"SAFE", 1707},
+{"SAG", 464},
+{"SAGE", 1708},
+{"SAID", 1709},
+{"SAIL", 1710},
+{"SAL", 465},
+{"SALE", 1711},
+{"SALK", 1712},
+{"SALT", 1713},
+{"SAM", 466},
+{"SAME", 1714},
+{"SAN", 467},
+{"SAND", 1715},
+{"SANE", 1716},
+{"SANG", 1717},
+{"SANK", 1718},
+{"SAP", 468},
+{"SARA", 1719},
+{"SAT", 469},
+{"SAUL", 1720},
+{"SAVE", 1721},
+{"SAW", 470},
+{"SAY", 471},
+{"SAYS", 1722},
+{"SCAN", 1723},
+{"SCAR", 1724},
+{"SCAT", 1725},
+{"SCOT", 1726},
+{"SEA", 472},
+{"SEAL", 1727},
+{"SEAM", 1728},
+{"SEAR", 1729},
+{"SEAT", 1730},
+{"SEC", 473},
+{"SEE", 474},
+{"SEED", 1731},
+{"SEEK", 1732},
+{"SEEM", 1733},
+{"SEEN", 1734},
+{"SEES", 1735},
+{"SELF", 1736},
+{"SELL", 1737},
+{"SEN", 475},
+{"SEND", 1738},
+{"SENT", 1739},
+{"SET", 476},
+{"SETS", 1740},
+{"SEW", 477},
+{"SEWN", 1741},
+{"SHAG", 1742},
+{"SHAM", 1743},
+{"SHAW", 1744},
+{"SHAY", 1745},
+{"SHE", 478},
+{"SHED", 1746},
+{"SHIM", 1747},
+{"SHIN", 1748},
+{"SHOD", 1749},
+{"SHOE", 1750},
+{"SHOT", 1751},
+{"SHOW", 1752},
+{"SHUN", 1753},
+{"SHUT", 1754},
+{"SHY", 479},
+{"SICK", 1755},
+{"SIDE", 1756},
+{"SIFT", 1757},
+{"SIGH", 1758},
+{"SIGN", 1759},
+{"SILK", 1760},
+{"SILL", 1761},
+{"SILO", 1762},
+{"SILT", 1763},
+{"SIN", 480},
+{"SINE", 1764},
+{"SING", 1765},
+{"SINK", 1766},
+{"SIP", 481},
+{"SIR", 482},
+{"SIRE", 1767},
+{"SIS", 483},
+{"SIT", 484},
+{"SITE", 1768},
+{"SITS", 1769},
+{"SITU", 1770},
+{"SKAT", 1771},
+{"SKEW", 1772},
+{"SKI", 485},
+{"SKID", 1773},
+{"SKIM", 1774},
+{"SKIN", 1775},
+{"SKIT", 1776},
+{"SKY", 486},
+{"SLAB", 1777},
+{"SLAM", 1778},
+{"SLAT", 1779},
+{"SLAY", 1780},
+{"SLED", 1781},
+{"SLEW", 1782},
+{"SLID", 1783},
+{"SLIM", 1784},
+{"SLIT", 1785},
+{"SLOB", 1786},
+{"SLOG", 1787},
+{"SLOT", 1788},
+{"SLOW", 1789},
+{"SLUG", 1790},
+{"SLUM", 1791},
+{"SLUR", 1792},
+{"SLY", 487},
+{"SMOG", 1793},
+{"SMUG", 1794},
+{"SNAG", 1795},
+{"SNOB", 1796},
+{"SNOW", 1797},
+{"SNUB", 1798},
+{"SNUG", 1799},
+{"SO", 488},
+{"SOAK", 1800},
+{"SOAR", 1801},
+{"SOB", 489},
+{"SOCK", 1802},
+{"SOD", 490},
+{"SODA", 1803},
+{"SOFA", 1804},
+{"SOFT", 1805},
+{"SOIL", 1806},
+{"SOLD", 1807},
+{"SOME", 1808},
+{"SON", 491},
+{"SONG", 1809},
+{"SOON", 1810},
+{"SOOT", 1811},
+{"SOP", 492},
+{"SORE", 1812},
+{"SORT", 1813},
+{"SOUL", 1814},
+{"SOUR", 1815},
+{"SOW", 493},
+{"SOWN", 1816},
+{"SOY", 494},
+{"SPA", 495},
+{"SPY", 496},
+{"STAB", 1817},
+{"STAG", 1818},
+{"STAN", 1819},
+{"STAR", 1820},
+{"STAY", 1821},
+{"STEM", 1822},
+{"STEW", 1823},
+{"STIR", 1824},
+{"STOW", 1825},
+{"STUB", 1826},
+{"STUN", 1827},
+{"SUB", 497},
+{"SUCH", 1828},
+{"SUD", 498},
+{"SUDS", 1829},
+{"SUE", 499},
+{"SUIT", 1830},
+{"SULK", 1831},
+{"SUM", 500},
+{"SUMS", 1832},
+{"SUN", 501},
+{"SUNG", 1833},
+{"SUNK", 1834},
+{"SUP", 502},
+{"SURE", 1835},
+{"SURF", 1836},
+{"SWAB", 1837},
+{"SWAG", 1838},
+{"SWAM", 1839},
+{"SWAN", 1840},
+{"SWAT", 1841},
+{"SWAY", 1842},
+{"SWIM", 1843},
+{"SWUM", 1844},
+{"TAB", 503},
+{"TACK", 1845},
+{"TACT", 1846},
+{"TAD", 504},
+{"TAG", 505},
+{"TAIL", 1847},
+{"TAKE", 1848},
+{"TALE", 1849},
+{"TALK", 1850},
+{"TALL", 1851},
+{"TAN", 506},
+{"TANK", 1852},
+{"TAP", 507},
+{"TAR", 508},
+{"TASK", 1853},
+{"TATE", 1854},
+{"TAUT", 1855},
+{"TEA", 509},
+{"TEAL", 1856},
+{"TEAM", 1857},
+{"TEAR", 1858},
+{"TECH", 1859},
+{"TED", 510},
+{"TEE", 511},
+{"TEEM", 1860},
+{"TEEN", 1861},
+{"TEET", 1862},
+{"TELL", 1863},
+{"TEN", 512},
+{"TEND", 1864},
+{"TENT", 1865},
+{"TERM", 1866},
+{"TERN", 1867},
+{"TESS", 1868},
+{"TEST", 1869},
+{"THAN", 1870},
+{"THAT", 1871},
+{"THE", 513},
+{"THEE", 1872},
+{"THEM", 1873},
+{"THEN", 1874},
+{"THEY", 1875},
+{"THIN", 1876},
+{"THIS", 1877},
+{"THUD", 1878},
+{"THUG", 1879},
+{"THY", 514},
+{"TIC", 515},
+{"TICK", 1880},
+{"TIDE", 1881},
+{"TIDY", 1882},
+{"TIE", 516},
+{"TIED", 1883},
+{"TIER", 1884},
+{"TILE", 1885},
+{"TILL", 1886},
+{"TILT", 1887},
+{"TIM", 517},
+{"TIME", 1888},
+{"TIN", 518},
+{"TINA", 1889},
+{"TINE", 1890},
+{"TINT", 1891},
+{"TINY", 1892},
+{"TIP", 519},
+{"TIRE", 1893},
+{"TO", 520},
+{"TOAD", 1894},
+{"TOE", 521},
+{"TOG", 522},
+{"TOGO", 1895},
+{"TOIL", 1896},
+{"TOLD", 1897},
+{"TOLL", 1898},
+{"TOM", 523},
+{"TON", 524},
+{"TONE", 1899},
+{"TONG", 1900},
+{"TONY", 1901},
+{"TOO", 525},
+{"TOOK", 1902},
+{"TOOL", 1903},
+{"TOOT", 1904},
+{"TOP", 526},
+{"TORE", 1905},
+{"TORN", 1906},
+{"TOTE", 1907},
+{"TOUR", 1908},
+{"TOUT", 1909},
+{"TOW", 527},
+{"TOWN", 1910},
+{"TOY", 528},
+{"TRAG", 1911},
+{"TRAM", 1912},
+{"TRAY", 1913},
+{"TREE", 1914},
+{"TREK", 1915},
+{"TRIG", 1916},
+{"TRIM", 1917},
+{"TRIO", 1918},
+{"TROD", 1919},
+{"TROT", 1920},
+{"TROY", 1921},
+{"TRUE", 1922},
+{"TRY", 529},
+{"TUB", 530},
+{"TUBA", 1923},
+{"TUBE", 1924},
+{"TUCK", 1925},
+{"TUFT", 1926},
+{"TUG", 531},
+{"TUM", 532},
+{"TUN", 533},
+{"TUNA", 1927},
+{"TUNE", 1928},
+{"TUNG", 1929},
+{"TURF", 1930},
+{"TURN", 1931},
+{"TUSK", 1932},
+{"TWIG", 1933},
+{"TWIN", 1934},
+{"TWIT", 1935},
+{"TWO", 534},
+{"ULAN", 1936},
+{"UN", 535},
+{"UNIT", 1937},
+{"UP", 536},
+{"URGE", 1938},
+{"US", 537},
+{"USE", 538},
+{"USED", 1939},
+{"USER", 1940},
+{"USES", 1941},
+{"UTAH", 1942},
+{"VAIL", 1943},
+{"VAIN", 1944},
+{"VALE", 1945},
+{"VAN", 539},
+{"VARY", 1946},
+{"VASE", 1947},
+{"VAST", 1948},
+{"VAT", 540},
+{"VEAL", 1949},
+{"VEDA", 1950},
+{"VEIL", 1951},
+{"VEIN", 1952},
+{"VEND", 1953},
+{"VENT", 1954},
+{"VERB", 1955},
+{"VERY", 1956},
+{"VET", 541},
+{"VETO", 1957},
+{"VICE", 1958},
+{"VIE", 542},
+{"VIEW", 1959},
+{"VINE", 1960},
+{"VISE", 1961},
+{"VOID", 1962},
+{"VOLT", 1963},
+{"VOTE", 1964},
+{"WACK", 1965},
+{"WAD", 543},
+{"WADE", 1966},
+{"WAG", 544},
+{"WAGE", 1967},
+{"WAIL", 1968},
+{"WAIT", 1969},
+{"WAKE", 1970},
+{"WALE", 1971},
+{"WALK", 1972},
+{"WALL", 1973},
+{"WALT", 1974},
+{"WAND", 1975},
+{"WANE", 1976},
+{"WANG", 1977},
+{"WANT", 1978},
+{"WAR", 545},
+{"WARD", 1979},
+{"WARM", 1980},
+{"WARN", 1981},
+{"WART", 1982},
+{"WAS", 546},
+{"WASH", 1983},
+{"WAST", 1984},
+{"WATS", 1985},
+{"WATT", 1986},
+{"WAVE", 1987},
+{"WAVY", 1988},
+{"WAY", 547},
+{"WAYS", 1989},
+{"WE", 548},
+{"WEAK", 1990},
+{"WEAL", 1991},
+{"WEAN", 1992},
+{"WEAR", 1993},
+{"WEB", 549},
+{"WED", 550},
+{"WEE", 551},
