Clean import of KTH Kerberos (eBones) v1.0.

363 files changed, 14746 insertions, 4394 deletions

diff --git a/crypto/kerberosIV/COPYRIGHT b/crypto/kerberosIV/COPYRIGHT
index 9a327a8..4222459 100644
--- a/crypto/kerberosIV/COPYRIGHT
+++ b/crypto/kerberosIV/COPYRIGHT
@@ -13,12 +13,7 @@ are met:
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the distribution.
 
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the Kungliga Tekniska
-     Högskolan and its contributors.
-
-4. Neither the name of the Institute nor the names of its contributors
+3. Neither the name of the Institute nor the names of its contributors
    may be used to endorse or promote products derived from this software
    without specific prior written permission.
 
diff --git a/crypto/kerberosIV/ChangeLog b/crypto/kerberosIV/ChangeLog
index 64ca7ac..cd39323 100644
--- a/crypto/kerberosIV/ChangeLog
+++ b/crypto/kerberosIV/ChangeLog
@@ -1,43 +1,168 @@
-1999-08-22
+1999-11-29
 
-	* release 0.10
+	* lib/krb/krb-protos.h (tf_get_cred_addr): add prototype
+	* lib/krb/tf_util.c (tf_get_cred_addr): new function for fetching
+	the NAT addresses stored in the ticket file. From
+	<thn@stacken.kth.se>
 
-	* configure.in (VERSION): bump to 0.10
+	* kuser/klist.c (display_tktfile): dump the IP address being used
+	when in NAT-mode.  From <thn@stacken.kth.se>
 
-1999-08-19
+1999-11-25
 
-	* release 0.10pre5
+	* appl/bsd/rlogind.c (main): getopt returns -1 and not EOF.  From
+	<art@stacken.kth.se>
 
-	* configure.in (VERSION): bump to 0.10pre5
+	* lib/krb/krb_ip_realm.c (krb_add_our_ip_for_realm): new function
+	for obtaining the IP address that the KDC sees us as coming from.
+	From <thn@stacken.kth.se>
+
+	* lib/krb/tf_util.c (tf_get_addr, tf_store_addr): new functions
+	for storing the NAT-ed address per realm
+	(tf_get_cred): make sure to ignore all magic credentials
+
+	* lib/krb/get_in_tkt.c (krb_get_pw_in_tkt2): if using NAT, store
+	the address the the KDC saw. (krb_add_our_ip_for_realm)
+
+	* lib/krb/send_to_kdc.c: rewrite some.  Make sure that we do not
+	do any hostname lookups when using http through a proxy (the proxy
+	is supposed to do that in the `real' name-space).
+
+1999-11-19
+
+	* appl/bsd/rcmd_util.c (conv): add EXTA and EXTB
+	
+Tue Nov 16 1999
+
+	* lib/krb/defaults.c (krb_get_default_keyfile): Get value of
+ 	KEYFILE from /etc/krb.extra.
+
+1999-11-13
+
+	* **/*.c (main): getopt returns -1 not EOF.  From
+	<art@stacken.kth.se>
+
+	* configure.in: check for fields in `struct tm' and variable
+	`timezone', used by strftime
+	* configure.in (AC_BROKEN): strptime is a new function in roken
+	opt*: more header files for the tests
+	
+Tue Nov 2 1999
+
+	* lib/krb/krb.h (TKT_ROOT): Change the definition of TKT_ROOT to a
+ 	function call. The returned value is settable in /etc/krb.extra
+ 	with the construct krb_default_tkt_root = /tmp/tkt_.
+
+1999-10-06
+
+	* lib/krb/verify_user.c: remove ERICSSON_COMPAT, it's apparently
+ 	no longer needed
+
+Mon Oct 4 1999
+
+	* appl/bsd/klogin.c (multiple_get_tkt): Must use appropiate realm
+ 	name when calling krb_get_pw_in_tkt or else you will receive an
+ 	inter-realm TGT.
+
+1999-10-03
+
+	* doc/problems.texi: add blurb about irix abi:s
+
+1999-09-27
+
+	* lib/krb/tf_util.c (tf_init): cygwin work-around
+
+1999-09-16
+
+	* configure.in: test for strlcpy, strlcat
+
+	* admin/kdb_util.c (main): support `-' as an alias for stdout.
+  	originally from Fredrik Ljungberg <flag@astrogator.se>
+
+1999-09-15
+
+	* include/Makefile.in: remove duplicate parse_time.h
+
+	* kadmin/ksrvutil_get.c (get_srvtab_ent): better error messages
+
+1999-09-12
+
+	* configure.in: revert back awk test, now worked around in
+ 	roken.awk
+
+1999-09-06
+
+	* doc/problems.texi: document a really working fix for the xlc
+	-qnolm bug
+
+1999-09-04
+
+	* doc/problems.texi: comment about xlc -E brokenness
+
+1999-09-01
+
+	* lib/krb/get_krbrlm.c (krb_get_lrealm_f): treat n = 0 the same as
+	if it were 1 (this should make it backwards compatible with apps
+	that pass 0 for n)
+
+1999-08-25
+
+	* appl/bsd/login.c: surround SGI capability stuff with
+	`defined(HAVE_CAP_SET_PROC)'
+
+1999-08-24
+
+	* kadmin/kadmin.c (add_new_key): add missing space when printing
+ 	generated passwords.  bug reported by Per Eriksson DMC
+ 	<perixon@dsv.su.se>
+	
+	* lib/krb/verify_user.c (krb_verify_user_srvtab): return last
+ 	error instead of KFAILURE when everything fails.
+
+	* appl/bsd/klogin.c (multiple_get_tkt): return last error instead
+ 	of KFAILURE when everything fails.
 
 1999-08-18
 
-	* release 0.10pre4
+	* doc/problems.texi: some y2k stuff
 
-	* configure.in (VERSION): bump to 0.10pre4
+	* doc/kth-krb.texi: update copyright, and menu
 
-1999-08-16
+	* doc/intro.texi: remove unix-system section, since it's
+	impossible to keep up to date
 
-	* release 0.10pre3
+1999-08-13
 
-	* configure.in (VERSION): bump to 0.10pre3
+	* configure.in: test for inet_pton include <sys/types.h> in all
+ 	utmp tests
 
-1999-07-22
+1999-07-27
+
+	* configure.in: test for struct sockaddr_storage and sa_family
+ 	brokenize inet_ntop
 
-	* release 0.10pre2
+1999-07-24
 
-	* configure.in (VERSION): bump to 0.10pre2
+	* kadmin/ksrvutil_get.c (get_srvtab_ent): try to print better
+ 	error messages
 
+	* configure.in (AC_PROG_AWK): disable. mawk seems to mishandle \#
+ 	in lib/roken/roken.awk
+
+1999-07-22
 
 	* acconfig.h (SunOS): remove definition
 
 	* configure.in: define SunOS to xy for SunOS x.y
 
-1999-07-08
+1999-07-19
+
+	* configure.in (AC_BROKEN): check for copyhostent, freehostent,
+ 	getipnodebyname, getipnodebyaddr
 
-	* Release 0.10pre1.
+1999-07-13
 
-	* configure.in (VERSION): bump to 0.10pre1
+	* configure.in: use AC_FUNC_GETLOGIN
 
 1999-07-07
 
@@ -116,6 +241,12 @@
 	* lib/krb/send_to_kdc.c (http_recv): handle both HTTP/1.0 and
  	HTTP/1.1 in reply
 
+1999-06-06
+
+	* configure.in: use KRB_CHECK_X
+	
+	* kuser/kdestroy.c: use print_version
+	
 Wed Jun 2 1999
 
 	* kadmin/kadmin.c: use print_version; (mod_entry): add command
diff --git a/crypto/kerberosIV/NEWS b/crypto/kerberosIV/NEWS
index 6c6f84f..f839116 100644
--- a/crypto/kerberosIV/NEWS
+++ b/crypto/kerberosIV/NEWS
@@ -1,11 +1,15 @@
-Changes in release 0.10.1:
+Changes in release 1.0:
 
-* Bug fixes:
-  - krb_get_lrealm now works with zero `n'
-  - kadmin cosmetic fix
-  - login now compiles on IRIX < 6.5
-  - kxd fix for solaris waitpid breakage, fix for unicos setjob
-    breakage, better handling of fork failures
+* A new configuration option `nat_in_use' in krb.extra to ease use
+  through Network Address Translators.
+
+* Support configuration value of KEYFILE and TKT_ROOT in krb.extra
+
+* Easier building on some platforms
+
+* built-in ls in ftpd.
+
+* Bug fixes.
 
 Changes in release 0.10:
 
diff --git a/crypto/kerberosIV/PROBLEMS b/crypto/kerberosIV/PROBLEMS
index 732766e..b72c521 100644
--- a/crypto/kerberosIV/PROBLEMS
+++ b/crypto/kerberosIV/PROBLEMS
@@ -46,6 +46,14 @@ There has been reports of non-working `libdb' on some Linux
 distributions.  If that happens, use the `--without-berkeley-db' when
 configuring.
 
+SunOS 5 (aka Solaris 2) problems
+--------------------------------
+
+When building shared libraries and using some combinations of GNU gcc/ld
+you better set the environment variable RUN_PATH to /usr/athena/lib
+(your target libdir). If you don't, then you will have to set
+LD_LIBRARY_PATH during runtime and the PAM module will not work.
+
 HP-UX problems
 --------------
 
@@ -61,6 +69,39 @@ Cray problems
 `rlogind' won't work on Crays until `forkpty()' has been ported, in the
 mean time use `telnetd'.
 
+IRIX problems
+-------------
+
+IRIX has three different ABI:s (Application Binary Interface), there's
+an old 32 bit interface (known as O32, or just 32), a new 32 bit
+interface (N32), and a 64 bit interface (64). O32 and N32 are both 32
+bits, but they have different calling conventions, and alignment
+constraints, and similar. The N32 format is the default format from IRIX
+6.4.
+
+You select ABI at compile time, and you can do this with the
+`--with-mips-abi' configure option. The valid arguments are `o32',
+`n32', and `64', N32 is the default. Libraries for the three different
+ABI:s are normally installed installed in different directories (`lib',
+`lib32', and `lib64'). If you want more than one set of libraries you
+have to reconfigure and recompile for each ABI, but you should probably
+install only N32 binaries.
+
+GCC had had some known problems with the different ABI:s. Old GCC could
+only handle O32, newer GCC can handle N32, and 64, but not O32, but in
+some versions of GCC the structure alignment was broken in N32.
+
+This confusion with different ABI:s can cause some trouble. For
+instance, the `afskauthlib.so' library has to use the same ABI as
+`xdm', and `login'. The easiest way to check what ABI to use is to run
+`file' on `/usr/bin/X11/xdm'.
+
+Another problem that you might encounter if you run AFS is that Transarc
+apparently doesn't support the 64-bit ABI, and because of this you can't
+get tokens with a 64 bit application. If you really need to do this,
+there is a kernel module that provides this functionality at
+<ftp://ftp.pdc.kth.se/home/joda/irix-afs64.tar.gz>.
+
 AIX problems
 ------------
 
diff --git a/crypto/kerberosIV/acconfig.h b/crypto/kerberosIV/acconfig.h
index cd9867d..771207b 100644
--- a/crypto/kerberosIV/acconfig.h
+++ b/crypto/kerberosIV/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.103.2.1 1999/07/22 03:12:42 assar Exp $ */
+/* $Id: acconfig.h,v 1.105 1999/12/02 13:09:41 joda Exp $ */
 
 @BOTTOM@
 
@@ -18,6 +18,8 @@
 
 #define HAVE_KRB_DISABLE_DEBUG 1
 
+#define HAVE_KRB_GET_OUR_IP_FOR_REALM 1
+
 #define RCSID(msg) \
 static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 
diff --git a/crypto/kerberosIV/aclocal.m4 b/crypto/kerberosIV/aclocal.m4
index ca2982b..d2e1e94 100644
--- a/crypto/kerberosIV/aclocal.m4
+++ b/crypto/kerberosIV/aclocal.m4
@@ -251,7 +251,7 @@ esac
 ])
 
 dnl
-dnl $Id: shared-libs.m4,v 1.3 1999/04/09 15:34:25 assar Exp $
+dnl $Id: shared-libs.m4,v 1.4 1999/07/13 17:47:09 assar Exp $
 dnl
 dnl Shared library stuff has to be different everywhere
 dnl
@@ -316,9 +316,10 @@ case "${host}" in
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
 	install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so'
 	;;
-*-*-freebsd3*)
+changequote(,)dnl
+*-*-freebsd[34]*)
+changequote([,])dnl
 	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	LDSHARED='ld -Bshareable'
 	REAL_LD_FLAGS='-Wl,-R$(libdir)'
 	build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so'
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
@@ -507,23 +508,23 @@ AC_EGREP_CPP(yes,
 AC_MSG_RESULT($krb_cv_sys_aix)
 ])
 
-dnl $Id: find-func-no-libs.m4,v 1.3 1998/06/04 02:06:50 assar Exp $
+dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $
 dnl
 dnl
 dnl Look for function in any of the specified libraries
 dnl
 
-dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments)
+dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args)
 AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
-AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4])])
+AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])])
 
-dnl $Id: find-func-no-libs2.m4,v 1.1 1998/06/04 02:07:12 assar Exp $
+dnl $Id: find-func-no-libs2.m4,v 1.3 1999/10/30 21:09:53 assar Exp $
 dnl
 dnl
 dnl Look for function in any of the specified libraries
 dnl
 
-dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments)
+dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args)
 AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [
 
 AC_MSG_CHECKING([for $1])
@@ -537,7 +538,7 @@ if eval "test \"\$ac_cv_func_$1\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS="$6 $ac_lib $5 $ac_save_LIBS"
 		AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
 	done
 	eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
@@ -620,11 +621,14 @@ END
 
 ])
 
-dnl $Id: grok-type.m4,v 1.3 1999/03/21 18:59:56 joda Exp $
+dnl $Id: grok-type.m4,v 1.4 1999/11/29 11:16:48 joda Exp $
 dnl
 AC_DEFUN(AC_GROK_TYPE, [
 AC_CACHE_VAL(ac_cv_type_$1, 
 AC_TRY_COMPILE([
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
@@ -669,7 +673,7 @@ fi
 dnl 
 dnl See if there is any X11 present
 dnl
-dnl $Id: check-x.m4,v 1.1 1999/06/03 00:22:10 joda Exp $
+dnl $Id: check-x.m4,v 1.2 1999/11/05 04:25:23 assar Exp $
 
 AC_DEFUN(KRB_CHECK_X,[
 AC_PATH_XTRA
@@ -699,7 +703,7 @@ if test "$no_x" != yes; then
 			esac
 			done
 		fi
-		LIBS="$ac_save_libs $foo -lX11"
+		LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS"
 		AC_TRY_RUN([
 		#include <X11/Xlib.h>
 		foo()
@@ -998,6 +1002,21 @@ AC_NEED_PROTO([#include <stdio.h>
 fi
 ])
 
+dnl
+dnl $Id: capabilities.m4,v 1.2 1999/09/01 11:02:26 joda Exp $
+dnl
+
+dnl
+dnl Test SGI capabilities
+dnl
+
+AC_DEFUN(KRB_CAPABILITIES,[
+
+AC_CHECK_HEADERS(capability.h sys/capability.h)
+
+AC_CHECK_FUNCS(sgi_getcapabilitybyname cap_set_proc)
+])
+
 dnl $Id: check-getpwnam_r-posix.m4,v 1.2 1999/03/23 16:47:31 joda Exp $
 dnl
 dnl check for getpwnam_r, and if it's posix or not
@@ -1022,6 +1041,29 @@ if test "$ac_cv_func_getpwnam_r_posix" = yes; then
 fi
 fi
 ])
+dnl
+dnl $Id: krb-func-getlogin.m4,v 1.1 1999/07/13 17:45:30 assar Exp $
+dnl
+dnl test for POSIX (broken) getlogin
+dnl
+
+
+AC_DEFUN(AC_FUNC_GETLOGIN, [
+AC_CHECK_FUNCS(getlogin setlogin)
+if test "$ac_cv_func_getlogin" = yes; then
+AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [
+if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then
+	ac_cv_func_getlogin_posix=no
+else
+	ac_cv_func_getlogin_posix=yes
+fi
+])
+if test "$ac_cv_func_getlogin_posix" = yes; then
+	AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).])
+fi
+fi
+])
+
 dnl $Id: find-if-not-broken.m4,v 1.2 1998/03/16 22:16:27 joda Exp $
 dnl
 dnl
@@ -1168,7 +1210,7 @@ fi
 undefine([foo])
 ])
 
-dnl $Id: have-struct-field.m4,v 1.5 1999/03/01 13:10:35 joda Exp $
+dnl $Id: have-struct-field.m4,v 1.6 1999/07/29 01:44:32 assar Exp $
 dnl
 dnl check for fields in a structure
 dnl
@@ -1183,18 +1225,50 @@ cache_val=no)])
 if test "$cache_val" = yes; then
 	define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_]))
 	AC_DEFINE(foo, 1, [Define if $1 has field $2.])
-	undefine(foo)
+	undefine([foo])
+fi
+undefine([cache_val])
+])
+
+dnl $Id: have-type.m4,v 1.4 1999/07/24 19:23:01 assar Exp $
+dnl
+dnl check for existance of a type
+
+dnl AC_HAVE_TYPE(TYPE,INCLUDES)
+AC_DEFUN(AC_HAVE_TYPE, [
+cv=`echo "$1" | sed 'y%./+- %__p__%'`
+AC_MSG_CHECKING(for $1)
+AC_CACHE_VAL([ac_cv_type_$cv],
+AC_TRY_COMPILE(
+[#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+$2],
+[$1 foo;],
+eval "ac_cv_type_$cv=yes",
+eval "ac_cv_type_$cv=no"))dnl
+AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`)
+if test `eval echo \\$ac_cv_type_$cv` = yes; then
+  ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
+dnl autoheader tricks *sigh*
+define(foo,translit($1, [ ], [_]))
+: << END
+@@@funcs="$funcs foo"@@@
+END
+undefine([foo])
+  AC_DEFINE_UNQUOTED($ac_tr_hdr, 1)
 fi
-undefine(cache_val)
 ])
 
-dnl $Id
+dnl $Id: krb-struct-spwd.m4,v 1.3 1999/07/13 21:04:11 assar Exp $
 dnl
 dnl Test for `struct spwd'
 
 AC_DEFUN(AC_KRB_STRUCT_SPWD, [
 AC_MSG_CHECKING(for struct spwd)
-AC_CACHE_VAL(ac_cv_type_struct_spwd, [
+AC_CACHE_VAL(ac_cv_struct_spwd, [
 AC_TRY_COMPILE(
 [#include <pwd.h>
 #ifdef HAVE_SHADOW_H
diff --git a/crypto/kerberosIV/admin/adm_locl.h b/crypto/kerberosIV/admin/adm_locl.h
index 6cbd20d..9a41b4b 100644
--- a/crypto/kerberosIV/admin/adm_locl.h
+++ b/crypto/kerberosIV/admin/adm_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: adm_locl.h,v 1.16 1997/04/20 05:46:14 assar Exp $ */
+/* $Id: adm_locl.h,v 1.17 1999/12/02 16:58:27 joda Exp $ */
 
 #ifndef __adm_locl_h
 #define __adm_locl_h
diff --git a/crypto/kerberosIV/admin/ext_srvtab.c b/crypto/kerberosIV/admin/ext_srvtab.c
index f1f1752..5cab583 100644
--- a/crypto/kerberosIV/admin/ext_srvtab.c
+++ b/crypto/kerberosIV/admin/ext_srvtab.c
@@ -9,7 +9,7 @@
 
 #include "adm_locl.h"
 
-RCSID("$Id: ext_srvtab.c,v 1.17 1998/06/09 19:24:13 joda Exp $");
+RCSID("$Id: ext_srvtab.c,v 1.18 1999/09/16 20:37:20 assar Exp $");
 
 static des_cblock master_key;
 static des_cblock session_key;
@@ -73,7 +73,7 @@ main(int argc, char **argv)
 		if (++i >= argc)
 		    usage();
 		else {
-		    strcpy_truncate(realm, argv[i], REALM_SZ);
+		    strlcpy(realm, argv[i], REALM_SZ);
 		    /* 
 		     * This is to humor the broken way commandline
 		     * argument parsing is done.  Later, this
diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c
index bd9df2d..1ba6aaf 100644
--- a/crypto/kerberosIV/admin/kdb_edit.c
+++ b/crypto/kerberosIV/admin/kdb_edit.c
@@ -15,7 +15,7 @@
 
 #include "adm_locl.h"
 
-RCSID("$Id: kdb_edit.c,v 1.27 1998/11/22 09:26:31 assar Exp $");
+RCSID("$Id: kdb_edit.c,v 1.28 1999/09/16 20:37:21 assar Exp $");
 
 #ifdef DEBUG
 extern  kerb_debug;
@@ -93,10 +93,10 @@ change_principal(void)
 	/* make a new principal, fill in defaults */
 	j = 1;
 	creating = 1;
-	strcpy_truncate(principal_data[0].name,
+	strlcpy(principal_data[0].name,
 			input_name,
 			ANAME_SZ);
-	strcpy_truncate(principal_data[0].instance,
+	strlcpy(principal_data[0].instance,
 			input_instance,
 			INST_SZ);
 	principal_data[0].old = NULL;
diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c
index bf340a7..0116ea2 100644
--- a/crypto/kerberosIV/admin/kdb_init.c
+++ b/crypto/kerberosIV/admin/kdb_init.c
@@ -10,7 +10,7 @@
 
 #include "adm_locl.h"
 
-RCSID("$Id: kdb_init.c,v 1.24 1998/06/09 19:24:13 joda Exp $");
+RCSID("$Id: kdb_init.c,v 1.25 1999/09/16 20:37:21 assar Exp $");
 
 enum ap_op {
     NULL_KEY,			/* setup null keys */
@@ -31,8 +31,8 @@ add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
     des_cblock new_key;
 
     memset(&principal, 0, sizeof(principal));
-    strcpy_truncate(principal.name, name, ANAME_SZ);
-    strcpy_truncate(principal.instance, instance, INST_SZ);
+    strlcpy(principal.name, name, ANAME_SZ);
+    strlcpy(principal.instance, instance, INST_SZ);
     switch (aap_op) {
     case NULL_KEY:
 	principal.key_low = 0;
@@ -68,8 +68,8 @@ add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
     principal.kdc_key_ver = 1;
     principal.key_version = 1;
 
-    strcpy_truncate(principal.mod_name, "db_creation", ANAME_SZ);
-    strcpy_truncate(principal.mod_instance, "", INST_SZ);
+    strlcpy(principal.mod_name, "db_creation", ANAME_SZ);
+    strlcpy(principal.mod_instance, "", INST_SZ);
     principal.old = 0;
 
     if (kerb_db_put_principal(&principal, 1) != 1)
@@ -108,10 +108,10 @@ main(int argc, char **argv)
     kerb_db_set_name(database);
 
     if (argc == 2)
-	strcpy_truncate(realm, argv[1], REALM_SZ);
+	strlcpy(realm, argv[1], REALM_SZ);
     else {
         if (krb_get_lrealm(realm, 1) != KSUCCESS)
-	    strcpy_truncate(realm, KRB_REALM, REALM_SZ);
+	    strlcpy(realm, KRB_REALM, REALM_SZ);
 	fprintf(stderr, "Realm name [default  %s ]: ", realm);
 	if (fgets(realm, sizeof(realm), stdin) == NULL)
 	    errx (1, "\nEOF reading realm");
@@ -119,7 +119,7 @@ main(int argc, char **argv)
 	    *cp = '\0';
 	if (!*realm)			/* no realm given */
 		if (krb_get_lrealm(realm, 1) != KSUCCESS)
-		    strcpy_truncate(realm, KRB_REALM, REALM_SZ);
+		    strlcpy(realm, KRB_REALM, REALM_SZ);
     }
     if (!k_isrealm(realm))
 	errx (1, "Bad kerberos realm name \"%s\"", realm);
diff --git a/crypto/kerberosIV/admin/kdb_util.c b/crypto/kerberosIV/admin/kdb_util.c
index 4700df1..cff031c 100644
--- a/crypto/kerberosIV/admin/kdb_util.c
+++ b/crypto/kerberosIV/admin/kdb_util.c
@@ -15,7 +15,7 @@
 
 #include "adm_locl.h"
 
-RCSID("$Id: kdb_util.c,v 1.40 1999/07/05 21:43:52 assar Exp $");
+RCSID("$Id: kdb_util.c,v 1.42 1999/09/16 20:37:21 assar Exp $");
 
 static des_cblock master_key, new_master_key;
 static des_key_schedule master_key_schedule, new_master_key_schedule;
@@ -53,7 +53,7 @@ time_explode(char *cp)
     memset(&tp, 0, sizeof(tp));	/* clear out the struct */
     
     if (strlen(cp) > 10) {		/* new format */
-	strcpy_truncate(wbuf, cp, sizeof(wbuf));
+	strlcpy(wbuf, cp, sizeof(wbuf));
 	tp.tm_year = atoi(wbuf) - 1900;
 	cp += 4;			/* step over the year */
 	local = 0;			/* GMT */
@@ -432,6 +432,7 @@ main(int argc, char **argv)
 	fprintf(stderr, "Operation is one of: "
 		"load, merge, dump, slave_dump, new_master_key, "
 		"convert_old_db\n");
+	fprintf(stderr, "use file `-' for stdout\n");
 	exit(1);
     }
     if (argc == 3)
@@ -469,7 +470,20 @@ main(int argc, char **argv)
     }
 
     file_name = argv[2];
-    file = fopen(file_name, (op == OP_LOAD || op == OP_MERGE) ? "r" : "w");
+    if (strcmp (file_name, "-") == 0
+	&& op != OP_LOAD
+	&& op != OP_MERGE)
+	file = stdout;
+    else {
+	char *mode;
+
+	if (op == OP_LOAD || op == OP_MERGE)
+	    mode = "r";
+	else
+	    mode = "w";
+
+	file = fopen (file_name, mode);
+    }
     if (file == NULL)
         err (1, "open %s", argv[2]);
 
diff --git a/crypto/kerberosIV/appl/afsutil/aklog.c b/crypto/kerberosIV/appl/afsutil/aklog.c
index f3bcb8b..22dbfe7 100644
--- a/crypto/kerberosIV/appl/afsutil/aklog.c
+++ b/crypto/kerberosIV/appl/afsutil/aklog.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -71,7 +66,7 @@
 
 #include <roken.h>
 
-RCSID("$Id: aklog.c,v 1.22.2.1 1999/07/22 03:13:22 assar Exp $");
+RCSID("$Id: aklog.c,v 1.24 1999/12/02 16:58:28 joda Exp $");
 
 static int debug = 0;
 
diff --git a/crypto/kerberosIV/appl/afsutil/kstring2key.c b/crypto/kerberosIV/appl/afsutil/kstring2key.c
index 30482f0..c0c76ae 100644
--- a/crypto/kerberosIV/appl/afsutil/kstring2key.c
+++ b/crypto/kerberosIV/appl/afsutil/kstring2key.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "config.h"
 
-RCSID("$Id: kstring2key.c,v 1.14 1998/06/09 19:24:14 joda Exp $");
+RCSID("$Id: kstring2key.c,v 1.16 1999/12/02 16:58:28 joda Exp $");
 
 #include <stdio.h>
 #include <string.h>
@@ -109,7 +104,7 @@ main(int argc, char **argv)
 	    errx (1, "Error reading password.");
 	break;
     case 2:
-	strcpy_truncate(buf, argv[1], sizeof(buf));
+	strlcpy(buf, argv[1], sizeof(buf));
 	break;
     default:
 	usage();
diff --git a/crypto/kerberosIV/appl/afsutil/pagsh.c b/crypto/kerberosIV/appl/afsutil/pagsh.c
index 1f02ee8..c6704be 100644
--- a/crypto/kerberosIV/appl/afsutil/pagsh.c
+++ b/crypto/kerberosIV/appl/afsutil/pagsh.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -40,7 +35,7 @@
 #include <config.h>
 #endif
 
-RCSID("$Id: pagsh.c,v 1.21 1999/03/11 13:56:55 joda Exp $");
+RCSID("$Id: pagsh.c,v 1.22 1999/12/02 16:58:28 joda Exp $");
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/appl/bsd/bsd_locl.h b/crypto/kerberosIV/appl/bsd/bsd_locl.h
index 2731f03..e39bc36 100644
--- a/crypto/kerberosIV/appl/bsd/bsd_locl.h
+++ b/crypto/kerberosIV/appl/bsd/bsd_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: bsd_locl.h,v 1.109.2.1 1999/07/22 03:13:49 assar Exp $ */
+/* $Id: bsd_locl.h,v 1.111 1999/12/02 16:58:28 joda Exp $ */
 
 #define LOGALL
 #define KERBEROS
diff --git a/crypto/kerberosIV/appl/bsd/forkpty.c b/crypto/kerberosIV/appl/bsd/forkpty.c
index 0ab7ef2..891fb91 100644
--- a/crypto/kerberosIV/appl/bsd/forkpty.c
+++ b/crypto/kerberosIV/appl/bsd/forkpty.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -40,7 +35,7 @@
 
 #ifndef HAVE_FORKPTY
 
-RCSID("$Id: forkpty.c,v 1.53.2.2 1999/08/19 13:37:16 assar Exp $");
+RCSID("$Id: forkpty.c,v 1.57 1999/12/02 16:58:28 joda Exp $");
 
 /* Only CRAY is known to have problems with forkpty(). */
 #if defined(CRAY)
@@ -169,7 +164,7 @@ ptym_open_streams_flavor(char *pts_name,
 	char *ptr1;
 	if ((ptr1 = ptsname(fdm)) != NULL) /* Get slave's name */
 	    /* Return name of slave */  
-	    strcpy_truncate(pts_name, ptr1, pts_name_sz);
+	    strlcpy(pts_name, ptr1, pts_name_sz);
 	else {
 	    close(fdm);
 	    return(-4);
@@ -268,7 +263,7 @@ ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty)
 	char *p = _getpty(&fdm, O_RDWR, 0600, 1);
 	if (p) {
 	    *streams_pty = 1;
-	    strcpy_truncate (pts_name, p, pts_name_sz);
+	    strlcpy (pts_name, p, pts_name_sz);
 	    return fdm;
 	}
     }
@@ -398,7 +393,7 @@ forkpty_truncate(int *ptrfdm,
 
     if (slave_name != NULL)
 	/* Return name of slave */
-	strcpy_truncate(slave_name, pts_name, slave_name_sz);
+	strlcpy(slave_name, pts_name, slave_name_sz);
 
     pid = fork();
     if (pid < 0)
diff --git a/crypto/kerberosIV/appl/bsd/klogin.c b/crypto/kerberosIV/appl/bsd/klogin.c
index 41002dc..df21dbf 100644
--- a/crypto/kerberosIV/appl/bsd/klogin.c
+++ b/crypto/kerberosIV/appl/bsd/klogin.c
@@ -33,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: klogin.c,v 1.24 1999/03/15 13:34:12 bg Exp $");
+RCSID("$Id: klogin.c,v 1.27 1999/10/04 16:11:48 bg Exp $");
 
 #ifdef KERBEROS
 
@@ -53,52 +53,25 @@ multiple_get_tkt(char *name,
 		 int life,
 		 char *password)
 {
+  int ret;
   int n;
   char rlm[256];
-#define ERICSSON_COMPAT 1
-#ifdef  ERICSSON_COMPAT
-  FILE *f;
 
-  f = fopen("/etc/krb.localrealms", "r");
-  if (f != NULL) {
-    while (fgets(rlm, sizeof(rlm), f) != NULL) {
-      if (rlm[strlen(rlm) - 1] == '\n')
-	rlm[strlen(rlm) - 1] = '\0';
-	    
-      if (krb_get_pw_in_tkt(name,
-			    instance,
-			    rlm,
-			    service,
-			    realm,
-			    life,
-			    password) == KSUCCESS) {
-	fclose(f);
-	return KSUCCESS;
-      }
-    }
-    return krb_get_pw_in_tkt(name,
-			     instance,
-			     realm,
-			     service,
-			     realm,
-			     life,
-			     password);
-  }
-#endif
   /* First try to verify against the supplied realm. */
-  if (krb_get_pw_in_tkt(name, instance, realm, service, realm, life, password)
-      == KSUCCESS)
+  ret = krb_get_pw_in_tkt(name, instance, realm, service, realm, life,
+			  password);
+  if(ret == KSUCCESS)
     return KSUCCESS;
 
   /* Verify all local realms, except the supplied realm. */
   for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++)
-    if (strcmp(rlm, realm) != 0)
-      if (krb_get_pw_in_tkt(name, instance, rlm,service, realm, life, password)
-	  == KSUCCESS)
+    if (strcmp(rlm, realm) != 0) {
+      ret = krb_get_pw_in_tkt(name, instance, rlm,service, rlm,life, password);
+      if (ret == KSUCCESS)
 	return KSUCCESS;
+    }
 
-  return KFAILURE;
-
+  return ret;
 }
 
 /*
@@ -194,7 +167,7 @@ klogin(struct passwd *pw, char *instance, char *localhost, char *password)
     if (chown(TKT_FILE, pw->pw_uid, pw->pw_gid) < 0)
 	syslog(LOG_ERR, "chown tkfile (%s): %m", TKT_FILE);
 
-    strcpy_truncate(savehost, krb_get_phost(localhost), sizeof(savehost));
+    strlcpy(savehost, krb_get_phost(localhost), sizeof(savehost));
 
 #ifdef KLOGIN_PARANOID
     /*
diff --git a/crypto/kerberosIV/appl/bsd/login.c b/crypto/kerberosIV/appl/bsd/login.c
index 702c5ff..0d29ebe 100644
--- a/crypto/kerberosIV/appl/bsd/login.c
+++ b/crypto/kerberosIV/appl/bsd/login.c
@@ -45,7 +45,7 @@
 #include <sys/capability.h>
 #endif
 
-RCSID("$Id: login.c,v 1.120.2.2 1999/09/02 08:55:26 joda Exp $");
+RCSID("$Id: login.c,v 1.125 1999/11/30 19:24:01 bg Exp $");
 
 #ifdef OTP
 #include <otp.h>
@@ -225,7 +225,7 @@ main(int argc, char **argv)
 
 	fflag = hflag = pflag = rflag = 0;
 	uid = getuid();
-	while ((ch = getopt(argc, argv, "a:d:fh:pr:")) != EOF)
+	while ((ch = getopt(argc, argv, "a:d:fh:pr:")) != -1)
 	        switch (ch) {
 		case 'a':
 			if (strcmp (optarg, "none") == 0)
@@ -250,7 +250,7 @@ main(int argc, char **argv)
 			if (uid)
 				errx(1, "-h option: %s", strerror(EPERM));
 			hflag = 1;
-			strcpy_truncate(full_hostname,
+			strlcpy(full_hostname,
 					optarg,
 					sizeof(full_hostname));
 			if (domain && (p = strchr(optarg, '.')) &&
@@ -275,7 +275,7 @@ main(int argc, char **argv)
 				exit(1);
                         }
 			rflag = 1;
-			strcpy_truncate(full_hostname,
+			strlcpy(full_hostname,
 					optarg,
 					sizeof(full_hostname));
 			if (domain && (p = strchr(optarg, '.')) &&
@@ -383,7 +383,7 @@ main(int argc, char **argv)
 				badlogin(tbuf);
 			failures = 0;
 		}
-		strcpy_truncate(tbuf, username, sizeof(tbuf));
+		strlcpy(tbuf, username, sizeof(tbuf));
 
 		pwd = paranoid_getpwnam (username);
 
@@ -654,7 +654,7 @@ main(int argc, char **argv)
          * that LD_* and IFS are never preserved.
          */
 	if (term[0] == '\0')
-		strcpy_truncate(term, stypeof(tty), sizeof(term));
+		strlcpy(term, stypeof(tty), sizeof(term));
         /* set up a somewhat censored environment. */
         sysv_newenv(argc, argv, pwd, term, pflag);
 #ifdef KERBEROS
@@ -950,7 +950,7 @@ checknologin(void)
 static void
 dolastlog(int quiet)
 {
-#if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H) || defined(SYSV_SHADOW)
+#if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H)
 	struct lastlog ll;
 	int fd;
 
diff --git a/crypto/kerberosIV/appl/bsd/login_fbtab.c b/crypto/kerberosIV/appl/bsd/login_fbtab.c
index f831909..3aa5e4c 100644
--- a/crypto/kerberosIV/appl/bsd/login_fbtab.c
+++ b/crypto/kerberosIV/appl/bsd/login_fbtab.c
@@ -58,7 +58,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: login_fbtab.c,v 1.13 1999/01/14 00:37:59 assar Exp $");
+RCSID("$Id: login_fbtab.c,v 1.14 1999/09/16 20:37:24 assar Exp $");
 
 void	login_protect	(char *, char *, int, uid_t, gid_t);
 void	login_fbtab	(char *tty, uid_t uid, gid_t gid);
@@ -126,7 +126,7 @@ login_protect(char *table, char *path, int mask, uid_t uid, gid_t gid)
 	if (chown(path, uid, gid) && errno != ENOENT)
 	    syslog(LOG_ERR, "%s: chown(%s): %m", table, path);
     } else {
-	strcpy_truncate (buf, path, sizeof(buf));
+	strlcpy (buf, path, sizeof(buf));
 	if (sizeof(buf) > pathlen)
 	    buf[pathlen - 2] = '\0';
  	/* Solaris evidently operates on the directory as well */
@@ -142,7 +142,7 @@ login_protect(char *table, char *path, int mask, uid_t uid, gid_t gid)
 	    while ((ent = readdir(dir)) != 0) {
 		if (strcmp(ent->d_name, ".") != 0
 		    && strcmp(ent->d_name, "..") != 0) {
-		    strcpy_truncate (buf + pathlen - 1,
+		    strlcpy (buf + pathlen - 1,
 				     ent->d_name,
 				     sizeof(buf) - (pathlen + 1));
 		    login_protect(table, buf, mask, uid, gid);
diff --git a/crypto/kerberosIV/appl/bsd/osfc2.c b/crypto/kerberosIV/appl/bsd/osfc2.c
index 78f2e6e..fbfd742 100644
--- a/crypto/kerberosIV/appl/bsd/osfc2.c
+++ b/crypto/kerberosIV/appl/bsd/osfc2.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -37,7 +32,7 @@
  */
 
 #include "bsd_locl.h"
-RCSID("$Id: osfc2.c,v 1.1 1998/09/28 11:47:36 joda Exp $");
+RCSID("$Id: osfc2.c,v 1.2 1999/12/02 16:58:28 joda Exp $");
 
 int
 do_osfc2_magic(uid_t uid)
diff --git a/crypto/kerberosIV/appl/bsd/rcmd_util.c b/crypto/kerberosIV/appl/bsd/rcmd_util.c
index 1884133..1dfb46d 100644
--- a/crypto/kerberosIV/appl/bsd/rcmd_util.c
+++ b/crypto/kerberosIV/appl/bsd/rcmd_util.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: rcmd_util.c,v 1.17 1997/09/24 21:14:23 assar Exp $");
+RCSID("$Id: rcmd_util.c,v 1.19 1999/12/02 16:58:28 joda Exp $");
 
 int
 get_login_port(int kerberos, int encryption)
@@ -130,9 +125,15 @@ static struct { int speed; int bps; } conv[] = {
 #ifdef B19200
     {B19200, 19200},
 #endif
+#ifdef EXTA
+    {EXTA, 19200},
+#endif
 #ifdef B38400
     {B38400, 38400},
 #endif
+#ifdef EXTB
+    {EXTB, 38400},
+#endif
 #ifdef B57600
     {B57600, 57600},
 #endif
diff --git a/crypto/kerberosIV/appl/bsd/rcp.c b/crypto/kerberosIV/appl/bsd/rcp.c
index 39fd36e..be87097 100644
--- a/crypto/kerberosIV/appl/bsd/rcp.c
+++ b/crypto/kerberosIV/appl/bsd/rcp.c
@@ -33,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: rcp.c,v 1.49 1999/07/06 03:17:58 assar Exp $");
+RCSID("$Id: rcp.c,v 1.52 1999/11/16 16:54:16 bg Exp $");
 
 /* Globals */
 static char	dst_realm_buf[REALM_SZ];
@@ -41,7 +41,9 @@ static char	*dest_realm = NULL;
 static int	use_kerberos = 1;
 
 static int	doencrypt = 0;
-#define	OPTIONS	"dfKk:prtx"
+#define	OPTIONS	"dfKk:prtxl:"
+
+static char *user_name = NULL;	/* Given as -l option. */
 
 static int errs, rem;
 static struct passwd *pwd;
@@ -146,11 +148,11 @@ run_err(const char *fmt, ...)
 	va_start(args, fmt);
 	++errs;
 #define RCPERR "\001rcp: "
-	strcpy_truncate (errbuf, RCPERR, sizeof(errbuf));
+	strlcpy (errbuf, RCPERR, sizeof(errbuf));
 	vsnprintf (errbuf + strlen(errbuf),
 		   sizeof(errbuf) - strlen(errbuf),
 		   fmt, args);
-	strcat_truncate (errbuf, "\n", sizeof(errbuf));
+	strlcat (errbuf, "\n", sizeof(errbuf));
 	des_write (rem, errbuf, strlen(errbuf));
 	if (!iamremote)
 		vwarnx(fmt, args);
@@ -490,7 +492,7 @@ toremote(char *targ, int argc, char **argv)
 			exit(1);
 	} else {
 		thost = argv[argc - 1];
-		tuser = NULL;
+		tuser = user_name;
 	}
 
 	for (i = 0; i < argc - 1; i++) {
@@ -854,6 +856,8 @@ tolocal(int argc, char **argv)
 #else
 			host = argv[i];
 			suser = pwd->pw_name;
+			if (user_name)
+			    suser = user_name;
 #endif
 		} else {
 			*host++ = 0;
@@ -937,14 +941,14 @@ main(int argc, char **argv)
 
 
 	fflag = tflag = 0;
-	while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
+	while ((ch = getopt(argc, argv, OPTIONS)) != -1)
 		switch(ch) {			/* User-visible flags. */
 		case 'K':
 			use_kerberos = 0;
 			break;
 		case 'k':
 			dest_realm = dst_realm_buf;
-			strcpy_truncate(dst_realm_buf, optarg, REALM_SZ);
+			strlcpy(dst_realm_buf, optarg, REALM_SZ);
 			break;
 		case 'x':
 			doencrypt = 1;
@@ -968,6 +972,9 @@ main(int argc, char **argv)
 			iamremote = 1;
 			tflag = 1;
 			break;
+		case 'l':
+		        user_name = optarg;
+			break;
 		case '?':
 		default:
 			usage();
diff --git a/crypto/kerberosIV/appl/bsd/rlogin.c b/crypto/kerberosIV/appl/bsd/rlogin.c
index 5bc6196..d057ede 100644
--- a/crypto/kerberosIV/appl/bsd/rlogin.c
+++ b/crypto/kerberosIV/appl/bsd/rlogin.c
@@ -36,7 +36,7 @@
  */
 #include "bsd_locl.h"
 
-RCSID("$Id: rlogin.c,v 1.65 1999/03/13 21:13:54 assar Exp $");
+RCSID("$Id: rlogin.c,v 1.67 1999/11/13 06:13:02 assar Exp $");
 
 CREDENTIALS cred;
 Key_schedule schedule;
@@ -556,7 +556,7 @@ main(int argc, char **argv)
 	}
 
 #define	OPTIONS	"8DEKLde:k:l:xp:"
-	while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF)
+	while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
 		switch(ch) {
 		case '8':
 			eight = 1;
@@ -579,7 +579,7 @@ main(int argc, char **argv)
 			break;
 		case 'k':
 			dest_realm = dst_realm_buf;
-			strcpy_truncate(dest_realm, optarg, REALM_SZ);
+			strlcpy(dest_realm, optarg, REALM_SZ);
 			break;
 		case 'l':
 			user = optarg;
diff --git a/crypto/kerberosIV/appl/bsd/rlogind.c b/crypto/kerberosIV/appl/bsd/rlogind.c
index d36df92..927ffc5 100644
--- a/crypto/kerberosIV/appl/bsd/rlogind.c
+++ b/crypto/kerberosIV/appl/bsd/rlogind.c
@@ -42,7 +42,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: rlogind.c,v 1.107.2.1 1999/07/22 03:14:39 assar Exp $");
+RCSID("$Id: rlogind.c,v 1.109 1999/11/25 05:27:38 assar Exp $");
 
 extern int __check_rhosts_file;
 
@@ -319,7 +319,7 @@ main(int argc, char **argv)
     openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
 
     opterr = 0;
-    while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
+    while ((ch = getopt(argc, argv, ARGSTR)) != -1)
 	switch (ch) {
 	case 'D':
 	    no_delay = 1;
diff --git a/crypto/kerberosIV/appl/bsd/rsh.c b/crypto/kerberosIV/appl/bsd/rsh.c
index be2dfea..87fe1fe 100644
--- a/crypto/kerberosIV/appl/bsd/rsh.c
+++ b/crypto/kerberosIV/appl/bsd/rsh.c
@@ -33,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: rsh.c,v 1.41 1999/06/17 18:49:18 assar Exp $");
+RCSID("$Id: rsh.c,v 1.43 1999/11/13 06:13:34 assar Exp $");
 
 CREDENTIALS cred;
 Key_schedule schedule;
@@ -205,7 +205,7 @@ main(int argc, char **argv)
     }
 
 #define	OPTIONS	"+8KLde:k:l:np:wx"
-    while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF)
+    while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
 	switch(ch) {
 	case 'K':
 	    use_kerberos = 0;
@@ -223,7 +223,7 @@ main(int argc, char **argv)
 	    break;
 	case 'k':
 	    dest_realm = dst_realm_buf;
-	    strcpy_truncate(dest_realm, optarg, REALM_SZ);
+	    strlcpy(dest_realm, optarg, REALM_SZ);
 	    break;
 	case 'n':
 	    nflag = nfork = 1;
diff --git a/crypto/kerberosIV/appl/bsd/rshd.c b/crypto/kerberosIV/appl/bsd/rshd.c
index 1a30793..ed91feb 100644
--- a/crypto/kerberosIV/appl/bsd/rshd.c
+++ b/crypto/kerberosIV/appl/bsd/rshd.c
@@ -42,7 +42,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: rshd.c,v 1.58 1999/06/17 18:49:43 assar Exp $");
+RCSID("$Id: rshd.c,v 1.60 1999/11/13 06:13:53 assar Exp $");
 
 extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */
 extern int __check_rhosts_file;
@@ -82,7 +82,7 @@ main(int argc, char *argv[])
     openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON);
 
     opterr = 0;
-    while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
+    while ((ch = getopt(argc, argv, OPTIONS)) != -1)
 	switch (ch) {
 	case 'a':
 	    break;
@@ -565,13 +565,13 @@ doit(struct sockaddr_in *fromp)
     setgid((gid_t)pwd->pw_gid);
     initgroups(pwd->pw_name, pwd->pw_gid);
     setuid((uid_t)pwd->pw_uid);
-    strcat_truncate(homedir, pwd->pw_dir, sizeof(homedir));
+    strlcat(homedir, pwd->pw_dir, sizeof(homedir));
 
     /* Need to prepend path with BINDIR (/usr/athena/bin) to find rcp */
     snprintf(path, sizeof(path), "PATH=%s:%s", BINDIR, _PATH_DEFPATH);
 
-    strcat_truncate(shell, pwd->pw_shell, sizeof(shell));
-    strcat_truncate(username, pwd->pw_name, sizeof(username));
+    strlcat(shell, pwd->pw_shell, sizeof(shell));
+    strlcat(username, pwd->pw_name, sizeof(username));
     cp = strrchr(pwd->pw_shell, '/');
     if (cp)
 	cp++;
diff --git a/crypto/kerberosIV/appl/bsd/stty_default.c b/crypto/kerberosIV/appl/bsd/stty_default.c
index b7112c1..0135823 100644
--- a/crypto/kerberosIV/appl/bsd/stty_default.c
+++ b/crypto/kerberosIV/appl/bsd/stty_default.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: stty_default.c,v 1.6 1997/04/01 08:17:17 joda Exp $");
+RCSID("$Id: stty_default.c,v 1.7 1999/12/02 16:58:28 joda Exp $");
 
 #include <termios.h>
 
diff --git a/crypto/kerberosIV/appl/bsd/su.c b/crypto/kerberosIV/appl/bsd/su.c
index d0da21d..cb24591 100644
--- a/crypto/kerberosIV/appl/bsd/su.c
+++ b/crypto/kerberosIV/appl/bsd/su.c
@@ -33,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID ("$Id: su.c,v 1.66 1999/03/11 13:57:58 joda Exp $");
+RCSID ("$Id: su.c,v 1.70 1999/11/13 06:14:11 assar Exp $");
 
 #ifdef SYSV_SHADOW
 #include "sysv_shadow.h"
@@ -46,8 +46,9 @@ static int koktologin (char *name, char *realm, char *toname);
 static int chshell (char *sh);
 
 /* Handle '-' option after all the getopt options */
-#define	ARGSTR	"Kflmi:"
+#define	ARGSTR	"Kflmti:"
 
+int destroy_tickets = 0;
 static int use_kerberos = 1;
 static char *root_inst = "root";
 
@@ -66,7 +67,7 @@ main (int argc, char **argv)
     set_progname (argv[0]);
 
     asme = asthem = fastlogin = 0;
-    while ((ch = getopt (argc, argv, ARGSTR)) != EOF)
+    while ((ch = getopt (argc, argv, ARGSTR)) != -1)
 	switch ((char) ch) {
 	case 'K':
 	    use_kerberos = 0;
@@ -82,13 +83,16 @@ main (int argc, char **argv)
 	    asme = 1;
 	    asthem = 0;
 	    break;
+	case 't':
+	    destroy_tickets = 1;
+	    break;
 	case 'i':
 	    root_inst = optarg;
 	    break;
 	case '?':
 	default:
 	    fprintf (stderr,
-		     "usage: su [-Kflm] [-i root-instance] [-] [login]\n");
+		     "usage: su [-Kflmt] [-i root-instance] [-] [login]\n");
 	    exit (1);
 	}
     /* Don't handle '-' option with getopt */
@@ -127,7 +131,7 @@ main (int argc, char **argv)
 	errx (1, "strdup: out of memory");
     if (asme) {
 	if (pwd->pw_shell && *pwd->pw_shell) {
-	    strcpy_truncate (shellbuf, pwd->pw_shell, sizeof(shellbuf));
+	    strlcpy (shellbuf, pwd->pw_shell, sizeof(shellbuf));
 	    shell = shellbuf;
 	} else {
 	    shell = _PATH_BSHELL;
@@ -282,6 +286,8 @@ main (int argc, char **argv)
 	if (code != KSUCCESS && code != KDC_PR_UNKNOWN)
 	    warnx ("afsklog: %s", krb_get_err_text (code));
     }
+    if (destroy_tickets)
+        dest_tkt ();
     execv (shell, np);
     warn ("execv(%s)", shell);
     if (getuid () == 0) {
@@ -408,7 +414,7 @@ kerberos (char *username, char *user, int uid)
 	dest_tkt ();
 	return (1);
     }
-    strcpy_truncate (savehost, krb_get_phost (hostname), sizeof (savehost));
+    strlcpy (savehost, krb_get_phost (hostname), sizeof (savehost));
 
     kerno = krb_mk_req (&ticket, "rcmd", savehost, lrealm, 33);
 
@@ -452,7 +458,8 @@ kerberos (char *username, char *user, int uid)
 	    return (1);
 	}
     }
-    fprintf (stderr, "Don't forget to kdestroy before exiting the shell.\n");
+    if (!destroy_tickets)
+        fprintf (stderr, "Don't forget to kdestroy before exiting the shell.\n");
     return (0);
 }
 
diff --git a/crypto/kerberosIV/appl/bsd/tty.c b/crypto/kerberosIV/appl/bsd/tty.c
index 3192426..2a903db 100644
--- a/crypto/kerberosIV/appl/bsd/tty.c
+++ b/crypto/kerberosIV/appl/bsd/tty.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: tty.c,v 1.2 1997/05/25 01:14:22 assar Exp $");
+RCSID("$Id: tty.c,v 1.3 1999/12/02 16:58:28 joda Exp $");
 
 /*
  * Clean the tty name.  Return a pointer to the cleaned version.
diff --git a/crypto/kerberosIV/appl/bsd/utmp_login.c b/crypto/kerberosIV/appl/bsd/utmp_login.c
index 8c1a2d3..d2879fe 100644
--- a/crypto/kerberosIV/appl/bsd/utmp_login.c
+++ b/crypto/kerberosIV/appl/bsd/utmp_login.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "bsd_locl.h"
 
-RCSID("$Id: utmp_login.c,v 1.15 1999/03/29 17:57:16 joda Exp $");
+RCSID("$Id: utmp_login.c,v 1.16 1999/12/02 16:58:29 joda Exp $");
 
 #ifdef HAVE_UTMP_H
 void
diff --git a/crypto/kerberosIV/appl/ftp/ChangeLog b/crypto/kerberosIV/appl/ftp/ChangeLog
index 422f4a5..e2e1bb5 100644
--- a/crypto/kerberosIV/appl/ftp/ChangeLog
+++ b/crypto/kerberosIV/appl/ftp/ChangeLog
@@ -1,8 +1,188 @@
+1999-11-30  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpd.c (getdatasock): make sure to keep the port-number of
+ 	the outgoing connections.  It has to be `ftp-data' or some people
+ 	might get upset.
+
+	* ftpd/ftpd.c (args): set correct variable when `-l' so that
+ 	logging actually works
+
+1999-11-29  Assar Westerlund  <assar@sics.se>
+
+	* ftp/security.c (sec_login): check return value from realloc
+	(sec_end): set app_data to NULL
+
+1999-11-25  Assar Westerlund  <assar@sics.se>
+
+	* ftp/krb4.c (krb4_auth): obtain the `local' address when doing
+	NAT.  also turn on passive mode.  From <thn@stacken.kth.se>
+
+1999-11-20  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ls.c (make_fileinfo): cast to allow for non-const
+ 	prototypes of readlink
+
+1999-11-12  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpd.c (args): use arg_counter for `l'
+	
+1999-11-04  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ls.c (S_ISSOCK, S_ISLNK): fallback definitions for systems
+ 	that don't have them (such as ultrix)
+
+1999-10-29  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ls.c (make_fileinfo): cast uid's and gid's to unsigned in
+ 	printf, we don't know what types they might be.
+	(lstat_file): conditionalize the kafs part on KRB4
+
+	* ftpd/ftpd_locl.h: <sys/ioccom.h> is needed for kafs.h
+
+1999-10-28  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ls.c (lstat_file): don't set st_mode, it should already be
+ 	correct
+
+	* ftpd/ls.c: don't use warnx to print errors
+
+	* ftpd/ls.c (builtin_ls): fix typo, 'd' shouldn't imply 'f'
+
+	* ftpd/ls.c (lstat_file): new function for avoiding stating AFS
+ 	mount points.  From Love <lha@s3.kth.se>
+	(list_files): use `lstat_file'
+
+	* ftpd/ftpd.c: some const-poisoning
+
+	* ftpd/ftpd.c (args): add `-B' as an alias for `--builtin-ls' to
+ 	allow for stupid inetds that only support two arguments.  From
+ 	Love <lha@s3.kth.se>
+
+1999-10-26  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpcmd.y (help): it's unnecessary to interpret help strings
+ 	as printf commands
+
+	* ftpd/ftpd.c (show_issue): don't interpret contents of
+ 	/etc/issue* as printf commands.  From Brian A May
+ 	<bmay@dgs.monash.edu.au>
+
+1999-10-21  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/kauth.c (kauth): complain if protection level isn't
+	`private'
+
+	* ftp/krb4.c (krb4_decode): syslog failure reason
+
+	* ftp/kauth.c (kauth): set private level earlier
+
+	* ftp/security.c: get_command_prot; (sec_prot): partially match
+	`command' and `data'
+
+1999-10-18  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/ftpd.c: change `-l' flag to use arg_collect (this makes
+	`-ll' work again)
+
+	* ftpd/ftpd.c (list_file): pass filename to ls
+
+1999-10-04  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/ftpcmd.y: FEAT
+
+1999-10-03  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ls.c: fall-back definitions for constans and casts for
+ 	printfs
+
+1999-10-03  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/ftpd.c (main): make this use getarg; add `list_file'
+
+	* ftpd/ftpcmd.y (LIST): call list_file
+
+	* ftpd/ls.c: add simple built-in ls
+
+	* ftp/security.c: add `sec_vfprintf2' and `sec_fprintf2' that
+	prints to the data stream
+
+	* ftp/kauth.c (kauth): make sure we're using private protection
+	level
+
+	* ftp/security.c (set_command_prot): set command protection level
+
+	* ftp/security.c: make it possible to set the command protection
+	level with `prot'
+
+1999-09-30  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpd_locl.h: add prototype for fclose to make sunos happy
+
+1999-08-19  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/ftpd.c (do_login): show issue-file
+	(send_data): change handling of zero-byte files
+
 1999-08-18  Assar Westerlund  <assar@sics.se>
 
 	* ftp/cmds.c (getit): be more suspicious when parsing the result
  	of MDTM.  Do the comparison of timestamps correctly.
 
+1999-08-13  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpd.c (send_data): avoid calling mmap with `len == 0'.
+  	Some mmap:s rather dislike that (Solaris) and some munmap (Linux)
+ 	get grumpy later.
+
+	* ftp/ftp.c (copy_stream): avoid calling mmap with `len == 0'.
+  	Some mmap:s rather dislike that (Solaris) and some munmap (Linux)
+ 	get grumpy later.
+
+1999-08-03  Assar Westerlund  <assar@sics.se>
+
+	* ftp/ftp.c (active_mode): hide failure of EPRT by setting verbose
+
+	* ftp/gssapi.c (gss_auth): initialize application_data in bindings
+
+1999-08-02  Assar Westerlund  <assar@sics.se>
+
+	* ftpd/ftpcmd.y: save file names when doing commands that might
+ 	get aborted (and longjmp:ed out of) to avoid overwriting them also
+ 	remove extra closing brace
+
+1999-08-01  Johan Danielsson  <joda@pdc.kth.se>
+
+	* ftpd/ftpcmd.y: change `site find' to `site locate' (to match
+	what it does, and other implementations) keep find as an alias
+
+1999-07-28  Assar Westerlund  <assar@sics.se>
+
+	* common/socket.c: moved to roken
+
+	* common/socket.c: new file with generic socket functions
+
+	* ftpd/ftpd.c: make it more AF-neutral and v6-capable
+
+	* ftpd/ftpcmd.y: add EPRT and EPSV
+
+	* ftpd/extern.h: update prototypes and variables
+
+	* ftp/krb4.c: update to new types of addresses
+
+	* ftp/gssapi.c: add support for both AF_INET and AF_INET6
+ 	addresses
+
+	* ftp/ftp.c: make it more AF-neutral and v6-capable
+
+	* ftp/extern.h (hookup): change prototype
+
+	* common/common.h: add prototypes for functions in socket.c
+
+	* common/Makefile.am (libcommon_a_SOURCES): add socket.c
+
+	* ftp/gssapi.c (gss_auth): check return value from
+ 	`gss_import_name' and print error messages if it fails
+
 1999-06-15  Assar Westerlund  <assar@sics.se>
 
 	* ftp/krb4.c (krb4_auth): type correctness
diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.am b/crypto/kerberosIV/appl/ftp/common/Makefile.am
index 2ab5801..4fab07b 100644
--- a/crypto/kerberosIV/appl/ftp/common/Makefile.am
+++ b/crypto/kerberosIV/appl/ftp/common/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.7 1999/03/20 13:58:14 joda Exp $
+# $Id: Makefile.am,v 1.9 1999/07/28 21:15:06 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
diff --git a/crypto/kerberosIV/appl/ftp/common/buffer.c b/crypto/kerberosIV/appl/ftp/common/buffer.c
index 97e2815..0385d49 100644
--- a/crypto/kerberosIV/appl/ftp/common/buffer.c
+++ b/crypto/kerberosIV/appl/ftp/common/buffer.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -41,7 +36,7 @@
 #include <err.h>
 #include "roken.h"
 
-RCSID("$Id: buffer.c,v 1.2 1997/12/14 23:51:45 assar Exp $");
+RCSID("$Id: buffer.c,v 1.3 1999/12/02 16:58:29 joda Exp $");
 
 /*
  * Allocate a buffer enough to handle st->st_blksize, if
diff --git a/crypto/kerberosIV/appl/ftp/common/common.h b/crypto/kerberosIV/appl/ftp/common/common.h
index 4ec3149..5949b25 100644
--- a/crypto/kerberosIV/appl/ftp/common/common.h
+++ b/crypto/kerberosIV/appl/ftp/common/common.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: common.h,v 1.9 1997/05/18 19:59:58 assar Exp $ */
+/* $Id: common.h,v 1.12 1999/12/02 16:58:29 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -56,6 +51,9 @@ void set_buffer_size(int, int);
 #ifdef HAVE_SYS_STAT_H
 #include <sys/stat.h>
 #endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
 
 void *alloc_buffer (void *oldbuf, size_t *sz, struct stat *st);
 
diff --git a/crypto/kerberosIV/appl/ftp/common/sockbuf.c b/crypto/kerberosIV/appl/ftp/common/sockbuf.c
index ab8c293..460cc6f 100644
--- a/crypto/kerberosIV/appl/ftp/common/sockbuf.c
+++ b/crypto/kerberosIV/appl/ftp/common/sockbuf.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -44,7 +39,7 @@
 #include <sys/socket.h>
 #endif
 
-RCSID("$Id: sockbuf.c,v 1.2 1997/05/11 10:01:48 assar Exp $");
+RCSID("$Id: sockbuf.c,v 1.3 1999/12/02 16:58:29 joda Exp $");
 
 void
 set_buffer_size(int fd, int read)
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmds.c b/crypto/kerberosIV/appl/ftp/ftp/cmds.c
index 1571fc8..7698313 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/cmds.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/cmds.c
@@ -36,7 +36,7 @@
  */
 
 #include "ftp_locl.h"
-RCSID("$Id: cmds.c,v 1.34.2.1 1999/08/18 18:19:44 assar Exp $");
+RCSID("$Id: cmds.c,v 1.36 1999/09/16 20:37:28 assar Exp $");
 
 typedef void (*sighand)(int);
 
@@ -119,16 +119,16 @@ setpeer(int argc, char **argv)
 		/*
 		 * Set up defaults for FTP.
 		 */
-		strcpy_truncate(typename, "ascii", sizeof(typename));
+		strlcpy(typename, "ascii", sizeof(typename));
 		type = TYPE_A;
 		curtype = TYPE_A;
-		strcpy_truncate(formname, "non-print", sizeof(formname));
+		strlcpy(formname, "non-print", sizeof(formname));
 		form = FORM_N;
-		strcpy_truncate(modename, "stream", sizeof(modename));
+		strlcpy(modename, "stream", sizeof(modename));
 		mode = MODE_S;
-		strcpy_truncate(structname, "file", sizeof(structname));
+		strlcpy(structname, "file", sizeof(structname));
 		stru = STRU_F;
-		strcpy_truncate(bytename, "8", sizeof(bytename));
+		strlcpy(bytename, "8", sizeof(bytename));
 		bytesize = 8;
 		if (autologin)
 			login(argv[1]);
@@ -170,7 +170,7 @@ setpeer(int argc, char **argv)
 			 * for text files unless changed by the user.
 			 */
 			type = 0;
-			strcpy_truncate(typename, "binary", sizeof(typename));
+			strlcpy(typename, "binary", sizeof(typename));
 			if (overbose)
 			    printf("Using %s mode to transfer files.\n",
 				typename);
@@ -243,7 +243,7 @@ settype(int argc, char **argv)
 	else
 		comret = command("TYPE %s", p->t_mode);
 	if (comret == COMPLETE) {
-		strcpy_truncate(typename, p->t_name, sizeof(typename));
+		strlcpy(typename, p->t_name, sizeof(typename));
 		curtype = type = p->t_type;
 	}
 }
@@ -784,7 +784,7 @@ remglob(char **argv, int doswitch)
     }
     if (ftemp == NULL) {
 	int fd;
-	strcpy_truncate(temp, _PATH_TMP_XXX, sizeof(temp));
+	strlcpy(temp, _PATH_TMP_XXX, sizeof(temp));
 	fd = mkstemp(temp);
 	if(fd < 0){
 	    warn("unable to create temporary file %s", temp);
@@ -1419,11 +1419,11 @@ quote1(char *initial, int argc, char **argv)
     int i;
     char buf[BUFSIZ];		/* must be >= sizeof(line) */
 
-    strcpy_truncate(buf, initial, sizeof(buf));
+    strlcpy(buf, initial, sizeof(buf));
     for(i = 1; i < argc; i++) {
 	if(i > 1)
-	    strcat_truncate(buf, " ", sizeof(buf));
-	strcat_truncate(buf, argv[i], sizeof(buf));
+	    strlcat(buf, " ", sizeof(buf));
+	strlcat(buf, argv[i], sizeof(buf));
     }
     if (command("%s", buf) == PRELIM) {
 	while (getreply(0) == PRELIM)
@@ -1575,11 +1575,11 @@ account(int argc, char **argv)
 	if (argc > 1) {
 		++argv;
 		--argc;
-		strcpy_truncate (acct, *argv, sizeof(acct));
+		strlcpy (acct, *argv, sizeof(acct));
 		while (argc > 1) {
 			--argc;
 			++argv;
-			strcat_truncate(acct, *argv, sizeof(acct));
+			strlcat(acct, *argv, sizeof(acct));
 		}
 	}
 	else {
@@ -1691,12 +1691,12 @@ setntrans(int argc, char **argv)
 	}
 	ntflag++;
 	code = ntflag;
-	strcpy_truncate (ntin, argv[1], 17);
+	strlcpy (ntin, argv[1], 17);
 	if (argc == 2) {
 		ntout[0] = '\0';
 		return;
 	}
-	strcpy_truncate (ntout, argv[2], 17);
+	strlcpy (ntout, argv[2], 17);
 }
 
 char *
@@ -1753,10 +1753,10 @@ setnmap(int argc, char **argv)
 		cp = strchr(altarg, ' ');
 	}
 	*cp = '\0';
-	strcpy_truncate(mapin, altarg, MaxPathLen);
+	strlcpy(mapin, altarg, MaxPathLen);
 	while (*++cp == ' ')
 		continue;
-	strcpy_truncate(mapout, cp, MaxPathLen);
+	strlcpy(mapout, cp, MaxPathLen);
 }
 
 char *
@@ -2008,7 +2008,7 @@ macdef(int argc, char **argv)
 	if (interactive) {
 		printf("Enter macro line by line, terminating it with a null line\n");
 	}
-	strcpy_truncate(macros[macnum].mac_name,
+	strlcpy(macros[macnum].mac_name,
 			argv[1],
 			sizeof(macros[macnum].mac_name));
 	if (macnum == 0) {
diff --git a/crypto/kerberosIV/appl/ftp/ftp/domacro.c b/crypto/kerberosIV/appl/ftp/ftp/domacro.c
index 432e3e5..d91660d 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/domacro.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/domacro.c
@@ -32,7 +32,7 @@
  */
 
 #include "ftp_locl.h"
-RCSID("$Id: domacro.c,v 1.6 1998/06/09 19:24:21 joda Exp $");
+RCSID("$Id: domacro.c,v 1.7 1999/09/16 20:37:29 assar Exp $");
 
 void
 domacro(int argc, char **argv)
@@ -56,7 +56,7 @@ domacro(int argc, char **argv)
 		code = -1;
 		return;
 	}
-	strcpy_truncate(line2, line, sizeof(line2));
+	strlcpy(line2, line, sizeof(line2));
 TOP:
 	cp1 = macros[i].mac_start;
 	while (cp1 != macros[i].mac_end) {
diff --git a/crypto/kerberosIV/appl/ftp/ftp/extern.h b/crypto/kerberosIV/appl/ftp/ftp/extern.h
index 5efe918..d488ecd 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/extern.h
+++ b/crypto/kerberosIV/appl/ftp/ftp/extern.h
@@ -33,7 +33,7 @@
  *	@(#)extern.h	8.3 (Berkeley) 10/9/94
  */
 
-/* $Id: extern.h,v 1.16 1999/05/21 09:21:51 assar Exp $ */
+/* $Id: extern.h,v 1.18 1999/10/28 20:49:10 assar Exp $ */
 
 #include <setjmp.h>
 #include <stdlib.h>
@@ -62,7 +62,7 @@ void	cmdabort (int);
 void	cmdscanner (int);
 int	command (char *fmt, ...);
 int	confirm (char *, char *);
-FILE   *dataconn (char *);
+FILE   *dataconn (const char *);
 void	delete (int, char **);
 void	disconnect (int, char **);
 void	do_chmod (int, char **);
@@ -80,7 +80,7 @@ int	getreply (int);
 int	globulize (char **);
 char   *gunique (char *);
 void	help (int, char **);
-char   *hookup (char *, int);
+char   *hookup (const char *, int);
 void	ftp_idle (int, char **);
 int     initconn (void);
 void	intr (int);
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp.c b/crypto/kerberosIV/appl/ftp/ftp/ftp.c
index 3021a19..833fb08 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/ftp.c
@@ -32,16 +32,19 @@
  */
 
 #include "ftp_locl.h"
-RCSID ("$Id: ftp.c,v 1.55 1999/06/02 20:12:22 joda Exp $");
-
-struct sockaddr_in hisctladdr;
-struct sockaddr_in data_addr;
+RCSID ("$Id: ftp.c,v 1.60 1999/10/28 19:32:17 assar Exp $");
+
+struct sockaddr_storage hisctladdr_ss;
+struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss;
+struct sockaddr_storage data_addr_ss;
+struct sockaddr *data_addr  = (struct sockaddr *)&data_addr_ss;
+struct sockaddr_storage myctladdr_ss;
+struct sockaddr *myctladdr = (struct sockaddr *)&myctladdr_ss;
 int data = -1;
 int abrtflag = 0;
 jmp_buf ptabort;
 int ptabflg;
 int ptflag = 0;
-struct sockaddr_in myctladdr;
 off_t restart_point = 0;
 
 
@@ -50,77 +53,76 @@ FILE *cin, *cout;
 typedef void (*sighand) (int);
 
 char *
-hookup (char *host, int port)
+hookup (const char *host, int port)
 {
-    struct hostent *hp = 0;
+    struct hostent *hp = NULL;
     int s, len;
     static char hostnamebuf[MaxHostNameLen];
+    int error;
+    int af;
+    char **h;
+    int ret;
+
+#ifdef HAVE_IPV6
+    if (hp == NULL)
+	hp = getipnodebyname (host, AF_INET6, 0, &error);
+#endif
+    if (hp == NULL)
+	hp = getipnodebyname (host, AF_INET, 0, &error);
 
-    memset (&hisctladdr, 0, sizeof (hisctladdr));
-    if (inet_aton (host, &hisctladdr.sin_addr)) {
-	hisctladdr.sin_family = AF_INET;
-	strcpy_truncate (hostnamebuf, host, sizeof (hostnamebuf));
-    } else {
-	hp = gethostbyname (host);
-	if (hp == NULL) {
-	    warnx("%s: %s", host, hstrerror(h_errno));
-	    code = -1;
-	    return NULL;
-	}
-	hisctladdr.sin_family = hp->h_addrtype;
-	memmove(&hisctladdr.sin_addr,
-		hp->h_addr_list[0],
-		sizeof(hisctladdr.sin_addr));
-	strcpy_truncate (hostnamebuf, hp->h_name, sizeof (hostnamebuf));
-    }
-    hostname = hostnamebuf;
-    s = socket (hisctladdr.sin_family, SOCK_STREAM, 0);
-    if (s < 0) {
-	warn ("socket");
+    if (hp == NULL) {
+	warnx ("%s: %s", host, hstrerror(error));
 	code = -1;
-	return (0);
+	return NULL;
     }
-    hisctladdr.sin_port = port;
-    while (connect (s, (struct sockaddr *) & hisctladdr, sizeof (hisctladdr)) < 0) {
-	if (hp && hp->h_addr_list[1]) {
-	    int oerrno = errno;
-	    char *ia;
-
-	    ia = inet_ntoa (hisctladdr.sin_addr);
-	    errno = oerrno;
-	    warn ("connect to address %s", ia);
-	    hp->h_addr_list++;
-	    memmove (&hisctladdr.sin_addr,
-		     hp->h_addr_list[0],
-		     sizeof (hisctladdr.sin_addr));
-	    fprintf (stdout, "Trying %s...\n",
-		     inet_ntoa (hisctladdr.sin_addr));
+    strlcpy (hostnamebuf, hp->h_name, sizeof(hostnamebuf));
+    hostname = hostnamebuf;
+    af = hisctladdr->sa_family = hp->h_addrtype;
+
+    for (h = hp->h_addr_list;
+	 *h != NULL;
+	 ++h) {
+	
+	s = socket (af, SOCK_STREAM, 0);
+	if (s < 0) {
+	    warn ("socket");
+	    code = -1;
+	    freehostent (hp);
+	    return (0);
+	}
+
+	socket_set_address_and_port (hisctladdr, *h, port);
+
+	ret = connect (s, hisctladdr, socket_sockaddr_size(hisctladdr));
+	if (ret < 0) {
+	    char addr[256];
+
+	    if (inet_ntop (af, socket_get_address(hisctladdr),
+			   addr, sizeof(addr)) == NULL)
+		strlcpy (addr, "unknown address",
+				 sizeof(addr));
+	    warn ("connect %s", addr);
 	    close (s);
-	    s = socket (hisctladdr.sin_family, SOCK_STREAM, 0);
-	    if (s < 0) {
-		warn ("socket");
-		code = -1;
-		return (0);
-	    }
 	    continue;
 	}
-	warn ("connect");
-	code = -1;
-	goto bad;
+	break;
     }
-    len = sizeof (myctladdr);
-    if (getsockname (s, (struct sockaddr *) & myctladdr, &len) < 0) {
-	warn ("getsockname");
+    freehostent (hp);
+    if (ret < 0) {
 	code = -1;
-	goto bad;
+	close (s);
+	return NULL;
     }
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    {
-	int tos = IPTOS_LOWDELAY;
 
-    if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
-	warn("setsockopt TOS (ignored)");
+    len = sizeof(myctladdr_ss);
+    if (getsockname (s, myctladdr, &len) < 0) {
+	warn ("getsockname");
+	code = -1;
+	close (s);
+	return NULL;
     }
+#ifdef IPTOS_LOWDELAY
+    socket_set_tos (s, IPTOS_LOWDELAY);
 #endif
     cin = fdopen (s, "r");
     cout = fdopen (s, "w");
@@ -198,7 +200,7 @@ login (char *host)
 	else
 	    user = tmp;
     }
-    strcpy_truncate(username, user, sizeof(username));
+    strlcpy(username, user, sizeof(username));
     n = command("USER %s", user);
     if (n == CONTINUE) {
 	if(sec_complete)
@@ -238,7 +240,7 @@ login (char *host)
 	return (1);
     for (n = 0; n < macnum; ++n) {
 	if (!strcmp("init", macros[n].mac_name)) {
-	    strcpy_truncate (line, "$init", sizeof (line));
+	    strlcpy (line, "$init", sizeof (line));
 	    makeargv();
 	    domacro(margc, margv);
 	    break;
@@ -375,7 +377,7 @@ getreply (int expecteof)
 			osa.sa_handler != SIG_IGN)
 			osa.sa_handler (SIGINT);
 #endif
-		    if (code == 227) {
+		    if (code == 227 || code == 229) {
 			char *p, *q;
 
 			pasv[0] = 0;
@@ -565,6 +567,11 @@ copy_stream (FILE * from, FILE * to)
 #endif
 
     if (fstat (fileno (from), &st) == 0 && S_ISREG (st.st_mode)) {
+	/*
+	 * mmap zero bytes has potential of loosing, don't do it.
+	 */
+	if (st.st_size == 0)
+	    return 0;
 	chunk = mmap (0, st.st_size, PROT_READ, MAP_SHARED, fileno (from), 0);
 	if (chunk != (void *) MAP_FAILED) {
 	    int res;
@@ -1120,154 +1127,249 @@ abort:
     signal (SIGINT, oldintr);
 }
 
-/*
- * Need to start a listen on the data channel before we send the command,
- * otherwise the server's connect may fail.
- */
-int
-initconn (void)
+static int
+parse_epsv (const char *str)
+{
+    char sep;
+    char *end;
+    int port;
+
+    if (*str == '\0')
+	return -1;
+    sep = *str++;
+    if (sep != *str++)
+	return -1;
+    if (sep != *str++)
+	return -1;
+    port = strtol (str, &end, 0);
+    if (str == end)
+	return -1;
+    if (end[0] != sep || end[1] != '\0')
+	return -1;
+    return htons(port);
+}
+
+static int
+parse_pasv (struct sockaddr_in *sin, const char *str)
 {
-    int result, len, tmpno = 0;
-    int on = 1;
     int a0, a1, a2, a3, p0, p1;
 
-    if (passivemode) {
-	data = socket (AF_INET, SOCK_STREAM, 0);
-	if (data < 0) {
-	    perror ("ftp: socket");
-	    return (1);
-	}
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
-	if ((options & SO_DEBUG) &&
-	    setsockopt (data, SOL_SOCKET, SO_DEBUG, (char *) &on,
-			sizeof (on)) < 0)
-	    perror ("ftp: setsockopt (ignored)");
-#endif
+    /*
+     * What we've got at this point is a string of comma separated
+     * one-byte unsigned integer values. The first four are the an IP
+     * address. The fifth is the MSB of the port number, the sixth is the
+     * LSB. From that we'll prepare a sockaddr_in.
+     */
+
+    if (sscanf (str, "%d,%d,%d,%d,%d,%d",
+		&a0, &a1, &a2, &a3, &p0, &p1) != 6) {
+	printf ("Passive mode address scan failure. "
+		"Shouldn't happen!\n");
+	return -1;
+    }
+    if (a0 < 0 || a0 > 255 ||
+	a1 < 0 || a1 > 255 ||
+	a2 < 0 || a2 > 255 ||
+	a3 < 0 || a3 > 255 ||
+	p0 < 0 || p0 > 255 ||
+	p1 < 0 || p1 > 255) {
+	printf ("Can't parse passive mode string.\n");
+	return -1;
+    }
+    memset (sin, 0, sizeof(*sin));
+    sin->sin_family      = AF_INET;
+    sin->sin_addr.s_addr = htonl ((a0 << 24) | (a1 << 16) |
+				  (a2 << 8) | a3);
+    sin->sin_port = htons ((p0 << 8) | p1);
+    return 0;
+}
+
+static int
+passive_mode (void)
+{
+    int port;
+
+    data = socket (myctladdr->sa_family, SOCK_STREAM, 0);
+    if (data < 0) {
+	warn ("socket");
+	return (1);
+    }
+    if (options & SO_DEBUG)
+	socket_set_debug (data);
+    if (command ("EPSV") != COMPLETE) {
 	if (command ("PASV") != COMPLETE) {
 	    printf ("Passive mode refused.\n");
 	    goto bad;
 	}
+    }
 
-	/*
-	 * What we've got at this point is a string of comma separated
-	 * one-byte unsigned integer values. The first four are the an IP
-	 * address. The fifth is the MSB of the port number, the sixth is the
-	 * LSB. From that we'll prepare a sockaddr_in.
-	 */
+    /*
+     * Parse the reply to EPSV or PASV
+     */
 
-	if (sscanf (pasv, "%d,%d,%d,%d,%d,%d",
-		    &a0, &a1, &a2, &a3, &p0, &p1) != 6) {
-	    printf ("Passive mode address scan failure. "
-		    "Shouldn't happen!\n");
-	    goto bad;
-	}
-	if (a0 < 0 || a0 > 255 ||
-	    a1 < 0 || a1 > 255 ||
-	    a2 < 0 || a2 > 255 ||
-	    a3 < 0 || a3 > 255 ||
-	    p0 < 0 || p0 > 255 ||
-	    p1 < 0 || p1 > 255) {
-	    printf ("Can't parse passive mode string.\n");
-	    goto bad;
-	}
-	memset(&data_addr, 0, sizeof(data_addr));
-	data_addr.sin_family = AF_INET;
-	data_addr.sin_addr.s_addr = htonl ((a0 << 24) | (a1 << 16) |
-					   (a2 << 8) | a3);
-	data_addr.sin_port = htons ((p0 << 8) | p1);
-
-	if (connect (data, (struct sockaddr *) & data_addr,
-		     sizeof (data_addr)) < 0) {
-	    perror ("ftp: connect");
+    port = parse_epsv (pasv);
+    if (port > 0) {
+	data_addr->sa_family = myctladdr->sa_family;
+	socket_set_address_and_port (data_addr,
+				     socket_get_address (hisctladdr),
+				     port);
+    } else {
+	if (parse_pasv ((struct sockaddr_in *)data_addr, pasv) < 0)
 	    goto bad;
-	}
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	on = IPTOS_THROUGHPUT;
-	if (setsockopt (data, IPPROTO_IP, IP_TOS, (char *) &on,
-			sizeof (int)) < 0)
-	    perror ("ftp: setsockopt TOS (ignored)");
-#endif
-	return (0);
     }
+
+    if (connect (data, data_addr, socket_sockaddr_size (data_addr)) < 0) {
+	warn ("connect");
+	goto bad;
+    }
+#ifdef IPTOS_THROUGHPUT
+    socket_set_tos (data, IPTOS_THROUGHPUT);
+#endif
+    return (0);
+bad:
+    close (data);
+    data = -1;
+    sendport = 1;
+    return (1);
+}
+
+
+static int
+active_mode (void)
+{
+    int tmpno = 0;
+    int len;
+    int result;
+
 noport:
-    data_addr = myctladdr;
-    if (sendport)
-	data_addr.sin_port = 0;	/* let system pick one */
+    data_addr->sa_family = myctladdr->sa_family;
+    socket_set_address_and_port (data_addr, socket_get_address (myctladdr),
+				 sendport ? 0 : socket_get_port (myctladdr));
+
     if (data != -1)
 	close (data);
-    data = socket (AF_INET, SOCK_STREAM, 0);
+    data = socket (data_addr->sa_family, SOCK_STREAM, 0);
     if (data < 0) {
 	warn ("socket");
 	if (tmpno)
 	    sendport = 1;
 	return (1);
     }
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
     if (!sendport)
-	if (setsockopt (data, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof (on)) < 0) {
-	    warn ("setsockopt (reuse address)");
-	    goto bad;
-	}
-#endif
-    if (bind (data, (struct sockaddr *) & data_addr, sizeof (data_addr)) < 0) {
+	socket_set_reuseaddr (data, 1);
+    if (bind (data, data_addr, socket_sockaddr_size (data_addr)) < 0) {
 	warn ("bind");
 	goto bad;
     }
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
-    if (options & SO_DEBUG &&
-     setsockopt (data, SOL_SOCKET, SO_DEBUG, (char *) &on, sizeof (on)) < 0)
-	warn ("setsockopt (ignored)");
-#endif
-    len = sizeof (data_addr);
-    if (getsockname (data, (struct sockaddr *) & data_addr, &len) < 0) {
+    if (options & SO_DEBUG)
+	socket_set_debug (data);
+    len = sizeof (data_addr_ss);
+    if (getsockname (data, data_addr, &len) < 0) {
 	warn ("getsockname");
 	goto bad;
     }
     if (listen (data, 1) < 0)
 	warn ("listen");
     if (sendport) {
-	unsigned int a = ntohl(data_addr.sin_addr.s_addr);
-	unsigned int p = ntohs(data_addr.sin_port);
-
-	result = command("PORT %d,%d,%d,%d,%d,%d", 
-			 (a >> 24) & 0xff,
-			 (a >> 16) & 0xff,
-			 (a >> 8) & 0xff,
-			 a & 0xff,
-			 (p >> 8) & 0xff,
-			 p & 0xff);
-	if (result == ERROR && sendport == -1) {
-	    sendport = 0;
-	    tmpno = 1;
-	    goto noport;
+	char *cmd;
+	char addr_str[256];
+	int inet_af;
+	int overbose;
+
+	if (inet_ntop (data_addr->sa_family, socket_get_address (data_addr),
+		       addr_str, sizeof(addr_str)) == NULL)
+	    errx (1, "inet_ntop failed");
+	switch (data_addr->sa_family) {
+	case AF_INET :
+	    inet_af = 1;
+	    break;
+#ifdef HAVE_IPV6
+	case AF_INET6 :
+	    inet_af = 2;
+	    break;
+#endif
+	default :
+	    errx (1, "bad address family %d", data_addr->sa_family);
+	}
+
+	asprintf (&cmd, "EPRT |%d|%s|%d|",
+		  inet_af, addr_str, ntohs(socket_get_port (data_addr)));
+
+	overbose = verbose;
+	if (debug == 0)
+	    verbose  = -1;
+
+	result = command (cmd);
+
+	verbose = overbose;
+
+	if (result == ERROR) {
+	    struct sockaddr_in *sin = (struct sockaddr_in *)data_addr;
+
+	    unsigned int a = ntohl(sin->sin_addr.s_addr);
+	    unsigned int p = ntohs(sin->sin_port);
+
+	    if (data_addr->sa_family != AF_INET) {
+		warnx ("remote server doesn't support EPRT");
+		goto bad;
+	    }
+
+	    result = command("PORT %d,%d,%d,%d,%d,%d", 
+			     (a >> 24) & 0xff,
+			     (a >> 16) & 0xff,
+			     (a >> 8) & 0xff,
+			     a & 0xff,
+			     (p >> 8) & 0xff,
+			     p & 0xff);
+	    if (result == ERROR && sendport == -1) {
+		sendport = 0;
+		tmpno = 1;
+		goto noport;
+	    }
+	    return (result != COMPLETE);
 	}
-	return (result != COMPLETE);
+	return result != COMPLETE;
     }
     if (tmpno)
 	sendport = 1;
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    on = IPTOS_THROUGHPUT;
-    if (setsockopt (data, IPPROTO_IP, IP_TOS, (char *) &on, sizeof (int)) < 0)
-	warn ("setsockopt TOS (ignored)");
+
+
+#ifdef IPTOS_THROUGHPUT
+    socket_set_tos (data, IPTOS_THROUGHPUT);
 #endif
     return (0);
 bad:
-    close (data), data = -1;
+    close (data);
+    data = -1;
     if (tmpno)
 	sendport = 1;
     return (1);
 }
 