+{"WEED", 1994},
+{"WEEK", 1995},
+{"WEIR", 1996},
+{"WELD", 1997},
+{"WELL", 1998},
+{"WELT", 1999},
+{"WENT", 2000},
+{"WERE", 2001},
+{"WERT", 2002},
+{"WEST", 2003},
+{"WET", 552},
+{"WHAM", 2004},
+{"WHAT", 2005},
+{"WHEE", 2006},
+{"WHEN", 2007},
+{"WHET", 2008},
+{"WHO", 553},
+{"WHOA", 2009},
+{"WHOM", 2010},
+{"WHY", 554},
+{"WICK", 2011},
+{"WIFE", 2012},
+{"WILD", 2013},
+{"WILL", 2014},
+{"WIN", 555},
+{"WIND", 2015},
+{"WINE", 2016},
+{"WING", 2017},
+{"WINK", 2018},
+{"WINO", 2019},
+{"WIRE", 2020},
+{"WISE", 2021},
+{"WISH", 2022},
+{"WIT", 556},
+{"WITH", 2023},
+{"WOK", 557},
+{"WOLF", 2024},
+{"WON", 558},
+{"WONT", 2025},
+{"WOO", 559},
+{"WOOD", 2026},
+{"WOOL", 2027},
+{"WORD", 2028},
+{"WORE", 2029},
+{"WORK", 2030},
+{"WORM", 2031},
+{"WORN", 2032},
+{"WOVE", 2033},
+{"WOW", 560},
+{"WRIT", 2034},
+{"WRY", 561},
+{"WU", 562},
+{"WYNN", 2035},
+{"YALE", 2036},
+{"YAM", 563},
+{"YANG", 2037},
+{"YANK", 2038},
+{"YAP", 564},
+{"YARD", 2039},
+{"YARN", 2040},
+{"YAW", 565},
+{"YAWL", 2041},
+{"YAWN", 2042},
+{"YE", 566},
+{"YEA", 567},
+{"YEAH", 2043},
+{"YEAR", 2044},
+{"YELL", 2045},
+{"YES", 568},
+{"YET", 569},
+{"YOGA", 2046},
+{"YOKE", 2047},
+{"YOU", 570}
+};
diff --git a/crypto/heimdal/lib/otp/otp_print.c b/crypto/heimdal/lib/otp/otp_print.c
new file mode 100644
index 0000000..701a74c
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_print.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_print.c,v 1.14 1999/12/02 16:58:45 joda Exp $");
+#endif
+
+#include "otp_locl.h"
+
+extern const char *const std_dict[];
+
+unsigned
+otp_checksum (OtpKey key)
+{
+  int i;
+  unsigned sum = 0;
+
+  for (i = 0; i < OTPKEYSIZE; ++i)
+    sum += ((key[i] >> 0) & 0x03)
+      + ((key[i] >> 2) & 0x03) 
+      + ((key[i] >> 4) & 0x03)
+      + ((key[i] >> 6) & 0x03);
+  sum &= 0x03;
+  return sum;
+}
+
+void
+otp_print_stddict (OtpKey key, char *str, size_t sz)
+{
+  unsigned sum;
+
+  sum = otp_checksum (key);
+  snprintf (str, sz,
+	    "%s %s %s %s %s %s",
+	    std_dict[(key[0] << 3) | (key[1] >> 5)],
+	    std_dict[((key[1] & 0x1F) << 6) | (key[2] >> 2)],
+	    std_dict[((key[2] & 0x03) << 9) | (key[3] << 1) | (key[4] >> 7)],
+	    std_dict[((key[4] & 0x7F) << 4) | (key[5] >> 4)],
+	    std_dict[((key[5] & 0x0F) << 7) | (key[6] >> 1)],
+	    std_dict[((key[6] & 0x01) << 10) | (key[7] << 2) | sum]);
+}
+
+void
+otp_print_hex (OtpKey key, char *str, size_t sz)
+{
+  snprintf (str, sz,
+	    "%02x%02x%02x%02x%02x%02x%02x%02x",
+	    key[0], key[1], key[2], key[3], 
+	    key[4], key[5], key[6], key[7]);
+}
+
+void
+otp_print_hex_extended (OtpKey key, char *str, size_t sz)
+{
+  strlcpy (str, OTP_HEXPREFIX, sz);
+  otp_print_hex (key,
+		 str + strlen(OTP_HEXPREFIX),
+		 sz - strlen(OTP_HEXPREFIX));
+}
+
+void
+otp_print_stddict_extended (OtpKey key, char *str, size_t sz)
+{
+  strlcpy (str, OTP_WORDPREFIX, sz);
+  otp_print_stddict (key,
+		     str + strlen(OTP_WORDPREFIX),
+		     sz - strlen(OTP_WORDPREFIX));
+}
diff --git a/crypto/heimdal/lib/otp/otp_verify.c b/crypto/heimdal/lib/otp/otp_verify.c
new file mode 100644
index 0000000..5fec82e
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otp_verify.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otp_verify.c,v 1.7 2000/07/01 13:58:38 assar Exp $");
+#endif
+
+#include "otp_locl.h"
+
+int
+otp_verify_user_1 (OtpContext *ctx, const char *passwd)
+{
+  OtpKey key1, key2;
+
+  if (otp_parse (key1, passwd, ctx->alg)) {
+    ctx->err = "Syntax error in reply";
+    return -1;
+  }
+  memcpy (key2, key1, sizeof(key1));
+  ctx->alg->next (key2);
+  if (memcmp (ctx->key, key2, sizeof(key2)) == 0) {
+    --ctx->n;
+    memcpy (ctx->key, key1, sizeof(key1));
+    return 0;
+  } else
+    return -1;
+}
+
+int
+otp_verify_user (OtpContext *ctx, const char *passwd)
+{
+  void *dbm;
+  int ret;
+
+  if (!ctx->challengep)
+    return -1;
+  ret = otp_verify_user_1 (ctx, passwd);
+  dbm = otp_db_open ();
+  if (dbm == NULL) {
+    free(ctx->user);
+    return -1;
+  }
+  otp_put (dbm, ctx);
+  free(ctx->user);
+  otp_db_close (dbm);
+  return ret;
+}
diff --git a/crypto/heimdal/lib/otp/otptest.c b/crypto/heimdal/lib/otp/otptest.c
new file mode 100644
index 0000000..4eb342c
--- /dev/null
+++ b/crypto/heimdal/lib/otp/otptest.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+RCSID("$Id: otptest.c,v 1.6 1999/12/02 16:58:45 joda Exp $");
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <otp.h>
+
+static int
+test_one(OtpKey key1, char *name, char *val,
+	 void (*print)(OtpKey,char*, size_t),
+	 OtpAlgorithm *alg)
+{
+  char buf[256];
+  OtpKey key2;
+
+  (*print)(key1, buf, sizeof(buf));
+  printf ("%s: %s, ", name, buf);
+  if (strcmp (buf, val) != 0) {
+    printf ("failed(*%s* != *%s*)\n", buf, val);
+    return 1;
+  }
+  if (otp_parse (key2, buf, alg)) {
+    printf ("parse of %s failed\n", name);
+    return 1;
+  }
+  if (memcmp (key1, key2, OTPKEYSIZE) != 0) {
+    printf ("key1 != key2, ");
+  }
+  printf ("success\n");
+  return 0;
+}
+
+static int
+test (void)
+{
+  struct test {
+    char *alg;
+    char *passphrase;
+    char *seed;
+    int count;
+    char *hex;
+    char *word;
+  } tests[] = {
+
+    /* md4 */
+    {"md4", "This is a test.", "TeSt", 0, "d1854218ebbb0b51", "ROME MUG FRED SCAN LIVE LACE"},
+    {"md4", "This is a test.", "TeSt", 1, "63473ef01cd0b444", "CARD SAD MINI RYE COL KIN"},
+    {"md4", "This is a test.", "TeSt", 99, "c5e612776e6c237a", "NOTE OUT IBIS SINK NAVE MODE"},
+    {"md4", "AbCdEfGhIjK", "alpha1", 0, "50076f47eb1ade4e", "AWAY SEN ROOK SALT LICE MAP"},
+    {"md4", "AbCdEfGhIjK", "alpha1", 1, "65d20d1949b5f7ab", "CHEW GRIM WU HANG BUCK SAID"},
+    {"md4", "AbCdEfGhIjK", "alpha1", 99, "d150c82cce6f62d1", "ROIL FREE COG HUNK WAIT COCA"},
+    {"md4", "OTP's are good", "correct", 0, "849c79d4f6f55388", "FOOL STEM DONE TOOL BECK NILE"},
+    {"md4", "OTP's are good", "correct", 1, "8c0992fb250847b1", "GIST AMOS MOOT AIDS FOOD SEEM"},
+    {"md4", "OTP's are good", "correct",99, "3f3bf4b4145fd74b", "TAG SLOW NOV MIN WOOL KENO"},
+
+
+    /* md5 */
+    {"md5", "This is a test.", "TeSt", 0, "9e876134d90499dd", "INCH SEA ANNE LONG AHEM TOUR"},