+/*
+ * Need to start a listen on the data channel before we send the command,
+ * otherwise the server's connect may fail.
+ */
+int
+initconn (void)
+{
+    if (passivemode) 
+	return passive_mode ();
+    else
+	return active_mode ();
+}
+
 FILE *
-dataconn (char *lmode)
+dataconn (const char *lmode)
 {
-    struct sockaddr_in from;
-    int s, fromlen = sizeof (from), tos;
+    struct sockaddr_storage from_ss;
+    struct sockaddr *from = (struct sockaddr *)&from_ss;
+    int s, fromlen = sizeof (from_ss);
 
     if (passivemode)
 	return (fdopen (data, lmode));
 
-    s = accept (data, (struct sockaddr *) & from, &fromlen);
+    s = accept (data, from, &fromlen);
     if (s < 0) {
 	warn ("accept");
 	close (data), data = -1;
@@ -1275,10 +1377,8 @@ dataconn (char *lmode)
     }
     close (data);
     data = s;
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    tos = IPTOS_THROUGHPUT;
-    if (setsockopt (s, IPPROTO_IP, IP_TOS, (char *) &tos, sizeof (int)) < 0)
-	warn ("setsockopt TOS (ignored)");
+#ifdef IPTOS_THROUGHPUT
+    socket_set_tos (s, IPTOS_THROUGHPUT);
 #endif
     return (fdopen (data, lmode));
 }
@@ -1334,8 +1434,8 @@ pswitch (int flag)
     static struct comvars {
 	int connect;
 	char name[MaxHostNameLen];
-	struct sockaddr_in mctl;
-	struct sockaddr_in hctl;
+	struct sockaddr_storage mctl;
+	struct sockaddr_storage hctl;
 	FILE *in;
 	FILE *out;
 	int tpe;
@@ -1371,14 +1471,14 @@ pswitch (int flag)
     ip->connect = connected;
     connected = op->connect;
     if (hostname) {
-	strcpy_truncate (ip->name, hostname, sizeof (ip->name));
+	strlcpy (ip->name, hostname, sizeof (ip->name));
     } else
 	ip->name[0] = 0;
     hostname = op->name;
-    ip->hctl = hisctladdr;
-    hisctladdr = op->hctl;
-    ip->mctl = myctladdr;
-    myctladdr = op->mctl;
+    ip->hctl = hisctladdr_ss;
+    hisctladdr_ss = op->hctl;
+    ip->mctl = myctladdr_ss;
+    myctladdr_ss = op->mctl;
     ip->in = cin;
     cin = op->in;
     ip->out = cout;
@@ -1397,16 +1497,16 @@ pswitch (int flag)
     mcase = op->mcse;
     ip->ntflg = ntflag;
     ntflag = op->ntflg;
-    strcpy_truncate (ip->nti, ntin, sizeof (ip->nti));
-    strcpy_truncate (ntin, op->nti, 17);
-    strcpy_truncate (ip->nto, ntout, sizeof (ip->nto));
-    strcpy_truncate (ntout, op->nto, 17);
+    strlcpy (ip->nti, ntin, sizeof (ip->nti));
+    strlcpy (ntin, op->nti, 17);
+    strlcpy (ip->nto, ntout, sizeof (ip->nto));
+    strlcpy (ntout, op->nto, 17);
     ip->mapflg = mapflag;
     mapflag = op->mapflg;
-    strcpy_truncate (ip->mi, mapin, MaxPathLen);
-    strcpy_truncate (mapin, op->mi, MaxPathLen);
-    strcpy_truncate (ip->mo, mapout, MaxPathLen);
-    strcpy_truncate (mapout, op->mo, MaxPathLen);
+    strlcpy (ip->mi, mapin, MaxPathLen);
+    strlcpy (mapin, op->mi, MaxPathLen);
+    strlcpy (ip->mo, mapout, MaxPathLen);
+    strlcpy (mapout, op->mo, MaxPathLen);
     signal(SIGINT, oldintr);
     if (abrtflag) {
 	abrtflag = 0;
@@ -1580,7 +1680,7 @@ gunique (char *local)
 	warn ("local: %s", local);
 	return NULL;
     }
-    strcpy_truncate (new, local, sizeof(new));
+    strlcpy (new, local, sizeof(new));
     cp = new + strlen(new);
     *cp++ = '.';
     while (!d) {
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
index 5ae44b1..49c2b2f 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
+++ b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: ftp_locl.h,v 1.33 1998/06/13 00:06:40 assar Exp $ */
+/* $Id: ftp_locl.h,v 1.34 1999/12/02 16:58:29 joda Exp $ */
 
 #ifndef __FTP_LOCL_H__
 #define __FTP_LOCL_H__
diff --git a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c
index bc001a4..d06b5d6 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -43,7 +38,7 @@
 #endif
 #include <gssapi.h>
 
-RCSID("$Id: gssapi.c,v 1.7 1999/04/10 15:08:39 assar Exp $");
+RCSID("$Id: gssapi.c,v 1.13 1999/12/02 16:58:29 joda Exp $");
 
 struct gss_data {
     gss_ctx_id_t context_hdl;
@@ -117,6 +112,36 @@ gss_encode(void *app_data, void *from, int length, int level, void **to)
     return output.length;
 }
 
+static void
+sockaddr_to_gss_address (const struct sockaddr *sa,
+			 OM_uint32 *addr_type,
+			 gss_buffer_desc *gss_addr)
+{
+    switch (sa->sa_family) {
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
+
+	gss_addr->length = 16;
+	gss_addr->value  = &sin6->sin6_addr;
+	*addr_type       = GSS_C_AF_INET6;
+	break;
+    }
+#endif
+    case AF_INET : {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+
+	gss_addr->length = 4;
+	gss_addr->value  = &sin->sin_addr;
+	*addr_type       = GSS_C_AF_INET;
+	break;
+    }
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	
+    }
+}
+
 /* end common stuff */
 
 #ifdef FTP_SERVER
@@ -131,12 +156,13 @@ gss_adat(void *app_data, void *buf, size_t len)
     struct gss_data *d = app_data;
 
     gss_channel_bindings_t bindings = malloc(sizeof(*bindings));
-    bindings->initiator_addrtype = GSS_C_AF_INET;
-    bindings->initiator_address.length = 4;
-    bindings->initiator_address.value = &his_addr.sin_addr;
-    bindings->acceptor_addrtype = GSS_C_AF_INET;
-    bindings->acceptor_address.length = 4;
-    bindings->acceptor_address.value = &ctrl_addr.sin_addr;
+    sockaddr_to_gss_address (his_addr,
+			     &bindings->initiator_addrtype,
+			     &bindings->initiator_address);
+    sockaddr_to_gss_address (ctrl_addr,
+			     &bindings->acceptor_addrtype,
+			     &bindings->acceptor_address);
+
     bindings->application_data.length = 0;
     bindings->application_data.value = NULL;
 
@@ -216,7 +242,7 @@ struct sec_server_mech gss_server_mech = {
 
 #else /* FTP_SERVER */
 
-extern struct sockaddr_in hisctladdr, myctladdr;
+extern struct sockaddr *hisctladdr, *myctladdr;
 
 static int
 gss_auth(void *app_data, char *host)
@@ -237,6 +263,23 @@ gss_auth(void *app_data, char *host)
 			       &name,
 			       GSS_C_NT_HOSTBASED_SERVICE,
 			       &target_name);
+    if (GSS_ERROR(maj_stat)) {
+	OM_uint32 new_stat;
+	OM_uint32 msg_ctx = 0;
+	gss_buffer_desc status_string;
+	    
+	gss_display_status(&new_stat,
+			   min_stat,
+			   GSS_C_MECH_CODE,
+			   GSS_C_NO_OID,
+			   &msg_ctx,
+			   &status_string);
+	printf("Error importing name %s: %s\n", 
+	       (char *)name.value,
+	       (char *)status_string.value);
+	gss_release_buffer(&new_stat, &status_string);
+	return AUTH_ERROR;
+    }
     free(name.value);
     
 
@@ -244,12 +287,14 @@ gss_auth(void *app_data, char *host)
     input.value = NULL;
 
     bindings = malloc(sizeof(*bindings));
-    bindings->initiator_addrtype = GSS_C_AF_INET;
-    bindings->initiator_address.length = 4;
-    bindings->initiator_address.value = &myctladdr.sin_addr;
-    bindings->acceptor_addrtype = GSS_C_AF_INET;
-    bindings->acceptor_address.length = 4;
-    bindings->acceptor_address.value = &hisctladdr.sin_addr;
+
+    sockaddr_to_gss_address (myctladdr,
+			     &bindings->initiator_addrtype,
+			     &bindings->initiator_address);
+    sockaddr_to_gss_address (hisctladdr,
+			     &bindings->acceptor_addrtype,
+			     &bindings->acceptor_address);
+
     bindings->application_data.length = 0;
     bindings->application_data.value = NULL;
 
@@ -268,8 +313,8 @@ gss_auth(void *app_data, char *host)
 					NULL,
 					NULL);
 	if (GSS_ERROR(maj_stat)) {
-	    int new_stat;
-	    int msg_ctx = 0;
+	    OM_uint32 new_stat;
+	    OM_uint32 msg_ctx = 0;
 	    gss_buffer_desc status_string;
 	    
 	    gss_display_status(&new_stat,
diff --git a/crypto/kerberosIV/appl/ftp/ftp/kauth.c b/crypto/kerberosIV/appl/ftp/ftp/kauth.c
index 434dfb8..613593a 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/kauth.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/kauth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "ftp_locl.h"
 #include <krb.h>
-RCSID("$Id: kauth.c,v 1.17 1998/03/26 02:55:38 joda Exp $");
+RCSID("$Id: kauth.c,v 1.20 1999/12/02 16:58:29 joda Exp $");
 
 void
 kauth(int argc, char **argv)
@@ -54,6 +49,8 @@ kauth(int argc, char **argv)
     char passwd[100];
     int tmp;
 	
+    int save;
+
     if(argc > 2){
 	printf("usage: %s [principal]\n", argv[0]);
 	code = -1;
@@ -67,9 +64,11 @@ kauth(int argc, char **argv)
     overbose = verbose;
     verbose = 0;
 
+    save = set_command_prot(prot_private);
     ret = command("SITE KAUTH %s", name);
     if(ret != CONTINUE){
 	verbose = overbose;
+	set_command_prot(save);
 	code = -1;
 	return;
     }
@@ -77,6 +76,7 @@ kauth(int argc, char **argv)
     p = strstr(reply_string, "T=");
     if(!p){
 	printf("Bad reply from server.\n");
+	set_command_prot(save);
 	code = -1;
 	return;
     }
@@ -84,6 +84,7 @@ kauth(int argc, char **argv)
     tmp = base64_decode(p, &tkt.dat);
     if(tmp < 0){
 	printf("Failed to decode base64 in reply.\n");
+	set_command_prot(save);
 	code = -1;
 	return;
     }
@@ -94,6 +95,7 @@ kauth(int argc, char **argv)
     if(!p){
 	printf("Bad reply from server.\n");
 	verbose = overbose;
+	set_command_prot(save);
 	code = -1;
 	return;
     }
@@ -124,12 +126,14 @@ kauth(int argc, char **argv)
     memset(passwd, 0, sizeof(passwd));
     if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) {
 	printf("Out of memory base64-encoding.\n");
+	set_command_prot(save);
 	code = -1;
 	return;
     }
     memset (tktcopy.dat, 0, tktcopy.length);
     ret = command("SITE KAUTH %s %s", name, p);
     free(p);
+    set_command_prot(save);
     if(ret != COMPLETE){
 	code = -1;
 	return;
diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.c b/crypto/kerberosIV/appl/ftp/ftp/krb4.c
index 5b9b9b8..aa30c1b 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/krb4.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/krb4.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 #endif
 #include <krb.h>
 
-RCSID("$Id: krb4.c,v 1.30 1999/06/15 03:50:28 assar Exp $");
+RCSID("$Id: krb4.c,v 1.36.2.1 1999/12/06 17:29:45 assar Exp $");
 
 #ifdef FTP_SERVER
 #define LOCAL_ADDR ctrl_addr
@@ -52,7 +47,8 @@ RCSID("$Id: krb4.c,v 1.30 1999/06/15 03:50:28 assar Exp $");
 #define LOCAL_ADDR myctladdr
 #define REMOTE_ADDR hisctladdr
 #endif
-extern struct sockaddr_in LOCAL_ADDR, REMOTE_ADDR;
+
+extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR;
 
 struct krb4_data {
     des_cblock key;
@@ -78,11 +74,15 @@ krb4_decode(void *app_data, void *buf, int len, int level)
     struct krb4_data *d = app_data;
     
     if(level == prot_safe)
-	e = krb_rd_safe(buf, len, &d->key, &REMOTE_ADDR, &LOCAL_ADDR, &m);
+	e = krb_rd_safe(buf, len, &d->key,
+			(struct sockaddr_in *)REMOTE_ADDR,
+			(struct sockaddr_in *)LOCAL_ADDR, &m);
     else
 	e = krb_rd_priv(buf, len, d->schedule, &d->key, 
-			&REMOTE_ADDR, &LOCAL_ADDR, &m);
+			(struct sockaddr_in *)REMOTE_ADDR,
+			(struct sockaddr_in *)LOCAL_ADDR, &m);
     if(e){
+	syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e));
 	return -1;
     }
     memmove(buf, m.app_data, m.app_length);
@@ -102,10 +102,12 @@ krb4_encode(void *app_data, void *from, int length, int level, void **to)
     *to = malloc(length + 31);
     if(level == prot_safe)
 	return krb_mk_safe(from, *to, length, &d->key, 
-			   &LOCAL_ADDR, &REMOTE_ADDR);
+			   (struct sockaddr_in *)LOCAL_ADDR,
+			   (struct sockaddr_in *)REMOTE_ADDR);
     else if(level == prot_private)
 	return krb_mk_priv(from, *to, length, d->schedule, &d->key, 
-			   &LOCAL_ADDR, &REMOTE_ADDR);
+			   (struct sockaddr_in *)LOCAL_ADDR,
+			   (struct sockaddr_in *)REMOTE_ADDR);
     else
 	return -1;
 }
@@ -124,17 +126,18 @@ krb4_adat(void *app_data, void *buf, size_t len)
     int tmp_len;
     struct krb4_data *d = app_data;
     char inst[INST_SZ];
+    struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr;
 
     memcpy(tkt.dat, buf, len);
     tkt.length = len;
 
     k_getsockinst(0, inst, sizeof(inst));
     kerror = krb_rd_req(&tkt, "ftp", inst, 
-			his_addr.sin_addr.s_addr, &auth_dat, "");
+			his_addr_sin->sin_addr.s_addr, &auth_dat, "");
     if(kerror == RD_AP_UNDEC){
 	k_getsockinst(0, inst, sizeof(inst));
 	kerror = krb_rd_req(&tkt, "rcmd", inst, 
-			    his_addr.sin_addr.s_addr, &auth_dat, "");
+			    his_addr_sin->sin_addr.s_addr, &auth_dat, "");
     }
 
     if(kerror){
@@ -145,15 +148,17 @@ krb4_adat(void *app_data, void *buf, size_t len)
     memcpy(d->key, auth_dat.session, sizeof(d->key));
     des_set_key(&d->key, d->schedule);
 
-    strcpy_truncate(d->name, auth_dat.pname, sizeof(d->name));
-    strcpy_truncate(d->instance, auth_dat.pinst, sizeof(d->instance));
-    strcpy_truncate(d->realm, auth_dat.prealm, sizeof(d->instance));
+    strlcpy(d->name, auth_dat.pname, sizeof(d->name));
+    strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance));
+    strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance));
 
     cs = auth_dat.checksum + 1;
     {
 	unsigned char tmp[4];
 	KRB_PUT_INT(cs, tmp, 4, sizeof(tmp));
-	tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, &LOCAL_ADDR, &REMOTE_ADDR);
+	tmp_len = krb_mk_safe(tmp, msg, 4, &d->key,
+			      (struct sockaddr_in *)LOCAL_ADDR,
+			      (struct sockaddr_in *)REMOTE_ADDR);
     }
     if(tmp_len < 0){
 	reply(535, "Error creating reply: %s.", strerror(errno));
@@ -204,15 +209,15 @@ mk_auth(struct krb4_data *d, KTEXT adat,
     CREDENTIALS cred;
     char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
 
-    strcpy_truncate(sname, service, sizeof(sname));
-    strcpy_truncate(inst, krb_get_phost(host), sizeof(inst));
-    strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm));
+    strlcpy(sname, service, sizeof(sname));
+    strlcpy(inst, krb_get_phost(host), sizeof(inst));
+    strlcpy(realm, krb_realmofhost(host), sizeof(realm));
     ret = krb_mk_req(adat, sname, inst, realm, checksum);
     if(ret)
 	return ret;
-    strcpy_truncate(sname, service, sizeof(sname));
-    strcpy_truncate(inst, krb_get_phost(host), sizeof(inst));
-    strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm));
+    strlcpy(sname, service, sizeof(sname));
+    strlcpy(inst, krb_get_phost(host), sizeof(inst));
+    strlcpy(realm, krb_realmofhost(host), sizeof(realm));
     ret = krb_get_cred(sname, inst, realm, &cred);
     memmove(&d->key, &cred.session, sizeof(des_cblock));
     des_key_sched(&d->key, d->schedule);
@@ -231,6 +236,8 @@ krb4_auth(void *app_data, char *host)
     int checksum;
     u_int32_t cs;
     struct krb4_data *d = app_data;
+    struct sockaddr_in *localaddr  = (struct sockaddr_in *)LOCAL_ADDR;
+    struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR;
 
     checksum = getpid();
     ret = mk_auth(d, &adat, "ftp", host, checksum);
@@ -241,7 +248,38 @@ krb4_auth(void *app_data, char *host)
 	return AUTH_CONTINUE;
     }
 
-    if(base64_encode(adat.dat, adat.length, &p) < 0) {
+#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM
+    if (krb_get_config_bool("nat_in_use")) {
+      struct in_addr natAddr;
+
+      if (krb_get_our_ip_for_realm(krb_realmofhost(host),
+				   &natAddr) != KSUCCESS
+	  && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS)
+	printf("Can't get address for realm %s\n",
+	       krb_realmofhost(host));
+      else {
+	if (natAddr.s_addr != localaddr->sin_addr.s_addr) {
+	  printf("Using NAT IP address (%s) for kerberos 4\n",
+		 inet_ntoa(natAddr));
+	  localaddr->sin_addr = natAddr;
+	  
+	  /*
+	   * This not the best place to do this, but it
+	   * is here we know that (probably) NAT is in
+	   * use!
+	   */
+
+	  passivemode = 1;
+	  printf("Setting: Passive mode on.\n");
+	}
+      }
+    }
+#endif
+
+    printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr));
+    printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr));
+
+   if(base64_encode(adat.dat, adat.length, &p) < 0) {
 	printf("Out of memory base64-encoding.\n");
 	return AUTH_CONTINUE;
     }
@@ -266,7 +304,8 @@ krb4_auth(void *app_data, char *host)
     }
     adat.length = len;
     ret = krb_rd_safe(adat.dat, adat.length, &d->key, 
-		      &hisctladdr, &myctladdr, &msg_data);
+		      (struct sockaddr_in *)hisctladdr, 
+		      (struct sockaddr_in *)myctladdr, &msg_data);
     if(ret){
 	printf("Error reading reply from server: %s.\n", 
 	       krb_get_err_text(ret));
diff --git a/crypto/kerberosIV/appl/ftp/ftp/main.c b/crypto/kerberosIV/appl/ftp/ftp/main.c
index 5b0fe36..dfe9e88 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/main.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/main.c
@@ -36,7 +36,7 @@
  */
 
 #include "ftp_locl.h"
-RCSID("$Id: main.c,v 1.25 1999/05/08 02:22:09 assar Exp $");
+RCSID("$Id: main.c,v 1.27 1999/11/13 06:18:02 assar Exp $");
 
 int
 main(int argc, char **argv)
@@ -56,7 +56,7 @@ main(int argc, char **argv)
 	autologin = 1;
 	passivemode = 0; /* passive mode not active */
 
-	while ((ch = getopt(argc, argv, "dginptv")) != EOF) {
+	while ((ch = getopt(argc, argv, "dginptv")) != -1) {
 		switch (ch) {
 		case 'd':
 			options |= SO_DEBUG;
@@ -107,7 +107,7 @@ main(int argc, char **argv)
 	 */
 	pw = k_getpwuid(getuid());
 	if (pw != NULL) {
-		strcpy_truncate(homedir, pw->pw_dir, sizeof(homedir));
+		strlcpy(homedir, pw->pw_dir, sizeof(homedir));
 		home = homedir;
 	}
 	if (argc > 0) {
@@ -246,7 +246,7 @@ cmdscanner(int top)
 	    p = readline("ftp> ");
 	    if(p == NULL)
 		quit(0, 0);
-	    strcpy_truncate(line, p, sizeof(line));
+	    strlcpy(line, p, sizeof(line));
 	    add_history(p);
 	    free(p);
 	} else{
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
index 043e6fb..c687a59 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
@@ -32,7 +32,7 @@
  */
 
 #include "ftp_locl.h"
-RCSID("$Id: ruserpass.c,v 1.15 1999/03/11 13:54:58 joda Exp $");
+RCSID("$Id: ruserpass.c,v 1.16 1999/09/16 20:37:31 assar Exp $");
 
 static	int token (void);
 static	FILE *cfile;
@@ -77,7 +77,7 @@ guess_domain (char *hostname, size_t sz)
     char **aliases;
 
     if (gethostname (hostname, sz) < 0) {
-	strcpy_truncate (hostname, "", sz);
+	strlcpy (hostname, "", sz);
 	return "";
     }
     dot = strchr (hostname, '.');
@@ -90,13 +90,13 @@ guess_domain (char *hostname, size_t sz)
 
     dot = strchr (he->h_name, '.');
     if (dot != NULL) {
-	strcpy_truncate (hostname, he->h_name, sz);
+	strlcpy (hostname, he->h_name, sz);
 	return dot + 1;
     }
     for (aliases = he->h_aliases; (a = *aliases) != NULL; ++aliases) {
 	dot = strchr (a, '.');
 	if (dot != NULL) {
-	    strcpy_truncate (hostname, a, sz);
+	    strlcpy (hostname, a, sz);
 	    return dot + 1;
 	}
     }
diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.c b/crypto/kerberosIV/appl/ftp/ftp/security.c
index 96d598f..ca7eb00 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/security.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/security.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -42,7 +37,7 @@
 #include "ftp_locl.h"
 #endif
 
-RCSID("$Id: security.c,v 1.8 1999/04/07 14:16:48 joda Exp $");
+RCSID("$Id: security.c,v 1.15 1999/12/02 16:58:30 joda Exp $");
 
 static enum protection_level command_prot;
 static enum protection_level data_prot;
@@ -127,7 +122,7 @@ sec_getc(FILE *F)
 {
     if(sec_complete && data_prot) {
 	char c;
-	if(sec_read(fileno(F), &c, 1) == 0)
+	if(sec_read(fileno(F), &c, 1) <= 0)
 	    return EOF;
 	return c;
     } else
@@ -141,7 +136,9 @@ block_read(int fd, void *buf, size_t len)
     int b;
     while(len) {
 	b = read(fd, p, len);
-	if(b <= 0)
+	if (b == 0)
+	    return 0;
+	else if (b < 0)
 	    return -1;
 	len -= b;
 	p += b;
@@ -168,12 +165,19 @@ static int
 sec_get_data(int fd, struct buffer *buf, int level)
 {
     int len;
-    
-    if(block_read(fd, &len, sizeof(len)) < 0)
+    int b;
+
+    b = block_read(fd, &len, sizeof(len));
+    if (b == 0)
+	return 0;
+    else if (b < 0)
 	return -1;
     len = ntohl(len);
     buf->data = realloc(buf->data, len);
-    if(block_read(fd, buf->data, len) < 0)
+    b = block_read(fd, buf->data, len);
+    if (b == 0)
+	return 0;
+    else if (b < 0)
 	return -1;
     buf->size = (*mech->decode)(app_data, buf->data, len, data_prot);
     buf->index = 0;
@@ -292,6 +296,32 @@ sec_write(int fd, char *data, int length)
 }
 
 int
+sec_vfprintf2(FILE *f, const char *fmt, va_list ap)
+{
+    char *buf;
+    int ret;
+    if(data_prot == prot_clear)
+	return vfprintf(f, fmt, ap);
+    else {
+	vasprintf(&buf, fmt, ap);
+	ret = buffer_write(&out_buffer, buf, strlen(buf));
+	free(buf);
+	return ret;
+    }
+}
+
+int
+sec_fprintf2(FILE *f, const char *fmt, ...)
+{
+    int ret;
+    va_list ap;
+    va_start(ap, fmt);
+    ret = sec_vfprintf2(f, fmt, ap);
+    va_end(ap);
+    return ret;
+}
+
+int
 sec_putc(int c, FILE *F)
 {
     char ch = c;
@@ -547,6 +577,12 @@ secure_command(void)
     return ftp_command != NULL;
 }
 
+enum protection_level
+get_command_prot(void)
+{
+    return command_prot;
+}
+
 #else /* FTP_SERVER */
 
 void
@@ -603,30 +639,30 @@ sec_prot_internal(int level)
     return 0;
 }
 
+enum protection_level
+set_command_prot(enum protection_level level)
+{
+    enum protection_level old = command_prot;
+    command_prot = level;
+    return old;
+}
+
 void
 sec_prot(int argc, char **argv)
 {
     int level = -1;
 
-    if(argc != 2){
-	printf("usage: %s (clear | safe | confidential | private)\n",
-	       argv[0]);
-	code = -1;
-	return;
-    }
-    if(!sec_complete){
+    if(argc < 2 || argc > 3)
+	goto usage;
+    if(!sec_complete) {
 	printf("No security data exchange has taken place.\n");
 	code = -1;
 	return;
     }
-    level = name_to_level(argv[1]);
+    level = name_to_level(argv[argc - 1]);
     
-    if(level == -1){
-	printf("usage: %s (clear | safe | confidential | private)\n",
-	       argv[0]);
-	code = -1;
-	return;
-    }
+    if(level == -1)
+	goto usage;
     
     if((*mech->check_prot)(app_data, level)) {
 	printf("%s does not implement %s protection.\n", 
@@ -635,11 +671,21 @@ sec_prot(int argc, char **argv)
 	return;
     }
     
-    if(sec_prot_internal(level) < 0){
-	code = -1;
-	return;
-    }
+    if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) {
+	if(sec_prot_internal(level) < 0){
+	    code = -1;
+	    return;
+	}
+    } else if(strncasecmp(argv[1], "command", strlen(argv[1])) == 0)
+	set_command_prot(level);
+    else
+	goto usage;
     code = 0;
+    return;
+ usage:
+    printf("usage: %s [command|data] [clear|safe|confidential|private]\n",
+	   argv[0]);
+    code = -1;
 }
 
 static enum protection_level request_data_prot;
@@ -673,7 +719,15 @@ sec_login(char *host)
 		     are usually not very user friendly) */
     
     for(m = mechs; *m && (*m)->name; m++) {
-	app_data = realloc(app_data, (*m)->size);
+	void *tmp;
+
+	tmp = realloc(app_data, (*m)->size);
+	if (tmp == NULL) {
+	    warnx ("realloc %u failed", (*m)->size);
+	    return -1;
+	}
+	app_data = tmp;
+	    
 	if((*m)->init && (*(*m)->init)(app_data) != 0) {
 	    printf("Skipping %s...\n", (*m)->name);
 	    continue;
@@ -721,6 +775,7 @@ sec_end(void)
 	    (*mech->end)(app_data);
 	memset(app_data, 0, mech->size);
 	free(app_data);
+	app_data = NULL;
     }
     sec_complete = 0;
     data_prot = (enum protection_level)0;
diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.h b/crypto/kerberosIV/appl/ftp/ftp/security.h
index adac689..6fe0694 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/security.h
+++ b/crypto/kerberosIV/appl/ftp/ftp/security.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: security.h,v 1.3 1999/04/07 14:15:20 joda Exp $ */
+/* $Id: security.h,v 1.7 1999/12/02 16:58:30 joda Exp $ */
 
 #ifndef __security_h__
 #define __security_h__
@@ -105,6 +100,8 @@ int sec_putc (int, FILE *);
 int sec_read (int, void *, int);
 int sec_read_msg (char *, int);
 int sec_vfprintf (FILE *, const char *, va_list);
+int sec_fprintf2(FILE *f, const char *fmt, ...);
+int sec_vfprintf2(FILE *, const char *, va_list);
 int sec_write (int, char *, int);
 
 #ifdef FTP_SERVER
@@ -118,6 +115,7 @@ void delete_ftp_command (void);
 void new_ftp_command (char *);
 int sec_userok (char *);
 int secure_command (void);
+enum protection_level get_command_prot(void);
 #else
 void sec_end (void);
 int sec_login (char *);
@@ -125,6 +123,9 @@ void sec_prot (int, char **);
 int sec_request_prot (char *);
 void sec_set_protection_level (void);
 void sec_status (void);
+
+enum protection_level set_command_prot(enum protection_level);
+
 #endif
 
 #endif /* __security_h__ */  
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am
index 187fca3..282cb3a 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am
+++ b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.19 1999/04/25 13:24:55 assar Exp $
+# $Id: Makefile.am,v 1.20 1999/10/03 16:38:53 joda Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -21,6 +21,7 @@ ftpd_SOURCES =		\
 	ftpd.c		\
 	ftpd_locl.h	\
 	logwtmp.c	\
+	ls.c		\
 	pathnames.h	\
 	popen.c		\
 	security.c	\
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
index 3b555a6..bc5c12e 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
+++ b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
@@ -1,5 +1,5 @@
 # 
-# $Id: Makefile.in,v 1.40 1999/03/10 19:01:11 joda Exp $
+# $Id: Makefile.in,v 1.41 1999/10/03 16:39:27 joda Exp $
 #
 
 srcdir		= @srcdir@
@@ -47,8 +47,8 @@ LIBROKEN= -L$(LIBTOP)/roken -lroken
 
 PROGS = ftpd$(EXECSUFFIX)
 
-ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c popen.c security.c krb4.c kauth.c
-ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o popen.o security.o krb4.o kauth.o
+ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c ls.c popen.c security.c krb4.c kauth.c
+ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o ls.o popen.o security.o krb4.o kauth.o
 
 SOURCES = $(ftpd_SOURCES)
 OBJECTS = $(ftpd_OBJS)
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/extern.h b/crypto/kerberosIV/appl/ftp/ftpd/extern.h
index e96809e..2e1e0d0 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/extern.h
+++ b/crypto/kerberosIV/appl/ftp/ftpd/extern.h
@@ -67,6 +67,8 @@ char  **copyblk(char **);
 void	cwd(char *);
 void	do_delete(char *);
 void	dologout(int);
+void	eprt(char *);
+void	epsv(char *);
 void	fatal(char *);
 int	filename_check(char *);
 int	ftpd_pclose(FILE *);
@@ -86,8 +88,8 @@ __attribute__ ((format (printf, 1, 2)))
 #endif
 ;
 void	pass(char *);
-void	passive(void);
-void	perror_reply(int, char *);
+void	pasv(void);
+void	perror_reply(int, const char *);
 void	pwd(void);
 void	removedir(char *);
 void	renamecmd(char *, char *);
@@ -97,7 +99,7 @@ void	reply(int, const char *, ...)
 __attribute__ ((format (printf, 2, 3)))
 #endif
 ;
-void	retrieve(char *, char *);
+void	retrieve(const char *, char *);
 void	send_file_list(char *);
 void	setproctitle(const char *, ...)
 #ifdef __GNUC__
@@ -111,6 +113,8 @@ void	upper(char *);
 void	user(char *);
 void	yyerror(char *);
 
+void	list_file(char*);
+
 void	kauth(char *, char*);
 void	klist(void);
 void	cond_kdestroy(void);
@@ -121,15 +125,17 @@ void	afsunlog(void);
 
 int	find(char *);
 
+void	builtin_ls(FILE*, const char*);
+
 int	do_login(int code, char *passwd);
 int	klogin(char *name, char *password);
 
 const char *ftp_rooted(const char *path);
 
-extern struct sockaddr_in ctrl_addr, his_addr;
+extern struct sockaddr *ctrl_addr, *his_addr;
 extern char hostname[];
 
-extern	struct sockaddr_in data_dest;
+extern	struct sockaddr *data_dest;
 extern	int logged_in;
 extern	struct passwd *pw;
 extern	int guest;
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
index be36ea2..07ff9a5 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
@@ -43,7 +43,7 @@
 %{
 
 #include "ftpd_locl.h"
-RCSID("$Id: ftpcmd.y,v 1.48 1999/05/08 02:22:43 assar Exp $");
+RCSID("$Id: ftpcmd.y,v 1.56 1999/10/26 11:56:23 assar Exp $");
 
 off_t	restart_point;
 
@@ -98,6 +98,7 @@ static int		 yylex (void);
 	ABOR	DELE	CWD	LIST	NLST	SITE
 	sTAT	HELP	NOOP	MKD	RMD	PWD
 	CDUP	STOU	SMNT	SYST	SIZE	MDTM
+	EPRT	EPSV
 
 	UMASK	IDLE	CHMOD
 
@@ -105,7 +106,9 @@ static int		 yylex (void);
 	CONF	ENC
 
 	KAUTH	KLIST	KDESTROY KRBTKFILE AFSLOG
-	FIND	URL
+	LOCATE	URL
+
+	FEAT	OPTS
 
 	LEXERR
 
@@ -151,9 +154,23 @@ cmd
 			}
 			reply(200, "PORT command successful.");
 		}
+	| EPRT SP STRING CRLF
+		{
+			eprt ($3);
+			free ($3);
+		}
 	| PASV CRLF
 		{
-			passive();
+			pasv ();
+		}
+	| EPSV CRLF
+		{
+			epsv (NULL);
+		}
+	| EPSV SP STRING CRLF
+		{
+			epsv ($3);
+			free ($3);
 		}
 	| TYPE SP type_code CRLF
 		{
@@ -224,24 +241,30 @@ cmd
 		}
 	| RETR SP pathname CRLF check_login
 		{
-			if ($5 && $3 != NULL)
-				retrieve(0, $3);
-			if ($3 != NULL)
-				free($3);
+			char *name = $3;
+
+			if ($5 && name != NULL)
+				retrieve(0, name);
+			if (name != NULL)
+				free(name);
 		}
 	| STOR SP pathname CRLF check_login
 		{
-			if ($5 && $3 != NULL)
-				do_store($3, "w", 0);
-			if ($3 != NULL)
-				free($3);
+			char *name = $3;
+
+			if ($5 && name != NULL)
+				do_store(name, "w", 0);
+			if (name != NULL)
+				free(name);
 		}
 	| APPE SP pathname CRLF check_login
 		{
-			if ($5 && $3 != NULL)
-				do_store($3, "a", 0);
-			if ($3 != NULL)
-				free($3);
+			char *name = $3;
+
+			if ($5 && name != NULL)
+				do_store(name, "a", 0);
+			if (name != NULL)
+				free(name);
 		}
 	| NLST CRLF check_login
 		{
@@ -250,33 +273,23 @@ cmd
 		}
 	| NLST SP STRING CRLF check_login
 		{
-			if ($5 && $3 != NULL)
-				send_file_list($3);
-			if ($3 != NULL)
-				free($3);
+			char *name = $3;
+
+			if ($5 && name != NULL)
+				send_file_list(name);
+			if (name != NULL)
+				free(name);
 		}
 	| LIST CRLF check_login
 		{
-#ifdef HAVE_LS_A
-		  char *cmd = "/bin/ls -lA";
-#else
-		  char *cmd = "/bin/ls -la";
-#endif
-			if ($3)
-				retrieve(cmd, "");
-			
+		    if($3)
+			list_file(".");
 		}
 	| LIST SP pathname CRLF check_login
 		{
-#ifdef HAVE_LS_A
-		  char *cmd = "/bin/ls -lA %s";
-#else
-		  char *cmd = "/bin/ls -la %s";
-#endif
-			if ($5 && $3 != NULL)
-				retrieve(cmd, $3);
-			if ($3 != NULL)
-				free($3);
+		    if($5)
+			list_file($3);
+		    free($3);
 		}
 	| sTAT SP pathname CRLF check_login
 		{
@@ -388,6 +401,20 @@ cmd
 			if ($3)
 				cwd("..");
 		}
+	| FEAT CRLF
+		{
+			lreply(211, "Supported features:");
+			lreply(0, " MDTM");
+			lreply(0, " REST STREAM");
+			lreply(0, " SIZE");
+			reply(211, "End");
+		}
+	| OPTS SP STRING CRLF
+		{
+			free ($3);
+			reply(501, "Bad options");
+		}
+
 	| SITE SP HELP CRLF
 		{
 			help(sitetab, (char *) 0);
@@ -522,16 +549,15 @@ cmd
 #ifdef KRB4
 		    if(guest)
 			reply(500, "Can't be done as guest.");
-		    else if($7){
+		    else if($7)
 			afslog($5);
-		    }
 		    if($5)
 			free($5);
 #else
 		    reply(500, "Command not implemented.");
 #endif
 		}
-	| SITE SP FIND SP STRING CRLF check_login
+	| SITE SP LOCATE SP STRING CRLF check_login
 		{
 		    if($7 && $5 != NULL)
 			find($5);
@@ -696,9 +722,11 @@ host_port
 	: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
 		NUMBER COMMA NUMBER
 		{
-			data_dest.sin_family = AF_INET;
-			data_dest.sin_port = htons($9 * 256 + $11);
-			data_dest.sin_addr.s_addr = 
+			struct sockaddr_in *sin = (struct sockaddr_in *)data_dest;
+
+			sin->sin_family = AF_INET;
+			sin->sin_port = htons($9 * 256 + $11);
+			sin->sin_addr.s_addr = 
 			    htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7);
 		}
 	;
@@ -901,7 +929,9 @@ struct tab cmdtab[] = {		/* In order defined in RFC 765 */
 	{ "REIN", REIN, ARGS, 0,	"(reinitialize server state)" },
 	{ "QUIT", QUIT, ARGS, 1,	"(terminate service)", },
 	{ "PORT", PORT, ARGS, 1,	"<sp> b0, b1, b2, b3, b4" },
+	{ "EPRT", EPRT, STR1, 1,	"<sp> string" },
 	{ "PASV", PASV, ARGS, 1,	"(set server in passive mode)" },
+	{ "EPSV", EPSV, OSTR, 1,	"[<sp> foo]" },
 	{ "TYPE", TYPE, ARGS, 1,	"<sp> [ A | E | I | L ]" },
 	{ "STRU", STRU, ARGS, 1,	"(specify file structure)" },
 	{ "MODE", MODE, ARGS, 1,	"(specify transfer mode)" },
@@ -952,6 +982,10 @@ struct tab cmdtab[] = {		/* In order defined in RFC 765 */
 	{ "CONF", CONF,	STR1, 1,	"<sp> confidentiality command" },
 	{ "ENC",  ENC,	STR1, 1,	"<sp> privacy command" },
 
+	/* RFC2389 */
+	{ "FEAT", FEAT, ARGS, 1,	"" },
+	{ "OPTS", OPTS, ARGS, 1,	"<sp> command [<sp> options]" },
+
 	{ NULL,   0,    0,    0,	0 }
 };
 
@@ -967,7 +1001,8 @@ struct tab sitetab[] = {
 	{ "KRBTKFILE", KRBTKFILE, STR1, 1, "<sp> ticket-file" },
 	{ "AFSLOG", AFSLOG, OSTR, 1,	"[<sp> cell]" },
 
-	{ "FIND", FIND, STR1, 1,	"<sp> globexpr" },
+	{ "LOCATE", LOCATE, STR1, 1,	"<sp> globexpr" },
+	{ "FIND", LOCATE, STR1, 1,	"<sp> globexpr" },
 
 	{ "URL",  URL,  ARGS, 1,	"?" },
 	
@@ -996,7 +1031,7 @@ ftpd_getline(char *s, int n)
 	cs = s;
 /* tmpline may contain saved command from urgent mode interruption */
 	if(ftp_command){
-	  strcpy_truncate(s, ftp_command, n);
+	  strlcpy(s, ftp_command, n);
 	  if (debug)
 	    syslog(LOG_DEBUG, "command: %s", s);
 #ifdef XXX
@@ -1162,7 +1197,10 @@ yylex(void)
 		dostr1:
 			if (cbuf[cpos] == ' ') {
 				cpos++;
-				state = state == OSTR ? STR2 : ++state;
+				if(state == OSTR)
+				    state = STR2;
+				else
+				    state++;
 				return (SP);
 			}
 			break;
@@ -1335,7 +1373,7 @@ help(struct tab *ctab, char *s)
 			columns = 1;
 		lines = (NCMDS + columns - 1) / columns;
 		for (i = 0; i < lines; i++) {
-		    strcpy_truncate (buf, "   ", sizeof(buf));
+		    strlcpy (buf, "   ", sizeof(buf));
 		    for (j = 0; j < columns; j++) {
 			c = ctab + j * lines + i;
 			snprintf (buf + strlen(buf),
@@ -1347,13 +1385,13 @@ help(struct tab *ctab, char *s)
 			    break;
 			w = strlen(c->name) + 1;
 			while (w < width) {
-			    strcat_truncate (buf,
+			    strlcat (buf,
 					     " ",
 					     sizeof(buf));
 			    w++;
 			}
 		    }
-		    lreply(214, buf);
+		    lreply(214, "%s", buf);
 		}
 		reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se");
 		return;
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
index fa87fc2..d3c9a6a 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
@@ -36,19 +36,29 @@
 #ifdef KRB5
 #include <krb5.h>
 #endif
+#include "getarg.h"
 
-RCSID("$Id: ftpd.c,v 1.115 1999/06/15 03:51:47 assar Exp $");
+RCSID("$Id: ftpd.c,v 1.131 1999/11/30 19:18:38 assar Exp $");
 
 static char version[] = "Version 6.00";
 
 extern	off_t restart_point;
 extern	char cbuf[];
 
-struct	sockaddr_in ctrl_addr;
-struct	sockaddr_in data_source;
-struct	sockaddr_in data_dest;
-struct	sockaddr_in his_addr;
-struct	sockaddr_in pasv_addr;
+struct  sockaddr_storage ctrl_addr_ss;
+struct  sockaddr *ctrl_addr = (struct sockaddr *)&ctrl_addr_ss;
+
+struct  sockaddr_storage data_source_ss;
+struct  sockaddr *data_source = (struct sockaddr *)&data_source_ss;
+
+struct  sockaddr_storage data_dest_ss;
+struct  sockaddr *data_dest = (struct sockaddr *)&data_dest_ss;
+
+struct  sockaddr_storage his_addr_ss;
+struct  sockaddr *his_addr = (struct sockaddr *)&his_addr_ss;
+
+struct  sockaddr_storage pasv_addr_ss;
+struct  sockaddr *pasv_addr = (struct sockaddr *)&pasv_addr_ss;
 
 int	data;
 jmp_buf	errcatch, urgcatch;
@@ -125,16 +135,15 @@ static void	 ack (char *);
 static void	 myoob (int);
 static int	 checkuser (char *, char *);
 static int	 checkaccess (char *);
-static FILE	*dataconn (char *, off_t, char *);
-static void	 dolog (struct sockaddr_in *);
+static FILE	*dataconn (const char *, off_t, const char *);
+static void	 dolog (struct sockaddr *);
 static void	 end_login (void);
-static FILE	*getdatasock (char *);
+static FILE	*getdatasock (const char *);
 static char	*gunique (char *);
 static RETSIGTYPE	 lostconn (int);
 static int	 receive_data (FILE *, FILE *);
 static void	 send_data (FILE *, FILE *);
 static struct passwd * sgetpwnam (char *);
-static void	 usage(void);
 
 static char *
 curdir(void)
@@ -144,7 +153,7 @@ curdir(void)
 	if (getcwd(path, sizeof(path)-1) == NULL)
 		return ("");
 	if (path[1] != '\0')		/* special case for root dir. */
-		strcat_truncate(path, "/", sizeof(path));
+		strlcat(path, "/", sizeof(path));
 	/* For guest account, skip / since it's chrooted */
 	return (guest ? path+1 : path);
 }
@@ -186,218 +195,231 @@ parse_auth_level(char *str)
  * Print usage and die.
  */
 
+static int debug_flag;
+static int interactive_flag;
+static char *guest_umask_string;
+static char *port_string;
+static char *umask_string;
+static char *auth_string;
+
+int use_builtin_ls;
+
+static int help_flag;
+static int version_flag;
+
+struct getargs args[] = {
+    { NULL, 'a', arg_string, &auth_string, "required authentication" },
+    { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket" },
+    { NULL, 'p', arg_string, &port_string, "what port to listen to" },
+    { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins" },
+    { NULL, 'l', arg_counter, &logging, "log more stuff", "" },
+    { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" },
+    { NULL, 'T', arg_integer, &maxtimeout, "max timeout" },
+    { NULL, 'u', arg_string, &umask_string, "umask for user logins" },
+    { NULL, 'd', arg_flag, &debug_flag, "enable debugging" },
+    { NULL, 'v', arg_flag, &debug_flag, "enable debugging" },
+    { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" },
+    { "version", 0, arg_flag, &version_flag },
+    { "help", 'h', arg_flag, &help_flag }
+};
+
+static int num_args = sizeof(args) / sizeof(args[0]);
+
 static void
-usage (void)
+usage (int code)
 {
-    fprintf (stderr,
-	     "Usage: %s [-d] [-i] [-g guest_umask] [-l] [-p port]"
-	     " [-t timeout] [-T max_timeout] [-u umask] [-v]"
-	     " [-a auth_level] \n",
-	     __progname);
-    exit (1);
+    arg_printusage(args, num_args, NULL, "");
+    exit (code);
 }
 
 int
 main(int argc, char **argv)
 {
-	int addrlen, ch, on = 1, tos;
-	char *cp, line[LINE_MAX];
-	FILE *fd;
-	int not_inetd = 0;
-	int port;
-	struct servent *sp;
+    int addrlen, on = 1, tos;
+    char *cp, line[LINE_MAX];
+    FILE *fd;
+    int port;
+    struct servent *sp;
+
+    int optind = 0;
 
-	set_progname (argv[0]);
+    set_progname (argv[0]);
 
 #ifdef KRB4
-	/* detach from any tickets and tokens */
-	{
-	    char tkfile[1024];
-	    snprintf(tkfile, sizeof(tkfile),
-		     "/tmp/ftp_%u", (unsigned)getpid());
-	    krb_set_tkt_string(tkfile);
-	    if(k_hasafs())
-		k_setpag();
-	}
+    /* detach from any tickets and tokens */
+    {
+	char tkfile[1024];
+	snprintf(tkfile, sizeof(tkfile),
+		 "/tmp/ftp_%u", (unsigned)getpid());
+	krb_set_tkt_string(tkfile);
+	if(k_hasafs())
+	    k_setpag();
+    }
 #endif
+    if(getarg(args, num_args, argc, argv, &optind))
+	usage(1);
+
+    if(help_flag)
+	usage(0);
+	
+    if(version_flag) {
+	print_version(NULL);
+	exit(0);
+    }
+
+    if(auth_string)
+	auth_level = parse_auth_level(auth_string);
+    {
+	char *p;
+	long val = 0;
+	    
+	if(guest_umask_string) {
+	    val = strtol(guest_umask_string, &p, 8);
+	    if (*p != '\0' || val < 0)
+		warnx("bad value for -g");
+	    else
+		guest_umask = val;
+	}
+	if(umask_string) {
+	    val = strtol(umask_string, &p, 8);
+	    if (*p != '\0' || val < 0)
+		warnx("bad value for -u");
+	    else
+		defumask = val;
+	}
+    }
+    if(port_string) {
+	sp = getservbyname(port_string, "tcp");
+	if(sp)
+	    port = sp->s_port;
+	else
+	    if(isdigit(port_string[0]))
+		port = htons(atoi(port_string));
+	    else
+		warnx("bad value for -p");
+    } else {
 	sp = getservbyname("ftp", "tcp");
 	if(sp)
 	    port = sp->s_port;
 	else
 	    port = htons(21);
-
-	while ((ch = getopt(argc, argv, "a:dg:ilp:t:T:u:v")) != EOF) {
-		switch (ch) {
-		case 'a':
-		    auth_level = parse_auth_level(optarg);
-		    break;
-		case 'd':
-		    debug = 1;
-		    break;
-
-		case 'i':
-		    not_inetd = 1;
-		    break;
-		case 'g':
-		    {
-			long val = 0;
-
-			val = strtol(optarg, &optarg, 8);
-			if (*optarg != '\0' || val < 0)
-			    warnx("bad value for -g");
-			else
-			    guest_umask = val;
-			break;
-		    }
-		case 'l':
-		    logging++;	/* > 1 == extra logging */
-		    break;
-
-		case 'p':
-		    sp = getservbyname(optarg, "tcp");
-		    if(sp)
-			port = sp->s_port;
-		    else
-			if(isdigit(optarg[0]))
-			    port = htons(atoi(optarg));
-			else
-			    warnx("bad value for -p");
-		    break;
+    }
 		    
-		case 't':
-		    ftpd_timeout = atoi(optarg);
-		    if (maxtimeout < ftpd_timeout)
-			maxtimeout = ftpd_timeout;
-		    break;
-
-		case 'T':
-		    maxtimeout = atoi(optarg);
-		    if (ftpd_timeout > maxtimeout)
-			ftpd_timeout = maxtimeout;
-		    break;
-
-		case 'u':
-		    {
-			long val = 0;
-
-			val = strtol(optarg, &optarg, 8);
-			if (*optarg != '\0' || val < 0)
-			    warnx("bad value for -u");
-			else
-			    defumask = val;
-			break;
-		    }
+    if (maxtimeout < ftpd_timeout)
+	maxtimeout = ftpd_timeout;
 
-		case 'v':
-		    debug = 1;
-		    break;
+#if 0
+    if (ftpd_timeout > maxtimeout)
+	ftpd_timeout = maxtimeout;
+#endif
 
-		default:
-		    usage ();
-		}
-	}
 
-	if(not_inetd)
-	    mini_inetd (port);
+    if(interactive_flag)
+	mini_inetd (port);
 
-	/*
-	 * LOG_NDELAY sets up the logging connection immediately,
-	 * necessary for anonymous ftp's that chroot and can't do it later.
-	 */
-	openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
-	addrlen = sizeof(his_addr);
-	if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-		syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
-		exit(1);
-	}
-	addrlen = sizeof(ctrl_addr);
-	if (getsockname(0, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) {
-		syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
-		exit(1);
-	}
+    /*
+     * LOG_NDELAY sets up the logging connection immediately,
+     * necessary for anonymous ftp's that chroot and can't do it later.
+     */
+    openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
+    addrlen = sizeof(his_addr_ss);
+    if (getpeername(STDIN_FILENO, his_addr, &addrlen) < 0) {
+	syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
+	exit(1);
+    }
+    addrlen = sizeof(ctrl_addr_ss);
+    if (getsockname(STDIN_FILENO, ctrl_addr, &addrlen) < 0) {
+	syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
+	exit(1);
+    }
 #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	tos = IPTOS_LOWDELAY;
-	if (setsockopt(0, IPPROTO_IP, IP_TOS, (void *)&tos, sizeof(int)) < 0)
-		syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
+    tos = IPTOS_LOWDELAY;
+    if (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS,
+		   (void *)&tos, sizeof(int)) < 0)
+	syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
 #endif
-	data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
+    data_source->sa_family = ctrl_addr->sa_family;
+    socket_set_port (data_source,
+		     htons(ntohs(socket_get_port(ctrl_addr)) - 1));
 
-	/* set this here so it can be put in wtmp */
-	snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
+    /* set this here so it can be put in wtmp */
+    snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
 
 
-	/*	freopen(_PATH_DEVNULL, "w", stderr); */
-	signal(SIGPIPE, lostconn);
-	signal(SIGCHLD, SIG_IGN);
+    /*	freopen(_PATH_DEVNULL, "w", stderr); */
+    signal(SIGPIPE, lostconn);
+    signal(SIGCHLD, SIG_IGN);
 #ifdef SIGURG
-	if (signal(SIGURG, myoob) == SIG_ERR)
-	    syslog(LOG_ERR, "signal: %m");
+    if (signal(SIGURG, myoob) == SIG_ERR)
+	syslog(LOG_ERR, "signal: %m");
 #endif
 
-	/* Try to handle urgent data inline */
+    /* Try to handle urgent data inline */
 #if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
-	if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
-		       sizeof(on)) < 0)
-		syslog(LOG_ERR, "setsockopt: %m");
+    if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
+		   sizeof(on)) < 0)
+	syslog(LOG_ERR, "setsockopt: %m");
 #endif
 
 #ifdef	F_SETOWN
-	if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
-		syslog(LOG_ERR, "fcntl F_SETOWN: %m");
+    if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
+	syslog(LOG_ERR, "fcntl F_SETOWN: %m");
 #endif
-	dolog(&his_addr);
-	/*
-	 * Set up default state
-	 */
-	data = -1;
-	type = TYPE_A;
-	form = FORM_N;
-	stru = STRU_F;
-	mode = MODE_S;
-	tmpline[0] = '\0';
-
-	/* If logins are disabled, print out the message. */
-	if ((fd = fopen(_PATH_NOLOGIN,"r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(530, "%s", line);
-		}
-		fflush(stdout);
-		fclose(fd);
-		reply(530, "System not available.");
-		exit(0);
-	}
-	if ((fd = fopen(_PATH_FTPWELCOME, "r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(220, "%s", line);
-		}
-		fflush(stdout);
-		fclose(fd);
-		/* reply(220,) must follow */
+    dolog(his_addr);
+    /*
+     * Set up default state
+     */
+    data = -1;
+    type = TYPE_A;
+    form = FORM_N;
+    stru = STRU_F;
+    mode = MODE_S;
+    tmpline[0] = '\0';
+
+    /* If logins are disabled, print out the message. */
+    if ((fd = fopen(_PATH_NOLOGIN,"r")) != NULL) {
+	while (fgets(line, sizeof(line), fd) != NULL) {
+	    if ((cp = strchr(line, '\n')) != NULL)
+		*cp = '\0';
+	    lreply(530, "%s", line);
+	}
+	fflush(stdout);
+	fclose(fd);
+	reply(530, "System not available.");
+	exit(0);
+    }
+    if ((fd = fopen(_PATH_FTPWELCOME, "r")) != NULL) {
+	while (fgets(line, sizeof(line), fd) != NULL) {
+	    if ((cp = strchr(line, '\n')) != NULL)
+		*cp = '\0';
+	    lreply(220, "%s", line);
 	}
-	gethostname(hostname, sizeof(hostname));
-	reply(220, "%s FTP server (%s"
+	fflush(stdout);
+	fclose(fd);
+	/* reply(220,) must follow */
+    }
+    gethostname(hostname, sizeof(hostname));
+	
+    reply(220, "%s FTP server (%s"
 #ifdef KRB5
-	      "+%s"
+	  "+%s"
 #endif
 #ifdef KRB4
-	      "+%s"
+	  "+%s"
 #endif
-	      ") ready.", hostname, version
+	  ") ready.", hostname, version
 #ifdef KRB5
-	      ,heimdal_version
+	  ,heimdal_version
 #endif
 #ifdef KRB4
-	      ,krb4_version
+	  ,krb4_version
 #endif
-	      );
-	setjmp(errcatch);
-	for (;;)
-	    yyparse();
-	/* NOTREACHED */
+	  );
+
+    setjmp(errcatch);
+    for (;;)
+	yyparse();
+    /* NOTREACHED */
 }
 
 static RETSIGTYPE
@@ -506,10 +528,19 @@ user(char *name)
 		reply(331, "Guest login ok, type your name as password.");
 	    } else
 		reply(530, "User %s unknown.", name);
-	    if (!askpasswd && logging)
+	    if (!askpasswd && logging) {
+		char data_addr[256];
+
+		if (inet_ntop (his_addr->sa_family,
+			       socket_get_address(his_addr),
+			       data_addr, sizeof(data_addr)) == NULL)
+			strlcpy (data_addr, "unknown address",
+					 sizeof(data_addr));
+
 		syslog(LOG_NOTICE,
 		       "ANONYMOUS FTP LOGIN REFUSED FROM %s(%s)",
-		       remotehost, inet_ntoa(his_addr.sin_addr));
+		       remotehost, data_addr);
+	    }
 	    return;
 	}
 	if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){
@@ -526,18 +557,29 @@ user(char *name)
 
 		if (cp == NULL || checkaccess(name)) {
 			reply(530, "User %s access denied.", name);
-			if (logging)
+			if (logging) {
+				char data_addr[256];
+
+				if (inet_ntop (his_addr->sa_family,
+					       socket_get_address(his_addr),
+					       data_addr,
+					       sizeof(data_addr)) == NULL)
+					strlcpy (data_addr,
+							 "unknown address",
+							 sizeof(data_addr));
+
 				syslog(LOG_NOTICE,
 				       "FTP LOGIN REFUSED FROM %s(%s), %s",
 				       remotehost,
-				       inet_ntoa(his_addr.sin_addr),
+				       data_addr,
 				       name);
+			}
 			pw = (struct passwd *) NULL;
 			return;
 		}
 	}
 	if (logging)
-	    strcpy_truncate(curname, name, sizeof(curname));
+	    strlcpy(curname, name, sizeof(curname));
 	if(sec_complete) {
 	    if(sec_userok(name) == 0)
 		do_login(232, name);
@@ -662,88 +704,128 @@ checkaccess(char *name)
 #undef	ALLOWED
 #undef	NOT_ALLOWED
 
-int do_login(int code, char *passwd)
+/* output contents of /etc/issue.net, or /etc/issue */
+static void
+show_issue(int code)
 {
-        FILE *fd;
-	login_attempts = 0;		/* this time successful */
-	if (setegid((gid_t)pw->pw_gid) < 0) {
-		reply(550, "Can't set gid.");
-		return -1;
+    FILE *f;
+    char buf[128];
+
+    f = fopen("/etc/issue.net", "r");
+    if(f == NULL)
+	f = fopen("/etc/issue", "r");
+    if(f){
+	while(fgets(buf, sizeof(buf), f)){
+	    buf[strcspn(buf, "\r\n")] = '\0';
+	    lreply(code, "%s", buf);
 	}
-	initgroups(pw->pw_name, pw->pw_gid);
+	fclose(f);
+    }
+}
 
-	/* open wtmp before chroot */
-	ftpd_logwtmp(ttyline, pw->pw_name, remotehost);
-	logged_in = 1;
+int do_login(int code, char *passwd)
+{
+    FILE *fd;
+    login_attempts = 0;		/* this time successful */
+    if (setegid((gid_t)pw->pw_gid) < 0) {
+	reply(550, "Can't set gid.");
+	return -1;
+    }
+    initgroups(pw->pw_name, pw->pw_gid);
 
-	dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
-	if (guest) {
-		/*
-		 * We MUST do a chdir() after the chroot. Otherwise
-		 * the old current directory will be accessible as "."
-		 * outside the new root!
-		 */
-		if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
-			reply(550, "Can't set guest privileges.");
-			return -1;
-		}
-	} else if (dochroot) {
-		if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
-			reply(550, "Can't change root.");
-			return -1;
-		}
-	} else if (chdir(pw->pw_dir) < 0) {
-		if (chdir("/") < 0) {
-			reply(530, "User %s: can't change directory to %s.",
-			    pw->pw_name, pw->pw_dir);
-			return -1;
-		} else
-			lreply(code, "No directory! Logging in with home=/");
-	}
-	if (seteuid((uid_t)pw->pw_uid) < 0) {
-		reply(550, "Can't set uid.");
-		return -1;
-	}
+    /* open wtmp before chroot */
+    ftpd_logwtmp(ttyline, pw->pw_name, remotehost);
+    logged_in = 1;
+
+    dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
+    if (guest) {
 	/*
-	 * Display a login message, if it exists.
-	 * N.B. reply(code,) must follow the message.
+	 * We MUST do a chdir() after the chroot. Otherwise
+	 * the old current directory will be accessible as "."
+	 * outside the new root!
 	 */
-	if ((fd = fopen(_PATH_FTPLOGINMESG, "r")) != NULL) {
-		char *cp, line[LINE_MAX];
+	if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
+	    reply(550, "Can't set guest privileges.");
+	    return -1;
+	}
+    } else if (dochroot) {
+	if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
+	    reply(550, "Can't change root.");
+	    return -1;
+	}
+    } else if (chdir(pw->pw_dir) < 0) {
+	if (chdir("/") < 0) {
+	    reply(530, "User %s: can't change directory to %s.",
+		  pw->pw_name, pw->pw_dir);
+	    return -1;
+	} else
+	    lreply(code, "No directory! Logging in with home=/");
+    }
+    if (seteuid((uid_t)pw->pw_uid) < 0) {
+	reply(550, "Can't set uid.");
+	return -1;
+    }
+    /*
+     * Display a login message, if it exists.
+     * N.B. reply(code,) must follow the message.
+     */
+    if ((fd = fopen(_PATH_FTPLOGINMESG, "r")) != NULL) {
+	char *cp, line[LINE_MAX];
 
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(code, "%s", line);
-		}
+	while (fgets(line, sizeof(line), fd) != NULL) {
+	    if ((cp = strchr(line, '\n')) != NULL)
+		*cp = '\0';
+	    lreply(code, "%s", line);
 	}
-	if (guest) {
-		reply(code, "Guest login ok, access restrictions apply.");
+    }
+    if (guest) {
+	show_issue(code);
+	reply(code, "Guest login ok, access restrictions apply.");
 #ifdef HAVE_SETPROCTITLE
-		snprintf (proctitle, sizeof(proctitle),
-			  "%s: anonymous/%s",
-			  remotehost,
-			  passwd);
+	snprintf (proctitle, sizeof(proctitle),
+		  "%s: anonymous/%s",
+		  remotehost,
+		  passwd);
+	setproctitle(proctitle);
 #endif /* HAVE_SETPROCTITLE */
-		if (logging)
-			syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s",
-			       remotehost, 
-			       inet_ntoa(his_addr.sin_addr),
-			       passwd);
-	} else {
-		reply(code, "User %s logged in.", pw->pw_name);
+	if (logging) {
+	    char data_addr[256];
+
+	    if (inet_ntop (his_addr->sa_family,
+			   socket_get_address(his_addr),
+			   data_addr, sizeof(data_addr)) == NULL)
+		strlcpy (data_addr, "unknown address",
+				 sizeof(data_addr));
+
+	    syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s",
+		   remotehost, 
+		   data_addr,
+		   passwd);
+	}
+    } else {
+	show_issue(code);
+	reply(code, "User %s logged in.", pw->pw_name);
 #ifdef HAVE_SETPROCTITLE
-		snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
-		setproctitle(proctitle);
+	snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
+	setproctitle(proctitle);
 #endif /* HAVE_SETPROCTITLE */
-		if (logging)
-			syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s",
-			       remotehost,
-			       inet_ntoa(his_addr.sin_addr),
-			       pw->pw_name);
-	}
-	umask(defumask);
-	return 0;
+	if (logging) {
+	    char data_addr[256];
+
+	    if (inet_ntop (his_addr->sa_family,
+			   socket_get_address(his_addr),
+			   data_addr, sizeof(data_addr)) == NULL)
+		strlcpy (data_addr, "unknown address",
+				 sizeof(data_addr));
+
+	    syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s",
+		   remotehost,
+		   data_addr,
+		   pw->pw_name);
+	}
+    }
+    umask(defumask);
+    return 0;
 }
 
 /*
@@ -819,19 +901,27 @@ pass(char *passwd)
 		 * local authentication succeeded.
 		 */
 		if (rval) {
+			char data_addr[256];
+
+			if (inet_ntop (his_addr->sa_family,
+				       socket_get_address(his_addr),
+				       data_addr, sizeof(data_addr)) == NULL)
+				strlcpy (data_addr, "unknown address",
+						 sizeof(data_addr));
+
 			reply(530, "Login incorrect.");
 			if (logging)
 				syslog(LOG_NOTICE,
 				    "FTP LOGIN FAILED FROM %s(%s), %s",
 				       remotehost,
-				       inet_ntoa(his_addr.sin_addr),
+				       data_addr,
 				       curname);
 			pw = NULL;
 			if (login_attempts++ >= 5) {
 				syslog(LOG_NOTICE,
 				       "repeated login failures from %s(%s)",
 				       remotehost,
-				       inet_ntoa(his_addr.sin_addr));
+				       data_addr);
 				exit(0);
 			}
 			return;
@@ -845,7 +935,7 @@ pass(char *passwd)
 }
 
 void
-retrieve(char *cmd, char *name)
+retrieve(const char *cmd, char *name)
 {
 	FILE *fin = NULL, *dout;
 	struct stat st;
@@ -858,6 +948,7 @@ retrieve(char *cmd, char *name)
 		closefunc = fclose;
 		st.st_size = 0;
 		if(fin == NULL){
+		    int save_errno = errno;
 		    struct cmds {
 			const char *ext;
 			const char *cmd;
@@ -904,7 +995,8 @@ retrieve(char *cmd, char *name)
 			closefunc = ftpd_pclose;
 			st.st_size = -1;
 			cmd = line;
-		    }
+		    } else
+			errno = save_errno;
 		}
 	} else {
 		snprintf(line, sizeof(line), cmd, name);
@@ -1066,37 +1158,33 @@ done:
 }
 
 static FILE *
-getdatasock(char *mode)
+getdatasock(const char *mode)
 {
-	int on = 1, s, t, tries;
+	int s, t, tries;
 
 	if (data >= 0)
 		return (fdopen(data, mode));
-	seteuid((uid_t)0);
-	s = socket(AF_INET, SOCK_STREAM, 0);
+	seteuid(0);
+	s = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
 	if (s < 0)
 		goto bad;
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-	if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-	    (void *) &on, sizeof(on)) < 0)
-		goto bad;
-#endif
+	socket_set_reuseaddr (s, 1);
 	/* anchor socket to avoid multi-homing problems */
-	data_source.sin_family = AF_INET;
-	data_source.sin_addr = ctrl_addr.sin_addr;
+	socket_set_address_and_port (data_source,
+				     socket_get_address (ctrl_addr),
+				     socket_get_port (data_source));
+
 	for (tries = 1; ; tries++) {
-		if (bind(s, (struct sockaddr *)&data_source,
-		    sizeof(data_source)) >= 0)
+		if (bind(s, data_source,
+			 socket_sockaddr_size (data_source)) >= 0)
 			break;
 		if (errno != EADDRINUSE || tries > 10)
 			goto bad;
 		sleep(tries);
 	}
-	seteuid((uid_t)pw->pw_uid);
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	on = IPTOS_THROUGHPUT;
-	if (setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&on, sizeof(int)) < 0)
-		syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
+	seteuid(pw->pw_uid);
+#ifdef IPTOS_THROUGHPUT
+	socket_set_tos (s, IPTOS_THROUGHPUT);
 #endif
 	return (fdopen(s, mode));
 bad:
@@ -1109,7 +1197,7 @@ bad:
 }
 
 static FILE *
-dataconn(char *name, off_t size, char *mode)
+dataconn(const char *name, off_t size, const char *mode)
 {
 	char sizebuf[32];
 	FILE *file;
@@ -1122,10 +1210,12 @@ dataconn(char *name, off_t size, char *mode)
 	else
 	    *sizebuf = '\0';
 	if (pdata >= 0) {
-		struct sockaddr_in from;
-		int s, fromlen = sizeof(from);
+		struct sockaddr_storage from_ss;
+		struct sockaddr *from = (struct sockaddr *)&from;
+		int s;
+		int fromlen = sizeof(from_ss);
 
-		s = accept(pdata, (struct sockaddr *)&from, &fromlen);
+		s = accept(pdata, from, &fromlen);
 		if (s < 0) {
 			reply(425, "Can't open data connection.");
 			close(pdata);
@@ -1157,16 +1247,25 @@ dataconn(char *name, off_t size, char *mode)
 	usedefault = 1;
 	file = getdatasock(mode);
 	if (file == NULL) {
+		char data_addr[256];
+
+		if (inet_ntop (data_source->sa_family,
+			       socket_get_address(data_source),
+			       data_addr, sizeof(data_addr)) == NULL)
+			strlcpy (data_addr, "unknown address",
+					 sizeof(data_addr));
+
 		reply(425, "Can't create data socket (%s,%d): %s.",
-		    inet_ntoa(data_source.sin_addr),
-		    ntohs(data_source.sin_port), strerror(errno));
+		      data_addr,
+		      socket_get_port (data_source),
+		      strerror(errno));
 		return (NULL);
 	}
 	data = fileno(file);
-	while (connect(data, (struct sockaddr *)&data_dest,
-	    sizeof(data_dest)) < 0) {
+	while (connect(data, data_dest,
+		       socket_sockaddr_size(data_dest)) < 0) {
 		if (errno == EADDRINUSE && retry < swaitmax) {
-			sleep((unsigned) swaitint);
+			sleep(swaitint);
 			retry += swaitint;
 			continue;
 		}
@@ -1226,23 +1325,26 @@ send_data(FILE *instr, FILE *outstr)
 		struct stat st;
 		char *chunk;
 		int in = fileno(instr);
-		if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)) {
-		    chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, in, 0);
+		if(fstat(in, &st) == 0 && S_ISREG(st.st_mode) 
+		   && st.st_size > 0) {
+		    /*
+		     * mmap zero bytes has potential of loosing, don't do it.
+		     */
+		    chunk = mmap(0, st.st_size, PROT_READ,
+				 MAP_SHARED, in, 0);
 		    if((void *)chunk != (void *)MAP_FAILED) {
 			cnt = st.st_size - restart_point;
-			sec_write(fileno(outstr),
-				   chunk + restart_point,
-				   cnt);
-			munmap(chunk, st.st_size);
+			sec_write(fileno(outstr), chunk + restart_point, cnt);
+			if (munmap(chunk, st.st_size) < 0)
+			    warn ("munmap");
 			sec_fflush(outstr);
 			byte_count = cnt;
 			transflag = 0;
 		    }
 		}
 	    }
-	
 #endif
-	if(transflag){
+	if(transflag) {
 	    struct stat st;
 
 	    netfd = fileno(outstr);
@@ -1430,7 +1532,7 @@ statcmd(void)
 	struct sockaddr_in *sin;
 	u_char *a, *p;
 
-	lreply(211, "%s FTP server status:", hostname, version);
+	lreply(211, "%s FTP server (%s) status:", hostname, version);
 	printf("     %s\r\n", version);
 	printf("     Connected to %s", remotehost);
 	if (!isdigit(remotehost[0]))
@@ -1673,18 +1775,30 @@ renamecmd(char *from, char *to)
 }
 
 static void
-dolog(struct sockaddr_in *sin)
+dolog(struct sockaddr *sa)
 {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+
 	inaddr2str (sin->sin_addr, remotehost, sizeof(remotehost));
 #ifdef HAVE_SETPROCTITLE
 	snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
 	setproctitle(proctitle);
 #endif /* HAVE_SETPROCTITLE */
 
-	if (logging)
+	if (logging) {
+		char data_addr[256];
+
+		if (inet_ntop (his_addr->sa_family,
+			       socket_get_address(his_addr),
+			       data_addr, sizeof(data_addr)) == NULL)
+			strlcpy (data_addr, "unknown address",
+					 sizeof(data_addr));
+
+
 		syslog(LOG_INFO, "connection from %s(%s)",
 		       remotehost,
-		       inet_ntoa(his_addr.sin_addr));
+		       data_addr);
+	}
 }
 
 /*
@@ -1766,31 +1880,41 @@ myoob(int signo)
  *	with Rick Adams on 25 Jan 89.
  */
 void
-passive(void)
+pasv(void)
 {
 	int len;
 	char *p, *a;
+	struct sockaddr_in *sin;
 
-	pdata = socket(AF_INET, SOCK_STREAM, 0);
+	if (ctrl_addr->sa_family != AF_INET) {
+		reply(425,
+		      "You cannot do PASV with something that's not IPv4");
+		return;
+	}
+
+	pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
 	if (pdata < 0) {
 		perror_reply(425, "Can't open passive connection");
 		return;
 	}
-	pasv_addr = ctrl_addr;
-	pasv_addr.sin_port = 0;
-	seteuid((uid_t)0);
-	if (bind(pdata, (struct sockaddr *)&pasv_addr, sizeof(pasv_addr)) < 0) {
-		seteuid((uid_t)pw->pw_uid);
+	pasv_addr->sa_family = ctrl_addr->sa_family;
+	socket_set_address_and_port (pasv_addr,
+				     socket_get_address (ctrl_addr),
+				     0);
+	seteuid(0);
+	if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
+		seteuid(pw->pw_uid);
 		goto pasv_error;
 	}
-	seteuid((uid_t)pw->pw_uid);
-	len = sizeof(pasv_addr);
-	if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
+	seteuid(pw->pw_uid);
+	len = sizeof(pasv_addr_ss);
+	if (getsockname(pdata, pasv_addr, &len) < 0)
 		goto pasv_error;
 	if (listen(pdata, 1) < 0)
 		goto pasv_error;
-	a = (char *) &pasv_addr.sin_addr;
-	p = (char *) &pasv_addr.sin_port;
+	sin = (struct sockaddr_in *)pasv_addr;
+	a = (char *) &sin->sin_addr;
+	p = (char *) &sin->sin_port;
 
 #define UC(b) (((int) b) & 0xff)
 
@@ -1805,6 +1929,109 @@ pasv_error:
 	return;
 }
 
+void
+epsv(char *proto)
+{
+	int len;
+
+	pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
+	if (pdata < 0) {
+		perror_reply(425, "Can't open passive connection");
+		return;
+	}
+	pasv_addr->sa_family = ctrl_addr->sa_family;
+	socket_set_address_and_port (pasv_addr,
+				     socket_get_address (ctrl_addr),
+				     0);
+	seteuid(0);
+	if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
+		seteuid(pw->pw_uid);
+		goto pasv_error;
+	}
+	seteuid(pw->pw_uid);
+	len = sizeof(pasv_addr_ss);
+	if (getsockname(pdata, pasv_addr, &len) < 0)
+		goto pasv_error;
+	if (listen(pdata, 1) < 0)
+		goto pasv_error;
+
+	reply(229, "Entering Extended Passive Mode (|||%d|)",
+	      ntohs(socket_get_port (pasv_addr)));
+	return;
+
+pasv_error:
+	close(pdata);
+	pdata = -1;
+	perror_reply(425, "Can't open passive connection");
+	return;
+}
+
+void
+eprt(char *str)
+{
+	char *end;
+	char sep;
+	int af;
+	int ret;
+	int port;
+
+	usedefault = 0;
+	if (pdata >= 0) {
+	    close(pdata);
+	    pdata = -1;
+	}
+
+	sep = *str++;
+	if (sep == '\0') {
+		reply(500, "Bad syntax in EPRT");
+		return;
+	}
+	af = strtol (str, &end, 0);
+	if (af == 0 || *end != sep) {
+		reply(500, "Bad syntax in EPRT");
+		return;
+	}
+	str = end + 1;
+	switch (af) {
+#ifdef HAVE_IPV6
+	case 2 :
+	    data_dest->sa_family = AF_INET6;
+	    break;
+#endif		
+	case 1 :
+	    data_dest->sa_family = AF_INET;
+		break;
+	default :
+		reply(522, "Network protocol %d not supported, use (1"
+#ifdef HAVE_IPV6
+		      ",2"
+#endif
+		      ")", af);
+		return;
+	}
+	end = strchr (str, sep);
+	if (end == NULL) {
+		reply(500, "Bad syntax in EPRT");
+		return;
+	}
+	*end = '\0';
+	ret = inet_pton (data_dest->sa_family, str,
+			 socket_get_address (data_dest));
+
+	if (ret != 1) {
+		reply(500, "Bad address syntax in EPRT");
+		return;
+	}
+	str = end + 1;
+	port = strtol (str, &end, 0);
+	if (port == 0 || *end != sep) {
+		reply(500, "Bad port syntax in EPRT");
+		return;
+	}
+	socket_set_port (data_dest, htons(port));
+	reply(200, "EPRT command successful.");
+}
+
 /*
  * Generate unique name for file with basename "local".
  * The file named "local" is already known to exist.
@@ -1840,7 +2067,7 @@ gunique(char *local)
  * Format and send reply containing system error number.
  */
 void
-perror_reply(int code, char *string)
+perror_reply(int code, const char *string)
 {
 	reply(code, "%s: %s.", string, strerror(errno));
 }
@@ -1851,6 +2078,30 @@ static char *onefile[] = {
 };
 
 void
+list_file(char *file)
+{
+    if(use_builtin_ls) {
+	FILE *dout;
+	dout = dataconn(file, -1, "w");
+	if (dout == NULL)
+	    return;
+	set_buffer_size(fileno(dout), 0);
+	builtin_ls(dout, file);
+	reply(226, "Transfer complete.");
+	fclose(dout);
+	data = -1;
+	pdata = -1;
+    } else {
+#ifdef HAVE_LS_A
+	const char *cmd = "/bin/ls -lA %s";
+#else
+	const char *cmd = "/bin/ls -la %s";
+#endif
+	retrieve(cmd, file);
+    }
+}
+
+void
 send_file_list(char *whichf)
 {
   struct stat st;
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h
index 4bb3ad3..5cb4904 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: ftpd_locl.h,v 1.5.2.1 1999/07/22 03:24:42 assar Exp $ */
+/* $Id: ftpd_locl.h,v 1.9 1999/12/02 16:58:30 joda Exp $ */
 
 #ifndef __ftpd_locl_h__
 #define __ftpd_locl_h__
@@ -63,6 +58,9 @@
 #if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
 #include <sys/ioctl.h>
 #endif
+#ifdef HAVE_SYS_IOCCOM_H
+#include <sys/ioccom.h>
+#endif
 #ifdef TIME_WITH_SYS_TIME
 #include <sys/time.h>
 #include <time.h>
@@ -159,6 +157,10 @@
 extern int LIBPREFIX(fclose)      (FILE *);
 #endif
 
+/* SunOS doesn't have any declaration of fclose */
+
+int fclose(FILE *stream);
+
 int yyparse();
 
 #ifndef LOG_FTP
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c
index 8a1a8e3..28e3596 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -40,7 +35,7 @@
 #include <gssapi.h>
 #include <krb5.h>
 
-RCSID("$Id: gss_userok.c,v 1.1 1998/05/12 12:15:22 joda Exp $");
+RCSID("$Id: gss_userok.c,v 1.2 1999/12/02 16:58:31 joda Exp $");
 
 /* XXX a bit too much of krb5 dependency here... 
    What is the correct way to do this? 
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
index 33795b6..dad4de5 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "ftpd_locl.h"
 
-RCSID("$Id: kauth.c,v 1.22 1999/06/29 21:19:33 bg Exp $");
+RCSID("$Id: kauth.c,v 1.25 1999/12/02 16:58:31 joda Exp $");
 
 static KTEXT_ST cip;
 static unsigned int lifetime;
@@ -85,7 +80,7 @@ store_ticket(KTEXT cip)
 	return(INTK_BADPW);
     
     /* extract server's name */
-    strcpy_truncate(sp.name, ptr, sizeof(sp.name));
+    strlcpy(sp.name, ptr, sizeof(sp.name));
     ptr += len + 1;
     left -= len + 1;
 
@@ -94,7 +89,7 @@ store_ticket(KTEXT cip)
 	return(INTK_BADPW);
     
     /* extract server's instance */
-    strcpy_truncate(sp.instance, ptr, sizeof(sp.instance));
+    strlcpy(sp.instance, ptr, sizeof(sp.instance));
     ptr += len + 1;
     left -= len + 1;
 
@@ -103,7 +98,7 @@ store_ticket(KTEXT cip)
 	return(INTK_BADPW);
     
     /* extract server's realm */
-    strcpy_truncate(sp.realm, ptr, sizeof(sp.realm));
+    strlcpy(sp.realm, ptr, sizeof(sp.realm));
     ptr += len + 1;
     left -= len + 1;
 
@@ -176,6 +171,10 @@ kauth(char *principal, char *ticket)
     char *p;
     int ret;
   
+    if(get_command_prot() != prot_private) {
+	reply(500, "Request denied (bad protection level)");
+	return;
+    }
     ret = krb_parse_name(principal, &pr);
     if(ret){
 	reply(500, "Bad principal: %s.", krb_get_err_text(ret));
@@ -304,12 +303,12 @@ klist(void)
 		   "  Issued", "  Expires", "  Principal (kvno)");
 	    header = 0;
 	}
-	strcpy_truncate(buf1, short_date(c.issue_date), sizeof(buf1));
+	strlcpy(buf1, short_date(c.issue_date), sizeof(buf1));
 	c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
 	if (time(0) < (unsigned long) c.issue_date)
-	    strcpy_truncate(buf2, short_date(c.issue_date), sizeof(buf2));
+	    strlcpy(buf2, short_date(c.issue_date), sizeof(buf2));
 	else
-	    strcpy_truncate(buf2, ">>> Expired <<< ", sizeof(buf2));
+	    strlcpy(buf2, ">>> Expired <<< ", sizeof(buf2));
 	lreply(200, "%s  %s  %s (%d)", buf1, buf2,
 	       krb_unparse_name_long(c.service, c.instance, c.realm), c.kvno); 
     }
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
index d948a5a..019cc2d 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: logwtmp.c,v 1.13 1999/03/01 09:49:37 joda Exp $");
+RCSID("$Id: logwtmp.c,v 1.14 1999/12/02 16:58:31 joda Exp $");
 #endif
 