+    {"md5", "This is a test.", "TeSt", 1, "7965e05436f5029f", "EASE OIL FUM CURE AWRY AVIS"},
+    {"md5", "This is a test.", "TeSt", 99, "50fe1962c4965880", "BAIL TUFT BITS GANG CHEF THY"},
+    {"md5", "AbCdEfGhIjK", "alpha1",  0, "87066dd9644bf206", "FULL PEW DOWN ONCE MORT ARC"},
+    {"md5", "AbCdEfGhIjK", "alpha1",   1, "7cd34c1040add14b", "FACT HOOF AT FIST SITE KENT"},
+    {"md5", "AbCdEfGhIjK", "alpha1",  99, "5aa37a81f212146c", "BODE HOP JAKE STOW JUT RAP"},
+    {"md5", "OTP's are good", "correct", 0,  "f205753943de4cf9", "ULAN NEW ARMY FUSE SUIT EYED"},
+    {"md5", "OTP's are good", "correct", 1, "ddcdac956f234937", "SKIM CULT LOB SLAM POE HOWL"},
+    {"md5", "OTP's are good", "correct",99, "b203e28fa525be47", "LONG IVY JULY AJAR BOND LEE"},
+
+    /* sha */
+    {"sha", "This is a test.", "TeSt", 0, "bb9e6ae1979d8ff4", "MILT VARY MAST OK SEES WENT"},
+    {"sha", "This is a test.", "TeSt", 1, "63d936639734385b", "CART OTTO HIVE ODE VAT NUT"},
+    {"sha", "This is a test.", "TeSt", 99, "87fec7768b73ccf9", "GAFF WAIT SKID GIG SKY EYED"},
+    {"sha", "AbCdEfGhIjK", "alpha1", 0, "ad85f658ebe383c9", "LEST OR HEEL SCOT ROB SUIT"},
+    {"sha", "AbCdEfGhIjK", "alpha1", 1, "d07ce229b5cf119b", "RITE TAKE GELD COST TUNE RECK"},
+    {"sha", "AbCdEfGhIjK", "alpha1", 99, "27bc71035aaf3dc6", "MAY STAR TIN LYON VEDA STAN"},
+    {"sha", "OTP's are good", "correct", 0, "d51f3e99bf8e6f0b", "RUST WELT KICK FELL TAIL FRAU"},
+    {"sha", "OTP's are good", "correct", 1, "82aeb52d943774e4", "FLIT DOSE ALSO MEW DRUM DEFY"},
+    {"sha", "OTP's are good", "correct", 99, "4f296a74fe1567ec", "AURA ALOE HURL WING BERG WAIT"},
+    {NULL}
+  };
+
+  struct test *t;
+  int sum = 0;
+
+  for(t = tests; t->alg; ++t) {
+    int i;
+    OtpAlgorithm *alg = otp_find_alg (t->alg);
+    OtpKey key;
+
+    if (alg == NULL) {
+      printf ("Could not find alg %s\n", t->alg);
+      return 1;
+    }
+    if(alg->init (key, t->passphrase, t->seed))
+      return 1;
+    for (i = 0; i < t->count; ++i) {
+      if (alg->next (key))
+	return 1;
+    }
+    sum += test_one (key, "hexadecimal", t->hex, otp_print_hex,
+		     alg) +
+      test_one (key, "standard_word", t->word, otp_print_stddict, alg);
+  }
+  return sum;
+}
+
+int
+main (void)
+{
+  return test ();
+}
diff --git a/crypto/heimdal/lib/otp/roken_rename.h b/crypto/heimdal/lib/otp/roken_rename.h
new file mode 100644
index 0000000..202b9a6
--- /dev/null
+++ b/crypto/heimdal/lib/otp/roken_rename.h
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/* $Id: roken_rename.h,v 1.2 1999/12/02 16:58:45 joda Exp $ */
+
+#ifndef __roken_rename_h__
+#define __roken_rename_h__
+
+#ifndef HAVE_SNPRINTF
+#define snprintf _otp_snprintf
+#endif
+#ifndef HAVE_ASPRINTF
+#define asprintf _otp_asprintf
+#endif
+#ifndef HAVE_ASNPRINTF
+#define asnprintf _otp_asnprintf
+#endif
+#ifndef HAVE_VASPRINTF
+#define vasprintf _otp_vasprintf
+#endif
+#ifndef HAVE_VASNPRINTF
+#define vasnprintf _otp_vasnprintf
+#endif
+#ifndef HAVE_VSNPRINTF
+#define vsnprintf _otp_vsnprintf
+#endif
+#ifndef HAVE_STRCASECMP
+#define strcasecmp _otp_strcasecmp
+#endif
+#ifndef HAVE_STRNCASECMP
+#define strncasecmp _otp_strncasecmp
+#endif
+#ifndef HAVE_STRLWR
+#define strlwr _otp_strlwr
+#endif
+
+#endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog
index 2e3ee9d..cbc7393 100644
--- a/crypto/heimdal/lib/roken/ChangeLog
+++ b/crypto/heimdal/lib/roken/ChangeLog
@@ -1,3 +1,77 @@
+2001-05-17  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump version to 12:0:3
+	* roken.h.in: re-add set_progname and get_progname for backwards
+	compatability
+	* warnerr.c: re-add set_progname and get_progname for backwards
+	compatability
+
+2001-05-12  Assar Westerlund  <assar@sics.se>
+
+	* glob.c: add limits.h, from <shadow@dementia.org>
+
+2001-05-11  Johan Danielsson  <joda@pdc.kth.se>
+
+	* Makefile.am: bswap.c
+	
+	* bswap.c: bswap{16,32}
+	
+2001-05-08  Assar Westerlund  <assar@sics.se>
+
+	* freeaddrinfo.c (freeaddrinfo): also free every `struct
+	addrinfo'.  from <tmartin@mirapoint.com>
+
+2001-04-25  Assar Westerlund  <assar@sics.se>
+
+	* getarg.h (free_getarg_strings): add prototype
+	* getarg.c (free_getarg_strings): add function
+
+2001-04-21  Johan Danielsson  <joda@pdc.kth.se>
+
+	* getarg.c: pack short flag options togther, to shorten the usage
+	string
+
+2001-04-17  Johan Danielsson  <joda@pdc.kth.se>
+
+	* getifaddrs.c (getifaddrs2): close socket when done
+
+2001-03-26  Johan Danielsson  <joda@pdc.kth.se>
+
+	* roken.awk: END has to be last with Sun's awk
+
+2001-03-26  Assar Westerlund  <assar@sics.se>
+
+	* parse_units.c (parse_something): do not check the return value
+	from strtod, it might return != 0.0 when the string has no digits.
+	just testing if it consumed any characters is enough and more
+	resilient
+	* glob.c: add GLOB_LIMIT (from NetBSD)
+
+2001-02-20  Assar Westerlund  <assar@sics.se>
+
+	* warnerr.c (warnerr): do not use __progname
+	* roken.h.in (setprogname, getprogname): add prototypes
+	* warnerr.c (setprogname, getprogname): rename to. change all
+	callers
+	
+2001-02-12  Assar Westerlund  <assar@sics.se>
+
+	* getnameinfo_verified.c (getnameinfo_verified): do the first
+	getnameinfo with NI_NUMERICSERV to avoid the error that bind 8.2.3
+	reports on not finding the service
+	(ENI_NOSERVNAME).  reported by Ake Sandgren <ake@cs.umu.se>
+
+2001-02-09  Assar Westerlund  <assar@sics.se>
+
+	* getnameinfo.c (doit): call inet_ntop with correct af, noted by
+	Ake Sandgren <ake@cs.umu.se>
+
+2001-02-08  Assar Westerlund  <assar@sics.se>
+
+	* getnameinfo_verified.c (getnameinfo_verified): always capture
+	the service from getnameinfo so it can be sent back to getaddrinfo
+	and set socktype to avoid getaddrinfo not returning any addresses
+
 2001-01-30  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am (libroken_la_LDFLAGS): bump version to 11:1:2
diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am
index 23f2d59..ce874b0 100644
--- a/crypto/heimdal/lib/roken/Makefile.am
+++ b/crypto/heimdal/lib/roken/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $
+# $Id: Makefile.am,v 1.96 2001/05/16 23:57:10 assar Exp $
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
 