 #include <stdio.h>
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ls.c b/crypto/kerberosIV/appl/ftp/ftpd/ls.c
new file mode 100644
index 0000000..97eb77e
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ls.c
@@ -0,0 +1,572 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "ftpd_locl.h"
+
+RCSID("$Id: ls.c,v 1.13 1999/11/20 20:49:41 assar Exp $");
+
+struct fileinfo {
+    struct stat st;
+    int inode;
+    int bsize;
+    char mode[11];
+    int n_link;
+    char *user;
+    char *group;
+    char *size;
+    char *major;
+    char *minor;
+    char *date;
+    char *filename;
+    char *link;
+};
+
+#define LS_DIRS		 1
+#define LS_IGNORE_DOT	 2
+#define LS_SORT_MODE	 12
+#define SORT_MODE(f) ((f) & LS_SORT_MODE)
+#define LS_SORT_NAME	 4
+#define LS_SORT_MTIME	 8
+#define LS_SORT_SIZE	12
+#define LS_SORT_REVERSE	16
+
+#define LS_SIZE		32
+#define LS_INODE	64
+
+#ifndef S_ISTXT
+#define S_ISTXT S_ISVTX
+#endif
+
+#ifndef S_ISSOCK
+#define S_ISSOCK(mode)  (((mode) & _S_IFMT) == S_IFSOCK)
+#endif
+
+#ifndef S_ISLNK
+#define S_ISLNK(mode)   (((mode) & _S_IFMT) == S_IFLNK)
+#endif
+
+static void
+make_fileinfo(const char *filename, struct fileinfo *file, int flags)
+{
+    char buf[128];
+    struct stat *st = &file->st;
+
+    file->inode = st->st_ino;
+#ifdef S_BLKSIZE
+    file->bsize = st->st_blocks * S_BLKSIZE / 1024;
+#else
+    file->bsize = st->st_blocks * 512 / 1024;
+#endif
+
+    if(S_ISDIR(st->st_mode))
+	file->mode[0] = 'd';
+    else if(S_ISCHR(st->st_mode))
+	file->mode[0] = 'c';
+    else if(S_ISBLK(st->st_mode))
+	file->mode[0] = 'b';
+    else if(S_ISREG(st->st_mode))
+	file->mode[0] = '-';
+    else if(S_ISFIFO(st->st_mode))
+	file->mode[0] = 'p';
+    else if(S_ISLNK(st->st_mode))
+	file->mode[0] = 'l';
+    else if(S_ISSOCK(st->st_mode))
+	file->mode[0] = 's';
+#ifdef S_ISWHT
+    else if(S_ISWHT(st->st_mode))
+	file->mode[0] = 'w';
+#endif
+    else 
+	file->mode[0] = '?';
+    {
+	char *x[] = { "---", "--x", "-w-", "-wx", 
+		      "r--", "r-x", "rw-", "rwx" };
+	strcpy(file->mode + 1, x[(st->st_mode & S_IRWXU) >> 6]);
+	strcpy(file->mode + 4, x[(st->st_mode & S_IRWXG) >> 3]);
+	strcpy(file->mode + 7, x[(st->st_mode & S_IRWXO) >> 0]);
+	if((st->st_mode & S_ISUID)) {
+	    if((st->st_mode & S_IXUSR))
+		file->mode[3] = 's';
+	    else
+		file->mode[3] = 'S';
+	}
+	if((st->st_mode & S_ISGID)) {
+	    if((st->st_mode & S_IXGRP))
+		file->mode[6] = 's';
+	    else
+		file->mode[6] = 'S';
+	}
+	if((st->st_mode & S_ISTXT)) {
+	    if((st->st_mode & S_IXOTH))
+		file->mode[9] = 't';
+	    else
+		file->mode[9] = 'T';
+	}
+    }
+    file->n_link = st->st_nlink;
+    {
+	struct passwd *pwd;
+	pwd = getpwuid(st->st_uid);
+	if(pwd == NULL)
+	    asprintf(&file->user, "%u", (unsigned)st->st_uid);
+	else
+	    file->user = strdup(pwd->pw_name);
+    }
+    {
+	struct group *grp;
+	grp = getgrgid(st->st_gid);
+	if(grp == NULL)
+	    asprintf(&file->group, "%u", (unsigned)st->st_gid);
+	else
+	    file->group = strdup(grp->gr_name);
+    }
+    
+    if(S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) {
+#if defined(major) && defined(minor)
+	asprintf(&file->major, "%u", (unsigned)major(st->st_rdev));
+	asprintf(&file->minor, "%u", (unsigned)minor(st->st_rdev));
+#else
+	/* Don't want to use the DDI/DKI crap. */
+	asprintf(&file->major, "%u", (unsigned)st->st_rdev);
+	asprintf(&file->minor, "%u", 0);
+#endif
+    } else
+	asprintf(&file->size, "%lu", (unsigned long)st->st_size);
+
+    {
+	time_t t = time(NULL);
+	struct tm *tm = localtime(&st->st_mtime);
+	if((t - st->st_mtime > 6*30*24*60*60) ||
+	   (st->st_mtime - t > 6*30*24*60*60))
+	    strftime(buf, sizeof(buf), "%b %e  %Y", tm);
+	else
+	    strftime(buf, sizeof(buf), "%b %e %H:%M", tm);
+	file->date = strdup(buf);
+    }
+    {
+	const char *p = strrchr(filename, '/');
+	if(p)
+	    p++;
+	else
+	    p = filename;
+	file->filename = strdup(p);
+    }
+    if(S_ISLNK(st->st_mode)) {
+	int n;
+	n = readlink((char *)filename, buf, sizeof(buf));
+	if(n >= 0) {
+	    buf[n] = '\0';
+	    file->link = strdup(buf);
+	} else
+	    warn("%s: readlink", filename);
+    }
+}
+
+static void
+print_file(FILE *out,
+	   int flags,
+	   struct fileinfo *f,
+	   int max_inode,
+	   int max_bsize,
+	   int max_n_link,
+	   int max_user,
+	   int max_group,
+	   int max_size,
+	   int max_major,
+	   int max_minor,
+	   int max_date)
+{
+    if(f->filename == NULL)
+	return;
+
+    if(flags & LS_INODE) {
+	sec_fprintf2(out, "%*d", max_inode, f->inode);
+	sec_fprintf2(out, "  ");
+    }
+    if(flags & LS_SIZE) {
+	sec_fprintf2(out, "%*d", max_bsize, f->bsize);
+	sec_fprintf2(out, "  ");
+    }
+    sec_fprintf2(out, "%s", f->mode);
+    sec_fprintf2(out, "  ");
+    sec_fprintf2(out, "%*d", max_n_link, f->n_link);
+    sec_fprintf2(out, " ");
+    sec_fprintf2(out, "%-*s", max_user, f->user);
+    sec_fprintf2(out, "  ");
+    sec_fprintf2(out, "%-*s", max_group, f->group);
+    sec_fprintf2(out, "  ");
+    if(f->major != NULL && f->minor != NULL)
+	sec_fprintf2(out, "%*s, %*s", max_major, f->major, max_minor, f->minor);
+    else
+	sec_fprintf2(out, "%*s", max_size, f->size);
+    sec_fprintf2(out, " ");
+    sec_fprintf2(out, "%*s", max_date, f->date);
+    sec_fprintf2(out, " ");
+    sec_fprintf2(out, "%s", f->filename);
+    if(f->link)
+	sec_fprintf2(out, " -> %s", f->link);
+    sec_fprintf2(out, "\r\n");
+}
+
+static int
+compare_filename(struct fileinfo *a, struct fileinfo *b)
+{
+    if(a->filename == NULL)
+	return 1;
+    if(b->filename == NULL)
+	return -1;
+    return strcmp(a->filename, b->filename);
+}
+
+static int
+compare_mtime(struct fileinfo *a, struct fileinfo *b)
+{
+    if(a->filename == NULL)
+	return 1;
+    if(b->filename == NULL)
+	return -1;
+    return a->st.st_mtime - b->st.st_mtime;
+}
+
+static int
+compare_size(struct fileinfo *a, struct fileinfo *b)
+{
+    if(a->filename == NULL)
+	return 1;
+    if(b->filename == NULL)
+	return -1;
+    return a->st.st_size - b->st.st_size;
+}
+
+static void
+list_dir(FILE *out, const char *directory, int flags);
+
+static int
+log10(int num)
+{
+    int i = 1;
+    while(num > 10) {
+	i++;
+	num /= 10;
+    }
+    return i;
+}
+
+/*
+ * Operate as lstat but fake up entries for AFS mount points so we don't
+ * have to fetch them.
+ */
+
+static int
+lstat_file (const char *file, struct stat *sb)
+{
+#ifdef KRB4
+    if (k_hasafs() 
+	&& strcmp(file, ".")
+	&& strcmp(file, "..")) 
+    {
+	struct ViceIoctl    a_params;
+	char               *last;
+	char               *path_bkp;
+	static ino_t	   ino_counter = 0, ino_last = 0;
+	int		   ret;
+	const int	   maxsize = 2048;
+	
+	path_bkp = strdup (file);
+	if (path_bkp == NULL)
+	    return -1;
+	
+	a_params.out = malloc (maxsize);
+	if (a_params.out == NULL) { 
+	    free (path_bkp);
+	    return -1;
+	}
+	
+	/* If path contains more than the filename alone - split it */
+	
+	last = strrchr (path_bkp, '/');
+	if (last != NULL) {
+	    *last = '\0';
+	    a_params.in = last + 1;
+	} else
+	    a_params.in = (char *)file;
+	
+	a_params.in_size  = strlen (a_params.in) + 1;
+	a_params.out_size = maxsize;
+	
+	ret = k_pioctl (last ? path_bkp : "." ,
+			VIOC_AFS_STAT_MT_PT, &a_params, 0);
+	free (a_params.out);
+	if (ret < 0) {
+	    free (path_bkp);
+
+	    if (errno != EINVAL)
+		return ret;
+	    else
+		/* if we get EINVAL this is probably not a mountpoint */
+		return lstat (file, sb);
+	}
+
+	/* 
+	 * wow this was a mountpoint, lets cook the struct stat
+	 * use . as a prototype
+	 */
+
+	ret = lstat (path_bkp, sb);
+	free (path_bkp);
+	if (ret < 0)
+	    return ret;
+
+	if (ino_last == sb->st_ino)
+	    ino_counter++;
+	else {
+	    ino_last    = sb->st_ino;
+	    ino_counter = 0;
+	}
+	sb->st_ino += ino_counter;
+	sb->st_nlink = 3;
+
+	return 0;
+    }
+#endif /* KRB4 */
+    return lstat (file, sb);
+}
+
+static void
+list_files(FILE *out, char **files, int n_files, int flags)
+{
+    struct fileinfo *fi;
+    int i;
+
+    fi = calloc(n_files, sizeof(*fi));
+    if (fi == NULL) {
+	sec_fprintf2(out, "ouf of memory\r\n");
+	return;
+    }
+    for(i = 0; i < n_files; i++) {
+	if(lstat_file(files[i], &fi[i].st) < 0) {
+	    sec_fprintf2(out, "%s: %s\r\n", files[i], strerror(errno));
+	    fi[i].filename = NULL;
+	} else {
+	    if((flags & LS_DIRS) == 0 && S_ISDIR(fi[i].st.st_mode)) {
+		if(n_files > 1)
+		    sec_fprintf2(out, "%s:\r\n", files[i]);
+		list_dir(out, files[i], flags);
+	    } else {
+		make_fileinfo(files[i], &fi[i], flags);
+	    }
+	}
+    }
+    switch(SORT_MODE(flags)) {
+    case LS_SORT_NAME:
+	qsort(fi, n_files, sizeof(*fi), 
+	      (int (*)(const void*, const void*))compare_filename);
+	break;
+    case LS_SORT_MTIME:
+	qsort(fi, n_files, sizeof(*fi), 
+	      (int (*)(const void*, const void*))compare_mtime);
+	break;
+    case LS_SORT_SIZE:
+	qsort(fi, n_files, sizeof(*fi), 
+	      (int (*)(const void*, const void*))compare_size);
+	break;
+    }
+    {
+	int max_inode = 0;
+	int max_bsize = 0;
+	int max_n_link = 0;
+	int max_user = 0;
+	int max_group = 0;
+	int max_size = 0;
+	int max_major = 0;
+	int max_minor = 0;
+	int max_date = 0;
+	for(i = 0; i < n_files; i++) {
+	    if(fi[i].filename == NULL)
+		continue;
+	    if(fi[i].inode > max_inode)
+		max_inode = fi[i].inode;
+	    if(fi[i].bsize > max_bsize)
+		max_bsize = fi[i].bsize;
+	    if(fi[i].n_link > max_n_link)
+		max_n_link = fi[i].n_link;
+	    if(strlen(fi[i].user) > max_user)
+		max_user = strlen(fi[i].user);
+	    if(strlen(fi[i].group) > max_group)
+		max_group = strlen(fi[i].group);
+	    if(fi[i].major != NULL && strlen(fi[i].major) > max_major)
+		max_major = strlen(fi[i].major);
+	    if(fi[i].minor != NULL && strlen(fi[i].minor) > max_minor)
+		max_minor = strlen(fi[i].minor);
+	    if(fi[i].size != NULL && strlen(fi[i].size) > max_size)
+		max_size = strlen(fi[i].size);
+	    if(strlen(fi[i].date) > max_date)
+		max_date = strlen(fi[i].date);
+	}
+	if(max_size < max_major + max_minor + 2)
+	    max_size = max_major + max_minor + 2;
+	else if(max_size - max_minor - 2 > max_major)
+	    max_major = max_size - max_minor - 2;
+	max_inode = log10(max_inode);
+	max_bsize = log10(max_bsize);
+	max_n_link = log10(max_n_link);
+
+	if(flags & LS_SORT_REVERSE)
+	    for(i = n_files - 1; i >= 0; i--)
+		print_file(out,
+			   flags,
+			   &fi[i],
+			   max_inode,
+			   max_bsize,
+			   max_n_link,
+			   max_user,
+			   max_group,
+			   max_size,
+			   max_major,
+			   max_minor,
+			   max_date);
+	else
+	    for(i = 0; i < n_files; i++)
+		print_file(out,
+			   flags,
+			   &fi[i],
+			   max_inode,
+			   max_bsize,
+			   max_n_link,
+			   max_user,
+			   max_group,
+			   max_size,
+			   max_major,
+			   max_minor,
+			   max_date);
+    }
+}
+
+static void
+free_files (char **files, int n)
+{
+    int i;
+
+    for (i = 0; i < n; ++i)
+	free (files[i]);
+    free (files);
+}
+
+static void
+list_dir(FILE *out, const char *directory, int flags)
+{
+    DIR *d = opendir(directory);
+    struct dirent *ent;
+    char **files = NULL;
+    int n_files = 0;
+
+    if(d == NULL) {
+	sec_fprintf2(out, "%s: %s\r\n", directory, strerror(errno));
+	return;
+    }
+    while((ent = readdir(d)) != NULL) {
+	void *tmp;
+
+	if(ent->d_name[0] == '.') {
+	    if (flags & LS_IGNORE_DOT)
+	        continue;
+	    if (ent->d_name[1] == 0) /* Ignore . */
+	        continue;
+	    if (ent->d_name[1] == '.' && ent->d_name[2] == 0) /* Ignore .. */
+	        continue;
+	}
+	tmp = realloc(files, (n_files + 1) * sizeof(*files));
+	if (tmp == NULL) {
+	    sec_fprintf2(out, "%s: out of memory\r\n", directory);
+	    free_files (files, n_files);
+	    closedir (d);
+	    return;
+	}
+	files = tmp;
+	asprintf(&files[n_files], "%s/%s", directory, ent->d_name);
+	if (files[n_files] == NULL) {
+	    sec_fprintf2(out, "%s: out of memory\r\n", directory);
+	    free_files (files, n_files);
+	    closedir (d);
+	    return;
+	}
+	++n_files;
+    }
+    closedir(d);
+    list_files(out, files, n_files, flags | LS_DIRS);
+}
+
+void
+builtin_ls(FILE *out, const char *file)
+{
+    int flags = LS_SORT_NAME;
+
+    if(*file == '-') {
+	const char *p;
+	for(p = file + 1; *p; p++) {
+	    switch(*p) {
+	    case 'a':
+	    case 'A':
+		flags &= ~LS_IGNORE_DOT;
+		break;
+	    case 'C':
+		break;
+	    case 'd':
+		flags |= LS_DIRS;
+		break;
+	    case 'f':
+		flags = (flags & ~LS_SORT_MODE);
+		break;
+	    case 'i':
+		flags |= flags | LS_INODE;
+		break;
+	    case 'l':
+		break;
+	    case 't':
+		flags = (flags & ~LS_SORT_MODE) | LS_SORT_MTIME;
+		break;
+	    case 's':
+		flags |= LS_SIZE;
+		break;
+	    case 'S':
+		flags = (flags & ~LS_SORT_MODE) | LS_SORT_SIZE;
+		break;
+	    case 'r':
+		flags |= LS_SORT_REVERSE;
+		break;
+	    }
+	}
+	file = ".";
+    }
+    list_files(out, &file, 1, flags);
+    sec_fflush(out);
+}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/popen.c b/crypto/kerberosIV/appl/ftp/ftpd/popen.c
index 4bd5e04..5f36813 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/popen.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/popen.c
@@ -37,7 +37,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: popen.c,v 1.18 1998/06/09 19:24:24 joda Exp $");
+RCSID("$Id: popen.c,v 1.19 1999/09/16 20:38:45 assar Exp $");
 #endif
 
 #include <sys/types.h>
@@ -89,10 +89,10 @@ ftp_rooted(const char *path)
 
     if(!home[0])
 	if((pwd = k_getpwnam("ftp")))
-	    strcpy_truncate(home, pwd->pw_dir, sizeof(home));
+	    strlcpy(home, pwd->pw_dir, sizeof(home));
     snprintf(newpath, sizeof(newpath), "%s/%s", home, path);
     if(access(newpath, X_OK))
-	strcpy_truncate(newpath, path, sizeof(newpath));
+	strlcpy(newpath, path, sizeof(newpath));
     return newpath;
 }
 
diff --git a/crypto/kerberosIV/appl/kauth/ChangeLog b/crypto/kerberosIV/appl/kauth/ChangeLog
index ad849a2..a770682 100644
--- a/crypto/kerberosIV/appl/kauth/ChangeLog
+++ b/crypto/kerberosIV/appl/kauth/ChangeLog
@@ -1,3 +1,9 @@
+1999-08-31  Johan Danielsson  <joda@pdc.kth.se>
+
+	* kauth.c: cleanup usage string; handle `kauth -h' gracefully
+	(print usage); add `-a' flag to get the ticket address (useful for
+	firewall configurations)
+
 Thu Apr 15 15:05:33 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
 
 	* kauth.c: add `-v'
diff --git a/crypto/kerberosIV/appl/kauth/encdata.c b/crypto/kerberosIV/appl/kauth/encdata.c
index 800326a..886f549 100644
--- a/crypto/kerberosIV/appl/kauth/encdata.c
+++ b/crypto/kerberosIV/appl/kauth/encdata.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kauth.h"
 
-RCSID("$Id: encdata.c,v 1.9 1997/04/01 08:17:30 joda Exp $");
+RCSID("$Id: encdata.c,v 1.10 1999/12/02 16:58:31 joda Exp $");
 
 int
 write_encrypted (int fd, void *buf, size_t len, des_key_schedule schedule,
diff --git a/crypto/kerberosIV/appl/kauth/kauth.c b/crypto/kerberosIV/appl/kauth/kauth.c
index ae5454e..13448a0 100644
--- a/crypto/kerberosIV/appl/kauth/kauth.c
+++ b/crypto/kerberosIV/appl/kauth/kauth.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -46,7 +41,7 @@
 
 #include "kauth.h"
 
-RCSID("$Id: kauth.c,v 1.92 1999/06/29 21:19:35 bg Exp $");
+RCSID("$Id: kauth.c,v 1.97 1999/12/02 16:58:31 joda Exp $");
 
 krb_principal princ;
 static char srvtab[MaxPathLen];
@@ -59,11 +54,16 @@ static void
 usage(void)
 {
     fprintf(stderr,
-	    "Usage: %s -n <name> [-r remoteuser] [-t remote ticketfile] "
-	    "[-l lifetime (in minutes) ] [-f srvtab ] "
-	    "[-c AFS cell name ] [-h hosts... [--]] [command ... ]\n",
-	    __progname);
-    fprintf(stderr, "\nA fully qualified name can be given user[.instance][@realm]\nRealm is converted to uppercase!\n");
+	    "Usage:\n"
+	    "  %s [name]\n"
+	    "or\n"
+	    "  %s [-ad] [-n name] [-r remoteuser] [-t remote ticketfile]\n"
+	    "        [-l lifetime (in minutes) ] [-f srvtab ] [-c AFS cell name ]\n"
+	    "        [-h hosts... [--]] [command ... ]\n\n",
+	    __progname, __progname);
+    fprintf(stderr, 
+	    "A fully qualified name can be given: user[.instance][@realm]\n"
+	    "Realm is converted to uppercase!\n");
     exit(1);
 }
 
@@ -139,6 +139,56 @@ key_to_key(const char *user,
     return 0;
 }
 
+static int
+get_ticket_address(krb_principal *princ, des_cblock *key)
+{
+    int code;
+    unsigned char flags;
+    krb_principal service;
+    u_int32_t addr;
+    struct in_addr addr2;
+    des_cblock session;
+    int life;
+    u_int32_t time_sec;
+    des_key_schedule schedule;
+    CREDENTIALS c;
+	
+    code = get_ad_tkt(princ->name, princ->instance, princ->realm, 0);
+    if(code) {
+	warnx("get_ad_tkt: %s\n", krb_get_err_text(code));
+	return code;
+    }
+    code = krb_get_cred(princ->name, princ->instance, princ->realm, &c);
+    if(code) {
+	warnx("krb_get_cred: %s\n", krb_get_err_text(code));
+	return code;
+    }
+
+    des_set_key(key, schedule);
+    code = decomp_ticket(&c.ticket_st, 
+			 &flags,
+			 princ->name,
+			 princ->instance,
+			 princ->realm,
+			 &addr,
+			 session,
+			 &life,
+			 &time_sec,
+			 service.name,
+			 service.instance,
+			 key,
+			 schedule);
+    if(code) {
+	warnx("decomp_ticket: %s\n", krb_get_err_text(code));
+	return code;
+    }
+    memset(&session, 0, sizeof(session));
+    memset(schedule, 0, sizeof(schedule));
+    addr2.s_addr = addr;
+    fprintf(stdout, "ticket address = %s\n", inet_ntoa(addr2));
+} 
+
+
 int
 main(int argc, char **argv)
 {
@@ -147,6 +197,7 @@ main(int argc, char **argv)
     int c;
     char *file;
     int pflag = 0;
+    int aflag = 0;
     int version_flag = 0;
     char passwd[100];
     des_cblock key;
@@ -174,20 +225,24 @@ main(int argc, char **argv)
 	strupr(princ.realm);
       }
 
-    while ((c = getopt(argc, argv, "r:t:f:hdl:n:c:v")) != EOF)
+    while ((c = getopt(argc, argv, "ar:t:f:hdl:n:c:v")) != -1)
 	switch (c) {
+	case 'a':
+	    aflag++;
+	    break;
 	case 'd':
 	    krb_enable_debug();
 	    _kafs_debug = 1;
+	    aflag++;
 	    break;
 	case 'f':
-	    strcpy_truncate(srvtab, optarg, sizeof(srvtab));
+	    strlcpy(srvtab, optarg, sizeof(srvtab));
 	    break;
 	case 't':
-	    strcpy_truncate(remote_tktfile, optarg, sizeof(remote_tktfile));
+	    strlcpy(remote_tktfile, optarg, sizeof(remote_tktfile));
 	    break;
 	case 'r':
-	    strcpy_truncate(remoteuser, optarg, sizeof(remoteuser));
+	    strlcpy(remoteuser, optarg, sizeof(remoteuser));
 	    break;
 	case 'l':
 	    lifetime = atoi(optarg);
@@ -215,6 +270,8 @@ main(int argc, char **argv)
 	    host = argv + optind;
 	    for(nhost = 0; optind < argc && *argv[optind] != '-'; ++optind)
 		++nhost;
+	    if(nhost == 0)
+		usage();
 	    break;
 	case 'v':
 	    version_flag++;
@@ -238,24 +295,22 @@ main(int argc, char **argv)
     /* With root tickets assume remote user is root */
     if (*remoteuser == '\0') {
       if (strcmp(princ.instance, "root") == 0)
-	strcpy_truncate(remoteuser, princ.instance, sizeof(remoteuser));
+	strlcpy(remoteuser, princ.instance, sizeof(remoteuser));
       else
-	strcpy_truncate(remoteuser, princ.name, sizeof(remoteuser));
+	strlcpy(remoteuser, princ.name, sizeof(remoteuser));
     }
 
     more_args = argc - optind;
   
     if (princ.realm[0] == '\0')
 	if (krb_get_lrealm(princ.realm, 1) != KSUCCESS)
-	    strcpy_truncate(princ.realm, KRB_REALM, REALM_SZ);
+	    strlcpy(princ.realm, KRB_REALM, REALM_SZ);
   
     if (more_args) {
 	int f;
       
 	do{
-	    snprintf(tf, sizeof(tf),
-		     TKT_ROOT "%u_%u",
-		     (unsigned)getuid(),
+	    snprintf(tf, sizeof(tf), "%s%u_%u", TKT_ROOT, (unsigned)getuid(),
 		     (unsigned)(getpid()*time(0)));
 	    f = open(tf, O_CREAT|O_EXCL|O_RDWR);
 	}while(f < 0);
@@ -297,6 +352,9 @@ main(int argc, char **argv)
 	errx (1, "%s", krb_get_err_text(code));
     }
 
+    if(aflag)
+	get_ticket_address(&princ, &key);
+
     if (k_hasafs()) {
 	if (more_args)
 	    k_setpag();
diff --git a/crypto/kerberosIV/appl/kauth/kauth.h b/crypto/kerberosIV/appl/kauth/kauth.h
index c5a4517..32243c7 100644
--- a/crypto/kerberosIV/appl/kauth/kauth.h
+++ b/crypto/kerberosIV/appl/kauth/kauth.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kauth.h,v 1.20 1998/06/13 00:06:45 assar Exp $ */
+/* $Id: kauth.h,v 1.21 1999/12/02 16:58:31 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
diff --git a/crypto/kerberosIV/appl/kauth/kauthd.c b/crypto/kerberosIV/appl/kauth/kauthd.c
index 0018a13..8dae4d0 100644
--- a/crypto/kerberosIV/appl/kauth/kauthd.c
+++ b/crypto/kerberosIV/appl/kauth/kauthd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kauth.h"
 
-RCSID("$Id: kauthd.c,v 1.24 1999/06/29 21:19:35 bg Exp $");
+RCSID("$Id: kauthd.c,v 1.25 1999/12/02 16:58:31 joda Exp $");
 
 krb_principal princ;
 static char locuser[SNAME_SZ];
diff --git a/crypto/kerberosIV/appl/kauth/marshall.c b/crypto/kerberosIV/appl/kauth/marshall.c
index dc28ae5..e37b8c9 100644
--- a/crypto/kerberosIV/appl/kauth/marshall.c
+++ b/crypto/kerberosIV/appl/kauth/marshall.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kauth.h"
 
-RCSID("$Id: marshall.c,v 1.8 1998/06/09 19:24:26 joda Exp $");
+RCSID("$Id: marshall.c,v 1.10 1999/12/02 16:58:31 joda Exp $");
 
 int
 pack_args (char *buf,
@@ -104,28 +99,28 @@ unpack_args (const char *buf, krb_principal *pr, int *lifetime,
     len = strlen(buf);
     if (len >= SNAME_SZ)
 	return -1;
-    strcpy_truncate (pr->name, buf, ANAME_SZ);
+    strlcpy (pr->name, buf, ANAME_SZ);
     buf += len + 1;
     len = strlen (buf);
     if (len >= INST_SZ)
 	return -1;
-    strcpy_truncate (pr->instance, buf, INST_SZ);
+    strlcpy (pr->instance, buf, INST_SZ);
     buf += len + 1;
     len = strlen (buf);
     if (len >= REALM_SZ)
 	return -1;
-    strcpy_truncate (pr->realm, buf, REALM_SZ);
+    strlcpy (pr->realm, buf, REALM_SZ);
     buf += len + 1;
     *lifetime = (unsigned char)*buf++;
     len = strlen(buf);
     if (len >= SNAME_SZ)
 	return -1;
-    strcpy_truncate (locuser, buf, SNAME_SZ);
+    strlcpy (locuser, buf, SNAME_SZ);
     buf += len + 1;
     len = strlen(buf);
     if (len >= MaxPathLen)
 	return -1;
-    strcpy_truncate (tktfile, buf, MaxPathLen);
+    strlcpy (tktfile, buf, MaxPathLen);
     buf += len + 1;
     return 0;
 }
diff --git a/crypto/kerberosIV/appl/kauth/rkinit.c b/crypto/kerberosIV/appl/kauth/rkinit.c
index d736ddc..cac62c9 100644
--- a/crypto/kerberosIV/appl/kauth/rkinit.c
+++ b/crypto/kerberosIV/appl/kauth/rkinit.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kauth.h"
 
-RCSID("$Id: rkinit.c,v 1.21 1998/06/09 19:24:26 joda Exp $");
+RCSID("$Id: rkinit.c,v 1.22.2.1 1999/12/06 17:27:56 assar Exp $");
 
 static struct in_addr *
 getalladdrs (char *hostname, unsigned *count)
@@ -113,6 +108,15 @@ doit_host (krb_principal *princ, int lifetime, char *locuser,
 	return 1;
     }
 
+    if (krb_get_config_bool("nat_in_use")) {
+	struct in_addr natAddr;
+
+	if (krb_get_our_ip_for_realm(krb_realmofhost(hostname),
+				     &natAddr) == KSUCCESS
+	    || krb_get_our_ip_for_realm (NULL, &natAddr) == KSUCCESS)
+	    thisaddr.sin_addr = natAddr;
+    }
+
     status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd",
 			   hostname, krb_realmofhost (hostname),
 			   getpid(), &msg, &cred, schedule,
diff --git a/crypto/kerberosIV/appl/kip/common.c b/crypto/kerberosIV/appl/kip/common.c
index b21d03d..c97fe9f 100644
--- a/crypto/kerberosIV/appl/kip/common.c
+++ b/crypto/kerberosIV/appl/kip/common.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kip.h"
 
-RCSID("$Id: common.c,v 1.12 1997/05/02 14:28:06 assar Exp $");
+RCSID("$Id: common.c,v 1.13 1999/12/02 16:58:31 joda Exp $");
 
 /*
  * Copy packets from `tundev' to `netdev' or vice versa.
diff --git a/crypto/kerberosIV/appl/kip/kip.c b/crypto/kerberosIV/appl/kip/kip.c
index 990583b..667a8d8 100644
--- a/crypto/kerberosIV/appl/kip/kip.c
+++ b/crypto/kerberosIV/appl/kip/kip.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kip.h"
 
-RCSID("$Id: kip.c,v 1.17 1998/05/01 05:20:11 assar Exp $");
+RCSID("$Id: kip.c,v 1.18 1999/12/02 16:58:31 joda Exp $");
 
 static void
 usage(void)
diff --git a/crypto/kerberosIV/appl/kip/kip.h b/crypto/kerberosIV/appl/kip/kip.h
index ed9874a..dc748df 100644
--- a/crypto/kerberosIV/appl/kip/kip.h
+++ b/crypto/kerberosIV/appl/kip/kip.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kip.h,v 1.17 1997/12/14 23:57:21 assar Exp $ */
+/* $Id: kip.h,v 1.18 1999/12/02 16:58:31 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
diff --git a/crypto/kerberosIV/appl/kip/kipd.c b/crypto/kerberosIV/appl/kip/kipd.c
index 6990d05..429f815 100644
--- a/crypto/kerberosIV/appl/kip/kipd.c
+++ b/crypto/kerberosIV/appl/kip/kipd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kip.h"
 
-RCSID("$Id: kipd.c,v 1.15 1999/03/10 18:33:24 joda Exp $");
+RCSID("$Id: kipd.c,v 1.16 1999/12/02 16:58:31 joda Exp $");
 
 static int
 fatal (int fd, char *s)
diff --git a/crypto/kerberosIV/appl/push/ChangeLog b/crypto/kerberosIV/appl/push/ChangeLog
new file mode 100644
index 0000000..a55954d
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/ChangeLog
@@ -0,0 +1,135 @@
+1999-11-13  Assar Westerlund  <assar@sics.se>
+
+	* push.c: make `-v' a arg_counter
+	
+1999-11-02  Assar Westerlund  <assar@sics.se>
+
+	* push.c (main): redo the v4/v5 selection for consistency.  -4 ->
+ 	try only v4 -5 -> try only v5 none, -45 -> try v5, v4
+
+1999-08-19  Assar Westerlund  <assar@sics.se>
+
+	* push.c (doit): remember to step over the error message when we
+ 	discover that XDELE is not supported
+
+1999-08-12  Johan Danielsson  <joda@pdc.kth.se>
+
+	* push.c: use XDELE
+
+1999-08-05  Assar Westerlund  <assar@sics.se>
+
+	* push.c (do_connect): v6-ify
+
+1999-06-15  Assar Westerlund  <assar@sics.se>
+
+	* push.c: get_default_username and the resulting const propagation
+
+1999-05-21  Assar Westerlund  <assar@sics.se>
+
+	* push.c (parse_pobox): try $USERNAME
+
+1999-05-11  Assar Westerlund  <assar@sics.se>
+
+	* push.c (do_v5): remove unused and non-working code
+
+1999-05-10  Assar Westerlund  <assar@sics.se>
+
+	* push.c (do_v5): call krb5_sendauth with ccache == NULL
+	
+Wed Apr  7 23:40:00 1999  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in: fix names of hesiod variables
+
+Wed Mar 24 04:37:04 1999  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am (pfrom): fix typo
+
+	* push.c (get_pobox): try to handle old and new hesiod APIs
+
+Mon Mar 22 22:19:40 1999  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: hesoid -> hesiod
+
+Sun Mar 21 18:02:10 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.am: bindir -> libexecdir
+
+Sat Mar 20 00:12:26 1999  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: LDADD: add missing backslash
+
+Thu Mar 18 15:28:35 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* Makefile.am: clean pfrom
+
+	* Makefile.am: include Makefile.am.common
+
+Mon Mar 15 18:26:16 1999  Johan Danielsson  <joda@blubb.pdc.kth.se>
+
+	* push.c: strncasecmp headers
+
+Mon Feb 15 22:22:09 1999  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (pfrom): use libexecdir
+
+	* Makefile.am: build and install pfrom
+
+	* push.c (do_connect): init `s'
+	(pop_state): spell-check enums
+
+Tue Nov 24 23:20:54 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in: build and install pfrom
+
+	* pfrom.in: bindir -> libexecdir
+
+Sun Nov 22 15:33:52 1998  Johan Danielsson  <joda@hella.pdc.kth.se>
+
+	* push.c: eliminate some warnings
+
+Sun Nov 22 10:34:54 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (WFLAGS): set
+
+Thu Nov 19 01:17:33 1998  Assar Westerlund  <assar@sics.se>
+
+	* push_locl.h: add <hesiod.h>
+
+	* Makefile.am, Makefile.in: link and include hesiod
+
+	* push.c (get_pobox): new function. add hesiod support.
+
+1998-11-07  Assar Westerlund  <assar@sics.se>
+
+	* push.8: updated
+
+	* push.c: --from implementation from <lha@stacken.kth.se>
+
+Fri Jul 10 01:14:45 1998  Assar Westerlund  <assar@sics.se>
+
+	* push.c (net_{read,write}): remove
+
+Wed Jun 24 14:41:41 1998  Johan Danielsson  <joda@blubb.pdc.kth.se>
+
+	* push.c: allow `po:user@host' mailbox syntax
+
+Tue Jun  2 17:35:06 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
+
+	* push.c: quote '^From ' properly
+
+Mon May 25 05:22:47 1998  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.in (clean): PROGS -> PROGRAMS
+
+Sun Apr 26 11:42:13 1998  Assar Westerlund  <assar@sics.se>
+
+	* push.c (main): better default for v4 and v5
+
+	* push.c (main): init context correctly
+
+	* push.c: should work with krb4
+
+	* push_locl.h: krb4 compat
+
+	* Makefile.in: new file
+
diff --git a/crypto/kerberosIV/appl/push/Makefile.am b/crypto/kerberosIV/appl/push/Makefile.am
new file mode 100644
index 0000000..07ecd0a
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/Makefile.am
@@ -0,0 +1,27 @@
+# $Id: Makefile.am,v 1.15 1999/04/09 18:29:48 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += $(INCLUDE_krb4) $(INCLUDE_hesiod)
+
+bin_SCRIPTS		= pfrom
+
+libexec_PROGRAMS	= push
+
+push_SOURCES = push.c push_locl.h
+
+pfrom: pfrom.in
+	sed -e "s!%libexecdir%!$(libexecdir)!" $(srcdir)/pfrom.in > $@
+	chmod +x $@
+
+man_MANS = push.8
+
+CLEANFILES = pfrom
+
+EXTRA_DIST = pfrom.in $(man_MANS)
+
+LDADD = $(LIB_krb5) \
+	$(LIB_krb4) \
+	$(top_builddir)/lib/des/libdes.la \
+	$(LIB_roken) \
+	$(LIB_hesiod)
diff --git a/crypto/kerberosIV/appl/push/Makefile.in b/crypto/kerberosIV/appl/push/Makefile.in
new file mode 100644
index 0000000..87da6cf
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/Makefile.in
@@ -0,0 +1,95 @@
+# $Id: Makefile.in,v 1.10 1999/04/07 18:39:56 assar Exp $
+
+SHELL = /bin/sh
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+
+CC = @CC@
+LINK = @LINK@
+RANLIB = @RANLIB@
+DEFS = @DEFS@ @INCLUDE_hesiod@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
+LD_FLAGS = @LD_FLAGS@
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+LIBS = @LIB_hesiod@ @LIBS@
+LIB_DBM = @LIB_DBM@
+MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+libdir = @libdir@
+libexecdir = @libexecdir@
+bindir = @bindir@
+transform=@program_transform_name@
+EXECSUFFIX=@EXECSUFFIX@
+
+bin_PROGRAMS		= pfrom
+
+libexec_PROGRAMS	= push$(EXECSUFFIX)
+
+PROGRAMS		= $(libexec_PROGRAMS) $(bin_PROGRAMS)
+
+push_SOURCES		= push.c
+
+push_OBJECTS		= push.o
+
+SOURCES			= $(push_SOURCES)
+
+OBJECTS			= $(push_OBJECTS)
+
+all: $(PROGRAMS)
+
+.c.o:
+	$(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $<
+
+install: all
+	$(MKINSTALLDIRS) $(DESTDIR)$(bindir)
+	for x in $(bin_PROGRAMS); do \
+	  $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
+	done
+	$(MKINSTALLDIRS) $(DESTDIR)$(libexecdir)
+	for x in $(libexec_PROGRAMS); do \
+	  $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \
+	done
+
+uninstall:
+	for x in $(bin_PROGRAMS); do \
+	  rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
+	done
+	for x in $(libexec_PROGRAMS); do \
+	  rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \
+	done
+
+TAGS: $(SOURCES)
+	etags $(SOURCES)
+
+check:
+
+clean:
+	rm -f *.a *.o $(PROGRAMS)
+
+mostlyclean: clean
+
+distclean: clean
+	rm -f Makefile *~
+
+realclean: distclean
+	rm -f TAGS
+
+KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes
+LIBROKEN=-L../../lib/roken -lroken
+
+push$(EXECSUFFIX): $(push_OBJECTS)
+	$(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(push_OBJECTS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+
+pfrom: pfrom.in
+	sed -e "s!%libexecdir%!$(libexecdir)!" $(srcdir)/pfrom.in > $@
+	chmod +x $@
+
+$(OBJECTS): ../../include/config.h
+
+.PHONY: all install uninstall check clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/appl/push/pfrom.in b/crypto/kerberosIV/appl/push/pfrom.in
new file mode 100644
index 0000000..6adf4f0
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/pfrom.in
@@ -0,0 +1,6 @@
+#!/bin/sh
+# $Id: pfrom.in,v 1.2 1998/11/24 13:25:47 assar Exp $
+libexecdir=%libexecdir%
+PATH=$libexecdir:$PATH
+export PATH
+push --from $*
diff --git a/crypto/kerberosIV/appl/push/push.8 b/crypto/kerberosIV/appl/push/push.8
new file mode 100644
index 0000000..5066b37
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/push.8
@@ -0,0 +1,138 @@
+.\" $Id: push.8,v 1.3.16.1 1999/12/06 17:25:27 assar Exp $
+.\"
+.Dd May 31, 1998
+.Dt PUSH 8
+.Os HEIMDAL
+.Sh NAME
+.Nm push
+.Nd
+fetch mail via POP
+.Sh SYNOPSIS
+.Nm
+.Op Fl 4 | Fl -krb4
+.Op Fl 5 | Fl -krb5
+.Op Fl v | Fl -verbose
+.Op Fl f | Fl -fork
+.Op Fl l | -leave
+.Op Fl -from
+.Op Fl c | -count
+.Op Fl -header
+.Oo Fl p Ar port-spec  \*(Ba Xo
+.Fl -port= Ns Ar port-spec Oc
+.Xc
+.Ar po-box
+.Pa filename
+.Sh DESCRIPTION
+.Nm
+retrieves mail from the post office box
+.Ar po-box ,
+and stores the mail in mbox format in
+.Pa filename .
+The
+.Ar po-box
+can have any of the following formats:
+.Bl -hang -compact -offset indent
+.It Ql hostname:username
+.It Ql po:hostname:username
+.It Ql username@hostname
+.It Ql po:username@hostname
+.It Ql hostname
+.It Ql po:username
+.El
+
+If no username is specified,
+.Nm
+assumes that it's the same as on the local machine; 
+.Ar hostname
+defaults to the value of the
+.Ev MAILHOST
+environment variable.
+
+Supported options:
+.Bl -tag -width Ds
+.It Xo
+.Fl 4 Ns ,
+.Fl -krb4
+.Xc
+use Kerberos 4 (if compiled with support for Kerberos 4)
+.It Xo
+.Fl 5 Ns ,
+.Fl -krb5
+.Xc
+use Kerberos 5 (if compiled with support for Kerberos 5)
+.It Xo
+.Fl f Ns ,
+.Fl -fork
+.Xc
+fork before starting to delete messages
+.It Xo
+.Fl l Ns ,
+.Fl -leave
+.Xc
+don't delete fetched mail
+.It Xo
+.Fl -from
+.Xc
+behave like from.
+.It Xo
+.Fl c Ns ,
+.Fl -count
+.Xc
+first print how many messages and bytes there are.
+.It Xo
+.Fl -header
+.Xc
+which header from should print.
+.It Xo
+.Fl p Ar port-spec Ns ,
+.Fl -port= Ns Ar port-spec
+.Xc
+use this port instead of the default
+.Ql kpop 
+or
+.Ql 1109 .
+.El
+
+The default is to first try Kerberos 5 authentication and then, if
+that fails, Kerberos 4.
+.Sh ENVIRONMENT
+
+.Bl -tag -width Ds
+.It Ev MAILHOST
+points to the post office, if no other hostname is specified.
+.El
+.\".Sh FILES
+.Sh EXAMPLES
+.Bd -literal -offset indent
+$ push cornfield:roosta ~/.gnus-crash-box
+.Ed
+
+tries to fetch mail for the user
+.Ar roosta
+from the post office at
+.Dq cornfield ,
+and stores the mail in
+.Pa ~/.gnus-crash-box  
+(you are using Gnus, aren't you?)
+.Bd -literal -offset indent
+$ push --from -5 havregryn
+.Ed
+
+tries to fetch 
+.Nm From: 
+lines for current user at post office
+.Dq havregryn
+using Kerberos 5.
+.\".Sh DIAGNOSTICS
+.Sh SEE ALSO
+.Xr movemail 8 ,
+.Xr popper 8 ,
+.Xr from 1
+.\".Sh STANDARDS
+.Sh HISTORY
+.Nm
+was written while waiting for
+.Nm movemail
+to finish getting the mail.
+.\".Sh AUTHORS
+.\".Sh BUGS
diff --git a/crypto/kerberosIV/appl/push/push.c b/crypto/kerberosIV/appl/push/push.c
new file mode 100644
index 0000000..bc7574f
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/push.c
@@ -0,0 +1,795 @@
+/*
+ * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#include "push_locl.h"
+RCSID("$Id: push.c,v 1.34.2.1 1999/12/06 17:25:28 assar Exp $");
+
+#ifdef KRB4
+static int use_v4 = -1;
+#endif
+
+#ifdef KRB5
+static int use_v5 = -1;
+static krb5_context context;
+#endif
+
+static char *port_str;
+static int verbose_level;
+static int do_fork;
+static int do_leave;
+static int do_version;
+static int do_help;
+static int do_from;
+static int do_count;
+static char *header_str;
+
+struct getargs args[] = {
+#ifdef KRB4
+    { "krb4",	'4', arg_flag,		&use_v4,	"Use Kerberos V4",
+      NULL },
+#endif    
+#ifdef KRB5
+    { "krb5",	'5', arg_flag,		&use_v5,	"Use Kerberos V5",
+      NULL },
+#endif
+    { "verbose",'v', arg_counter,	&verbose_level,	"Verbose",
+      NULL },
+    { "fork",	'f', arg_flag,		&do_fork,	"Fork deleting proc",
+      NULL },
+    { "leave",	'l', arg_flag,		&do_leave,	"Leave mail on server",
+      NULL },
+    { "port",	'p', arg_string,	&port_str,	"Use this port",
+      "number-or-service" },
+    { "from",	 0,  arg_flag,		&do_from,	"Behave like from",
+      NULL },
+    { "header",	 0,  arg_string,	&header_str,	"Header string to print", NULL },
+    { "count", 'c',  arg_flag,		&do_count,	"Print number of messages", NULL},
+    { "version", 0,  arg_flag,		&do_version,	"Print version",
+      NULL },
+    { "help",	 0,  arg_flag,		&do_help,	NULL,
+      NULL }
+
+};
+
+static void
+usage (int ret)
+{
+    arg_printusage (args,
+		    sizeof(args) / sizeof(args[0]),
+		    NULL,
+		    "[[{po:username[@hostname] | hostname[:username]}] ...]"
+		    "filename");
+    exit (ret);
+}
+
+static int
+do_connect (const char *hostname, int port, int nodelay)
+{
+    struct hostent *hostent = NULL;
+    char **h;
+    int error;
+    int af;
+    int s;
+
+#ifdef HAVE_IPV6    
+    if (hostent == NULL)
+	hostent = getipnodebyname (hostname, AF_INET6, 0, &error);
+#endif
+    if (hostent == NULL)
+	hostent = getipnodebyname (hostname, AF_INET, 0, &error);
+
+    if (hostent == NULL)
+	errx(1, "gethostbyname '%s' failed: %s", hostname, hstrerror(error));
+
+    af = hostent->h_addrtype;
+
+    for (h = hostent->h_addr_list; *h != NULL; ++h) {
+	struct sockaddr_storage sa_ss;
+	struct sockaddr *sa = (struct sockaddr *)&sa_ss;
+
+	sa->sa_family = af;
+	socket_set_address_and_port (sa, *h, port);
+
+	s = socket (af, SOCK_STREAM, 0);
+	if (s < 0)
+	    err (1, "socket");
+	if (connect(s, sa, socket_sockaddr_size(sa)) < 0) {
+	    warn ("connect(%s)", hostname);
+	    close (s);
+	    continue;
+	} else {
+	    break;
+	}
+    }
+    freehostent (hostent);
+    if (*h == NULL)
+	return -1;
+    if(setsockopt(s, IPPROTO_TCP, TCP_NODELAY,
+		  (void *)&nodelay, sizeof(nodelay)) < 0)
+	err (1, "setsockopt TCP_NODELAY");
+    return s;
+}
+
+typedef enum { INIT = 0, GREET, USER, PASS, STAT, RETR, TOP, 
+	       DELE, XDELE, QUIT} pop_state;
+
+#define PUSH_BUFSIZ 65536
+
+#define STEP 16
+
+struct write_state {
+    struct iovec *iovecs;
+    size_t niovecs, maxiovecs, allociovecs;
+    int fd;
+};
+
+static void
+write_state_init (struct write_state *w, int fd)
+{
+#ifdef UIO_MAXIOV
+    w->maxiovecs = UIO_MAXIOV;
+#else
+    w->maxiovecs = 16;
+#endif
+    w->allociovecs = min(STEP, w->maxiovecs);
+    w->niovecs = 0;
+    w->iovecs = malloc(w->allociovecs * sizeof(*w->iovecs));
+    if (w->iovecs == NULL)
+	err (1, "malloc");
+    w->fd = fd;
+}
+
+static void
+write_state_add (struct write_state *w, void *v, size_t len)
+{
+    if(w->niovecs == w->allociovecs) {				
+	if(w->niovecs == w->maxiovecs) {				
+	    if(writev (w->fd, w->iovecs, w->niovecs) < 0)		
+		err(1, "writev");				
+	    w->niovecs = 0;					
+	} else {						
+	    w->allociovecs = min(w->allociovecs + STEP, w->maxiovecs);	
+	    w->iovecs = realloc (w->iovecs,				
+				 w->allociovecs * sizeof(*w->iovecs));	
+	    if (w->iovecs == NULL)					
+		errx (1, "realloc");				
+	}							
+    }								
+    w->iovecs[w->niovecs].iov_base = v;				
+    w->iovecs[w->niovecs].iov_len  = len;				
+    ++w->niovecs;							
+}
+
+static void
+write_state_flush (struct write_state *w)
+{
+    if (w->niovecs) {
+	if (writev (w->fd, w->iovecs, w->niovecs) < 0)
+	    err (1, "writev");
+	w->niovecs = 0;
+    }
+}
+
+static void
+write_state_destroy (struct write_state *w)
+{
+    free (w->iovecs);
+}
+
+static int
+doit(int s,
+     const char *host,
+     const char *user,
+     const char *outfilename,
+     const char *header_str,
+     int leavep,
+     int verbose,
+     int forkp)
+{
+    int ret;
+    char out_buf[PUSH_BUFSIZ];
+    size_t out_len = 0;
+    char in_buf[PUSH_BUFSIZ + 1];	/* sentinel */
+    size_t in_len = 0;
+    char *in_ptr = in_buf;
+    pop_state state = INIT;
+    unsigned count, bytes;
+    unsigned asked_for = 0, retrieved = 0, asked_deleted = 0, deleted = 0;
+    unsigned sent_xdele = 0;
+    int out_fd;
+    char from_line[128];
+    size_t from_line_length;
+    time_t now;
+    struct write_state write_state;
+
+    if (do_from) {
+	out_fd = -1;
+	if (verbose)
+	    fprintf (stderr, "%s@%s\n", user, host);
+    } else {
+	out_fd = open(outfilename, O_WRONLY | O_APPEND | O_CREAT, 0666);
+	if (out_fd < 0)
+	    err (1, "open %s", outfilename);
+	if (verbose)
+	    fprintf (stderr, "%s@%s -> %s\n", user, host, outfilename);
+    }
+
+    now = time(NULL);
+    from_line_length = snprintf (from_line, sizeof(from_line),
+				 "From %s %s", "push", ctime(&now));
+
+    out_len = snprintf (out_buf, sizeof(out_buf),
+			"USER %s\r\nPASS hej\r\nSTAT\r\n",
+			user);
+    if (net_write (s, out_buf, out_len) != out_len)
+	err (1, "write");
+    if (verbose > 1)
+	write (STDERR_FILENO, out_buf, out_len);
+
+    if (!do_from)
+	write_state_init (&write_state, out_fd);
+
+    while(state != QUIT) {
+	fd_set readset, writeset;
+
+	FD_ZERO(&readset);
+	FD_ZERO(&writeset);
+	FD_SET(s,&readset);
+	if (((state == STAT || state == RETR || state == TOP)
+	     && asked_for < count)
+	    || (state == XDELE && !sent_xdele)
+	    || (state == DELE && asked_deleted < count))
+	    FD_SET(s,&writeset);
+	ret = select (s + 1, &readset, &writeset, NULL, NULL);
+	if (ret < 0) {
+	    if (errno == EAGAIN)
+		continue;
+	    else
+		err (1, "select");
+	}
+	
+	if (FD_ISSET(s, &readset)) {
+	    char *beg, *p;
+	    size_t rem;
+	    int blank_line = 0;
+	    
+	    ret = read (s, in_ptr, sizeof(in_buf) - in_len - 1);
+	    if (ret < 0)
+		err (1, "read");
+	    else if (ret == 0)
+		errx (1, "EOF during read");
+	    
+	    in_len += ret;
+	    in_ptr += ret;
+	    *in_ptr = '\0';
+	    
+	    beg = in_buf;
+	    rem = in_len;
+	    while(rem > 1
+		  && (p = strstr(beg, "\r\n")) != NULL) {
+		if (state == TOP) {
+		    char *copy = beg;
+
+		    if (strncasecmp(copy,
+				    header_str,
+				    min(p - copy + 1, strlen(header_str))) == 0) {
+			fprintf (stdout, "%.*s\n", (int)(p - copy), copy);
+		    }
+		    if (beg[0] == '.' && beg[1] == '\r' && beg[2] == '\n') {
+			state = STAT;
+			if (++retrieved == count) {
+			    state = QUIT;
+			    net_write (s, "QUIT\r\n", 6);
+			    if (verbose > 1)
+				net_write (STDERR_FILENO, "QUIT\r\n", 6);
+			}
+		    }
+		    rem -= p - beg + 2;
+		    beg = p + 2;
+		} else if (state == RETR) {
+		    char *copy = beg;
+		    if (beg[0] == '.') {
+			if (beg[1] == '\r' && beg[2] == '\n') {
+			    if(!blank_line)
+				write_state_add(&write_state, "\n", 1);
+			    state = STAT;
+			    rem -= p - beg + 2;
+			    beg = p + 2;
+			    if (++retrieved == count) {
+				write_state_flush (&write_state);
+				if (fsync (out_fd) < 0)
+				    err (1, "fsync");
+				close(out_fd);
+				if (leavep) {
+				    state = QUIT;
+				    net_write (s, "QUIT\r\n", 6);
+				    if (verbose > 1)
+					net_write (STDERR_FILENO, "QUIT\r\n", 6);
+				} else {
+				    if (forkp) {
+					pid_t pid;
+
+					pid = fork();
+					if (pid < 0)
+					    warn ("fork");
+					else if(pid != 0) {
+					    if(verbose)
+						fprintf (stderr,
+							 "(exiting)");
+					    return 0;
+					}
+				    }
+
+				    state = XDELE;
+				    if (verbose)
+					fprintf (stderr, "deleting... ");
+				}
+			    }
+			    continue;
+			} else
+			    ++copy;
+		    }
+		    *p = '\n';
+		    if(blank_line && 
+		       strncmp(copy, "From ", min(p - copy + 1, 5)) == 0)
+			write_state_add(&write_state, ">", 1);
+		    write_state_add(&write_state, copy, p - copy + 1);
+		    blank_line = (*copy == '\n');
+		    rem -= p - beg + 2;
+		    beg = p + 2;
+		} else if (rem >= 3 && strncmp (beg, "+OK", 3) == 0) {
+		    if (state == STAT) {
+			if (!do_from)
+			    write_state_add(&write_state,
+					    from_line, from_line_length);
+			blank_line = 0;
+			if (do_from) 
+			    state = TOP;
+			else
+			    state = RETR;
+		    } else if (state == XDELE) {
+			state = QUIT;
+			net_write (s, "QUIT\r\n", 6);
+			if (verbose > 1)
+			    net_write (STDERR_FILENO, "QUIT\r\n", 6);
+			break;
+		    } else if (state == DELE) {
+			if (++deleted == count) {
+			    state = QUIT;
+			    net_write (s, "QUIT\r\n", 6);
+			    if (verbose > 1)
+				net_write (STDERR_FILENO, "QUIT\r\n", 6);
+			    break;
+			}
+		    } else if (++state == STAT) {
+			if(sscanf (beg + 4, "%u %u", &count, &bytes) != 2)
+			    errx(1, "Bad STAT-line: %.*s", (int)(p - beg), beg);
+			if (verbose) {
+			    fprintf (stderr, "%u message(s) (%u bytes). "
+				     "fetching... ",
+				     count, bytes);
+			    if (do_from)
+				fprintf (stderr, "\n");
+			} else if (do_count) {
+			    fprintf (stderr, "%u message(s) (%u bytes).\n",
+				     count, bytes);
+			}
+			if (count == 0) {
+			    state = QUIT;
+			    net_write (s, "QUIT\r\n", 6);
+			    if (verbose > 1)
+				net_write (STDERR_FILENO, "QUIT\r\n", 6);
+			    break;
+			}
+		    }
+
+		    rem -= p - beg + 2;
+		    beg = p + 2;
+		} else {
+		    if(state == XDELE) {
+			state = DELE;
+			rem -= p - beg + 2;
+			beg = p + 2;
+		    } else
+			errx (1, "Bad response: %.*s", (int)(p - beg), beg);
+		}
+	    }
+	    if (!do_from)
+		write_state_flush (&write_state);
+
+	    memmove (in_buf, beg, rem);
+	    in_len = rem;
+	    in_ptr = in_buf + rem;
+	}
+	if (FD_ISSET(s, &writeset)) {
+	    if ((state == STAT && !do_from) || state == RETR)
+		out_len = snprintf (out_buf, sizeof(out_buf),
+				    "RETR %u\r\n", ++asked_for);
+	    else if ((state == STAT && do_from) || state == TOP)
+		out_len = snprintf (out_buf, sizeof(out_buf),
+				    "TOP %u 0\r\n", ++asked_for);
+	    else if(state == XDELE) {
+		out_len = snprintf(out_buf, sizeof(out_buf),
+				   "XDELE %u %u\r\n", 1, count);
+		sent_xdele++;
+	    }
+	    else if(state == DELE)
+		out_len = snprintf (out_buf, sizeof(out_buf),
+				    "DELE %u\r\n", ++asked_deleted);
+	    if (net_write (s, out_buf, out_len) != out_len)
+		err (1, "write");
+	    if (verbose > 1)
+		write (STDERR_FILENO, out_buf, out_len);
+	}
+    }
+    if (verbose)
+	fprintf (stderr, "Done\n");
+    if (!do_from)
+	write_state_destroy (&write_state);
+    return 0;
+}
+
+#ifdef KRB5
+static int
+do_v5 (const char *host,
+       int port,
+       const char *user,
+       const char *filename,
+       const char *header_str,
+       int leavep,
+       int verbose,
+       int forkp)
+{
+    krb5_error_code ret;
+    krb5_auth_context auth_context = NULL;
+    krb5_principal server;
+    int s;
+
+    s = do_connect (host, port, 1);
+    if (s < 0)
+	return 1;
+
+    ret = krb5_sname_to_principal (context,
+				   host,
+				   "pop",
+				   KRB5_NT_SRV_HST,
+				   &server);
+    if (ret) {
+	warnx ("krb5_sname_to_principal: %s",
+	       krb5_get_err_text (context, ret));
+	return 1;
+    }
+
+    ret = krb5_sendauth (context,
+			 &auth_context,
+			 &s,
+			 "KPOPV1.0",
+			 NULL,
+			 server,
+			 0,
+			 NULL,
+			 NULL,
+			 NULL,
+			 NULL,
+			 NULL,
+			 NULL);
+    krb5_free_principal (context, server);
+    if (ret) {
+	warnx ("krb5_sendauth: %s",
+	       krb5_get_err_text (context, ret));
+	return 1;
+    }
+    return doit (s, host, user, filename, header_str, leavep, verbose, forkp);
+}
+#endif
+
+#ifdef KRB4
+static int
+do_v4 (const char *host,
+       int port,
+       const char *user,
+       const char *filename,
+       const char *header_str,
+       int leavep,
+       int verbose,
+       int forkp)
+{
+    KTEXT_ST ticket;
+    MSG_DAT msg_data;
+    CREDENTIALS cred;
+    des_key_schedule sched;
+    int s;
+    int ret;
+
+    s = do_connect (host, port, 1);
+    if (s < 0)
+	return 1;
+    ret = krb_sendauth(0,
+		       s,
+		       &ticket, 
+		       "pop",
+		       (char *)host,
+		       krb_realmofhost(host),
+		       getpid(),
+		       &msg_data,
+		       &cred,
+		       sched,
+		       NULL,
+		       NULL,
+		       "KPOPV0.1");
+    if(ret) {
+	warnx("krb_sendauth: %s", krb_get_err_text(ret));
+	return 1;
+    }
+    return doit (s, host, user, filename, header_str, leavep, verbose, forkp);
+}
+#endif /* KRB4 */
+
+#ifdef HESIOD
+
+#ifdef HESIOD_INTERFACES
+
+static char *
+hesiod_get_pobox (const char **user)
+{
+    void *context;
+    struct hesiod_postoffice *hpo;
+    char *ret = NULL;
+
+    if(hesiod_init (&context) != 0)
+	err (1, "hesiod_init");
+
+    hpo = hesiod_getmailhost (context, *user);
+    if (hpo == NULL) {
+	warn ("hesiod_getmailhost %s", *user);
+    } else {
+	if (strcasecmp(hpo->hesiod_po_type, "pop") != 0)
+	    errx (1, "Unsupported po type %s", hpo->hesiod_po_type);
+
+	ret = strdup(hpo->hesiod_po_host);
+	if(ret == NULL)
+	    errx (1, "strdup: out of memory");
+	*user = strdup(hpo->hesiod_po_name);
+	if (*user == NULL)
+	    errx (1, "strdup: out of memory");
+	hesiod_free_postoffice (context, hpo);
+    }
+    hesiod_end (context);
+    return ret;
+}
+
+#else /* !HESIOD_INTERFACES */
+
+static char *
+hesiod_get_pobox (const char **user)
+{
+    char *ret = NULL;
+    struct hes_postoffice *hpo;
+
+    hpo = hes_getmailhost (*user);
+    if (hpo == NULL) {
+	warn ("hes_getmailhost %s", *user);
+    } else {
+	if (strcasecmp(hpo->po_type, "pop") != 0)
+	    errx (1, "Unsupported po type %s", hpo->po_type);
+
+	ret = strdup(hpo->po_host);
+	if(ret == NULL)
+	    errx (1, "strdup: out of memory");
+	*user = strdup(hpo->po_name);
+	if (*user == NULL)
+	    errx (1, "strdup: out of memory");
+    }
+    return ret;
+}
+
+#endif /* HESIOD_INTERFACES */
+
+#endif /* HESIOD */
+
+static char *
+get_pobox (const char **user)
+{
+    char *ret = NULL;
+
+#ifdef HESIOD
+    ret = hesiod_get_pobox (user);
+#endif
+
+    if (ret == NULL)
+	ret = getenv("MAILHOST");
+    if (ret == NULL)
+	errx (1, "MAILHOST not set");
+    return ret;
+}
+
+static void
+parse_pobox (char *a0, const char **host, const char **user)
+{
+    const char *h, *u;
+    char *p;
+    int po = 0;
+
+    if (a0 == NULL) {
+
+	*user = getenv ("USERNAME");
+	if (*user == NULL) {
+	    struct passwd *pwd = getpwuid (getuid ());
+
+	    if (pwd == NULL)
+		errx (1, "Who are you?");
+	    *user = strdup (pwd->pw_name);
+	    if (*user == NULL)
+		errx (1, "strdup: out of memory");
+	}
+	*host = get_pobox (user);
+	return;
+    }
+
+    /* if the specification starts with po:, remember this information */
+    if(strncmp(a0, "po:", 3) == 0) {
+	a0 += 3;
+	po++;
+    }
+    /* if there is an `@', the hostname is after it, otherwise at the
+       beginning of the string */
+    p = strchr(a0, '@');
+    if(p != NULL) {
+	*p++ = '\0';
+	h = p;
+    } else {
+	h = a0;
+    }
+    /* if there is a `:', the username comes before it, otherwise at
+       the beginning of the string */
+    p = strchr(a0, ':');
+    if(p != NULL) {
+	*p++ = '\0';
+	u = p;
+    } else {
+	u = a0;
+    }
+    if(h == u) {
+	/* some inconsistent compatibility with various mailers */
+	if(po) {
+	    h = get_pobox (&u);
+	} else {
+	    u = get_default_username ();
+	    if (u == NULL)
+		errx (1, "Who are you?");
+	}
+    }
+    *host = h;
+    *user = u;
+}
+
+int
+main(int argc, char **argv)
+{
+    int port = 0;
+    int optind = 0;
+    int ret = 1;
+    const char *host, *user, *filename = NULL;
+    char *pobox = NULL;
+
+    set_progname (argv[0]);
+
+#ifdef KRB5
+    krb5_init_context (&context);
+#endif
+
+    if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv,
+		&optind))
+	usage (1);
+
+    argc -= optind;
+    argv += optind;
+
+#if defined(KRB4) && defined(KRB5)
+    if(use_v4 == -1 && use_v5 == 1)
+	use_v4 = 0;
+    if(use_v5 == -1 && use_v4 == 1)
+	use_v5 = 0;
+#endif    
+
+    if (do_help)
+	usage (0);
+
+    if (do_version) {
+	print_version(NULL);
+	return 0;
+    }
+	
+    if (do_from && header_str == NULL)
+	header_str = "From:";
+    else if (header_str != NULL)
+	do_from = 1;
+
+    if (do_from) {
+	if (argc == 0)
+	    pobox = NULL;
+	else if (argc == 1)
+	    pobox = argv[0];
+	else
+	    usage (1);
+    } else {
+	if (argc == 1) {
+	    filename = argv[0];
+	    pobox    = NULL;
+	} else if (argc == 2) {
+	    filename = argv[1];
+	    pobox    = argv[0];
+	} else
+	    usage (1);
+    }
+
+    if (port_str) {
+	struct servent *s = roken_getservbyname (port_str, "tcp");
+
+	if (s)
+	    port = s->s_port;
+	else {
+	    char *ptr;
+
+	    port = strtol (port_str, &ptr, 10);
+	    if (port == 0 && ptr == port_str)
+		errx (1, "Bad port `%s'", port_str);
+	    port = htons(port);
+	}
+    }
+    if (port == 0)
+#ifdef KRB5
+	port = krb5_getportbyname (context, "kpop", "tcp", 1109);
+#elif defined(KRB4)
+    port = k_getportbyname ("kpop", "tcp", 1109);
+#else
+#error must define KRB4 or KRB5
+#endif
+
+    parse_pobox (pobox, &host, &user);
+
+#ifdef KRB5
+    if (ret && use_v5) {
+	ret = do_v5 (host, port, user, filename, header_str,
+		     do_leave, verbose_level, do_fork);
+    }
+#endif
+
+#ifdef KRB4
+    if (ret && use_v4) {
+	ret = do_v4 (host, port, user, filename, header_str,
+		     do_leave, verbose_level, do_fork);
+    }
+#endif /* KRB4 */
+    return ret;
+}
diff --git a/crypto/kerberosIV/appl/push/push.cat8 b/crypto/kerberosIV/appl/push/push.cat8
new file mode 100644
index 0000000..bdd3804
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/push.cat8
@@ -0,0 +1,77 @@
+
+PUSH(8)                  UNIX System Manager's Manual                  PUSH(8)
+
+NNAAMMEE
+     ppuusshh - fetch mail via POP
+
+SSYYNNOOPPSSIISS
+     ppuusshh [--44 | ----kkrrbb44] [--55 | ----kkrrbb55] [--vv | ----vveerrbboossee] [--ff | ----ffoorrkk] [--ll |
+     ----lleeaavvee] [----ffrroomm] [--cc | ----ccoouunntt] [----hheeaaddeerr] [--pp _p_o_r_t_-_s_p_e_c | ----ppoorrtt==_p_o_r_t_-
+     _s_p_e_c] _p_o_-_b_o_x _f_i_l_e_n_a_m_e
+
+DDEESSCCRRIIPPTTIIOONN
+     ppuusshh retrieves mail from the post office box _p_o_-_b_o_x, and stores the mail
+     in mbox format in _f_i_l_e_n_a_m_e. The _p_o_-_b_o_x can have any of the following for-
+     mats:
+           `hostname:username'
+           `po:hostname:username'
+           `username@hostname'
+           `po:username@hostname'
+           `hostname'
+           `po:username'
+
+     If no username is specified, ppuusshh assumes that it's the same as on the
+     local machine; _h_o_s_t_n_a_m_e defaults to the value of the MAILHOST environment
+     variable.
+
+     Supported options:
+
+     --44, ----kkrrbb44
+             use Kerberos 4 (if compiled with support for Kerberos 4)
+
+     --55, ----kkrrbb55
+             use Kerberos 5 (if compiled with support for Kerberos 5)
+
+     --ff, ----ffoorrkk
+             fork before starting to delete messages
+
+     --ll, ----lleeaavvee
+             don't delete fetched mail
+
+     ----ffrroomm  behave like from.
+
+     --cc, ----ccoouunntt
+             first print how many messages and bytes there are.
+
+     ----hheeaaddeerr
+             which header from should print.
+
+     --pp _p_o_r_t_-_s_p_e_c, ----ppoorrtt==_p_o_r_t_-_s_p_e_c
+             use this port instead of the default `kpop' or `1109'.
+
+     The default is to first try Kerberos 5 authentication and then, if that
+     fails, Kerberos 4.
+
+EENNVVIIRROONNMMEENNTT
+     MAILHOST
+             points to the post office, if no other hostname is specified.
+
+EEXXAAMMPPLLEESS
+           $ push cornfield:roosta ~/.gnus-crash-box
+
+     tries to fetch mail for the user _r_o_o_s_t_a from the post office at
+     ``cornfield'', and stores the mail in _~_/_._g_n_u_s_-_c_r_a_s_h_-_b_o_x (you are using
+     Gnus, aren't you?)
+
+           $ push --from -5 havregryn
+
+     tries to fetch FFrroomm:: lines for current user at post office ``havregryn''
+     using Kerberos 5.
+
+SSEEEE AALLSSOO
+     movemail(8),  popper(8),  from(1)
+
+HHIISSTTOORRYY
+     ppuusshh was written while waiting for mmoovveemmaaiill to finish getting the mail.
+
+ HEIMDAL                         May 31, 1998                                2
diff --git a/crypto/kerberosIV/appl/push/push_locl.h b/crypto/kerberosIV/appl/push/push_locl.h
new file mode 100644
index 0000000..1e5ca78
--- /dev/null
+++ b/crypto/kerberosIV/appl/push/push_locl.h
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/* $Id: push_locl.h,v 1.6 1999/12/02 16:58:33 joda Exp $ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#ifdef HAVE_ERRNO_H
+#include <errno.h>
+#endif
+#include <ctype.h>
+#include <limits.h>
+#include <time.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_SYS_UIO_H
+#include <sys/uio.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_NETINET6_IN6_H
+#include <netinet6/in6.h>
+#endif
+#ifdef HAVE_NETINET_TCP_H
+#include <netinet/tcp.h>
+#endif
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+#ifdef HESIOD
+#include <hesiod.h>
+#endif
+
+#include <roken.h>
+#include <err.h>
+#include <getarg.h>
+#ifdef KRB5
+#include <krb5.h>
+#endif
+
+#ifdef KRB4
+#include <krb.h>
+#endif
diff --git a/crypto/kerberosIV/appl/sample/sample.h b/crypto/kerberosIV/appl/sample/sample.h
index a5880ab..d79d574 100644
--- a/crypto/kerberosIV/appl/sample/sample.h
+++ b/crypto/kerberosIV/appl/sample/sample.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: sample.h,v 1.10 1998/06/13 00:06:49 assar Exp $ */
+/* $Id: sample.h,v 1.11 1999/12/02 16:58:33 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
diff --git a/crypto/kerberosIV/appl/sample/sample_client.c b/crypto/kerberosIV/appl/sample/sample_client.c
index 8c45ae5..d0ec1c5 100644
--- a/crypto/kerberosIV/appl/sample/sample_client.c
+++ b/crypto/kerberosIV/appl/sample/sample_client.c
@@ -23,7 +23,7 @@
 
 #include "sample.h"
 
-RCSID("$Id: sample_client.c,v 1.19 1999/05/08 02:23:43 assar Exp $");
+RCSID("$Id: sample_client.c,v 1.21 1999/11/13 06:27:01 assar Exp $");
 
 static void
 usage (void)
@@ -56,13 +56,13 @@ main(int argc, char **argv)
     char **h_addr_list;
 
     set_progname (argv[0]);
-    strcpy_truncate (service, SAMPLE_SERVICE, sizeof(service));
+    strlcpy (service, SAMPLE_SERVICE, sizeof(service));
     port = 0;
 
-    while ((c = getopt(argc, argv, "s:p:")) != EOF)
+    while ((c = getopt(argc, argv, "s:p:")) != -1)
 	switch(c) {
 	case 's' :
-	    strcpy_truncate (service, optarg, sizeof(service));
+	    strlcpy (service, optarg, sizeof(service));
 	    break;
 	case 'p' :
 	    serv = getservbyname (optarg, "tcp");
diff --git a/crypto/kerberosIV/appl/sample/sample_server.c b/crypto/kerberosIV/appl/sample/sample_server.c
index a1a92d1..5442562 100644
--- a/crypto/kerberosIV/appl/sample/sample_server.c
+++ b/crypto/kerberosIV/appl/sample/sample_server.c
@@ -18,7 +18,7 @@
 
 #include "sample.h"
 
-RCSID("$Id: sample_server.c,v 1.12 1999/03/10 18:33:53 joda Exp $");
+RCSID("$Id: sample_server.c,v 1.14 1999/11/13 06:28:49 assar Exp $");
 
 static void
 usage (void)
@@ -53,16 +53,16 @@ main(int argc, char **argv)
 
     roken_openlog(__progname, LOG_ODELAY, LOG_DAEMON);
 
-    strcpy_truncate (service, SAMPLE_SERVICE, sizeof(service));
+    strlcpy (service, SAMPLE_SERVICE, sizeof(service));
     *srvtab = '\0';
 
-    while ((c = getopt (argc, argv, "s:t:i")) != EOF)
+    while ((c = getopt (argc, argv, "s:t:i")) != -1)
 	switch (c) {
 	case 's' :
-	    strcpy_truncate (service, optarg, sizeof(service));
+	    strlcpy (service, optarg, sizeof(service));
 	    break;
 	case 't' :
-	    strcpy_truncate (srvtab, optarg, sizeof(srvtab));
+	    strlcpy (srvtab, optarg, sizeof(srvtab));
 	    break;
 	case 'i':
 	    no_inetd = 1;
@@ -122,7 +122,7 @@ main(int argc, char **argv)
 	/* now that we have decoded the authenticator, translate
 	   the kerberos principal.instance@realm into a local name */
 	if (krb_kntoln(&auth_data, lname) != KSUCCESS)
-	    strcpy_truncate(lname,
+	    strlcpy(lname,
 			    "*No local name returned by krb_kntoln*",
 			    sizeof(lname));
 	/* compose the reply */
diff --git a/crypto/kerberosIV/appl/sample/simple_client.c b/crypto/kerberosIV/appl/sample/simple_client.c
index 8769725..434150d 100644
--- a/crypto/kerberosIV/appl/sample/simple_client.c
+++ b/crypto/kerberosIV/appl/sample/simple_client.c
@@ -10,7 +10,7 @@
  */
 
 #include "sample.h"
-RCSID("$Id: simple_client.c,v 1.13 1998/06/09 19:24:39 joda Exp $");
+RCSID("$Id: simple_client.c,v 1.15 1999/11/13 06:29:01 assar Exp $");
 
 #define MSG "hi, Jennifer!"		/* message text */
 
@@ -174,12 +174,12 @@ main(int argc, char **argv)
 
   set_progname (argv[0]);
 
-  strcpy_truncate (service, SAMPLE_SERVICE, sizeof(service));
+  strlcpy (service, SAMPLE_SERVICE, sizeof(service));
 
-  while ((c = getopt(argc, argv, "s:p:")) != EOF)
+  while ((c = getopt(argc, argv, "s:p:")) != -1)
     switch(c) {
     case 's' :
-      strcpy_truncate (service, optarg, sizeof(service));
+      strlcpy (service, optarg, sizeof(service));
       break;
     case 'p' :
       serv = getservbyname (optarg, "tcp");
diff --git a/crypto/kerberosIV/appl/sample/simple_server.c b/crypto/kerberosIV/appl/sample/simple_server.c
index 2b950c7..05baa4e 100644
--- a/crypto/kerberosIV/appl/sample/simple_server.c
+++ b/crypto/kerberosIV/appl/sample/simple_server.c
@@ -11,7 +11,7 @@
 
 #include "sample.h"
 
-RCSID("$Id: simple_server.c,v 1.9 1998/06/09 19:24:39 joda Exp $");
+RCSID("$Id: simple_server.c,v 1.11 1999/11/13 06:29:24 assar Exp $");
 
 static void
 usage (void)
@@ -40,12 +40,12 @@ main(int argc, char **argv)
     des_key_schedule sched;
 
     set_progname (argv[0]);
-    strcpy_truncate (service, SAMPLE_SERVICE, sizeof(service));
-    strcpy_truncate (instance, "*", sizeof(instance));
+    strlcpy (service, SAMPLE_SERVICE, sizeof(service));
+    strlcpy (instance, "*", sizeof(instance));
     *srvtab = '\0';
     port = 0;
 
-    while ((c = getopt (argc, argv, "p:s:t:")) != EOF)
+    while ((c = getopt (argc, argv, "p:s:t:")) != -1)
 	switch (c) {
 	case 'p' : {
 	    struct servent *sp;
@@ -58,10 +58,10 @@ main(int argc, char **argv)
 	    break;
 	}
 	case 's' :
-	    strcpy_truncate (service, optarg, sizeof(service));
+	    strlcpy (service, optarg, sizeof(service));
 	    break;
 	case 't' :
-	    strcpy_truncate (srvtab, optarg, sizeof(srvtab));
+	    strlcpy (srvtab, optarg, sizeof(srvtab));
 	    break;
 	case '?' :
 	default :
diff --git a/crypto/kerberosIV/cf/ChangeLog b/crypto/kerberosIV/cf/ChangeLog
index 8bc4d04..13d9bfd9 100644
--- a/crypto/kerberosIV/cf/ChangeLog
+++ b/crypto/kerberosIV/cf/ChangeLog
@@ -1,3 +1,61 @@
+1999-11-05  Assar Westerlund  <assar@sics.se>
+
+	* check-x.m4: include X_PRE_LIBS and X_EXTRA_LIBS when testing
+
+1999-11-01  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am.common (install-build-headers): use `cp' instead of
+ 	INSTALL_DATA for copying header files inside the build tree.  The
+ 	user might have redefined INSTALL_DATA to specify owners and other
+ 	information.
+
+1999-10-30  Assar Westerlund  <assar@sics.se>
+
+	* find-func-no-libs2.m4: add yet another argument to allow specify
+ 	linker flags that will be added _before_ the library when trying
+ 	to link
+
+	* find-func-no-libs.m4: add yet another argument to allow specify
+ 	linker flags that will be added _before_ the library when trying
+ 	to link
+
+1999-10-12  Assar Westerlund  <assar@sics.se>
+
+	* find-func-no-libs2.m4 (AC_FIND_FUNC_NO_LIBS2): new argument
+ 	`extra libs'
+
+	* find-func-no-libs.m4 (AC_FIND_FUNC_NO_LIBS): new argument `extra
+ 	libs'
+
+1999-09-01  Johan Danielsson  <joda@pdc.kth.se>
+
+	* capabilities.m4: sgi capabilities
+
+1999-07-29  Assar Westerlund  <assar@sics.se>
+
+	* have-struct-field.m4: quote macros when undefining
+
+1999-07-28  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am.common (install-build-headers): add dependencies
+
+1999-07-24  Assar Westerlund  <assar@sics.se>
+	
+	* have-type.m4: try to get autoheader to co-operate
+
+	* have-type.m4: stolen from Arla
+
+	* krb-struct-sockaddr-sa-len.m4: not used any longer.  removed.
+
+1999-06-13  Assar Westerlund  <assar@sics.se>
+
+	* krb-struct-spwd.m4: consequent name of cache variables
+
+	* krb-func-getlogin.m4: new file for testing for posix (broken)
+ 	getlogin
+
+	* shared-libs.m4 (freebsd[34]): don't use ld -Bshareable
+
 1999-06-02  Johan Danielsson  <joda@pdc.kth.se>
 
 	* check-x.m4: extended test for X
diff --git a/crypto/kerberosIV/cf/Makefile.am.common b/crypto/kerberosIV/cf/Makefile.am.common
index af92746..e7d747b 100644
--- a/crypto/kerberosIV/cf/Makefile.am.common
+++ b/crypto/kerberosIV/cf/Makefile.am.common
@@ -1,4 +1,4 @@
-# $Id: Makefile.am.common,v 1.11 1999/05/26 08:42:55 assar Exp $
+# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
 
@@ -60,7 +60,7 @@ install-suid-programs:
 
 install-exec-hook: install-suid-programs
 
-install-build-headers::
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
 	@foo='$(include_HEADERS) $(build_HEADERZ)'; \
 	for f in $$foo; do \
 		f=`basename $$f`; \
@@ -68,8 +68,8 @@ install-build-headers::
 		else file="$$f"; fi; \
 		if cmp -s  $$file $(buildinclude)/$$f 2> /dev/null ; then \
 		: ; else \
-			echo " $(INSTALL_DATA) $$file $(buildinclude)/$$f"; \
-			$(INSTALL_DATA) $$file $(buildinclude)/$$f; \
+			echo " cp $$file $(buildinclude)/$$f"; \
+			cp $$file $(buildinclude)/$$f; \
 		fi ; \
 	done
 
diff --git a/crypto/kerberosIV/cf/capabilities.m4 b/crypto/kerberosIV/cf/capabilities.m4
new file mode 100644
index 0000000..6d2669b
--- /dev/null
+++ b/crypto/kerberosIV/cf/capabilities.m4
@@ -0,0 +1,14 @@
+dnl
+dnl $Id: capabilities.m4,v 1.2 1999/09/01 11:02:26 joda Exp $
+dnl
+
+dnl
+dnl Test SGI capabilities
+dnl
+
+AC_DEFUN(KRB_CAPABILITIES,[
+
+AC_CHECK_HEADERS(capability.h sys/capability.h)
+
+AC_CHECK_FUNCS(sgi_getcapabilitybyname cap_set_proc)
+])
diff --git a/crypto/kerberosIV/cf/check-x.m4 b/crypto/kerberosIV/cf/check-x.m4
index 2635e7d..1791e5a 100644
--- a/crypto/kerberosIV/cf/check-x.m4
+++ b/crypto/kerberosIV/cf/check-x.m4
@@ -1,7 +1,7 @@
 dnl 
 dnl See if there is any X11 present
 dnl
-dnl $Id: check-x.m4,v 1.1 1999/06/03 00:22:10 joda Exp $
+dnl $Id: check-x.m4,v 1.2 1999/11/05 04:25:23 assar Exp $
 
 AC_DEFUN(KRB_CHECK_X,[
 AC_PATH_XTRA
@@ -31,7 +31,7 @@ if test "$no_x" != yes; then
 			esac
 			done
 		fi
-		LIBS="$ac_save_libs $foo -lX11"
+		LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS"
 		AC_TRY_RUN([
 		#include <X11/Xlib.h>
 		foo()
diff --git a/crypto/kerberosIV/cf/find-func-no-libs.m4 b/crypto/kerberosIV/cf/find-func-no-libs.m4
index a239742..3deab02 100644
--- a/crypto/kerberosIV/cf/find-func-no-libs.m4
+++ b/crypto/kerberosIV/cf/find-func-no-libs.m4
@@ -1,9 +1,9 @@
-dnl $Id: find-func-no-libs.m4,v 1.3 1998/06/04 02:06:50 assar Exp $
+dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $
 dnl
 dnl
 dnl Look for function in any of the specified libraries
 dnl
 
-dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments)
+dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args)
 AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
-AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4])])
+AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])])
diff --git a/crypto/kerberosIV/cf/find-func-no-libs2.m4 b/crypto/kerberosIV/cf/find-func-no-libs2.m4
index d5896cf..c404a7c 100644
--- a/crypto/kerberosIV/cf/find-func-no-libs2.m4
+++ b/crypto/kerberosIV/cf/find-func-no-libs2.m4
@@ -1,10 +1,10 @@
-dnl $Id: find-func-no-libs2.m4,v 1.1 1998/06/04 02:07:12 assar Exp $
+dnl $Id: find-func-no-libs2.m4,v 1.3 1999/10/30 21:09:53 assar Exp $
 dnl
 dnl
 dnl Look for function in any of the specified libraries
 dnl
 
-dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments)
+dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args)
 AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [
 
 AC_MSG_CHECKING([for $1])
@@ -18,7 +18,7 @@ if eval "test \"\$ac_cv_func_$1\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS="$6 $ac_lib $5 $ac_save_LIBS"
 		AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
 	done
 	eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
diff --git a/crypto/kerberosIV/cf/grok-type.m4 b/crypto/kerberosIV/cf/grok-type.m4
index e74c6cf..5bc6a66 100644
--- a/crypto/kerberosIV/cf/grok-type.m4
+++ b/crypto/kerberosIV/cf/grok-type.m4
@@ -1,8 +1,11 @@
-dnl $Id: grok-type.m4,v 1.3 1999/03/21 18:59:56 joda Exp $
+dnl $Id: grok-type.m4,v 1.4 1999/11/29 11:16:48 joda Exp $
 dnl
 AC_DEFUN(AC_GROK_TYPE, [
 AC_CACHE_VAL(ac_cv_type_$1, 
 AC_TRY_COMPILE([
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
diff --git a/crypto/kerberosIV/cf/have-struct-field.m4 b/crypto/kerberosIV/cf/have-struct-field.m4
index f44b036..88ad5c3 100644
--- a/crypto/kerberosIV/cf/have-struct-field.m4
+++ b/crypto/kerberosIV/cf/have-struct-field.m4
@@ -1,4 +1,4 @@
-dnl $Id: have-struct-field.m4,v 1.5 1999/03/01 13:10:35 joda Exp $
+dnl $Id: have-struct-field.m4,v 1.6 1999/07/29 01:44:32 assar Exp $
 dnl
 dnl check for fields in a structure
 dnl
@@ -13,7 +13,7 @@ cache_val=no)])
 if test "$cache_val" = yes; then
 	define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_]))
 	AC_DEFINE(foo, 1, [Define if $1 has field $2.])
-	undefine(foo)
+	undefine([foo])
 fi
-undefine(cache_val)
+undefine([cache_val])
 ])
diff --git a/crypto/kerberosIV/cf/have-type.m4 b/crypto/kerberosIV/cf/have-type.m4
new file mode 100644
index 0000000..7963355
--- /dev/null
+++ b/crypto/kerberosIV/cf/have-type.m4
@@ -0,0 +1,31 @@
+dnl $Id: have-type.m4,v 1.4 1999/07/24 19:23:01 assar Exp $
+dnl
+dnl check for existance of a type
+
+dnl AC_HAVE_TYPE(TYPE,INCLUDES)
+AC_DEFUN(AC_HAVE_TYPE, [
+cv=`echo "$1" | sed 'y%./+- %__p__%'`
+AC_MSG_CHECKING(for $1)
+AC_CACHE_VAL([ac_cv_type_$cv],
+AC_TRY_COMPILE(
+[#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+$2],
+[$1 foo;],
+eval "ac_cv_type_$cv=yes",
+eval "ac_cv_type_$cv=no"))dnl
+AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`)
+if test `eval echo \\$ac_cv_type_$cv` = yes; then
+  ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
+dnl autoheader tricks *sigh*
+define(foo,translit($1, [ ], [_]))
+: << END
+@@@funcs="$funcs foo"@@@
+END
+undefine([foo])
+  AC_DEFINE_UNQUOTED($ac_tr_hdr, 1)
+fi
+])
diff --git a/crypto/kerberosIV/cf/have-types.m4 b/crypto/kerberosIV/cf/have-types.m4
new file mode 100644
index 0000000..7c85c5d
--- /dev/null
+++ b/crypto/kerberosIV/cf/have-types.m4
@@ -0,0 +1,14 @@
+dnl
+dnl $Id: have-types.m4,v 1.1 1999/07/24 18:38:58 assar Exp $
+dnl
+
+AC_DEFUN(AC_HAVE_TYPES, [
+for i in $1; do
+        AC_HAVE_TYPE($i)
+done
+: << END
+changequote(`,')dnl
+@@@funcs="$funcs $1"@@@
+changequote([,])dnl
+END
+])
diff --git a/crypto/kerberosIV/cf/krb-func-getlogin.m4 b/crypto/kerberosIV/cf/krb-func-getlogin.m4
new file mode 100644
index 0000000..921c5ab
--- /dev/null
+++ b/crypto/kerberosIV/cf/krb-func-getlogin.m4
@@ -0,0 +1,22 @@
+dnl
+dnl $Id: krb-func-getlogin.m4,v 1.1 1999/07/13 17:45:30 assar Exp $
+dnl
+dnl test for POSIX (broken) getlogin
+dnl
+
+
+AC_DEFUN(AC_FUNC_GETLOGIN, [
+AC_CHECK_FUNCS(getlogin setlogin)
+if test "$ac_cv_func_getlogin" = yes; then
+AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [
+if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then
+	ac_cv_func_getlogin_posix=no
+else
+	ac_cv_func_getlogin_posix=yes
+fi
+])
+if test "$ac_cv_func_getlogin_posix" = yes; then
+	AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).])
+fi
+fi
+])
diff --git a/crypto/kerberosIV/cf/krb-struct-spwd.m4 b/crypto/kerberosIV/cf/krb-struct-spwd.m4
index c088129..4ab81fd 100644
--- a/crypto/kerberosIV/cf/krb-struct-spwd.m4
+++ b/crypto/kerberosIV/cf/krb-struct-spwd.m4
@@ -1,10 +1,10 @@
-dnl $Id
+dnl $Id: krb-struct-spwd.m4,v 1.3 1999/07/13 21:04:11 assar Exp $
 dnl
 dnl Test for `struct spwd'
 
 AC_DEFUN(AC_KRB_STRUCT_SPWD, [
 AC_MSG_CHECKING(for struct spwd)
-AC_CACHE_VAL(ac_cv_type_struct_spwd, [
+AC_CACHE_VAL(ac_cv_struct_spwd, [
 AC_TRY_COMPILE(
 [#include <pwd.h>
 #ifdef HAVE_SHADOW_H
diff --git a/crypto/kerberosIV/cf/shared-libs.m4 b/crypto/kerberosIV/cf/shared-libs.m4
index ffc3603..9fe576f 100644
--- a/crypto/kerberosIV/cf/shared-libs.m4
+++ b/crypto/kerberosIV/cf/shared-libs.m4
@@ -1,5 +1,5 @@
 dnl
-dnl $Id: shared-libs.m4,v 1.3 1999/04/09 15:34:25 assar Exp $
+dnl $Id: shared-libs.m4,v 1.4 1999/07/13 17:47:09 assar Exp $
 dnl
 dnl Shared library stuff has to be different everywhere
 dnl
@@ -64,9 +64,10 @@ case "${host}" in
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
 	install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so'
 	;;
-*-*-freebsd3*)
+changequote(,)dnl
+*-*-freebsd[34]*)
+changequote([,])dnl
 	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	LDSHARED='ld -Bshareable'
 	REAL_LD_FLAGS='-Wl,-R$(libdir)'
 	build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so'
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
diff --git a/crypto/kerberosIV/configure b/crypto/kerberosIV/configure
index 87137d7..796213e 100644
--- a/crypto/kerberosIV/configure
+++ b/crypto/kerberosIV/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-# From configure.in Revision: 1.415.2.9 
+# From configure.in Revision: 1.432.2.2 
 
 
 
@@ -107,6 +107,17 @@
 
 
 
+
+
+
+
+
+
+
+
+
+
+
 # Guess values for system-dependent variables and create Makefiles.
 # Generated automatically using autoconf version 2.13 
 # Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
@@ -698,7 +709,7 @@ fi
 
 
 PACKAGE=krb4
-VERSION=0.10.1
+VERSION=1.0
 cat >> confdefs.h <<EOF
 #define PACKAGE "$PACKAGE"
 EOF
@@ -735,7 +746,7 @@ else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; }
 fi
 
 echo $ac_n "checking host system type""... $ac_c" 1>&6
-echo "configure:739: checking host system type" >&5
+echo "configure:750: checking host system type" >&5
 
 host_alias=$host
 case "$host_alias" in
@@ -779,7 +790,7 @@ EOF
 fi
 
 echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:783: checking whether ${MAKE-make} sets \${MAKE}" >&5
+echo "configure:794: checking whether ${MAKE-make} sets \${MAKE}" >&5
 set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -830,7 +841,7 @@ test -z "$LDFLAGS" && LDFLAGS=-g
 
 
 echo $ac_n "checking for ln -s or something else""... $ac_c" 1>&6
-echo "configure:834: checking for ln -s or something else" >&5
+echo "configure:845: checking for ln -s or something else" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -855,7 +866,7 @@ echo "$ac_t""$ac_cv_prog_LN_S" 1>&6
 # Extract the first word of "gcc", so it can be a program name with args.
 set dummy gcc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:859: checking for $ac_word" >&5
+echo "configure:870: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -885,7 +896,7 @@ if test -z "$CC"; then
   # Extract the first word of "cc", so it can be a program name with args.
 set dummy cc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:889: checking for $ac_word" >&5
+echo "configure:900: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -936,7 +947,7 @@ fi
       # Extract the first word of "cl", so it can be a program name with args.
 set dummy cl; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:940: checking for $ac_word" >&5
+echo "configure:951: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -968,7 +979,7 @@ fi
 fi
 
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:972: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
+echo "configure:983: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
 
 ac_ext=c
 # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
@@ -979,12 +990,12 @@ cross_compiling=$ac_cv_prog_cc_cross
 
 cat > conftest.$ac_ext << EOF
 
-#line 983 "configure"
+#line 994 "configure"
 #include "confdefs.h"
 
 main(){return(0);}
 EOF
-if { (eval echo configure:988: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:999: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   ac_cv_prog_cc_works=yes
   # If we can't run a trivial program, we are probably using a cross compiler.
   if (./conftest; exit) 2>/dev/null; then
@@ -1010,12 +1021,12 @@ if test $ac_cv_prog_cc_works = no; then
   { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
 fi
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:1014: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:1025: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:1019: checking whether we are using GNU C" >&5
+echo "configure:1030: checking whether we are using GNU C" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1024,7 +1035,7 @@ else
   yes;
 #endif
 EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1028: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1039: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
   ac_cv_prog_gcc=yes
 else
   ac_cv_prog_gcc=no
@@ -1043,7 +1054,7 @@ ac_test_CFLAGS="${CFLAGS+set}"
 ac_save_CFLAGS="$CFLAGS"
 CFLAGS=
 echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:1047: checking whether ${CC-cc} accepts -g" >&5
+echo "configure:1058: checking whether ${CC-cc} accepts -g" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1075,7 +1086,7 @@ else
 fi
 
 echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:1079: checking how to run the C preprocessor" >&5
+echo "configure:1090: checking how to run the C preprocessor" >&5
 # On Suns, sometimes $CPP names a directory.
 if test -n "$CPP" && test -d "$CPP"; then
   CPP=
@@ -1090,13 +1101,13 @@ else
   # On the NeXT, cc -E runs the code through the compiler's parser,
   # not just through cpp.
   cat > conftest.$ac_ext <<EOF
-#line 1094 "configure"
+#line 1105 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1100: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1111: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
@@ -1107,13 +1118,13 @@ else
   rm -rf conftest*
   CPP="${CC-cc} -E -traditional-cpp"
   cat > conftest.$ac_ext <<EOF
-#line 1111 "configure"
+#line 1122 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1117: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1128: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
@@ -1124,13 +1135,13 @@ else
   rm -rf conftest*
   CPP="${CC-cc} -nologo -E"
   cat > conftest.$ac_ext <<EOF
-#line 1128 "configure"
+#line 1139 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1134: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1145: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
@@ -1155,7 +1166,7 @@ fi
 echo "$ac_t""$CPP" 1>&6
 
 echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6
-echo "configure:1159: checking for POSIXized ISC" >&5
+echo "configure:1170: checking for POSIXized ISC" >&5
 if test -d /etc/conf/kconfig.d &&
   grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1
 then
@@ -1180,7 +1191,7 @@ do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1184: checking for $ac_word" >&5
+echo "configure:1195: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1212,7 +1223,7 @@ done
 # Extract the first word of "flex", so it can be a program name with args.
 set dummy flex; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1216: checking for $ac_word" >&5
+echo "configure:1227: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_LEX'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1246,7 +1257,7 @@ then
   *) ac_lib=l ;;
   esac
   echo $ac_n "checking for yywrap in -l$ac_lib""... $ac_c" 1>&6
-echo "configure:1250: checking for yywrap in -l$ac_lib" >&5
+echo "configure:1261: checking for yywrap in -l$ac_lib" >&5
 ac_lib_var=`echo $ac_lib'_'yywrap | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -1254,7 +1265,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-l$ac_lib  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 1258 "configure"
+#line 1269 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -1265,7 +1276,7 @@ int main() {
 yywrap()
 ; return 0; }
 EOF
-if { (eval echo configure:1269: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -1290,7 +1301,7 @@ fi
 # Extract the first word of "ranlib", so it can be a program name with args.
 set dummy ranlib; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1294: checking for $ac_word" >&5
+echo "configure:1305: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1329,7 +1340,7 @@ fi
 # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
 # ./install, which can be erroneously created by make from ./install.sh.
 echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:1333: checking for a BSD compatible install" >&5
+echo "configure:1344: checking for a BSD compatible install" >&5
 if test -z "$INSTALL"; then
 if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -1381,12 +1392,12 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}'
 
 test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
 
-for ac_prog in gawk nawk awk
+for ac_prog in mawk gawk nawk awk
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1390: checking for $ac_word" >&5
+echo "configure:1401: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_AWK'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1418,7 +1429,7 @@ done
 # Extract the first word of "makeinfo", so it can be a program name with args.
 set dummy makeinfo; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1422: checking for $ac_word" >&5
+echo "configure:1433: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_MAKEINFO'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -1480,7 +1491,7 @@ fi
 
 
 echo $ac_n "checking for socks""... $ac_c" 1>&6
-echo "configure:1484: checking for socks" >&5
+echo "configure:1495: checking for socks" >&5
 
 case "$with_socks" in
 yes)	;;
@@ -1519,14 +1530,14 @@ ires= lres=
 for i in $header_dirs; do
 	CFLAGS="-I$i $save_CFLAGS"
 	cat > conftest.$ac_ext <<EOF
-#line 1523 "configure"
+#line 1534 "configure"
 #include "confdefs.h"
 #include <socks.h>
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:1530: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1541: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ires=$i;break
 else
@@ -1538,14 +1549,14 @@ done
 for i in $lib_dirs; do
 	LIBS="-L$i -lsocks5  $save_LIBS"
 	cat > conftest.$ac_ext <<EOF
-#line 1542 "configure"
+#line 1553 "configure"
 #include "confdefs.h"
 #include <socks.h>
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:1549: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1560: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   lres=$i;break
 else
@@ -1885,7 +1896,7 @@ fi
 
 
 echo $ac_n "checking for readline""... $ac_c" 1>&6
-echo "configure:1889: checking for readline" >&5
+echo "configure:1900: checking for readline" >&5
 
 case "$with_readline" in
 yes)	;;
@@ -1924,7 +1935,7 @@ ires= lres=
 for i in $header_dirs; do
 	CFLAGS="-I$i $save_CFLAGS"
 	cat > conftest.$ac_ext <<EOF
-#line 1928 "configure"
+#line 1939 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -1934,7 +1945,7 @@ int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:1938: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1949: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ires=$i;break
 else
@@ -1946,7 +1957,7 @@ done
 for i in $lib_dirs; do
 	LIBS="-L$i -lreadline  $save_LIBS"
 	cat > conftest.$ac_ext <<EOF
-#line 1950 "configure"
+#line 1961 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -1956,7 +1967,7 @@ int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:1960: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1971: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   lres=$i;break
 else
@@ -2021,7 +2032,7 @@ esac
 if test -n "$abi" ; then
 ac_foo=krb_cv_gcc_`echo $abi | tr =- __`
 echo $ac_n "checking if $CC supports the $abi option""... $ac_c" 1>&6
-echo "configure:2025: checking if $CC supports the $abi option" >&5
+echo "configure:2036: checking if $CC supports the $abi option" >&5
 if eval "test \"`echo '$''{'$ac_foo'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -2029,14 +2040,14 @@ else
 save_CFLAGS="$CFLAGS"
 CFLAGS="$CFLAGS $abi"
 cat > conftest.$ac_ext <<EOF
-#line 2033 "configure"
+#line 2044 "configure"
 #include "confdefs.h"
 
 int main() {
 int x;
 ; return 0; }
 EOF
-if { (eval echo configure:2040: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2051: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval $ac_foo=yes
 else
@@ -2059,14 +2070,14 @@ case $abi in
 	save_CFLAGS="$CFLAGS"
 	CFLAGS="$CFLAGS -mabi=n32"
 	cat > conftest.$ac_ext <<EOF
-#line 2063 "configure"
+#line 2074 "configure"
 #include "confdefs.h"
 
 int main() {
 int x;
 ; return 0; }
 EOF
-if { (eval echo configure:2070: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2081: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_res=yes
 else
@@ -2140,7 +2151,7 @@ fi
 
 
 echo $ac_n "checking for hesiod""... $ac_c" 1>&6
-echo "configure:2144: checking for hesiod" >&5
+echo "configure:2155: checking for hesiod" >&5
 
 case "$with_hesiod" in
 yes)	;;
@@ -2179,14 +2190,14 @@ ires= lres=
 for i in $header_dirs; do
 	CFLAGS="-I$i $save_CFLAGS"
 	cat > conftest.$ac_ext <<EOF
-#line 2183 "configure"
+#line 2194 "configure"
 #include "confdefs.h"
 #include <hesiod.h>
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:2190: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2201: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ires=$i;break
 else
@@ -2198,14 +2209,14 @@ done
 for i in $lib_dirs; do
 	LIBS="-L$i -lhesiod  $save_LIBS"
 	cat > conftest.$ac_ext <<EOF
-#line 2202 "configure"
+#line 2213 "configure"
 #include "confdefs.h"
 #include <hesiod.h>
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:2209: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2220: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   lres=$i;break
 else
@@ -2297,9 +2308,8 @@ case "${host}" in
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
 	install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so'
 	;;
-*-*-freebsd3*)
+*-*-freebsd[34]*)
 	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	LDSHARED='ld -Bshareable'
 	REAL_LD_FLAGS='-Wl,-R$(libdir)'
 	build_symlink_command='$(LN_S) -f $@ $(LIBNAME).so'
 	install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
@@ -2370,7 +2380,7 @@ else
  SHLIBEXT="$REAL_SHLIBEXT"
  LIBEXT="$SHLIBEXT"
  echo $ac_n "checking whether to use -rpath""... $ac_c" 1>&6
-echo "configure:2374: checking whether to use -rpath" >&5
+echo "configure:2384: checking whether to use -rpath" >&5
  case "$libdir" in
    /lib | /usr/lib | /usr/local/lib)
      echo "$ac_t""no" 1>&6
@@ -2407,14 +2417,14 @@ fi
 
 
 echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6
-echo "configure:2411: checking whether byte ordering is bigendian" >&5
+echo "configure:2421: checking whether byte ordering is bigendian" >&5
 if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   ac_cv_c_bigendian=unknown
 # See if sys/param.h defines the BYTE_ORDER macro.
 cat > conftest.$ac_ext <<EOF
-#line 2418 "configure"
+#line 2428 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/param.h>
@@ -2425,11 +2435,11 @@ int main() {
 #endif
 ; return 0; }
 EOF
-if { (eval echo configure:2429: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2439: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   # It does; now see whether it defined to BIG_ENDIAN or not.
 cat > conftest.$ac_ext <<EOF
-#line 2433 "configure"
+#line 2443 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/param.h>
@@ -2440,7 +2450,7 @@ int main() {
 #endif
 ; return 0; }
 EOF
-if { (eval echo configure:2444: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2454: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_c_bigendian=yes
 else
@@ -2460,7 +2470,7 @@ if test "$cross_compiling" = yes; then
     { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
 else
   cat > conftest.$ac_ext <<EOF
-#line 2464 "configure"
+#line 2474 "configure"
 #include "confdefs.h"
 main () {
   /* Are we little or big endian?  From Harbison&Steele.  */
@@ -2473,7 +2483,7 @@ main () {
   exit (u.c[sizeof (long) - 1] == 1);
 }
 EOF
-if { (eval echo configure:2477: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:2487: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_c_bigendian=no
 else
@@ -2498,12 +2508,12 @@ fi
 
 
 echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:2502: checking for working const" >&5
+echo "configure:2512: checking for working const" >&5
 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 2507 "configure"
+#line 2517 "configure"
 #include "confdefs.h"
 
 int main() {
@@ -2552,7 +2562,7 @@ ccp = (char const *const *) p;
 
 ; return 0; }
 EOF
-if { (eval echo configure:2556: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2566: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_c_const=yes
 else
@@ -2574,21 +2584,21 @@ fi
 
 
 echo $ac_n "checking for inline""... $ac_c" 1>&6
-echo "configure:2578: checking for inline" >&5
+echo "configure:2588: checking for inline" >&5
 if eval "test \"`echo '$''{'ac_cv_c_inline'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   ac_cv_c_inline=no
 for ac_kw in inline __inline__ __inline; do
   cat > conftest.$ac_ext <<EOF
-#line 2585 "configure"
+#line 2595 "configure"
 #include "confdefs.h"
 
 int main() {
 } $ac_kw foo() {
 ; return 0; }
 EOF
-if { (eval echo configure:2592: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2602: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_c_inline=$ac_kw; break
 else
@@ -2616,13 +2626,13 @@ esac
 
 
 echo $ac_n "checking for __attribute__""... $ac_c" 1>&6
-echo "configure:2620: checking for __attribute__" >&5
+echo "configure:2630: checking for __attribute__" >&5
 if eval "test \"`echo '$''{'ac_cv___attribute__'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 2626 "configure"
+#line 2636 "configure"
 #include "confdefs.h"
 
 #include <stdlib.h>
@@ -2639,7 +2649,7 @@ foo(void)
 
 ; return 0; }
 EOF
-if { (eval echo configure:2643: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2653: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv___attribute__=yes
 else
@@ -2663,12 +2673,12 @@ echo "$ac_t""$ac_cv___attribute__" 1>&6
 
 
 echo $ac_n "checking for NEXTSTEP""... $ac_c" 1>&6
-echo "configure:2667: checking for NEXTSTEP" >&5
+echo "configure:2677: checking for NEXTSTEP" >&5
 if eval "test \"`echo '$''{'krb_cv_sys_nextstep'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 2672 "configure"
+#line 2682 "configure"
 #include "confdefs.h"
 #if defined(NeXT) && !defined(__APPLE__)
 	yes
@@ -2695,12 +2705,12 @@ echo "$ac_t""$krb_cv_sys_nextstep" 1>&6
 
 
 echo $ac_n "checking for AIX""... $ac_c" 1>&6
-echo "configure:2699: checking for AIX" >&5
+echo "configure:2709: checking for AIX" >&5
 if eval "test \"`echo '$''{'krb_cv_sys_aix'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 2704 "configure"
+#line 2714 "configure"
 #include "confdefs.h"
 #ifdef _AIX
 	yes
@@ -2737,7 +2747,7 @@ if test "$krb_cv_sys_aix" = yes ;then
 
 
 echo $ac_n "checking for dlopen""... $ac_c" 1>&6
-echo "configure:2741: checking for dlopen" >&5
+echo "configure:2751: checking for dlopen" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_dlopen'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -2750,16 +2760,16 @@ if eval "test \"\$ac_cv_func_dlopen\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 2756 "configure"
+#line 2766 "configure"
 #include "confdefs.h"
 
 int main() {
 dlopen()
 ; return 0; }
 EOF
-if { (eval echo configure:2763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2773: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_dlopen=$ac_lib; else ac_cv_funclib_dlopen=yes; fi";break
 else
@@ -2839,18 +2849,22 @@ esac
 # AIX414
 #
 
+case "${host}" in
+*-*-aix4.1*)
 if test -f /lib/pse.exp ;then
 	LIBS="$LIBS -Wl,-bnolibpath -Wl,-bI:/lib/pse.exp"
 fi
+;;
+esac
 
 
 echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:2849: checking for ANSI C header files" >&5
+echo "configure:2863: checking for ANSI C header files" >&5
 if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 2854 "configure"
+#line 2868 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
 #include <stdarg.h>
@@ -2858,7 +2872,7 @@ else
 #include <float.h>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2862: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:2876: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -2875,7 +2889,7 @@ rm -f conftest*
 if test $ac_cv_header_stdc = yes; then
   # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
 cat > conftest.$ac_ext <<EOF
-#line 2879 "configure"
+#line 2893 "configure"
 #include "confdefs.h"
 #include <string.h>
 EOF
@@ -2893,7 +2907,7 @@ fi
 if test $ac_cv_header_stdc = yes; then
   # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
 cat > conftest.$ac_ext <<EOF
-#line 2897 "configure"
+#line 2911 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
 EOF
@@ -2914,7 +2928,7 @@ if test "$cross_compiling" = yes; then
   :
 else
   cat > conftest.$ac_ext <<EOF
-#line 2918 "configure"
+#line 2932 "configure"
 #include "confdefs.h"
 #include <ctype.h>
 #define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
@@ -2925,7 +2939,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
 exit (0); }
 
 EOF
-if { (eval echo configure:2929: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:2943: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   :
 else
@@ -2994,7 +3008,6 @@ for ac_hdr in arpa/ftp.h			\
 	signal.h				\
 	stropts.h				\
 	sys/bitypes.h				\
-	sys/capability.h			\
 	sys/category.h				\
 	sys/file.h				\
 	sys/filio.h				\
@@ -3048,17 +3061,17 @@ for ac_hdr in arpa/ftp.h			\
 do
 ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:3052: checking for $ac_hdr" >&5
+echo "configure:3065: checking for $ac_hdr" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3057 "configure"
+#line 3070 "configure"
 #include "confdefs.h"
 #include <$ac_hdr>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3062: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3075: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -3086,12 +3099,12 @@ done
 
 
 echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6
-echo "configure:3090: checking whether time.h and sys/time.h may both be included" >&5
+echo "configure:3103: checking whether time.h and sys/time.h may both be included" >&5
 if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3095 "configure"
+#line 3108 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/time.h>
@@ -3100,7 +3113,7 @@ int main() {
 struct tm *tp;
 ; return 0; }
 EOF
-if { (eval echo configure:3104: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3117: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_header_time=yes
 else
@@ -3121,12 +3134,12 @@ EOF
 fi
 
 echo $ac_n "checking for sys_siglist declaration in signal.h or unistd.h""... $ac_c" 1>&6
-echo "configure:3125: checking for sys_siglist declaration in signal.h or unistd.h" >&5
+echo "configure:3138: checking for sys_siglist declaration in signal.h or unistd.h" >&5
 if eval "test \"`echo '$''{'ac_cv_decl_sys_siglist'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3130 "configure"
+#line 3143 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <signal.h>
@@ -3138,7 +3151,7 @@ int main() {
 char *msg = *(sys_siglist + 1);
 ; return 0; }
 EOF
-if { (eval echo configure:3142: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3155: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_decl_sys_siglist=yes
 else
@@ -3164,17 +3177,17 @@ for ac_hdr in standards.h
 do
 ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:3168: checking for $ac_hdr" >&5
+echo "configure:3181: checking for $ac_hdr" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3173 "configure"
+#line 3186 "configure"
 #include "confdefs.h"
 #include <$ac_hdr>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3178: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3191: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -3205,12 +3218,12 @@ for i in netinet/ip.h netinet/tcp.h; do
 cv=`echo "$i" | sed 'y%./+-%__p_%'`
 
 echo $ac_n "checking for $i""... $ac_c" 1>&6
-echo "configure:3209: checking for $i" >&5
+echo "configure:3222: checking for $i" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$cv'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3214 "configure"
+#line 3227 "configure"
 #include "confdefs.h"
 \
 #ifdef HAVE_STANDARDS_H
@@ -3220,7 +3233,7 @@ else
 
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3224: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3237: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -3264,15 +3277,18 @@ fi
 
 for i in int8_t int16_t int32_t int64_t; do
 	echo $ac_n "checking for $i""... $ac_c" 1>&6
-echo "configure:3268: checking for $i" >&5
+echo "configure:3281: checking for $i" >&5
 	
 if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3274 "configure"
+#line 3287 "configure"
 #include "confdefs.h"
 
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
@@ -3291,7 +3307,7 @@ $i x;
 
 ; return 0; }
 EOF
-if { (eval echo configure:3295: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3311: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval ac_cv_type_$i=yes
 else
@@ -3317,15 +3333,18 @@ done
 
 for i in u_int8_t u_int16_t u_int32_t u_int64_t; do
 	echo $ac_n "checking for $i""... $ac_c" 1>&6
-echo "configure:3321: checking for $i" >&5
+echo "configure:3337: checking for $i" >&5
 	
 if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3327 "configure"
+#line 3343 "configure"
 #include "confdefs.h"
 
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
@@ -3344,7 +3363,7 @@ $i x;
 
 ; return 0; }
 EOF
-if { (eval echo configure:3348: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3367: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval ac_cv_type_$i=yes
 else
@@ -3369,13 +3388,13 @@ done
 
 
 echo $ac_n "checking for strange sys/bitypes.h""... $ac_c" 1>&6
-echo "configure:3373: checking for strange sys/bitypes.h" >&5
+echo "configure:3392: checking for strange sys/bitypes.h" >&5
 if eval "test \"`echo '$''{'krb_cv_int8_t_ifdef'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 3379 "configure"
+#line 3398 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYS_TYPES_H
@@ -3393,7 +3412,7 @@ int8_t x;
 
 ; return 0; }
 EOF
-if { (eval echo configure:3397: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3416: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   krb_cv_int8_t_ifdef=no
 else
@@ -3417,7 +3436,7 @@ fi
 
 
 echo $ac_n "checking for crypt""... $ac_c" 1>&6
-echo "configure:3421: checking for crypt" >&5
+echo "configure:3440: checking for crypt" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_crypt'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3430,16 +3449,16 @@ if eval "test \"\$ac_cv_func_crypt\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3436 "configure"
+#line 3455 "configure"
 #include "confdefs.h"
 
 int main() {
 crypt()
 ; return 0; }
 EOF
-if { (eval echo configure:3443: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3462: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_crypt=$ac_lib; else ac_cv_funclib_crypt=yes; fi";break
 else
@@ -3504,7 +3523,7 @@ esac
 
 
 echo $ac_n "checking for socket""... $ac_c" 1>&6
-echo "configure:3508: checking for socket" >&5
+echo "configure:3527: checking for socket" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_socket'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3517,9 +3536,9 @@ if eval "test \"\$ac_cv_func_socket\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3523 "configure"
+#line 3542 "configure"
 #include "confdefs.h"
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
@@ -3531,7 +3550,7 @@ int main() {
 socket(0,0,0)
 ; return 0; }
 EOF
-if { (eval echo configure:3535: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3554: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_socket=$ac_lib; else ac_cv_funclib_socket=yes; fi";break
 else
@@ -3599,7 +3618,7 @@ fi
 
 
 echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6
-echo "configure:3603: checking for gethostbyname" >&5
+echo "configure:3622: checking for gethostbyname" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_gethostbyname'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3612,9 +3631,9 @@ if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3618 "configure"
+#line 3637 "configure"
 #include "confdefs.h"
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
@@ -3626,7 +3645,7 @@ int main() {
 gethostbyname("foo")
 ; return 0; }
 EOF
-if { (eval echo configure:3630: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3649: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname=$ac_lib; else ac_cv_funclib_gethostbyname=yes; fi";break
 else
@@ -3696,7 +3715,7 @@ fi
 
 
 echo $ac_n "checking for odm_initialize""... $ac_c" 1>&6
-echo "configure:3700: checking for odm_initialize" >&5
+echo "configure:3719: checking for odm_initialize" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_odm_initialize'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3709,16 +3728,16 @@ if eval "test \"\$ac_cv_func_odm_initialize\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3715 "configure"
+#line 3734 "configure"
 #include "confdefs.h"
 
 int main() {
 odm_initialize()
 ; return 0; }
 EOF
-if { (eval echo configure:3722: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3741: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_odm_initialize=$ac_lib; else ac_cv_funclib_odm_initialize=yes; fi";break
 else
@@ -3786,7 +3805,7 @@ fi
 
 
 echo $ac_n "checking for getattr""... $ac_c" 1>&6
-echo "configure:3790: checking for getattr" >&5
+echo "configure:3809: checking for getattr" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_getattr'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3799,16 +3818,16 @@ if eval "test \"\$ac_cv_func_getattr\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3805 "configure"
+#line 3824 "configure"
 #include "confdefs.h"
 
 int main() {
 getattr()
 ; return 0; }
 EOF
-if { (eval echo configure:3812: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3831: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_getattr=$ac_lib; else ac_cv_funclib_getattr=yes; fi";break
 else
@@ -3876,7 +3895,7 @@ fi
 
 
 echo $ac_n "checking for setpcred""... $ac_c" 1>&6
-echo "configure:3880: checking for setpcred" >&5
+echo "configure:3899: checking for setpcred" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_setpcred'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3889,16 +3908,16 @@ if eval "test \"\$ac_cv_func_setpcred\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3895 "configure"
+#line 3914 "configure"
 #include "confdefs.h"
 
 int main() {
 setpcred()
 ; return 0; }
 EOF
-if { (eval echo configure:3902: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3921: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_setpcred=$ac_lib; else ac_cv_funclib_setpcred=yes; fi";break
 else
@@ -3966,7 +3985,7 @@ fi
 
 
 echo $ac_n "checking for logwtmp""... $ac_c" 1>&6
-echo "configure:3970: checking for logwtmp" >&5
+echo "configure:3989: checking for logwtmp" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_logwtmp'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -3979,16 +3998,16 @@ if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 3985 "configure"
+#line 4004 "configure"
 #include "confdefs.h"
 
 int main() {
 logwtmp()
 ; return 0; }
 EOF
-if { (eval echo configure:3992: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4011: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_logwtmp=$ac_lib; else ac_cv_funclib_logwtmp=yes; fi";break
 else
@@ -4057,7 +4076,7 @@ fi
 
 
 echo $ac_n "checking for logout""... $ac_c" 1>&6
-echo "configure:4061: checking for logout" >&5
+echo "configure:4080: checking for logout" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_logout'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -4070,16 +4089,16 @@ if eval "test \"\$ac_cv_func_logout\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 4076 "configure"
+#line 4095 "configure"
 #include "confdefs.h"
 
 int main() {
 logout()
 ; return 0; }
 EOF
-if { (eval echo configure:4083: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4102: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_logout=$ac_lib; else ac_cv_funclib_logout=yes; fi";break
 else
@@ -4146,7 +4165,7 @@ fi
 
 
 echo $ac_n "checking for tgetent""... $ac_c" 1>&6
-echo "configure:4150: checking for tgetent" >&5
+echo "configure:4169: checking for tgetent" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_tgetent'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -4159,16 +4178,16 @@ if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 4165 "configure"
+#line 4184 "configure"
 #include "confdefs.h"
 
 int main() {
 tgetent()
 ; return 0; }
 EOF
-if { (eval echo configure:4172: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4191: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_tgetent=$ac_lib; else ac_cv_funclib_tgetent=yes; fi";break
 else
@@ -4233,7 +4252,7 @@ esac
 # Uses ac_ vars as temps to allow command line to override cache and checks.
 # --without-x overrides everything else, but does not touch the cache.
 echo $ac_n "checking for X""... $ac_c" 1>&6
-echo "configure:4237: checking for X" >&5
+echo "configure:4256: checking for X" >&5
 
 # Check whether --with-x or --without-x was given.
 if test "${with_x+set}" = set; then
@@ -4295,12 +4314,12 @@ if test "$ac_x_includes" = NO; then
 
   # First, try using that file with no special directory specified.
 cat > conftest.$ac_ext <<EOF
-#line 4299 "configure"
+#line 4318 "configure"
 #include "confdefs.h"
 #include <$x_direct_test_include>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:4304: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:4323: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -4369,14 +4388,14 @@ if test "$ac_x_libraries" = NO; then
   ac_save_LIBS="$LIBS"
   LIBS="-l$x_direct_test_library $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4373 "configure"
+#line 4392 "configure"
 #include "confdefs.h"
 
 int main() {
 ${x_direct_test_function}()
 ; return 0; }
 EOF
-if { (eval echo configure:4380: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4399: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   LIBS="$ac_save_LIBS"
 # We can link X programs with no special library path.
@@ -4483,17 +4502,17 @@ else
     case "`(uname -sr) 2>/dev/null`" in
     "SunOS 5"*)
       echo $ac_n "checking whether -R must be followed by a space""... $ac_c" 1>&6
-echo "configure:4487: checking whether -R must be followed by a space" >&5
+echo "configure:4506: checking whether -R must be followed by a space" >&5
       ac_xsave_LIBS="$LIBS"; LIBS="$LIBS -R$x_libraries"
       cat > conftest.$ac_ext <<EOF
-#line 4490 "configure"
+#line 4509 "configure"
 #include "confdefs.h"
 
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:4497: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4516: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_R_nospace=yes
 else
@@ -4509,14 +4528,14 @@ rm -f conftest*
       else
 	LIBS="$ac_xsave_LIBS -R $x_libraries"
 	cat > conftest.$ac_ext <<EOF
-#line 4513 "configure"
+#line 4532 "configure"
 #include "confdefs.h"
 
 int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:4520: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4539: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_R_space=yes
 else
@@ -4548,7 +4567,7 @@ rm -f conftest*
     # libraries were built with DECnet support.  And karl@cs.umb.edu says
     # the Alpha needs dnet_stub (dnet does not exist).
     echo $ac_n "checking for dnet_ntoa in -ldnet""... $ac_c" 1>&6
-echo "configure:4552: checking for dnet_ntoa in -ldnet" >&5
+echo "configure:4571: checking for dnet_ntoa in -ldnet" >&5
 ac_lib_var=`echo dnet'_'dnet_ntoa | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4556,7 +4575,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-ldnet  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4560 "configure"
+#line 4579 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4567,7 +4586,7 @@ int main() {
 dnet_ntoa()
 ; return 0; }
 EOF
-if { (eval echo configure:4571: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4590: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -4589,7 +4608,7 @@ fi
 
     if test $ac_cv_lib_dnet_dnet_ntoa = no; then
       echo $ac_n "checking for dnet_ntoa in -ldnet_stub""... $ac_c" 1>&6
-echo "configure:4593: checking for dnet_ntoa in -ldnet_stub" >&5
+echo "configure:4612: checking for dnet_ntoa in -ldnet_stub" >&5
 ac_lib_var=`echo dnet_stub'_'dnet_ntoa | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4597,7 +4616,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-ldnet_stub  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4601 "configure"
+#line 4620 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4608,7 +4627,7 @@ int main() {
 dnet_ntoa()
 ; return 0; }
 EOF
-if { (eval echo configure:4612: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4631: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -4637,12 +4656,12 @@ fi
     # The nsl library prevents programs from opening the X display
     # on Irix 5.2, according to dickey@clark.net.
     echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6
-echo "configure:4641: checking for gethostbyname" >&5
+echo "configure:4660: checking for gethostbyname" >&5
 if eval "test \"`echo '$''{'ac_cv_func_gethostbyname'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 4646 "configure"
+#line 4665 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char gethostbyname(); below.  */
@@ -4665,7 +4684,7 @@ gethostbyname();
 
 ; return 0; }
 EOF
-if { (eval echo configure:4669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4688: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_gethostbyname=yes"
 else
@@ -4686,7 +4705,7 @@ fi
 
     if test $ac_cv_func_gethostbyname = no; then
       echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6
-echo "configure:4690: checking for gethostbyname in -lnsl" >&5
+echo "configure:4709: checking for gethostbyname in -lnsl" >&5
 ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4694,7 +4713,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-lnsl  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4698 "configure"
+#line 4717 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4705,7 +4724,7 @@ int main() {
 gethostbyname()
 ; return 0; }
 EOF
-if { (eval echo configure:4709: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4728: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -4735,12 +4754,12 @@ fi
     # -lsocket must be given before -lnsl if both are needed.
     # We assume that if connect needs -lnsl, so does gethostbyname.
     echo $ac_n "checking for connect""... $ac_c" 1>&6
-echo "configure:4739: checking for connect" >&5
+echo "configure:4758: checking for connect" >&5
 if eval "test \"`echo '$''{'ac_cv_func_connect'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 4744 "configure"
+#line 4763 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char connect(); below.  */
@@ -4763,7 +4782,7 @@ connect();
 
 ; return 0; }
 EOF
-if { (eval echo configure:4767: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4786: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_connect=yes"
 else
@@ -4784,7 +4803,7 @@ fi
 
     if test $ac_cv_func_connect = no; then
       echo $ac_n "checking for connect in -lsocket""... $ac_c" 1>&6
-echo "configure:4788: checking for connect in -lsocket" >&5
+echo "configure:4807: checking for connect in -lsocket" >&5
 ac_lib_var=`echo socket'_'connect | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4792,7 +4811,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-lsocket $X_EXTRA_LIBS $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4796 "configure"
+#line 4815 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4803,7 +4822,7 @@ int main() {
 connect()
 ; return 0; }
 EOF
-if { (eval echo configure:4807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -4827,12 +4846,12 @@ fi
 
     # gomez@mi.uni-erlangen.de says -lposix is necessary on A/UX.
     echo $ac_n "checking for remove""... $ac_c" 1>&6
-echo "configure:4831: checking for remove" >&5
+echo "configure:4850: checking for remove" >&5
 if eval "test \"`echo '$''{'ac_cv_func_remove'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 4836 "configure"
+#line 4855 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char remove(); below.  */
@@ -4855,7 +4874,7 @@ remove();
 
 ; return 0; }
 EOF
-if { (eval echo configure:4859: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4878: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_remove=yes"
 else
@@ -4876,7 +4895,7 @@ fi
 
     if test $ac_cv_func_remove = no; then
       echo $ac_n "checking for remove in -lposix""... $ac_c" 1>&6
-echo "configure:4880: checking for remove in -lposix" >&5
+echo "configure:4899: checking for remove in -lposix" >&5
 ac_lib_var=`echo posix'_'remove | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4884,7 +4903,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-lposix  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4888 "configure"
+#line 4907 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4895,7 +4914,7 @@ int main() {
 remove()
 ; return 0; }
 EOF
-if { (eval echo configure:4899: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4918: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -4919,12 +4938,12 @@ fi
 
     # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay.
     echo $ac_n "checking for shmat""... $ac_c" 1>&6
-echo "configure:4923: checking for shmat" >&5
+echo "configure:4942: checking for shmat" >&5
 if eval "test \"`echo '$''{'ac_cv_func_shmat'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 4928 "configure"
+#line 4947 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char shmat(); below.  */
@@ -4947,7 +4966,7 @@ shmat();
 
 ; return 0; }
 EOF
-if { (eval echo configure:4951: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4970: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_shmat=yes"
 else
@@ -4968,7 +4987,7 @@ fi
 
     if test $ac_cv_func_shmat = no; then
       echo $ac_n "checking for shmat in -lipc""... $ac_c" 1>&6
-echo "configure:4972: checking for shmat in -lipc" >&5
+echo "configure:4991: checking for shmat in -lipc" >&5
 ac_lib_var=`echo ipc'_'shmat | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -4976,7 +4995,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-lipc  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 4980 "configure"
+#line 4999 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -4987,7 +5006,7 @@ int main() {
 shmat()
 ; return 0; }
 EOF
-if { (eval echo configure:4991: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5010: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -5020,7 +5039,7 @@ fi
   # libraries we check for below, so use a different variable.
   #  --interran@uluru.Stanford.EDU, kb@cs.umb.edu.
   echo $ac_n "checking for IceConnectionNumber in -lICE""... $ac_c" 1>&6
-echo "configure:5024: checking for IceConnectionNumber in -lICE" >&5
+echo "configure:5043: checking for IceConnectionNumber in -lICE" >&5
 ac_lib_var=`echo ICE'_'IceConnectionNumber | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -5028,7 +5047,7 @@ else
   ac_save_LIBS="$LIBS"
 LIBS="-lICE $X_EXTRA_LIBS $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 5032 "configure"
+#line 5051 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
@@ -5039,7 +5058,7 @@ int main() {
 IceConnectionNumber()
 ; return 0; }
 EOF
-if { (eval echo configure:5043: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5062: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
@@ -5068,7 +5087,7 @@ fi
 # and yes, the autoconf X test is utterly broken
 if test "$no_x" != yes; then
 	echo $ac_n "checking for special X linker flags""... $ac_c" 1>&6
-echo "configure:5072: checking for special X linker flags" >&5
+echo "configure:5091: checking for special X linker flags" >&5
 if eval "test \"`echo '$''{'krb_cv_sys_x_libs_rpath'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5094,12 +5113,12 @@ else
 			esac
 			done
 		fi
-		LIBS="$ac_save_libs $foo -lX11"
+		LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS"
 		if test "$cross_compiling" = yes; then
     { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
 else
   cat > conftest.$ac_ext <<EOF
-#line 5103 "configure"
+#line 5122 "configure"
 #include "confdefs.h"
 
 		#include <X11/Xlib.h>
@@ -5113,7 +5132,7 @@ else
 		}
 		
 EOF
-if { (eval echo configure:5117: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5136: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break
 else
@@ -5156,7 +5175,7 @@ LDFLAGS="$LDFLAGS $X_LIBS"
 
 
 echo $ac_n "checking for XauWriteAuth""... $ac_c" 1>&6
-echo "configure:5160: checking for XauWriteAuth" >&5
+echo "configure:5179: checking for XauWriteAuth" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_XauWriteAuth'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5169,16 +5188,16 @@ if eval "test \"\$ac_cv_func_XauWriteAuth\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 5175 "configure"
+#line 5194 "configure"
 #include "confdefs.h"
 
 int main() {
 XauWriteAuth()
 ; return 0; }
 EOF
-if { (eval echo configure:5182: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5201: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauWriteAuth=$ac_lib; else ac_cv_funclib_XauWriteAuth=yes; fi";break
 else
@@ -5243,7 +5262,7 @@ LIBS="$LIB_XauWriteAuth $LIBS"
 
 
 echo $ac_n "checking for XauReadAuth""... $ac_c" 1>&6
-echo "configure:5247: checking for XauReadAuth" >&5
+echo "configure:5266: checking for XauReadAuth" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_XauReadAuth'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5256,16 +5275,16 @@ if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 5262 "configure"
+#line 5281 "configure"
 #include "confdefs.h"
 
 int main() {
 XauReadAuth()
 ; return 0; }
 EOF
-if { (eval echo configure:5269: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5288: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauReadAuth=$ac_lib; else ac_cv_funclib_XauReadAuth=yes; fi";break
 else
@@ -5329,7 +5348,7 @@ LIBS="$LIB_XauReadAauth $LIBS"
 
 
 echo $ac_n "checking for XauFileName""... $ac_c" 1>&6
-echo "configure:5333: checking for XauFileName" >&5
+echo "configure:5352: checking for XauFileName" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_XauFileName'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5342,16 +5361,16 @@ if eval "test \"\$ac_cv_func_XauFileName\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 5348 "configure"
+#line 5367 "configure"
 #include "confdefs.h"
 
 int main() {
 XauFileName()
 ; return 0; }
 EOF
-if { (eval echo configure:5355: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5374: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauFileName=$ac_lib; else ac_cv_funclib_XauFileName=yes; fi";break
 else
@@ -5474,7 +5493,7 @@ for i in "" $berkeley_db gdbm ndbm; do
 	fi	
 
 	echo $ac_n "checking for dbm_open in $m""... $ac_c" 1>&6
-echo "configure:5478: checking for dbm_open in $m" >&5
+echo "configure:5497: checking for dbm_open in $m" >&5
 	if eval "test \"`echo '$''{'ac_cv_krb_dbm_open_$m'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5486,7 +5505,7 @@ else
   ac_res=no
 else
   cat > conftest.$ac_ext <<EOF
-#line 5490 "configure"
+#line 5509 "configure"
 #include "confdefs.h"
 
 #include <unistd.h>
@@ -5512,7 +5531,7 @@ int main()
   return 0;
 }
 EOF
-if { (eval echo configure:5516: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5535: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   
 	if test -f conftest.db; then
@@ -5547,7 +5566,7 @@ fi
 done
 
 echo $ac_n "checking for NDBM library""... $ac_c" 1>&6
-echo "configure:5551: checking for NDBM library" >&5
+echo "configure:5570: checking for NDBM library" >&5
 ac_ndbm=no
 if test "$lib_db" != no; then
 	LIB_DBM="$lib_db"
@@ -5588,7 +5607,7 @@ echo "$ac_t""$ac_res" 1>&6
 
 
 echo $ac_n "checking for syslog""... $ac_c" 1>&6
-echo "configure:5592: checking for syslog" >&5
+echo "configure:5611: checking for syslog" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_syslog'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5601,16 +5620,16 @@ if eval "test \"\$ac_cv_func_syslog\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 5607 "configure"
+#line 5626 "configure"
 #include "confdefs.h"
 
 int main() {
 syslog()
 ; return 0; }
 EOF
-if { (eval echo configure:5614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5633: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_syslog=$ac_lib; else ac_cv_funclib_syslog=yes; fi";break
 else
@@ -5676,7 +5695,7 @@ fi
 
 
 echo $ac_n "checking for working snprintf""... $ac_c" 1>&6
-echo "configure:5680: checking for working snprintf" >&5
+echo "configure:5699: checking for working snprintf" >&5
 if eval "test \"`echo '$''{'ac_cv_func_snprintf_working'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -5685,7 +5704,7 @@ if test "$cross_compiling" = yes; then
   :
 else
   cat > conftest.$ac_ext <<EOF
-#line 5689 "configure"
+#line 5708 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -5697,7 +5716,7 @@ int main()
 	return strcmp(foo, "1");
 }
 EOF
-if { (eval echo configure:5701: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5720: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   :
 else
@@ -5723,12 +5742,12 @@ if test "$ac_cv_func_snprintf_working" = yes; then
 
 if test "$ac_cv_func_snprintf+set" != set -o "$ac_cv_func_snprintf" = yes; then
 echo $ac_n "checking if snprintf needs a prototype""... $ac_c" 1>&6
-echo "configure:5727: checking if snprintf needs a prototype" >&5
+echo "configure:5746: checking if snprintf needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_snprintf_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 5732 "configure"
+#line 5751 "configure"
 #include "confdefs.h"
 #include <stdio.h>
 int main() {
@@ -5738,7 +5757,7 @@ snprintf(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:5742: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5761: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_snprintf_noproto=yes"
 else
@@ -5765,13 +5784,13 @@ fi
 
 
 echo $ac_n "checking for working glob""... $ac_c" 1>&6
-echo "configure:5769: checking for working glob" >&5
+echo "configure:5788: checking for working glob" >&5
 if eval "test \"`echo '$''{'ac_cv_func_glob_working'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   ac_cv_func_glob_working=yes
 cat > conftest.$ac_ext <<EOF
-#line 5775 "configure"
+#line 5794 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -5782,7 +5801,7 @@ glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE, NULL, NULL);
 
 ; return 0; }
 EOF
-if { (eval echo configure:5786: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5805: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   :
 else
@@ -5806,12 +5825,12 @@ if test "$ac_cv_func_glob_working" = yes; then
 
 if test "$ac_cv_func_glob+set" != set -o "$ac_cv_func_glob" = yes; then
 echo $ac_n "checking if glob needs a prototype""... $ac_c" 1>&6
-echo "configure:5810: checking if glob needs a prototype" >&5
+echo "configure:5829: checking if glob needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_glob_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 5815 "configure"
+#line 5834 "configure"
 #include "confdefs.h"
 #include <stdio.h>
 #include <glob.h>
@@ -5822,7 +5841,7 @@ glob(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:5826: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5845: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_glob_noproto=yes"
 else
@@ -5853,236 +5872,68 @@ if test "$ac_cv_func_glob_working" != yes; then
 	LIBOBJS="$LIBOBJS glob.o"
 fi
 
-for ac_func in asnprintf asprintf vasprintf vasnprintf vsnprintf
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5860: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5865 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5888: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-for ac_func in atexit _getpty _scrsize _setsid _stricmp chroot fattach fchmod
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5916: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5921 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5944: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in fcntl forkpty frevoke getlogin getpriority
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5971: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5976 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5999: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in getrlimit getservbyname getspnam getspuid gettimeofday
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6026: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6031 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6054: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in gettosbyname getuid grantpt mktime parsetos ptsname
+for ac_func in 				\
+	_getpty					\
+	_scrsize				\
+	_setsid					\
+	_stricmp				\
+	asnprintf				\
+	asprintf				\
+	atexit					\
+	cgetent					\
+	chroot					\
+	fattach					\
+	fchmod					\
+	fcntl					\
+	forkpty					\
+	frevoke					\
+	getpriority				\
+	getrlimit				\
+	getservbyname				\
+	getspnam				\
+	gettimeofday				\
+	gettosbyname				\
+	getuid					\
+	grantpt					\
+	mktime					\
+	on_exit					\
+	parsetos				\
+	ptsname					\
+	rand					\
+	random					\
+	revoke					\
+	setitimer				\
+	setpgid					\
+	setpriority				\
+	setproctitle				\
+	setregid				\
+	setresgid				\
+	setresuid				\
+	setreuid				\
+	setsid					\
+	setutent				\
+	sigaction				\
+	sysconf					\
+	sysctl					\
+	ttyname					\
+	ttyslot					\
+	ulimit					\
+	uname					\
+	unlockpt				\
+	vasnprintf				\
+	vasprintf				\
+	vhangup					\
+	vsnprintf				\
+	yp_get_default_domain			\
+	
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6081: checking for $ac_func" >&5
+echo "configure:5932: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 6086 "configure"
+#line 5937 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -6105,7 +5956,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:6109: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5960: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -6129,109 +5980,42 @@ else
 fi
 done
 
-for ac_func in rand random revoke setitimer setlogin setpgid setpriority
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6136: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6141 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
 
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
 
-; return 0; }
-EOF
-if { (eval echo configure:6164: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
 
-for ac_func in setproctitle setregid setresgid setresuid setreuid setsid
+for ac_hdr in capability.h sys/capability.h
 do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6191: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
+echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+echo "configure:5991: checking for $ac_hdr" >&5
+if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 6196 "configure"
+#line 5996 "configure"
 #include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
+#include <$ac_hdr>
 EOF
-if { (eval echo configure:6219: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:6001: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
   rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
+  eval "ac_cv_header_$ac_safe=yes"
 else
+  echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
+  eval "ac_cv_header_$ac_safe=no"
 fi
 rm -f conftest*
 fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
   echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
   cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
+#define $ac_tr_hdr 1
 EOF
  
 else
@@ -6239,70 +6023,16 @@ else
 fi
 done
 
-for ac_func in setutent sigaction sysconf sysctl ttyname ttyslot
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6246: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6251 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6274: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
 
-for ac_func in ulimit uname unlockpt vhangup yp_get_default_domain
+for ac_func in sgi_getcapabilitybyname cap_set_proc
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6301: checking for $ac_func" >&5
+echo "configure:6031: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 6306 "configure"
+#line 6036 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -6325,7 +6055,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:6329: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6059: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -6349,60 +6079,6 @@ else
 fi
 done
 
-for ac_func in on_exit sgi_getcapabilitybyname cap_set_proc
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6356: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6361 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6384: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
 
 
 
@@ -6410,7 +6086,7 @@ done
 
 
 echo $ac_n "checking for getpwnam_r""... $ac_c" 1>&6
-echo "configure:6414: checking for getpwnam_r" >&5
+echo "configure:6090: checking for getpwnam_r" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_getpwnam_r'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6423,16 +6099,16 @@ if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 6429 "configure"
+#line 6105 "configure"
 #include "confdefs.h"
 
 int main() {
 getpwnam_r()
 ; return 0; }
 EOF
-if { (eval echo configure:6436: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_getpwnam_r=$ac_lib; else ac_cv_funclib_getpwnam_r=yes; fi";break
 else
@@ -6493,7 +6169,7 @@ esac
 
 if test "$ac_cv_func_getpwnam_r" = yes; then
 	echo $ac_n "checking if getpwnam_r is posix""... $ac_c" 1>&6
-echo "configure:6497: checking if getpwnam_r is posix" >&5
+echo "configure:6173: checking if getpwnam_r is posix" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getpwnam_r_posix'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6503,7 +6179,7 @@ else
   :
 else
   cat > conftest.$ac_ext <<EOF
-#line 6507 "configure"
+#line 6183 "configure"
 #include "confdefs.h"
 
 #include <pwd.h>
@@ -6514,7 +6190,7 @@ int main()
 }
 
 EOF
-if { (eval echo configure:6518: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:6194: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_func_getpwnam_r_posix=yes
 else
@@ -6543,7 +6219,7 @@ fi
 
 
 echo $ac_n "checking for getsockopt""... $ac_c" 1>&6
-echo "configure:6547: checking for getsockopt" >&5
+echo "configure:6223: checking for getsockopt" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_getsockopt'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6556,9 +6232,9 @@ if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 6562 "configure"
+#line 6238 "configure"
 #include "confdefs.h"
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
@@ -6570,7 +6246,7 @@ int main() {
 getsockopt(0,0,0,0,0)
 ; return 0; }
 EOF
-if { (eval echo configure:6574: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6250: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_getsockopt=$ac_lib; else ac_cv_funclib_getsockopt=yes; fi";break
 else
@@ -6633,7 +6309,7 @@ esac
 
 
 echo $ac_n "checking for setsockopt""... $ac_c" 1>&6
-echo "configure:6637: checking for setsockopt" >&5
+echo "configure:6313: checking for setsockopt" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_setsockopt'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6646,9 +6322,9 @@ if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 6652 "configure"
+#line 6328 "configure"
 #include "confdefs.h"
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
@@ -6660,7 +6336,7 @@ int main() {
 setsockopt(0,0,0,0,0)
 ; return 0; }
 EOF
-if { (eval echo configure:6664: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6340: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_setsockopt=$ac_lib; else ac_cv_funclib_setsockopt=yes; fi";break
 else
@@ -6723,12 +6399,12 @@ esac
 for ac_func in getudbnam setlim
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6727: checking for $ac_func" >&5
+echo "configure:6403: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 6732 "configure"
+#line 6408 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -6751,7 +6427,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:6755: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6431: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -6781,7 +6457,7 @@ done
 
 
 echo $ac_n "checking for res_search""... $ac_c" 1>&6
-echo "configure:6785: checking for res_search" >&5
+echo "configure:6461: checking for res_search" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_res_search'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6794,9 +6470,9 @@ if eval "test \"\$ac_cv_func_res_search\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 6800 "configure"
+#line 6476 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -6817,7 +6493,7 @@ int main() {
 res_search(0,0,0,0,0)
 ; return 0; }
 EOF
-if { (eval echo configure:6821: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6497: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_search=$ac_lib; else ac_cv_funclib_res_search=yes; fi";break
 else
@@ -6886,7 +6562,7 @@ fi
 
 
 echo $ac_n "checking for dn_expand""... $ac_c" 1>&6
-echo "configure:6890: checking for dn_expand" >&5
+echo "configure:6566: checking for dn_expand" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_dn_expand'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -6899,9 +6575,9 @@ if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 6905 "configure"
+#line 6581 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -6922,7 +6598,7 @@ int main() {
 dn_expand(0,0,0,0,0)
 ; return 0; }
 EOF
-if { (eval echo configure:6926: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6602: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_dn_expand=$ac_lib; else ac_cv_funclib_dn_expand=yes; fi";break
 else
@@ -6991,17 +6667,17 @@ for ac_hdr in unistd.h
 do
 ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:6995: checking for $ac_hdr" >&5
+echo "configure:6671: checking for $ac_hdr" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7000 "configure"
+#line 6676 "configure"
 #include "confdefs.h"
 #include <$ac_hdr>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:7005: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:6681: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -7030,12 +6706,12 @@ done
 for ac_func in getpagesize
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7034: checking for $ac_func" >&5
+echo "configure:6710: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7039 "configure"
+#line 6715 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7058,7 +6734,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7062: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6738: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7083,7 +6759,7 @@ fi
 done
 
 echo $ac_n "checking for working mmap""... $ac_c" 1>&6
-echo "configure:7087: checking for working mmap" >&5
+echo "configure:6763: checking for working mmap" >&5
 if eval "test \"`echo '$''{'ac_cv_func_mmap_fixed_mapped'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -7091,7 +6767,7 @@ else
   ac_cv_func_mmap_fixed_mapped=no
 else
   cat > conftest.$ac_ext <<EOF
-#line 7095 "configure"
+#line 6771 "configure"
 #include "confdefs.h"
 
 /* Thanks to Mike Haertel and Jim Avera for this test.
@@ -7231,7 +6907,7 @@ main()
 }
 
 EOF
-if { (eval echo configure:7235: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:6911: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_func_mmap_fixed_mapped=yes
 else
@@ -7256,19 +6932,19 @@ fi
 # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works
 # for constant arguments.  Useless!
 echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6
-echo "configure:7260: checking for working alloca.h" >&5
+echo "configure:6936: checking for working alloca.h" >&5
 if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7265 "configure"
+#line 6941 "configure"
 #include "confdefs.h"
 #include <alloca.h>
 int main() {
 char *p = alloca(2 * sizeof(int));
 ; return 0; }
 EOF
-if { (eval echo configure:7272: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6948: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_header_alloca_h=yes
 else
@@ -7289,12 +6965,12 @@ EOF
 fi
 
 echo $ac_n "checking for alloca""... $ac_c" 1>&6
-echo "configure:7293: checking for alloca" >&5
+echo "configure:6969: checking for alloca" >&5
 if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7298 "configure"
+#line 6974 "configure"
 #include "confdefs.h"
 
 #ifdef __GNUC__
@@ -7322,7 +6998,7 @@ int main() {
 char *p = (char *) alloca(1);
 ; return 0; }
 EOF
-if { (eval echo configure:7326: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_func_alloca_works=yes
 else
@@ -7354,12 +7030,12 @@ EOF
 
 
 echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6
-echo "configure:7358: checking whether alloca needs Cray hooks" >&5
+echo "configure:7034: checking whether alloca needs Cray hooks" >&5
 if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7363 "configure"
+#line 7039 "configure"
 #include "confdefs.h"
 #if defined(CRAY) && ! defined(CRAY2)
 webecray
@@ -7384,12 +7060,12 @@ echo "$ac_t""$ac_cv_os_cray" 1>&6
 if test $ac_cv_os_cray = yes; then
 for ac_func in _getb67 GETB67 getb67; do
   echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7388: checking for $ac_func" >&5
+echo "configure:7064: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7393 "configure"
+#line 7069 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7412,7 +7088,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7416: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7092: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7439,7 +7115,7 @@ done
 fi
 
 echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6
-echo "configure:7443: checking stack direction for C alloca" >&5
+echo "configure:7119: checking stack direction for C alloca" >&5
 if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -7447,7 +7123,7 @@ else
   ac_cv_c_stack_direction=0
 else
   cat > conftest.$ac_ext <<EOF
-#line 7451 "configure"
+#line 7127 "configure"
 #include "confdefs.h"
 find_stack_direction ()
 {
@@ -7466,7 +7142,7 @@ main ()
   exit (find_stack_direction() < 0);
 }
 EOF
-if { (eval echo configure:7470: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:7146: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_c_stack_direction=1
 else
@@ -7488,13 +7164,65 @@ EOF
 fi
 
 
-#
-# Test for POSIX (broken) getlogin
-#
+
+for ac_func in getlogin setlogin
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:7172: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 7177 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:7200: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
 
 if test "$ac_cv_func_getlogin" = yes; then
 echo $ac_n "checking if getlogin is posix""... $ac_c" 1>&6
-echo "configure:7498: checking if getlogin is posix" >&5
+echo "configure:7226: checking if getlogin is posix" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getlogin_posix'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -7520,8 +7248,9 @@ fi
 
 
 
+
 echo $ac_n "checking for hstrerror""... $ac_c" 1>&6
-echo "configure:7525: checking for hstrerror" >&5
+echo "configure:7254: checking for hstrerror" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_hstrerror'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -7534,9 +7263,9 @@ if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 7540 "configure"
+#line 7269 "configure"
 #include "confdefs.h"
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -7545,7 +7274,7 @@ int main() {
 hstrerror(17)
 ; return 0; }
 EOF
-if { (eval echo configure:7549: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7278: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_hstrerror=$ac_lib; else ac_cv_funclib_hstrerror=yes; fi";break
 else
@@ -7616,12 +7345,12 @@ if test "$ac_cv_func_hstrerror" = yes; then
 
 if test "$ac_cv_func_hstrerror+set" != set -o "$ac_cv_func_hstrerror" = yes; then
 echo $ac_n "checking if hstrerror needs a prototype""... $ac_c" 1>&6
-echo "configure:7620: checking if hstrerror needs a prototype" >&5
+echo "configure:7349: checking if hstrerror needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_hstrerror_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7625 "configure"
+#line 7354 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_NETDB_H
@@ -7634,7 +7363,7 @@ hstrerror(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:7638: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:7367: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_hstrerror_noproto=yes"
 else
@@ -7659,15 +7388,259 @@ fi
 
 fi
 
-for ac_func in chown daemon err errx fchown flock fnmatch
+for ac_func in chown copyhostent daemon err errx fchown flock fnmatch freehostent
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:7395: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 7400 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:7423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  
+ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`
+cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+  echo "$ac_t""no" 1>&6
+LIBOBJS="$LIBOBJS ${ac_func}.o"
+fi
+
+: << END
+@@@funcs="$funcs chown copyhostent daemon err errx fchown flock fnmatch freehostent"@@@
+END
+done
+
+for ac_func in getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:7456: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 7461 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:7484: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  
+ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`
+cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+  echo "$ac_t""no" 1>&6
+LIBOBJS="$LIBOBJS ${ac_func}.o"
+fi
+
+: << END
+@@@funcs="$funcs getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname"@@@
+END
+done
+
+for ac_func in geteuid getgid getegid
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:7517: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 7522 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:7545: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  
+ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`
+cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+  echo "$ac_t""no" 1>&6
+LIBOBJS="$LIBOBJS ${ac_func}.o"
+fi
+
+: << END
+@@@funcs="$funcs geteuid getgid getegid"@@@
+END
+done
+
+for ac_func in getopt getusershell
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:7578: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 7583 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:7606: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  
+ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`
+cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+  echo "$ac_t""no" 1>&6
+LIBOBJS="$LIBOBJS ${ac_func}.o"
+fi
+
+: << END
+@@@funcs="$funcs getopt getusershell"@@@
+END
+done
+
+for ac_func in inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7666: checking for $ac_func" >&5
+echo "configure:7639: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7671 "configure"
+#line 7644 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7690,7 +7663,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7694: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7667: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7716,19 +7689,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs chown daemon err errx fchown flock fnmatch"@@@
+@@@funcs="$funcs inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat"@@@
 END
 done
 
-for ac_func in getcwd getdtablesize gethostname geteuid getgid getegid
+for ac_func in memmove
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7727: checking for $ac_func" >&5
+echo "configure:7700: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7732 "configure"
+#line 7705 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7751,7 +7724,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7755: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7728: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7777,19 +7750,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs getcwd getdtablesize gethostname geteuid getgid getegid"@@@
+@@@funcs="$funcs memmove"@@@
 END
 done
 
-for ac_func in getopt getusershell inet_aton initgroups innetgr iruserok lstat
+for ac_func in mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7788: checking for $ac_func" >&5
+echo "configure:7761: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7793 "configure"
+#line 7766 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7812,7 +7785,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7816: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7789: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7838,19 +7811,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs getopt getusershell inet_aton initgroups innetgr iruserok lstat"@@@
+@@@funcs="$funcs mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid"@@@
 END
 done
 
-for ac_func in memmove mkstemp putenv rcmd readv setegid setenv seteuid
+for ac_func in strcasecmp strncasecmp strdup strerror strftime
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7849: checking for $ac_func" >&5
+echo "configure:7822: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7854 "configure"
+#line 7827 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7873,7 +7846,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7877: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7850: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7899,19 +7872,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs memmove mkstemp putenv rcmd readv setegid setenv seteuid"@@@
+@@@funcs="$funcs strcasecmp strncasecmp strdup strerror strftime"@@@
 END
 done
 
-for ac_func in strcasecmp strncasecmp strdup strerror strftime strlwr
+for ac_func in strlcat strlcpy strlwr
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7910: checking for $ac_func" >&5
+echo "configure:7883: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7915 "configure"
+#line 7888 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7934,7 +7907,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7938: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7911: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -7960,19 +7933,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs strcasecmp strncasecmp strdup strerror strftime strlwr"@@@
+@@@funcs="$funcs strlcat strlcpy strlwr"@@@
 END
 done
 
-for ac_func in strndup strnlen strsep strtok_r strupr
+for ac_func in strndup strnlen strptime strsep strtok_r strupr
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7971: checking for $ac_func" >&5
+echo "configure:7944: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 7976 "configure"
+#line 7949 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -7995,7 +7968,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:7999: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:7972: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -8021,19 +7994,19 @@ LIBOBJS="$LIBOBJS ${ac_func}.o"
 fi
 
 : << END
-@@@funcs="$funcs strndup strnlen strsep strtok_r strupr"@@@
+@@@funcs="$funcs strndup strnlen strptime strsep strtok_r strupr"@@@
 END
 done
 
 for ac_func in swab unsetenv verr verrx vsyslog
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:8032: checking for $ac_func" >&5
+echo "configure:8005: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8037 "configure"
+#line 8010 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -8056,7 +8029,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:8060: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8033: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -8089,12 +8062,12 @@ done
 for ac_func in vwarn vwarnx warn warnx writev
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:8093: checking for $ac_func" >&5
+echo "configure:8066: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8098 "configure"
+#line 8071 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -8117,7 +8090,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:8121: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8094: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -8152,12 +8125,12 @@ if test "$ac_cv_func_gethostname" = "yes"; then
 
 if test "$ac_cv_func_gethostname+set" != set -o "$ac_cv_func_gethostname" = yes; then
 echo $ac_n "checking if gethostname needs a prototype""... $ac_c" 1>&6
-echo "configure:8156: checking if gethostname needs a prototype" >&5
+echo "configure:8129: checking if gethostname needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_gethostname_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8161 "configure"
+#line 8134 "configure"
 #include "confdefs.h"
 
 #include <unistd.h>
@@ -8168,7 +8141,7 @@ gethostname(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8172: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8145: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_gethostname_noproto=yes"
 else
@@ -8197,12 +8170,12 @@ if test "$ac_cv_func_mkstemp" = "yes"; then
 
 if test "$ac_cv_func_mkstemp+set" != set -o "$ac_cv_func_mkstemp" = yes; then
 echo $ac_n "checking if mkstemp needs a prototype""... $ac_c" 1>&6
-echo "configure:8201: checking if mkstemp needs a prototype" >&5
+echo "configure:8174: checking if mkstemp needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_mkstemp_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8206 "configure"
+#line 8179 "configure"
 #include "confdefs.h"
 
 #include <unistd.h>
@@ -8213,7 +8186,7 @@ mkstemp(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8217: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8190: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_mkstemp_noproto=yes"
 else
@@ -8242,12 +8215,12 @@ if test "$ac_cv_func_inet_aton" = "yes"; then
 
 if test "$ac_cv_func_inet_aton+set" != set -o "$ac_cv_func_inet_aton" = yes; then
 echo $ac_n "checking if inet_aton needs a prototype""... $ac_c" 1>&6
-echo "configure:8246: checking if inet_aton needs a prototype" >&5
+echo "configure:8219: checking if inet_aton needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_inet_aton_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8251 "configure"
+#line 8224 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYS_TYPES_H
@@ -8269,7 +8242,7 @@ inet_aton(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8273: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8246: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_inet_aton_noproto=yes"
 else
@@ -8295,7 +8268,7 @@ fi
 fi
 
 echo $ac_n "checking if realloc is broken""... $ac_c" 1>&6
-echo "configure:8299: checking if realloc is broken" >&5
+echo "configure:8272: checking if realloc is broken" >&5
 if eval "test \"`echo '$''{'ac_cv_func_realloc_broken'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -8305,7 +8278,7 @@ if test "$cross_compiling" = yes; then
   :
 else
   cat > conftest.$ac_ext <<EOF
-#line 8309 "configure"
+#line 8282 "configure"
 #include "confdefs.h"
 
 #include <stddef.h>
@@ -8317,7 +8290,7 @@ int main()
 }
 
 EOF
-if { (eval echo configure:8321: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:8294: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   :
 else
@@ -8343,7 +8316,7 @@ fi
 
 if test "$ac_cv_func_getcwd" = yes; then
 echo $ac_n "checking if getcwd is broken""... $ac_c" 1>&6
-echo "configure:8347: checking if getcwd is broken" >&5
+echo "configure:8320: checking if getcwd is broken" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getcwd_broken'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -8354,7 +8327,7 @@ if test "$cross_compiling" = yes; then
   :
 else
   cat > conftest.$ac_ext <<EOF
-#line 8358 "configure"
+#line 8331 "configure"
 #include "confdefs.h"
 
 #include <errno.h>
@@ -8376,7 +8349,7 @@ int main()
 }
 
 EOF
-if { (eval echo configure:8380: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:8353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_func_getcwd_broken=yes
 else
@@ -8405,7 +8378,7 @@ fi
 
 
 echo $ac_n "checking which authentication modules should be built""... $ac_c" 1>&6
-echo "configure:8409: checking which authentication modules should be built" >&5
+echo "configure:8382: checking which authentication modules should be built" >&5
 
 LIB_AUTH_SUBDIRS=
 
@@ -8426,7 +8399,7 @@ echo "$ac_t""$LIB_AUTH_SUBDIRS" 1>&6
 
 
 echo $ac_n "checking for tunnel devices""... $ac_c" 1>&6
-echo "configure:8430: checking for tunnel devices" >&5
+echo "configure:8403: checking for tunnel devices" >&5
 
 APPL_KIP_DIR=
 
@@ -8440,12 +8413,12 @@ echo "$ac_t""$ac_cv_header_net_if_tun_h" 1>&6
 
 
 echo $ac_n "checking if gethostbyname is compatible with system prototype""... $ac_c" 1>&6
-echo "configure:8444: checking if gethostbyname is compatible with system prototype" >&5
+echo "configure:8417: checking if gethostbyname is compatible with system prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_gethostbyname_proto_compat'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8449 "configure"
+#line 8422 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYS_TYPES_H
@@ -8468,7 +8441,7 @@ int main() {
 struct hostent *gethostbyname(const char *);
 ; return 0; }
 EOF
-if { (eval echo configure:8472: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8445: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_gethostbyname_proto_compat=yes"
 else
@@ -8493,12 +8466,12 @@ fi
 
 
 echo $ac_n "checking if gethostbyaddr is compatible with system prototype""... $ac_c" 1>&6
-echo "configure:8497: checking if gethostbyaddr is compatible with system prototype" >&5
+echo "configure:8470: checking if gethostbyaddr is compatible with system prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_gethostbyaddr_proto_compat'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8502 "configure"
+#line 8475 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYS_TYPES_H
@@ -8521,7 +8494,7 @@ int main() {
 struct hostent *gethostbyaddr(const void *, size_t, int);
 ; return 0; }
 EOF
-if { (eval echo configure:8525: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8498: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_gethostbyaddr_proto_compat=yes"
 else
@@ -8546,12 +8519,12 @@ fi
 
 
 echo $ac_n "checking if getservbyname is compatible with system prototype""... $ac_c" 1>&6
-echo "configure:8550: checking if getservbyname is compatible with system prototype" >&5
+echo "configure:8523: checking if getservbyname is compatible with system prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getservbyname_proto_compat'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8555 "configure"
+#line 8528 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYS_TYPES_H
@@ -8574,7 +8547,7 @@ int main() {
 struct servent *getservbyname(const char *, const char *);
 ; return 0; }
 EOF
-if { (eval echo configure:8578: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8551: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_getservbyname_proto_compat=yes"
 else
@@ -8599,12 +8572,12 @@ fi
 
 
 echo $ac_n "checking if openlog is compatible with system prototype""... $ac_c" 1>&6
-echo "configure:8603: checking if openlog is compatible with system prototype" >&5
+echo "configure:8576: checking if openlog is compatible with system prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_openlog_proto_compat'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8608 "configure"
+#line 8581 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_SYSLOG_H
@@ -8615,7 +8588,7 @@ int main() {
 void openlog(const char *, int, int);
 ; return 0; }
 EOF
-if { (eval echo configure:8619: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8592: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_openlog_proto_compat=yes"
 else
@@ -8641,12 +8614,12 @@ fi
 
 if test "$ac_cv_func_crypt+set" != set -o "$ac_cv_func_crypt" = yes; then
 echo $ac_n "checking if crypt needs a prototype""... $ac_c" 1>&6
-echo "configure:8645: checking if crypt needs a prototype" >&5
+echo "configure:8618: checking if crypt needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_crypt_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8650 "configure"
+#line 8623 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_CRYPT_H
@@ -8663,7 +8636,7 @@ crypt(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8667: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8640: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_crypt_noproto=yes"
 else
@@ -8690,12 +8663,12 @@ fi
 
 if test "$ac_cv_func_fclose+set" != set -o "$ac_cv_func_fclose" = yes; then
 echo $ac_n "checking if fclose needs a prototype""... $ac_c" 1>&6
-echo "configure:8694: checking if fclose needs a prototype" >&5
+echo "configure:8667: checking if fclose needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_fclose_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8699 "configure"
+#line 8672 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -8707,7 +8680,7 @@ fclose(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8711: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8684: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_fclose_noproto=yes"
 else
@@ -8734,12 +8707,12 @@ fi
 
 if test "$ac_cv_func_strtok_r+set" != set -o "$ac_cv_func_strtok_r" = yes; then
 echo $ac_n "checking if strtok_r needs a prototype""... $ac_c" 1>&6
-echo "configure:8738: checking if strtok_r needs a prototype" >&5
+echo "configure:8711: checking if strtok_r needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_strtok_r_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8743 "configure"
+#line 8716 "configure"
 #include "confdefs.h"
 
 #include <string.h>
@@ -8751,7 +8724,7 @@ strtok_r(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8755: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8728: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_strtok_r_noproto=yes"
 else
@@ -8778,12 +8751,12 @@ fi
 
 if test "$ac_cv_func_strsep+set" != set -o "$ac_cv_func_strsep" = yes; then
 echo $ac_n "checking if strsep needs a prototype""... $ac_c" 1>&6
-echo "configure:8782: checking if strsep needs a prototype" >&5
+echo "configure:8755: checking if strsep needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_strsep_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8787 "configure"
+#line 8760 "configure"
 #include "confdefs.h"
 
 #include <string.h>
@@ -8795,7 +8768,7 @@ strsep(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8799: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8772: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_strsep_noproto=yes"
 else
@@ -8822,12 +8795,12 @@ fi
 
 if test "$ac_cv_func_getusershell+set" != set -o "$ac_cv_func_getusershell" = yes; then
 echo $ac_n "checking if getusershell needs a prototype""... $ac_c" 1>&6
-echo "configure:8826: checking if getusershell needs a prototype" >&5
+echo "configure:8799: checking if getusershell needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getusershell_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8831 "configure"
+#line 8804 "configure"
 #include "confdefs.h"
 
 #include <unistd.h>
@@ -8839,7 +8812,7 @@ getusershell(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8843: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8816: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_getusershell_noproto=yes"
 else
@@ -8866,12 +8839,12 @@ fi
 
 if test "$ac_cv_func_utime+set" != set -o "$ac_cv_func_utime" = yes; then
 echo $ac_n "checking if utime needs a prototype""... $ac_c" 1>&6
-echo "configure:8870: checking if utime needs a prototype" >&5
+echo "configure:8843: checking if utime needs a prototype" >&5
 if eval "test \"`echo '$''{'ac_cv_func_utime_noproto'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 8875 "configure"
+#line 8848 "configure"
 #include "confdefs.h"
 
 #ifdef HAVE_UTIME_H
@@ -8885,7 +8858,7 @@ utime(&xx);
 
 ; return 0; }
 EOF
-if { (eval echo configure:8889: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8862: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_func_utime_noproto=yes"
 else
@@ -8911,13 +8884,13 @@ fi
 
 
 echo $ac_n "checking for h_errno""... $ac_c" 1>&6
-echo "configure:8915: checking for h_errno" >&5
+echo "configure:8888: checking for h_errno" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_errno'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 8921 "configure"
+#line 8894 "configure"
 #include "confdefs.h"
 extern int h_errno;
 int foo() { return h_errno; }
@@ -8925,7 +8898,7 @@ int main() {
 foo()
 ; return 0; }
 EOF
-if { (eval echo configure:8929: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8902: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_var_h_errno=yes
 else
@@ -8948,13 +8921,13 @@ EOF
 
 	
 echo $ac_n "checking if h_errno is properly declared""... $ac_c" 1>&6
-echo "configure:8952: checking if h_errno is properly declared" >&5
+echo "configure:8925: checking if h_errno is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_errno_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 8958 "configure"
+#line 8931 "configure"
 #include "confdefs.h"
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
@@ -8967,7 +8940,7 @@ int main() {
 h_errno.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:8971: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8944: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_h_errno_declaration=no"
 else
@@ -8998,13 +8971,13 @@ fi
 
 
 echo $ac_n "checking for h_errlist""... $ac_c" 1>&6
-echo "configure:9002: checking for h_errlist" >&5
+echo "configure:8975: checking for h_errlist" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_errlist'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9008 "configure"
+#line 8981 "configure"
 #include "confdefs.h"
 extern int h_errlist;
 int foo() { return h_errlist; }
@@ -9012,7 +8985,7 @@ int main() {
 foo()
 ; return 0; }
 EOF
-if { (eval echo configure:9016: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8989: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_var_h_errlist=yes
 else
@@ -9035,13 +9008,13 @@ EOF
 
 	
 echo $ac_n "checking if h_errlist is properly declared""... $ac_c" 1>&6
-echo "configure:9039: checking if h_errlist is properly declared" >&5
+echo "configure:9012: checking if h_errlist is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_errlist_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9045 "configure"
+#line 9018 "configure"
 #include "confdefs.h"
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -9051,7 +9024,7 @@ int main() {
 h_errlist.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9055: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9028: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_h_errlist_declaration=no"
 else
@@ -9082,13 +9055,13 @@ fi
 
 
 echo $ac_n "checking for h_nerr""... $ac_c" 1>&6
-echo "configure:9086: checking for h_nerr" >&5
+echo "configure:9059: checking for h_nerr" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_nerr'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9092 "configure"
+#line 9065 "configure"
 #include "confdefs.h"
 extern int h_nerr;
 int foo() { return h_nerr; }
@@ -9096,7 +9069,7 @@ int main() {
 foo()
 ; return 0; }
 EOF
-if { (eval echo configure:9100: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9073: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_var_h_nerr=yes
 else
@@ -9119,13 +9092,13 @@ EOF
 
 	
 echo $ac_n "checking if h_nerr is properly declared""... $ac_c" 1>&6
-echo "configure:9123: checking if h_nerr is properly declared" >&5
+echo "configure:9096: checking if h_nerr is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_h_nerr_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9129 "configure"
+#line 9102 "configure"
 #include "confdefs.h"
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -9135,7 +9108,7 @@ int main() {
 h_nerr.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9139: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9112: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_h_nerr_declaration=no"
 else
@@ -9166,13 +9139,13 @@ fi
 
 
 echo $ac_n "checking for __progname""... $ac_c" 1>&6
-echo "configure:9170: checking for __progname" >&5
+echo "configure:9143: checking for __progname" >&5
 if eval "test \"`echo '$''{'ac_cv_var___progname'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9176 "configure"
+#line 9149 "configure"
 #include "confdefs.h"
 extern int __progname;
 int foo() { return __progname; }
@@ -9180,7 +9153,7 @@ int main() {
 foo()
 ; return 0; }
 EOF
-if { (eval echo configure:9184: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9157: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   ac_cv_var___progname=yes
 else
@@ -9203,13 +9176,13 @@ EOF
 
 	
 echo $ac_n "checking if __progname is properly declared""... $ac_c" 1>&6
-echo "configure:9207: checking if __progname is properly declared" >&5
+echo "configure:9180: checking if __progname is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var___progname_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9213 "configure"
+#line 9186 "configure"
 #include "confdefs.h"
 #ifdef HAVE_ERR_H
 #include <err.h>
@@ -9219,7 +9192,7 @@ int main() {
 __progname.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9223: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9196: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var___progname_declaration=no"
 else
@@ -9250,21 +9223,24 @@ fi
 
 
 echo $ac_n "checking if optarg is properly declared""... $ac_c" 1>&6
-echo "configure:9254: checking if optarg is properly declared" >&5
+echo "configure:9227: checking if optarg is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_optarg_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9260 "configure"
+#line 9233 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
 extern struct { int foo; } optarg;
 int main() {
 optarg.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9268: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9244: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_optarg_declaration=no"
 else
@@ -9291,21 +9267,24 @@ fi
 
 
 echo $ac_n "checking if optind is properly declared""... $ac_c" 1>&6
-echo "configure:9295: checking if optind is properly declared" >&5
+echo "configure:9271: checking if optind is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_optind_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9301 "configure"
+#line 9277 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
 extern struct { int foo; } optind;
 int main() {
 optind.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9309: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9288: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_optind_declaration=no"
 else
@@ -9332,21 +9311,24 @@ fi
 
 
 echo $ac_n "checking if opterr is properly declared""... $ac_c" 1>&6
-echo "configure:9336: checking if opterr is properly declared" >&5
+echo "configure:9315: checking if opterr is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_opterr_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9342 "configure"
+#line 9321 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
 extern struct { int foo; } opterr;
 int main() {
 opterr.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9350: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9332: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_opterr_declaration=no"
 else
@@ -9373,21 +9355,24 @@ fi
 
 
 echo $ac_n "checking if optopt is properly declared""... $ac_c" 1>&6
-echo "configure:9377: checking if optopt is properly declared" >&5
+echo "configure:9359: checking if optopt is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_optopt_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9383 "configure"
+#line 9365 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
 extern struct { int foo; } optopt;
 int main() {
 optopt.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9391: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9376: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_optopt_declaration=no"
 else
@@ -9415,13 +9400,13 @@ fi
 
 
 echo $ac_n "checking if environ is properly declared""... $ac_c" 1>&6
-echo "configure:9419: checking if environ is properly declared" >&5
+echo "configure:9404: checking if environ is properly declared" >&5
 if eval "test \"`echo '$''{'ac_cv_var_environ_declaration'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9425 "configure"
+#line 9410 "configure"
 #include "confdefs.h"
 #include <stdlib.h>
 extern struct { int foo; } environ;
@@ -9429,7 +9414,7 @@ int main() {
 environ.foo = 1;
 ; return 0; }
 EOF
-if { (eval echo configure:9433: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9418: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   eval "ac_cv_var_environ_declaration=no"
 else
@@ -9456,12 +9441,12 @@ fi
 
 
 echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
-echo "configure:9460: checking return type of signal handlers" >&5
+echo "configure:9445: checking return type of signal handlers" >&5
 if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 9465 "configure"
+#line 9450 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <signal.h>
@@ -9478,7 +9463,7 @@ int main() {
 int i;
 ; return 0; }
 EOF
-if { (eval echo configure:9482: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9467: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_signal=void
 else
@@ -9507,13 +9492,13 @@ fi
 
 
 echo $ac_n "checking for ut_addr in struct utmp""... $ac_c" 1>&6
-echo "configure:9511: checking for ut_addr in struct utmp" >&5
+echo "configure:9496: checking for ut_addr in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_addr'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9517 "configure"
+#line 9502 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9521,7 +9506,7 @@ int main() {
 struct utmp x; x.ut_addr;
 ; return 0; }
 EOF
-if { (eval echo configure:9525: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9510: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_addr=yes
 else
@@ -9547,13 +9532,13 @@ fi
 
 
 echo $ac_n "checking for ut_host in struct utmp""... $ac_c" 1>&6
-echo "configure:9551: checking for ut_host in struct utmp" >&5
+echo "configure:9536: checking for ut_host in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_host'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9557 "configure"
+#line 9542 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9561,7 +9546,7 @@ int main() {
 struct utmp x; x.ut_host;
 ; return 0; }
 EOF
-if { (eval echo configure:9565: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9550: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_host=yes
 else
@@ -9587,13 +9572,13 @@ fi
 
 
 echo $ac_n "checking for ut_id in struct utmp""... $ac_c" 1>&6
-echo "configure:9591: checking for ut_id in struct utmp" >&5
+echo "configure:9576: checking for ut_id in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_id'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9597 "configure"
+#line 9582 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9601,7 +9586,7 @@ int main() {
 struct utmp x; x.ut_id;
 ; return 0; }
 EOF
-if { (eval echo configure:9605: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9590: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_id=yes
 else
@@ -9627,13 +9612,13 @@ fi
 
 
 echo $ac_n "checking for ut_pid in struct utmp""... $ac_c" 1>&6
-echo "configure:9631: checking for ut_pid in struct utmp" >&5
+echo "configure:9616: checking for ut_pid in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_pid'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9637 "configure"
+#line 9622 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9641,7 +9626,7 @@ int main() {
 struct utmp x; x.ut_pid;
 ; return 0; }
 EOF
-if { (eval echo configure:9645: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9630: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_pid=yes
 else
@@ -9667,13 +9652,13 @@ fi
 
 
 echo $ac_n "checking for ut_type in struct utmp""... $ac_c" 1>&6
-echo "configure:9671: checking for ut_type in struct utmp" >&5
+echo "configure:9656: checking for ut_type in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_type'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9677 "configure"
+#line 9662 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9681,7 +9666,7 @@ int main() {
 struct utmp x; x.ut_type;
 ; return 0; }
 EOF
-if { (eval echo configure:9685: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9670: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_type=yes
 else
@@ -9707,13 +9692,13 @@ fi
 
 
 echo $ac_n "checking for ut_user in struct utmp""... $ac_c" 1>&6
-echo "configure:9711: checking for ut_user in struct utmp" >&5
+echo "configure:9696: checking for ut_user in struct utmp" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_user'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9717 "configure"
+#line 9702 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9721,7 +9706,7 @@ int main() {
 struct utmp x; x.ut_user;
 ; return 0; }
 EOF
-if { (eval echo configure:9725: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9710: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmp_ut_user=yes
 else
@@ -9747,13 +9732,13 @@ fi
 
 
 echo $ac_n "checking for ut_exit in struct utmpx""... $ac_c" 1>&6
-echo "configure:9751: checking for ut_exit in struct utmpx" >&5
+echo "configure:9736: checking for ut_exit in struct utmpx" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmpx_ut_exit'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9757 "configure"
+#line 9742 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9761,7 +9746,7 @@ int main() {
 struct utmpx x; x.ut_exit;
 ; return 0; }
 EOF
-if { (eval echo configure:9765: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9750: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmpx_ut_exit=yes
 else
@@ -9787,13 +9772,13 @@ fi
 
 
 echo $ac_n "checking for ut_syslen in struct utmpx""... $ac_c" 1>&6
-echo "configure:9791: checking for ut_syslen in struct utmpx" >&5
+echo "configure:9776: checking for ut_syslen in struct utmpx" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_utmpx_ut_syslen'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9797 "configure"
+#line 9782 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
  #include <utmp.h>
@@ -9801,7 +9786,7 @@ int main() {
 struct utmpx x; x.ut_syslen;
 ; return 0; }
 EOF
-if { (eval echo configure:9805: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9790: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_utmpx_ut_syslen=yes
 else
@@ -9826,14 +9811,269 @@ fi
 