@@ -10,7 +10,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
 CLEANFILES = roken.h make-roken.c $(XHEADERS)
 
 lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 11:1:2
+libroken_la_LDFLAGS = -version-info 12:0:3
 
 noinst_PROGRAMS = make-roken
 
@@ -34,6 +34,7 @@ parse_bytes_test_LDADD = $(common_LDADD)
 
 libroken_la_SOURCES =		\
 	base64.c		\
+	bswap.c			\
 	concat.c		\
 	emalloc.c		\
 	environment.c		\
diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in
index c779d46..b72df46 100644
--- a/crypto/heimdal/lib/roken/Makefile.in
+++ b/crypto/heimdal/lib/roken/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,7 +114,7 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $
+# $Id: Makefile.am,v 1.96 2001/05/16 23:57:10 assar Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -125,7 +126,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
 CLEANFILES = roken.h make-roken.c $(XHEADERS)
 
 lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 11:1:2
+libroken_la_LDFLAGS = -version-info 12:0:3
 
 noinst_PROGRAMS = make-roken
 
@@ -148,6 +149,7 @@ parse_bytes_test_LDADD = $(common_LDADD)
 
 libroken_la_SOURCES = \
 	base64.c		\
+	bswap.c			\
 	concat.c		\
 	emalloc.c		\
 	environment.c		\
@@ -314,8 +316,8 @@ X_LIBS = @X_LIBS@
 X_EXTRA_LIBS = @X_EXTRA_LIBS@
 X_PRE_LIBS = @X_PRE_LIBS@
 libroken_la_DEPENDENCIES =  @LTLIBOBJS@
-am_libroken_la_OBJECTS =  base64.lo concat.lo emalloc.lo environment.lo \
-eread.lo erealloc.lo esetenv.lo estrdup.lo ewrite.lo \
+am_libroken_la_OBJECTS =  base64.lo bswap.lo concat.lo emalloc.lo \
+environment.lo eread.lo erealloc.lo esetenv.lo estrdup.lo ewrite.lo \
 getaddrinfo_hostspec.lo get_default_username.lo get_window_size.lo \
 getarg.lo getnameinfo_verified.lo issuid.lo k_getpwnam.lo k_getpwuid.lo \
 mini_inetd.lo net_read.lo net_write.lo parse_bytes.lo parse_time.lo \
@@ -358,7 +360,7 @@ HEADERS =  $(include_HEADERS) $(nodist_include_HEADERS)
 
 depcomp = 
 DIST_COMMON =  $(include_HEADERS) ChangeLog Makefile.am Makefile.in \
-acinclude.m4 getcap.c getcwd.c getnameinfo.c glob.c install-sh \
+acinclude.m4 getcap.c getnameinfo.c glob.c install-sh \
 make-print-version.c missing mkinstalldirs
 
 
@@ -370,7 +372,7 @@ OBJECTS = $(am_libroken_la_OBJECTS) getaddrinfo-test.$(OBJEXT) $(nodist_make_rok
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .c .h .hin .lo .o .obj
+.SUFFIXES: .hin .c .h .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) 
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/roken/Makefile
 
@@ -529,6 +531,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -616,6 +623,9 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+all-recursive-am: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
 install-exec-am: install-libLTLIBRARIES
 install-exec: install-exec-am
 
@@ -693,9 +703,9 @@ maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
 install-includeHEADERS uninstall-nodist_includeHEADERS \
 install-nodist_includeHEADERS tags mostlyclean-tags distclean-tags \
 clean-tags maintainer-clean-tags check-TESTS distdir info-am info \
-dvi-am dvi check check-am installcheck-am installcheck install-exec-am \
-install-exec install-data-am install-data install-am install \
-uninstall-am uninstall all-redirect all-am all install-strip \
+dvi-am dvi check check-am installcheck-am installcheck all-recursive-am \
+install-exec-am install-exec install-data-am install-data install-am \
+install uninstall-am uninstall all-redirect all-am all install-strip \
 installdirs mostlyclean-generic distclean-generic clean-generic \
 maintainer-clean-generic clean mostlyclean distclean maintainer-clean
 
diff --git a/crypto/heimdal/lib/roken/bswap.c b/crypto/heimdal/lib/roken/bswap.c
new file mode 100644
index 0000000..c57dc6f
--- /dev/null
+++ b/crypto/heimdal/lib/roken/bswap.c
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include "roken.h"
+
+RCSID("$Id: bswap.c,v 1.3 2001/05/18 15:32:11 joda Exp $");
+
+#ifndef HAVE_BSWAP32
+
+unsigned int
+bswap32 (unsigned int val)
+{
+    return (val & 0xff) << 24 |
+	(val & 0xff00) << 8 |
+	(val & 0xff0000) >> 8 |
+	(val & 0xff000000) >> 24;
+}
+#endif
+
+#ifndef HAVE_BSWAP16
+
+unsigned short
+bswap16 (unsigned short val)
+{
+    return (val & 0xff) << 8 |
+	(val & 0xff00) >> 8;
+}
+#endif
diff --git a/crypto/heimdal/lib/roken/freeaddrinfo.c b/crypto/heimdal/lib/roken/freeaddrinfo.c
index f963d15..56124e5 100644
--- a/crypto/heimdal/lib/roken/freeaddrinfo.c
+++ b/crypto/heimdal/lib/roken/freeaddrinfo.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: freeaddrinfo.c,v 1.2 1999/12/03 04:10:06 assar Exp $");
+RCSID("$Id: freeaddrinfo.c,v 1.4 2001/05/11 09:10:32 joda Exp $");
 #endif
 
 #include "roken.h"
@@ -45,8 +45,13 @@ RCSID("$Id: freeaddrinfo.c,v 1.2 1999/12/03 04:10:06 assar Exp $");
 void
 freeaddrinfo(struct addrinfo *ai)
 {
-    for (; ai != NULL; ai = ai->ai_next) {
+    struct addrinfo *tofree;
+
+    while(ai != NULL) {
 	free (ai->ai_canonname);
 	free (ai->ai_addr);
+	tofree = ai;
+	ai = ai->ai_next;
+	free (tofree);
     }
 }
diff --git a/crypto/heimdal/lib/roken/getaddrinfo-test.c b/crypto/heimdal/lib/roken/getaddrinfo-test.c
index 0e3afc5..4274081 100644
--- a/crypto/heimdal/lib/roken/getaddrinfo-test.c
+++ b/crypto/heimdal/lib/roken/getaddrinfo-test.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getaddrinfo-test.c,v 1.3 2000/07/08 14:22:09 assar Exp $");
+RCSID("$Id: getaddrinfo-test.c,v 1.4 2001/02/20 01:44:54 assar Exp $");
 #endif
 
 #include "roken.h"
@@ -112,7 +112,7 @@ main(int argc, char **argv)
     int optind = 0;
     int i;
 
-    set_progname (argv[0]);
+    setprogname (argv[0]);
 
     if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv,
 		&optind))
@@ -122,7 +122,7 @@ main(int argc, char **argv)
 	usage (0);
 
     if (version_flag) {
-	fprintf (stderr, "%s from %s-%s)\n", __progname, PACKAGE, VERSION);
+	fprintf (stderr, "%s from %s-%s)\n", getprogname(), PACKAGE, VERSION);
 	return 0;
     }
 
diff --git a/crypto/heimdal/lib/roken/getarg.c b/crypto/heimdal/lib/roken/getarg.c
index 342388e..dc2df50 100644
--- a/crypto/heimdal/lib/roken/getarg.c
+++ b/crypto/heimdal/lib/roken/getarg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getarg.c,v 1.37 2000/12/25 17:03:15 assar Exp $");
+RCSID("$Id: getarg.c,v 1.40 2001/04/25 12:06:10 assar Exp $");
 #endif
 
 #include <stdio.h>
@@ -211,7 +211,7 @@ arg_printusage (struct getargs *args,
     struct winsize ws;
 
     if (progname == NULL)
-	progname = __progname;
+	progname = getprogname();
 
     if(getenv("GETARGMANDOC")){
 	mandoc_template(args, num_args, progname, extra_string);
@@ -223,6 +223,23 @@ arg_printusage (struct getargs *args,
 	columns = 80;
     col = 0;
     col += fprintf (stderr, "Usage: %s", progname);
+    buf[0] = '\0';
+    for (i = 0; i < num_args; ++i) {
+	if(args[i].short_name && ISFLAG(args[i])) {
+	    char s[2];
+	    if(buf[0] == '\0')
+		strlcpy(buf, "[-", sizeof(buf));
+	    s[0] = args[i].short_name;
+	    s[1] = '\0';
+	    strlcat(buf, s, sizeof(buf));
+	}
+    }
+    if(buf[0] != '\0') {
+	strlcat(buf, "]", sizeof(buf));
+	col = check_column(stderr, col, strlen(buf) + 1, columns);
+	col += fprintf(stderr, " %s", buf);
+    }
+
     for (i = 0; i < num_args; ++i) {
 	size_t len = 0;
 