 
 
+
+
+echo $ac_n "checking for tm_gmtoff in struct tm""... $ac_c" 1>&6
+echo "configure:9818: checking for tm_gmtoff in struct tm" >&5
+if eval "test \"`echo '$''{'ac_cv_type_struct_tm_tm_gmtoff'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  
+cat > conftest.$ac_ext <<EOF
+#line 9824 "configure"
+#include "confdefs.h"
+#include <time.h>
+int main() {
+struct tm x; x.tm_gmtoff;
+; return 0; }
+EOF
+if { (eval echo configure:9831: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_type_struct_tm_tm_gmtoff=yes
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  ac_cv_type_struct_tm_tm_gmtoff=no
+fi
+rm -f conftest*
+fi
+
+echo "$ac_t""$ac_cv_type_struct_tm_tm_gmtoff" 1>&6
+if test "$ac_cv_type_struct_tm_tm_gmtoff" = yes; then
+	
+	cat >> confdefs.h <<\EOF
+#define HAVE_STRUCT_TM_TM_GMTOFF 1
+EOF
+
+	
+fi
+
+
+
+
+echo $ac_n "checking for tm_zone in struct tm""... $ac_c" 1>&6
+echo "configure:9857: checking for tm_zone in struct tm" >&5
+if eval "test \"`echo '$''{'ac_cv_type_struct_tm_tm_zone'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  
+cat > conftest.$ac_ext <<EOF
+#line 9863 "configure"
+#include "confdefs.h"
+#include <time.h>
+int main() {
+struct tm x; x.tm_zone;
+; return 0; }
+EOF
+if { (eval echo configure:9870: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_type_struct_tm_tm_zone=yes
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  ac_cv_type_struct_tm_tm_zone=no
+fi
+rm -f conftest*
+fi
+
+echo "$ac_t""$ac_cv_type_struct_tm_tm_zone" 1>&6
+if test "$ac_cv_type_struct_tm_tm_zone" = yes; then
+	
+	cat >> confdefs.h <<\EOF
+#define HAVE_STRUCT_TM_TM_ZONE 1
+EOF
+
+	
+fi
+
+
+
+
+
+echo $ac_n "checking for timezone""... $ac_c" 1>&6
+echo "configure:9897: checking for timezone" >&5
+if eval "test \"`echo '$''{'ac_cv_var_timezone'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  
+cat > conftest.$ac_ext <<EOF
+#line 9903 "configure"
+#include "confdefs.h"
+extern int timezone;
+int foo() { return timezone; }
+int main() {
+foo()
+; return 0; }
+EOF
+if { (eval echo configure:9911: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  ac_cv_var_timezone=yes
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  ac_cv_var_timezone=no
+fi
+rm -f conftest*
+
+fi
+
+
+
+echo "$ac_t""`eval echo \\$ac_cv_var_timezone`" 1>&6
+if test `eval echo \\$ac_cv_var_timezone` = yes; then
+	cat >> confdefs.h <<EOF
+#define HAVE_TIMEZONE 1
+EOF
+
+	
+echo $ac_n "checking if timezone is properly declared""... $ac_c" 1>&6
+echo "configure:9934: checking if timezone is properly declared" >&5
+if eval "test \"`echo '$''{'ac_cv_var_timezone_declaration'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  
+cat > conftest.$ac_ext <<EOF
+#line 9940 "configure"
+#include "confdefs.h"
+#include <time.h>
+extern struct { int foo; } timezone;
+int main() {
+timezone.foo = 1;
+; return 0; }
+EOF
+if { (eval echo configure:9948: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_var_timezone_declaration=no"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_var_timezone_declaration=yes"
+fi
+rm -f conftest*
+
+fi
+
+
+
+
+echo "$ac_t""$ac_cv_var_timezone_declaration" 1>&6
+if eval "test \"\$ac_cv_var_timezone_declaration\" = yes"; then
+	cat >> confdefs.h <<\EOF
+#define HAVE_TIMEZONE_DECLARATION 1
+EOF
+
+fi
+
+
+fi
+
+
+
+
+cv=`echo "sa_family_t" | sed 'y%./+- %__p__%'`
+echo $ac_n "checking for sa_family_t""... $ac_c" 1>&6
+echo "configure:9980: checking for sa_family_t" >&5
+if eval "test \"`echo '$''{'ac_cv_type_$cv'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 9985 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+#include <sys/socket.h>
+int main() {
+sa_family_t foo;
+; return 0; }
+EOF
+if { (eval echo configure:9997: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_type_$cv=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_type_$cv=no"
+fi
+rm -f conftest*
+fi
+echo "$ac_t""`eval echo \\$ac_cv_type_$cv`" 1>&6
+if test `eval echo \\$ac_cv_type_$cv` = yes; then
+  ac_tr_hdr=HAVE_`echo sa_family_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
+
+: << END
+@@@funcs="$funcs sa_family_t"@@@
+END
+
+  cat >> confdefs.h <<EOF
+#define $ac_tr_hdr 1
+EOF
+
+fi
+
+
+
+cv=`echo "struct sockaddr_storage" | sed 'y%./+- %__p__%'`
+echo $ac_n "checking for struct sockaddr_storage""... $ac_c" 1>&6
+echo "configure:10026: checking for struct sockaddr_storage" >&5
+if eval "test \"`echo '$''{'ac_cv_type_$cv'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 10031 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+#include <sys/socket.h>
+int main() {
+struct sockaddr_storage foo;
+; return 0; }
+EOF
+if { (eval echo configure:10043: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_type_$cv=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_type_$cv=no"
+fi
+rm -f conftest*
+fi
+echo "$ac_t""`eval echo \\$ac_cv_type_$cv`" 1>&6
+if test `eval echo \\$ac_cv_type_$cv` = yes; then
+  ac_tr_hdr=HAVE_`echo struct sockaddr_storage | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
+
+: << END
+@@@funcs="$funcs struct_sockaddr_storage"@@@
+END
+
+  cat >> confdefs.h <<EOF
+#define $ac_tr_hdr 1
+EOF
+
+fi
+
+
+
 echo $ac_n "checking for struct spwd""... $ac_c" 1>&6
-echo "configure:9831: checking for struct spwd" >&5
-if eval "test \"`echo '$''{'ac_cv_type_struct_spwd'+set}'`\" = set"; then
+echo "configure:10071: checking for struct spwd" >&5
+if eval "test \"`echo '$''{'ac_cv_struct_spwd'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 9837 "configure"
+#line 10077 "configure"
 #include "confdefs.h"
 #include <pwd.h>
 #ifdef HAVE_SHADOW_H
@@ -9843,7 +10083,7 @@ int main() {
 struct spwd foo;
 ; return 0; }
 EOF
-if { (eval echo configure:9847: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10087: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_struct_spwd=yes
 else
@@ -9867,12 +10107,12 @@ fi
 
 
 echo $ac_n "checking for st_blksize in struct stat""... $ac_c" 1>&6
-echo "configure:9871: checking for st_blksize in struct stat" >&5
+echo "configure:10111: checking for st_blksize in struct stat" >&5
 if eval "test \"`echo '$''{'ac_cv_struct_st_blksize'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 9876 "configure"
+#line 10116 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -9880,7 +10120,7 @@ int main() {
 struct stat s; s.st_blksize;
 ; return 0; }
 EOF
-if { (eval echo configure:9884: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10124: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_struct_st_blksize=yes
 else
@@ -9904,7 +10144,7 @@ fi
 
 
 echo $ac_n "checking for struct winsize""... $ac_c" 1>&6
-echo "configure:9908: checking for struct winsize" >&5
+echo "configure:10148: checking for struct winsize" >&5
 if eval "test \"`echo '$''{'ac_cv_struct_winsize'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -9912,7 +10152,7 @@ else
 ac_cv_struct_winsize=no
 for i in sys/termios.h sys/ioctl.h; do
 cat > conftest.$ac_ext <<EOF
-#line 9916 "configure"
+#line 10156 "configure"
 #include "confdefs.h"
 #include <$i>
 EOF
@@ -9934,7 +10174,7 @@ EOF
 fi
 echo "$ac_t""$ac_cv_struct_winsize" 1>&6
 cat > conftest.$ac_ext <<EOF
-#line 9938 "configure"
+#line 10178 "configure"
 #include "confdefs.h"
 #include <termios.h>
 EOF
@@ -9949,7 +10189,7 @@ fi
 rm -f conftest*
 
 cat > conftest.$ac_ext <<EOF
-#line 9953 "configure"
+#line 10193 "configure"
 #include "confdefs.h"
 #include <termios.h>
 EOF
@@ -9967,12 +10207,12 @@ rm -f conftest*
 
 
 echo $ac_n "checking for pid_t""... $ac_c" 1>&6
-echo "configure:9971: checking for pid_t" >&5
+echo "configure:10211: checking for pid_t" >&5
 if eval "test \"`echo '$''{'ac_cv_type_pid_t'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 9976 "configure"
+#line 10216 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #if STDC_HEADERS
@@ -10000,12 +10240,12 @@ EOF
 fi
 
 echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
-echo "configure:10004: checking for uid_t in sys/types.h" >&5
+echo "configure:10244: checking for uid_t in sys/types.h" >&5
 if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 10009 "configure"
+#line 10249 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 EOF
@@ -10034,12 +10274,12 @@ EOF
 fi
 
 echo $ac_n "checking for off_t""... $ac_c" 1>&6
-echo "configure:10038: checking for off_t" >&5
+echo "configure:10278: checking for off_t" >&5
 if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 10043 "configure"
+#line 10283 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #if STDC_HEADERS
@@ -10067,12 +10307,12 @@ EOF
 fi
 
 echo $ac_n "checking for size_t""... $ac_c" 1>&6
-echo "configure:10071: checking for size_t" >&5
+echo "configure:10311: checking for size_t" >&5
 if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 10076 "configure"
+#line 10316 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #if STDC_HEADERS
@@ -10101,12 +10341,12 @@ fi
 
 
 echo $ac_n "checking for ssize_t""... $ac_c" 1>&6
-echo "configure:10105: checking for ssize_t" >&5
+echo "configure:10345: checking for ssize_t" >&5
 if eval "test \"`echo '$''{'ac_cv_type_ssize_t'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 10110 "configure"
+#line 10350 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #if STDC_HEADERS
@@ -10140,13 +10380,13 @@ fi
 
 
 echo $ac_n "checking for broken sys/socket.h""... $ac_c" 1>&6
-echo "configure:10144: checking for broken sys/socket.h" >&5
+echo "configure:10384: checking for broken sys/socket.h" >&5
 if eval "test \"`echo '$''{'krb_cv_header_sys_socket_h_broken'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 10150 "configure"
+#line 10390 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -10155,7 +10395,7 @@ int main() {
 
 ; return 0; }
 EOF
-if { (eval echo configure:10159: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10399: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   krb_cv_header_sys_socket_h_broken=no
 else
@@ -10171,16 +10411,51 @@ echo "$ac_t""$krb_cv_header_sys_socket_h_broken" 1>&6
 
 
 
+echo $ac_n "checking for broken netdb.h""... $ac_c" 1>&6
+echo "configure:10416: checking for broken netdb.h" >&5
+if eval "test \"`echo '$''{'krb_cv_header_netdb_h_broken'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  
+cat > conftest.$ac_ext <<EOF
+#line 10422 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#include <netdb.h>
+#include <netdb.h>
+int main() {
+
+; return 0; }
+EOF
+if { (eval echo configure:10431: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  krb_cv_header_netdb_h_broken=no
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  krb_cv_header_netdb_h_broken=yes
+fi
+rm -f conftest*
+fi
+
+echo "$ac_t""$krb_cv_header_netdb_h_broken" 1>&6
+
+if test "$krb_cv_header_netdb_h_broken" = "yes"; then
+  EXTRA_HEADERS="$EXTRA_HEADERS netdb.h"
+fi
+
+
 
 
 echo $ac_n "checking for sa_len in struct sockaddr""... $ac_c" 1>&6
-echo "configure:10178: checking for sa_len in struct sockaddr" >&5
+echo "configure:10453: checking for sa_len in struct sockaddr" >&5
 if eval "test \"`echo '$''{'ac_cv_type_struct_sockaddr_sa_len'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 10184 "configure"
+#line 10459 "configure"
 #include "confdefs.h"
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -10188,7 +10463,7 @@ int main() {
 struct sockaddr x; x.sa_len;
 ; return 0; }
 EOF
-if { (eval echo configure:10192: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10467: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_struct_sockaddr_sa_len=yes
 else
@@ -10217,20 +10492,20 @@ if test "$ac_cv_header_siad_h" = yes; then
 
 
 echo $ac_n "checking for ouid in SIAENTITY""... $ac_c" 1>&6
-echo "configure:10221: checking for ouid in SIAENTITY" >&5
+echo "configure:10496: checking for ouid in SIAENTITY" >&5
 if eval "test \"`echo '$''{'ac_cv_type_siaentity_ouid'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 cat > conftest.$ac_ext <<EOF
-#line 10227 "configure"
+#line 10502 "configure"
 #include "confdefs.h"
 #include <siad.h>
 int main() {
 SIAENTITY x; x.ouid;
 ; return 0; }
 EOF
-if { (eval echo configure:10234: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10509: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_type_siaentity_ouid=yes
 else
@@ -10259,12 +10534,12 @@ fi
 for ac_func in getmsg
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:10263: checking for $ac_func" >&5
+echo "configure:10538: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 10268 "configure"
+#line 10543 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
@@ -10287,7 +10562,7 @@ $ac_func();
 
 ; return 0; }
 EOF
-if { (eval echo configure:10291: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10566: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
@@ -10315,7 +10590,7 @@ done
 if test "$ac_cf_func_getmsg" = "yes"; then
 
 echo $ac_n "checking for working getmsg""... $ac_c" 1>&6
-echo "configure:10319: checking for working getmsg" >&5
+echo "configure:10594: checking for working getmsg" >&5
 if eval "test \"`echo '$''{'ac_cv_func_getmsg'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -10323,7 +10598,7 @@ else
   ac_cv_func_getmsg=no
 else
   cat > conftest.$ac_ext <<EOF
-#line 10327 "configure"
+#line 10602 "configure"
 #include "confdefs.h"
 
 #include <stdio.h>
@@ -10335,7 +10610,7 @@ int main()
 }
 
 EOF
-if { (eval echo configure:10339: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:10614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
 then
   ac_cv_func_getmsg=yes
 else
@@ -10364,7 +10639,7 @@ fi
 
 
 echo $ac_n "checking for el_init""... $ac_c" 1>&6
-echo "configure:10368: checking for el_init" >&5
+echo "configure:10643: checking for el_init" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_el_init'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -10377,16 +10652,16 @@ if eval "test \"\$ac_cv_func_el_init\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib $LIB_tgetent $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 10383 "configure"
+#line 10658 "configure"
 #include "confdefs.h"
 
 int main() {
 el_init()
 ; return 0; }
 EOF
-if { (eval echo configure:10390: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10665: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_el_init=$ac_lib; else ac_cv_funclib_el_init=yes; fi";break
 else
@@ -10447,13 +10722,13 @@ esac
 
 if test "$ac_cv_func_el_init" = yes ; then
 	echo $ac_n "checking for four argument el_init""... $ac_c" 1>&6
-echo "configure:10451: checking for four argument el_init" >&5
+echo "configure:10726: checking for four argument el_init" >&5
 if eval "test \"`echo '$''{'ac_cv_func_el_init_four'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   
 		cat > conftest.$ac_ext <<EOF
-#line 10457 "configure"
+#line 10732 "configure"
 #include "confdefs.h"
 #include <stdio.h>
 			#include <histedit.h>
@@ -10461,7 +10736,7 @@ int main() {
 el_init("", NULL, NULL, NULL);
 ; return 0; }
 EOF
-if { (eval echo configure:10465: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:10740: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_func_el_init_four=yes
 else
@@ -10489,7 +10764,7 @@ LIBS="$LIB_tgetent $LIBS"
 
 
 echo $ac_n "checking for readline""... $ac_c" 1>&6
-echo "configure:10493: checking for readline" >&5
+echo "configure:10768: checking for readline" >&5
 if eval "test \"`echo '$''{'ac_cv_funclib_readline'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -10502,16 +10777,16 @@ if eval "test \"\$ac_cv_func_readline\" != yes" ; then
 		else
 			ac_lib=""
 		fi
-		LIBS="$ac_lib $ac_save_LIBS"
+		LIBS=" $ac_lib  $ac_save_LIBS"
 		cat > conftest.$ac_ext <<EOF
-#line 10508 "configure"
+#line 10783 "configure"
 #include "confdefs.h"
 
 int main() {
 readline()
 ; return 0; }
 EOF
-if { (eval echo configure:10515: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10790: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "if test -n \"$ac_lib\";then ac_cv_funclib_readline=$ac_lib; else ac_cv_funclib_readline=yes; fi";break
 else
@@ -10618,7 +10893,7 @@ EOF
 # And also something wierd has happend with dec-osf1, fallback to bsd-ptys
 
 echo $ac_n "checking for streamspty""... $ac_c" 1>&6
-echo "configure:10622: checking for streamspty" >&5
+echo "configure:10897: checking for streamspty" >&5
 case "`uname -sr`" in
 SunOS\ 4*|OSF1*|IRIX\ 4*|HP-UX\ ?.10.*)
 	krb_cv_sys_streamspty=no
@@ -10644,7 +10919,7 @@ fi
 echo "$ac_t""$krb_cv_sys_streamspty" 1>&6
 
 echo $ac_n "checking if /bin/ls takes -A""... $ac_c" 1>&6
-echo "configure:10648: checking if /bin/ls takes -A" >&5
+echo "configure:10923: checking if /bin/ls takes -A" >&5
 if /bin/ls -A > /dev/null 2>&1 ;then
 	cat >> confdefs.h <<\EOF
 #define HAVE_LS_A 1
@@ -10657,7 +10932,7 @@ fi
 echo "$ac_t""$krb_ls_a" 1>&6
 	
 echo $ac_n "checking for suffix of preformatted manual pages""... $ac_c" 1>&6
-echo "configure:10661: checking for suffix of preformatted manual pages" >&5
+echo "configure:10936: checking for suffix of preformatted manual pages" >&5
 if eval "test \"`echo '$''{'krb_cv_sys_cat_suffix'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -10687,7 +10962,7 @@ test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
 
 for i in bin lib libexec sbin; do
 	i=${i}dir
-	HAVE_SIAENTITY_OUID=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'`
+	foo=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'`
 	x="\$${i}"
 	eval y="$x"
 	while test "x$y" != "x$x"; do
@@ -10695,7 +10970,7 @@ for i in bin lib libexec sbin; do
 		eval y="$x"
 	done
 	cat >> confdefs.h <<EOF
-#define $HAVE_SIAENTITY_OUID "$x"
+#define $foo "$x"
 EOF
 
 done
@@ -10854,6 +11129,7 @@ appl/kx/Makefile				\
 appl/kip/Makefile				\
 appl/otp/Makefile				\
 doc/Makefile					\
+etc/inetd.conf.changes				\
  include/config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
 EOF
 cat >> $CONFIG_STATUS <<EOF
@@ -10981,6 +11257,7 @@ s%@LIBOBJS@%$LIBOBJS%g
 s%@LIB_AUTH_SUBDIRS@%$LIB_AUTH_SUBDIRS%g
 s%@APPL_KIP_DIR@%$APPL_KIP_DIR%g
 s%@krb_cv_header_sys_socket_h_broken@%$krb_cv_header_sys_socket_h_broken%g
+s%@krb_cv_header_netdb_h_broken@%$krb_cv_header_netdb_h_broken%g
 s%@LIB_el_init@%$LIB_el_init%g
 s%@el_yes@%$el_yes%g
 s%@CATSUFFIX@%$CATSUFFIX%g
@@ -11079,6 +11356,7 @@ appl/kx/Makefile				\
 appl/kip/Makefile				\
 appl/otp/Makefile				\
 doc/Makefile					\
+etc/inetd.conf.changes				\
 "}
 EOF
 cat >> $CONFIG_STATUS <<\EOF
diff --git a/crypto/kerberosIV/configure.in b/crypto/kerberosIV/configure.in
index ec17759..cd2a70e 100644
--- a/crypto/kerberosIV/configure.in
+++ b/crypto/kerberosIV/configure.in
@@ -8,7 +8,7 @@ dnl
 
 dnl Process this file with autoconf to produce a configure script.
 dnl
-AC_REVISION($Revision: 1.415.2.9 $)
+AC_REVISION($Revision: 1.432.2.2 $)
 AC_INIT(lib/krb/getrealm.c)
 AC_CONFIG_HEADER(include/config.h)
 
@@ -18,7 +18,7 @@ dnl
 
 PACKAGE=krb4
 AC_SUBST(PACKAGE)dnl
-VERSION=0.10.1
+VERSION=1.0
 AC_SUBST(VERSION)dnl
 AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])dnl
 AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])dnl
@@ -67,9 +67,7 @@ AC_KRB_PROG_YACC
 AC_PROG_LEX
 AC_PROG_RANLIB
 AC_PROG_INSTALL
-dnl AC_PROG_AWK
-dnl mawk seems to mishandle \# in lib/roken/roken.awk
-AC_CHECK_PROGS(AWK, gawk nawk awk, )
+AC_PROG_AWK
 AC_CHECK_PROG(MAKEINFO, makeinfo, makeinfo, :)
 
 dnl Use make Wall or make WFLAGS=".."
@@ -329,9 +327,13 @@ fi
 # AIX414
 #
 
+case "${host}" in
+*-*-aix4.1*)
 if test -f /lib/pse.exp ;then
 	LIBS="$LIBS -Wl,-bnolibpath -Wl,-bI:/lib/pse.exp"
 fi
+;;
+esac
 
 dnl
 dnl Various checks for headers and their contents
@@ -384,7 +386,6 @@ AC_CHECK_HEADERS([arpa/ftp.h			\
 	signal.h				\
 	stropts.h				\
 	sys/bitypes.h				\
-	sys/capability.h			\
 	sys/category.h				\
 	sys/file.h				\
 	sys/filio.h				\
@@ -548,21 +549,66 @@ if test "$ac_cv_func_glob_working" != yes; then
 	LIBOBJS="$LIBOBJS glob.o"
 fi
 
-AC_CHECK_FUNCS(asnprintf asprintf vasprintf vasnprintf vsnprintf)
-
-AC_CHECK_FUNCS(atexit _getpty _scrsize _setsid _stricmp chroot fattach fchmod)
-AC_CHECK_FUNCS(fcntl forkpty frevoke getlogin getpriority)
-AC_CHECK_FUNCS(getrlimit getservbyname getspnam getspuid gettimeofday)
-AC_CHECK_FUNCS(gettosbyname getuid grantpt mktime parsetos ptsname)
-AC_CHECK_FUNCS(rand random revoke setitimer setlogin setpgid setpriority)
-AC_CHECK_FUNCS(setproctitle setregid setresgid setresuid setreuid setsid)
-AC_CHECK_FUNCS(setutent sigaction sysconf sysctl ttyname ttyslot)
-AC_CHECK_FUNCS(ulimit uname unlockpt vhangup yp_get_default_domain)
-AC_CHECK_FUNCS(on_exit sgi_getcapabilitybyname cap_set_proc)
+AC_CHECK_FUNCS([				\
+	_getpty					\
+	_scrsize				\
+	_setsid					\
+	_stricmp				\
+	asnprintf				\
+	asprintf				\
+	atexit					\
+	cgetent					\
+	chroot					\
+	fattach					\
+	fchmod					\
+	fcntl					\
+	forkpty					\
+	frevoke					\
+	getpriority				\
+	getrlimit				\
+	getservbyname				\
+	getspnam				\
+	gettimeofday				\
+	gettosbyname				\
+	getuid					\
+	grantpt					\
+	mktime					\
+	on_exit					\
+	parsetos				\
+	ptsname					\
+	rand					\
+	random					\
+	revoke					\
+	setitimer				\
+	setpgid					\
+	setpriority				\
+	setproctitle				\
+	setregid				\
+	setresgid				\
+	setresuid				\
+	setreuid				\
+	setsid					\
+	setutent				\
+	sigaction				\
+	sysconf					\
+	sysctl					\
+	ttyname					\
+	ttyslot					\
+	ulimit					\
+	uname					\
+	unlockpt				\
+	vasnprintf				\
+	vasprintf				\
+	vhangup					\
+	vsnprintf				\
+	yp_get_default_domain			\
+	])
+
+KRB_CAPABILITIES
 
 AC_CHECK_GETPWNAM_R_POSIX
 
-AC_FIND_FUNC_NO_LIBS(getsockopt, ,
+AC_FIND_FUNC_NO_LIBS(getsockopt,,
 [#ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
@@ -570,7 +616,7 @@ AC_FIND_FUNC_NO_LIBS(getsockopt, ,
 #include <sys/socket.h>
 #endif],
 [0,0,0,0,0])
-AC_FIND_FUNC_NO_LIBS(setsockopt, ,
+AC_FIND_FUNC_NO_LIBS(setsockopt,,
 [#ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
@@ -624,22 +670,7 @@ AC_SUBST(LIB_dn_expand)dnl
 AC_FUNC_MMAP
 AC_FUNC_ALLOCA
 
-#
-# Test for POSIX (broken) getlogin
-#
-
-if test "$ac_cv_func_getlogin" = yes; then
-AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [
-if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then
-	ac_cv_func_getlogin_posix=no
-else
-	ac_cv_func_getlogin_posix=yes
-fi
-])
-if test "$ac_cv_func_getlogin_posix" = yes; then
-	AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).])
-fi
-fi
+AC_FUNC_GETLOGIN
 
 AC_FIND_IF_NOT_BROKEN(hstrerror, resolv,
 [#ifdef HAVE_NETDB_H
@@ -654,12 +685,16 @@ AC_NEED_PROTO([
 hstrerror)
 fi
 
-AC_BROKEN(chown daemon err errx fchown flock fnmatch)
-AC_BROKEN(getcwd getdtablesize gethostname geteuid getgid getegid)
-AC_BROKEN(getopt getusershell inet_aton initgroups innetgr iruserok lstat)
-AC_BROKEN(memmove mkstemp putenv rcmd readv setegid setenv seteuid)
-AC_BROKEN(strcasecmp strncasecmp strdup strerror strftime strlwr)
-AC_BROKEN(strndup strnlen strsep strtok_r strupr)
+AC_BROKEN(chown copyhostent daemon err errx fchown flock fnmatch freehostent)
+AC_BROKEN(getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname)
+AC_BROKEN(geteuid getgid getegid)
+AC_BROKEN(getopt getusershell)
+AC_BROKEN(inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat)
+AC_BROKEN(memmove)
+AC_BROKEN(mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid)
+AC_BROKEN(strcasecmp strncasecmp strdup strerror strftime)
+AC_BROKEN(strlcat strlcpy strlwr)
+AC_BROKEN(strndup strnlen strptime strsep strtok_r strupr)
 AC_BROKEN(swab unsetenv verr verrx vsyslog)
 AC_BROKEN(vwarn vwarnx warn warnx writev)
 
@@ -879,10 +914,22 @@ AC_CHECK_VAR([#ifdef HAVE_ERR_H
 #include <err.h>
 #endif],[__progname])
 
-AC_CHECK_DECLARATION([#include <stdlib.h>], optarg)
-AC_CHECK_DECLARATION([#include <stdlib.h>], optind)
-AC_CHECK_DECLARATION([#include <stdlib.h>], opterr)
-AC_CHECK_DECLARATION([#include <stdlib.h>], optopt)
+AC_CHECK_DECLARATION([#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif], optarg)
+AC_CHECK_DECLARATION([#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif], optind)
+AC_CHECK_DECLARATION([#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif], opterr)
+AC_CHECK_DECLARATION([#include <stdlib.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif], optopt)
 
 AC_CHECK_DECLARATION([#include <stdlib.h>], environ)
 
@@ -932,6 +979,25 @@ AC_HAVE_STRUCT_FIELD(struct utmpx, ut_syslen,
 [#include <sys/types.h>
  #include <utmp.h>])
 
+dnl
+dnl Check for fields in struct tm
+dnl
+
+AC_HAVE_STRUCT_FIELD(struct tm, tm_gmtoff, [#include <time.h>])
+AC_HAVE_STRUCT_FIELD(struct tm, tm_zone, [#include <time.h>])
+
+dnl
+dnl or do we have a variable `timezone' ?
+dnl
+
+AC_CHECK_VAR(
+[#include <time.h>],
+timezone)
+
+AC_HAVE_TYPE([sa_family_t],[#include <sys/socket.h>])
+
+AC_HAVE_TYPE([struct sockaddr_storage], [#include <sys/socket.h>])
+
 AC_KRB_STRUCT_SPWD
 
 AC_STRUCT_ST_BLKSIZE
@@ -972,6 +1038,24 @@ AC_MSG_RESULT($krb_cv_header_sys_socket_h_broken)
 AC_SUBST(krb_cv_header_sys_socket_h_broken)
 
 dnl
+dnl Check for broken ultrix netdb.h
+dnl
+
+AC_MSG_CHECKING(for broken netdb.h)
+AC_CACHE_VAL(krb_cv_header_netdb_h_broken, [
+AC_TRY_COMPILE(
+[#include <sys/types.h>
+#include <netdb.h>
+#include <netdb.h>],[],
+krb_cv_header_netdb_h_broken=no,
+krb_cv_header_netdb_h_broken=yes)])
+AC_MSG_RESULT($krb_cv_header_netdb_h_broken)
+AC_SUBST(krb_cv_header_netdb_h_broken)
+if test "$krb_cv_header_netdb_h_broken" = "yes"; then
+  EXTRA_HEADERS="$EXTRA_HEADERS netdb.h"
+fi
+
+dnl
 dnl Check for sa_len in sys/socket.h
 dnl
 
@@ -1016,7 +1100,7 @@ dnl
 
 dnl el_init
 
-AC_FIND_FUNC_NO_LIBS(el_init, edit)
+AC_FIND_FUNC_NO_LIBS(el_init, edit, [], [], [$LIB_tgetent])
 if test "$ac_cv_func_el_init" = yes ; then
 	AC_CACHE_CHECK(for four argument el_init, ac_cv_func_el_init_four,[
 		AC_TRY_COMPILE([#include <stdio.h>
@@ -1195,6 +1279,7 @@ appl/kx/Makefile				\
 appl/kip/Makefile				\
 appl/otp/Makefile				\
 doc/Makefile					\
+etc/inetd.conf.changes				\
 ) dnl end of AC_OUTPUT
 
 AC_KRB_VERSION
diff --git a/crypto/kerberosIV/doc/Makefile.in b/crypto/kerberosIV/doc/Makefile.in
index 8241c5d..bbf870e 100644
--- a/crypto/kerberosIV/doc/Makefile.in
+++ b/crypto/kerberosIV/doc/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.18 1998/04/19 08:37:12 assar Exp $
+# $Id: Makefile.in,v 1.19 1999/09/28 12:35:11 assar Exp $
 
 SHELL = /bin/sh
 
@@ -15,6 +15,16 @@ TEXI2HTML = texi2html
 prefix = @prefix@
 infodir = @infodir@
 
+TEXI_SOURCES = ack.texi				\
+	index.texi				\
+	install.texi				\
+	intro.texi				\
+	kth-krb.texi				\
+	otp.texi				\
+	problems.texi				\
+	setup.texi				\
+	whatis.texi
+
 all: info
 
 install: all installdirs
@@ -40,17 +50,17 @@ installdirs:
 
 info: kth-krb.info
 
-kth-krb.info: kth-krb.texi
+kth-krb.info: $(TEXI_SOURCES)
 	$(MAKEINFO) --no-split -I$(srcdir) -o $@ $(srcdir)/kth-krb.texi
 
 dvi: kth-krb.dvi
 
-kth-krb.dvi: kth-krb.texi
+kth-krb.dvi: $(TEXI_SOURCES)
 	$(TEXI2DVI) $(srcdir)/kth-krb.texi
 
 html: kth-krb.html
 
-kth-krb.html: kth-krb.texi
+kth-krb.html: $(TEXI_SOURCES)
 	$(TEXI2HTML) $(srcdir)/kth-krb.texi
 
 clean:
diff --git a/crypto/kerberosIV/doc/ack.texi b/crypto/kerberosIV/doc/ack.texi
index e5830d0..327220c 100644
--- a/crypto/kerberosIV/doc/ack.texi
+++ b/crypto/kerberosIV/doc/ack.texi
@@ -85,6 +85,8 @@ Bugfixes and code has been contributed by:
 @code{<toddr@@rpi.edu>}
 @item Åke Sandgren
 @code{<ake@@cs.umu.se>}
+@item Thomas Nyström
+@code{<thn@@stacken.kth.se>}
 @item and we hope that those not mentioned here will forgive us.
 @end table
 
diff --git a/crypto/kerberosIV/doc/install.texi b/crypto/kerberosIV/doc/install.texi
index b893ae1..26d2abf 100644
--- a/crypto/kerberosIV/doc/install.texi
+++ b/crypto/kerberosIV/doc/install.texi
@@ -15,6 +15,7 @@ from source.
 * Installing from source::      
 * Installing a binary distribution::  
 * Finishing the installation::  
+* .klogin::
 * Authentication modules::      
 @end menu
 
@@ -59,7 +60,7 @@ Use cracklib for password quality control in
 @code{kadmind}. This option requires 
 @cindex cracklib
 cracklib with the patch from
-@code{ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch}.
+@url{ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch}.
 
 @item @kbd{--with-dictpath=}@var{dictpath}
 This is the dictionary that cracklib should use.
@@ -76,7 +77,7 @@ about socks see @url{http://www.socks.nec.com/}.
 @cindex readline
 To enable history/line editing in @code{ftp} and @code{kadmin}, any
 present version of readline will be used.  If you have readline
-installed but in a place where configure does not managed to find it,
+installed but in a place where configure does not manage to find it,
 you can use this option.  The code also looks for @code{libedit}.  If
 there is no library at all, the bundled version of @code{editline} will
 be used.
@@ -92,12 +93,23 @@ spool directory is located.  This directory is only accessed by
 @pindex login
 @code{login}.
 
+@item @kbd{--with-hesiod=}@var{dir}
+@cindex Hesiod
+Enable the Hesiod support in
+@pindex push
+@code{push}.  With this option, it will try
+to use the hesiod library to locate the mail post-office for the user.
+
 @c @item @kbd{--enable-random-mkey}
 @c Do not use this option unless you think you know what you are doing.
 
 @item @kbd{--with-mkey=}@var{file}
 Put the master key here, the default is @file{/.k}.
 
+@item @kbd{--with-db-dir=}@var{dir}
+Where the kerberos database should be stored.  The default is
+@file{/var/kerberos}.
+
 @item @kbd{--without-berkeley-db}
 If you have
 @cindex Berkeley DB
@@ -108,20 +120,54 @@ since there currently isn't an easy way to convert a dbm database to a
 db one (you have to dump the old database and then load it with the new
 binaries).
 
-@item @kbd{--disable-shared-afs}
+@item @kbd{--without-afs-support}
+Do not include AFS support.
+
+@item @kbd{--with-afsws=}@var{dir}
+Where your AFS client installation resides.  The default is
+@file{/usr/afsws}.
+
+@item @kbd{--enable-rxkad}
+Build the rxkad library.  Normally automatically included if there is AFS.
+
+@item @kbd{--disable-dynamic-afs}
 The AFS support in AIX consists of a shared library that is loaded at
 runtime. This option disables this, and links with static system
 calls. Doing this will make the built binaries crash on a machine that
 doesn't have AFS in the kernel (for instance if the AFS module fails to
 load at boot).
 
-@item @kbd{--with-mips-api=api}
+@item @kbd{--with-mips-api=}@var{api}
 This option enables creation of different types of binaries on Irix.
 The allowed values are @kbd{32}, @kbd{n32}, and @kbd{64}.
 
 @item @kbd{--enable-legacy-kdestroy}
 This compile-time option creates a @code{kdestroy} that does not destroy
 any AFS tokens.
+
+@item @kbd{--disable-otp}
+Do not build the OTP (@pxref{One-Time Passwords}) library and programs,
+and do not include OTP support in the application programs.
+
+@item @kbd{--enable-match-subdomains}
+Normally, the host @samp{host.domain} will be considered to be part of
+the realm @samp{DOMAIN}.  With this option will also enable hosts of the
+form @samp{host.sub.domain}, @samp{host.sub1.sub2.domain}, and so on to
+be considered part of the realm @samp{DOMAIN}.
+
+@item @kbd{--enable-osfc2}
+Enable the use of enhanced C2 security on OSF/1. @xref{Digital SIA}.
+
+@item @kbd{--disable-mmap}
+Do not use the mmap system call.  Normally, configure detects if there
+is a working mmap and it is only used if there is one.  Only try this
+option if it fails to work anyhow.
+
+@item @kbd{--disable-cat-manpages}
+Do not install preformatted man pages.
+
+@c --with-des-quad-checksum
+
 @end table
 
 @node Installing a binary distribution, Finishing the installation, Installing from source, Installing programs
@@ -133,7 +179,7 @@ The binary distribution is supposed to be installed in
 recommended.  A symlink from @file{/usr/athena} to the install directory
 should be fine.
 
-@node Finishing the installation, Authentication modules, Installing a binary distribution, Installing programs
+@node Finishing the installation, .klogin, Installing a binary distribution, Installing programs
 @section Finishing the installation
 
 @pindex su
@@ -236,19 +282,64 @@ ttys. (From Wietse Venema)
 @end table
 
 @menu
+* .klogin::
 * Authentication modules::      
 @end menu
 
-@node  Authentication modules,  , Finishing the installation, Installing programs
+@node .klogin, Authentication modules, Finishing the installation, Installing programs
+@comment  node-name,  next,  previous,  up
+
+Each user can have an authorization file @file{~@var{user}/.klogin}
+@pindex .klogin
+that
+determines what principals can login as that user.  It is similar to the
+@file{~user/.rhosts} except that it does not use IP and privileged-port
+based authentication.  If this file does not exist, the user herself
+@samp{user@@LOCALREALM} will be allowed to login.  Supplementary local
+realms (@pxref{Install the configuration files}) also apply here.  If the
+file exists, it should contain the additional principals that are to
+be allowed to login as the local user @var{user}.
+
+This file is consulted by most of the daemons (@code{rlogind},
+@code{rshd}, @code{ftpd}, @code{telnetd}, @code{popper}, @code{kauthd}, and
+@code{kxd})
+@pindex rlogind
+@pindex rshd
+@pindex ftpd
+@pindex telnetd
+@pindex popper
+@pindex kauthd
+@pindex kxd
+to determine if the
+principal requesting a service is allowed to receive it.  It is also
+used by
+@pindex su
+@code{su}, which is a good way of keeping an access control list (ACL)
+on who is allowed to become root.  Assuming that @file{~root/.klogin}
+contains:
+
+@example
+nisse.root@@FOO.SE
+lisa.root@@FOO.SE
+@end example
+
+both nisse and lisa will be able to su to root by entering the password
+of their root instance.  If that fails or if the user is not listed in
+@file{~root/.klogin}, @code{su} falls back to the normal policy of who
+is permitted to su.  Also note that that nisse and lisa can login
+with e.g. @code{telnet} as root provided that they have tickets for
+their root instance.
+
+@node  Authentication modules, , .klogin, Installing programs
 @comment  node-name,  next,  previous,  up
 @section Authentication modules
 The problem of having different authentication mechanisms has been
 recognised by several vendors, and several solutions has appeared. In
 most cases these solutions involve some kind of shared modules that are
 loaded at run-time.  Modules for some of these systems can be found in
-@file{lib/auth}.  Presently there are modules for Digital's SIA, Linux'
-PAM (might also work on Solaris, when PAM gets supported), and IRIX'
-@code{login} and @code{xdm} (in @file{lib/auth/afskauthlib}).
+@file{lib/auth}.  Presently there are modules for Digital's SIA,
+Solaris' and Linux' PAM, and IRIX' @code{login} and @code{xdm} (in
+@file{lib/auth/afskauthlib}).
 
 @menu
 * Digital SIA::                 
@@ -382,9 +473,8 @@ files.
 @subsection PAM
 
 The PAM module was written more out of curiosity that anything else. It
-has not been updated for quite a while, since none of us are using
-Linux, and Solaris does not support PAM yet.  We've had positive reports
-from at least one person using the module, though.
+has not been updated for quite a while, but it seems to mostly work on
+both Linux and Solaris.
 
 To use this module you should:
 
@@ -402,5 +492,5 @@ There is currently no support for changing kerberos passwords. Use
 kpasswd instead.
 
 See also Derrick J Brashear's @code{<shadow@@dementia.org>} Kerberos PAM
-module at @kbd{ftp://ftp.dementia.org/pub/pam}. It has a lot more
+module at @* @url{ftp://ftp.dementia.org/pub/pam}. It has a lot more
 features, and it is also more in line with other PAM modules.
diff --git a/crypto/kerberosIV/doc/kth-krb.texi b/crypto/kerberosIV/doc/kth-krb.texi
index 248b626..82820e3 100644
--- a/crypto/kerberosIV/doc/kth-krb.texi
+++ b/crypto/kerberosIV/doc/kth-krb.texi
@@ -1,6 +1,6 @@
 \input texinfo @c -*- texinfo -*-
 @c %**start of header
-@c $Id: kth-krb.texi,v 1.77.2.1 1999/08/18 21:11:25 joda Exp $
+@c $Id: kth-krb.texi,v 1.80 1999/12/02 16:58:35 joda Exp $
 @setfilename kth-krb.info
 @settitle KTH-KRB
 @iftex
@@ -29,7 +29,7 @@
 @subtitle 1999
 @author Johan Danielsson
 @author Assar Westerlund
-@author last updated $Date: 1999/08/18 21:11:25 $
+@author last updated $Date: 1999/12/02 16:58:35 $
 
 @def@copynext{@vskip 20pt plus 1fil@penalty-1000}
 @def@copyrightstart{}
@@ -51,12 +51,7 @@ are met:
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the distribution.
 
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the Kungliga Tekniska
-     Högskolan and its contributors.
-
-4. Neither the name of the Institute nor the names of its contributors
+3. Neither the name of the Institute nor the names of its contributors
    may be used to endorse or promote products derived from this software
    without specific prior written permission.
 
diff --git a/crypto/kerberosIV/doc/problems.texi b/crypto/kerberosIV/doc/problems.texi
index 7713d45..d7a525f 100644
--- a/crypto/kerberosIV/doc/problems.texi
+++ b/crypto/kerberosIV/doc/problems.texi
@@ -23,6 +23,7 @@ datan$ env CC="cc -Ae" ./configure
 @end example
 @end cartouche
 
+@cindex GCC
 In general @kbd{gcc} works. The following combinations have also been
 verified to successfully compile the distribution:
 
@@ -56,12 +57,23 @@ Some systems have lost @file{/usr/include/ndbm.h} which is necessary to
 build krb4 correctly. There is a @file{ndbm.h.Linux} right next to
 the source distribution.
 
+@cindex Linux
 There has been reports of non-working @file{libdb} on some Linux
 distributions.  If that happens, use the @kbd{--without-berkeley-db}
 when configuring.
 
+@subheading SunOS 5 (aka Solaris 2) problems
+
+@cindex SunOS 5
+
+When building shared libraries and using some combinations of GNU gcc/ld
+you better set the environment variable RUN_PATH to /usr/athena/lib
+(your target libdir). If you don't, then you will have to set
+LD_LIBRARY_PATH during runtime and the PAM module will not work.
+
 @subheading HP-UX problems
 
+@cindex HP-UX
 The shared library @file{/usr/lib/libndbm.sl} doesn't exist on all
 systems.  To make problems even worse, there is never an archive version
 for static linking either. Therefore, when building ``truly portable''
@@ -73,8 +85,45 @@ are linking against that library.
 @kbd{rlogind} won't work on Crays until @code{forkpty()} has been
 ported, in the mean time use @kbd{telnetd}.
 
+@subheading IRIX problems
+
+@cindex IRIX
+
+IRIX has three different ABI:s (Application Binary Interface), there's
+an old 32 bit interface (known as O32, or just 32), a new 32 bit
+interface (N32), and a 64 bit interface (64). O32 and N32 are both 32
+bits, but they have different calling conventions, and alignment
+constraints, and similar. The N32 format is the default format from IRIX
+6.4.
+
+You select ABI at compile time, and you can do this with the
+@samp{--with-mips-abi} configure option. The valid arguments are
+@samp{o32}, @samp{n32}, and @samp{64}, N32 is the default. Libraries for
+the three different ABI:s are normally installed installed in different
+directories (@samp{lib}, @samp{lib32}, and @samp{lib64}). If you want
+more than one set of libraries you have to reconfigure and recompile for
+each ABI, but you should probably install only N32 binaries.
+
+@cindex GCC
+GCC had had some known problems with the different ABI:s. Old GCC could
+only handle O32, newer GCC can handle N32, and 64, but not O32, but in
+some versions of GCC the structure alignment was broken in N32.
+
+This confusion with different ABI:s can cause some trouble. For
+instance, the @file{afskauthlib.so} library has to use the same ABI as
+@file{xdm}, and @file{login}. The easiest way to check what ABI to use
+is to run @samp{file} on @file{/usr/bin/X11/xdm}.
+
+@cindex AFS
+Another problem that you might encounter if you run AFS is that Transarc
+apparently doesn't support the 64-bit ABI, and because of this you can't
+get tokens with a 64 bit application. If you really need to do this,
+there is a kernel module that provides this functionality at
+@url{ftp://ftp.pdc.kth.se/home/joda/irix-afs64.tar.gz}.
+
 @subheading AIX problems
 
+@cindex GCC
 @kbd{gcc} version 2.7.2.* has a bug which makes it miscompile
 @file{appl/telnet/telnetd/sys_term.c} (and possibily
 @file{appl/bsd/forkpty.c}), if used with too much optimization.
diff --git a/crypto/kerberosIV/doc/setup.texi b/crypto/kerberosIV/doc/setup.texi
index 4d2d0ff..24a955d 100644
--- a/crypto/kerberosIV/doc/setup.texi
+++ b/crypto/kerberosIV/doc/setup.texi
@@ -92,7 +92,9 @@ ANOTHER.REALM           kerberos.another.realm
 @end example
 
 The first line defines the name of the local realm. The next few lines
-optionally defines supplementary local realms. The rest of the file
+optionally defines supplementary local realms. 
+@cindex supplementary local realms
+The rest of the file
 defines the names of the kerberos servers and the database
 administration servers for all known realms. You can define any number
 of kerberos slave servers similar to the one defined on line
@@ -111,7 +113,7 @@ support has been added for ports other than the default (750), and
 protocols other than UDP.
 
 The formal syntax for an entry is now
-@samp{@var{[proto}/@var{]host[}:@var{port]}}. @var{proto} is either
+@samp{[@var{proto}/]@var{host}[:@var{port}]}. @var{proto} is either
 @samp{UDP}, @samp{TCP}, or @samp{HTTP}, and @var{port} is the port to
 talk to. Default value for @var{proto} is @samp{UDP} and for @var{port}
 whatever @samp{kerberos-iv} is defined to be in @file{/etc/services} or
@@ -145,6 +147,14 @@ server), and then @samp{kerberos-1.@var{REALM}},
 @samp{kerberos-2.@var{REALM}}, and so on.
 @end enumerate
 
+SRV records have been supported in BIND since 4.9.5T2A.  An example
+would look like the following in the zone file:
+
+@example
+kerberos-iv.udp.foo.se.  1M IN SRV  1 0 750 kerberos-1.foo.se.
+kerberos-iv.udp.foo.se.  1M IN SRV  0 0 750 kerberos.foo.se.
+@end example
+
 We strongly recommend that you add a CNAME @samp{kerberos.@var{REALM}}
 pointing to your kerberos master server.
 
@@ -190,31 +200,43 @@ beginning with a hash (#) are ignored.
 The currently defined variables are:
 
 @table @samp
-@item krb4_proxy
-@cindex krb4_proxy
-When getting tickets via HTTP, this specifies the proxy to use. The
-default is to speak directly to the KDC.
-@item kdc_time_sync
-@cindex kdc_time_sync
+@item kdc_timeout
+@cindex kdc_timeout
+The time in seconds to wait for an answer from the KDC (the default is 4
+seconds).
+@item kdc_timesync
+@cindex kdc_timesync
 This flag enables storing of the time differential to the KDC when
 getting an initial ticket. This differential is used later on to compute
 the correct time. This can help if your machine doesn't have a working
 clock.
-@item kdc_timeout
-@cindex kdc_timeout
-This allows you to change the default (4 seconds) timeout when talking
-to the KDC.
+@item firewall_address
+@cindex firewall_address
+The IP address that hosts outside the firewall see when connecting from
+within the firewall. If this is specified, the code will try to compute
+the value for @samp{reverse_lsb_test}.
+@item krb4_proxy
+@cindex krb4_proxy
+When getting tickets via HTTP, this specifies the proxy to use. The
+default is to speak directly to the KDC.
+@item krb_default_tkt_root
+@cindex krb_default_tkt_root
+The default prefix for ticket files.  The default is @file{/tmp/tkt}.
+Normally the uid or tty is appended to this prefix.
+@item krb_default_keyfile
+@cindex krb_default_keyfile
+The file where the server keys are stored, the default is @file{/etc/srvtab}.
+@item nat_in_use
+@cindex nat_in_use
+If the client is behind a Network Address Translator (NAT).
+@cindex Network Address Translator
+@cindex NAT
 @item reverse_lsb_test
 @cindex reverse_lsb_test
 Reverses the test used by @code{krb_mk_safe}, @code{krb_rd_safe},
 @code{krb_mk_priv}, and @code{krb_rd_priv} to compute the ordering of
 the communicating hosts. This test can cause truble when using
 firewalls.
-@item firewall_address
-@cindex firewall_address
-The IP address that hosts outside the firewall see when connecting from
-within the firewall. If this is specified, the code will try to compute
-the value for @samp{reverse_lsb_test}.
 @end table
 
 @node Install the /etc/services, Install the kerberos server, Install the configuration files, How to set up the kerberos server
@@ -242,12 +264,15 @@ for the realm @samp{FOO.SE} on a machine called @samp{hemlig.foo.se}.
 @subsection Setup the server
 
 Login as root on the console of the kerberos server.  Add
-@file{/usr/athena/bin} and @file{/usr/athena/sbin} to your path.  Run
+@file{/usr/athena/bin} and @file{/usr/athena/sbin} to your path.  Create
+the directory @file{/var/kerberos} (@kbd{mkdir /var/kerberos}), which is
+where the database will be stored.  Then, to create the database, run
 @kbd{kdb_init}:
 @pindex kdb_init
 
 @example
 @cartouche
+hemlig# mkdir /var/kerberos
 hemlig# kdb_init
 Realm name [default  FOO.SE ]: 
 You will be prompted for the database Master Password.
@@ -366,6 +391,8 @@ Principal name: <>
 @code{kdb_edit} will loop until you hit the @kbd{return} key at the
 ``Principal name'' prompt. Now you have added nisse as an administrator.
 
+@page
+
 @node Start the server, Try to get tickets, Add a few important principals, How to set up the kerberos server
 @subsection Start the server
 
@@ -470,7 +497,7 @@ Use the @code{kadmin} client to add users to the database:
 
 @example
 @cartouche
-hemlig# kadmin -u nisse.admin -m
+hemlig# kadmin -p nisse.admin -m
 Welcome to the Kerberos Administration Program, version 2
 Type "help" if you need it.
 admin:  <add nisse>
@@ -669,11 +696,34 @@ the kerberos server, every service needs to have a shared key with the
 kerberos server.  The service keys are stored in a file, usually called
 @file{/etc/srvtab}.  This file should not be readable to anyone but
 root, in order to keep the key from being divulged.  The name of this principal
-in the kerberos database is usually the service and the host.  The key
-for the pop service is called @samp{pop.@var{hostname}}.  The one for
-rsh/rlogin/telnet is named @samp{rcmd.@var{hostname}}.  (rcmd comes from
-``remote command'').  To create these keys you will use the the
-@code{ksrvutil} program.  Perform the
+in the kerberos database is usually the service name and the hostname.  Examples
+of such principals are @samp{pop.@var{hostname}} and
+@samp{rcmd.@var{hostname}}.  (rcmd comes from ``remote command''.)  Here
+is a list of the most commonly used srvtab types and what programs use them.
+
+@table @asis
+@item rcmd.@var{hostname}
+rsh, rcp, rlogin, telnet, kauth, su, kx
+@item rcmd.kerberos
+kprop
+@item pop.@var{hostname}
+popper, movemail, push
+@item sample.@var{hostname}
+sample_server, simple_server
+@item changepw.kerberos
+kadmin, kpasswd
+@item krbtgt.@var{realm}
+kerberos (not stored in any srvtab)
+@item ftp.@var{hostname}
+ftp (also tries with rcmd.@var{hostname})
+@item zephyr.zephyr
+Zephyr
+@item afs or afs.@var{cellname}
+Andrew File System
+@end table
+
+To create these keys you will use the the @code{ksrvutil} program.
+Perform the
 @pindex ksrvutil
 following:
 
@@ -733,9 +783,7 @@ master server fails. It is possible to have any number of such slave
 servers but more than three usually doesn't buy much more redundancy.
 
 First select a good server machine.  (@pxref{Choose a kerberos
-server}). Since the master and slave servers will use copies of the same
-database, they need to use the same master key.  Add the master key on
-the slave with @code{kstash}. (@pxref{Set up the server})
+server}). 
 
 On the master, add a @samp{rcmd.kerberos} (note, it should be literally
 ``kerberos'') principal (using @samp{ksrvutil get}). The
@@ -760,8 +808,13 @@ that contains the hostnames of your kerberos slave servers.
 
 Start @code{kpropd} with @samp{kpropd -i} on your slave servers.
 
-On your master server, create a dump of the database with @samp{kdb_util
-slave_dump /var/kerberos/slave_dump}, and then run @code{kprop}.
+On your master server, create a dump of the database and then propagate
+it.
+
+@example
+foo# kdb_util slave_dump /var/kerberos/slave_dump
+foo# kprop
+@end example
 
 You should now have copies of the database on your slave servers. You
 can verify this by issuing @samp{kdb_util dump @var{file}} on your
@@ -771,6 +824,10 @@ server. Note that the entries will not be in the same order.
 This procedure should be automated with a script run regularly by cron,
 for instance once an hour.
 
+Since the master and slave servers will use copies of the same
+database, they need to use the same master key.  Add the master key on
+the slave with @code{kstash}. (@pxref{Set up the server})
+
 To start the kerberos server on slaves, you first have to copy the
 master key from the master server. You can do this either by remembering
 the master password and issuing @samp{kstash}, or you can just copy the
@@ -815,6 +872,8 @@ principals should be @samp{krbtgt.OTHER.REALM} in @samp{MY.REALM}, and
 principals should have the same key (and key version number).  Remember
 to transfer this key in a safe manner. This is all that is required.
 
+@page
+
 @example
 @cartouche
 blubb$ klist
diff --git a/crypto/kerberosIV/etc/inetd.conf.changes.in b/crypto/kerberosIV/etc/inetd.conf.changes.in
new file mode 100644
index 0000000..2ccb8f5
--- /dev/null
+++ b/crypto/kerberosIV/etc/inetd.conf.changes.in
@@ -0,0 +1,33 @@
+#
+# $Id: inetd.conf.changes.in,v 1.14 1999/11/10 14:21:07 joda Exp $
+#
+# Turn off vanilla rshd and rlogind with an informational message.
+# If you really want this security problem remove the '-v' option!
+shell	stream	tcp nowait root	@prefix@/libexec/rshd rshd -l -L -v
+login	stream	tcp nowait root @prefix@/libexec/rlogind rlogind -l -v
+#
+# Kerberos rsh
+kshell	stream	tcp nowait root	@prefix@/libexec/rshd rshd -L -k
+ekshell	stream	tcp nowait root	@prefix@/libexec/rshd rshd -L -k -x
+ekshell2 stream	tcp nowait root	@prefix@/libexec/rshd rshd -L -k -x
+#
+# Kerberos rlogin
+klogin	stream	tcp nowait root	@prefix@/libexec/rlogind rlogind -k
+eklogin	stream	tcp nowait root	@prefix@/libexec/rlogind rlogind -k -x
+#
+# Kerberized telnet and ftp, consider adding '-a user' to
+# disallow cleartext passwords to both telnetd and ftpd.
+telnet	stream	tcp nowait root @prefix@/libexec/telnetd telnetd -a none
+ftp	stream	tcp nowait root	@prefix@/libexec/ftpd ftpd -l -a none
+#
+# Kerberized POP. Server principal is pop.hostname, *not* rcmd.hostname!
+#kpop	stream	tcp nowait root	@prefix@/libexec/popper popper -k
+#
+# Old POP3 with passwords in clear (not recommended, uses cleartext passwords)
+#pop3	stream	tcp nowait root	@prefix@/libexec/popper popper
+#
+# Kauthd, support for putting tickets on other machines in a secure fashion.
+kauth	stream	tcp nowait root	@prefix@/libexec/kauthd kauthd
+#
+# Encrypted X connections
+kx	stream	tcp nowait root	@prefix@/libexec/kxd kxd
diff --git a/crypto/kerberosIV/include/Makefile.in b/crypto/kerberosIV/include/Makefile.in
index b2b0547..f321f16 100644
--- a/crypto/kerberosIV/include/Makefile.in
+++ b/crypto/kerberosIV/include/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.58 1999/03/10 19:01:13 joda Exp $
+# $Id: Makefile.in,v 1.59.2.1 1999/12/06 17:23:06 assar Exp $
 
 srcdir		= @srcdir@
 VPATH		= @srcdir@
@@ -31,7 +31,7 @@ libdir		= @libdir@
 HEADERS = \
 	acl.h com_err.h com_right.h des.h kadm.h kafs.h kdc.h \
 	klog.h krb.h krb-protos.h krb-archaeology.h krb_db.h \
-	ktypes.h otp.h prot.h sl.h parse_time.h @EXTRA_HEADERS@
+	ktypes.h otp.h prot.h sl.h @EXTRA_HEADERS@
 
 LOCL_HEADERS = \
 	     base64.h roken-common.h protos.h resolve.h xdbm.h	\
@@ -149,6 +149,9 @@ sl.h:
 protos.h:
 	$(LN_S) $(srcdir)/protos.H protos.h
 
+netdb.h:
+	$(LN_S) $(srcdir)/netdb.x netdb.h
+
 bits$(EXECSUFFIX):	$(BITS_OBJECTS)
 	$(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(BITS_OBJECTS)
 
diff --git a/crypto/kerberosIV/include/bits.c b/crypto/kerberosIV/include/bits.c
index 81c0051..a2c40bc 100644
--- a/crypto/kerberosIV/include/bits.c
+++ b/crypto/kerberosIV/include/bits.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: bits.c,v 1.5 1999/07/06 04:19:26 assar Exp $");
+RCSID("$Id: bits.c,v 1.6 1999/12/02 16:58:36 joda Exp $");
 #endif
 #include <stdio.h>
 #include <string.h>
@@ -147,7 +142,7 @@ int main(int argc, char **argv)
     }
     fprintf(f, "/* %s -- this file was generated for %s by\n", fn, HOST);
     fprintf(f, "   %*s    %s */\n\n", (int)strlen(fn), "", 
-	    "$Id: bits.c,v 1.5 1999/07/06 04:19:26 assar Exp $");
+	    "$Id: bits.c,v 1.6 1999/12/02 16:58:36 joda Exp $");
     fprintf(f, "#ifndef %s\n", hb);
     fprintf(f, "#define %s\n", hb);
     fprintf(f, "\n");
diff --git a/crypto/kerberosIV/include/config.h.in b/crypto/kerberosIV/include/config.h.in
index 3108078..3727ef1 100644
--- a/crypto/kerberosIV/include/config.h.in
+++ b/crypto/kerberosIV/include/config.h.in
@@ -71,6 +71,15 @@
 /* Define if the X Window System is missing or not being used.  */
 #undef X_DISPLAY_MISSING
 
+/* Define if you have the XauFileName function.  */
+#undef HAVE_XAUFILENAME
+
+/* Define if you have the XauReadAuth function.  */
+#undef HAVE_XAUREADAUTH
+
+/* Define if you have the XauWriteAuth function.  */
+#undef HAVE_XAUWRITEAUTH
+
 /* Define if you have the _getpty function.  */
 #undef HAVE__GETPTY
 
@@ -95,12 +104,18 @@
 /* Define if you have the cap_set_proc function.  */
 #undef HAVE_CAP_SET_PROC
 
+/* Define if you have the cgetent function.  */
+#undef HAVE_CGETENT
+
 /* Define if you have the chown function.  */
 #undef HAVE_CHOWN
 
 /* Define if you have the chroot function.  */
 #undef HAVE_CHROOT
 
+/* Define if you have the copyhostent function.  */
+#undef HAVE_COPYHOSTENT
+
 /* Define if you have the crypt function.  */
 #undef HAVE_CRYPT
 
@@ -143,6 +158,9 @@
 /* Define if you have the forkpty function.  */
 #undef HAVE_FORKPTY
 
+/* Define if you have the freehostent function.  */
+#undef HAVE_FREEHOSTENT
+
 /* Define if you have the frevoke function.  */
 #undef HAVE_FREVOKE
 
@@ -170,6 +188,12 @@
 /* Define if you have the gethostname function.  */
 #undef HAVE_GETHOSTNAME
 
+/* Define if you have the getipnodebyaddr function.  */
+#undef HAVE_GETIPNODEBYADDR
+
+/* Define if you have the getipnodebyname function.  */
+#undef HAVE_GETIPNODEBYNAME
+
 /* Define if you have the getlogin function.  */
 #undef HAVE_GETLOGIN
 
@@ -200,9 +224,6 @@
 /* Define if you have the getspnam function.  */
 #undef HAVE_GETSPNAM
 
-/* Define if you have the getspuid function.  */
-#undef HAVE_GETSPUID
-
 /* Define if you have the gettimeofday function.  */
 #undef HAVE_GETTIMEOFDAY
 
@@ -227,6 +248,12 @@
 /* Define if you have the inet_aton function.  */
 #undef HAVE_INET_ATON
 
+/* Define if you have the inet_ntop function.  */
+#undef HAVE_INET_NTOP
+
+/* Define if you have the inet_pton function.  */
+#undef HAVE_INET_PTON
+
 /* Define if you have the initgroups function.  */
 #undef HAVE_INITGROUPS
 
@@ -284,12 +311,21 @@
 /* Define if you have the readv function.  */
 #undef HAVE_READV
 
+/* Define if you have the recvmsg function.  */
+#undef HAVE_RECVMSG
+
 /* Define if you have the res_search function.  */
 #undef HAVE_RES_SEARCH
 
 /* Define if you have the revoke function.  */
 #undef HAVE_REVOKE
 
+/* Define if you have the sa_family_t function.  */
+#undef HAVE_SA_FAMILY_T
+
+/* Define if you have the sendmsg function.  */
+#undef HAVE_SENDMSG
+
 /* Define if you have the setegid function.  */
 #undef HAVE_SETEGID
 
@@ -362,6 +398,12 @@
 /* Define if you have the strftime function.  */
 #undef HAVE_STRFTIME
 
+/* Define if you have the strlcat function.  */
+#undef HAVE_STRLCAT
+
+/* Define if you have the strlcpy function.  */
+#undef HAVE_STRLCPY
+
 /* Define if you have the strlwr function.  */
 #undef HAVE_STRLWR
 
@@ -374,12 +416,18 @@
 /* Define if you have the strnlen function.  */
 #undef HAVE_STRNLEN
 
+/* Define if you have the strptime function.  */
+#undef HAVE_STRPTIME
+
 /* Define if you have the strsep function.  */
 #undef HAVE_STRSEP
 
 /* Define if you have the strtok_r function.  */
 #undef HAVE_STRTOK_R
 
+/* Define if you have the struct_sockaddr_storage function.  */
+#undef HAVE_STRUCT_SOCKADDR_STORAGE
+
 /* Define if you have the strupr function.  */
 #undef HAVE_STRUPR
 
@@ -452,15 +500,6 @@
 /* Define if you have the writev function.  */
 #undef HAVE_WRITEV
 
-/* Define if you have the XauFileName function.  */
-#undef HAVE_XAUFILENAME
-
-/* Define if you have the XauReadAuth function.  */
-#undef HAVE_XAUREADAUTH
-
-/* Define if you have the XauWriteAuth function.  */
-#undef HAVE_XAUWRITEAUTH
-
 /* Define if you have the yp_get_default_domain function.  */
 #undef HAVE_YP_GET_DEFAULT_DOMAIN
 
@@ -761,6 +800,12 @@
 /* Define if you have the <wait.h> header file.  */
 #undef HAVE_WAIT_H
 
+/* Define if you have the X11 library (-lX11).  */
+#undef HAVE_LIBX11
+
+/* Define if you have the Xau library (-lXau).  */
+#undef HAVE_LIBXAU
+
 /* Define if you have the c_r library (-lc_r).  */
 #undef HAVE_LIBC_R
 
@@ -809,12 +854,6 @@
 /* Define if you have the util library (-lutil).  */
 #undef HAVE_LIBUTIL
 
-/* Define if you have the X11 library (-lX11).  */
-#undef HAVE_LIBX11
-
-/* Define if you have the Xau library (-lXau).  */
-#undef HAVE_LIBXAU
-
 /* Name of package */
 #undef PACKAGE
 
@@ -1016,6 +1055,18 @@
 /* Define if struct utmpx has field ut_syslen. */
 #undef HAVE_STRUCT_UTMPX_UT_SYSLEN
 
+/* Define if struct tm has field tm_gmtoff. */
+#undef HAVE_STRUCT_TM_TM_GMTOFF
+
+/* Define if struct tm has field tm_zone. */
+#undef HAVE_STRUCT_TM_TM_ZONE
+
+/* define if you have timezone */
+#undef HAVE_TIMEZONE
+
+/* define if your system declares timezone */
+#undef HAVE_TIMEZONE_DECLARATION
+
 /* define if you have struct spwd */
 #undef HAVE_STRUCT_SPWD
 
@@ -1069,6 +1120,8 @@
 
 #define HAVE_KRB_DISABLE_DEBUG 1
 
+#define HAVE_KRB_GET_OUR_IP_FOR_REALM 1
+
 #define RCSID(msg) \
 static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 
diff --git a/crypto/kerberosIV/include/netdb.x b/crypto/kerberosIV/include/netdb.x
new file mode 100644
index 0000000..7055918
--- /dev/null
+++ b/crypto/kerberosIV/include/netdb.x
@@ -0,0 +1,7 @@
+/* fix for broken ultrix netdb.h. */
+#ifndef __NETDB_H__
+#define __NETDB_H__
+
+#include "/usr/include/netdb.h"
+
+#endif /* __NETDB_H__ */
diff --git a/crypto/kerberosIV/include/protos.H b/crypto/kerberosIV/include/protos.H
index c72575d..faf911e 100644
--- a/crypto/kerberosIV/include/protos.H
+++ b/crypto/kerberosIV/include/protos.H
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -39,7 +34,7 @@
 /*
  * Add here functions that don't have a prototype on your system.
  *
- * $Id: protos.H,v 1.45 1998/09/26 21:01:27 joda Exp $
+ * $Id: protos.H,v 1.46 1999/12/02 16:58:36 joda Exp $
  */
 
 #ifdef NEED_CRYPT_PROTO
diff --git a/crypto/kerberosIV/include/win32/config.h b/crypto/kerberosIV/include/win32/config.h
new file mode 100644
index 0000000..199961e
--- /dev/null
+++ b/crypto/kerberosIV/include/win32/config.h
@@ -0,0 +1,1185 @@
+/* include/config.h.in.  Generated automatically from configure.in by autoheader.  */
+
+/* Define if using alloca.c.  */
+#undef C_ALLOCA
+
+/* Define to empty if the keyword does not work.  */
+#undef const
+
+/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems.
+   This function is required for alloca.c support on those systems.  */
+#undef CRAY_STACKSEG_END
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#define gid_t int
+
+/* Define if you have alloca, as a function or macro.  */
+#undef HAVE_ALLOCA
+
+/* Define if you have <alloca.h> and it should be used (not on Ultrix).  */
+#undef HAVE_ALLOCA_H
+
+/* Define if you have a working `mmap' system call.  */
+#undef HAVE_MMAP
+
+/* Define if your struct stat has st_blksize.  */
+#undef HAVE_ST_BLKSIZE
+
+/* Define as __inline if that's what the C compiler calls it.  */
+#undef inline
+
+/* Define to `long' if <sys/types.h> doesn't define.  */
+#undef off_t
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#undef pid_t
+
+/* Define if you need to in order for stat and other things to work.  */
+#undef _POSIX_SOURCE
+
+/* Define as the return type of signal handlers (int or void).  */
+#undef RETSIGTYPE
+
+/* Define to `unsigned' if <sys/types.h> doesn't define.  */
+#undef size_t
+
+/* If using the C implementation of alloca, define if you know the
+   direction of stack growth for your system; otherwise it will be
+   automatically deduced at run-time.
+ STACK_DIRECTION > 0 => grows toward higher addresses
+ STACK_DIRECTION < 0 => grows toward lower addresses
+ STACK_DIRECTION = 0 => direction of growth unknown
+ */
+#undef STACK_DIRECTION
+
+/* Define if you have the ANSI C header files.  */
+#define STDC_HEADERS 1
+
+/* Define if `sys_siglist' is declared by <signal.h>.  */
+#undef SYS_SIGLIST_DECLARED
+
+/* Define if you can safely include both <sys/time.h> and <time.h>.  */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#define uid_t int
+
+/* Define if your processor stores words with the most significant
+   byte first (like Motorola and SPARC, unlike Intel and VAX).  */
+#undef WORDS_BIGENDIAN
+
+/* Define if the X Window System is missing or not being used.  */
+#undef X_DISPLAY_MISSING
+
+/* Define if you have the _getpty function.  */
+#undef HAVE__GETPTY
+
+/* Define if you have the _scrsize function.  */
+#undef HAVE__SCRSIZE
+
+/* Define if you have the _setsid function.  */
+#undef HAVE__SETSID
+
+/* Define if you have the _stricmp function.  */
+#define HAVE__STRICMP 1
+
+/* Define if you have the asnprintf function.  */
+#undef HAVE_ASNPRINTF
+
+/* Define if you have the asprintf function.  */
+#undef HAVE_ASPRINTF
+
+/* Define if you have the atexit function.  */
+#undef HAVE_ATEXIT
+
+/* Define if you have the chown function.  */
+#undef HAVE_CHOWN
+
+/* Define if you have the chroot function.  */
+#undef HAVE_CHROOT
+
+/* Define if you have the crypt function.  */
+#undef HAVE_CRYPT
+
+/* Define if you have the daemon function.  */
+#undef HAVE_DAEMON
+
+/* Define if you have the dlopen function.  */
+#undef HAVE_DLOPEN
+
+/* Define if you have the dn_expand function.  */
+#undef HAVE_DN_EXPAND
+
+/* Define if you have the el_init function.  */
+#undef HAVE_EL_INIT
+
+/* Define if you have the err function.  */
+#undef HAVE_ERR
+
+/* Define if you have the errx function.  */
+#undef HAVE_ERRX
+
+/* Define if you have the fattach function.  */
+#undef HAVE_FATTACH
+
+/* Define if you have the fchmod function.  */
+#undef HAVE_FCHMOD
+
+/* Define if you have the fchown function.  */
+#undef HAVE_FCHOWN
+
+/* Define if you have the fcntl function.  */
+#undef HAVE_FCNTL
+
+/* Define if you have the flock function.  */
+#undef HAVE_FLOCK
+
+/* Define if you have the fnmatch function.  */
+#undef HAVE_FNMATCH
+
+/* Define if you have the forkpty function.  */
+#undef HAVE_FORKPTY
+
+/* Define if you have the frevoke function.  */
+#undef HAVE_FREVOKE
+
+/* Define if you have the getattr function.  */
+#undef HAVE_GETATTR
+
+/* Define if you have the getcwd function.  */
+#undef HAVE_GETCWD
+
+/* Define if you have the getdtablesize function.  */
+#undef HAVE_GETDTABLESIZE
+
+/* Define if you have the getegid function.  */
+#undef HAVE_GETEGID
+
+/* Define if you have the geteuid function.  */
+#undef HAVE_GETEUID
+
+/* Define if you have the getgid function.  */
+#undef HAVE_GETGID
+
+/* Define if you have the gethostbyname function.  */
+#define HAVE_GETHOSTBYNAME 1
+
+/* Define if you have the gethostname function.  */
+#define HAVE_GETHOSTNAME 1
+
+/* Define if you have the getlogin function.  */
+#undef HAVE_GETLOGIN
+
+/* Define if you have the getopt function.  */
+#undef HAVE_GETOPT
+
+/* Define if you have the getpagesize function.  */
+#undef HAVE_GETPAGESIZE
+
+/* Define if you have the getpriority function.  */
+#undef HAVE_GETPRIORITY
+
+/* Define if you have the getpwnam_r function.  */
+#undef HAVE_GETPWNAM_R
+
+/* Define if you have the getrlimit function.  */
+#undef HAVE_GETRLIMIT
+
+/* Define if you have the getservbyname function.  */
+#define HAVE_GETSERVBYNAME 1
+
+/* Define if you have the getsockopt function.  */
+#define HAVE_GETSOCKOPT 1
+
+/* Define if you have the getspnam function.  */
+#undef HAVE_GETSPNAM
+
+/* Define if you have the getspuid function.  */
+#undef HAVE_GETSPUID
+
+/* Define if you have the gettimeofday function.  */
+#undef HAVE_GETTIMEOFDAY
+
+/* Define if you have the gettosbyname function.  */
+#undef HAVE_GETTOSBYNAME
+
+/* Define if you have the getudbnam function.  */
+#undef HAVE_GETUDBNAM
+
+/* Define if you have the getuid function.  */
+#undef HAVE_GETUID
+
+/* Define if you have the getusershell function.  */
+#undef HAVE_GETUSERSHELL
+
+/* Define if you have the grantpt function.  */
+#undef HAVE_GRANTPT
+
+/* Define if you have the hstrerror function.  */
+#undef HAVE_HSTRERROR
+
+/* Define if you have the inet_aton function.  */
+#undef HAVE_INET_ATON
+
+/* Define if you have the initgroups function.  */
+#undef HAVE_INITGROUPS
+
+/* Define if you have the innetgr function.  */
+#undef HAVE_INNETGR
+
+/* Define if you have the iruserok function.  */
+#undef HAVE_IRUSEROK
+
+/* Define if you have the logout function.  */
+#undef HAVE_LOGOUT
+
+/* Define if you have the logwtmp function.  */
+#undef HAVE_LOGWTMP
+
+/* Define if you have the lstat function.  */
+#undef HAVE_LSTAT
+
+/* Define if you have the memmove function.  */
+#define HAVE_MEMMOVE 1
+
+/* Define if you have the mkstemp function.  */
+#undef HAVE_MKSTEMP
+
+/* Define if you have the mktime function.  */
+#define HAVE_MKTIME 1
+
+/* Define if you have the odm_initialize function.  */
+#undef HAVE_ODM_INITIALIZE
+
+/* Define if you have the on_exit function.  */
+#undef HAVE_ON_EXIT
+
+/* Define if you have the parsetos function.  */
+#undef HAVE_PARSETOS
+
+/* Define if you have the ptsname function.  */
+#undef HAVE_PTSNAME
+
+/* Define if you have the putenv function.  */
+#undef HAVE_PUTENV
+
+/* Define if you have the rand function.  */
+#define HAVE_RAND 1
+
+/* Define if you have the random function.  */
+#undef HAVE_RANDOM
+
+/* Define if you have the rcmd function.  */
+#undef HAVE_RCMD
+
+/* Define if you have the readline function.  */
+#undef HAVE_READLINE
+
+/* Define if you have the readv function.  */
+#undef HAVE_READV
+
+/* Define if you have the res_search function.  */
+#undef HAVE_RES_SEARCH
+
+/* Define if you have the revoke function.  */
+#undef HAVE_REVOKE
+
+/* Define if you have the setegid function.  */
+#undef HAVE_SETEGID
+
+/* Define if you have the setenv function.  */
+#undef HAVE_SETENV
+
+/* Define if you have the seteuid function.  */
+#undef HAVE_SETEUID
+
+/* Define if you have the setitimer function.  */
+#undef HAVE_SETITIMER
+
+/* Define if you have the setlim function.  */
+#undef HAVE_SETLIM
+
+/* Define if you have the setlogin function.  */
+#undef HAVE_SETLOGIN
+
+/* Define if you have the setpcred function.  */
+#undef HAVE_SETPCRED
+
+/* Define if you have the setpgid function.  */
+#undef HAVE_SETPGID
+
+/* Define if you have the setpriority function.  */
+#undef HAVE_SETPRIORITY
+
+/* Define if you have the setproctitle function.  */
+#undef HAVE_SETPROCTITLE
+
+/* Define if you have the setregid function.  */
+#undef HAVE_SETREGID
+
+/* Define if you have the setresgid function.  */
+#undef HAVE_SETRESGID
+
+/* Define if you have the setresuid function.  */
+#undef HAVE_SETRESUID
+
+/* Define if you have the setreuid function.  */
+#undef HAVE_SETREUID
+
+/* Define if you have the setsid function.  */
+#undef HAVE_SETSID
+
+/* Define if you have the setsockopt function.  */
+#define HAVE_SETSOCKOPT 1
+
+/* Define if you have the setutent function.  */
+#undef HAVE_SETUTENT
+
+/* Define if you have the sigaction function.  */
+#undef HAVE_SIGACTION
+
+/* Define if you have the socket function.  */
+#define HAVE_SOCKET 1
+
+/* Define if you have the strcasecmp function.  */
+#undef HAVE_STRCASECMP
+
+/* Define if you have the strdup function.  */
+#define HAVE_STRDUP 1
+
+/* Define if you have the strerror function.  */
+#undef HAVE_STRERROR
+
+/* Define if you have the strftime function.  */
+#define HAVE_STRFTIME 1
+
+/* Define if you have the strlwr function.  */
+#define HAVE_STRLWR 1
+
+/* Define if you have the strncasecmp function.  */
+#undef HAVE_STRNCASECMP
+
+/* Define if you have the strnlen function.  */
+#undef HAVE_STRNLEN
+
+/* Define if you have the strsep function.  */
+#undef HAVE_STRSEP
+
+/* Define if you have the strtok_r function.  */
+#undef HAVE_STRTOK_R
+
+/* Define if you have the strupr function.  */
+#define HAVE_STRUPR 1
+
+/* Define if you have the swab function.  */
+#define HAVE_SWAB 1
+
+/* Define if you have the sysconf function.  */
+#undef HAVE_SYSCONF
+
+/* Define if you have the sysctl function.  */
+#undef HAVE_SYSCTL
+
+/* Define if you have the syslog function.  */
+#undef HAVE_SYSLOG
+
+/* Define if you have the tgetent function.  */
+#undef HAVE_TGETENT
+
+/* Define if you have the ttyname function.  */
+#undef HAVE_TTYNAME
+
+/* Define if you have the ttyslot function.  */
+#undef HAVE_TTYSLOT
+
+/* Define if you have the ulimit function.  */
+#undef HAVE_ULIMIT
+
+/* Define if you have the uname function.  */
+#undef HAVE_UNAME
+
+/* Define if you have the unlockpt function.  */
+#undef HAVE_UNLOCKPT
+
+/* Define if you have the unsetenv function.  */
+#undef HAVE_UNSETENV
+
+/* Define if you have the vasnprintf function.  */
+#undef HAVE_VASNPRINTF
+
+/* Define if you have the vasprintf function.  */
+#undef HAVE_VASPRINTF
+
+/* Define if you have the verr function.  */
+#undef HAVE_VERR
+
+/* Define if you have the verrx function.  */
+#undef HAVE_VERRX
+
+/* Define if you have the vhangup function.  */
+#undef HAVE_VHANGUP
+
+/* Define if you have the vsnprintf function.  */
+#undef HAVE_VSNPRINTF
+
+/* Define if you have the vsyslog function.  */
+#undef HAVE_VSYSLOG
+
+/* Define if you have the vwarn function.  */
+#undef HAVE_VWARN
+
+/* Define if you have the vwarnx function.  */
+#undef HAVE_VWARNX
+
+/* Define if you have the warn function.  */
+#undef HAVE_WARN
+
+/* Define if you have the warnx function.  */
+#undef HAVE_WARNX
+
+/* Define if you have the writev function.  */
+#undef HAVE_WRITEV
+
+/* Define if you have the XauReadAuth function.  */
+#undef HAVE_XAUREADAUTH
+
+/* Define if you have the XauWriteAuth function.  */
+#undef HAVE_XAUWRITEAUTH
+
+/* Define if you have the yp_get_default_domain function.  */
+#undef HAVE_YP_GET_DEFAULT_DOMAIN
+
+/* Define if you have the <arpa/ftp.h> header file.  */
+#undef HAVE_ARPA_FTP_H
+
+/* Define if you have the <arpa/inet.h> header file.  */
+#undef HAVE_ARPA_INET_H
+
+/* Define if you have the <arpa/nameser.h> header file.  */
+#undef HAVE_ARPA_NAMESER_H
+
+/* Define if you have the <arpa/telnet.h> header file.  */
+#undef HAVE_ARPA_TELNET_H
+
+/* Define if you have the <bsd/bsd.h> header file.  */
+#undef HAVE_BSD_BSD_H
+
+/* Define if you have the <bsdsetjmp.h> header file.  */
+#undef HAVE_BSDSETJMP_H
+
+/* Define if you have the <crypt.h> header file.  */
+#undef HAVE_CRYPT_H
+
+/* Define if you have the <curses.h> header file.  */
+#undef HAVE_CURSES_H
+
+/* Define if you have the <dbm.h> header file.  */
+#undef HAVE_DBM_H
+
+/* Define if you have the <dirent.h> header file.  */
+#undef HAVE_DIRENT_H
+
+/* Define if you have the <err.h> header file.  */
+#undef HAVE_ERR_H
+
+/* Define if you have the <errno.h> header file.  */
+#undef HAVE_ERRNO_H
+
+/* Define if you have the <fcntl.h> header file.  */
+#define HAVE_FCNTL_H 1
+
+/* Define if you have the <fnmatch.h> header file.  */
+#undef HAVE_FNMATCH_H
+
+/* Define if you have the <grp.h> header file.  */
+#undef HAVE_GRP_H
+
+/* Define if you have the <inttypes.h> header file.  */
+#undef HAVE_INTTYPES_H
+
+/* Define if you have the <io.h> header file.  */
+#define HAVE_IO_H 1
+
+/* Define if you have the <lastlog.h> header file.  */
+#undef HAVE_LASTLOG_H
+
+/* Define if you have the <libutil.h> header file.  */
+#undef HAVE_LIBUTIL_H
+
+/* Define if you have the <limits.h> header file.  */
+#undef HAVE_LIMITS_H
+
+/* Define if you have the <login.h> header file.  */
+#undef HAVE_LOGIN_H
+
+/* Define if you have the <maillock.h> header file.  */
+#undef HAVE_MAILLOCK_H
+
+/* Define if you have the <ndbm.h> header file.  */
+#undef HAVE_NDBM_H
+
+/* Define if you have the <net/if.h> header file.  */
+#undef HAVE_NET_IF_H
+
+/* Define if you have the <net/if_tun.h> header file.  */
+#undef HAVE_NET_IF_TUN_H
+
+/* Define if you have the <net/if_var.h> header file.  */
+#undef HAVE_NET_IF_VAR_H
+
+/* Define if you have the <netdb.h> header file.  */
+#undef HAVE_NETDB_H
+
+/* Define if you have the <netinet/in.h> header file.  */
+#undef HAVE_NETINET_IN_H
+
+/* Define if you have the <netinet/in6_machtypes.h> header file.  */
+#undef HAVE_NETINET_IN6_MACHTYPES_H
+
+/* Define if you have the <netinet/in_systm.h> header file.  */
+#undef HAVE_NETINET_IN_SYSTM_H
+
+/* Define if you have the <netinet/ip.h> header file.  */
+#undef HAVE_NETINET_IP_H
+
+/* Define if you have the <netinet/tcp.h> header file.  */
+#undef HAVE_NETINET_TCP_H
+
+/* Define if you have the <paths.h> header file.  */
+#undef HAVE_PATHS_H
+
+/* Define if you have the <pty.h> header file.  */
+#undef HAVE_PTY_H
+
+/* Define if you have the <pwd.h> header file.  */
+#undef HAVE_PWD_H
+
+/* Define if you have the <resolv.h> header file.  */
+#undef HAVE_RESOLV_H
+
+/* Define if you have the <rpcsvc/dbm.h> header file.  */
+#undef HAVE_RPCSVC_DBM_H
+
+/* Define if you have the <rpcsvc/ypclnt.h> header file.  */
+#undef HAVE_RPCSVC_YPCLNT_H
+
+/* Define if you have the <sac.h> header file.  */
+#undef HAVE_SAC_H
+
+/* Define if you have the <security/pam_modules.h> header file.  */
+#undef HAVE_SECURITY_PAM_MODULES_H
+
+/* Define if you have the <shadow.h> header file.  */
+#undef HAVE_SHADOW_H
+
+/* Define if you have the <siad.h> header file.  */
+#undef HAVE_SIAD_H
+
+/* Define if you have the <signal.h> header file.  */
+#define HAVE_SIGNAL_H 1
+
+/* Define if you have the <stropts.h> header file.  */
+#undef HAVE_STROPTS_H
+
+/* Define if you have the <sys/bitypes.h> header file.  */
+#undef HAVE_SYS_BITYPES_H
+
+/* Define if you have the <sys/category.h> header file.  */
+#undef HAVE_SYS_CATEGORY_H
+
+/* Define if you have the <sys/file.h> header file.  */
+#undef HAVE_SYS_FILE_H
+
+/* Define if you have the <sys/filio.h> header file.  */
+#undef HAVE_SYS_FILIO_H
+
+/* Define if you have the <sys/ioccom.h> header file.  */
+#undef HAVE_SYS_IOCCOM_H
+
+/* Define if you have the <sys/ioctl.h> header file.  */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define if you have the <sys/locking.h> header file.  */
+#define HAVE_SYS_LOCKING_H 1
+
+/* Define if you have the <sys/mman.h> header file.  */
+#undef HAVE_SYS_MMAN_H
+
+/* Define if you have the <sys/param.h> header file.  */
+#undef HAVE_SYS_PARAM_H
+
+/* Define if you have the <sys/proc.h> header file.  */
+#undef HAVE_SYS_PROC_H
+
+/* Define if you have the <sys/pty.h> header file.  */
+#undef HAVE_SYS_PTY_H
+
+/* Define if you have the <sys/ptyio.h> header file.  */
+#undef HAVE_SYS_PTYIO_H
+
+/* Define if you have the <sys/ptyvar.h> header file.  */
+#undef HAVE_SYS_PTYVAR_H
+
+/* Define if you have the <sys/resource.h> header file.  */
+#undef HAVE_SYS_RESOURCE_H
+
+/* Define if you have the <sys/select.h> header file.  */
+#undef HAVE_SYS_SELECT_H
+
+/* Define if you have the <sys/socket.h> header file.  */
+#undef HAVE_SYS_SOCKET_H
+
+/* Define if you have the <sys/sockio.h> header file.  */
+#undef HAVE_SYS_SOCKIO_H
+
+/* Define if you have the <sys/stat.h> header file.  */
+#define HAVE_SYS_STAT_H 1
+
+/* Define if you have the <sys/str_tty.h> header file.  */
+#undef HAVE_SYS_STR_TTY_H
+
+/* Define if you have the <sys/stream.h> header file.  */
+#undef HAVE_SYS_STREAM_H
+
+/* Define if you have the <sys/stropts.h> header file.  */
+#undef HAVE_SYS_STROPTS_H
+
+/* Define if you have the <sys/strtty.h> header file.  */
+#undef HAVE_SYS_STRTTY_H
+
+/* Define if you have the <sys/syscall.h> header file.  */
+#undef HAVE_SYS_SYSCALL_H
+
+/* Define if you have the <sys/sysctl.h> header file.  */
+#undef HAVE_SYS_SYSCTL_H
+
+/* Define if you have the <sys/termio.h> header file.  */
+#undef HAVE_SYS_TERMIO_H
+
+/* Define if you have the <sys/time.h> header file.  */
+#undef HAVE_SYS_TIME_H
+
+/* Define if you have the <sys/timeb.h> header file.  */
+#define HAVE_SYS_TIMEB_H 1
+
+/* Define if you have the <sys/times.h> header file.  */
+#undef HAVE_SYS_TIMES_H
+
+/* Define if you have the <sys/tty.h> header file.  */
+#undef HAVE_SYS_TTY_H
+
+/* Define if you have the <sys/types.h> header file.  */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define if you have the <sys/uio.h> header file.  */
+#undef HAVE_SYS_UIO_H
+
+/* Define if you have the <sys/un.h> header file.  */
+#undef HAVE_SYS_UN_H
+
+/* Define if you have the <sys/utsname.h> header file.  */
+#undef HAVE_SYS_UTSNAME_H
+
+/* Define if you have the <sys/wait.h> header file.  */
+#undef HAVE_SYS_WAIT_H
+
+/* Define if you have the <syslog.h> header file.  */
+#undef HAVE_SYSLOG_H
+
+/* Define if you have the <term.h> header file.  */
+#undef HAVE_TERM_H
+
+/* Define if you have the <termcap.h> header file.  */
+#undef HAVE_TERMCAP_H
+
+/* Define if you have the <termio.h> header file.  */
+#undef HAVE_TERMIO_H
+
+/* Define if you have the <termios.h> header file.  */
+#undef HAVE_TERMIOS_H
+
+/* Define if you have the <tmpdir.h> header file.  */
+#undef HAVE_TMPDIR_H
+
+/* Define if you have the <ttyent.h> header file.  */
+#undef HAVE_TTYENT_H
+
+/* Define if you have the <udb.h> header file.  */
+#undef HAVE_UDB_H
+
+/* Define if you have the <ulimit.h> header file.  */
+#undef HAVE_ULIMIT_H
+
+/* Define if you have the <unistd.h> header file.  */
+#undef HAVE_UNISTD_H
+
+/* Define if you have the <userpw.h> header file.  */
+#undef HAVE_USERPW_H
+
+/* Define if you have the <usersec.h> header file.  */
+#undef HAVE_USERSEC_H
+
+/* Define if you have the <util.h> header file.  */
+#undef HAVE_UTIL_H
+
+/* Define if you have the <utime.h> header file.  */
+#undef HAVE_UTIME_H
+
+/* Define if you have the <utmp.h> header file.  */
+#undef HAVE_UTMP_H
+
+/* Define if you have the <utmpx.h> header file.  */
+#undef HAVE_UTMPX_H
+
+/* Define if you have the <wait.h> header file.  */
+#undef HAVE_WAIT_H
+
+/* Define if you have the c_r library (-lc_r).  */
+#undef HAVE_LIBC_R
+
+/* Define if you have the cfg library (-lcfg).  */
+#undef HAVE_LIBCFG
+
+/* Define if you have the crypt library (-lcrypt).  */
+#undef HAVE_LIBCRYPT
+
+/* Define if you have the curses library (-lcurses).  */
+#undef HAVE_LIBCURSES
+
+/* Define if you have the dl library (-ldl).  */
+#undef HAVE_LIBDL
+
+/* Define if you have the edit library (-ledit).  */
+#undef HAVE_LIBEDIT
+
+/* Define if you have the ncurses library (-lncurses).  */
+#undef HAVE_LIBNCURSES
+
+/* Define if you have the nsl library (-lnsl).  */
+#undef HAVE_LIBNSL
+
+/* Define if you have the odm library (-lodm).  */
+#undef HAVE_LIBODM
+
+/* Define if you have the readline library (-lreadline).  */
+#undef HAVE_LIBREADLINE
+
+/* Define if you have the resolv library (-lresolv).  */
+#undef HAVE_LIBRESOLV
+
+/* Define if you have the s library (-ls).  */
+#undef HAVE_LIBS
+
+/* Define if you have the socket library (-lsocket).  */
+#undef HAVE_LIBSOCKET
+
+/* Define if you have the syslog library (-lsyslog).  */
+#undef HAVE_LIBSYSLOG
+
+/* Define if you have the termcap library (-ltermcap).  */
+#undef HAVE_LIBTERMCAP
+
+/* Define if you have the util library (-lutil).  */
+#undef HAVE_LIBUTIL
+
+/* Define if you have the X11 library (-lX11).  */
+#undef HAVE_LIBX11
+
+/* Define if you have the Xau library (-lXau).  */
+#undef HAVE_LIBXAU
+
+/* Name of package */
+#undef PACKAGE
+
+/* Version number of package */
+#undef VERSION
+
+/* Define if you have the socks package */
+#undef SOCKS
+
+/* Define to enable old kdestroy behavior. */
+#undef LEGACY_KDESTROY
+
+/* Define if you want to match subdomains. */
+#undef MATCH_SUBDOMAINS
+
+/* Define this to be the directory where the 
+	dictionary for cracklib resides. */
+#undef DICTPATH
+
+/* Define this to the path of the mail spool directory. */
+#undef KRB4_MAILDIR
+
+/* Define this to the kerberos database directory. */
+#undef DB_DIR
+
+/* Define to enable new master key code. */
+#undef RANDOM_MKEY
+
+/* Define this to the location of the master key. */
+#undef MKEYFILE
+
+/* Define to enable basic OSF C2 support. */
+#undef HAVE_OSFC2
+
+/* Define if you don't want to use mmap. */
+#undef NO_MMAP
+
+/* Define if you don't wan't support for AFS. */
+#undef NO_AFS
+
+/* Set this to the type of des-quad-cheksum to use. */
+#define DES_QUAD_DEFAULT DES_QUAD_GUESS
+
+/* Define if you have the readline package */
+#undef READLINE
+
+/* Define if you have the hesiod package */
+#undef HESIOD
+
+/* define if your compiler has __attribute__ */
+#undef HAVE___ATTRIBUTE__
+
+/* Huh? */
+#undef HAVE_STRANGE_INT8_T
+
+/* Define if NDBM really is DB (creates files ending in .db). */
+#undef HAVE_NEW_DB
+
+/* Define if you have NDBM (and not DBM) */
+#undef NDBM
+
+/* define if you have a working snprintf */
+#undef HAVE_SNPRINTF
+
+/* define if the system is missing a prototype for snprintf() */
+#undef NEED_SNPRINTF_PROTO
+
+/* define if you have a glob() that groks 
+	GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE */
+#undef HAVE_GLOB
+
+/* define if the system is missing a prototype for glob() */
+#undef NEED_GLOB_PROTO
+
+/* Define if getpwnam_r has POSIX flavour. */
+#undef POSIX_GETPWNAM_R
+
+/* Define if getlogin has POSIX flavour (and not BSD). */
+#undef POSIX_GETLOGIN
+
+/* define if the system is missing a prototype for hstrerror() */
+#undef NEED_HSTRERROR_PROTO
+
+/* define if the system is missing a prototype for gethostname() */
+#undef NEED_GETHOSTNAME_PROTO
+
+/* define if the system is missing a prototype for mkstemp() */
+#undef NEED_MKSTEMP_PROTO
+
+/* define if the system is missing a prototype for inet_aton() */
+#undef NEED_INET_ATON_PROTO
+
+/* Define if realloc(NULL, X) doesn't work. */
+#undef BROKEN_REALLOC
+
+/* Define if getcwd is broken (like in SunOS 4). */
+#undef BROKEN_GETCWD
+
+/* define if prototype of gethostbyname is compatible with
+	struct hostent *gethostbyname(const char *) */
+#undef GETHOSTBYNAME_PROTO_COMPATIBLE
+
+/* define if prototype of gethostbyaddr is compatible with
+	struct hostent *gethostbyaddr(const void *, size_t, int) */
+#undef GETHOSTBYADDR_PROTO_COMPATIBLE
+
+/* define if prototype of getservbyname is compatible with
+	struct servent *getservbyname(const char *, const char *) */
+#undef GETSERVBYNAME_PROTO_COMPATIBLE
+
+/* define if prototype of openlog is compatible with
+	void openlog(const char *, int, int) */
+#undef OPENLOG_PROTO_COMPATIBLE
+
+/* define if the system is missing a prototype for crypt() */
+#undef NEED_CRYPT_PROTO
+
+/* define if the system is missing a prototype for fclose() */
+#undef NEED_FCLOSE_PROTO
+
+/* define if the system is missing a prototype for strtok_r() */
+#undef NEED_STRTOK_R_PROTO
+
+/* define if the system is missing a prototype for getusershell() */
+#undef NEED_GETUSERSHELL_PROTO
+
+/* define if the system is missing a prototype for utime() */
+#undef NEED_UTIME_PROTO
+
+/* define if you have h_errno */
+#define HAVE_H_ERRNO 1
+
+/* define if your system declares h_errno */
+#define HAVE_H_ERRNO_DECLARATION 1
+
+/* define if you have h_errlist */
+#undef HAVE_H_ERRLIST
+
+/* define if your system declares h_errlist */
+#undef HAVE_H_ERRLIST_DECLARATION
+
+/* define if you have h_nerr */
+#undef HAVE_H_NERR
+
+/* define if your system declares h_nerr */
+#undef HAVE_H_NERR_DECLARATION
+
+/* define if you have __progname */
+#undef HAVE___PROGNAME
+
+/* define if your system declares __progname */
+#undef HAVE___PROGNAME_DECLARATION
+
+/* define if your system declares optarg */
+#undef HAVE_OPTARG_DECLARATION
+
+/* define if your system declares optind */
+#undef HAVE_OPTIND_DECLARATION
+
+/* define if your system declares opterr */
+#undef HAVE_OPTERR_DECLARATION
+
+/* define if your system declares optopt */
+#undef HAVE_OPTOPT_DECLARATION
+
+/* define if your system declares environ */
+#undef HAVE_ENVIRON_DECLARATION
+
+/* Define if RETSIGTYPE == void. */
+#define VOID_RETSIGTYPE 1
+
+/* Define if struct utmp has field ut_addr. */
+#undef HAVE_STRUCT_UTMP_UT_ADDR
+
+/* Define if struct utmp has field ut_host. */
+#undef HAVE_STRUCT_UTMP_UT_HOST
+
+/* Define if struct utmp has field ut_id. */
+#undef HAVE_STRUCT_UTMP_UT_ID
+
+/* Define if struct utmp has field ut_pid. */
+#undef HAVE_STRUCT_UTMP_UT_PID
+
+/* Define if struct utmp has field ut_type. */
+#undef HAVE_STRUCT_UTMP_UT_TYPE
+
+/* Define if struct utmp has field ut_user. */
+#undef HAVE_STRUCT_UTMP_UT_USER
+
+/* Define if struct utmpx has field ut_exit. */
+#undef HAVE_STRUCT_UTMPX_UT_EXIT
+
+/* Define if struct utmpx has field ut_syslen. */
+#undef HAVE_STRUCT_UTMPX_UT_SYSLEN
+
+/* define if you have struct spwd */
+#undef HAVE_STRUCT_SPWD
+
+/* define if struct winsize is declared in sys/termios.h */
+#undef HAVE_STRUCT_WINSIZE
+
+/* define if struct winsize has ws_xpixel */
+#undef HAVE_WS_XPIXEL
+
+/* define if struct winsize has ws_ypixel */
+#undef HAVE_WS_YPIXEL
+
+/* Define this to what the type ssize_t should be. */
+#define ssize_t int
+
+/* Define if struct sockaddr has field sa_len. */
+#undef HAVE_STRUCT_SOCKADDR_SA_LEN
+
+/* Define if SIAENTITY has field ouid. */
+#undef HAVE_SIAENTITY_OUID
+
+/* Define if you have a working getmsg. */
+#undef HAVE_GETMSG
+
+/* Define if you have a readline function. */
+#undef HAVE_READLINE
+
+/* Define if you have working stream ptys. */
+#undef STREAMSPTY
+
+/* Define if /bin/ls has a `-A' flag. */
+#undef HAVE_LS_A
+
+
+#undef HAVE_INT8_T
+#undef HAVE_INT16_T
+#undef HAVE_INT32_T
+#undef HAVE_INT64_T
+#undef HAVE_U_INT8_T
+#undef HAVE_U_INT16_T
+#undef HAVE_U_INT32_T
+#undef HAVE_U_INT64_T
+
+/* This for compat with heimdal (or something) */
+#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s))
+
+#define RCSID(msg) \
+static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
+
+/*
+ * Set ORGANIZATION to be the desired organization string printed
+ * by the 'kinit' program.  It may have spaces.
+ */
+#define ORGANIZATION "eBones International"
+
+#if 0
+#undef BINDIR 
+#undef LIBDIR
+#undef LIBEXECDIR
+#undef SBINDIR
+#endif
+
+#if 0
+#define KRB_CNF_FILES	{ "/etc/krb.conf",   "/etc/kerberosIV/krb.conf", 0}
+#define KRB_RLM_FILES	{ "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0}
+#define KRB_EQUIV	"/etc/krb.equiv"
+
+#define KEYFILE		"/etc/srvtab"
+
+#define KRBDIR		"/var/kerberos"
+#define DBM_FILE	KRBDIR "/principal"
+#define DEFAULT_ACL_DIR	KRBDIR
+
+#define KRBLOG		"/var/log/kerberos.log"	/* master server  */
+#define KRBSLAVELOG	"/var/log/kerberos_slave.log" /* slave server  */
+#define KADM_SYSLOG	"/var/log/admin_server.syslog"
+#define K_LOGFIL	"/var/log/kpropd.log"
+#endif
+
+/* Maximum values on all known systems */
+#define MaxHostNameLen (64+4)
+#define MaxPathLen (1024+4)
+
+/* ftp stuff -------------------------------------------------- */
+
+#define KERBEROS
+
+/* telnet stuff ----------------------------------------------- */
+
+/* define this for OTP support */
+#undef OTP
+
+/* define this if you have kerberos 4 */
+#define KRB4 1
+
+/* define this if you want encryption */
+#undef ENCRYPTION
+
+/* define this if you want authentication */
+#undef AUTHENTICATION
+
+#if defined(ENCRYPTION) && !defined(AUTHENTICATION)
+#define AUTHENTICATION 1
+#endif
+
+/* Set this if you want des encryption */
+#undef DES_ENCRYPTION
+
+/* Set this to the default system lead string for telnetd 
+ * can contain %-escapes: %s=sysname, %m=machine, %r=os-release
+ * %v=os-version, %t=tty, %h=hostname, %d=date and time
+ */
+#undef USE_IM
+
+/* define this if you want diagnostics in telnetd */
+#undef DIAGNOSTICS
+
+/* define this if you want support for broken ENV_{VALUE,VAR} systems  */
+#undef ENV_HACK
+
+/*  */
+#undef OLD_ENVIRON
+
+/* Used with login -p */
+#undef LOGIN_ARGS
+
+/* set this to a sensible login */
+#ifndef LOGIN_PATH
+#define LOGIN_PATH BINDIR "/login"
+#endif
+
+
+/* ------------------------------------------------------------ */
+
+#ifdef BROKEN_REALLOC
+#define realloc(X, Y) isoc_realloc((X), (Y))
+#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y))
+#endif
+
+#ifdef VOID_RETSIGTYPE
+#define SIGRETURN(x) return
+#else
+#define SIGRETURN(x) return (RETSIGTYPE)(x)
+#endif
+
+/* Temporary fixes for krb_{rd,mk}_safe */
+#define DES_QUAD_GUESS 0
+#define DES_QUAD_NEW 1
+#define DES_QUAD_OLD 2
+
+/*
+ * All these are system-specific defines that I would rather not have at all.
+ */
+
+/*
+ * AIX braindamage!
+ */
+#if _AIX
+#define _ALL_SOURCE
+/* XXX this is gross, but kills about a gazillion warnings */
+struct ether_addr;
+struct sockaddr;
+struct sockaddr_dl;
+struct sockaddr_in;
+#endif
+
+/*
+ * SunOS braindamage! (Sun include files are generally braindead)
+ */
+#if (defined(sun) || defined(__sun))
+#if defined(__svr4__) || defined(__SVR4)
+#define SunOS 5
+#else
+#define SunOS 4
+#endif
+#endif
+
+#if defined(__sgi) || defined(sgi)
+#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4)
+#define IRIX 5
+#else
+#define IRIX 4
+#endif
+#endif
+
+/* IRIX 4 braindamage */
+#if IRIX == 4 && !defined(__STDC__)
+#define __STDC__ 0
+#endif
+
+/* some strange OS/2 stuff.  From <d96-mst@nada.kth.se> */
+
+#ifdef __EMX__
+#define _EMX_TCPIP
+#define MAIL_USE_SYSTEM_LOCK
+#endif
+
+#ifdef ROKEN_RENAME
+#include "roken_rename.h"
+#endif
diff --git a/crypto/kerberosIV/include/win32/ktypes.h b/crypto/kerberosIV/include/win32/ktypes.h
new file mode 100644
index 0000000..3d4af11
--- /dev/null
+++ b/crypto/kerberosIV/include/win32/ktypes.h
@@ -0,0 +1,11 @@
+#ifndef __KTYPES_H__
+#define __KTYPES_H__
+
+typedef signed char int8_t;
+typedef unsigned char u_int8_t;
+typedef short int16_t;
+typedef unsigned short u_int16_t;
+typedef int int32_t;
+typedef unsigned int u_int32_t;
+
+#endif /*  __KTYPES_H__ */
diff --git a/crypto/kerberosIV/include/win32/roken.h b/crypto/kerberosIV/include/win32/roken.h
new file mode 100644
index 0000000..9a3117f
--- /dev/null
+++ b/crypto/kerberosIV/include/win32/roken.h
@@ -0,0 +1,214 @@
+/* This is (as usual) a generated file,
+   it is also machine dependent */
+
+#ifndef __ROKEN_H__
+#define __ROKEN_H__
+
+/* -*- C -*- */
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: roken.h,v 1.8 1999/12/02 16:58:36 joda Exp $ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <signal.h>
+#include <time.h>
+
+
+
+#define ROKEN_LIB_FUNCTION
+
+#include <roken-common.h>
+
+
+int putenv(const char *string);
+
+int setenv(const char *var, const char *val, int rewrite);
+
+void unsetenv(const char *name);
+
+char *getusershell(void);
+void endusershell(void);
+
+int snprintf (char *str, size_t sz, const char *format, ...)
+     __attribute__ ((format (printf, 3, 4)));
+
+int vsnprintf (char *str, size_t sz, const char *format, va_list ap)
+     __attribute__((format (printf, 3, 0)));
+
+int asprintf (char **ret, const char *format, ...)
+     __attribute__ ((format (printf, 2, 3)));
+
+int vasprintf (char **ret, const char *format, va_list ap)
+     __attribute__((format (printf, 2, 0)));
+
+int asnprintf (char **ret, size_t max_sz, const char *format, ...)
+     __attribute__ ((format (printf, 3, 4)));
+
+int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap)
+     __attribute__((format (printf, 3, 0)));
+
+char * strdup(const char *old);
+
+char * strlwr(char *);
+
+int strnlen(char*, int);
+
+char *strsep(char**, const char*);
+
+int strcasecmp(const char *s1, const char *s2);
+
+
+
+char * strupr(char *);
+
+size_t strlcpy (char *dst, const char *src, size_t dst_sz);
+
+size_t strlcat (char *dst, const char *src, size_t dst_sz);
+
+int getdtablesize(void);
+
+char *strerror(int eno);
+
+/* This causes a fatal error under Psoriasis */
+const char *hstrerror(int herr);
+
+extern int h_errno;
+
+int inet_aton(const char *cp, struct in_addr *adr);
+
+char* getcwd(char *path, size_t size);
+
+
+int seteuid(uid_t euid);
+
+int setegid(gid_t egid);
+
+int lstat(const char *path, struct stat *buf);
+
+int mkstemp(char *);
+
+int initgroups(const char *name, gid_t basegid);
+
+int fchown(int fd, uid_t owner, gid_t group);
+
+int daemon(int nochdir, int noclose);
+
+int innetgr(const char *netgroup, const char *machine, 
+	    const char *user, const char *domain);
+
+int chown(const char *path, uid_t owner, gid_t group);
+
+int rcmd(char **ahost, unsigned short inport, const char *locuser,
+	 const char *remuser, const char *cmd, int *fd2p);
+
+int innetgr(const char*, const char*, const char*, const char*);
+
+int iruserok(unsigned raddr, int superuser, const char *ruser,
+	     const char *luser);
+
+int gethostname(char *name, int namelen);
+
+ssize_t
+writev(int d, const struct iovec *iov, int iovcnt);
+
+ssize_t
+readv(int d, const struct iovec *iov, int iovcnt);
+
+int
+mkstemp(char *template);
+
+#define LOCK_SH   1		/* Shared lock */
+#define LOCK_EX   2		/* Exclusive lock */
+#define LOCK_NB   4		/* Don't block when locking */
+#define LOCK_UN   8		/* Unlock */
+
+int flock(int fd, int operation);
+
+time_t tm2time (struct tm tm, int local);
+
+int unix_verify_user(char *user, char *password);
+
+void inaddr2str(struct in_addr addr, char *s, size_t len);
+
+void mini_inetd (int port);
+
+int roken_concat (char *s, size_t len, ...);
+
+size_t roken_mconcat (char **s, size_t max_len, ...);
+
+int roken_vconcat (char *s, size_t len, va_list args);
+
+size_t roken_vmconcat (char **s, size_t max_len, va_list args);
+
+ssize_t net_write (int fd, const void *buf, size_t nbytes);
+
+ssize_t net_read (int fd, void *buf, size_t nbytes);
+
+int issuid(void);
+
+struct winsize {
+	unsigned short ws_row, ws_col;
+	unsigned short ws_xpixel, ws_ypixel;
+};
+
+int get_window_size(int fd, struct winsize *);
+
+void vsyslog(int pri, const char *fmt, va_list ap);
+
+extern char *optarg;
+extern int optind;
+extern int opterr;
+
+extern const char *__progname;
+
+extern char **environ;
+
+/*
+ * kludges and such
+ */
+
+int roken_gethostby_setup(const char*, const char*);
+struct hostent* roken_gethostbyname(const char*);
+struct hostent* roken_gethostbyaddr(const void*, size_t, int);
+
+#define roken_getservbyname(x,y) getservbyname((char *)x, (char *)y)
+
+#define roken_openlog(a,b,c) openlog((char *)a,b,c)
+
+void set_progname(char *argv0);
+
+#endif /* __ROKEN_H__ */
diff --git a/crypto/kerberosIV/include/win32/version.h b/crypto/kerberosIV/include/win32/version.h
new file mode 100644
index 0000000..07fe2eb
--- /dev/null
+++ b/crypto/kerberosIV/include/win32/version.h
@@ -0,0 +1,2 @@
+char *krb4_long_version = "krb4-0.9.7 on Windows NT";
+char *krb4_version = "0.9.7";
diff --git a/crypto/kerberosIV/include/win32/winconf.sh b/crypto/kerberosIV/include/win32/winconf.sh
new file mode 100644
index 0000000..a7d5f28
--- /dev/null
+++ b/crypto/kerberosIV/include/win32/winconf.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+# $Id: winconf.sh,v 1.1 1997/11/09 14:35:15 joda Exp $
+
+cat ../config.h.in | sed '
+s%#undef gid_t$%#define gid_t int%
+s%#undef STDC_HEADERS$%#define STDC_HEADERS 1%
+s%#undef uid_t$%#define uid_t int%
+s%#undef ssize_t$%#define ssize_t int%
+s%#undef VOID_RETSIGTYPE$%#define VOID_RETSIGTYPE 1%
+s%#undef HAVE_H_ERRNO$%#define HAVE_H_ERRNO 1%
+s%#undef HAVE_H_ERRNO_DECLARATION$%#define HAVE_H_ERRNO_DECLARATION 1%
+s%#undef HAVE__STRICMP$%#define HAVE__STRICMP 1%
+s%#undef HAVE_GETHOSTBYNAME$%#define HAVE_GETHOSTBYNAME 1%
+s%#undef HAVE_GETHOSTNAME$%#define HAVE_GETHOSTNAME 1%
+s%#undef HAVE_GETSERVBYNAME$%#define HAVE_GETSERVBYNAME 1%
+s%#undef HAVE_GETSOCKOPT$%#define HAVE_GETSOCKOPT 1%
+s%#undef HAVE_MEMMOVE$%#define HAVE_MEMMOVE 1%
+s%#undef HAVE_MKTIME$%#define HAVE_MKTIME 1%
+s%#undef HAVE_RAND$%#define HAVE_RAND 1%
+s%#undef HAVE_SETSOCKOPT$%#define HAVE_SETSOCKOPT 1%
+s%#undef HAVE_SOCKET$%#define HAVE_SOCKET 1%
+s%#undef HAVE_STRDUP$%#define HAVE_STRDUP 1%
+s%#undef HAVE_STRFTIME$%#define HAVE_STRFTIME 1%
+s%#undef HAVE_STRLWR$%#define HAVE_STRLWR 1%
+s%#undef HAVE_STRUPR$%#define HAVE_STRUPR 1%
+s%#undef HAVE_SWAB$%#define HAVE_SWAB 1%
+s%#undef HAVE_FCNTL_H$%#define HAVE_FCNTL_H 1%
+s%#undef HAVE_IO_H$%#define HAVE_IO_H 1%
+s%#undef HAVE_SIGNAL_H$%#define HAVE_SIGNAL_H 1%
+s%#undef HAVE_SYS_LOCKING_H$%#define HAVE_SYS_LOCKING_H 1%
+s%#undef HAVE_SYS_STAT_H$%#define HAVE_SYS_STAT_H 1%
+s%#undef HAVE_SYS_TIMEB_H$%#define HAVE_SYS_TIMEB_H 1%
+s%#undef HAVE_SYS_TYPES_H$%#define HAVE_SYS_TYPES_H 1%
+s%#undef HAVE_WINSOCK_H$%#define HAVE_WINSOCK_H 1%
+s%#undef KRB4$%#define KRB4 1%
+s%#undef DES_QUAD_DEFAULT$%#define DES_QUAD_DEFAULT DES_QUAD_GUESS%' > config.h
diff --git a/crypto/kerberosIV/kadmin/admin_server.c b/crypto/kerberosIV/kadmin/admin_server.c
index 6421ac6..c1f2a8e 100644
--- a/crypto/kerberosIV/kadmin/admin_server.c
+++ b/crypto/kerberosIV/kadmin/admin_server.c
@@ -30,7 +30,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
 
-RCSID("$Id: admin_server.c,v 1.47 1999/07/07 12:41:07 assar Exp $");
+RCSID("$Id: admin_server.c,v 1.49 1999/11/13 06:32:19 assar Exp $");
 
 /* Almost all procs and such need this, so it is global */
 admin_params prm;		/* The command line parameters struct */
@@ -388,7 +388,7 @@ main(int argc, char **argv)		/* admin_server main routine */
 
     memset(krbrlm, 0, sizeof(krbrlm));
 
-    while ((c = getopt(argc, argv, "f:hmnd:a:r:i:")) != EOF)
+    while ((c = getopt(argc, argv, "f:hmnd:a:r:i:")) != -1)
 	switch(c) {
 	case 'f':			/* Syslog file name change */
 	    prm.sysfile = optarg;
@@ -409,7 +409,7 @@ main(int argc, char **argv)		/* admin_server main routine */
 		      optarg, error_message(errval));
 	    break;
 	case 'r':
-	    strcpy_truncate (krbrlm, optarg, sizeof(krbrlm));
+	    strlcpy (krbrlm, optarg, sizeof(krbrlm));
 	    break;
 	case 'i':
 	    /* Only listen on this address */
diff --git a/crypto/kerberosIV/kadmin/kadm_funcs.c b/crypto/kerberosIV/kadmin/kadm_funcs.c
index 378d0d7..8ae8a41 100644
--- a/crypto/kerberosIV/kadmin/kadm_funcs.c
+++ b/crypto/kerberosIV/kadmin/kadm_funcs.c
@@ -30,7 +30,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
 
-RCSID("$Id: kadm_funcs.c,v 1.17 1998/06/09 19:24:53 joda Exp $");
+RCSID("$Id: kadm_funcs.c,v 1.18 1999/09/16 20:41:40 assar Exp $");
 
 static int
 check_access(char *pname, char *pinst, char *prealm, enum acl_types acltype)
@@ -94,10 +94,10 @@ kadm_add_entry (char *rname, char *rinstance, char *rrealm,
   
     char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
 
-    strcpy_truncate(admin,
+    strlcpy(admin,
 		    krb_unparse_name_long(rname, rinstance, rrealm),
 		    sizeof(admin));
-    strcpy_truncate(victim,
+    strlcpy(victim,
 		    krb_unparse_name_long(valsin->name,
 					  valsin->instance,
 					  NULL),
@@ -124,8 +124,8 @@ kadm_add_entry (char *rname, char *rinstance, char *rrealm,
     }
 
     kadm_vals_to_prin(valsin->fields, &data_i, valsin);
-    strcpy_truncate(data_i.name, valsin->name, ANAME_SZ);
-    strcpy_truncate(data_i.instance, valsin->instance, INST_SZ);
+    strlcpy(data_i.name, valsin->name, ANAME_SZ);
+    strlcpy(data_i.instance, valsin->instance, INST_SZ);
 
     if (!IS_FIELD(KADM_EXPDATE,valsin->fields))
 	data_i.exp_date = default_princ.exp_date;
@@ -159,8 +159,8 @@ kadm_add_entry (char *rname, char *rinstance, char *rrealm,
     } else {
 	data_i.key_version++;
 	data_i.kdc_key_ver = server_parm.master_key_version;
-	strcpy_truncate(data_i.mod_name, rname, sizeof(data_i.mod_name));
-	strcpy_truncate(data_i.mod_instance, rinstance,
+	strlcpy(data_i.mod_name, rname, sizeof(data_i.mod_name));
+	strlcpy(data_i.mod_instance, rinstance,
 			sizeof(data_i.mod_instance));
 
 	numfound = kerb_put_principal(&data_i, 1);
@@ -195,10 +195,10 @@ kadm_delete_entry (char *rname, char *rinstance, char *rrealm,
 
     char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
     
-    strcpy_truncate(admin,
+    strlcpy(admin,
 		    krb_unparse_name_long(rname, rinstance, rrealm),
 		    sizeof(admin));
-    strcpy_truncate(victim,
+    strlcpy(victim,
 		    krb_unparse_name_long(valsin->name,
 					  valsin->instance,
 					  NULL),
@@ -244,10 +244,10 @@ kadm_get_entry (char *rname, char *rinstance, char *rrealm,
     
     char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
     
-    strcpy_truncate(admin,
+    strlcpy(admin,
 		    krb_unparse_name_long(rname, rinstance, rrealm),
 		    sizeof(admin));
-    strcpy_truncate(victim,
+    strlcpy(victim,
 		    krb_unparse_name_long(valsin->name,
 					  valsin->instance,
 					  NULL),
@@ -290,10 +290,10 @@ kadm_mod_entry (char *rname, char *rinstance, char *rrealm,
 
     char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
     
-    strcpy_truncate(admin,
+    strlcpy(admin,
 		    krb_unparse_name_long(rname, rinstance, rrealm),
 		    sizeof(admin));
-    strcpy_truncate(victim,
+    strlcpy(victim,
 		    krb_unparse_name_long(valsin->name,
 					  valsin->instance,
 					  NULL),
@@ -316,8 +316,8 @@ kadm_mod_entry (char *rname, char *rinstance, char *rrealm,
 	failmod(KADM_DB_INUSE);
     } else if (numfound) {
 	kadm_vals_to_prin(valsin2->fields, &temp_key, valsin2);
-	strcpy_truncate(data_o.name, valsin->name, ANAME_SZ);
-	strcpy_truncate(data_o.instance, valsin->instance, INST_SZ);
+	strlcpy(data_o.name, valsin->name, ANAME_SZ);
+	strlcpy(data_o.instance, valsin->instance, INST_SZ);
 	if (IS_FIELD(KADM_EXPDATE,valsin2->fields))
 	    data_o.exp_date = temp_key.exp_date;
 	if (IS_FIELD(KADM_ATTR,valsin2->fields))
@@ -344,8 +344,8 @@ kadm_mod_entry (char *rname, char *rinstance, char *rrealm,
 	}
 	memset(&temp_key, 0, sizeof(temp_key));
 
-	strcpy_truncate(data_o.mod_name, rname, sizeof(data_o.mod_name));
-	strcpy_truncate(data_o.mod_instance, rinstance,
+	strlcpy(data_o.mod_name, rname, sizeof(data_o.mod_name));
+	strlcpy(data_o.mod_instance, rinstance,
 			sizeof(data_o.mod_instance));
 	more = kerb_put_principal(&data_o, 1);
 
@@ -387,7 +387,7 @@ kadm_change (char *rname, char *rinstance, char *rrealm, unsigned char *newpw)
 
     char admin[MAX_K_NAME_SZ];
     
-    strcpy_truncate(admin,
+    strlcpy(admin,
 		    krb_unparse_name_long(rname, rinstance, rrealm),
 		    sizeof(admin));
     
@@ -416,8 +416,8 @@ kadm_change (char *rname, char *rinstance, char *rrealm, unsigned char *newpw)
 	copy_from_key(local_pw, &data_o.key_low, &data_o.key_high);
 	data_o.key_version++;
 	data_o.kdc_key_ver = server_parm.master_key_version;
-	strcpy_truncate(data_o.mod_name, rname, sizeof(data_o.mod_name));
-	strcpy_truncate(data_o.mod_instance, rinstance,
+	strlcpy(data_o.mod_name, rname, sizeof(data_o.mod_name));
+	strlcpy(data_o.mod_instance, rinstance,
 			sizeof(data_o.mod_instance));
 	more = kerb_put_principal(&data_o, 1);
 	memset(local_pw, 0, sizeof(local_pw));
diff --git a/crypto/kerberosIV/kadmin/kadm_locl.h b/crypto/kerberosIV/kadmin/kadm_locl.h
index 44708d9..960c564 100644
--- a/crypto/kerberosIV/kadmin/kadm_locl.h
+++ b/crypto/kerberosIV/kadmin/kadm_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kadm_locl.h,v 1.30 1998/11/18 19:44:05 assar Exp $ */
+/* $Id: kadm_locl.h,v 1.31 1999/12/02 16:58:36 joda Exp $ */
 
 #include "config.h"
 #include "protos.h"
diff --git a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c b/crypto/kerberosIV/kadmin/kadm_ser_wrap.c
index c95af04..196a89c 100644
--- a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c
+++ b/crypto/kerberosIV/kadmin/kadm_ser_wrap.c
@@ -30,7 +30,7 @@ unwraps wrapped packets and calls the appropriate server subroutine
 
 #include "kadm_locl.h"
 
-RCSID("$Id: kadm_ser_wrap.c,v 1.24 1998/06/13 00:45:52 assar Exp $");
+RCSID("$Id: kadm_ser_wrap.c,v 1.25 1999/09/16 20:41:41 assar Exp $");
 
 /* GLOBAL */
 Kadm_Server server_parm;
@@ -52,13 +52,13 @@ kadm_ser_init(int inter,	/* interactive or from file */
   if (gethostname(hostname, sizeof(hostname)))
       return KADM_NO_HOSTNAME;
 
-  strcpy_truncate(server_parm.sname,
+  strlcpy(server_parm.sname,
 		  PWSERV_NAME,
 		  sizeof(server_parm.sname));
-  strcpy_truncate(server_parm.sinst,
+  strlcpy(server_parm.sinst,
 		  KRB_MASTER,
 		  sizeof(server_parm.sinst));
-  strcpy_truncate(server_parm.krbrlm,
+  strlcpy(server_parm.krbrlm,
 		  realm,
 		  sizeof(server_parm.krbrlm));
 
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c
index 340a914..76abda5 100644
--- a/crypto/kerberosIV/kadmin/kadmin.c
+++ b/crypto/kerberosIV/kadmin/kadmin.c
@@ -31,7 +31,7 @@ or implied warranty.
 #include "getarg.h"
 #include "parse_time.h"
 
-RCSID("$Id: kadmin.c,v 1.59.2.1 1999/09/02 08:51:59 joda Exp $");
+RCSID("$Id: kadmin.c,v 1.62 1999/11/02 17:02:14 bg Exp $");
 
 static int change_password(int argc, char **argv);
 static int change_key(int argc, char **argv);
@@ -390,7 +390,7 @@ do_init(int argc, char **argv)
     if(ret < 0)
 	errx(1, "Can't figure out default principal");
     if(pr.instance[0] == '\0')
-	strcpy_truncate(pr.instance, "admin", sizeof(pr.instance));
+	strlcpy(pr.instance, "admin", sizeof(pr.instance));
     if(principal) {
 	if(username)
 	    warnx("Ignoring username when principal is given");
@@ -398,19 +398,19 @@ do_init(int argc, char **argv)
 	if(ret)
 	    errx(1, "%s: %s", principal, krb_get_err_text(ret));
 	if(pr.realm[0] != '\0')
-	    strcpy_truncate(default_realm, pr.realm, sizeof(default_realm));
+	    strlcpy(default_realm, pr.realm, sizeof(default_realm));
     } else if(username) {
-	strcpy_truncate(pr.name, username, sizeof(pr.name));
-	strcpy_truncate(pr.instance, "admin", sizeof(pr.instance));
+	strlcpy(pr.name, username, sizeof(pr.name));
+	strlcpy(pr.instance, "admin", sizeof(pr.instance));
     } 
     
     if(realm)
-	strcpy_truncate(default_realm, realm, sizeof(default_realm));
+	strlcpy(default_realm, realm, sizeof(default_realm));
     
-    strcpy_truncate(krbrlm, default_realm, sizeof(krbrlm));
+    strlcpy(krbrlm, default_realm, sizeof(krbrlm));
 
     if(pr.realm[0] == '\0')
-	strcpy_truncate(pr.realm, krbrlm, sizeof(pr.realm));
+	strlcpy(pr.realm, krbrlm, sizeof(pr.realm));
 
     if (kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm) != KADM_SUCCESS)
 	*krbrlm = '\0';
@@ -425,8 +425,8 @@ do_init(int argc, char **argv)
 	destroy_timeout = 0; /* disable timeout */
     else{
 	char tktstring[128];
-	snprintf(tktstring, sizeof(tktstring),
-		 TKT_ROOT "_adm_%d",(int)getpid());
+	snprintf(tktstring, sizeof(tktstring), "%s_adm_%d",
+		 TKT_ROOT, (int)getpid());
 	krb_set_tkt_string(tktstring);
     }
     return optind;
@@ -471,9 +471,9 @@ setvals(Kadm_vals *vals, char *string)
 	return status;
     }
     if (!realm[0])
-	strcpy_truncate(realm, default_realm, sizeof(realm));
+	strlcpy(realm, default_realm, sizeof(realm));
     if (strcmp(realm, krbrlm)) {
-	strcpy_truncate(krbrlm, realm, sizeof(krbrlm));
+	strlcpy(krbrlm, realm, sizeof(krbrlm));
 	if ((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm)) 
 	    != KADM_SUCCESS)
 	    printf("kadm error for realm %s: %s\n", 
diff --git a/crypto/kerberosIV/kadmin/kpasswd.c b/crypto/kerberosIV/kadmin/kpasswd.c
index f32946b..d0d35be 100644
--- a/crypto/kerberosIV/kadmin/kpasswd.c
+++ b/crypto/kerberosIV/kadmin/kpasswd.c
@@ -25,7 +25,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
 
-RCSID("$Id: kpasswd.c,v 1.26 1998/06/09 19:24:54 joda Exp $");
+RCSID("$Id: kpasswd.c,v 1.29 1999/11/13 06:33:20 assar Exp $");
 
 static void
 usage(int value)
@@ -57,7 +57,7 @@ main(int argc, char **argv)
 			       default_principal.instance,
 			       default_principal.realm);
 
-    while ((c = getopt(argc, argv, "u:n:i:r:h")) != EOF) {
+    while ((c = getopt(argc, argv, "u:n:i:r:h")) != -1) {
 	switch (c) {
 	case 'u':
 	    status = krb_parse_name (optarg, &principal);
@@ -70,7 +70,7 @@ main(int argc, char **argv)
 	    break;
 	case 'n':
 	    if (k_isname(optarg))
-		strcpy_truncate(principal.name,
+		strlcpy(principal.name,
 				optarg,
 				sizeof(principal.name));
 	    else {
@@ -80,7 +80,7 @@ main(int argc, char **argv)
 	    break;
 	case 'i':
 	    if (k_isinst(optarg))
-		strcpy_truncate(principal.instance,
+		strlcpy(principal.instance,
 				optarg,
 				sizeof(principal.instance));
 	    else {
@@ -90,7 +90,7 @@ main(int argc, char **argv)
 	    break;
 	case 'r':
 	    if (k_isrealm(optarg)) {
-		strcpy_truncate(principal.realm,
+		strlcpy(principal.realm,
 				optarg,
 				sizeof(principal.realm));
 		realm_given++; 
@@ -116,28 +116,28 @@ main(int argc, char **argv)
     }
 
     if (use_default) {
-	strcpy_truncate(principal.name,
+	strlcpy(principal.name,
 			default_principal.name,
 			sizeof(principal.name));
-	strcpy_truncate(principal.instance,
+	strlcpy(principal.instance,
 			default_principal.instance,
 			sizeof(principal.instance));
-	strcpy_truncate(principal.realm,
+	strlcpy(principal.realm,
 			default_principal.realm,
 			sizeof(principal.realm));
     } else {
 	if (!principal.name[0])
-	    strcpy_truncate(principal.name,
+	    strlcpy(principal.name,
 			    default_principal.name,
 			    sizeof(principal.name));
 	if (!principal.realm[0])
-	    strcpy_truncate(principal.realm,
+	    strlcpy(principal.realm,
 			    default_principal.realm,
 			    sizeof(principal.realm));
     }
 
-    snprintf(tktstring, sizeof(tktstring),
-	     TKT_ROOT "_cpw_%u", (unsigned)getpid());
+    snprintf(tktstring, sizeof(tktstring), "%s_cpw_%u",
+	     TKT_ROOT, (unsigned)getpid());
     krb_set_tkt_string(tktstring);
     
     if (get_pw_new_pwd(pword, sizeof(pword), &principal,
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c
index 8f75d52..38722a0 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil.c
@@ -30,7 +30,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
 
-RCSID("$Id: ksrvutil.c,v 1.47 1999/06/29 18:53:58 bg Exp $");
+RCSID("$Id: ksrvutil.c,v 1.50 1999/11/13 06:33:59 assar Exp $");
 
 #include "ksrvutil.h"
 
@@ -322,11 +322,11 @@ main(int argc, char **argv)
 
     /* This is used only as a default for adding keys */
     if (krb_get_lrealm(local_realm, 1) != KSUCCESS)
-	strcpy_truncate(local_realm,
+	strlcpy(local_realm,
 			KRB_REALM,
 			sizeof(local_realm));
     
-    while((c = getopt(argc, argv, "ikc:f:p:r:u")) != EOF) {
+    while((c = getopt(argc, argv, "ikc:f:p:r:u")) != -1) {
 	switch (c) {
 	case 'i':
 	    interactive++;
@@ -335,10 +335,10 @@ main(int argc, char **argv)
 	    key++;
 	    break;
 	case 'c':
-	    strcpy_truncate(cellname, optarg, sizeof(cellname));
+	    strlcpy(cellname, optarg, sizeof(cellname));
 	    break;
 	case 'f':
-	    strcpy_truncate(keyfile, optarg, sizeof(keyfile));
+	    strlcpy(keyfile, optarg, sizeof(keyfile));
 	    break;
 	case 'p':
 	    if((status = kname_parse (u_name, u_inst, u_realm, optarg)) !=
@@ -347,7 +347,7 @@ main(int argc, char **argv)
 		      krb_get_err_text(status));
 	    break;
 	case 'r':
-	    strcpy_truncate(u_realm, optarg, sizeof(u_realm));
+	    strlcpy(u_realm, optarg, sizeof(u_realm));
 	    break;
 	case 'u':
 	    unique_filename = 1;
@@ -359,7 +359,7 @@ main(int argc, char **argv)
     if (optind >= argc)
 	usage();
     if (*u_realm == '\0')
-	 strcpy_truncate (u_realm, local_realm, sizeof(u_realm));
+	 strlcpy (u_realm, local_realm, sizeof(u_realm));
     if (strcmp(argv[optind], "list") == 0) {
 	if (arg_entered)
 	    usage();
@@ -411,10 +411,10 @@ main(int argc, char **argv)
 	warnx("`-u' flag is only used with `get'");
 
     if (!keyfile[0])
-	strcpy_truncate(keyfile, KEYFILE, sizeof(keyfile));
+	strlcpy(keyfile, KEYFILE, sizeof(keyfile));
 
-    strcpy_truncate(work_keyfile, keyfile, sizeof(work_keyfile));
-    strcpy_truncate(backup_keyfile, keyfile, sizeof(backup_keyfile));
+    strlcpy(work_keyfile, keyfile, sizeof(work_keyfile));
+    strlcpy(backup_keyfile, keyfile, sizeof(backup_keyfile));
     
     if (change || add || (get && !unique_filename) || delete) {
 	snprintf(work_keyfile, sizeof(work_keyfile), "%s.work", keyfile);
@@ -475,9 +475,8 @@ main(int argc, char **argv)
 		printf("\n");
 	    }
 	    else if (change) {
-		snprintf(change_tkt, sizeof(change_tkt),
-			 TKT_ROOT "_ksrvutil.%u",
-			 (unsigned)getpid());
+		snprintf(change_tkt, sizeof(change_tkt), "%s_ksrvutil.%u",
+			 TKT_ROOT, (unsigned)getpid());
 		krb_set_tkt_string(change_tkt);
 		destroyp = TRUE;
 
@@ -584,24 +583,24 @@ main(int argc, char **argv)
 		p = strchr(databuf, '.');
 		if (p != NULL) {
 		    *p++ = '\0';
-		    strcpy_truncate (sname, databuf, sizeof(sname));
-		    strcpy_truncate (sinst, p, sizeof(sinst));
+		    strlcpy (sname, databuf, sizeof(sname));
+		    strlcpy (sinst, p, sizeof(sinst));
 		} else {
-		    strcpy_truncate (sname, databuf, sizeof(sname));
+		    strlcpy (sname, databuf, sizeof(sname));
 		    safe_read_stdin("Instance: ", databuf, sizeof(databuf));
-		    strcpy_truncate (sinst, databuf, sizeof(databuf));
+		    strlcpy (sinst, databuf, sizeof(databuf));
 		}
 
 		safe_read_stdin("Realm: ", databuf, sizeof(databuf));
 		if (databuf[0] != '\0')
-		    strcpy_truncate (srealm, databuf, sizeof(srealm));
+		    strlcpy (srealm, databuf, sizeof(srealm));
 		else
-		    strcpy_truncate (srealm, local_realm, sizeof(srealm));
+		    strlcpy (srealm, local_realm, sizeof(srealm));
 
 		safe_read_stdin("Version number: ", databuf, sizeof(databuf));
 		key_vno = atoi(databuf);
 		if (!srealm[0])
-		    strcpy_truncate(srealm, local_realm, sizeof(srealm));
+		    strlcpy(srealm, local_realm, sizeof(srealm));
 		printf("New principal: ");
 		print_name(sname, sinst, srealm);
 		printf("; version %d\n", key_vno);
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.h b/crypto/kerberosIV/kadmin/ksrvutil.h
index b548fc7..2b562ac 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil.h
+++ b/crypto/kerberosIV/kadmin/ksrvutil.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -37,7 +32,7 @@
  */
 
 /*
- * $Id: ksrvutil.h,v 1.9 1998/01/16 19:01:31 joda Exp $
+ * $Id: ksrvutil.h,v 1.10 1999/12/02 16:58:36 joda Exp $
  *
  */
 
diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c
index a9c0797..a08b10d 100644
--- a/crypto/kerberosIV/kadmin/ksrvutil_get.c
+++ b/crypto/kerberosIV/kadmin/ksrvutil_get.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -39,7 +34,7 @@
 #include "kadm_locl.h"
 #include "ksrvutil.h"
 
-RCSID("$Id: ksrvutil_get.c,v 1.38 1999/06/29 21:19:37 bg Exp $");
+RCSID("$Id: ksrvutil_get.c,v 1.43 1999/12/02 16:58:36 joda Exp $");
 
 #define BAD_PW 1
 #define GOOD_PW 0
@@ -186,15 +181,15 @@ get_srvtab_ent(int unique_filename, int fd, char *filename,
     Kadm_vals values;
     int ret;
 
-    strcpy_truncate(chname, krb_get_phost(inst), sizeof(chname));
+    strlcpy(chname, krb_get_phost(inst), sizeof(chname));
     if(strcmp(inst, chname))
 	fprintf(stderr, 
 		"Warning: Are you sure `%s' should not be `%s'?\n",
 		inst, chname);
     
     memset(&values, 0, sizeof(values));
-    strcpy_truncate(values.name, name, sizeof(values.name));
-    strcpy_truncate(values.instance, inst, sizeof(values.instance));
+    strlcpy(values.name, name, sizeof(values.name));
+    strlcpy(values.instance, inst, sizeof(values.instance));
     des_new_random_key(&newkey);
     values.key_low = (newkey[0] << 24) | (newkey[1] << 16)
 	| (newkey[2] << 8) | (newkey[3] << 0);
@@ -220,15 +215,20 @@ get_srvtab_ent(int unique_filename, int fd, char *filename,
     { 
 	int old = krb_use_admin_server(1);
 
-	strcpy_truncate(old_tktfile, tkt_string(), sizeof(old_tktfile));
-	snprintf(new_tktfile, sizeof(new_tktfile),
-		 TKT_ROOT "_ksrvutil-get.%u",
-		 (unsigned)getpid());
+	strlcpy(old_tktfile, tkt_string(), sizeof(old_tktfile));
+	snprintf(new_tktfile, sizeof(new_tktfile), "%s_ksrvutil-get.%u",
+		 TKT_ROOT, (unsigned)getpid());
 	krb_set_tkt_string(new_tktfile);
       
 	ret = krb_get_in_tkt(name, inst, realm, name, inst,
 			     1, key_to_key, NULL, &newkey);
 	krb_use_admin_server(old);
+ 	if (ret) {
+	    warnx ("getting tickets for %s: %s", 
+		   krb_unparse_name_long(name, inst, realm),
+		   krb_get_err_text(ret));
+	    return;
+  	}
     }
       
     if (ret == KSUCCESS &&
@@ -238,7 +238,8 @@ get_srvtab_ent(int unique_filename, int fd, char *filename,
 	(ret = tf_get_cred(&c)) == KSUCCESS)
 	kvno = c.kvno;
     else {
-	warnx ("Could not find the cred in the ticket file");
+	warnx ("Could not find the cred in the ticket file: %s",
+	       krb_get_err_text(ret));
 	return;
     }
 
@@ -302,8 +303,8 @@ ksrvutil_kadm(int unique_filename, int fd, char *filename, struct srv_ent *p)
     /*
      *  create ticket file and get admin tickets
      */
-    snprintf(tktstring, sizeof(tktstring),
-	     TKT_ROOT "_ksrvutil_%d", (int)getpid());
+    snprintf(tktstring, sizeof(tktstring), "%s_ksrvutil_%d",
+	     TKT_ROOT, (int)getpid());
     krb_set_tkt_string(tktstring);
     destroyp = TRUE;
        
@@ -327,7 +328,7 @@ parseinput (char *result, size_t sz, char *val, char *def)
   int inq;
 
   if (val[0] == '\0') {
-    strcpy_truncate (result, def, sz);
+    strlcpy (result, def, sz);
     return;
   }
   lim = result + sz - 1;
@@ -362,7 +363,7 @@ ksrvutil_get(int unique_filename, int fd, char *filename, int argc, char **argv)
   int i;
 
   gethostname(local_hostname, sizeof(local_hostname));
-  strcpy_truncate(local_hostname,
+  strlcpy(local_hostname,
 		  krb_get_phost(local_hostname),
 		  sizeof(local_hostname));
 
@@ -375,7 +376,7 @@ ksrvutil_get(int unique_filename, int fd, char *filename, int argc, char **argv)
 	leave(NULL,1);
       }
       p->next = head;
-      strcpy_truncate (p->realm, u_realm, sizeof(p->realm));
+      strlcpy (p->realm, u_realm, sizeof(p->realm));
       if (kname_parse (p->name, p->inst, p->realm, argv[i]) !=
 	  KSUCCESS) {
 	warnx ("parse error on '%s'\n", argv[i]);
@@ -383,11 +384,11 @@ ksrvutil_get(int unique_filename, int fd, char *filename, int argc, char **argv)
 	continue;
       }
       if (p->name[0] == '\0')
-	strcpy_truncate(p->name, "rcmd", sizeof(p->name));
+	strlcpy(p->name, "rcmd", sizeof(p->name));
       if (p->inst[0] == '\0')
-	strcpy_truncate(p->inst, local_hostname, sizeof(p->inst));
+	strlcpy(p->inst, local_hostname, sizeof(p->inst));
       if (p->realm[0] == '\0')
-	strcpy_truncate(p->realm, u_realm, sizeof(p->realm));
+	strlcpy(p->realm, u_realm, sizeof(p->realm));
       head = p;
     }
 
@@ -412,9 +413,9 @@ ksrvutil_get(int unique_filename, int fd, char *filename, int argc, char **argv)
 	}
 	p->next=head;
 	head=p;
-	strcpy_truncate(p->name, sname, sizeof(p->name));
-	strcpy_truncate(p->inst, sinst, sizeof(p->inst));
-	strcpy_truncate(p->realm, srealm, sizeof(p->realm));
+	strlcpy(p->name, sname, sizeof(p->name));
+	strlcpy(p->inst, sinst, sizeof(p->inst));
+	strlcpy(p->realm, srealm, sizeof(p->realm));
       }
     }while(ny("Add more keys?"));
   
diff --git a/crypto/kerberosIV/kadmin/new_pwd.c b/crypto/kerberosIV/kadmin/new_pwd.c
index 64756f7..cfeb095 100644
--- a/crypto/kerberosIV/kadmin/new_pwd.c
+++ b/crypto/kerberosIV/kadmin/new_pwd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kadm_locl.h"
 
-RCSID("$Id: new_pwd.c,v 1.13 1998/06/09 19:24:55 joda Exp $");
+RCSID("$Id: new_pwd.c,v 1.14 1999/12/02 16:58:36 joda Exp $");
 
 #ifdef NOENCRYPTION
 #define read_long_pw_string placebo_read_pw_string
diff --git a/crypto/kerberosIV/kadmin/pw_check.c b/crypto/kerberosIV/kadmin/pw_check.c
index ac6912b..448ad37 100644
--- a/crypto/kerberosIV/kadmin/pw_check.c
+++ b/crypto/kerberosIV/kadmin/pw_check.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kadm_locl.h"
 
-RCSID("$Id: pw_check.c,v 1.13 1997/04/01 08:17:50 joda Exp $");
+RCSID("$Id: pw_check.c,v 1.14 1999/12/02 16:58:36 joda Exp $");
 
 /*
  * kadm_pw_check
diff --git a/crypto/kerberosIV/kadmin/pw_check.h b/crypto/kerberosIV/kadmin/pw_check.h
index c5a5d69..8b717f8 100644
--- a/crypto/kerberosIV/kadmin/pw_check.h
+++ b/crypto/kerberosIV/kadmin/pw_check.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -37,7 +32,7 @@
  */
 
 /*
- * $Id: pw_check.h,v 1.6 1997/04/01 08:17:50 joda Exp $ 
+ * $Id: pw_check.h,v 1.7 1999/12/02 16:58:36 joda Exp $ 
  */
 
 int kadm_pw_check(char *pw, des_cblock *newkey, 
diff --git a/crypto/kerberosIV/kadmin/random_password.c b/crypto/kerberosIV/kadmin/random_password.c
index d274831..ec8309e 100644
--- a/crypto/kerberosIV/kadmin/random_password.c
+++ b/crypto/kerberosIV/kadmin/random_password.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "kadm_locl.h"
 
-RCSID("$Id: random_password.c,v 1.2 1998/06/09 19:24:56 joda Exp $");
+RCSID("$Id: random_password.c,v 1.4 1999/12/02 16:58:36 joda Exp $");
 
 /* This file defines some a function that generates a random password,
    that can be used when creating a large amount of principals (such
@@ -71,7 +66,7 @@ random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high)
 		      "abcdefghijklmnopqrstuvwxyz", 7, 
 		      "ABCDEFGHIJKLMNOPQRSTUVWXYZ", 2, 
 		      "@$%&*()-+=:,/<>1234567890", 1);
-    strcpy_truncate(pw, pass, len);
+    strlcpy(pw, pass, len);
     memset(pass, 0, strlen(pass));
     free(pass);
 #endif
diff --git a/crypto/kerberosIV/kuser/kdestroy.c b/crypto/kerberosIV/kuser/kdestroy.c
index b5a620b..93e3a66 100644
--- a/crypto/kerberosIV/kuser/kdestroy.c
+++ b/crypto/kerberosIV/kuser/kdestroy.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -40,7 +35,7 @@
 #include <kafs.h>
 #include <getarg.h>
 
-RCSID("$Id: kdestroy.c,v 1.16 1999/06/16 17:34:51 assar Exp $");
+RCSID("$Id: kdestroy.c,v 1.17 1999/12/02 16:58:36 joda Exp $");
 
 #ifdef LEGACY_KDESTROY
 int ticket_flag = 1;
diff --git a/crypto/kerberosIV/kuser/klist.c b/crypto/kerberosIV/kuser/klist.c
index 82ac58e..007c5f0 100644
--- a/crypto/kerberosIV/kuser/klist.c
+++ b/crypto/kerberosIV/kuser/klist.c
@@ -22,7 +22,7 @@
 
 #include <parse_time.h>
 
-RCSID("$Id: klist.c,v 1.41.2.1 1999/07/22 03:15:12 assar Exp $");
+RCSID("$Id: klist.c,v 1.44.2.2 1999/12/07 00:20:43 assar Exp $");
 
 static int option_verbose = 0;
 
@@ -147,24 +147,24 @@ display_tktfile(char *file, int tgt_test, int long_form)
 	}
 	if (long_form) {
 	    struct timeval tv;
-	    strcpy_truncate(buf1,
-			    short_date(c.issue_date),
-			    sizeof(buf1));
+	    strlcpy(buf1,
+		    short_date(c.issue_date),
+		    sizeof(buf1));
 	    c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
 	    krb_kdctimeofday(&tv);
 	    if (option_verbose || tv.tv_sec < (unsigned long) c.issue_date)
-	        strcpy_truncate(buf2,
-				short_date(c.issue_date),
-				sizeof(buf2));
+	        strlcpy(buf2,
+			short_date(c.issue_date),
+			sizeof(buf2));
 	    else
-	        strcpy_truncate(buf2,
-				">>> Expired <<<",
-				sizeof(buf2));
+	        strlcpy(buf2,
+			">>> Expired <<<",
+			sizeof(buf2));
 	    printf("%s  %s  ", buf1, buf2);
 	}
 	printf("%s", krb_unparse_name_long(c.service, c.instance, c.realm));
 	if(long_form && option_verbose)
-	  printf(" (%d)", c.kvno);
+	    printf(" (%d)", c.kvno);
 	printf("\n");
     }
     if (tgt_test)
@@ -172,6 +172,36 @@ display_tktfile(char *file, int tgt_test, int long_form)
     if (header && long_form && k_errno == EOF) {
 	printf("No tickets in file.\n");
     }
+    tf_close();
+ 
+    if (long_form && krb_get_config_bool("nat_in_use")) {
+	char realm[REALM_SZ];
+	struct in_addr addr;
+ 
+	printf("-----\nNAT addresses\n");
+ 
+	/* Open ticket file (again) */
+	if ((k_errno = tf_init(file, R_TKT_FIL))) {
+	    if (!tgt_test)
+		warnx("%s", krb_get_err_text(k_errno));
+	    return 1;
+	}
+ 
+	/* Get principal name and instance */
+	if ((k_errno = tf_get_pname(pr.name)) ||
+	    (k_errno = tf_get_pinst(pr.instance))) {
+	    if (!tgt_test)
+		warnx("%s", krb_get_err_text(k_errno));
+	    return 1;
+	}
+ 
+	while ((k_errno = tf_get_cred_addr(realm, sizeof(realm),
+					   &addr)) == KSUCCESS) {
+	    printf("%s: %s\n", realm, inet_ntoa(addr));
+	}
+	tf_close();
+    }
+ 
     return 0;
 }
 
@@ -234,11 +264,11 @@ display_tokens(void)
 	cell = (const char *)r;
 
 	krb_kdctimeofday (&tv);
-	strcpy_truncate (buf1, short_date(ct.BeginTimestamp), sizeof(buf1));
+	strlcpy (buf1, short_date(ct.BeginTimestamp), sizeof(buf1));
 	if (option_verbose || tv.tv_sec < ct.EndTimestamp)
-	    strcpy_truncate (buf2, short_date(ct.EndTimestamp), sizeof(buf2));
+	    strlcpy (buf2, short_date(ct.EndTimestamp), sizeof(buf2));
 	else
-	    strcpy_truncate (buf2, ">>> Expired <<<", sizeof(buf2));
+	    strlcpy (buf2, ">>> Expired <<<", sizeof(buf2));
 
 	printf("%s  %s  ", buf1, buf2);
 
@@ -345,7 +375,7 @@ main(int argc, char **argv)
 	if (!strcmp(*argv, "-srvtab")) {
 		if (tkt_file == NULL)	/* if no other file spec'ed,
 					   set file to default srvtab */
-		    tkt_file = KEYFILE;
+		    tkt_file = (char *)KEYFILE;
 		do_srvtab = 1;
 		continue;
 	}
diff --git a/crypto/kerberosIV/kuser/kuser_locl.h b/crypto/kerberosIV/kuser/kuser_locl.h
index 514a0ac..970ad6b 100644
--- a/crypto/kerberosIV/kuser/kuser_locl.h
+++ b/crypto/kerberosIV/kuser/kuser_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kuser_locl.h,v 1.10 1997/05/20 18:40:43 bg Exp $ */
+/* $Id: kuser_locl.h,v 1.11 1999/12/02 16:58:37 joda Exp $ */
 
 #include "config.h"
 #include "protos.h"
diff --git a/crypto/kerberosIV/lib/acl/acl.h b/crypto/kerberosIV/lib/acl/acl.h
index 0a6fa56..a92bbdd 100644
--- a/crypto/kerberosIV/lib/acl/acl.h
+++ b/crypto/kerberosIV/lib/acl/acl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: acl.h,v 1.6 1997/12/05 03:31:47 joda Exp $ */
+/* $Id: acl.h,v 1.7 1999/12/02 16:58:37 joda Exp $ */
 
 #ifndef __ACL_H
 #define __ACL_H
diff --git a/crypto/kerberosIV/lib/acl/acl_files.c b/crypto/kerberosIV/lib/acl/acl_files.c
index 12098b7..5501075 100644
--- a/crypto/kerberosIV/lib/acl/acl_files.c
+++ b/crypto/kerberosIV/lib/acl/acl_files.c
@@ -22,7 +22,7 @@ or implied warranty.
 #include "config.h"
 #include "protos.h"
 
-RCSID("$Id: acl_files.c,v 1.13 1999/03/13 21:21:32 assar Exp $");
+RCSID("$Id: acl_files.c,v 1.14 1999/09/16 20:41:43 assar Exp $");
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -373,7 +373,7 @@ acl_load(char *name)
     }
 
     /* Set up the acl */
-    strcpy_truncate(acl_cache[i].filename, name, LINESIZE);
+    strlcpy(acl_cache[i].filename, name, LINESIZE);
     if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
     /* Force reload */
     acl_cache[i].acl = (struct hashtbl *) 0;
diff --git a/crypto/kerberosIV/lib/auth/ChangeLog b/crypto/kerberosIV/lib/auth/ChangeLog
index ce2eccc..f9c948c 100644
--- a/crypto/kerberosIV/lib/auth/ChangeLog
+++ b/crypto/kerberosIV/lib/auth/ChangeLog
@@ -1,3 +1,34 @@
+1999-11-15  Assar Westerlund  <assar@sics.se>
+
+	* */lib/Makefile.in: set LIBNAME.  From Enrico Scholz
+ 	<Enrico.Scholz@informatik.tu-chemnitz.de>
+
+1999-10-17  Assar Westerlund  <assar@sics.se>
+
+	* afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4
+
+1999-10-03  Assar Westerlund  <assar@sics.se>
+
+	* afskauthlib/verify.c (verify_krb5): update to new
+ 	krb524_convert_creds_kdc
+
+1999-09-28  Assar Westerlund  <assar@sics.se>
+
+	* sia/sia.c (doauth): use krb5_get_local_realms and
+ 	krb5_verify_user_lrealm
+
+	* afskauthlib/verify.c (verify_krb5): remove krb5_kuserok.  use
+ 	krb5_verify_user_lrealm
+
+1999-08-11  Johan Danielsson  <joda@pdc.kth.se>
+
+	* afskauthlib/verify.c: make this compile w/o krb4
+
+1999-08-04  Assar Westerlund  <assar@sics.se>
+
+	* afskauthlib/verify.c: incorporate patches from Miroslav Ruda
+ 	<ruda@ics.muni.cz>
+
 Thu Apr  8 14:35:34 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
 
 	* sia/sia.c: remove definition of KRB_VERIFY_USER (moved to
diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in b/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in
index dc09a13..2eb2576 100644
--- a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in
+++ b/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.24 1999/03/10 19:01:14 joda Exp $
+# $Id: Makefile.in,v 1.25 1999/11/15 10:20:46 assar Exp $
 #
 
 SHELL = /bin/sh
@@ -36,7 +36,8 @@ LDSHARED = @LDSHARED@
 SHLIBEXT = @REAL_SHLIBEXT@
 LD_FLAGS = @REAL_LD_FLAGS@
  
-LIB = afskauthlib.$(SHLIBEXT)
+LIBNAME = afskauthlib
+LIB = $(LIBNAME).$(SHLIBEXT)
 
 SOURCES = verify.c
 
diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/verify.c b/crypto/kerberosIV/lib/auth/afskauthlib/verify.c
index f7db523..1c23119 100644
--- a/crypto/kerberosIV/lib/auth/afskauthlib/verify.c
+++ b/crypto/kerberosIV/lib/auth/afskauthlib/verify.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: verify.c,v 1.13 1999/04/08 12:36:16 joda Exp $");
+RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $");
 #endif
 #include <unistd.h>
 #include <sys/types.h>
@@ -52,10 +47,24 @@ RCSID("$Id: verify.c,v 1.13 1999/04/08 12:36:16 joda Exp $");
 #endif
 #include <roken.h>
 
-#if 0
+#ifdef KRB5
 static char krb5ccname[128];
 #endif
+#ifdef KRB4
 static char krbtkfile[128];
+#endif
+
+/* 
+   In some cases is afs_gettktstring called twice (once before
+   afs_verify and once after afs_verify).
+   In some cases (rlogin with access allowed via .rhosts) 
+   afs_verify is not called!
+   So we can't rely on correct value in krbtkfile in some
+   cases!
+*/
+
+static int correct_tkfilename=0;
+static int pag_set=0;
 
 #ifdef KRB4
 static void
@@ -63,9 +72,44 @@ set_krbtkfile(uid_t uid)
 {
     snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid);
     krb_set_tkt_string (krbtkfile);
+    correct_tkfilename = 1;
 }
 #endif
 
+/* XXX this has to be the default cache name, since the KRB5CCNAME
+ * environment variable isn't exported by login/xdm
+ */
+
+#ifdef KRB5
+static void
+set_krb5ccname(uid_t uid)
+{
+    snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid);
+#ifdef KRB4
+    snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid);
+#endif
+    correct_tkfilename = 1;
+}
+#endif
+
+static void
+set_spec_krbtkfile(void)
+{
+    int fd;
+#ifdef KRB4
+    snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT);
+    fd = mkstemp(krbtkfile);
+    close(fd);
+    unlink(krbtkfile); 
+    krb_set_tkt_string (krbtkfile);
+#endif
+#ifdef KRB5
+    snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX");
+    fd=mkstemp(krb5ccname+5);
+    close(fd);
+    unlink(krb5ccname+5);
+#endif
+}
 
 #ifdef KRB5
 static int
@@ -76,42 +120,38 @@ verify_krb5(struct passwd *pwd,
 {
     krb5_context context;
     krb5_error_code ret;
-    char ticket[128];
     krb5_ccache ccache;
     krb5_principal principal;
-    krb5_realm realm;
     
     krb5_init_context(&context);
 
-    krb5_get_default_realm(context, &realm);
-    krb5_make_principal(context, &principal, realm, pwd->pw_name, NULL);
-
-    if(!krb5_kuserok(context, principal, pwd->pw_name)) {
-	syslog(LOG_AUTH|LOG_DEBUG, "krb5_kuserok failed");
+    ret = krb5_parse_name (context, pwd->pw_name, &principal);
+    if (ret) {
+	syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", 
+	       krb5_get_err_text(context, ret));
 	goto out;
     }
-    /* XXX this has to be the default cache name, since the KRB5CCNAME
-       environment variable isn't exported by login/xdm
-       */
-    snprintf(ticket, sizeof(ticket), "FILE:/tmp/krb5cc_%d", pwd->pw_uid);
-    ret = krb5_cc_resolve(context, ticket, &ccache);
+
+    set_krb5ccname(pwd->pw_uid);
+    ret = krb5_cc_resolve(context, krb5ccname, &ccache);
     if(ret) {
 	syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", 
 	       krb5_get_err_text(context, ret));
 	goto out;
     }
 
-    ret = krb5_verify_user(context,
-			   principal,
-			   ccache,
-			   password,
-			   TRUE,
-			   NULL);
+    ret = krb5_verify_user_lrealm(context,
+				  principal,
+				  ccache,
+				  password,
+				  TRUE,
+				  NULL);
     if(ret) {
 	syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", 
 	       krb5_get_err_text(context, ret));
 	goto out;
     }
+
     if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) {
 	syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", 
 	       krb5_get_err_text(context, errno));
@@ -119,17 +159,23 @@ verify_krb5(struct passwd *pwd,
     }
 
 #ifdef KRB4
-    {
+    if (krb5_config_get_bool(context, NULL,
+			     "libdefaults",
+			     "krb4_get_tickets",
+			     NULL)) {
 	CREDENTIALS c;
 	krb5_creds mcred, cred;
+        krb5_realm realm;
 
+        krb5_get_default_realm(context, &realm);
 	krb5_make_principal(context, &mcred.server, realm,
 			    "krbtgt",
 			    realm,
 			    NULL);
+	free (realm);
 	ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred);
 	if(ret == 0) {
-	    ret = krb524_convert_creds_kdc(context, &cred, &c);
+	    ret = krb524_convert_creds_kdc(context, ccache, &cred, &c);
 	    if(ret)
 		krb5_warn(context, ret, "converting creds");
 	    else {
@@ -144,13 +190,13 @@ verify_krb5(struct passwd *pwd,
 	    
 	krb5_free_principal(context, mcred.server);
     }
-    if (k_hasafs()) {
+    if (!pag_set && k_hasafs()) {
 	k_setpag();
+	pag_set = 1;
 	krb5_afslog_uid_home(context, ccache, NULL, NULL, 
 			     pwd->pw_uid, pwd->pw_dir);
     }
 #endif
-    
 out:
     if(ret && !quiet)
 	printf ("%s\n", krb5_get_err_text (context, ret));
@@ -173,8 +219,9 @@ verify_krb4(struct passwd *pwd,
 	ret = krb_verify_user (pwd->pw_name, "", lrealm, password,
 			       KRB_VERIFY_SECURE, NULL);
 	if (ret == KSUCCESS) {
-	    if (k_hasafs()) {
+	    if (!pag_set && k_hasafs()) {
 		k_setpag ();
+		pag_set = 1;
 		krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir);
 	    }
 	} else if (!quiet)
@@ -192,22 +239,50 @@ afs_verify(char *name,
 {
     int ret = 1;
     struct passwd *pwd = k_getpwnam (name);
+
     if(pwd == NULL)
 	return 1;
+    if (ret)
+	ret = unix_verify_user (name, password);
 #ifdef KRB5
-    ret = verify_krb5(pwd, password, exp, quiet);
+    if (ret)
+	ret = verify_krb5(pwd, password, exp, quiet);
 #endif
 #ifdef KRB4
     if(ret)
 	ret = verify_krb4(pwd, password, exp, quiet);
 #endif
-    if (ret)
-	ret = unix_verify_user (name, password);
     return ret;
 }
 
 char *
 afs_gettktstring (void)
 {
+    char *ptr;
+    struct passwd *pwd;
+
+    if (!correct_tkfilename) {
+	ptr = getenv("LOGNAME"); 
+	if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) {
+	    set_krb5ccname(pwd->pw_uid);
+#ifdef KRB4
+	    set_krbtkfile(pwd->pw_uid);
+	    if (!pag_set && k_hasafs()) {
+                k_setpag();
+                pag_set=1;
+	    }
+#endif
+	} else {
+	    set_spec_krbtkfile();
+	}
+    }
+#ifdef KRB5
+    setenv("KRB5CCNAME",krb5ccname,1);
+#endif
+#ifdef KRB4
+    setenv("KRBTKFILE",krbtkfile,1);
     return krbtkfile;
+#else
+    return "";
+#endif
 }
diff --git a/crypto/kerberosIV/lib/auth/pam/Makefile.in b/crypto/kerberosIV/lib/auth/pam/Makefile.in
index f338fbf..b012fcd 100644
--- a/crypto/kerberosIV/lib/auth/pam/Makefile.in
+++ b/crypto/kerberosIV/lib/auth/pam/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.20 1999/03/10 19:01:14 joda Exp $
+# $Id: Makefile.in,v 1.25 1999/11/15 10:20:48 assar Exp $
 #
 
 SHELL = /bin/sh
@@ -27,12 +27,17 @@ PICFLAGS = @REAL_PICFLAGS@
 LDSHARED = @LDSHARED@
 SHLIBEXT = @REAL_SHLIBEXT@
 LD_FLAGS = @REAL_LD_FLAGS@
+
+LIB_res_search = @LIB_res_search@
+LIB_dn_expand = @LIB_dn_expand@
  
-@lib_deps_yes@LIB_DEPS = -L../../kafs -L../../krb -L../../des -L../../roken \
-@lib_deps_yes@	   -lkafs -lkrb -ldes -lroken -lc
+@lib_deps_yes@LIB_DEPS = -L../../kafs -L../../krb -L../../des \
+@lib_deps_yes@	   -lkafs -lkrb -ldes \
+@lib_deps_yes@     $(LIB_res_search) $(LIB_dn_expand) -lpam -lc
 @lib_deps_no@LIB_DEPS =
 
-LIB = pam_krb4.$(SHLIBEXT)
+LIBNAME = pam_krb4
+LIB = $(LIBNAME).$(SHLIBEXT)
 
 SOURCES = pam.c
 
diff --git a/crypto/kerberosIV/lib/auth/pam/README b/crypto/kerberosIV/lib/auth/pam/README
index 9505699..2c45a53 100644
--- a/crypto/kerberosIV/lib/auth/pam/README
+++ b/crypto/kerberosIV/lib/auth/pam/README
@@ -3,9 +3,8 @@ PAM
 ---
 
 The PAM module was written more out of curiosity that anything else. It
-has not been updated for quite a while, since none of us are using
-Linux, and Solaris does not support PAM yet.  We've had positive reports
-from at least one person using the module, though.
+has not been updated for quite a while, but it seems to mostly work on
+both Linux and Solaris.
 
 To use this module you should:
 
@@ -20,6 +19,7 @@ There is currently no support for changing kerberos passwords. Use
 kpasswd instead.
 