@@ -244,7 +261,7 @@ arg_printusage (struct getargs *args,
 	    col = check_column(stderr, col, strlen(buf) + 1, columns);
 	    col += fprintf(stderr, " %s", buf);
 	}
-	if (args[i].short_name) {
+	if (args[i].short_name && !ISFLAG(args[i])) {
 	    snprintf(buf, sizeof(buf), "[-%c", args[i].short_name);
 	    len += 2;
 	    len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), 
@@ -528,6 +545,12 @@ getarg(struct getargs *args, size_t num_args,
     return ret;
 }
 
+void
+free_getarg_strings (getarg_strings *s)
+{
+    free (s->strings);
+}
+
 #if TEST
 int foo_flag = 2;
 int flag1 = 0;
diff --git a/crypto/heimdal/lib/roken/getarg.h b/crypto/heimdal/lib/roken/getarg.h
index 7fd374b..3892eb4 100644
--- a/crypto/heimdal/lib/roken/getarg.h
+++ b/crypto/heimdal/lib/roken/getarg.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: getarg.h,v 1.10 1999/12/02 16:58:46 joda Exp $ */
+/* $Id: getarg.h,v 1.11 2001/04/25 12:06:37 assar Exp $ */
 
 #ifndef __GETARG_H__
 #define __GETARG_H__
@@ -86,4 +86,6 @@ void arg_printusage (struct getargs *args,
 		     const char *progname,
 		     const char *extra_string);
 
+void free_getarg_strings (getarg_strings *);
+
 #endif /* __GETARG_H__ */
diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c
index e8e3e54..04935ed 100644
--- a/crypto/heimdal/lib/roken/getifaddrs.c
+++ b/crypto/heimdal/lib/roken/getifaddrs.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getifaddrs.c,v 1.4 2001/01/28 23:02:46 assar Exp $");
+RCSID("$Id: getifaddrs.c,v 1.5 2001/04/17 08:27:47 joda Exp $");
 #endif
 #include "roken.h"
 
@@ -170,9 +170,11 @@ getifaddrs2(struct ifaddrs **ifap,
 	
     }
     *ifap = start;
+    close(fd);
     free(buf);
     return 0;
   error_out:
+    close(fd);
     free(buf);
     errno = ret;
     return -1;
diff --git a/crypto/heimdal/lib/roken/getnameinfo.c b/crypto/heimdal/lib/roken/getnameinfo.c
index 7e2d232..0f0cbd1 100644
--- a/crypto/heimdal/lib/roken/getnameinfo.c
+++ b/crypto/heimdal/lib/roken/getnameinfo.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getnameinfo.c,v 1.2 1999/12/03 04:10:07 assar Exp $");
+RCSID("$Id: getnameinfo.c,v 1.3 2001/02/09 14:45:30 assar Exp $");
 #endif
 
 #include "roken.h"
@@ -64,7 +64,7 @@ doit (int af,
 		}
 	    } else if (flags & NI_NAMEREQD) {
 		return EAI_NONAME;
-	    } else if (inet_ntop (AF_INET, addr, host, hostlen) == NULL)
+	    } else if (inet_ntop (af, addr, host, hostlen) == NULL)
 		return EAI_SYSTEM;
 	}
     }
diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c
index 30384ed..de3c8bf 100644
--- a/crypto/heimdal/lib/roken/getnameinfo_verified.c
+++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getnameinfo_verified.c,v 1.3 2000/06/28 01:21:53 assar Exp $");
+RCSID("$Id: getnameinfo_verified.c,v 1.5 2001/02/12 13:55:07 assar Exp $");
 #endif
 
 #include "roken.h"
@@ -46,14 +46,25 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
 {
     int ret;
     struct addrinfo *ai, *a;
+    char servbuf[NI_MAXSERV];
+    struct addrinfo hints;
 
     if (host == NULL)
 	return EAI_NONAME;
 
-    ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, flags);
+    if (serv == NULL) {
+	serv = servbuf;
+	servlen = sizeof(servbuf);
+    }
+
+    ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
+		       flags | NI_NUMERICSERV);
     if (ret)
 	return ret;
-    ret = getaddrinfo (host, serv, NULL, &ai);
+
+    memset (&hints, 0, sizeof(hints));
+    hints.ai_socktype = SOCK_STREAM;
+    ret = getaddrinfo (host, serv, &hints, &ai);
     if (ret)
 	return ret;
     for (a = ai; a != NULL; a = a->ai_next) {
diff --git a/crypto/heimdal/lib/roken/glob.c b/crypto/heimdal/lib/roken/glob.c
index 66e8ec6..e4bc0dc 100644
--- a/crypto/heimdal/lib/roken/glob.c
+++ b/crypto/heimdal/lib/roken/glob.c
@@ -87,6 +87,9 @@
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
 
 #include "glob.h"
 #include "roken.h"
@@ -145,16 +148,16 @@ static int	 compare (const void *, const void *);
 static void	 g_Ctoc (const Char *, char *);
 static int	 g_lstat (Char *, struct stat *, glob_t *);
 static DIR	*g_opendir (Char *, glob_t *);
-static Char	*g_strchr (Char *, int);
+static Char	*g_strchr (const Char *, int);
 #ifdef notdef
 static Char	*g_strcat (Char *, const Char *);
 #endif
 static int	 g_stat (Char *, struct stat *, glob_t *);
 static int	 glob0 (const Char *, glob_t *);
-static int	 glob1 (Char *, glob_t *);
-static int	 glob2 (Char *, Char *, Char *, glob_t *);
-static int	 glob3 (Char *, Char *, Char *, Char *, glob_t *);
-static int	 globextend (const Char *, glob_t *);
+static int	 glob1 (Char *, glob_t *, size_t *);
+static int	 glob2 (Char *, Char *, Char *, glob_t *, size_t *);
+static int	 glob3 (Char *, Char *, Char *, Char *, glob_t *, size_t *);
+static int	 globextend (const Char *, glob_t *, size_t *);
 static const Char *	 globtilde (const Char *, Char *, glob_t *);
 static int	 globexp1 (const Char *, glob_t *);
 static int	 globexp2 (const Char *, const Char *, glob_t *, int *);
@@ -173,7 +176,7 @@ glob(const char *pattern,
 	int c;
 	Char *bufnext, *bufend, patbuf[MaxPathLen+1];
 
-	patnext = (u_char *) pattern;
+	patnext = (const u_char *) pattern;
 	if (!(flags & GLOB_APPEND)) {
 		pglob->gl_pathc = 0;
 		pglob->gl_pathv = NULL;
@@ -224,7 +227,7 @@ static int globexp1(const Char *pattern, glob_t *pglob)
 	if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS)
 		return glob0(pattern, pglob);
 
-	while ((ptr = (const Char *) g_strchr((Char *) ptr, CHAR_LBRACE)) != NULL)
+	while ((ptr = (const Char *) g_strchr(ptr, CHAR_LBRACE)) != NULL)
 		if (!globexp2(ptr, pattern, pglob, &rv))
 			return rv;
 
@@ -405,6 +408,7 @@ glob0(const Char *pattern, glob_t *pglob)
 	const Char *qpatnext;
 	int c, err, oldpathc;
 	Char *bufnext, patbuf[MaxPathLen+1];
+	size_t limit = 0;
 
 	qpatnext = globtilde(pattern, patbuf, pglob);
 	oldpathc = pglob->gl_pathc;
@@ -418,7 +422,7 @@ glob0(const Char *pattern, glob_t *pglob)
 			if (c == CHAR_NOT)
 				++qpatnext;
 			if (*qpatnext == CHAR_EOS ||
-			    g_strchr((Char *) qpatnext+1, CHAR_RBRACKET) == NULL) {
+			    g_strchr(qpatnext+1, CHAR_RBRACKET) == NULL) {
 				*bufnext++ = CHAR_LBRACKET;
 				if (c == CHAR_NOT)
 					--qpatnext;
@@ -462,7 +466,7 @@ glob0(const Char *pattern, glob_t *pglob)
 	qprintf("glob0:", patbuf);
 #endif
 
-	if ((err = glob1(patbuf, pglob)) != 0)
+	if ((err = glob1(patbuf, pglob, &limit)) != 0)
 		return(err);
 
 	/*
@@ -475,7 +479,7 @@ glob0(const Char *pattern, glob_t *pglob)
 	    ((pglob->gl_flags & GLOB_NOCHECK) || 
 	      ((pglob->gl_flags & GLOB_NOMAGIC) &&
 	       !(pglob->gl_flags & GLOB_MAGCHAR))))
-		return(globextend(pattern, pglob));
+		return(globextend(pattern, pglob, &limit));
 	else if (!(pglob->gl_flags & GLOB_NOSORT)) 
 		qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
 		    pglob->gl_pathc - oldpathc, sizeof(char *), compare);
@@ -489,14 +493,14 @@ compare(const void *p, const void *q)
 }
 
 static int
-glob1(Char *pattern, glob_t *pglob)
+glob1(Char *pattern, glob_t *pglob, size_t *limit)
 {
 	Char pathbuf[MaxPathLen+1];
 
 	/* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */
 	if (*pattern == CHAR_EOS)
 		return(0);
-	return(glob2(pathbuf, pathbuf, pattern, pglob));
+	return(glob2(pathbuf, pathbuf, pattern, pglob, limit));
 }
 