 See also Derrick J Brashear's `<shadow@dementia.org>' Kerberos PAM
-module at `ftp://ftp.dementia.org/pub/pam'. It has a lot more features,
-and it is also more in line with other PAM modules.
+module at
+<ftp://ftp.dementia.org/pub/pam>. It has a lot more features, and it is
+also more in line with other PAM modules.
 
diff --git a/crypto/kerberosIV/lib/auth/pam/pam.c b/crypto/kerberosIV/lib/auth/pam/pam.c
index 37a125e..d919bf8 100644
--- a/crypto/kerberosIV/lib/auth/pam/pam.c
+++ b/crypto/kerberosIV/lib/auth/pam/pam.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -42,7 +37,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include<config.h>
-RCSID("$Id: pam.c,v 1.18 1999/03/17 22:37:10 assar Exp $");
+RCSID("$Id: pam.c,v 1.22 1999/12/02 16:58:37 joda Exp $");
 #endif
 
 #include <stdio.h>
@@ -150,10 +145,10 @@ auth_su(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv)
     
     pw = getpwuid(getuid());
     if(strcmp(user, "root") == 0){
-	strcpy_truncate(pr.name, pw->pw_name, sizeof(pr.name));
-	strcpy_truncate(pr.instance, "root", sizeof(pr.instance));
+	strlcpy(pr.name, pw->pw_name, sizeof(pr.name));
+	strlcpy(pr.instance, "root", sizeof(pr.instance));
     }else{
-	strcpy_truncate(pr.name, user, sizeof(pr.name));
+	strlcpy(pr.name, user, sizeof(pr.name));
 	pr.instance[0] = 0;
     }
     pmsg = &msg;
@@ -212,7 +207,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
 int
 pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
-    char *tkt;
+    char *tkt, *var;
     void *user;
     const char *homedir = NULL;
 
@@ -225,7 +220,11 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
     }
 
     pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt);
-    setenv("KRBTKFILE", tkt, 1);
+    var = malloc(strlen("KRBTKFILE=") + strlen(tkt) + 1);
+    strcpy(var, "KRBTKFILE=");
+    strcat(var, tkt);
+    putenv(var);
+    pam_putenv(pamh, var);
     if(k_hasafs()){
 	k_setpag();
 	krb_afslog_home(0, 0, homedir);
diff --git a/crypto/kerberosIV/lib/auth/pam/pam.conf.add b/crypto/kerberosIV/lib/auth/pam/pam.conf.add
index 1bfb30e..42497d2 100644
--- a/crypto/kerberosIV/lib/auth/pam/pam.conf.add
+++ b/crypto/kerberosIV/lib/auth/pam/pam.conf.add
@@ -1,3 +1,66 @@
+To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch:
+
+--- /etc/pam.conf.DIST	Mon Jul 20 15:37:46 1998
++++ /etc/pam.conf	Tue Nov 30 18:47:22 1999
+@@ -4,12 +4,14 @@
+ #
+ # Authentication management
+ #
++login	auth sufficient	/usr/athena/lib/pam_krb4.so
+ login	auth required 	/usr/lib/security/pam_unix.so.1 
+ login	auth required 	/usr/lib/security/pam_dial_auth.so.1 
+ #
+ rlogin  auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
+ rlogin	auth required 	/usr/lib/security/pam_unix.so.1
+ #
++dtlogin	auth sufficient	/usr/athena/lib/pam_krb4.so
+ dtlogin	auth required 	/usr/lib/security/pam_unix.so.1 
+ #
+ rsh	auth required	/usr/lib/security/pam_rhosts_auth.so.1
+@@ -24,6 +26,8 @@
+ #
+ # Session management
+ #
++dtlogin	session	required	/usr/athena/lib/pam_krb4.so
++login	session	required	/usr/athena/lib/pam_krb4.so
+ other	session required	/usr/lib/security/pam_unix.so.1 
+ #
+ # Password management
+---------------------------------------------------------------------------
+To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches:
+
+--- /etc/pam.d/login~   Thu Jul  8 00:14:02 1999
++++ /etc/pam.d/login    Mon Aug 30 14:33:12 1999
+@@ -1,9 +1,12 @@
+ #%PAM-1.0
++# Updated to work with kerberos
++auth       sufficient   /lib/security/pam_krb4.so
+ auth       required    /lib/security/pam_securetty.so
+ auth       required    /lib/security/pam_pwdb.so shadow nullok
+ auth       required    /lib/security/pam_nologin.so
+ account    required    /lib/security/pam_pwdb.so
+ password   required    /lib/security/pam_cracklib.so
+ password   required    /lib/security/pam_pwdb.so nullok use_authtok shadow
++session    required     /lib/security/pam_krb4.so
+ session    required    /lib/security/pam_pwdb.so
+ session    optional    /lib/security/pam_console.so
+--- /etc/pam.d/xdm~     Mon Jun 14 17:39:05 1999
++++ /etc/pam.d/xdm      Mon Aug 30 14:54:51 1999
+@@ -1,8 +1,10 @@
+ #%PAM-1.0
++auth       sufficient   /lib/security/pam_krb4.so
+ auth       required    /lib/security/pam_pwdb.so shadow nullok
+ auth       required    /lib/security/pam_nologin.so
+ account    required    /lib/security/pam_pwdb.so
+ password   required    /lib/security/pam_cracklib.so
+ password   required    /lib/security/pam_pwdb.so shadow nullok use_authtok
++session    required     /lib/security/pam_krb4.so
+ session    required    /lib/security/pam_pwdb.so
+ session    optional     /lib/security/pam_console.so
+--------------------------------------------------------------------------
+
+This stuff may work under some other system.
+
 # To get this to work, you will have to add entries to /etc/pam.conf
 #
 # To make login kerberos-aware, you might change pam.conf to look
diff --git a/crypto/kerberosIV/lib/auth/sia/Makefile.in b/crypto/kerberosIV/lib/auth/sia/Makefile.in
index 7abc8f0..69858bd 100644
--- a/crypto/kerberosIV/lib/auth/sia/Makefile.in
+++ b/crypto/kerberosIV/lib/auth/sia/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.29 1999/03/21 17:11:58 joda Exp $
+# $Id: Makefile.in,v 1.30 1999/11/15 10:20:50 assar Exp $
 #
 
 SHELL = /bin/sh
@@ -39,7 +39,8 @@ LD_FLAGS = @REAL_LD_FLAGS@
 @lib_deps_yes@	   -lc
 @lib_deps_no@LIB_DEPS =
 
-LIB = libsia_krb4.$(SHLIBEXT)
+LIBNAME = libsia_krb4
+LIB = $(LIBNAME).$(SHLIBEXT)
 
 SOURCES = sia.c posix_getpw.c
 
diff --git a/crypto/kerberosIV/lib/auth/sia/README b/crypto/kerberosIV/lib/auth/sia/README
index aa7383e..6595734 100644
--- a/crypto/kerberosIV/lib/auth/sia/README
+++ b/crypto/kerberosIV/lib/auth/sia/README
@@ -59,7 +59,7 @@ following.
      the default entry `/usr/tcb/bin/edauth -dd default', and add a
      `d_accept_alternate_vouching' capability, if not already present.
 
-   * For each user that does *not* have a local C2 password, you should
+   * For each user that does _not_ have a local C2 password, you should
      set the password expiration field to zero. You can do this for each
      user, or in the `default' table. To do this use `edauth' to set
      (or change) the `u_exp' capability to `u_exp#0'.
@@ -78,7 +78,7 @@ Also, kerberised ftp will not work with C2 passwords. You can solve this
 by using both Digital's ftpd and our on different ports.
 
 *Remember*, if you do these changes you will get a system that most
-certainly does *not* fulfill the requirements of a C2 system. If C2 is
+certainly does _not_ fulfill the requirements of a C2 system. If C2 is
 what you want, for instance if someone else is forcing you to use it,
 you're out of luck.  If you use enhanced security because you want a
 system that is more secure than it would otherwise be, you probably got
diff --git a/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf
index b664d3d..4b90e02 100644
--- a/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf
+++ b/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf
@@ -13,12 +13,7 @@
 #    notice, this list of conditions and the following disclaimer in the 
 #    documentation and/or other materials provided with the distribution. 
 #
-# 3. All advertising materials mentioning features or use of this software 
-#    must display the following acknowledgement: 
-#      This product includes software developed by Kungliga Tekniska 
-#      Högskolan and its contributors. 
-#
-# 4. Neither the name of the Institute nor the names of its contributors 
+# 3. Neither the name of the Institute nor the names of its contributors 
 #    may be used to endorse or promote products derived from this software 
 #    without specific prior written permission. 
 #
@@ -34,7 +29,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
 # SUCH DAMAGE. 
 
-# $Id: krb4+c2_matrix.conf,v 1.3 1998/06/30 15:14:31 assar Exp $
+# $Id: krb4+c2_matrix.conf,v 1.4 1999/12/02 16:58:37 joda Exp $
 
 # sia matrix configuration file (Kerberos 4 + C2)
 
diff --git a/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf
index 9f78850..4f55a81 100644
--- a/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf
+++ b/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf
@@ -13,12 +13,7 @@
 #    notice, this list of conditions and the following disclaimer in the 
 #    documentation and/or other materials provided with the distribution. 
 #
-# 3. All advertising materials mentioning features or use of this software 
-#    must display the following acknowledgement: 
-#      This product includes software developed by Kungliga Tekniska 
-#      Högskolan and its contributors. 
-#
-# 4. Neither the name of the Institute nor the names of its contributors 
+# 3. Neither the name of the Institute nor the names of its contributors 
 #    may be used to endorse or promote products derived from this software 
 #    without specific prior written permission. 
 #
@@ -34,7 +29,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
 # SUCH DAMAGE. 
 
-# $Id: krb4_matrix.conf,v 1.5 1998/01/29 02:54:11 joda Exp $
+# $Id: krb4_matrix.conf,v 1.6 1999/12/02 16:58:37 joda Exp $
 
 # sia matrix configuration file (Kerberos 4 + BSD)
 
diff --git a/crypto/kerberosIV/lib/auth/sia/sia.c b/crypto/kerberosIV/lib/auth/sia/sia.c
index 8d35b41..73cd53e 100644
--- a/crypto/kerberosIV/lib/auth/sia/sia.c
+++ b/crypto/kerberosIV/lib/auth/sia/sia.c
@@ -33,7 +33,7 @@
 
 #include "sia_locl.h"
 
-RCSID("$Id: sia.c,v 1.30 1999/04/08 13:07:38 joda Exp $");
+RCSID("$Id: sia.c,v 1.32 1999/10/03 15:49:36 joda Exp $");
 
 int 
 siad_init(void)
@@ -105,7 +105,7 @@ doauth(SIAENTITY *entity, int pkgind, char *name)
     char pwbuf[1024];
     struct state *s = (struct state*)entity->mech[pkgind];
 #ifdef SIA_KRB5
-    char *realm;
+    krb5_realm *realms, *r;
     krb5_principal principal;
     krb5_ccache ccache;
     krb5_error_code ret;
@@ -125,23 +125,22 @@ doauth(SIAENTITY *entity, int pkgind, char *name)
     }
 
 #ifdef SIA_KRB5
-    ret = krb5_get_default_realm(s->context, &realm);
-    krb5_build_principal(s->context, &principal, 
-			 strlen(realm),
-			 realm,
-			 entity->name,
-			 NULL);
+    ret = krb5_get_default_realms(s->context, &realms);
 
-	
-    if(!krb5_kuserok(s->context, principal, entity->name))
+    for (r = realms; *r != NULL; ++r) {
+	krb5_make_principal (s->context, &principal, *r, entity->name, NULL);
+
+	if(krb5_kuserok(s->context, principal, entity->name))
+	    break;
+    }
+    krb5_free_host_realm (s->context, realms);
+    if (*r == NULL)
 	return SIADFAIL;
+
     sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid());
     ret = krb5_cc_resolve(s->context, s->ticket, &ccache);
     if(ret)
 	return SIADFAIL;
-    ret = krb5_cc_initialize(s->context, ccache, principal);
-    if(ret)
-	return SIADFAIL;
 #endif
 	
 #ifdef SIA_KRB4
@@ -181,8 +180,8 @@ doauth(SIAENTITY *entity, int pkgind, char *name)
     }
 #endif
 #ifdef SIA_KRB5
-    ret = krb5_verify_user(s->context, principal, ccache,
-			   entity->password, 1, NULL);
+    ret = krb5_verify_user_lrealm(s->context, principal, ccache,
+				  entity->password, 1, NULL);
     if(ret){
 	/* if this is most likely a local user (such as
 	   root), just silently return failure when the
diff --git a/crypto/kerberosIV/lib/kadm/check_password.c b/crypto/kerberosIV/lib/kadm/check_password.c
index be95c91..ba6ba48 100644
--- a/crypto/kerberosIV/lib/kadm/check_password.c
+++ b/crypto/kerberosIV/lib/kadm/check_password.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -37,7 +32,7 @@
  */
 
 #include "kadm_locl.h"
-RCSID("$Id: check_password.c,v 1.2 1999/03/13 21:23:48 assar Exp $");
+RCSID("$Id: check_password.c,v 1.3 1999/12/02 16:58:39 joda Exp $");
 
 /* This is a client side password check. Should perhaps be merged with
    kadmind version that lives in pw_check.c */
diff --git a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c
index 8f98d44..8403014 100644
--- a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c
+++ b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c
@@ -29,7 +29,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
 
-RCSID("$Id: kadm_cli_wrap.c,v 1.26 1999/07/05 13:28:58 bg Exp $");
+RCSID("$Id: kadm_cli_wrap.c,v 1.27 1999/09/16 20:41:46 assar Exp $");
 
 static Kadm_Client client_parm;
 
@@ -73,9 +73,9 @@ kadm_init_link(char *n, char *i, char *r)
 
 	init_kadm_err_tbl();
 	init_krb_err_tbl();
-	strcpy_truncate(client_parm.sname, n, ANAME_SZ);
-	strcpy_truncate(client_parm.sinst, i, INST_SZ);
-	strcpy_truncate(client_parm.krbrlm, r, REALM_SZ);
+	strlcpy(client_parm.sname, n, ANAME_SZ);
+	strlcpy(client_parm.sinst, i, INST_SZ);
+	strlcpy(client_parm.krbrlm, r, REALM_SZ);
 	client_parm.admin_fd = -1;
 
 	/* set up the admin_addr - fetch name of admin host */
diff --git a/crypto/kerberosIV/lib/kadm/kadm_locl.h b/crypto/kerberosIV/lib/kadm/kadm_locl.h
index da73df9..709a224 100644
--- a/crypto/kerberosIV/lib/kadm/kadm_locl.h
+++ b/crypto/kerberosIV/lib/kadm/kadm_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kadm_locl.h,v 1.11 1998/10/05 13:56:42 joda Exp $ */
+/* $Id: kadm_locl.h,v 1.12 1999/12/02 16:58:39 joda Exp $ */
 
 #include "config.h"
 #include "protos.h"
diff --git a/crypto/kerberosIV/lib/kadm/kadm_supp.c b/crypto/kerberosIV/lib/kadm/kadm_supp.c
index 0c403eb..2a19cae 100644
--- a/crypto/kerberosIV/lib/kadm/kadm_supp.c
+++ b/crypto/kerberosIV/lib/kadm/kadm_supp.c
@@ -35,7 +35,7 @@ or implied warranty.
 
 #include "kadm_locl.h"
     
-RCSID("$Id: kadm_supp.c,v 1.13 1999/03/16 09:41:20 assar Exp $");
+RCSID("$Id: kadm_supp.c,v 1.14 1999/09/16 20:41:46 assar Exp $");
 
 static void
 time2str(char *buf, size_t len, time_t t)
@@ -112,11 +112,11 @@ kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old)
 {
     memset(new, 0, sizeof(*new));
     if (IS_FIELD(KADM_NAME,fields)) {
-	strcpy_truncate(new->name, old->name, ANAME_SZ); 
+	strlcpy(new->name, old->name, ANAME_SZ); 
 	SET_FIELD(KADM_NAME, new->fields);
     }
     if (IS_FIELD(KADM_INST,fields)) {
-	strcpy_truncate(new->instance, old->instance, INST_SZ); 
+	strlcpy(new->instance, old->instance, INST_SZ); 
 	SET_FIELD(KADM_INST, new->fields);
     }      
     if (IS_FIELD(KADM_EXPDATE,fields)) {
@@ -142,11 +142,11 @@ kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old)
 	SET_FIELD(KADM_MODDATE, new->fields);
     }
     if (IS_FIELD(KADM_MODNAME,fields)) {
-	strcpy_truncate(new->mod_name, old->mod_name, ANAME_SZ);
+	strlcpy(new->mod_name, old->mod_name, ANAME_SZ);
 	SET_FIELD(KADM_MODNAME, new->fields);
     }
     if (IS_FIELD(KADM_MODINST,fields)) {
-	strcpy_truncate(new->mod_instance, old->mod_instance, ANAME_SZ);
+	strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ);
 	SET_FIELD(KADM_MODINST, new->fields);
     }
     if (IS_FIELD(KADM_KVNO,fields)) {
@@ -162,9 +162,9 @@ kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old)
 
     memset(new, 0, sizeof(*new));
     if (IS_FIELD(KADM_NAME,fields))
-	strcpy_truncate(new->name, old->name, ANAME_SZ); 
+	strlcpy(new->name, old->name, ANAME_SZ); 
     if (IS_FIELD(KADM_INST,fields))
-	strcpy_truncate(new->instance, old->instance, INST_SZ); 
+	strlcpy(new->instance, old->instance, INST_SZ); 
     if (IS_FIELD(KADM_EXPDATE,fields))
 	new->exp_date   = old->exp_date; 
     if (IS_FIELD(KADM_ATTR,fields))
@@ -179,9 +179,9 @@ kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old)
     if (IS_FIELD(KADM_MODDATE,fields))
 	new->mod_date = old->mod_date;
     if (IS_FIELD(KADM_MODNAME,fields))
-	strcpy_truncate(new->mod_name, old->mod_name, ANAME_SZ);
+	strlcpy(new->mod_name, old->mod_name, ANAME_SZ);
     if (IS_FIELD(KADM_MODINST,fields))
-	strcpy_truncate(new->mod_instance, old->mod_instance, ANAME_SZ);
+	strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ);
     if (IS_FIELD(KADM_KVNO,fields))
 	new->key_version = old->key_version;
 #endif
diff --git a/crypto/kerberosIV/lib/kafs/ChangeLog b/crypto/kerberosIV/lib/kafs/ChangeLog
index e32b7ed..c9cd032 100644
--- a/crypto/kerberosIV/lib/kafs/ChangeLog
+++ b/crypto/kerberosIV/lib/kafs/ChangeLog
@@ -1,3 +1,51 @@
+1999-11-22  Assar Westerlund  <assar@sics.se>
+
+	* afskrb5.c (afslog_uid_int): handle d->realm == NULL
+	
+1999-11-17  Assar Westerlund  <assar@sics.se>
+
+	* afskrb5.c (afslog_uid_int): don't look at the local realm at
+ 	all.  just use the realm from the ticket file.
+
+1999-10-20  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: set version to 1:1:1
+
+	* afskrb5.c (get_cred): always request a DES key
+
+Mon Oct 18 17:40:21 1999  Bjoern Groenvall  <bg@mummel.sics.se>
+
+	* common.c (find_cells): Trim trailing whitespace from
+ 	cellname. Lines starting with # are regarded as comments.
+
+Fri Oct  8 18:17:22 1999  Bjoern Groenvall  <bg@mummel.sics.se>
+
+	* afskrb.c, common.c : Change code to make a clear distinction
+ 	between hinted realm and ticket realm.
+
+	* kafs_locl.h: Added argument realm_hint.
+
+	* common.c (_kafs_get_cred): Change code to acquire the ``best''
+ 	possible ticket. Use cross-cell authentication only as method of
+ 	last resort.
+
+	* afskrb.c (afslog_uid_int): Add realm_hint argument and extract
+ 	realm from ticket file.
+
+	* afskrb5.c (afslog_uid_int): Added argument realm_hint.
+
+1999-10-03  Assar Westerlund  <assar@sics.se>
+
+	* afskrb5.c (get_cred): update to new krb524_convert_creds_kdc
+
+1999-08-12  Johan Danielsson  <joda@pdc.kth.se>
+
+	* Makefile.am: ignore the comlicated aix construct if !krb4
+
+1999-07-26  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: set version to 1:0:1
+
 1999-07-22  Assar Westerlund  <assar@sics.se>
 
 	* afssysdefs.h: define AFS_SYSCALL to 73 for Solaris 2.7
diff --git a/crypto/kerberosIV/lib/kafs/Makefile.am b/crypto/kerberosIV/lib/kafs/Makefile.am
index f6afbc7..2333221 100644
--- a/crypto/kerberosIV/lib/kafs/Makefile.am
+++ b/crypto/kerberosIV/lib/kafs/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.13 1999/03/21 14:08:14 joda Exp $
+# $Id: Makefile.am,v 1.17 1999/10/19 23:54:05 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
@@ -6,9 +6,6 @@ INCLUDES += $(INCLUDE_krb4) $(AFS_EXTRA_DEFS)
 
 if KRB4
 AFSLIBS = libkafs.la
-else
-AFSLIBS = 
-endif
 
 if AIX
 AFSL_EXP = $(srcdir)/afsl.exp
@@ -38,9 +35,13 @@ AFSL_EXP =
 AIX_SRC =
 endif # AIX
 
+else
+AFSLIBS = 
+endif # KRB4
+
 
 lib_LTLIBRARIES = $(AFSLIBS)
-libkafs_la_LDFLAGS = -version-info 0:0:0
+libkafs_la_LDFLAGS = -version-info 1:1:1
 foodir = $(libdir)
 foo_DATA = $(AFS_EXTRA_LIBS)
 # EXTRA_DATA = afslib.so
diff --git a/crypto/kerberosIV/lib/kafs/Makefile.in b/crypto/kerberosIV/lib/kafs/Makefile.in
index 3a44f79..cefca29 100644
--- a/crypto/kerberosIV/lib/kafs/Makefile.in
+++ b/crypto/kerberosIV/lib/kafs/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.49 1999/03/10 19:01:15 joda Exp $
+# $Id: Makefile.in,v 1.50 1999/09/16 20:41:46 assar Exp $
 #
 
 SHELL = /bin/sh
@@ -41,9 +41,9 @@ LIB = $(LIBNAME).$(LIBEXT) $(AFS_EXTRA_LIBS)
 
 SOURCES = afssys.c afskrb.c common.c afslib.c
 
-EXTRA_SOURCE = issuid.c strcpy_truncate.c strcat_truncate.c
+EXTRA_SOURCE = issuid.c strlcpy.c strlcat.c
 
-EXTRA_OBJECT = issuid.o strcpy_truncate.o strcat_truncate.o
+EXTRA_OBJECT = issuid.o strlcpy.o strlcat.o
 
 OBJECTS = afssys.o afskrb.o common.o $(EXTRA_OBJECT) $(AFS_EXTRA_OBJS)
 
@@ -109,9 +109,9 @@ roken_rename.h:
 issuid.c:
 	$(LN_S) $(srcdir)/../roken/issuid.c .
 
-strcat_truncate.c:
-	$(LN_S) $(srcdir)/../roken/strcat_truncate.c .
+strlcat.c:
+	$(LN_S) $(srcdir)/../roken/strlcat.c .
 
-strcpy_truncate.c:
-	$(LN_S) $(srcdir)/../roken/strcpy_truncate.c .
+strlcpy.c:
+	$(LN_S) $(srcdir)/../roken/strlcpy.c .
 
diff --git a/crypto/kerberosIV/lib/kafs/afskrb.c b/crypto/kerberosIV/lib/kafs/afskrb.c
index 4da459c..805750d 100644
--- a/crypto/kerberosIV/lib/kafs/afskrb.c
+++ b/crypto/kerberosIV/lib/kafs/afskrb.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kafs_locl.h"
 
-RCSID("$Id: afskrb.c,v 1.11 1999/07/07 12:29:33 assar Exp $");
+RCSID("$Id: afskrb.c,v 1.13 1999/12/02 16:58:39 joda Exp $");
 
 struct krb_kafs_data {
     const char *realm;
@@ -60,26 +55,31 @@ get_cred(kafs_data *data, const char *name, const char *inst,
 }
 
 static int
-afslog_uid_int(kafs_data *data, const char *cell, uid_t uid,
+afslog_uid_int(kafs_data *data,
+	       const char *cell,
+	       const char *realm_hint,
+	       uid_t uid,
 	       const char *homedir)
 {
     int ret;
     CREDENTIALS c;
-    struct krb_kafs_data *d = data->data;
-    char realm[REALM_SZ], *lrealm;
+    char realm[REALM_SZ];
     
     if (cell == 0 || cell[0] == 0)
 	return _kafs_afslog_all_local_cells (data, uid, homedir);
 
-    ret = krb_get_lrealm(realm, 1);
-    if(ret == KSUCCESS && (d->realm == NULL || strcmp(d->realm, realm)))
-	lrealm = realm;
-    else
-	lrealm = NULL;
+    /* Extract realm from ticket file. */
+    {
+        char name[ANAME_SZ], inst[INST_SZ];
+
+	ret = krb_get_default_principal(name, inst, realm);
+	if (ret != KSUCCESS)
+	    return ret;
+    }
 
-    ret = _kafs_get_cred(data, cell, d->realm, lrealm, &c);
+    ret = _kafs_get_cred(data, cell, realm_hint, realm, &c);
     
-    if(ret == 0)
+    if (ret == 0)
 	ret = kafs_settoken(cell, uid, &c);
     return ret;
 }
@@ -95,36 +95,34 @@ get_realm(kafs_data *data, const char *host)
 }
 
 int
-krb_afslog_uid_home(const char *cell, const char *realm, uid_t uid,
+krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid,
 		    const char *homedir)
 {
     kafs_data kd;
-    struct krb_kafs_data d;
 
     kd.afslog_uid = afslog_uid_int;
     kd.get_cred = get_cred;
     kd.get_realm = get_realm;
-    kd.data = &d;
-    d.realm = realm;
-    return afslog_uid_int(&kd, cell, uid, homedir);
+    kd.data = 0;
+    return afslog_uid_int(&kd, cell, realm_hint, uid, homedir);
 }
 
 int
-krb_afslog_uid(const char *cell, const char *realm, uid_t uid)
+krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid)
 {
-    return krb_afslog_uid_home (cell, realm, uid, NULL);
+    return krb_afslog_uid_home(cell, realm_hint, uid, NULL);
 }
 
 int
-krb_afslog(const char *cell, const char *realm)
+krb_afslog(const char *cell, const char *realm_hint)
 {
-    return krb_afslog_uid (cell, realm, getuid());
+    return krb_afslog_uid(cell, realm_hint, getuid());
 }
 
 int
-krb_afslog_home(const char *cell, const char *realm, const char *homedir)
+krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir)
 {
-    return krb_afslog_uid_home (cell, realm, getuid(), homedir);
+    return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir);
 }
 
 /*
diff --git a/crypto/kerberosIV/lib/kafs/afskrb5.c b/crypto/kerberosIV/lib/kafs/afskrb5.c
index a25dd7e..4c35ea7 100644
--- a/crypto/kerberosIV/lib/kafs/afskrb5.c
+++ b/crypto/kerberosIV/lib/kafs/afskrb5.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kafs_locl.h"
 
-RCSID("$Id: afskrb5.c,v 1.7 1999/07/07 12:30:06 assar Exp $");
+RCSID("$Id: afskrb5.c,v 1.13 1999/12/02 16:58:39 joda Exp $");
 
 struct krb5_kafs_data {
     krb5_context context;
@@ -64,37 +59,44 @@ get_cred(kafs_data *data, const char *name, const char *inst,
 	krb5_free_principal(d->context, in_creds.server);
 	return ret;
     }
+    in_creds.session.keytype = KEYTYPE_DES;
     ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds);
     krb5_free_principal(d->context, in_creds.server);
     krb5_free_principal(d->context, in_creds.client);
     if(ret)
 	return ret;
-    ret = krb524_convert_creds_kdc(d->context, out_creds, c);
+    ret = krb524_convert_creds_kdc(d->context, d->id, out_creds, c);
     krb5_free_creds(d->context, out_creds);
     return ret;
 }
 
 static krb5_error_code
-afslog_uid_int(kafs_data *data, const char *cell, uid_t uid,
+afslog_uid_int(kafs_data *data, const char *cell, const char *rh, uid_t uid,
 	       const char *homedir)
 {
     krb5_error_code ret;
     CREDENTIALS c;
-    krb5_realm lrealm; /* local realm */
+    krb5_principal princ;
+    krb5_realm *trealm; /* ticket realm */
     struct krb5_kafs_data *d = data->data;
     
     if (cell == 0 || cell[0] == 0)
 	return _kafs_afslog_all_local_cells (data, uid, homedir);
 
-    ret = krb5_get_default_realm(d->context, &lrealm);
-    if(ret || (d->realm && strcmp(d->realm, lrealm) == 0)){
-	free(lrealm);
-	lrealm = NULL;
+    ret = krb5_cc_get_principal (d->context, d->id, &princ);
+    if (ret)
+	return ret;
+
+    trealm = krb5_princ_realm (d->context, princ);
+
+    if (d->realm != NULL && strcmp (d->realm, *trealm) == 0) {
+	trealm = NULL;
+	krb5_free_principal (d->context, princ);
     }
 
-    ret = _kafs_get_cred(data, cell, d->realm, lrealm, &c);
-    if(lrealm)
-	free(lrealm);
+    ret = _kafs_get_cred(data, cell, d->realm, *trealm, &c);
+    if(trealm)
+	krb5_free_principal (d->context, princ);
     
     if(ret == 0)
 	ret = kafs_settoken(cell, uid, &c);
@@ -131,7 +133,7 @@ krb5_afslog_uid_home(krb5_context context,
     d.context = context;
     d.id = id;
     d.realm = realm;
-    return afslog_uid_int(&kd, cell, uid, homedir);
+    return afslog_uid_int(&kd, cell, 0, uid, homedir);
 }
 
 krb5_error_code
diff --git a/crypto/kerberosIV/lib/kafs/afslib.c b/crypto/kerberosIV/lib/kafs/afslib.c
index 12779bc..ae3b5a5 100644
--- a/crypto/kerberosIV/lib/kafs/afslib.c
+++ b/crypto/kerberosIV/lib/kafs/afslib.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -42,7 +37,7 @@
 
 #include "kafs_locl.h"
 
-RCSID("$Id: afslib.c,v 1.5 1997/04/20 13:21:15 joda Exp $");
+RCSID("$Id: afslib.c,v 1.6 1999/12/02 16:58:40 joda Exp $");
 
 int
 aix_pioctl(char *a_path,
diff --git a/crypto/kerberosIV/lib/kafs/afssys.c b/crypto/kerberosIV/lib/kafs/afssys.c
index 2c6e3af..d49a65a 100644
--- a/crypto/kerberosIV/lib/kafs/afssys.c
+++ b/crypto/kerberosIV/lib/kafs/afssys.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kafs_locl.h"
 
-RCSID("$Id: afssys.c,v 1.63 1999/05/08 02:24:32 assar Exp $");
+RCSID("$Id: afssys.c,v 1.65 1999/12/02 16:58:40 joda Exp $");
 
 int _kafs_debug; /* this should be done in a better way */
 
@@ -77,7 +72,7 @@ try_aix(void)
      * If we are root or running setuid don't trust AFSLIBPATH!
      */
     if (getuid() != 0 && !issuid() && (p = getenv("AFSLIBPATH")) != NULL)
-	strcpy_truncate(path, p, sizeof(path));
+	strlcpy(path, p, sizeof(path));
     else
 	snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR);
 	
diff --git a/crypto/kerberosIV/lib/kafs/afssysdefs.h b/crypto/kerberosIV/lib/kafs/afssysdefs.h
index 7193eea..574b33f 100644
--- a/crypto/kerberosIV/lib/kafs/afssysdefs.h
+++ b/crypto/kerberosIV/lib/kafs/afssysdefs.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: afssysdefs.h,v 1.19.4.1 1999/07/22 03:21:43 assar Exp $ */
+/* $Id: afssysdefs.h,v 1.21 1999/12/02 16:58:40 joda Exp $ */
 
 /*
  * This section is for machines using single entry point AFS syscalls!
diff --git a/crypto/kerberosIV/lib/kafs/common.c b/crypto/kerberosIV/lib/kafs/common.c
index 54d7b1b..207b9b6 100644
--- a/crypto/kerberosIV/lib/kafs/common.c
+++ b/crypto/kerberosIV/lib/kafs/common.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "kafs_locl.h"
 
-RCSID("$Id: common.c,v 1.15 1999/06/09 22:41:41 assar Exp $");
+RCSID("$Id: common.c,v 1.19 1999/12/02 16:58:40 joda Exp $");
 
 #define AUTH_SUPERUSER "afs"
 
@@ -155,7 +150,7 @@ dns_find_cell(const char *cell, char *dbserver, size_t len)
 	struct resource_record *rr = r->head;
 	while(rr){
 	    if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){
-		strcpy_truncate(dbserver,
+		strlcpy(dbserver,
 				rr->u.afsdb->domain,
 				len);
 		ok = 0;
@@ -184,10 +179,12 @@ find_cells(char *file, char ***cells, int *index)
     if (f == NULL)
 	return;
     while (fgets(cell, sizeof(cell), f)) {
-	char *nl = strchr(cell, '\n');
-	if (nl)
-	    *nl = '\0';
-	if (cell[0] == '\0')
+	char *t;
+	t = cell + strlen(cell);
+	for (; t >= cell; t--)
+	  if (*t == '\n' || *t == '\t' || *t == ' ')
+	    *t = 0;
+	if (cell[0] == '\0' || cell[0] == '#')
 	    continue;
 	for(i = 0; i < ind; i++)
 	    if(strcmp((*cells)[i], cell) == 0)
@@ -218,8 +215,11 @@ afslog_cells(kafs_data *data, char **cells, int max, uid_t uid,
 {
     int ret = 0;
     int i;
-    for(i = 0; i < max; i++)
-	ret = (*data->afslog_uid)(data, cells[i], uid, homedir);
+    for (i = 0; i < max; i++) {
+        int er = (*data->afslog_uid)(data, cells[i], 0, uid, homedir);
+	if (er)
+	    ret = er;
+    }
     return ret;
 }
 
@@ -305,8 +305,8 @@ _kafs_realm_of_cell(kafs_data *data, const char *cell, char **realm)
 int
 _kafs_get_cred(kafs_data *data,
 	      const char *cell, 
-	      const char *krealm, 
-	      const char *lrealm,
+	      const char *realm_hint,
+	      const char *realm,
 	      CREDENTIALS *c)
 {
     int ret = -1;
@@ -334,37 +334,63 @@ _kafs_get_cred(kafs_data *data,
     /* comments on the ordering of these tests */
 
     /* If the user passes a realm, she probably knows something we don't
-     * know and we should try afs@krealm (otherwise we're talking with a
+     * know and we should try afs@realm_hint (otherwise we're talking with a
      * blondino and she might as well have it.)
      */
   
-    if (krealm) {
-	ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, krealm, c);
+    if (realm_hint) {
+	ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm_hint, c);
+	if (ret == 0) return 0;
+	ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm_hint, c);
 	if (ret == 0) return 0;
-	ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", krealm, c);
     }
-    if (ret == 0) return 0;
 
     foldup(CELL, cell);
 
-    ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, CELL, c);
+    /*
+     * If cell == realm we don't need no cross-cell authentication.
+     * Try afs@REALM.
+     */
+    if (strcmp(CELL, realm) == 0) {
+        ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm, c);
+	if (ret == 0) return 0;
+	/* Try afs.cell@REALM below. */
+    }
+
+    /*
+     * If the AFS servers have a file /usr/afs/etc/krb.conf containing
+     * REALM we still don't have to resort to cross-cell authentication.
+     * Try afs.cell@REALM.
+     */
+    ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm, c);
     if (ret == 0) return 0;
 
+    /*
+     * We failed to get ``first class tickets'' for afs,
+     * fall back to cross-cell authentication.
+     * Try afs@CELL.
+     * Try afs.cell@CELL.
+     */
     ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", CELL, c);
     if (ret == 0) return 0;
-    
-    /* this might work in some cases */
-    if (_kafs_realm_of_cell(data, cell, &vl_realm) == 0) {
+    ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, CELL, c);
+    if (ret == 0) return 0;
+
+    /*
+     * Perhaps the cell doesn't correspond to any realm?
+     * Use realm of first volume location DB server.
+     * Try afs.cell@VL_REALM.
+     * Try afs@VL_REALM???
+     */
+    if (_kafs_realm_of_cell(data, cell, &vl_realm) == 0
+	&& strcmp(vl_realm, realm) != 0
+	&& strcmp(vl_realm, CELL) != 0) {
 	ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, vl_realm, c);
 	if (ret)
 	    ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", vl_realm, c);
 	free(vl_realm);
 	if (ret == 0) return 0;
     }
-    
-    if (lrealm)
-	ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, lrealm, c);
+
     return ret;
 }
-
-
diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.c b/crypto/kerberosIV/lib/kafs/dlfcn.c
index 98e081c..e664fe3 100644
--- a/crypto/kerberosIV/lib/kafs/dlfcn.c
+++ b/crypto/kerberosIV/lib/kafs/dlfcn.c
@@ -142,7 +142,7 @@ void *dlopen(const char *path, int mode)
 		if (errno == ENOEXEC) {
 			char *tmp[BUFSIZ/sizeof(char *)];
 			if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1)
-				strcpy_truncate(errbuf,
+				strlcpy(errbuf,
 						strerror(errno),
 						sizeof(errbuf));
 			else {
@@ -151,7 +151,7 @@ void *dlopen(const char *path, int mode)
 					caterr(*p);
 			}
 		} else
-			strcat_truncate(errbuf,
+			strlcat(errbuf,
 					strerror(errno),
 					sizeof(errbuf));
 		return NULL;
@@ -231,29 +231,29 @@ static void caterr(char *s)
 		p++;
 	switch(atoi(s)) {
 	case L_ERROR_TOOMANY:
-		strcat_truncate(errbuf, "to many errors", sizeof(errbuf));
+		strlcat(errbuf, "to many errors", sizeof(errbuf));
 		break;
 	case L_ERROR_NOLIB:
-		strcat_truncate(errbuf, "can't load library", sizeof(errbuf));
-		strcat_truncate(errbuf, p, sizeof(errbuf));
+		strlcat(errbuf, "can't load library", sizeof(errbuf));
+		strlcat(errbuf, p, sizeof(errbuf));
 		break;
 	case L_ERROR_UNDEF:
-		strcat_truncate(errbuf, "can't find symbol", sizeof(errbuf));
-		strcat_truncate(errbuf, p, sizeof(errbuf));
+		strlcat(errbuf, "can't find symbol", sizeof(errbuf));
+		strlcat(errbuf, p, sizeof(errbuf));
 		break;
 	case L_ERROR_RLDBAD:
-		strcat_truncate(errbuf, "bad RLD", sizeof(errbuf));
-		strcat_truncate(errbuf, p, sizeof(errbuf));
+		strlcat(errbuf, "bad RLD", sizeof(errbuf));
+		strlcat(errbuf, p, sizeof(errbuf));
 		break;
 	case L_ERROR_FORMAT:
-		strcat_truncate(errbuf, "bad exec format in", sizeof(errbuf));
-		strcat_truncate(errbuf, p, sizeof(errbuf));
+		strlcat(errbuf, "bad exec format in", sizeof(errbuf));
+		strlcat(errbuf, p, sizeof(errbuf));
 		break;
 	case L_ERROR_ERRNO:
-		strcat_truncate(errbuf, strerror(atoi(++p)), sizeof(errbuf));
+		strlcat(errbuf, strerror(atoi(++p)), sizeof(errbuf));
 		break;
 	default:
-		strcat_truncate(errbuf, s, sizeof(errbuf));
+		strlcat(errbuf, s, sizeof(errbuf));
 		break;
 	}
 }
@@ -519,7 +519,7 @@ static int readExports(ModulePtr mp)
 			 * must copy the first SYMNMLEN chars and make
 			 * sure we have a zero byte at the end.
 			 */
-		        strcpy_truncate (tmpsym, ls->l_name,
+		        strlcpy (tmpsym, ls->l_name,
 					 SYMNMLEN + 1);
 			symname = tmpsym;
 		}
diff --git a/crypto/kerberosIV/lib/kafs/kafs.h b/crypto/kerberosIV/lib/kafs/kafs.h
index cdf23cb..0fb969e 100644
--- a/crypto/kerberosIV/lib/kafs/kafs.h
+++ b/crypto/kerberosIV/lib/kafs/kafs.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kafs.h,v 1.31 1999/07/07 12:30:40 assar Exp $ */
+/* $Id: kafs.h,v 1.32 1999/12/02 16:58:40 joda Exp $ */
 
 #ifndef __KAFS_H
 #define __KAFS_H
diff --git a/crypto/kerberosIV/lib/kafs/kafs_locl.h b/crypto/kerberosIV/lib/kafs/kafs_locl.h
index 6174f74..ac1c2f6 100644
--- a/crypto/kerberosIV/lib/kafs/kafs_locl.h
+++ b/crypto/kerberosIV/lib/kafs/kafs_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kafs_locl.h,v 1.12.2.1 1999/07/22 03:22:05 assar Exp $ */
+/* $Id: kafs_locl.h,v 1.15 1999/12/02 16:58:40 joda Exp $ */
 
 #ifndef __KAFS_LOCL_H__
 #define __KAFS_LOCL_H__
@@ -106,8 +101,11 @@
 #include "afssysdefs.h"
 
 struct kafs_data;
-typedef int (*afslog_uid_func_t)(struct kafs_data*, const char*, uid_t,
-				 const char *);
+typedef int (*afslog_uid_func_t)(struct kafs_data *,
+				 const char *cell,
+				 const char *realm_hint,
+				 uid_t,
+				 const char *homedir);
 
 typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, 
 				    const char*, CREDENTIALS*);
diff --git a/crypto/kerberosIV/lib/kclient/KClient.c b/crypto/kerberosIV/lib/kclient/KClient.c
new file mode 100644
index 0000000..6d4ed60
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/KClient.c
@@ -0,0 +1,440 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* KClient.c - KClient glue to krb4.dll
+ * Author: Jörgen Karlsson - d93-jka@nada.kth.se
+ * Date: June 1996
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: KClient.c,v 1.14 1999/12/02 16:58:40 joda Exp $");
+#endif
+
+#ifdef WIN32	/* Visual C++ 4.0 (Windows95/NT) */
+#include <Windows.h>
+#endif /* WIN32 */
+
+//#include <string.h>
+#include <winsock.h>
+#include "passwd_dlg.h"
+#include "KClient.h"
+#include "krb.h"
+
+char guser[64];
+
+void
+msg(char *text)
+{
+    HWND wnd = GetActiveWindow();
+    MessageBox(wnd, text, "KClient message", MB_OK|MB_APPLMODAL);
+}
+ 
+BOOL
+SendTicketForService(LPSTR service, LPSTR version, int fd)
+{
+    KTEXT_ST ticket;
+    MSG_DAT mdat;
+    CREDENTIALS cred;
+    des_key_schedule schedule;
+    char name[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
+    int ret;
+    static KClientSessionInfo foo;
+    KClientKey key;
+
+    kname_parse(name, inst, realm, service);
+    strlcpy(foo.realm, realm, sizeof(foo.realm));
+
+    if(KClientStatus(&foo) == KClientNotLoggedIn)
+	KClientLogin(&foo, &key);
+
+    ret = krb_sendauth (0, fd, &ticket,
+			name, inst, realm, 17, &mdat,
+			&cred, &schedule, NULL, NULL, version);
+    if(ret)
+	return FALSE;
+    return TRUE;
+}
+
+BOOL WINAPI
+DllMain(HANDLE hInst, ULONG reason, LPVOID lpReserved)
+{
+    WORD wVersionRequested;
+    WSADATA wsaData;
+    int err;
+
+    switch(reason){
+    case DLL_PROCESS_ATTACH:
+	wVersionRequested = MAKEWORD(1, 1);
+
+	err = WSAStartup(wVersionRequested, &wsaData);
+
+	if (err != 0)
+	{
+	    /* Tell the user that we couldn't find a useable */
+	    /* winsock.dll.     */
+	    msg("Cannot find winsock.dll");
+	    return FALSE;
+	}
+	break;
+    case DLL_PROCESS_DETACH:
+	WSACleanup();
+    }
+
+    return TRUE;
+}
+
+Kerr
+KClientMessage(char *text, Kerr error)
+{
+    msg(text);
+    return error;
+}
+
+/* KClientInitSession
+ * You need to call this routine before calling most other routines.
+ * It initializes a KClientSessionInfo structure.
+ * The local and remote addresses are for use in KClientEncrypt,
+ * KClientDecrypt, KClientMakeSendAuth and KClientVerifySendAuth.
+ * If you don't use any of these routines it's perfectly OK to do the following...
+ * err = KClientInitSession(session,0,0,0,0);
+ */
+Kerr
+KClientInitSession(KClientSessionInfo *session,
+		   unsigned long lAddr,
+		   unsigned short lPort,
+		   unsigned long fAddr,
+		   unsigned short fPort)
+{
+    session->lAddr = lAddr;
+    session->lPort = lPort;
+    session->fAddr = fAddr;
+    session->fPort = fPort;
+    if(tf_get_pname(session->user) != KSUCCESS)
+	*(session->user) = '\0';
+    if(tf_get_pinst(session->inst) != KSUCCESS)
+	*(session->inst) = '\0';
+    krb_get_lrealm (session->realm, 1);
+    if(*(session->user))
+	strlcpy(guser, session->user, sizeof(guser));
+    else
+	*guser ='\0';
+    
+    return 0;
+}
+
+
+/* KClientGetTicketForService
+ * This routine gets an authenticator to be passed to a service.
+ * If the user isn't already logged in the user is prompted for a password.
+ */
+Kerr
+KClientGetTicketForService(KClientSessionInfo *session,
+			   char *service,
+			   void *buf,
+			   unsigned long *buflen)
+{
+    CREDENTIALS c;
+    KClientKey k;
+    KTEXT_ST ticket;
+    char serv[255], inst[255], realm[255];
+    Kerr err;
+
+    //	KClientSetUserName(session->user);
+    err = kname_parse(serv,inst,realm,service);
+    if(*realm)
+	strlcpy(session->realm, realm, sizeof(session->realm));
+    else
+	strlcpy(realm, session->realm, sizeof(realm));
+    if(KClientStatus(session) == KClientNotLoggedIn)
+	if((err = KClientLogin(session, &k)) != KSUCCESS)
+	    return err;
+
+    if((err = krb_mk_req(&ticket, serv, inst, realm, 0)) != KSUCCESS)
+	return KClientMessage(KClientErrorText(err,0),err);
+    if((err = krb_get_cred(serv, inst, realm, &c)) != KSUCCESS)
+	return KClientMessage(KClientErrorText(err,0),err);
+
+    if(*buflen >= ticket.length)
+    {
+	*buflen = ticket.length + sizeof(unsigned long);
+	CopyMemory(buf, &ticket, *buflen);
+	CopyMemory(session->key, c.session, sizeof(session->key));
+    }
+    else
+	err = -1;
+    return err;
+}
+
+
+/* KClientLogin
+ * This routine "logs in" by getting a ticket granting ticket from kerberos.
+ * It returns the user's private key which can be used to automate login at
+ * a later time with KClientKeyLogin.
+ */
+
+Kerr
+KClientLogin(KClientSessionInfo *session,
+	     KClientKey *privateKey)
+{
+    CREDENTIALS c;
+    Kerr err;
+    char passwd[100];
+	
+    if((err = pwd_dialog(guser, passwd)))
+	return err;
+    if(KClientStatus(session) == KClientNotLoggedIn)
+    {
+
+	if((err = krb_get_pw_in_tkt(guser, session->inst, session->realm,
+				    "krbtgt", session->realm,
+				    DEFAULT_TKT_LIFE, passwd)) != KSUCCESS)
+	    return KClientMessage(KClientErrorText(err,0),err);
+    }
+    if((err = krb_get_cred("krbtgt", session->realm,
+			   session->realm, &c)) == KSUCCESS)
+	CopyMemory(privateKey, c.session, sizeof(*privateKey));
+    return err;
+}
+
+
+/* KClientPasswordLogin
+ * This routine is similiar to KClientLogin but instead of prompting the user
+ * for a password it uses the password supplied to establish login.
+ */
+Kerr
+KClientPasswordLogin(KClientSessionInfo *session,
+		     char *password,
+		     KClientKey *privateKey)
+{
+    return krb_get_pw_in_tkt(guser, session->inst, session->realm,
+			     "krbtgt",
+			     session->realm,
+			     DEFAULT_TKT_LIFE,
+			     password);
+}
+
+
+static key_proc_t
+key_proc(void *arg)
+{
+	return arg;
+}
+
+/* KClientKeyLogin
+ * This routine is similiar to KClientLogin but instead of prompting the user
+ * for a password it uses the private key supplied to establish login.
+ */
+Kerr
+KClientKeyLogin(KClientSessionInfo *session,
+		KClientKey *privateKey)
+{
+    return krb_get_in_tkt(guser, session->inst, session->realm,
+			  "krbtgt",
+			  session->realm,
+			  DEFAULT_TKT_LIFE,
+			  key_proc,
+			  0,
+			  privateKey);
+}
+
+/* KClientLogout
+ * This routine destroys all credentials stored in the credential cache
+ * effectively logging the user out.
+ */
+Kerr
+KClientLogout(void)
+{
+    return 0;
+}
+
+
+/* KClientStatus
+ * This routine returns the user's login status which can be
+ * KClientLoggedIn or KClientNotLoggedIn.
+ */
+short
+KClientStatus(KClientSessionInfo *session)
+{
+    CREDENTIALS c;
+    if(krb_get_cred("krbtgt",
+		    session->realm,
+		    session->realm, &c) == KSUCCESS)
+	return KClientLoggedIn;
+    else
+	return KClientNotLoggedIn;
+}
+
+
+/* KClientGetUserName
+ * This routine returns the name the user supplied in the login dialog.
+ * No name is returned if the user is not logged in.
+ */
+Kerr
+KClientGetUserName(char *user)
+{
+    strcpy(user, guser);
+    return 0;
+}
+
+
+/* KClientSetUserName
+ * This routine sets the name that will come up in the login dialog
+ * the next time the user is prompted for a password.
+ */
+Kerr
+KClientSetUserName(char *user)
+{
+    strlcpy(guser, user, sizeof(guser));
+    return 0;
+}
+
+
+/* KClientCacheInitialTicket
+ * This routine is used to obtain a ticket for the password changing service.
+ */
+Kerr
+KClientCacheInitialTicket(KClientSessionInfo *session,
+			  char *service)
+{
+    return 0;
+}
+
+
+/* KClientGetSessionKey
+ * This routine can be used to obtain the session key which is stored
+ * in the KClientSessionInfo record. The session key has no usefullness
+ * with any KClient calls but it can be used to with the MIT kerberos API.
+ */
+Kerr
+KClientGetSessionKey(KClientSessionInfo *session,
+		     KClientKey *sessionKey)
+{
+    CopyMemory(sessionKey, session->key, sizeof(*sessionKey));
+    return 0;
+}
+
+
+/* KClientMakeSendAuth
+ * This routine is used to create an authenticator that is the same as those
+ * created by the kerberos routine SendAuth.
+ */
+Kerr
+KClientMakeSendAuth(KClientSessionInfo *session,
+		    char *service,
+		    void *buf,
+		    unsigned long *buflen,
+		    long checksum,
+		    char *applicationVersion)
+{
+    return 0;
+}
+
+
+/* KClientVerifySendAuth
+ * This routine is used to verify a response made by a server doing RecvAuth.
+ * The two routines KClientMakeSendAuth and KClientVerifySendAuth together
+ * provide the functionality of SendAuth minus the transmission of authenticators
+ * between client->server->client.
+ */
+Kerr
+KClientVerifySendAuth(KClientSessionInfo *session,
+		      void *buf,
+		      unsigned long *buflen)
+{
+    return 0;
+}
+
+
+/* KClientEncrypt
+ * This routine encrypts a series a bytes for transmission to the remote host.
+ * For this to work properly you must be logged in and you must have specified
+ * the remote and local addresses in KClientInitSession. The unencrypted
+ * message pointed to by buf and of length buflen is returned encrypted
+ * in encryptBuf of length encryptLength.
+ * The encrypted buffer must be at least 26 bytes longer the buf.
+ */
+Kerr
+KClientEncrypt(KClientSessionInfo *session,
+	       void *buf,
+	       unsigned long buflen,
+	       void *encryptBuf,
+	       unsigned long *encryptLength)
+{
+    int num = 64;
+    des_cfb64_encrypt(buf, encryptBuf, buflen,
+		      (struct des_ks_struct*) session->key,
+		      0, &num, 1);
+    return 0;
+}
+
+
+/* KClientDecrypt
+ * This routine decrypts a series of bytes received from the remote host.
+
+ * NOTE: this routine will not reverse a KClientEncrypt call.
+ * It can only decrypt messages sent from the remote host.
+
+ * Instead of copying the decrypted message to an out buffer,
+ * the message is decrypted in place and you are returned
+ * an offset into the buffer where the decrypted message begins.
+ */
+Kerr
+KClientDecrypt(KClientSessionInfo *session,
+	       void *buf,
+	       unsigned long buflen,
+	       unsigned long *decryptOffset,
+	       unsigned long *decryptLength)
+{
+    int num;
+    des_cfb64_encrypt(buf, buf, buflen,
+		      (struct des_ks_struct*)session->key, 0, &num, 0);
+    *decryptOffset = 0;
+    *decryptLength = buflen;
+    return 0;
+}
+
+
+/* KClientErrorText
+ * This routine returns a text description of errors returned by any of
+ * the calls in this library.
+ */
+char *
+KClientErrorText(Kerr err,
+		 char *text)
+{
+    char *t = krb_get_err_text(err);
+    if(text)
+	strcpy(text, t);
+    return t;
+}
diff --git a/crypto/kerberosIV/lib/kclient/KClient.def b/crypto/kerberosIV/lib/kclient/KClient.def
new file mode 100644
index 0000000..9b55b2c
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/KClient.def
@@ -0,0 +1,19 @@
+LIBRARY kclnt32
+EXPORTS
+	KClientInitSession
+	KClientGetTicketForService
+	KClientLogin
+	KClientPasswordLogin
+	KClientKeyLogin
+	KClientLogout
+	KClientStatus
+	KClientGetUserName
+	KClientSetUserName
+	KClientCacheInitialTicket
+	KClientGetSessionKey
+	KClientMakeSendAuth
+	KClientVerifySendAuth
+	KClientEncrypt
+	KClientDecrypt
+	KClientErrorText
+	SendTicketForService
diff --git a/crypto/kerberosIV/lib/kclient/KClient.dsp b/crypto/kerberosIV/lib/kclient/KClient.dsp
new file mode 100644
index 0000000..de4dde2
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/KClient.dsp
@@ -0,0 +1,127 @@
+# Microsoft Developer Studio Project File - Name="kclient" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 5.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
+
+CFG=kclient - Win32 Release
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "KClient.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "KClient.mak" CFG="kclient - Win32 Release"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "kclient - Win32 Release" (based on\
+ "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "kclient - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE 
+
+# Begin Project
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+MTL=midl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "kclient - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir ".\Release"
+# PROP BASE Intermediate_Dir ".\Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir ".\Release"
+# PROP Intermediate_Dir ".\Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\krb" /I "..\..\include" /I "..\..\include\win32" /I "..\des" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386
+# ADD LINK32 ..\krb\Release\krb.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows /dll /machine:I386 /out:".\Release/kclnt32.dll"
+
+!ELSEIF  "$(CFG)" == "kclient - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir ".\Debug"
+# PROP BASE Intermediate_Dir ".\Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir ".\Debug"
+# PROP Intermediate_Dir ".\Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c
+# ADD CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\krb" /I "..\..\include" /I "..\..\include\win32" /I "..\des" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c
+# ADD BASE MTL /nologo /D "_DEBUG" /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386
+# ADD LINK32 ..\krb\Debug\krb.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows /dll /debug /machine:I386 /out:".\Debug/kclnt32.dll"
+
+!ENDIF 
+
+# Begin Target
+
+# Name "kclient - Win32 Release"
+# Name "kclient - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90"
+# Begin Source File
+
+SOURCE=.\KClient.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\KClient.def
+# End Source File
+# Begin Source File
+
+SOURCE=.\passwd_dialog.rc
+# End Source File
+# Begin Source File
+
+SOURCE=.\passwd_dlg.c
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd"
+# Begin Source File
+
+SOURCE=.\KClient.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\passwd_dlg.h
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe"
+# End Group
+# End Target
+# End Project
diff --git a/crypto/kerberosIV/lib/kclient/KClient.h b/crypto/kerberosIV/lib/kclient/KClient.h
new file mode 100644
index 0000000..d8916c5
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/KClient.h
@@ -0,0 +1,160 @@
+/*
+ * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* KClient.h - KClient glue to krb4.dll
+ * Author: Jörgen Karlsson - d93-jka@nada.kth.se
+ * Date: June 1996
+ */
+
+/* $Id: KClient.h,v 1.8 1999/12/02 16:58:40 joda Exp $ */
+
+#ifndef	KCLIENT_H
+#define	KCLIENT_H
+
+#ifdef MacOS
+#include <Types.h>
+typedef OSerr Kerr;
+#endif /* MacOS */
+
+#ifdef WIN32	/* Visual C++ 4.0 (Windows95/NT) */
+typedef int Kerr;
+#endif /* WIN32 */
+
+enum { KClientLoggedIn, KClientNotLoggedIn };
+
+struct _KClientKey
+{
+    unsigned char keyBytes[8];
+};
+typedef struct _KClientKey KClientKey;
+
+struct _KClientSessionInfo
+{
+    unsigned long lAddr;
+    unsigned short lPort;
+    unsigned long fAddr;
+    unsigned short fPort;
+    char user[32];
+    char inst[32];
+    char realm[32];
+    char key[8];
+};
+typedef struct _KClientSessionInfo KClientSessionInfo;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+Kerr KClientMessage(char *text, Kerr error);
+
+/* KClientInitSession */
+Kerr KClientInitSession(KClientSessionInfo *session,
+			unsigned long lAddr,
+			unsigned short lPort,
+			unsigned long fAddr,
+			unsigned short fPort);
+
+/* KClientGetTicketForService */
+Kerr KClientGetTicketForService(KClientSessionInfo *session,
+				char *service,
+				void *buf,
+				unsigned long *buflen);
+
+
+/* KClientLogin	*/
+Kerr KClientLogin(KClientSessionInfo *session,
+		  KClientKey *privateKey );
+
+/* KClientPasswordLogin */
+Kerr KClientPasswordLogin(KClientSessionInfo *session,
+			  char *password,
+			  KClientKey *privateKey);
+
+/* KClientKeyLogin */
+Kerr KClientKeyLogin(KClientSessionInfo *session, KClientKey *privateKey);
+
+/* KClientLogout */
+Kerr KClientLogout(void);
+
+/* KClientStatus */
+short KClientStatus(KClientSessionInfo *session);
+
+/* KClientGetUserName */
+Kerr KClientGetUserName(char *user);
+
+/* KClientSetUserName */
+Kerr KClientSetUserName(char *user);
+
+/* KClientCacheInitialTicket */
+Kerr KClientCacheInitialTicket(KClientSessionInfo *session,
+			       char *service);
+
+/* KClientGetSessionKey */
+Kerr KClientGetSessionKey(KClientSessionInfo *session,
+			  KClientKey *sessionKey);
+
+/* KClientMakeSendAuth */
+Kerr KClientMakeSendAuth(KClientSessionInfo *session,
+			 char *service,
+			 void *buf,
+			 unsigned long *buflen,
+			 long checksum,
+			 char *applicationVersion);
+
+/* KClientVerifySendAuth */
+Kerr KClientVerifySendAuth(KClientSessionInfo *session,
+			   void *buf,
+			   unsigned long *buflen);
+
+/* KClientEncrypt */
+Kerr KClientEncrypt(KClientSessionInfo *session,
+		    void *buf,
+		    unsigned long buflen,
+		    void *encryptBuf,
+		    unsigned long *encryptLength);
+
+/* KClientDecrypt */
+Kerr KClientDecrypt(KClientSessionInfo *session,
+		    void *buf,
+		    unsigned long buflen,
+		    unsigned long *decryptOffset,
+		    unsigned long *decryptLength);
+
+/* KClientErrorText */
+char *KClientErrorText(Kerr err, char *text);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* KCLIENT_H */
diff --git a/crypto/kerberosIV/lib/kclient/KClient.mak b/crypto/kerberosIV/lib/kclient/KClient.mak
new file mode 100644
index 0000000..40d4ab8
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/KClient.mak
@@ -0,0 +1,297 @@
+# Microsoft Developer Studio Generated NMAKE File, Based on KClient.dsp
+!IF "$(CFG)" == ""
+CFG=kclient - Win32 Release
+!MESSAGE No configuration specified. Defaulting to kclient - Win32 Release.
+!ENDIF 
+
+!IF "$(CFG)" != "kclient - Win32 Release" && "$(CFG)" !=\
+ "kclient - Win32 Debug"
+!MESSAGE Invalid configuration "$(CFG)" specified.
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line.  For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "KClient.mak" CFG="kclient - Win32 Release"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "kclient - Win32 Release" (based on\
+ "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "kclient - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE 
+!ERROR An invalid configuration is specified.
+!ENDIF 
+
+!IF "$(OS)" == "Windows_NT"
+NULL=
+!ELSE 
+NULL=nul
+!ENDIF 
+
+!IF  "$(CFG)" == "kclient - Win32 Release"
+
+OUTDIR=.\Release
+INTDIR=.\Release
+# Begin Custom Macros
+OutDir=.\.\Release
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "$(OUTDIR)\kclnt32.dll"
+
+!ELSE 
+
+ALL : "krb - Win32 Release" "$(OUTDIR)\kclnt32.dll"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"krb - Win32 ReleaseCLEAN" 
+!ELSE 
+CLEAN : 
+!ENDIF 
+	-@erase "$(INTDIR)\KClient.obj"
+	-@erase "$(INTDIR)\passwd_dialog.res"
+	-@erase "$(INTDIR)\passwd_dlg.obj"
+	-@erase "$(INTDIR)\vc50.idb"
+	-@erase "$(OUTDIR)\kclnt32.dll"
+	-@erase "$(OUTDIR)\kclnt32.exp"
+	-@erase "$(OUTDIR)\kclnt32.lib"
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\krb" /I "..\..\include" /I\
+ "..\..\include\win32" /I "..\des" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\
+ "HAVE_CONFIG_H" /Fp"$(INTDIR)\KClient.pch" /YX /Fo"$(INTDIR)\\"\
+ /Fd"$(INTDIR)\\" /FD /c 
+CPP_OBJS=.\Release/
+CPP_SBRS=.
+
+.c{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.c{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\passwd_dialog.res" /d "NDEBUG" 
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\KClient.bsc" 
+BSC32_SBRS= \
+	
+LINK32=link.exe
+LINK32_FLAGS=..\krb\Release\krb.lib ..\des\Release\des.lib wsock32.lib\
+ kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\
+ shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000"\
+ /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\kclnt32.pdb"\
+ /machine:I386 /def:".\KClient.def" /out:"$(OUTDIR)\kclnt32.dll"\
+ /implib:"$(OUTDIR)\kclnt32.lib" 
+DEF_FILE= \
+	".\KClient.def"
+LINK32_OBJS= \
+	"$(INTDIR)\KClient.obj" \
+	"$(INTDIR)\passwd_dialog.res" \
+	"$(INTDIR)\passwd_dlg.obj" \
+	"..\krb\Release\krb.lib"
+
+"$(OUTDIR)\kclnt32.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+!ELSEIF  "$(CFG)" == "kclient - Win32 Debug"
+
+OUTDIR=.\Debug
+INTDIR=.\Debug
+# Begin Custom Macros
+OutDir=.\.\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "$(OUTDIR)\kclnt32.dll"
+
+!ELSE 
+
+ALL : "krb - Win32 Debug" "$(OUTDIR)\kclnt32.dll"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"krb - Win32 DebugCLEAN" 
+!ELSE 
+CLEAN : 
+!ENDIF 
+	-@erase "$(INTDIR)\KClient.obj"
+	-@erase "$(INTDIR)\passwd_dialog.res"
+	-@erase "$(INTDIR)\passwd_dlg.obj"
+	-@erase "$(INTDIR)\vc50.idb"
+	-@erase "$(INTDIR)\vc50.pdb"
+	-@erase "$(OUTDIR)\kclnt32.dll"
+	-@erase "$(OUTDIR)\kclnt32.exp"
+	-@erase "$(OUTDIR)\kclnt32.ilk"
+	-@erase "$(OUTDIR)\kclnt32.lib"
+	-@erase "$(OUTDIR)\kclnt32.pdb"
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\krb" /I "..\..\include"\
+ /I "..\..\include\win32" /I "..\des" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D\
+ "HAVE_CONFIG_H" /Fp"$(INTDIR)\KClient.pch" /YX /Fo"$(INTDIR)\\"\
+ /Fd"$(INTDIR)\\" /FD /c 
+CPP_OBJS=.\Debug/
+CPP_SBRS=.
+
+.c{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(CPP_OBJS)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.c{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(CPP_SBRS)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\passwd_dialog.res" /d "_DEBUG" 
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\KClient.bsc" 
+BSC32_SBRS= \
+	
+LINK32=link.exe
+LINK32_FLAGS=..\krb\Debug\krb.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib\
+ user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib\
+ ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows\
+ /dll /incremental:yes /pdb:"$(OUTDIR)\kclnt32.pdb" /debug /machine:I386\
+ /def:".\KClient.def" /out:"$(OUTDIR)\kclnt32.dll"\
+ /implib:"$(OUTDIR)\kclnt32.lib" 
+DEF_FILE= \
+	".\KClient.def"
+LINK32_OBJS= \
+	"$(INTDIR)\KClient.obj" \
+	"$(INTDIR)\passwd_dialog.res" \
+	"$(INTDIR)\passwd_dlg.obj" \
+	"..\krb\Debug\krb.lib"
+
+"$(OUTDIR)\kclnt32.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+!ENDIF 
+
+
+!IF "$(CFG)" == "kclient - Win32 Release" || "$(CFG)" ==\
+ "kclient - Win32 Debug"
+SOURCE=.\KClient.c
+DEP_CPP_KCLIE=\
+	"..\..\include\win32\config.h"\
+	"..\..\include\win32\ktypes.h"\
+	"..\des\des.h"\
+	"..\krb\krb-protos.h"\
+	"..\krb\krb.h"\
+	".\KClient.h"\
+	".\passwd_dlg.h"\
+
+
+"$(INTDIR)\KClient.obj" : $(SOURCE) $(DEP_CPP_KCLIE) "$(INTDIR)"
+
+
+SOURCE=.\passwd_dialog.rc
+
+"$(INTDIR)\passwd_dialog.res" : $(SOURCE) "$(INTDIR)"
+	$(RSC) $(RSC_PROJ) $(SOURCE)
+
+
+SOURCE=.\passwd_dlg.c
+DEP_CPP_PASSW=\
+	"..\..\include\win32\config.h"\
+	".\passwd_dlg.h"\
+	
+
+"$(INTDIR)\passwd_dlg.obj" : $(SOURCE) $(DEP_CPP_PASSW) "$(INTDIR)"
+
+
+!IF  "$(CFG)" == "kclient - Win32 Release"
+	
+"krb - Win32 Release" : 
+   cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb"
+   $(MAKE) /$(MAKEFLAGS) /F ".\krb.mak" CFG="krb - Win32 Release" 
+   cd "..\kclient"
+
+"krb - Win32 ReleaseCLEAN" : 
+   cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb"
+   $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\krb.mak" CFG="krb - Win32 Release"\
+ RECURSE=1 
+   cd "..\kclient"
+
+!ELSEIF  "$(CFG)" == "kclient - Win32 Debug"
+
+"krb - Win32 Debug" : 
+   cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb"
+   $(MAKE) /$(MAKEFLAGS) /F ".\krb.mak" CFG="krb - Win32 Debug" 
+   cd "..\kclient"
+
+"krb - Win32 DebugCLEAN" : 
+   cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb"
+   $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\krb.mak" CFG="krb - Win32 Debug" RECURSE=1\
+
+   cd "..\kclient"
+
+!ENDIF 
+
+
+!ENDIF 
+
diff --git a/crypto/kerberosIV/lib/kclient/passwd_dialog.rc b/crypto/kerberosIV/lib/kclient/passwd_dialog.rc
new file mode 100644
index 0000000..6478e5f
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/passwd_dialog.rc
@@ -0,0 +1,143 @@
+//Microsoft Developer Studio generated resource script.
+//
+#include "resource.h"
+
+#define APSTUDIO_READONLY_SYMBOLS
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 2 resource.
+//
+#include "afxres.h"
+
+/////////////////////////////////////////////////////////////////////////////
+#undef APSTUDIO_READONLY_SYMBOLS
+
+/////////////////////////////////////////////////////////////////////////////
+// Swedish resources
+
+#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE)
+#ifdef _WIN32
+LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT
+#pragma code_page(1252)
+#endif //_WIN32
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Dialog
+//
+
+IDD_DIALOG1 DIALOG DISCARDABLE  0, 0, 186, 95
+STYLE DS_ABSALIGN | DS_MODALFRAME | DS_CENTER | WS_POPUP | WS_CAPTION
+CAPTION "User data"
+FONT 8, "MS Sans Serif"
+BEGIN
+    EDITTEXT        IDC_EDIT1,71,19,40,14,ES_AUTOHSCROLL
+    EDITTEXT        IDC_EDIT2,71,36,40,14,ES_PASSWORD | ES_AUTOHSCROLL
+    DEFPUSHBUTTON   "OK",IDOK,31,74,50,14
+    PUSHBUTTON      "Cancel",IDCANCEL,105,74,50,14
+    LTEXT           "User name:",IDC_STATIC,27,23,37,8,NOT WS_GROUP
+    LTEXT           "Password:",IDC_STATIC,27,39,34,8,NOT WS_GROUP
+END
+
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// DESIGNINFO
+//
+
+#ifdef APSTUDIO_INVOKED
+GUIDELINES DESIGNINFO DISCARDABLE 
+BEGIN
+    IDD_DIALOG1, DIALOG
+    BEGIN
+        LEFTMARGIN, 7
+        RIGHTMARGIN, 179
+        TOPMARGIN, 7
+        BOTTOMMARGIN, 88
+    END
+END
+#endif    // APSTUDIO_INVOKED
+
+
+#ifdef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// TEXTINCLUDE
+//
+
+1 TEXTINCLUDE DISCARDABLE 
+BEGIN
+    "resource.h\0"
+END
+
+2 TEXTINCLUDE DISCARDABLE 
+BEGIN
+    "#include ""afxres.h""\r\n"
+    "\0"
+END
+
+3 TEXTINCLUDE DISCARDABLE 
+BEGIN
+    "\r\n"
+    "\0"
+END
+
+#endif    // APSTUDIO_INVOKED
+
+

+#ifndef _MAC

+/////////////////////////////////////////////////////////////////////////////

+//

+// Version

+//

+

+VS_VERSION_INFO VERSIONINFO

+ FILEVERSION 1,0,0,1

+ PRODUCTVERSION 1,0,0,1

+ FILEFLAGSMASK 0x3fL

+#ifdef _DEBUG

+ FILEFLAGS 0x1L

+#else

+ FILEFLAGS 0x0L

+#endif

+ FILEOS 0x40004L

+ FILETYPE 0x2L

+ FILESUBTYPE 0x0L

+BEGIN

+    BLOCK "StringFileInfo"

+    BEGIN

+        BLOCK "040904b0"

+        BEGIN

+            VALUE "CompanyName", "Royal Institute of Technology (KTH)\0"

+            VALUE "FileDescription", "kclient\0"

+            VALUE "FileVersion", "4, 0, 9, 9\0"

+            VALUE "InternalName", "kclient\0"

+            VALUE "LegalCopyright", "Copyright © 1996 - 1998  Royal Institute of Technology (KTH)\0"

+            VALUE "OriginalFilename", "kclnt32.dll\0"

+            VALUE "ProductName", "KTH Kerberos\0"

+            VALUE "ProductVersion", "4,0,9,9\0"

+        END

+    END

+    BLOCK "VarFileInfo"

+    BEGIN

+        VALUE "Translation", 0x409, 1200

+    END

+END

+

+#endif    // !_MAC

+

+#endif    // Swedish resources
+/////////////////////////////////////////////////////////////////////////////
+
+
+
+#ifndef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 3 resource.
+//
+
+
+/////////////////////////////////////////////////////////////////////////////
+#endif    // not APSTUDIO_INVOKED
+
diff --git a/crypto/kerberosIV/lib/kclient/passwd_dialog.res b/crypto/kerberosIV/lib/kclient/passwd_dialog.res
new file mode 100644
index 0000000..fc4556f
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/passwd_dialog.res
diff --git a/crypto/kerberosIV/lib/kclient/passwd_dlg.c b/crypto/kerberosIV/lib/kclient/passwd_dlg.c
new file mode 100644
index 0000000..fb2f468
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/passwd_dlg.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* passwd_dlg.c - Dialog boxes for Windows95/NT
+ * Author:	Jörgen Karlsson - d93-jka@nada.kth.se
+ * Date:	June 1996
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: passwd_dlg.c,v 1.11 1999/12/02 16:58:40 joda Exp $");
+#endif
+
+#ifdef WIN32	/* Visual C++ 4.0 (Windows95/NT) */
+#include <Windows.h>
+#include "passwd_dlg.h"
+#include "Resource.h"
+#define passwdBufSZ 64
+#define usr_nameSZ 64
+
+static char user_name[usr_nameSZ];
+static char passwd[passwdBufSZ];
+
+BOOL CALLBACK
+pwd_dialog_proc(HWND hwndDlg,
+		UINT uMsg,
+		WPARAM wParam,
+		LPARAM lParam)
+{
+    switch(uMsg)
+    {
+    case WM_INITDIALOG:
+	SetDlgItemText(hwndDlg, IDC_EDIT1, user_name);
+	return TRUE;
+	break;
+
+    case WM_COMMAND: 
+	switch(wParam)
+	{
+	case IDOK:
+	    if(!GetDlgItemText(hwndDlg,IDC_EDIT1, user_name, usr_nameSZ))
+		EndDialog(hwndDlg, IDCANCEL);
+	    if(!GetDlgItemText(hwndDlg,IDC_EDIT2, passwd, passwdBufSZ))
+		EndDialog(hwndDlg, IDCANCEL);
+	case IDCANCEL:
+	    EndDialog(hwndDlg, wParam);
+	    return TRUE;
+	}
+	break;
+    }
+    return FALSE;
+}
+
+
+/* return 0 if ok, 1 otherwise */
+int
+pwd_dialog(char *user, size_t user_sz,
+	   char *password, size_t password_sz)
+{
+    int i;
+    HWND wnd = GetActiveWindow();
+    HANDLE hInst = GetModuleHandle("kclnt32");
+
+    strlcpy(user_name, user, sizeof(user_name));
+    switch(DialogBox(hInst,MAKEINTRESOURCE(IDD_DIALOG1),wnd,pwd_dialog_proc))
+    {
+    case IDOK:
+	strlcpy(user, user_name, user_sz);
+	strlcpy(password, passwd, password_sz);
+	memset (passwd, 0, sizeof(passwd));
+	return 0;
+    case IDCANCEL:
+    default:
+	memset (passwd, 0, sizeof(passwd));
+	return 1;
+    }
+}
+
+#endif /* WIN32 */
diff --git a/crypto/kerberosIV/lib/kclient/passwd_dlg.h b/crypto/kerberosIV/lib/kclient/passwd_dlg.h
new file mode 100644
index 0000000..543a560
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/passwd_dlg.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* passwd_dlg.h - Dialog boxes for Windows95/NT
+ * Author:	Jörgen Karlsson - d93-jka@nada.kth.se
+ * Date:	June 1996
+ */
+
+/* $Id: passwd_dlg.h,v 1.7 1999/12/02 16:58:40 joda Exp $ */
+
+#ifndef PASSWD_DLG_H
+#define PASSWD_DLG_H
+
+int pwd_dialog(char *user, size_t user_sz,
+	       char *password, size_t password_sz);
+
+#endif /* PASSWD_DLG_H */
diff --git a/crypto/kerberosIV/lib/kclient/resource.h b/crypto/kerberosIV/lib/kclient/resource.h
new file mode 100644
index 0000000..76a6eb5
--- /dev/null
+++ b/crypto/kerberosIV/lib/kclient/resource.h
@@ -0,0 +1,18 @@
+//{{NO_DEPENDENCIES}}
+// Microsoft Developer Studio generated include file.
+// Used by passwd_dialog.rc
+//
+#define IDD_DIALOG1                     101
+#define IDC_EDIT1                       1000
+#define IDC_EDIT2                       1001
+
+// Next default values for new objects
+// 
+#ifdef APSTUDIO_INVOKED
+#ifndef APSTUDIO_READONLY_SYMBOLS
+#define _APS_NEXT_RESOURCE_VALUE        103
+#define _APS_NEXT_COMMAND_VALUE         40001
+#define _APS_NEXT_CONTROL_VALUE         1002
+#define _APS_NEXT_SYMED_VALUE           101
+#endif
+#endif
diff --git a/crypto/kerberosIV/lib/kdb/copykey.c b/crypto/kerberosIV/lib/kdb/copykey.c
index a78baf7..72b2b69 100644
--- a/crypto/kerberosIV/lib/kdb/copykey.c
+++ b/crypto/kerberosIV/lib/kdb/copykey.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "kdb_locl.h"
 
-RCSID("$Id: copykey.c,v 1.10 1997/04/01 08:18:17 joda Exp $");
+RCSID("$Id: copykey.c,v 1.11 1999/12/02 16:58:40 joda Exp $");
 
 void
 copy_from_key(des_cblock in, u_int32_t *lo, u_int32_t *hi)
diff --git a/crypto/kerberosIV/lib/kdb/kdb_locl.h b/crypto/kerberosIV/lib/kdb/kdb_locl.h
index fe4d079..2478f64 100644
--- a/crypto/kerberosIV/lib/kdb/kdb_locl.h
+++ b/crypto/kerberosIV/lib/kdb/kdb_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: kdb_locl.h,v 1.9 1997/05/02 14:29:08 assar Exp $ */
+/* $Id: kdb_locl.h,v 1.10 1999/12/02 16:58:40 joda Exp $ */
 
 #ifndef __kdb_locl_h
 #define __kdb_locl_h
diff --git a/crypto/kerberosIV/lib/kdb/krb_dbm.c b/crypto/kerberosIV/lib/kdb/krb_dbm.c
index ca6a2c8..7265e20 100644
--- a/crypto/kerberosIV/lib/kdb/krb_dbm.c
+++ b/crypto/kerberosIV/lib/kdb/krb_dbm.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "kdb_locl.h"
 
-RCSID("$Id: krb_dbm.c,v 1.36 1998/11/07 14:25:55 assar Exp $");
+RCSID("$Id: krb_dbm.c,v 1.37 1999/09/16 20:41:49 assar Exp $");
 
 #include <xdbm.h>
 
@@ -117,8 +117,8 @@ gen_dbsuffix(char *db_name, char *sfx)
 static void
 decode_princ_key(datum *key, char *name, char *instance)
 {
-    strcpy_truncate (name, key->dptr, ANAME_SZ);
-    strcpy_truncate (instance, (char *)key->dptr + ANAME_SZ, INST_SZ);
+    strlcpy (name, key->dptr, ANAME_SZ);
+    strlcpy (instance, (char *)key->dptr + ANAME_SZ, INST_SZ);
 }
 
 static void
diff --git a/crypto/kerberosIV/lib/krb/Makefile.in b/crypto/kerberosIV/lib/krb/Makefile.in
index 9697de6..301a9af 100644
--- a/crypto/kerberosIV/lib/krb/Makefile.in
+++ b/crypto/kerberosIV/lib/krb/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.110 1999/03/10 19:01:16 joda Exp $
+# $Id: Makefile.in,v 1.113 1999/11/25 05:26:26 assar Exp $
 #
 SHELL = /bin/sh
 
@@ -61,6 +61,7 @@ SOURCES = \
 	create_ticket.c \
 	debug_decl.c \
 	decomp_ticket.c \
+	defaults.c \
 	dest_tkt.c \
 	encrypt_ktext.c \
 	extra.c \
@@ -120,7 +121,8 @@ SOURCES = \
 	time.c \
 	tkt_string.c \
 	unparse_name.c \
-	verify_user.c
+	verify_user.c \
+	krb_ip_realm.c
 
 # these files reside in ../roken or ../com_err/
 EXTRA_SOURCE = \
@@ -133,8 +135,8 @@ EXTRA_SOURCE = \
 	resolve.c \
 	snprintf.c \
 	strcasecmp.c \
-	strcat_truncate.c \
-	strcpy_truncate.c \
+	strlcat.c \
+	strlcpy.c \
 	strdup.c \
 	strncasecmp.c \
 	strnlen.c \
@@ -154,6 +156,7 @@ OBJECTS = \
 	create_ticket.o \
 	debug_decl.o \
 	decomp_ticket.o \
+	defaults.o \
 	dest_tkt.o \
 	encrypt_ktext.o \
 	extra.o \
@@ -214,6 +217,7 @@ OBJECTS = \
 	tkt_string.o \
 	unparse_name.o \
 	verify_user.o \
+	krb_ip_realm.o \
 	$(LIBADD)
 
 LIBADD = \
@@ -228,8 +232,8 @@ LIBADD = \
 	resolve.o \
 	snprintf.o \
 	strcasecmp.o \
-	strcat_truncate.o \
-	strcpy_truncate.o \
+	strlcat.o \
+	strlcpy.o \
 	strdup.o \
 	strncasecmp.o \
 	strnlen.o \
@@ -322,10 +326,10 @@ snprintf.c:
 	$(LN_S) $(srcdir)/../roken/snprintf.c .
 strcasecmp.c:
 	$(LN_S) $(srcdir)/../roken/strcasecmp.c .
-strcat_truncate.c:
-	$(LN_S) $(srcdir)/../roken/strcat_truncate.c .
-strcpy_truncate.c:
-	$(LN_S) $(srcdir)/../roken/strcpy_truncate.c .
+strlcat.c:
+	$(LN_S) $(srcdir)/../roken/strlcat.c .
+strlcpy.c:
+	$(LN_S) $(srcdir)/../roken/strlcpy.c .
 strncasecmp.c:
 	$(LN_S) $(srcdir)/../roken/strncasecmp.c .
 strnlen.c:
diff --git a/crypto/kerberosIV/lib/krb/check_time.c b/crypto/kerberosIV/lib/krb/check_time.c
index 3c3e6c0..be028fa 100644
--- a/crypto/kerberosIV/lib/krb/check_time.c
+++ b/crypto/kerberosIV/lib/krb/check_time.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: check_time.c,v 1.4 1997/04/01 08:18:18 joda Exp $");
+RCSID("$Id: check_time.c,v 1.5 1999/12/02 16:58:40 joda Exp $");
 
 int
 krb_check_tm (struct tm tm)
diff --git a/crypto/kerberosIV/lib/krb/cr_err_reply.c b/crypto/kerberosIV/lib/krb/cr_err_reply.c
index 3e82659..3308529 100644
--- a/crypto/kerberosIV/lib/krb/cr_err_reply.c
+++ b/crypto/kerberosIV/lib/krb/cr_err_reply.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: cr_err_reply.c,v 1.10 1998/06/09 19:25:16 joda Exp $");
+RCSID("$Id: cr_err_reply.c,v 1.11 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * This routine is used by the Kerberos authentication server to
diff --git a/crypto/kerberosIV/lib/krb/create_auth_reply.c b/crypto/kerberosIV/lib/krb/create_auth_reply.c
index f10d34c..7f6cf46 100644
--- a/crypto/kerberosIV/lib/krb/create_auth_reply.c
+++ b/crypto/kerberosIV/lib/krb/create_auth_reply.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: create_auth_reply.c,v 1.14 1998/06/13 00:06:59 assar Exp $");
+RCSID("$Id: create_auth_reply.c,v 1.15 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * This routine is called by the Kerberos authentication server
diff --git a/crypto/kerberosIV/lib/krb/create_ciph.c b/crypto/kerberosIV/lib/krb/create_ciph.c
index c22f01e..f73e8d7 100644
--- a/crypto/kerberosIV/lib/krb/create_ciph.c
+++ b/crypto/kerberosIV/lib/krb/create_ciph.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: create_ciph.c,v 1.12 1998/07/24 06:32:53 assar Exp $");
+RCSID("$Id: create_ciph.c,v 1.13 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * This routine is used by the authentication server to create
diff --git a/crypto/kerberosIV/lib/krb/create_death_packet.c b/crypto/kerberosIV/lib/krb/create_death_packet.c
index ddc4c9a..15e0267 100644
--- a/crypto/kerberosIV/lib/krb/create_death_packet.c
+++ b/crypto/kerberosIV/lib/krb/create_death_packet.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: create_death_packet.c,v 1.9 1998/06/09 19:25:17 joda Exp $");
+RCSID("$Id: create_death_packet.c,v 1.10 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * This routine creates a packet to type AUTH_MSG_DIE which is sent to
diff --git a/crypto/kerberosIV/lib/krb/create_ticket.c b/crypto/kerberosIV/lib/krb/create_ticket.c
index 822cfbb..32cb0a0 100644
--- a/crypto/kerberosIV/lib/krb/create_ticket.c
+++ b/crypto/kerberosIV/lib/krb/create_ticket.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: create_ticket.c,v 1.13 1998/06/09 19:25:17 joda Exp $");
+RCSID("$Id: create_ticket.c,v 1.14 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * Create ticket takes as arguments information that should be in a
diff --git a/crypto/kerberosIV/lib/krb/decomp_ticket.c b/crypto/kerberosIV/lib/krb/decomp_ticket.c
index b62e978..12bdf44 100644
--- a/crypto/kerberosIV/lib/krb/decomp_ticket.c
+++ b/crypto/kerberosIV/lib/krb/decomp_ticket.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: decomp_ticket.c,v 1.19 1998/11/22 09:42:36 assar Exp $");
+RCSID("$Id: decomp_ticket.c,v 1.20 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * This routine takes a ticket and pointers to the variables that
diff --git a/crypto/kerberosIV/lib/krb/defaults.c b/crypto/kerberosIV/lib/krb/defaults.c
new file mode 100644
index 0000000..e4fe027
--- /dev/null
+++ b/crypto/kerberosIV/lib/krb/defaults.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#include "krb_locl.h"
+
+RCSID("$Id: defaults.c,v 1.3 1999/12/02 16:58:41 joda Exp $");
+
+const
+char *
+krb_get_default_tkt_root(void)
+{
+  const char *t = krb_get_config_string("krb_default_tkt_root");
+  if (t)
+    return t;
+  else
+    return "/tmp/tkt";
+}
+
+const
+char *
+krb_get_default_keyfile(void)
+{
+  const char *t = krb_get_config_string("krb_default_keyfile");
+  if (t)
+    return t;
+  else
+    return "/etc/srvtab";
+}
diff --git a/crypto/kerberosIV/lib/krb/dllmain.c b/crypto/kerberosIV/lib/krb/dllmain.c
index 9d653cd..4e22e9a 100644
--- a/crypto/kerberosIV/lib/krb/dllmain.c
+++ b/crypto/kerberosIV/lib/krb/dllmain.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -45,7 +40,7 @@
 #include "ticket_memory.h"
 #include <Windows.h>
 