 /*
@@ -514,7 +518,8 @@ glob1(Char *pattern, glob_t *pglob)
 #endif
 
 static int
-glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob)
+glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob,
+      size_t *limit)
 {
 	struct stat sb;
 	Char *p, *q;
@@ -539,7 +544,7 @@ glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob)
 				*pathend = CHAR_EOS;
 			}
 			++pglob->gl_matchc;
-			return(globextend(pathbuf, pglob));
+			return(globextend(pathbuf, pglob, limit));
 		}
 
 		/* Find end of next segment, copy tentatively to pathend. */
@@ -557,14 +562,15 @@ glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob)
 			while (*pattern == CHAR_SEP)
 				*pathend++ = *pattern++;
 		} else			/* Need expansion, recurse. */
-			return(glob3(pathbuf, pathend, pattern, p, pglob));
+			return(glob3(pathbuf, pathend, pattern, p, pglob,
+			    limit));
 	}
-	/* CHAR_NOTREACHED */
+	/* NOTREACHED */
 }
 
 static int
 glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, 
-      glob_t *pglob)
+      glob_t *pglob, size_t *limit)
 {
 	struct dirent *dp;
 	DIR *dirp;
@@ -614,7 +620,7 @@ glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern,
 			*pathend = CHAR_EOS;
 			continue;
 		}
-		err = glob2(pathbuf, --dc, restpattern, pglob);
+		err = glob2(pathbuf, --dc, restpattern, pglob, limit);
 		if (err)
 			break;
 	}
@@ -642,11 +648,11 @@ glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern,
  *	gl_pathv points to (gl_offs + gl_pathc + 1) items.
  */
 static int
-globextend(const Char *path, glob_t *pglob)
+globextend(const Char *path, glob_t *pglob, size_t *limit)
 {
 	char **pathv;
 	int i;
-	u_int newsize;
+	size_t newsize, len;
 	char *copy;
 	const Char *p;
 
@@ -667,11 +673,19 @@ globextend(const Char *path, glob_t *pglob)
 
 	for (p = path; *p++;)
 		continue;
-	if ((copy = malloc(p - path)) != NULL) {
+	len = (size_t)(p - path);
+	*limit += len;
+	if ((copy = malloc(len)) != NULL) {
 		g_Ctoc(path, copy);
 		pathv[pglob->gl_offs + pglob->gl_pathc++] = copy;
 	}
 	pathv[pglob->gl_offs + pglob->gl_pathc] = NULL;
+
+	if ((pglob->gl_flags & GLOB_LIMIT) && (newsize + *limit) >= ARG_MAX) {
+		errno = 0;
+		return(GLOB_NOSPACE);
+	}
+
 	return(copy == NULL ? GLOB_NOSPACE : 0);
 }
 
@@ -739,6 +753,7 @@ globfree(glob_t *pglob)
 			if (*pp)
 				free(*pp);
 		free(pglob->gl_pathv);
+		pglob->gl_pathv = NULL;
 	}
 }
 
@@ -781,11 +796,11 @@ g_stat(Char *fn, struct stat *sb, glob_t *pglob)
 }
 
 static Char *
-g_strchr(Char *str, int ch)
+g_strchr(const Char *str, int ch)
 {
 	do {
 		if (*str == ch)
-			return (str);
+			return (Char *)str;
 	} while (*str++);
 	return (NULL);
 }
diff --git a/crypto/heimdal/lib/roken/glob.hin b/crypto/heimdal/lib/roken/glob.hin
index bece48a..98d8796 100644
--- a/crypto/heimdal/lib/roken/glob.hin
+++ b/crypto/heimdal/lib/roken/glob.hin
@@ -74,6 +74,7 @@ typedef struct {
 #define	GLOB_NOMAGIC	0x0200	/* GLOB_NOCHECK without magic chars (csh). */
 #define	GLOB_QUOTE	0x0400	/* Quote special chars with \. */
 #define	GLOB_TILDE	0x0800	/* Expand tilde names from the passwd file. */
+#define GLOB_LIMIT	0x1000	/* Limit memory used by matches to ARG_MAX */
 
 #define	GLOB_NOSPACE	(-1)	/* Malloc call failed. */
 #define	GLOB_ABEND	(-2)	/* Unignored error. */
diff --git a/crypto/heimdal/lib/roken/inet_ntop.c b/crypto/heimdal/lib/roken/inet_ntop.c
index 382b351..63c99a5 100644
--- a/crypto/heimdal/lib/roken/inet_ntop.c
+++ b/crypto/heimdal/lib/roken/inet_ntop.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: inet_ntop.c,v 1.4 2000/07/27 16:24:00 assar Exp $");
+RCSID("$Id: inet_ntop.c,v 1.5 2001/04/04 23:58:01 assar Exp $");
 #endif
 
 #include <roken.h>
@@ -92,7 +92,7 @@ inet_ntop_v6 (const void *src, char *dst, size_t size)
 	return NULL;
     }
     for (i = 0; i < 8; ++i) {
-	int non_zerop = 1;
+	int non_zerop = 0;
 
 	if (non_zerop || (ptr[0] >> 4)) {
 	    *dst++ = xdigits[ptr[0] >> 4];
@@ -106,10 +106,7 @@ inet_ntop_v6 (const void *src, char *dst, size_t size)
 	    *dst++ = xdigits[ptr[1] >> 4];
 	    non_zerop = 1;
 	}
-	if (non_zerop || (ptr[1] & 0x0F)) {
-	    *dst++ = xdigits[ptr[1] & 0x0F];
-	    non_zerop = 1;
-	}
+	*dst++ = xdigits[ptr[1] & 0x0F];
 	if (i != 7)
 	    *dst++ = ':';
 	ptr += 2;
diff --git a/crypto/heimdal/lib/roken/parse_units.c b/crypto/heimdal/lib/roken/parse_units.c
index 34c5030..2b32ad6 100644
--- a/crypto/heimdal/lib/roken/parse_units.c
+++ b/crypto/heimdal/lib/roken/parse_units.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: parse_units.c,v 1.12 1999/12/02 16:58:51 joda Exp $");
+RCSID("$Id: parse_units.c,v 1.13 2001/03/26 00:47:06 assar Exp $");
 #endif
 
 #include <stdio.h>
@@ -84,7 +84,8 @@ parse_something (const char *s, const struct units *units,
 	    ++p;
 
 	val = strtod (p, &next); /* strtol(p, &next, 0); */
-	if (val == 0 && p == next) {
+	if (p == next) {
+	    val = 0;
 	    if(!accept_no_val_p)
 		return -1;
 	    no_val_p = 1;
diff --git a/crypto/heimdal/lib/roken/print_version.c b/crypto/heimdal/lib/roken/print_version.c
index 8b505fa..b5ce816 100644
--- a/crypto/heimdal/lib/roken/print_version.c
+++ b/crypto/heimdal/lib/roken/print_version.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: print_version.c,v 1.7 2001/01/30 03:05:29 assar Exp $");
+RCSID("$Id: print_version.c,v 1.8 2001/02/20 01:44:55 assar Exp $");
 #endif
 #include "roken.h"
 
@@ -49,7 +49,7 @@ print_version(const char *progname)
     int i;
     
     if(progname == NULL)
-	progname = __progname;
+	progname = getprogname();
     
     if(num_args == 0)
 	msg = "no version information";
diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk
index c1676f7..057b4fd 100644
--- a/crypto/heimdal/lib/roken/roken.awk
+++ b/crypto/heimdal/lib/roken/roken.awk
@@ -1,4 +1,4 @@
-# $Id: roken.awk,v 1.6 2000/08/16 01:56:30 assar Exp $
+# $Id: roken.awk,v 1.7 2001/03/26 09:26:35 joda Exp $
 
 BEGIN {
 	print "#include <stdio.h>"
@@ -14,13 +14,6 @@ BEGIN {
 	print "puts(\"#define __ROKEN_H__\");"
 	print "puts(\"\");"
 }
-END {
-	print "puts(\"#define ROKEN_VERSION \" VERSION );"
-	print "puts(\"\");"
-	print "puts(\"#endif /* __ROKEN_H__ */\");"
-	print "return 0;"
-	print "}"
-}
 
 $1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "\#elif" || $1 == "\#endif" || $1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#elif" || $1 == "#endif" {
 	print $0;
@@ -37,3 +30,11 @@ $1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "
 	}
 	print "puts(\"" s "\");"
 }
+
+END {
+	print "puts(\"#define ROKEN_VERSION \" VERSION );"
+	print "puts(\"\");"
+	print "puts(\"#endif /* __ROKEN_H__ */\");"
+	print "return 0;"
+	print "}"
+}
diff --git a/crypto/heimdal/lib/roken/roken.h.in b/crypto/heimdal/lib/roken/roken.h.in
index b16ae5d..538a530 100644
--- a/crypto/heimdal/lib/roken/roken.h.in
+++ b/crypto/heimdal/lib/roken/roken.h.in
@@ -32,7 +32,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: roken.h.in,v 1.148 2001/01/27 05:28:09 assar Exp $ */
+/* $Id: roken.h.in,v 1.157 2001/05/18 18:00:12 assar Exp $ */
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -47,9 +47,21 @@ struct sockaddr_dl;
 #ifdef HAVE_SYS_PARAM_H
 #include <sys/param.h>
 #endif
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
+#ifdef HAVE_SYS_BITYPES_H
+#include <sys/bitypes.h>
+#endif
+#ifdef HAVE_BIND_BITYPES_H
+#include <bind/bitypes.h>
+#endif
+#ifdef HAVE_NETINET_IN6_MACHTYPES_H
+#include <netinet/in6_machtypes.h>
+#endif
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -352,6 +364,14 @@ mkstemp(char *template);
 void pidfile (const char*);
 #endif
 
+#ifndef HAVE_BSWAP32
+unsigned int bswap32(unsigned int);
+#endif
+
+#ifndef HAVE_BSWAP16
+unsigned short bswap16(unsigned short);
+#endif
+
 #ifndef HAVE_FLOCK
 #ifndef LOCK_SH
 #define LOCK_SH   1		/* Shared lock */
@@ -587,6 +607,14 @@ struct hostent* roken_gethostbyaddr(const void*, size_t, int);
 #define roken_getsockname(a,b,c) getsockname(a, b, (void*)c)
 #endif
 
+#ifndef HAVE_SETPROGNAME
+void setprogname(const char *argv0);
+#endif
+
+#ifndef HAVE_GETPROGNAME
+const char *getprogname(void);
+#endif
+
 void set_progname(char *argv0);
 const char *get_progname(void);
 
diff --git a/crypto/heimdal/lib/roken/warnerr.c b/crypto/heimdal/lib/roken/warnerr.c
index f57c90e..0ebae25 100644
--- a/crypto/heimdal/lib/roken/warnerr.c
+++ b/crypto/heimdal/lib/roken/warnerr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan 
  * (Royal Institute of Technology, Stockholm, Sweden).  
  * All rights reserved.
  * 
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: warnerr.c,v 1.9 2000/07/25 09:54:05 joda Exp $");
+RCSID("$Id: warnerr.c,v 1.13 2001/05/16 23:54:19 assar Exp $");
 #endif
 
 #include "roken.h"
@@ -43,14 +43,17 @@ RCSID("$Id: warnerr.c,v 1.9 2000/07/25 09:54:05 joda Exp $");
 const char *__progname;
 #endif
 
+#ifndef HAVE_GETPROGNAME
 const char *
-get_progname(void)
+getprogname(void)
 {
     return __progname;
 }
+#endif
 
+#ifndef HAVE_SETPROGNAME
 void
-set_progname(char *argv0)
+setprogname(const char *argv0)
 {
 #ifndef HAVE___PROGNAME
     char *p;
@@ -64,13 +67,28 @@ set_progname(char *argv0)
     __progname = p;
 #endif
 }
+#endif /* HAVE_SETPROGNAME */
+
+void
+set_progname(char *argv0)
+{
+    setprogname ((const char *)argv0);
+}
+
+const char *
+get_progname (void)
+{
+    return getprogname ();
+}
 
 void
 warnerr(int doerrno, const char *fmt, va_list ap)
 {
     int sverrno = errno;
-    if(__progname != NULL){
-	fprintf(stderr, "%s", __progname);
+    const char *progname = getprogname();
+
+    if(progname != NULL){
+	fprintf(stderr, "%s", progname);
 	if(fmt != NULL || doerrno)
 	    fprintf(stderr, ": ");
     }
diff --git a/crypto/heimdal/lib/roken/write_pid.c b/crypto/heimdal/lib/roken/write_pid.c
index 7d4fa24..ce02506 100644
--- a/crypto/heimdal/lib/roken/write_pid.c
+++ b/crypto/heimdal/lib/roken/write_pid.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: write_pid.c,v 1.4 2000/08/04 11:19:41 joda Exp $");
+RCSID("$Id: write_pid.c,v 1.5 2001/02/20 01:44:55 assar Exp $");
 #endif
 
 #include <stdio.h>
@@ -88,7 +88,7 @@ pidfile(const char *basename)
     if(pidfile_path != NULL)
 	return;
     if(basename == NULL)
-	basename = __progname;
+	basename = getprogname();
     pidfile_path = pid_file_write(basename);
     atexit(pidfile_cleanup);
 }
diff --git a/crypto/heimdal/lib/sl/ChangeLog b/crypto/heimdal/lib/sl/ChangeLog
index 1893e1c..249ac09 100644
--- a/crypto/heimdal/lib/sl/ChangeLog
+++ b/crypto/heimdal/lib/sl/ChangeLog
@@ -1,3 +1,19 @@
+2001-05-17  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump versions to 1:2:1 and 1:4:1
+
+2001-05-06  Assar Westerlund  <assar@sics.se>
+
+	* roken_rename.h (strdup): add
+
+2001-03-06  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: re do the roken-renaming properly
+
+2001-02-13  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: add more functions to rename
+
 2001-01-26  Johan Danielsson  <joda@pdc.kth.se>
 
 	* sl.h: proto
diff --git a/crypto/heimdal/lib/sl/Makefile.am b/crypto/heimdal/lib/sl/Makefile.am
index df01306..07faf4e 100644
--- a/crypto/heimdal/lib/sl/Makefile.am
+++ b/crypto/heimdal/lib/sl/Makefile.am
@@ -1,39 +1,38 @@
-# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $
+# $Id: Makefile.am,v 1.24 2001/05/16 23:58:12 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
+if do_roken_rename
+IS = -DROKEN_RENAME
+ES = strtok_r.c snprintf.c strdup.c strupr.c
+endif
+
+INCLUDES += $(IS)
+
 YFLAGS = -d
 
 include_HEADERS = sl.h
 
 lib_LTLIBRARIES = libsl.la libss.la
-libsl_la_LDFLAGS = -version-info 1:1:1
-libss_la_LDFLAGS = -version-info 1:3:1
+libsl_la_LDFLAGS = -version-info 1:2:1
+libss_la_LDFLAGS = -version-info 1:4:1
 
 libsl_la_LIBADD = @LIB_readline@
 libss_la_LIBADD = @LIB_readline@
 
-RENAME_SRC = roken_rename.h strtok_r.c snprintf.c
-
-libsl_la_SOURCES = sl_locl.h sl.c
+libsl_la_SOURCES = sl_locl.h sl.c $(ES)
 libss_la_SOURCES = $(libsl_la_SOURCES) ss.c ss.h
 
-EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h
-
 # install these?
 
 bin_PROGRAMS = mk_cmds
 
-mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l
-
-RENAME_mk_cmds_SRC = roken_rename.h snprintf.c
-
-EXTRA_mk_cmds_SOURCES = snprintf.c roken_rename.h
+mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l $(ES)
 
 ssincludedir = $(includedir)/ss
 ssinclude_HEADERS = ss.h
 
-CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c
+CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c strdup.c strupr.c
 
 $(mk_cmds_OBJECTS): parse.h
 
@@ -45,3 +44,7 @@ strtok_r.c:
 	$(LN_S) $(srcdir)/../roken/strtok_r.c .
 snprintf.c:
 	$(LN_S) $(srcdir)/../roken/snprintf.c .
+strdup.c:
+	$(LN_S) $(srcdir)/../roken/strdup.c .
+strupr.c:
+	$(LN_S) $(srcdir)/../roken/strupr.c .
diff --git a/crypto/heimdal/lib/sl/Makefile.in b/crypto/heimdal/lib/sl/Makefile.in
index 6c1088b..0f59a37 100644
--- a/crypto/heimdal/lib/sl/Makefile.in
+++ b/crypto/heimdal/lib/sl/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -113,20 +114,20 @@ dpagaix_CFLAGS = @dpagaix_CFLAGS@
 dpagaix_LDADD = @dpagaix_LDADD@
 install_sh = @install_sh@
 
-# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $
+# $Id: Makefile.am,v 1.24 2001/05/16 23:58:12 assar Exp $
 
 
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
 
 SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
 
-INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(IS)
 
 AM_CFLAGS =  $(WFLAGS)
 
@@ -185,40 +186,37 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
+@do_roken_rename_TRUE@IS = @do_roken_rename_TRUE@-DROKEN_RENAME
+@do_roken_rename_TRUE@ES = @do_roken_rename_TRUE@strtok_r.c snprintf.c strdup.c strupr.c
+
 YFLAGS = -d
 
 include_HEADERS = sl.h
 
 lib_LTLIBRARIES = libsl.la libss.la
-libsl_la_LDFLAGS = -version-info 1:1:1
-libss_la_LDFLAGS = -version-info 1:3:1
+libsl_la_LDFLAGS = -version-info 1:2:1
+libss_la_LDFLAGS = -version-info 1:4:1
 
 libsl_la_LIBADD = @LIB_readline@
 libss_la_LIBADD = @LIB_readline@
 
-RENAME_SRC = roken_rename.h strtok_r.c snprintf.c
-
-libsl_la_SOURCES = sl_locl.h sl.c
+libsl_la_SOURCES = sl_locl.h sl.c $(ES)
 libss_la_SOURCES = $(libsl_la_SOURCES) ss.c ss.h
 
-EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h
-
 # install these?
 
 bin_PROGRAMS = mk_cmds
 
-mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l
-
-RENAME_mk_cmds_SRC = roken_rename.h snprintf.c
-
-EXTRA_mk_cmds_SOURCES = snprintf.c roken_rename.h
+mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l $(ES)
 
 ssincludedir = $(includedir)/ss
 ssinclude_HEADERS = ss.h
 
-CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c
+CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c strdup.c strupr.c
 
 LDADD = \
 	$(LIB_roken)				\
@@ -239,15 +237,24 @@ X_LIBS = @X_LIBS@
 X_EXTRA_LIBS = @X_EXTRA_LIBS@
 X_PRE_LIBS = @X_PRE_LIBS@
 libsl_la_DEPENDENCIES = 
-am_libsl_la_OBJECTS =  sl.lo
+@do_roken_rename_FALSE@am_libsl_la_OBJECTS =  sl.lo
+@do_roken_rename_TRUE@am_libsl_la_OBJECTS =  sl.lo strtok_r.lo \
+@do_roken_rename_TRUE@snprintf.lo strdup.lo strupr.lo
 libsl_la_OBJECTS =  $(am_libsl_la_OBJECTS)
 libss_la_DEPENDENCIES = 
-am_libss_la_OBJECTS =  sl.lo ss.lo
+@do_roken_rename_FALSE@am_libss_la_OBJECTS =  sl.lo ss.lo
+@do_roken_rename_TRUE@am_libss_la_OBJECTS =  sl.lo strtok_r.lo \
+@do_roken_rename_TRUE@snprintf.lo strdup.lo strupr.lo ss.lo
 libss_la_OBJECTS =  $(am_libss_la_OBJECTS)
 bin_PROGRAMS =  mk_cmds$(EXEEXT)
 PROGRAMS =  $(bin_PROGRAMS)
 
-am_mk_cmds_OBJECTS =  make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT)
+@do_roken_rename_FALSE@am_mk_cmds_OBJECTS =  make_cmds.$(OBJEXT) \
+@do_roken_rename_FALSE@parse.$(OBJEXT) lex.$(OBJEXT)
+@do_roken_rename_TRUE@am_mk_cmds_OBJECTS =  make_cmds.$(OBJEXT) \
+@do_roken_rename_TRUE@parse.$(OBJEXT) lex.$(OBJEXT) strtok_r.$(OBJEXT) \
+@do_roken_rename_TRUE@snprintf.$(OBJEXT) strdup.$(OBJEXT) \
+@do_roken_rename_TRUE@strupr.$(OBJEXT)
 mk_cmds_OBJECTS =  $(am_mk_cmds_OBJECTS)
 mk_cmds_LDADD = $(LDADD)
 mk_cmds_DEPENDENCIES = 
@@ -258,8 +265,8 @@ CFLAGS = @CFLAGS@
 LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
 CCLD = $(CC)
 LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
-DIST_SOURCES =  $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) \
-$(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES)
+DIST_SOURCES =  $(libsl_la_SOURCES) $(libss_la_SOURCES) \
+$(mk_cmds_SOURCES)
 HEADERS =  $(include_HEADERS) $(ssinclude_HEADERS)
 
 depcomp = 
@@ -270,12 +277,12 @@ Makefile.am Makefile.in lex.c parse.c parse.h
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 
 GZIP_ENV = --best
-SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) $(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES)
+SOURCES = $(libsl_la_SOURCES) $(libss_la_SOURCES) $(mk_cmds_SOURCES)
 OBJECTS = $(am_libsl_la_OBJECTS) $(am_libss_la_OBJECTS) $(am_mk_cmds_OBJECTS)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .l .lo .o .obj .y
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sl/Makefile
 
@@ -444,6 +451,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
@@ -477,6 +489,8 @@ check-am: all-am
 check: check-am
 installcheck-am:
 installcheck: installcheck-am
+install-binPROGRAMS: install-libLTLIBRARIES
+
 install-exec-am: install-libLTLIBRARIES install-binPROGRAMS
 	@$(NORMAL_INSTALL)
 	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
@@ -693,6 +707,10 @@ strtok_r.c:
 	$(LN_S) $(srcdir)/../roken/strtok_r.c .
 snprintf.c:
 	$(LN_S) $(srcdir)/../roken/snprintf.c .
+strdup.c:
+	$(LN_S) $(srcdir)/../roken/strdup.c .
+strupr.c:
+	$(LN_S) $(srcdir)/../roken/strupr.c .
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/crypto/heimdal/lib/sl/make_cmds.c b/crypto/heimdal/lib/sl/make_cmds.c
index 492e9e6..723dfdc 100644
--- a/crypto/heimdal/lib/sl/make_cmds.c
+++ b/crypto/heimdal/lib/sl/make_cmds.c
@@ -34,7 +34,7 @@
 #include "make_cmds.h"
 #include <getarg.h>
 
-RCSID("$Id: make_cmds.c,v 1.6 1999/12/02 16:58:55 joda Exp $");
+RCSID("$Id: make_cmds.c,v 1.7 2001/02/20 01:44:55 assar Exp $");
 
 #include <roken.h>
 #include <err.h>
@@ -213,7 +213,7 @@ main(int argc, char **argv)
 {
     int optind = 0;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
     if(getarg(args, num_args, argc, argv, &optind))
 	usage(1);
     if(help_flag)
diff --git a/crypto/heimdal/lib/sl/roken_rename.h b/crypto/heimdal/lib/sl/roken_rename.h
index 1d3d893..17837fb 100644
--- a/crypto/heimdal/lib/sl/roken_rename.h
+++ b/crypto/heimdal/lib/sl/roken_rename.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: roken_rename.h,v 1.4 2000/05/31 20:07:56 assar Exp $ */
+/* $Id: roken_rename.h,v 1.5 2001/05/06 21:47:54 assar Exp $ */
 
 #ifndef __roken_rename_h__
 #define __roken_rename_h__
@@ -60,5 +60,8 @@
 #ifndef HAVE_STRUPR
 #define strupr _sl_strupr
 #endif
+#ifndef HAVE_STRDUP
+#define strdup _sl_strdup
+#endif
 
 #endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/sl/sl.c b/crypto/heimdal/lib/sl/sl.c
index ebc7657..98b101c 100644
--- a/crypto/heimdal/lib/sl/sl.c
+++ b/crypto/heimdal/lib/sl/sl.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: sl.c,v 1.28 2001/01/26 14:58:26 joda Exp $");
+RCSID("$Id: sl.c,v 1.29 2001/02/20 01:44:55 assar Exp $");
 #endif
 
 #include "sl_locl.h"
@@ -76,8 +76,8 @@ mandoc_template(SL_cmd *cmds,
     t = time(NULL);
     strftime(timestr, sizeof(timestr), "%b %d, %Y", localtime(&t));
     printf(".Dd %s\n", timestr);
-    p = strrchr(__progname, '/');
-    if(p) p++; else p = __progname;
+    p = strrchr(getprogname(), '/');
+    if(p) p++; else p = getprogname();
     strncpy(cmd, p, sizeof(cmd));
     cmd[sizeof(cmd)-1] = '\0';
     strupr(cmd);
diff --git a/crypto/heimdal/lib/vers/ChangeLog b/crypto/heimdal/lib/vers/ChangeLog
index 459c940..0de5d15 100644
--- a/crypto/heimdal/lib/vers/ChangeLog
+++ b/crypto/heimdal/lib/vers/ChangeLog
@@ -1,3 +1,7 @@
+2001-04-21  Johan Danielsson  <joda@pdc.kth.se>
+
+	* print_version.c: 2001
+
 2001-01-31  Assar Westerlund  <assar@sics.se>
 
 	* Makefile.am: remove -static turning this into a convenience
diff --git a/crypto/heimdal/lib/vers/Makefile.in b/crypto/heimdal/lib/vers/Makefile.in
index 8b8da03..1dffc80 100644
--- a/crypto/heimdal/lib/vers/Makefile.in
+++ b/crypto/heimdal/lib/vers/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 CLEANFILES = print_version.h
@@ -241,7 +244,7 @@ OBJECTS = $(am_libvers_la_OBJECTS) make-print-version.$(OBJEXT)
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/vers/Makefile
 
@@ -326,6 +329,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/lib/vers/make-print-version.c b/crypto/heimdal/lib/vers/make-print-version.c
index 5d62cc6..6102e75 100644
--- a/crypto/heimdal/lib/vers/make-print-version.c
+++ b/crypto/heimdal/lib/vers/make-print-version.c
@@ -42,7 +42,7 @@ RCSID("$Id: make-print-version.c,v 1.2 2000/07/08 10:46:36 assar Exp $");
 extern const char *heimdal_version;
 #endif
 #ifdef KRB4
-extern char *krb4_version;
+extern const char *krb4_version;
 #endif
 #include <version.h>
 
diff --git a/crypto/heimdal/lib/vers/print_version.c b/crypto/heimdal/lib/vers/print_version.c
index cb324d0..8ece96b 100644
--- a/crypto/heimdal/lib/vers/print_version.c
+++ b/crypto/heimdal/lib/vers/print_version.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: print_version.c,v 1.1 2000/07/01 19:47:35 assar Exp $");
+RCSID("$Id: print_version.c,v 1.3 2001/04/21 16:05:48 joda Exp $");
 #endif
 #include "roken.h"
 
@@ -49,7 +49,7 @@ print_version(const char *progname)
     int i;
     
     if(progname == NULL)
-	progname = __progname;
+	progname = getprogname();
     
     if(num_args == 0)
 	msg = "no version information";
@@ -72,7 +72,7 @@ print_version(const char *progname)
 	}
     }
     fprintf(stderr, "%s (%s)\n", progname, msg);
-    fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n");
+    fprintf(stderr, "Copyright (c) 1999-2001 Kungliga Tekniska Högskolan\n");
     if(num_args != 0)
 	free(msg);
 }