-RCSID("$Id: dllmain.c,v 1.8 1998/07/13 14:29:33 assar Exp $");
+RCSID("$Id: dllmain.c,v 1.9 1999/12/02 16:58:41 joda Exp $");
 
 void
 msg(char *text, int error)
diff --git a/crypto/kerberosIV/lib/krb/encrypt_ktext.c b/crypto/kerberosIV/lib/krb/encrypt_ktext.c
index d97fcc7..dc5c60d 100644
--- a/crypto/kerberosIV/lib/krb/encrypt_ktext.c
+++ b/crypto/kerberosIV/lib/krb/encrypt_ktext.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: encrypt_ktext.c,v 1.4 1997/04/01 08:18:26 joda Exp $");
+RCSID("$Id: encrypt_ktext.c,v 1.5 1999/12/02 16:58:41 joda Exp $");
 
 void
 encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt)
diff --git a/crypto/kerberosIV/lib/krb/extra.c b/crypto/kerberosIV/lib/krb/extra.c
index eb13c43..c90767e 100644
--- a/crypto/kerberosIV/lib/krb/extra.c
+++ b/crypto/kerberosIV/lib/krb/extra.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: extra.c,v 1.6 1998/07/24 07:18:47 assar Exp $");
+RCSID("$Id: extra.c,v 1.7 1999/12/02 16:58:41 joda Exp $");
 
 struct value {
     char *variable;
diff --git a/crypto/kerberosIV/lib/krb/get_ad_tkt.c b/crypto/kerberosIV/lib/krb/get_ad_tkt.c
index a10018e..56d7d56 100644
--- a/crypto/kerberosIV/lib/krb/get_ad_tkt.c
+++ b/crypto/kerberosIV/lib/krb/get_ad_tkt.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_ad_tkt.c,v 1.20 1998/11/22 09:42:55 assar Exp $");
+RCSID("$Id: get_ad_tkt.c,v 1.22 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * get_ad_tkt obtains a new service ticket from Kerberos, using
@@ -96,7 +91,7 @@ get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime)
 
     kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, &cr);
     if (kerror == KSUCCESS) {
-      strcpy_truncate(lrealm, realm, REALM_SZ);
+      strlcpy(lrealm, realm, REALM_SZ);
     } else
       kerror = krb_get_tf_realm(TKT_FILE, lrealm);
     
diff --git a/crypto/kerberosIV/lib/krb/get_default_principal.c b/crypto/kerberosIV/lib/krb/get_default_principal.c
index f9e18a1..47ad6b3 100644
--- a/crypto/kerberosIV/lib/krb/get_default_principal.c
+++ b/crypto/kerberosIV/lib/krb/get_default_principal.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_default_principal.c,v 1.12 1999/03/13 21:24:51 assar Exp $");
+RCSID("$Id: get_default_principal.c,v 1.14 1999/12/02 16:58:41 joda Exp $");
 
 int
 krb_get_default_principal(char *name, char *instance, char *realm)
@@ -66,8 +61,8 @@ krb_get_default_principal(char *name, char *instance, char *realm)
       return -1;
     }
 
-    strcpy_truncate (name, pw->pw_name, ANAME_SZ);
-    strcpy_truncate (instance, "", INST_SZ);
+    strlcpy (name, pw->pw_name, ANAME_SZ);
+    strlcpy (instance, "", INST_SZ);
     krb_get_lrealm(realm, 1);
 
     if(strcmp(name, "root") == 0) {
@@ -80,8 +75,8 @@ krb_get_default_principal(char *name, char *instance, char *realm)
       if(p == NULL)
 	p = getenv("LOGNAME");
       if(p){
-	  strcpy_truncate (name, p, ANAME_SZ);
-	  strcpy_truncate (instance, "root", INST_SZ);
+	  strlcpy (name, p, ANAME_SZ);
+	  strlcpy (instance, "root", INST_SZ);
       }
     }
     return 1;
diff --git a/crypto/kerberosIV/lib/krb/get_host.c b/crypto/kerberosIV/lib/krb/get_host.c
index aa5fb51..0eb2224 100644
--- a/crypto/kerberosIV/lib/krb/get_host.c
+++ b/crypto/kerberosIV/lib/krb/get_host.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_host.c,v 1.45 1999/06/29 21:18:02 bg Exp $");
+RCSID("$Id: get_host.c,v 1.48 1999/12/02 16:58:41 joda Exp $");
 
 static struct host_list {
     struct krb_host *this;
@@ -77,7 +72,7 @@ parse_address(char *address, enum krb_host_proto *proto,
 	p = strchr(address, '/');
 	if(p){
 	    char prot[32];
-	    strcpy_truncate (prot, address,
+	    strlcpy (prot, address,
 			     min(p - address + 1, sizeof(prot)));
 	    if(strcasecmp(prot, "udp") == 0) 
 		*proto = PROTO_UDP;
@@ -98,7 +93,7 @@ parse_address(char *address, enum krb_host_proto *proto,
 	*host = malloc(q - p + 1);
 	if (*host == NULL)
 	    return -1;
-	strcpy_truncate (*host, p, q - p + 1);
+	strlcpy (*host, p, q - p + 1);
 	q++;
 	{
 	    struct servent *sp = getservbyname(q, NULL);
@@ -118,7 +113,7 @@ parse_address(char *address, enum krb_host_proto *proto,
 	    *host = malloc(q - p + 1);
 	    if (*host == NULL)
 		return -1;
-	    strcpy_truncate (*host, p, q - p + 1);
+	    strlcpy (*host, p, q - p + 1);
 	} else {
 	    *host = strdup(p);
 	    if(*host == NULL)
@@ -307,7 +302,7 @@ srv_find_realm(char *realm, char *proto, char *service)
 }
 
 struct krb_host*
-krb_get_host(int nth, char *realm, int admin)
+krb_get_host(int nth, const char *realm, int admin)
 {
     struct host_list *p;
     static char orealm[REALM_SZ];
@@ -315,7 +310,7 @@ krb_get_host(int nth, char *realm, int admin)
     if(orealm[0] == 0 || strcmp(realm, orealm)){
 	/* quick optimization */
 	if(realm && realm[0]){
-	    strcpy_truncate (orealm, realm, sizeof(orealm));
+	    strlcpy (orealm, realm, sizeof(orealm));
 	}else{
 	    int ret = krb_get_lrealm(orealm, 1);
 	    if(ret != KSUCCESS)
@@ -377,7 +372,7 @@ krb_get_krbhst(char *host, char *realm, int nth)
     struct krb_host *p = krb_get_host(nth, realm, 0);
     if(p == NULL)
 	return KFAILURE;
-    strcpy_truncate (host, p->host, MaxHostNameLen);
+    strlcpy (host, p->host, MaxHostNameLen);
     return KSUCCESS;
 }
 
@@ -387,6 +382,6 @@ krb_get_admhst(char *host, char *realm, int nth)
     struct krb_host *p = krb_get_host(nth, realm, 1);
     if(p == NULL)
 	return KFAILURE;
-    strcpy_truncate (host, p->host, MaxHostNameLen);
+    strlcpy (host, p->host, MaxHostNameLen);
     return KSUCCESS;
 }
diff --git a/crypto/kerberosIV/lib/krb/get_in_tkt.c b/crypto/kerberosIV/lib/krb/get_in_tkt.c
index 4336687..9b40508 100644
--- a/crypto/kerberosIV/lib/krb/get_in_tkt.c
+++ b/crypto/kerberosIV/lib/krb/get_in_tkt.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_in_tkt.c,v 1.23 1999/07/01 09:36:22 assar Exp $");
+RCSID("$Id: get_in_tkt.c,v 1.24 1999/11/25 05:22:43 assar Exp $");
 
 /*
  * This file contains three routines: passwd_to_key() and
@@ -164,6 +164,10 @@ krb_get_pw_in_tkt2(const char *user,
 	    return ret ? ret : code;
 
 	code = tf_setup(&cred, user, instance);
+	if (code == KSUCCESS) {
+	  if (krb_get_config_bool("nat_in_use"))
+	    krb_add_our_ip_for_realm(user, instance, realm, password);
+	}
     }
     if (password == pword)
         memset(pword, 0, sizeof(pword));
diff --git a/crypto/kerberosIV/lib/krb/get_krbrlm.c b/crypto/kerberosIV/lib/krb/get_krbrlm.c
index 9c675f6..a6b0ba9 100644
--- a/crypto/kerberosIV/lib/krb/get_krbrlm.c
+++ b/crypto/kerberosIV/lib/krb/get_krbrlm.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_krbrlm.c,v 1.22.2.1 1999/09/02 08:51:04 joda Exp $");
+RCSID("$Id: get_krbrlm.c,v 1.25 1999/12/02 16:58:41 joda Exp $");
 
 /*
  * krb_get_lrealm takes a pointer to a string, and a number, n.  It fills
@@ -130,13 +125,13 @@ krb_get_default_realm(void)
     if (local_realm[0] == 0) {
 	char *t, hostname[MaxHostNameLen];
 
-	strcpy_truncate(local_realm, no_default_realm, 
+	strlcpy(local_realm, no_default_realm, 
 			sizeof(local_realm)); /* Provide default */
 
 	gethostname(hostname, sizeof(hostname));
 	t = krb_realmofhost(hostname);
 	if (t && strcmp(t, no_default_realm) != 0)
-	    strcpy_truncate(local_realm, t, sizeof(local_realm));
+	    strlcpy(local_realm, t, sizeof(local_realm));
     }
     return local_realm;
 }
diff --git a/crypto/kerberosIV/lib/krb/get_tf_fullname.c b/crypto/kerberosIV/lib/krb/get_tf_fullname.c
index 7a103b6..75688b0 100644
--- a/crypto/kerberosIV/lib/krb/get_tf_fullname.c
+++ b/crypto/kerberosIV/lib/krb/get_tf_fullname.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: get_tf_fullname.c,v 1.7 1998/06/09 19:25:19 joda Exp $");
+RCSID("$Id: get_tf_fullname.c,v 1.8 1999/09/16 20:41:51 assar Exp $");
 
 /*
  * This file contains a routine to extract the fullname of a user
@@ -51,12 +51,12 @@ krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm)
 	return (tf_status);
     
     if (name)
-	strcpy_truncate (name, c.pname, ANAME_SZ);
+	strlcpy (name, c.pname, ANAME_SZ);
     if (instance)
-	strcpy_truncate (instance, c.pinst, INST_SZ);
+	strlcpy (instance, c.pinst, INST_SZ);
     if ((tf_status = tf_get_cred(&c)) == KSUCCESS) {
 	if (realm)
-	    strcpy_truncate (realm, c.realm, REALM_SZ);
+	    strlcpy (realm, c.realm, REALM_SZ);
     }
     else {
 	if (tf_status == EOF)
diff --git a/crypto/kerberosIV/lib/krb/getaddrs.c b/crypto/kerberosIV/lib/krb/getaddrs.c
index 069b8b7..d157690 100644
--- a/crypto/kerberosIV/lib/krb/getaddrs.c
+++ b/crypto/kerberosIV/lib/krb/getaddrs.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: getaddrs.c,v 1.26.2.1 1999/07/22 03:15:33 assar Exp $");
+RCSID("$Id: getaddrs.c,v 1.28 1999/12/02 16:58:42 joda Exp $");
 
 #if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
 #include <sys/ioctl.h>
diff --git a/crypto/kerberosIV/lib/krb/getfile.c b/crypto/kerberosIV/lib/krb/getfile.c
index 15c5ed8..99d0c3f 100644
--- a/crypto/kerberosIV/lib/krb/getfile.c
+++ b/crypto/kerberosIV/lib/krb/getfile.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: getfile.c,v 1.4 1998/06/09 19:25:19 joda Exp $");
+RCSID("$Id: getfile.c,v 1.5 1999/12/02 16:58:42 joda Exp $");
 
 static int
 is_suid(void)
diff --git a/crypto/kerberosIV/lib/krb/getrealm.c b/crypto/kerberosIV/lib/krb/getrealm.c
index 16734c7..2dcb4cf 100644
--- a/crypto/kerberosIV/lib/krb/getrealm.c
+++ b/crypto/kerberosIV/lib/krb/getrealm.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: getrealm.c,v 1.35 1998/08/31 10:40:06 assar Exp $");
+RCSID("$Id: getrealm.c,v 1.36 1999/09/16 20:41:51 assar Exp $");
 
 #ifndef MATCH_SUBDOMAINS
 #define MATCH_SUBDOMAINS 0
@@ -77,7 +77,7 @@ dns_find_realm(char *hostname, char *realm)
 	    struct resource_record *rr = r->head;
 	    while(rr){
 		if(rr->type == T_TXT){
-		    strcpy_truncate(realm, rr->u.txt, REALM_SZ);
+		    strlcpy(realm, rr->u.txt, REALM_SZ);
 		    dns_free_data(r);
 		    return level;
 		}
@@ -131,7 +131,7 @@ file_find_realm(const char *phost, const char *domain,
 	tmp_realm = tok;
 	if (strcasecmp(tmp_host, phost) == 0) {
 	    /* exact match of hostname, so return the realm */
-	    strcpy_truncate(ret_realm, tmp_realm, ret_realm_sz);
+	    strlcpy(ret_realm, tmp_realm, ret_realm_sz);
 	    ret = 0;
 	    break;
 	}
@@ -140,7 +140,7 @@ file_find_realm(const char *phost, const char *domain,
 	    do {
 		if(strcasecmp(tmp_host, cp) == 0){
 		    /* domain match, save for later */ 
-		    strcpy_truncate(ret_realm, tmp_realm, ret_realm_sz);
+		    strlcpy(ret_realm, tmp_realm, ret_realm_sz);
 		    ret = 0;
 		    break;
 		}
@@ -174,7 +174,7 @@ krb_realmofhost(const char *host)
     if (domain) {
 	char *cp;
 	  
-	strcpy_truncate(ret_realm, &domain[1], REALM_SZ);
+	strlcpy(ret_realm, &domain[1], REALM_SZ);
 	/* Upper-case realm */
 	for (cp = ret_realm; *cp; cp++)
 	    *cp = toupper(*cp);
diff --git a/crypto/kerberosIV/lib/krb/k_getport.c b/crypto/kerberosIV/lib/krb/k_getport.c
index c5f9f15..063a0b2 100644
--- a/crypto/kerberosIV/lib/krb/k_getport.c
+++ b/crypto/kerberosIV/lib/krb/k_getport.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: k_getport.c,v 1.10 1997/04/01 08:18:30 joda Exp $");
+RCSID("$Id: k_getport.c,v 1.11 1999/12/02 16:58:42 joda Exp $");
 
 int
 k_getportbyname (const char *service, const char *proto, int default_port)
diff --git a/crypto/kerberosIV/lib/krb/k_getsockinst.c b/crypto/kerberosIV/lib/krb/k_getsockinst.c
index 6c3edb0..2b0453c 100644
--- a/crypto/kerberosIV/lib/krb/k_getsockinst.c
+++ b/crypto/kerberosIV/lib/krb/k_getsockinst.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: k_getsockinst.c,v 1.11 1998/06/09 19:25:20 joda Exp $");
+RCSID("$Id: k_getsockinst.c,v 1.13 1999/12/02 16:58:42 joda Exp $");
 
 /*
  * Return in inst the name of the local interface bound to socket
@@ -61,7 +56,7 @@ k_getsockinst(int fd, char *inst, size_t inst_size)
   if (hnam == 0)
     goto fail;
 
-  strcpy_truncate (inst, hnam->h_name, inst_size);
+  strlcpy (inst, hnam->h_name, inst_size);
   k_ricercar(inst); /* Canonicalize name */
   return 0;			/* Success */
 
diff --git a/crypto/kerberosIV/lib/krb/k_localtime.c b/crypto/kerberosIV/lib/krb/k_localtime.c
index a6ffb9b..e8cbdd6 100644
--- a/crypto/kerberosIV/lib/krb/k_localtime.c
+++ b/crypto/kerberosIV/lib/krb/k_localtime.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: k_localtime.c,v 1.7 1997/04/01 08:18:31 joda Exp $");
+RCSID("$Id: k_localtime.c,v 1.8 1999/12/02 16:58:42 joda Exp $");
 
 struct tm *k_localtime(u_int32_t *tp)
 {
diff --git a/crypto/kerberosIV/lib/krb/kdc_reply.c b/crypto/kerberosIV/lib/krb/kdc_reply.c
index 51675b0..7a069e4 100644
--- a/crypto/kerberosIV/lib/krb/kdc_reply.c
+++ b/crypto/kerberosIV/lib/krb/kdc_reply.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: kdc_reply.c,v 1.11 1998/06/09 19:25:20 joda Exp $");
+RCSID("$Id: kdc_reply.c,v 1.12 1999/12/02 16:58:42 joda Exp $");
 
 static int little_endian; /* XXX ugly */
 
diff --git a/crypto/kerberosIV/lib/krb/krb-protos.h b/crypto/kerberosIV/lib/krb/krb-protos.h
index 965e4dc..bb385d6 100644
--- a/crypto/kerberosIV/lib/krb/krb-protos.h
+++ b/crypto/kerberosIV/lib/krb/krb-protos.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: krb-protos.h,v 1.18 1999/06/29 21:18:05 bg Exp $ */
+/* $Id: krb-protos.h,v 1.24 1999/12/02 16:58:42 joda Exp $ */
 
 #ifndef __krb_protos_h__
 #define __krb_protos_h__
@@ -265,12 +260,18 @@ char * KRB_LIB_FUNCTION
 krb_get_default_realm __P((void));
 
 const char * KRB_LIB_FUNCTION
+krb_get_default_tkt_root __P((void));
+
+const char * KRB_LIB_FUNCTION
+krb_get_default_keyfile __P((void));
+
+const char * KRB_LIB_FUNCTION
 krb_get_err_text __P((int code));
 
 struct krb_host* KRB_LIB_FUNCTION
 krb_get_host __P((
 	int nth,
-	char *realm,
+	const char *realm,
 	int admin));
 
 int KRB_LIB_FUNCTION
@@ -734,6 +735,9 @@ int KRB_LIB_FUNCTION
 tf_get_cred __P((CREDENTIALS *c));
 
 int KRB_LIB_FUNCTION
+tf_get_cred_addr __P((char *realm, size_t realm_sz, struct in_addr *addr));
+
+int KRB_LIB_FUNCTION
 tf_get_pinst __P((char *inst));
 
 int KRB_LIB_FUNCTION
@@ -767,7 +771,19 @@ tf_setup __P((
 	const char *pname,
 	const char *pinst));
 
+int KRB_LIB_FUNCTION
+tf_get_addr __P((
+	const char *realm,
+	struct in_addr *addr));
+
+int KRB_LIB_FUNCTION
+tf_store_addr __P((const char *realm, struct in_addr *addr));
+
 char * KRB_LIB_FUNCTION
 tkt_string __P((void));
 
+int KRB_LIB_FUNCTION
+krb_add_our_ip_for_realm __P((const char *user, const char *instance,
+			      const char *realm, const char *password));
+
 #endif /* __krb_protos_h__ */
diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h
index 11a11c1..fca0bba 100644
--- a/crypto/kerberosIV/lib/krb/krb.h
+++ b/crypto/kerberosIV/lib/krb/krb.h
@@ -1,5 +1,5 @@
 /*
- * $Id: krb.h,v 1.97 1999/06/29 21:18:06 bg Exp $
+ * $Id: krb.h,v 1.99 1999/11/16 14:02:47 bg Exp $
  *
  * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
  *
@@ -165,7 +165,7 @@ typedef struct ktext KTEXT_ST;
 #define 	CLOCK_SKEW	5*60
 /* Filename for readservkey */
 #ifndef		KEYFILE
-#define		KEYFILE		"/etc/srvtab"
+#define		KEYFILE		(krb_get_default_keyfile())
 #endif
 
 /* Structure definition for rd_ap_req */
@@ -225,7 +225,9 @@ struct krb_host {
 
 /* Location of ticket file for save_cred and get_cred */
 #define TKT_FILE        tkt_string()
-#define TKT_ROOT        "/tmp/tkt"
+#ifndef TKT_ROOT
+#define TKT_ROOT        (krb_get_default_tkt_root())
+#endif
 
 /* Error codes returned from the KDC */
 #define		KDC_OK		0	/* Request OK */
diff --git a/crypto/kerberosIV/lib/krb/krb_check_auth.c b/crypto/kerberosIV/lib/krb/krb_check_auth.c
index 8bddbf5..f20b5c2 100644
--- a/crypto/kerberosIV/lib/krb/krb_check_auth.c
+++ b/crypto/kerberosIV/lib/krb/krb_check_auth.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: krb_check_auth.c,v 1.4 1997/04/01 08:18:33 joda Exp $");
+RCSID("$Id: krb_check_auth.c,v 1.5 1999/12/02 16:58:42 joda Exp $");
 
 /*
  *
diff --git a/crypto/kerberosIV/lib/krb/krb_equiv.c b/crypto/kerberosIV/lib/krb/krb_equiv.c
index fab79e5..271d422 100644
--- a/crypto/kerberosIV/lib/krb/krb_equiv.c
+++ b/crypto/kerberosIV/lib/krb/krb_equiv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -56,7 +51,7 @@
  */
 #include "krb_locl.h"
 
-RCSID("$Id: krb_equiv.c,v 1.14 1999/03/13 21:25:30 assar Exp $");
+RCSID("$Id: krb_equiv.c,v 1.15 1999/12/02 16:58:42 joda Exp $");
 
 int krb_ignore_ip_address = 0;
 
diff --git a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c
index 83848c8..46de59f 100644
--- a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c
+++ b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: krb_get_in_tkt.c,v 1.29 1999/06/29 21:18:07 bg Exp $");
+RCSID("$Id: krb_get_in_tkt.c,v 1.30 1999/12/02 16:58:42 joda Exp $");
 
 /*
  * decrypt_tkt(): Given user, instance, realm, passwd, key_proc
diff --git a/crypto/kerberosIV/lib/krb/krb_ip_realm.c b/crypto/kerberosIV/lib/krb/krb_ip_realm.c
new file mode 100644
index 0000000..a9581f1
--- /dev/null
+++ b/crypto/kerberosIV/lib/krb/krb_ip_realm.c
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 1999 Thomas Nyström and Stacken Computer Club
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "krb_locl.h"
+
+RCSID("$Id: krb_ip_realm.c,v 1.2.2.1 1999/12/06 23:01:12 assar Exp $");
+
+/*
+ * Obtain a ticket for ourselves (`user.instance') in REALM and decrypt
+ * it using `password' to verify the address that the KDC got our
+ * request from.
+ * Store in the ticket cache.
+ */
+
+int
+krb_add_our_ip_for_realm(const char *user, const char *instance,
+			 const char *realm, const char *password)
+{
+    des_cblock newkey;
+    des_key_schedule schedule;
+    char scrapbuf[1024];
+    struct in_addr myAddr;
+    KTEXT_ST ticket;
+    CREDENTIALS c;
+    int err;
+    u_int32_t addr;
+
+    if ((err = krb_mk_req(&ticket, (char *)user, (char *)instance,
+			  (char *)realm, 0)) != KSUCCESS)
+	return err;
+
+    if ((err = krb_get_cred((char *)user, (char *)instance, (char *)realm,
+			    &c)) != KSUCCESS)
+	return err;
+
+    des_string_to_key((char *)password, &newkey);
+    des_set_key(&newkey, schedule);
+    err = decomp_ticket(&c.ticket_st,
+			(unsigned char *)scrapbuf, /* Flags */
+			scrapbuf,	/* Authentication name */
+			scrapbuf,	/* Principal's instance */
+			scrapbuf,	/* Principal's authentication domain */
+			/* The Address Of Me That Servers Sees */
+			(u_int32_t *)&addr,
+			(unsigned char *)scrapbuf, /* Session key in ticket */
+			(int *)scrapbuf, /* Lifetime of ticket */
+			(u_int32_t *)scrapbuf, /* Issue time and date */
+			scrapbuf,	/* Service name */
+			scrapbuf,	/* Service instance */
+			&newkey,	/* Secret key */
+			schedule	/* Precomp. key schedule */
+	);
+	
+    if (err != KSUCCESS) {
+	memset(newkey, 0, sizeof(newkey));
+	memset(schedule, 0, sizeof(schedule));
+	return err;
+    }
+
+    myAddr.s_addr = addr;
+
+    err = tf_store_addr(realm, &myAddr);
+
+    memset(newkey, 0, sizeof(newkey));
+    memset(schedule, 0, sizeof(schedule));
+
+    return err;
+}
+
+int
+krb_get_our_ip_for_realm(const char *realm, struct in_addr *ip_addr)
+{
+    return tf_get_addr(realm, ip_addr);
+}
diff --git a/crypto/kerberosIV/lib/krb/krb_locl.h b/crypto/kerberosIV/lib/krb/krb_locl.h
index f5792a8..02e7fa2 100644
--- a/crypto/kerberosIV/lib/krb/krb_locl.h
+++ b/crypto/kerberosIV/lib/krb/krb_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: krb_locl.h,v 1.49 1998/06/13 00:06:59 assar Exp $ */
+/* $Id: krb_locl.h,v 1.50 1999/12/02 16:58:42 joda Exp $ */
 
 #ifndef __krb_locl_h
 #define __krb_locl_h
diff --git a/crypto/kerberosIV/lib/krb/krb_log.h b/crypto/kerberosIV/lib/krb/krb_log.h
index a760102..5155bc7 100644
--- a/crypto/kerberosIV/lib/krb/krb_log.h
+++ b/crypto/kerberosIV/lib/krb/krb_log.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: krb_log.h,v 1.2 1997/09/26 17:40:33 joda Exp $ */
+/* $Id: krb_log.h,v 1.3 1999/12/02 16:58:42 joda Exp $ */
 
 #include <krb.h>
 
diff --git a/crypto/kerberosIV/lib/krb/krb_net_read.c b/crypto/kerberosIV/lib/krb/krb_net_read.c
index 7459e2f..3830cf9 100644
--- a/crypto/kerberosIV/lib/krb/krb_net_read.c
+++ b/crypto/kerberosIV/lib/krb/krb_net_read.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: krb_net_read.c,v 1.2 1999/03/17 16:18:37 joda Exp $");
+RCSID("$Id: krb_net_read.c,v 1.3 1999/12/02 16:58:42 joda Exp $");
 
 int
 krb_net_read (int fd, void *buf, size_t nbytes)
diff --git a/crypto/kerberosIV/lib/krb/krb_net_write.c b/crypto/kerberosIV/lib/krb/krb_net_write.c
index e086ee1..0473685 100644
--- a/crypto/kerberosIV/lib/krb/krb_net_write.c
+++ b/crypto/kerberosIV/lib/krb/krb_net_write.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: krb_net_write.c,v 1.2 1999/03/17 16:18:37 joda Exp $");
+RCSID("$Id: krb_net_write.c,v 1.3 1999/12/02 16:58:42 joda Exp $");
 
 int
 krb_net_write (int fd, const void *buf, size_t nbytes)
diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c
index 4a2be44..4913eaf 100644
--- a/crypto/kerberosIV/lib/krb/kuserok.c
+++ b/crypto/kerberosIV/lib/krb/kuserok.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: kuserok.c,v 1.24 1999/06/23 10:12:37 assar Exp $");
+RCSID("$Id: kuserok.c,v 1.25 1999/12/02 16:58:42 joda Exp $");
 
 #define OK 0
 #define NOTOK 1
diff --git a/crypto/kerberosIV/lib/krb/logging.c b/crypto/kerberosIV/lib/krb/logging.c
index 76965fd..bac1c18 100644
--- a/crypto/kerberosIV/lib/krb/logging.c
+++ b/crypto/kerberosIV/lib/krb/logging.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -39,7 +34,7 @@
 #include "krb_locl.h"
 #include <klog.h>
 
-RCSID("$Id: logging.c,v 1.16 1998/07/24 06:13:35 assar Exp $");
+RCSID("$Id: logging.c,v 1.18 1999/12/02 16:58:42 joda Exp $");
 
 struct krb_log_facility {
     char filename[MaxPathLen]; 
@@ -87,7 +82,7 @@ krb_openlog(struct krb_log_facility *f,
 	    FILE *file,
 	    krb_log_func_t func)
 {
-    strcpy_truncate(f->filename, filename, MaxPathLen);
+    strlcpy(f->filename, filename, MaxPathLen);
     f->file = file;
     f->func = func;
     return KSUCCESS;
diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c
index 024e8ca..e74614d 100644
--- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c
+++ b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: lsb_addr_comp.c,v 1.15 1998/10/22 15:58:26 joda Exp $");
+RCSID("$Id: lsb_addr_comp.c,v 1.16 1999/12/02 16:58:42 joda Exp $");
 
 #include "krb-archaeology.h"
 
diff --git a/crypto/kerberosIV/lib/krb/mk_auth.c b/crypto/kerberosIV/lib/krb/mk_auth.c
index 91ea866..65354a9 100644
--- a/crypto/kerberosIV/lib/krb/mk_auth.c
+++ b/crypto/kerberosIV/lib/krb/mk_auth.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: mk_auth.c,v 1.6 1998/06/09 19:25:22 joda Exp $");
+RCSID("$Id: mk_auth.c,v 1.8 1999/12/02 16:58:43 joda Exp $");
 
 /*
  * Generate an authenticator for service.instance@realm.
@@ -69,7 +64,7 @@ krb_mk_auth(int32_t options,
   else
     tmp = krb_get_phost (instance);
 
-  strcpy_truncate(realinst, tmp, sizeof(realinst));
+  strlcpy(realinst, tmp, sizeof(realinst));
 
   if (realm == NULL) {
     ret = krb_get_lrealm (realrealm, 1);
diff --git a/crypto/kerberosIV/lib/krb/mk_priv.c b/crypto/kerberosIV/lib/krb/mk_priv.c
index 20f4ee2..a72b732 100644
--- a/crypto/kerberosIV/lib/krb/mk_priv.c
+++ b/crypto/kerberosIV/lib/krb/mk_priv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: mk_priv.c,v 1.21 1998/06/09 19:25:23 joda Exp $");
+RCSID("$Id: mk_priv.c,v 1.22 1999/12/02 16:58:43 joda Exp $");
 
 /* application include files */
 #include "krb-archaeology.h"
diff --git a/crypto/kerberosIV/lib/krb/mk_req.c b/crypto/kerberosIV/lib/krb/mk_req.c
index b3761ca..5e72e22 100644
--- a/crypto/kerberosIV/lib/krb/mk_req.c
+++ b/crypto/kerberosIV/lib/krb/mk_req.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: mk_req.c,v 1.20 1998/06/09 19:25:23 joda Exp $");
+RCSID("$Id: mk_req.c,v 1.22 1999/12/02 16:58:43 joda Exp $");
 
 static int lifetime = 255;	/* But no longer than TGT says. */
 
@@ -184,7 +179,7 @@ krb_mk_req(KTEXT authent, char *service, char *instance, char *realm,
 
     retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0);
     if (retval == KSUCCESS) {
-      strcpy_truncate(myrealm, realm, REALM_SZ);
+      strlcpy(myrealm, realm, REALM_SZ);
     } else
       retval = krb_get_tf_realm(TKT_FILE, myrealm);
     
diff --git a/crypto/kerberosIV/lib/krb/mk_safe.c b/crypto/kerberosIV/lib/krb/mk_safe.c
index e5ea847..2e8c5c2 100644
--- a/crypto/kerberosIV/lib/krb/mk_safe.c
+++ b/crypto/kerberosIV/lib/krb/mk_safe.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: mk_safe.c,v 1.24 1998/06/09 19:25:23 joda Exp $");
+RCSID("$Id: mk_safe.c,v 1.25 1999/12/02 16:58:43 joda Exp $");
 
 /* application include files */
 #include "krb-archaeology.h"
diff --git a/crypto/kerberosIV/lib/krb/name2name.c b/crypto/kerberosIV/lib/krb/name2name.c
index 2e2e9e6..49e457d 100644
--- a/crypto/kerberosIV/lib/krb/name2name.c
+++ b/crypto/kerberosIV/lib/krb/name2name.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: name2name.c,v 1.20 1999/03/13 21:26:02 assar Exp $");
+RCSID("$Id: name2name.c,v 1.22 1999/12/02 16:58:43 joda Exp $");
 
 /* convert host to a more fully qualified domain name, returns 0 if
  * phost is the same as host, 1 otherwise. phost should be
@@ -71,7 +66,7 @@ krb_name_to_name(const char *host, char *phost, size_t phost_size)
 	    && strchr (hp->h_aliases[0], '.') != NULL)
 		tmp = hp->h_aliases[0];
     }
-    strcpy_truncate (phost, tmp, phost_size);
+    strlcpy (phost, tmp, phost_size);
 
     if (strcmp(phost, host) == 0)
 	return 0;
diff --git a/crypto/kerberosIV/lib/krb/parse_name.c b/crypto/kerberosIV/lib/krb/parse_name.c
index da06aec..fcb3394 100644
--- a/crypto/kerberosIV/lib/krb/parse_name.c
+++ b/crypto/kerberosIV/lib/krb/parse_name.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: parse_name.c,v 1.5 1998/06/09 19:25:24 joda Exp $");
+RCSID("$Id: parse_name.c,v 1.7 1999/12/02 16:58:43 joda Exp $");
 
 int
 krb_parse_name(const char *fullname, krb_principal *principal)
@@ -86,10 +81,10 @@ kname_parse(char *np, char *ip, char *rp, char *fullname)
     krb_principal p;
     int ret;
     if((ret = krb_parse_name(fullname, &p)) == 0){
-	strcpy_truncate (np, p.name, ANAME_SZ);
-	strcpy_truncate (ip, p.instance, INST_SZ);
+	strlcpy (np, p.name, ANAME_SZ);
+	strlcpy (ip, p.instance, INST_SZ);
 	if(p.realm[0])
-	    strcpy_truncate (rp, p.realm, REALM_SZ);
+	    strlcpy (rp, p.realm, REALM_SZ);
     }
     return ret;
 }
diff --git a/crypto/kerberosIV/lib/krb/prot.h b/crypto/kerberosIV/lib/krb/prot.h
index b9a4ea3..e207881 100644
--- a/crypto/kerberosIV/lib/krb/prot.h
+++ b/crypto/kerberosIV/lib/krb/prot.h
@@ -1,5 +1,5 @@
 /*
- * $Id: prot.h,v 1.8 1997/12/05 00:18:02 joda Exp $
+ * $Id: prot.h,v 1.9 1999/11/30 18:57:46 bg Exp $
  *
  * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
  * of Technology.
@@ -13,6 +13,8 @@
 #ifndef PROT_DEFS
 #define PROT_DEFS
 
+#include <krb.h>
+
 #define		KRB_SERVICE		"kerberos-iv"
 #define		KRB_PORT		750	/* PC's don't have
 						 * /etc/services */
diff --git a/crypto/kerberosIV/lib/krb/rd_err.c b/crypto/kerberosIV/lib/krb/rd_err.c
index 3382eab..76544f1 100644
--- a/crypto/kerberosIV/lib/krb/rd_err.c
+++ b/crypto/kerberosIV/lib/krb/rd_err.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: rd_err.c,v 1.8 1997/04/01 08:18:40 joda Exp $");
+RCSID("$Id: rd_err.c,v 1.9 1999/12/02 16:58:43 joda Exp $");
 
 /*
  * Given an AUTH_MSG_APPL_ERR message, "in" and its length "in_length",
diff --git a/crypto/kerberosIV/lib/krb/rd_priv.c b/crypto/kerberosIV/lib/krb/rd_priv.c
index 0721b2c..0bb0a40 100644
--- a/crypto/kerberosIV/lib/krb/rd_priv.c
+++ b/crypto/kerberosIV/lib/krb/rd_priv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: rd_priv.c,v 1.26 1998/05/26 19:57:42 joda Exp $");
+RCSID("$Id: rd_priv.c,v 1.27 1999/12/02 16:58:43 joda Exp $");
 
 /* application include files */
 #include "krb-archaeology.h"
diff --git a/crypto/kerberosIV/lib/krb/rd_req.c b/crypto/kerberosIV/lib/krb/rd_req.c
index e145dae..91b27a5 100644
--- a/crypto/kerberosIV/lib/krb/rd_req.c
+++ b/crypto/kerberosIV/lib/krb/rd_req.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: rd_req.c,v 1.25 1998/06/09 19:25:25 joda Exp $");
+RCSID("$Id: rd_req.c,v 1.27.2.1 1999/12/06 22:04:36 assar Exp $");
 
 static struct timeval t_local = { 0, 0 };
 
@@ -210,16 +205,16 @@ krb_rd_req(KTEXT authent,	/* The received message */
      */
     if (fn && (strcmp(st_nam,service) || strcmp(st_inst,instance) ||
                strcmp(st_rlm,realm) || (st_kvno != s_kvno))) {
-        if (*fn == 0) fn = KEYFILE;
+        if (*fn == 0) fn = (char *)KEYFILE;
         st_kvno = s_kvno;
         if (read_service_key(service, instance, realm, s_kvno,
 			     fn, (char *)skey))
             return(RD_AP_UNDEC);
         if ((status = krb_set_key((char*)skey, 0)))
 	    return(status);
-        strcpy_truncate (st_rlm, realm, REALM_SZ);
-        strcpy_truncate (st_nam, service, SNAME_SZ);
-        strcpy_truncate (st_inst, instance, INST_SZ);
+        strlcpy (st_rlm, realm, REALM_SZ);
+        strlcpy (st_nam, service, SNAME_SZ);
+        strlcpy (st_inst, instance, INST_SZ);
     }
 
     tkt->length = *p++;
diff --git a/crypto/kerberosIV/lib/krb/rd_safe.c b/crypto/kerberosIV/lib/krb/rd_safe.c
index 495a681..fd8f35e 100644
--- a/crypto/kerberosIV/lib/krb/rd_safe.c
+++ b/crypto/kerberosIV/lib/krb/rd_safe.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: rd_safe.c,v 1.25 1997/12/05 00:17:09 joda Exp $");
+RCSID("$Id: rd_safe.c,v 1.26 1999/12/02 16:58:43 joda Exp $");
 
 /* application include files */
 #include "krb-archaeology.h"
diff --git a/crypto/kerberosIV/lib/krb/read_service_key.c b/crypto/kerberosIV/lib/krb/read_service_key.c
index d517551..55fb98d 100644
--- a/crypto/kerberosIV/lib/krb/read_service_key.c
+++ b/crypto/kerberosIV/lib/krb/read_service_key.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: read_service_key.c,v 1.11 1999/03/10 18:34:34 joda Exp $");
+RCSID("$Id: read_service_key.c,v 1.12 1999/09/16 20:41:54 assar Exp $");
 
 /*
  * The private keys for servers on a given host are stored in a
@@ -97,7 +97,7 @@ read_service_key(const char *service,	/* Service Name */
         if (!wcard && strcmp(inst,instance))
             continue;
         if (wcard) {
-	    strcpy_truncate (instance, inst, INST_SZ);
+	    strlcpy (instance, inst, INST_SZ);
 	}
         /* Is this the right realm */
         if (strcmp(rlm,realm)) 
diff --git a/crypto/kerberosIV/lib/krb/realm_parse.c b/crypto/kerberosIV/lib/krb/realm_parse.c
index 8d90f1b..a4f0e7f 100644
--- a/crypto/kerberosIV/lib/krb/realm_parse.c
+++ b/crypto/kerberosIV/lib/krb/realm_parse.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: realm_parse.c,v 1.15 1998/06/09 19:25:25 joda Exp $");
+RCSID("$Id: realm_parse.c,v 1.17 1999/12/02 16:58:43 joda Exp $");
 
 static int
 realm_parse(char *realm, int length, const char *file)
@@ -55,7 +50,7 @@ realm_parse(char *realm, int length, const char *file)
 	p = strtok_r(tr, " \t\n\r", &unused);
 	if(p && strcasecmp(p, realm) == 0){
 	    fclose(F);
-	    strcpy_truncate (realm, p, length);
+	    strlcpy (realm, p, length);
 	    return 0;
 	}
     }
diff --git a/crypto/kerberosIV/lib/krb/roken_rename.h b/crypto/kerberosIV/lib/krb/roken_rename.h
index 831da32..bae1098 100644
--- a/crypto/kerberosIV/lib/krb/roken_rename.h
+++ b/crypto/kerberosIV/lib/krb/roken_rename.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: roken_rename.h,v 1.7 1998/10/13 16:50:23 joda Exp $ */
+/* $Id: roken_rename.h,v 1.8 1999/12/02 16:58:44 joda Exp $ */
 
 #ifndef __roken_rename_h__
 #define __roken_rename_h__
diff --git a/crypto/kerberosIV/lib/krb/rw.c b/crypto/kerberosIV/lib/krb/rw.c
index 559e3fa..88589c3 100644
--- a/crypto/kerberosIV/lib/krb/rw.c
+++ b/crypto/kerberosIV/lib/krb/rw.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: rw.c,v 1.10 1999/06/29 21:18:08 bg Exp $");
+RCSID("$Id: rw.c,v 1.12 1999/12/02 16:58:44 joda Exp $");
 
 int
 krb_get_int(void *f, u_int32_t *to, int size, int lsb)
@@ -109,7 +104,7 @@ krb_put_string(const char *from, void *to, size_t rem)
 int
 krb_get_string(void *from, char *to, size_t to_size)
 {
-    strcpy_truncate (to, (char *)from, to_size);
+    strlcpy (to, (char *)from, to_size);
     return strlen((char *)from) + 1;
 }
 
diff --git a/crypto/kerberosIV/lib/krb/send_to_kdc.c b/crypto/kerberosIV/lib/krb/send_to_kdc.c
index 04409be..74ac1bb 100644
--- a/crypto/kerberosIV/lib/krb/send_to_kdc.c
+++ b/crypto/kerberosIV/lib/krb/send_to_kdc.c
@@ -22,15 +22,15 @@ or implied warranty.
 #include "krb_locl.h"
 #include <base64.h>
 
-RCSID("$Id: send_to_kdc.c,v 1.69 1999/06/29 21:18:09 bg Exp $");
+RCSID("$Id: send_to_kdc.c,v 1.71 1999/11/25 02:20:53 assar Exp $");
 
 struct host {
     struct sockaddr_in addr;
+    const char *hostname;
     enum krb_host_proto proto;
 };
 
-static int send_recv(KTEXT pkt, KTEXT rpkt, int f,
-		     struct sockaddr_in *adr);
+static int send_recv(KTEXT pkt, KTEXT rpkt, struct host *host);
 
 /*
  * send_to_kdc() sends a message to the Kerberos authentication
@@ -72,6 +72,20 @@ krb_use_admin_server(int flag)
     return old;
 }
 
+#define PROXY_VAR "krb4_proxy"
+
+static int
+expand (struct host **ptr, size_t sz)
+{
+    void *tmp;
+
+    tmp = realloc (*ptr, sz) ;
+    if (tmp == NULL)
+	return SKDC_CANT;
+    *ptr = tmp;
+    return 0;
+}
+
 int
 send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm)
 {
@@ -84,6 +98,10 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm)
     char lrealm[REALM_SZ];
     struct krb_host *k_host;
     struct host *hosts = malloc(sizeof(*hosts));
+    const char *proxy = krb_get_config_string (PROXY_VAR);
+
+    if (hosts == NULL)
+	return SKDC_CANT;
 
     if (client_timeout == -1) {
 	const char *to;
@@ -100,29 +118,26 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm)
 	}
     }
 
-    if (hosts == NULL)
-	return SKDC_CANT;
-
     /*
      * If "realm" is non-null, use that, otherwise get the
      * local realm.
      */
-    if (realm)
-	strcpy_truncate(lrealm, realm, REALM_SZ);
-    else
+    if (realm == NULL) {
 	if (krb_get_lrealm(lrealm,1)) {
 	    if (krb_debug)
 		krb_warning("send_to_kdc: can't get local realm\n");
 	    return(SKDC_CANT);
 	}
+	realm = lrealm;
+    }
     if (krb_debug)
-	krb_warning("lrealm is %s\n", lrealm);
+	krb_warning("lrealm is %s\n", realm);
 
     no_host = 1;
     /* get an initial allocation */
     n_hosts = 0;
     for (i = 1;
-	 (k_host = krb_get_host(i, lrealm, krb_use_admin_server_flag)); 
+	 (k_host = krb_get_host(i, realm, krb_use_admin_server_flag)); 
 	 ++i) {
 	char *p;
 	char **addr_list;
@@ -130,42 +145,56 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm)
 	int n_addrs;
 	struct host *tmp;
 
-        if (krb_debug)
-	    krb_warning("Getting host entry for %s...", k_host->host);
-        host = gethostbyname(k_host->host);
-        if (krb_debug) {
-	    krb_warning("%s.\n",
-			host ? "Got it" : "Didn't get it");
-        }
-        if (host == NULL)
-            continue;
-        no_host = 0;    /* found at least one */
-
-	n_addrs = 0;
-	for (addr_list = host->h_addr_list; *addr_list != NULL; ++addr_list)
-	    ++n_addrs;
-
-	tmp = realloc (hosts, (n_hosts + n_addrs) * sizeof(*hosts));
-	if (tmp == NULL) {
-	    free (hosts);
-	    return SKDC_CANT;
-	}
-	hosts = tmp;
-
-	for (addr_list = host->h_addr_list, j = 0;
-	     (p = *addr_list) != NULL;
-	     ++addr_list, ++j) {
-	    memset (&hosts[n_hosts + j].addr, 0, sizeof(struct sockaddr_in));
-	    hosts[n_hosts + j].addr.sin_family = host->h_addrtype;
-	    hosts[n_hosts + j].addr.sin_port   = htons(k_host->port);
-	    hosts[n_hosts + j].proto           = k_host->proto;
-	    memcpy(&hosts[n_hosts + j].addr.sin_addr, p,
-		   sizeof(struct in_addr));
+	if (k_host->proto == PROTO_HTTP && proxy != NULL) {
+	    n_addrs = 1;
+	    no_host = 0;
+
+	    retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts));
+	    if (retval)
+		goto rtn;
+
+	    memset (&hosts[n_hosts].addr, 0, sizeof(struct sockaddr_in));
+	    hosts[n_hosts].addr.sin_port = htons(k_host->port);
+	    hosts[n_hosts].proto         = k_host->proto;
+	    hosts[n_hosts].hostname      = k_host->host;
+	} else {
+	    if (krb_debug)
+		krb_warning("Getting host entry for %s...", k_host->host);
+	    host = gethostbyname(k_host->host);
+	    if (krb_debug) {
+		krb_warning("%s.\n",
+			    host ? "Got it" : "Didn't get it");
+	    }
+	    if (host == NULL)
+		continue;
+	    no_host = 0;    /* found at least one */
+
+	    n_addrs = 0;
+	    for (addr_list = host->h_addr_list;
+		 *addr_list != NULL;
+		 ++addr_list)
+		++n_addrs;
+
+	    retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts));
+	    if (retval)
+		goto rtn;
+
+	    for (addr_list = host->h_addr_list, j = 0;
+		 (p = *addr_list) != NULL;
+		 ++addr_list, ++j) {
+		memset (&hosts[n_hosts + j].addr, 0,
+			sizeof(struct sockaddr_in));
+		hosts[n_hosts + j].addr.sin_family = host->h_addrtype;
+		hosts[n_hosts + j].addr.sin_port   = htons(k_host->port);
+		hosts[n_hosts + j].proto           = k_host->proto;
+		hosts[n_hosts + j].hostname        = k_host->host;
+		memcpy(&hosts[n_hosts + j].addr.sin_addr, p,
+		       sizeof(struct in_addr));
+	    }
 	}
 
 	for (j = 0; j < n_addrs; ++j) {
-	    if (send_recv(pkt, rpkt, hosts[n_hosts + j].proto,
-			  &hosts[n_hosts + j].addr)) {
+	    if (send_recv(pkt, rpkt, &hosts[n_hosts + j])) {
 		retval = KSUCCESS;
 		goto rtn;
 	    }
@@ -184,9 +213,7 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm)
     /* retry each host in sequence */
     for (retry = 0; retry < CLIENT_KRB_RETRY; ++retry) {
 	for (i = 0; i < n_hosts; ++i) {
-	    if (send_recv(pkt, rpkt,
-			  hosts[i].proto,
-			  &hosts[i].addr)) {
+	    if (send_recv(pkt, rpkt, &hosts[i])) {
 		retval = KSUCCESS;
 		goto rtn;
 	    }
@@ -205,24 +232,26 @@ udp_socket(void)
 }
 
 static int
-udp_connect(int s, struct sockaddr_in *adr)
+udp_connect(int s, struct host *host)
 {
     if(krb_debug) {
-	krb_warning("connecting to %s udp, port %d\n", 
-		    inet_ntoa(adr->sin_addr), 
-		    ntohs(adr->sin_port));
+	krb_warning("connecting to %s (%s) udp, port %d\n", 
+		    host->hostname,
+		    inet_ntoa(host->addr.sin_addr),
+		    ntohs(host->addr.sin_port));
     }
-    return connect(s, (struct sockaddr*)adr, sizeof(*adr));
+    return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr));
 }
 
 static int
-udp_send(int s, struct sockaddr_in* adr, KTEXT pkt)
+udp_send(int s, struct host *host, KTEXT pkt)
 {
     if(krb_debug) {
-	krb_warning("sending %d bytes to %s, udp port %d\n", 
+	krb_warning("sending %d bytes to %s (%s), udp port %d\n", 
 		    pkt->length,
-		    inet_ntoa(adr->sin_addr), 
-		    ntohs(adr->sin_port));
+		    host->hostname,
+		    inet_ntoa(host->addr.sin_addr), 
+		    ntohs(host->addr.sin_port));
     }
     return send(s, pkt->dat, pkt->length, 0);
 }
@@ -234,25 +263,28 @@ tcp_socket(void)
 }
 
 static int
-tcp_connect(int s, struct sockaddr_in *adr)
+tcp_connect(int s, struct host *host)
 {
     if(krb_debug) {
-	krb_warning("connecting to %s, tcp port %d\n", 
-		    inet_ntoa(adr->sin_addr), 
-		    ntohs(adr->sin_port));
+	krb_warning("connecting to %s (%s), tcp port %d\n", 
+		    host->hostname,
+		    inet_ntoa(host->addr.sin_addr), 
+		    ntohs(host->addr.sin_port));
     }
-    return connect(s, (struct sockaddr*)adr, sizeof(*adr));
+    return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr));
 }
 
 static int
-tcp_send(int s, struct sockaddr_in* adr, KTEXT pkt)
+tcp_send(int s, struct host *host, KTEXT pkt)
 {
     unsigned char len[4];
+
     if(krb_debug) {
-	krb_warning("sending %d bytes to %s, tcp port %d\n", 
+	krb_warning("sending %d bytes to %s (%s), tcp port %d\n", 
 		    pkt->length,
-		    inet_ntoa(adr->sin_addr), 
-		    ntohs(adr->sin_port));
+		    host->hostname,
+		    inet_ntoa(host->addr.sin_addr), 
+		    ntohs(host->addr.sin_port));
     }
     krb_put_int(pkt->length, len, sizeof(len), 4);
     if(send(s, len, sizeof(len), 0) != sizeof(len))
@@ -305,24 +337,23 @@ url_parse(const char *url, char *host, size_t len, short *port)
     return 0;
 }
 
-#define PROXY_VAR "krb4_proxy"
-
 static int
-http_connect(int s, struct sockaddr_in *adr)
+http_connect(int s, struct host *host)
 {
     const char *proxy = krb_get_config_string(PROXY_VAR);
-    char host[MaxHostNameLen];
+    char proxy_host[MaxHostNameLen];
     short port;
     struct hostent *hp;
     struct sockaddr_in sin;
+
     if(proxy == NULL) {
 	if(krb_debug)
 	    krb_warning("Not using proxy.\n");
-	return tcp_connect(s, adr);
+	return tcp_connect(s, host);
     }
-    if(url_parse(proxy, host, sizeof(host), &port) < 0)
+    if(url_parse(proxy, proxy_host, sizeof(proxy_host), &port) < 0)
 	return -1;
-    hp = gethostbyname(host);
+    hp = gethostbyname(proxy_host);
     if(hp == NULL)
 	return -1;
     memset(&sin, 0, sizeof(sin));
@@ -331,36 +362,38 @@ http_connect(int s, struct sockaddr_in *adr)
     sin.sin_port = port;
     if(krb_debug) {
 	krb_warning("connecting to proxy on %s (%s) port %d\n", 
-		    host, inet_ntoa(sin.sin_addr), ntohs(port));
+		    proxy_host, inet_ntoa(sin.sin_addr), ntohs(port));
     }
     return connect(s, (struct sockaddr*)&sin, sizeof(sin));
 }
 
 static int
-http_send(int s, struct sockaddr_in* adr, KTEXT pkt)
+http_send(int s, struct host *host, KTEXT pkt)
 {
+    const char *proxy = krb_get_config_string (PROXY_VAR);
     char *str;
     char *msg;
 
     if(base64_encode(pkt->dat, pkt->length, &str) < 0)
 	return -1;
-    if(krb_get_config_string(PROXY_VAR)) {
+    if(proxy != NULL) {
 	if(krb_debug) {
 	    krb_warning("sending %d bytes to %s, tcp port %d (via proxy)\n", 
 			pkt->length,
-			inet_ntoa(adr->sin_addr), 
-			ntohs(adr->sin_port));
+			host->hostname,
+			ntohs(host->addr.sin_port));
 	}
 	asprintf(&msg, "GET http://%s:%d/%s HTTP/1.0\r\n\r\n",
-		 inet_ntoa(adr->sin_addr),
-		 ntohs(adr->sin_port),
+		 host->hostname,
+		 ntohs(host->addr.sin_port),
 		 str);
     } else {
 	if(krb_debug) {
-	    krb_warning("sending %d bytes to %s, http port %d\n", 
+	    krb_warning("sending %d bytes to %s (%s), http port %d\n", 
 			pkt->length,
-			inet_ntoa(adr->sin_addr), 
-			ntohs(adr->sin_port));
+			host->hostname,
+			inet_ntoa(host->addr.sin_addr), 
+			ntohs(host->addr.sin_port));
 	}
 	asprintf(&msg, "GET %s HTTP/1.0\r\n\r\n", str);
     }
@@ -415,8 +448,8 @@ static struct proto_descr {
     int proto;
     int stream_flag;
     int (*socket)(void);
-    int (*connect)(int, struct sockaddr_in*);
-    int (*send)(int, struct sockaddr_in*, KTEXT);
+    int (*connect)(int, struct host *host);
+    int (*send)(int, struct host *host, KTEXT);
     int (*recv)(void*, size_t, KTEXT);
 } protos[] = {
     { PROTO_UDP, 0, udp_socket, udp_connect, udp_send, udptcp_recv },
@@ -425,7 +458,7 @@ static struct proto_descr {
 };
 
 static int
-send_recv(KTEXT pkt, KTEXT rpkt, int proto, struct sockaddr_in *adr)
+send_recv(KTEXT pkt, KTEXT rpkt, struct host *host)
 {
     int i;
     int s;
@@ -433,18 +466,18 @@ send_recv(KTEXT pkt, KTEXT rpkt, int proto, struct sockaddr_in *adr)
     int offset = 0;
     
     for(i = 0; i < sizeof(protos) / sizeof(protos[0]); i++){
-	if(protos[i].proto == proto)
+	if(protos[i].proto == host->proto)
 	    break;
     }
     if(i == sizeof(protos) / sizeof(protos[0]))
 	return FALSE;
     if((s = (*protos[i].socket)()) < 0)
 	return FALSE;
-    if((*protos[i].connect)(s, adr) < 0){
+    if((*protos[i].connect)(s, host) < 0) {
 	close(s);
 	return FALSE;
     }
-    if((*protos[i].send)(s, adr, pkt) < 0){
+    if((*protos[i].send)(s, host, pkt) < 0) {
 	close(s);
 	return FALSE;
     }
diff --git a/crypto/kerberosIV/lib/krb/sendauth.c b/crypto/kerberosIV/lib/krb/sendauth.c
index 3debc49..201b388 100644
--- a/crypto/kerberosIV/lib/krb/sendauth.c
+++ b/crypto/kerberosIV/lib/krb/sendauth.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: sendauth.c,v 1.17 1998/06/09 19:25:26 joda Exp $");
+RCSID("$Id: sendauth.c,v 1.18 1999/09/16 20:41:55 assar Exp $");
 
 /*
  * krb_sendauth() transmits a ticket over a file descriptor for a
@@ -148,7 +148,7 @@ krb_sendauth(int32_t options,	/* bit-pattern of options */
 	    i = instance;
 	else
 	    i = krb_get_phost(instance);
-	strcpy_truncate (inst, i, sizeof(inst));
+	strlcpy (inst, i, sizeof(inst));
 
 	ret = krb_get_cred (service, inst, realm, cred);
 	if (ret != KSUCCESS)
diff --git a/crypto/kerberosIV/lib/krb/solaris_compat.c b/crypto/kerberosIV/lib/krb/solaris_compat.c
index ff59dcb..ff31e4b 100644
--- a/crypto/kerberosIV/lib/krb/solaris_compat.c
+++ b/crypto/kerberosIV/lib/krb/solaris_compat.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: solaris_compat.c,v 1.2.6.1 1999/07/22 03:15:53 assar Exp $");
+RCSID("$Id: solaris_compat.c,v 1.4 1999/12/02 16:58:44 joda Exp $");
 
 #if (SunOS + 0) >= 50
 /*
diff --git a/crypto/kerberosIV/lib/krb/str2key.c b/crypto/kerberosIV/lib/krb/str2key.c
index 71a2cea..4ef4c57 100644
--- a/crypto/kerberosIV/lib/krb/str2key.c
+++ b/crypto/kerberosIV/lib/krb/str2key.c
@@ -1,104 +1,105 @@
-/* This defines the Andrew string_to_key function.  It accepts a password
- * string as input and converts its via a one-way encryption algorithm to a DES
- * encryption key.  It is compatible with the original Andrew authentication
- * service password database.
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
  */
 
 #include "krb_locl.h"
 
-RCSID("$Id: str2key.c,v 1.12.2.1 1999/08/19 13:35:01 assar Exp $");
+RCSID("$Id: str2key.c,v 1.17 1999/12/02 16:58:44 joda Exp $");
 
-static inline void
-mklower(char *s)
-{
-    for (; *s; s++)
-        if ('A' <= *s && *s <= 'Z')
-            *s = *s - 'A' + 'a';
-}
+#define lowcase(c) (('A' <= (c) && (c) <= 'Z') ? ((c) - 'A' + 'a') : (c))
 
 /*
- * Short passwords, i.e 8 characters or less.
+ * The string to key function used by Transarc AFS.
  */
-static inline void
-afs_cmu_StringToKey(const char *str, const char *cell, des_cblock *key)
-{
-    char  password[8+1];	/* crypt is limited to 8 chars anyway */
-    int   i;
-    int   passlen;
-
-    memset (key, 0, sizeof(key));
-    memset(password, 0, sizeof(password));
-
-    strcpy_truncate (password, cell, sizeof(password));
-    passlen = strlen (str);
-    if (passlen > 8) passlen = 8;
-
-    for (i=0; i<passlen; i++)
-        password[i] = str[i] ^ cell[i];	/* make sure cell is zero padded */
-
-    for (i=0; i<8; i++)
-        if (password[i] == '\0') password[i] = 'X';
-
-    /* crypt only considers the first 8 characters of password but for some
-       reason returns eleven characters of result (plus the two salt chars). */
-    strncpy((char *)key, crypt(password, "p1") + 2, sizeof(des_cblock));
-
-    /* parity is inserted into the LSB so leftshift each byte up one bit.  This
-       allows ascii characters with a zero MSB to retain as much significance
-       as possible. */
-    {   char *keybytes = (char *)key;
-        unsigned int temp;
-
-        for (i = 0; i < 8; i++) {
-            temp = (unsigned int) keybytes[i];
-            keybytes[i] = (unsigned char) (temp << 1);
-        }
-    }
-    des_fixup_key_parity (key);
-}
-
-/*
- * Long passwords, i.e 9 characters or more.
- */
-static inline void
-afs_transarc_StringToKey(const char *str, const char *cell, des_cblock *key)
-{
-    des_key_schedule schedule;
-    des_cblock temp_key;
-    des_cblock ivec;
-    char password[512];
-    int  passlen;
-
-    strcpy_truncate (password, str, sizeof(password));
-    if ((passlen = strlen (password)) < sizeof(password)-1)
-        strcat_truncate (password, cell, sizeof(password));
-    if ((passlen = strlen(password)) > sizeof(password))
-	passlen = sizeof(password);
-
-    memcpy(&ivec, "kerberos", 8);
-    memcpy(&temp_key, "kerberos", 8);
-    des_fixup_key_parity (&temp_key);
-    des_key_sched (&temp_key, schedule);
-    des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);
-
-    memcpy(&temp_key, &ivec, 8);
-    des_fixup_key_parity (&temp_key);
-    des_key_sched (&temp_key, schedule);
-    des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);
-
-    des_fixup_key_parity (key);
-}
-
 void
-afs_string_to_key(const char *str, const char *cell, des_cblock *key)
+afs_string_to_key(const char *pass, const char *cell, des_cblock *key)
 {
-    char realm[REALM_SZ];
-
-    strcpy_truncate(realm, cell, REALM_SZ);
-    mklower(realm);
-
-    if (strlen(str) > 8)
-        afs_transarc_StringToKey (str, realm, key);
-    else
-        afs_cmu_StringToKey (str, realm, key);
+  if (strlen(pass) <= 8)	/* Short passwords. */
+    {
+      char buf[8 + 1], *s;
+      int i;
+
+      /*
+       * XOR cell and password and pad (or fill) with 'X' to length 8,
+       * then use crypt(3) to create DES key.
+       */
+      for (i = 0; i < 8; i++)
+	{
+	  buf[i] = *pass ^ lowcase(*cell);
+	  if (buf[i] == 0)
+	    buf[i] = 'X';
+	  if (*pass != 0)
+	    pass++;
+	  if (*cell != 0)
+	    cell++;
+	}
+      buf[8] = 0;
+
+      s = crypt(buf, "p1");	/* Result from crypt is 7bit chars. */
+      s = s + 2;		/* Skip 2 chars of salt. */
+      for (i = 0; i < 8; i++)
+	((char *) key)[i] = s[i] << 1; /* High bit is always zero */
+      des_fixup_key_parity(key); /*       Low  bit is parity */
+    }
+  else				/* Long passwords */
+    {
+      int plen, clen;
+      char *buf, *t;
+      des_key_schedule sched;
+      des_cblock ivec;
+
+      /*
+       * Concatenate password with cell name,
+       * then checksum twice to create DES key.
+       */
+      plen = strlen(pass);
+      clen = strlen(cell);
+      buf = malloc(plen + clen + 1);
+      memcpy(buf, pass, plen);
+      for (t = buf + plen; *cell != 0; t++, cell++)
+	*t = lowcase(*cell);
+
+      memcpy(&ivec, "kerberos", 8);
+      memcpy(key, "kdsbdsns", 8);
+      des_key_sched(key, sched);
+      /* Beware, ivec is passed twice */
+      des_cbc_cksum((des_cblock *)buf, &ivec, plen + clen, sched, &ivec);
+
+      memcpy(key, &ivec, 8);
+      des_fixup_key_parity(key);
+      des_key_sched(key, sched);
+      /* Beware, ivec is passed twice */
+      des_cbc_cksum((des_cblock *)buf, key, plen + clen, sched, &ivec);
+      free(buf);
+      des_fixup_key_parity(key);
+    }
 }
diff --git a/crypto/kerberosIV/lib/krb/tf_util.c b/crypto/kerberosIV/lib/krb/tf_util.c
index 27a6125..c738757 100644
--- a/crypto/kerberosIV/lib/krb/tf_util.c
+++ b/crypto/kerberosIV/lib/krb/tf_util.c
@@ -21,7 +21,7 @@ or implied warranty.
         
 #include "krb_locl.h"
 
-RCSID("$Id: tf_util.c,v 1.35 1999/06/29 21:18:11 bg Exp $");
+RCSID("$Id: tf_util.c,v 1.39 1999/12/02 18:03:16 assar Exp $");
 
 
 #define TOO_BIG -1
@@ -34,6 +34,10 @@ RCSID("$Id: tf_util.c,v 1.35 1999/06/29 21:18:11 bg Exp $");
 #define O_BINARY 0
 #endif
 
+#define MAGIC_TICKET_NAME "magic"
+#define MAGIC_TICKET_TIME_DIFF_INST "time-diff"
+#define MAGIC_TICKET_ADDR_INST "our-address"
+
 /*
  * fd must be initialized to something that won't ever occur as a real
  * file descriptor. Since open(2) returns only non-negative numbers as
@@ -162,12 +166,17 @@ tf_init(char *tf_name, int rw)
    * All library functions now assume that the right set of userids
    * are set upon entry, therefore it's not strictly necessary to
    * perform these test for programs adhering to these assumptions.
+   *
+   * This doesn't work on cygwin because getuid() returns a different
+   * uid than the owner of files that are created.
    */
+#ifndef __CYGWIN__
   {
     uid_t me = getuid();
     if (stat_buf.st_uid != me && me != 0)
       return TKT_FIL_ACC;
   }
+#endif
 
   /*
    * If "wflag" is set, open the ticket file in append-writeonly mode
@@ -377,11 +386,8 @@ tf_put_pinst(const char *inst)
  * EOF          - end of file encountered
  */
 
-#define MAGIC_TICKET_NAME "magic"
-#define MAGIC_TICKET_INST "time-diff"
-	  
-int
-tf_get_cred(CREDENTIALS *c)
+static int
+real_tf_get_cred(CREDENTIALS *c)
 {
   KTEXT   ticket = &c->ticket_st;	/* pointer to ticket */
   int     k_errno;
@@ -391,7 +397,6 @@ tf_get_cred(CREDENTIALS *c)
       krb_warning ("tf_get_cred called before tf_init.\n");
     return TKT_FIL_INI;
   }
-again:
   if ((k_errno = tf_gets(c->service, SNAME_SZ)) < 2)
     switch (k_errno) {
     case TOO_BIG:
@@ -443,17 +448,69 @@ again:
       krb_warning ("tf_get_cred: failed tf_read.\n");
     return TKT_FIL_FMT;
   }
-  if(strcmp(c->service, MAGIC_TICKET_NAME) == 0 &&
-     strcmp(c->instance, MAGIC_TICKET_INST) == 0) {
-      /* we found the magic `time diff' ticket; update the kdc time
+  return KSUCCESS;
+}
+
+int
+tf_get_cred(CREDENTIALS *c)
+{
+  int ret;
+  int fake;
+
+  do {
+    fake = 0;
+
+    ret = real_tf_get_cred (c);
+    if (ret)
+      return ret;
+
+    if(strcmp(c->service, MAGIC_TICKET_NAME) == 0) {
+      if(strcmp(c->instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) {
+	/* we found the magic `time diff' ticket; update the kdc time
          differential, and then get the next ticket */
-      u_int32_t d;
+	u_int32_t d;
 
-      krb_get_int(c->ticket_st.dat, &d, 4, 0);
-      krb_set_kdc_time_diff(d);
-      goto again;
-  }
-  return KSUCCESS;
+	krb_get_int(c->ticket_st.dat, &d, 4, 0);
+	krb_set_kdc_time_diff(d);
+	fake = 1;
+      } else if (strcmp(c->instance, MAGIC_TICKET_ADDR_INST) == 0) {
+	fake = 1;
+      }
+    }
+  } while (fake);
+  return ret;
+}
+
+int
+tf_get_cred_addr(char *realm, size_t realm_sz, struct in_addr *addr)
+{
+  int ret;
+  int fake;
+  CREDENTIALS cred;
+
+  do {
+    fake = 1;
+
+    ret = real_tf_get_cred (&cred);
+    if (ret)
+      return ret;
+
+    if(strcmp(cred.service, MAGIC_TICKET_NAME) == 0) {
+      if(strcmp(cred.instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) {
+	/* we found the magic `time diff' ticket; update the kdc time
+         differential, and then get the next ticket */
+	u_int32_t d;
+
+	krb_get_int(cred.ticket_st.dat, &d, 4, 0);
+	krb_set_kdc_time_diff(d);
+      } else if (strcmp(cred.instance, MAGIC_TICKET_ADDR_INST) == 0) {
+	strlcpy(realm, cred.realm, realm_sz);
+	memcpy (addr, cred.ticket_st.dat, sizeof(*addr));
+	fake = 0;
+      }
+    }
+  } while (fake);
+  return ret;
 }
 
 /*
@@ -650,7 +707,8 @@ tf_setup(CREDENTIALS *cred, const char *pname, const char *pinst)
 	int d = krb_get_kdc_time_diff();
 	krb_put_int(d, t.dat, sizeof(t.dat), 4);
 	t.length = 4;
-	tf_save_cred(MAGIC_TICKET_NAME, MAGIC_TICKET_INST, cred->realm, s, 
+	tf_save_cred(MAGIC_TICKET_NAME, MAGIC_TICKET_TIME_DIFF_INST,
+		     cred->realm, s, 
 		     cred->lifetime, 0, &t, cred->issue_date);
     }
     ret = tf_save_cred(cred->service, cred->instance, cred->realm, 
@@ -678,3 +736,70 @@ in_tkt(char *pname, char *pinst)
     tf_close();
     return KSUCCESS;
 }
+
+/*
+ * If there's a magic ticket with an address for realm `realm' in
+ * ticket file, return it in `addr'.
+ * realm == NULL means any realm.
+ */
+
+int
+tf_get_addr (const char *realm, struct in_addr *addr)
+{
+  CREDENTIALS cred;
+  krb_principal princ;
+  int ret;
+
+  ret = tf_init (tkt_string (), R_TKT_FIL);
+  if (ret)
+    return ret;
+
+  ret = tf_get_pname (princ.name);
+  if (ret)
+    goto out;
+  ret = tf_get_pinst (princ.name);
+  if (ret)
+    goto out;
+  while ((ret = real_tf_get_cred (&cred)) == KSUCCESS) {
+    if (strcmp (cred.service, MAGIC_TICKET_NAME) == 0
+	&& strcmp (cred.instance, MAGIC_TICKET_ADDR_INST) == 0
+	&& (realm == NULL
+	    || strcmp (cred.realm, realm) == 0)) {
+      memcpy (addr, cred.ticket_st.dat, sizeof(*addr));
+      goto out;
+    }
+  }
+  ret = KFAILURE;
+
+out:
+  tf_close ();
+  return ret;
+}
+
+/*
+ * Store `realm, addr' as a magic ticket.
+ */
+
+int
+tf_store_addr (const char *realm, struct in_addr *addr)
+{
+  CREDENTIALS c;
+  krb_principal princ;
+  int ret;
+  des_cblock s = { 0, 0, 0, 0, 0, 0, 0, 0 };
+  KTEXT_ST t;
+
+  ret = tf_init (tkt_string (), W_TKT_FIL);
+  if (ret)
+    return ret;
+
+  t.length = sizeof(*addr);
+  memcpy (t.dat, addr, sizeof(*addr));
+
+  ret = tf_save_cred (MAGIC_TICKET_NAME, MAGIC_TICKET_ADDR_INST,
+		      (char *)realm, s, 0, /* lifetime */ 
+		      0, /* kvno */
+		      &t, time(NULL));
+  tf_close ();
+  return ret;
+}
diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.c b/crypto/kerberosIV/lib/krb/ticket_memory.c
index d1fab2e..f694190 100644
--- a/crypto/kerberosIV/lib/krb/ticket_memory.c
+++ b/crypto/kerberosIV/lib/krb/ticket_memory.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -45,7 +40,7 @@
 #include "krb_locl.h"
 #include "ticket_memory.h"
 
-RCSID("$Id: ticket_memory.c,v 1.13 1998/08/23 18:07:41 assar Exp $");
+RCSID("$Id: ticket_memory.c,v 1.15 1999/12/02 16:58:44 joda Exp $");
 
 void msg(char *text, int error);
 
@@ -81,7 +76,7 @@ newTktMem(const char *tf_name)
 	if(GetLastError() != ERROR_ALREADY_EXISTS) {
             memset(SharedMemory, 0, sizeof(*SharedMemory));
 	    if(tf_name)
-		strcpy_truncate(SharedMemory->tmname,
+		strlcpy(SharedMemory->tmname,
 				tf_name, sizeof(SharedMemory->tmname));
 	}
     }
@@ -261,7 +256,7 @@ tf_get_pname(char *p)
 	return KFAILURE;
     if(!TktStore->pname[0])
 	return KFAILURE;
-    strcpy_truncate(p, TktStore->pname, ANAME_SZ);
+    strlcpy(p, TktStore->pname, ANAME_SZ);
     return KSUCCESS;
 }
 
@@ -277,7 +272,7 @@ tf_put_pname(char *p)
 
     if(!(TktStore =  getTktMem(0)))
 	return KFAILURE;
-    strcpy_truncate(TktStore->pname, p, sizeof(TktStore->pname));
+    strlcpy(TktStore->pname, p, sizeof(TktStore->pname));
     return KSUCCESS;
 }
 
@@ -298,7 +293,7 @@ tf_get_pinst(char *inst)
 
     if(!(TktStore =  getTktMem(0)))
 	return KFAILURE;
-    strcpy_truncate(inst, TktStore->pinst, INST_SZ);
+    strlcpy(inst, TktStore->pinst, INST_SZ);
     return KSUCCESS;
 }
 
@@ -314,7 +309,7 @@ tf_put_pinst(char *inst)
 
     if(!(TktStore =  getTktMem(0)))
 	return KFAILURE;
-    strcpy_truncate(TktStore->pinst, inst, sizeof(TktStore->pinst));
+    strlcpy(TktStore->pinst, inst, sizeof(TktStore->pinst));
     return KSUCCESS;
 }
 
@@ -391,16 +386,16 @@ tf_save_cred(char *service,	/* Service name */
     if(last == -1)
 	return KFAILURE;
     cred = mem->cred_vec+last;
-    strcpy_truncate(cred->service, service, sizeof(cred->service));
-    strcpy_truncate(cred->instance, instance, sizeof(cred->instance));
-    strcpy_truncate(cred->realm, realm, sizeof(cred->realm));
+    strlcpy(cred->service, service, sizeof(cred->service));
+    strlcpy(cred->instance, instance, sizeof(cred->instance));
+    strlcpy(cred->realm, realm, sizeof(cred->realm));
     memcpy(cred->session, session, sizeof(cred->session));
     cred->lifetime = lifetime;
     cred->kvno = kvno;
     memcpy(&(cred->ticket_st), ticket, sizeof(*ticket));
     cred->issue_date = issue_date;
-    strcpy_truncate(cred->pname, mem->pname, sizeof(cred->pname));
-    strcpy_truncate(cred->pinst, mem->pinst, sizeof(cred->pinst));
+    strlcpy(cred->pname, mem->pname, sizeof(cred->pname));
+    strlcpy(cred->pinst, mem->pinst, sizeof(cred->pinst));
     PostUpdateMessage();
     return KSUCCESS;
 }
diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.h b/crypto/kerberosIV/lib/krb/ticket_memory.h
index 307fb9a..72fb686 100644
--- a/crypto/kerberosIV/lib/krb/ticket_memory.h
+++ b/crypto/kerberosIV/lib/krb/ticket_memory.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -40,7 +35,7 @@
  * Author: d93-jka@nada.kth.se - June 1996
  */
 
-/* $Id: ticket_memory.h,v 1.7 1998/06/03 02:31:05 joda Exp $ */
+/* $Id: ticket_memory.h,v 1.8 1999/12/02 16:58:44 joda Exp $ */
 
 #ifndef	TICKET_MEMORY_H
 #define TICKET_MEMORY_H
diff --git a/crypto/kerberosIV/lib/krb/time.c b/crypto/kerberosIV/lib/krb/time.c
index 23831cf..015259b 100644
--- a/crypto/kerberosIV/lib/krb/time.c
+++ b/crypto/kerberosIV/lib/krb/time.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: time.c,v 1.3 1998/09/30 22:36:19 assar Exp $");
+RCSID("$Id: time.c,v 1.4 1999/12/02 16:58:44 joda Exp $");
 
 /* number of seconds the kdc clock is ahead of us */
 static int time_diff;
diff --git a/crypto/kerberosIV/lib/krb/tkt_string.c b/crypto/kerberosIV/lib/krb/tkt_string.c
index 2c81288..0aa787c 100644
--- a/crypto/kerberosIV/lib/krb/tkt_string.c
+++ b/crypto/kerberosIV/lib/krb/tkt_string.c
@@ -21,7 +21,7 @@ or implied warranty.
 
 #include "krb_locl.h"
 
-RCSID("$Id: tkt_string.c,v 1.14 1998/06/09 19:25:28 joda Exp $");
+RCSID("$Id: tkt_string.c,v 1.15 1999/09/16 20:41:55 assar Exp $");
 
 /*
  * This routine is used to generate the name of the file that holds
@@ -46,7 +46,7 @@ tkt_string(void)
 
     if (!*krb_ticket_string) {
         if ((env = getenv("KRBTKFILE"))) {
-	    strcpy_truncate (krb_ticket_string,
+	    strlcpy (krb_ticket_string,
 			     env,
 			     sizeof(krb_ticket_string));
 	} else {
@@ -71,5 +71,5 @@ tkt_string(void)
 void
 krb_set_tkt_string(const char *val)
 {
-    strcpy_truncate (krb_ticket_string, val, sizeof(krb_ticket_string));
+    strlcpy (krb_ticket_string, val, sizeof(krb_ticket_string));
 }
diff --git a/crypto/kerberosIV/lib/krb/unparse_name.c b/crypto/kerberosIV/lib/krb/unparse_name.c
index 9d39f1d..36f0a71 100644
--- a/crypto/kerberosIV/lib/krb/unparse_name.c
+++ b/crypto/kerberosIV/lib/krb/unparse_name.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: unparse_name.c,v 1.8 1998/06/09 19:25:28 joda Exp $");
+RCSID("$Id: unparse_name.c,v 1.10 1999/12/02 16:58:44 joda Exp $");
 
 static void
 quote_string(char *quote, char *from, char *to)
@@ -76,11 +71,11 @@ krb_unparse_name_long_r(char *name, char *instance, char *realm,
     krb_principal pr;
 
     memset(&pr, 0, sizeof(pr));
-    strcpy_truncate(pr.name, name, sizeof(pr.name));
+    strlcpy(pr.name, name, sizeof(pr.name));
     if(instance)
-	strcpy_truncate(pr.instance, instance, sizeof(pr.instance));
+	strlcpy(pr.instance, instance, sizeof(pr.instance));
     if(realm)
-	strcpy_truncate(pr.realm, realm, sizeof(pr.realm));
+	strlcpy(pr.realm, realm, sizeof(pr.realm));
     return krb_unparse_name_r(&pr, fullname);
 }
 
@@ -98,10 +93,10 @@ krb_unparse_name_long(char *name, char *instance, char *realm)
     krb_principal pr;
 
     memset(&pr, 0, sizeof(pr));
-    strcpy_truncate(pr.name, name, sizeof(pr.name));
+    strlcpy(pr.name, name, sizeof(pr.name));
     if(instance)
-	strcpy_truncate(pr.instance, instance, sizeof(pr.instance));
+	strlcpy(pr.instance, instance, sizeof(pr.instance));
     if(realm)
-	strcpy_truncate(pr.realm, realm, sizeof(pr.realm));
+	strlcpy(pr.realm, realm, sizeof(pr.realm));
     return krb_unparse_name(&pr);
 }
diff --git a/crypto/kerberosIV/lib/krb/verify_user.c b/crypto/kerberosIV/lib/krb/verify_user.c
index de692dd..36c64d7 100644
--- a/crypto/kerberosIV/lib/krb/verify_user.c
+++ b/crypto/kerberosIV/lib/krb/verify_user.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #include "krb_locl.h"
 
-RCSID("$Id: verify_user.c,v 1.14 1999/03/16 17:31:39 assar Exp $");
+RCSID("$Id: verify_user.c,v 1.17.2.1 1999/12/06 22:57:17 assar Exp $");
 
 /*
  * Verify user (name.instance@realm) with `password'.
@@ -134,7 +129,7 @@ krb_verify_user_srvtab_exact(char *name,
 }
 		
 /*
- *
+ * Try to verify the user and password against all the local realms.
  */
 
 int
@@ -146,45 +141,26 @@ krb_verify_user_srvtab(char *name,
 		       char *linstance,
 		       char *srvtab)
 {
+  int ret;
   int n;
   char rlm[256];
-#define ERICSSON_COMPAT 1
-#ifdef  ERICSSON_COMPAT
-  FILE *f;
-
-  f = fopen ("/etc/krb.localrealms", "r");
-  if (f != NULL) {
-    while (fgets(rlm, sizeof(rlm), f) != NULL) {
-      if (rlm[strlen(rlm) - 1] == '\n')
-	rlm[strlen(rlm) - 1] = '\0';
-
-      if (krb_verify_user_srvtab_exact(name, instance, rlm, password,
-				       secure, linstance, srvtab)
-	  == KSUCCESS) {
-	fclose(f);
-	return KSUCCESS;
-      }
-    }
-    fclose (f);
-    return krb_verify_user_srvtab_exact(name, instance, realm, password,
-					secure, linstance, srvtab);
-  }
-#endif
+
   /* First try to verify against the supplied realm. */
-  if (krb_verify_user_srvtab_exact(name, instance, realm, password,
-				   secure, linstance, srvtab)
-      == KSUCCESS)
+  ret = krb_verify_user_srvtab_exact(name, instance, realm, password,
+				     secure, linstance, srvtab);
+  if (ret == KSUCCESS)
     return KSUCCESS;
 
   /* Verify all local realms, except the supplied realm. */
   for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++)
-    if (strcmp(rlm, realm) != 0)
-      if (krb_verify_user_srvtab_exact(name, instance, rlm, password,
-				       secure, linstance, srvtab)
-	  == KSUCCESS)
+    if (strcmp(rlm, realm) != 0) {
+      ret = krb_verify_user_srvtab_exact(name, instance, rlm, password,
+					 secure, linstance, srvtab);
+      if (ret == KSUCCESS)
 	return KSUCCESS;
+    }
 
-  return KFAILURE;
+  return ret;
 }
 
 /*
@@ -205,5 +181,5 @@ krb_verify_user(char *name,
 				   password,
 				   secure,
 				   linstance,
-				   KEYFILE);
+				   (char *)KEYFILE);
 }
diff --git a/crypto/kerberosIV/lib/roken/ChangeLog b/crypto/kerberosIV/lib/roken/ChangeLog
index 6c51e17..116fdbd 100644
--- a/crypto/kerberosIV/lib/roken/ChangeLog
+++ b/crypto/kerberosIV/lib/roken/ChangeLog
@@ -1,3 +1,244 @@
+1999-11-25  Assar Westerlund  <assar@sics.se>
+
+	* getopt.c (getopt): return -1 instead of EOF.  From
+	<art@stacken.kth.se>
+
+1999-11-13  Assar Westerlund  <assar@sics.se>
+
+	* strftime.c (strftime): handle `%z' and `%Z' in a tm_gmtoff-less
+	world
+
+	* getcap.c: make sure to use db only if we have both the library
+	and the header file
+	
+1999-11-12  Assar Westerlund  <assar@sics.se>
+
+	* getarg.h: add arg_counter
+	* getarg.c: add a new type of argument: `arg_counter' re-organize
+	the code somewhat
+	
+	* Makefile.am: add strptime and strpftime-test
+	
+	* snprintf.c (xyzprintf): try to do the right thing with an % at
+	the end of the format string
+	
+	* strptime.c (strptime): implement '%U', '%V', '%W'
+	* strftime.c (strftime): implement '%U', '%V', '%W', '%z'
+	
+	* strftime.c (strftime): correct %E and %O handling.  do something
+ 	reasonable with "...%"
+
+	* strftime.c: replace the BSD implementation by one of our own
+	coding
+
+	* strptime.c : new file
+	* strpftime-test.c: new file
+
+1999-11-07  Assar Westerlund  <assar@sics.se>
+
+	* parse_bytes-test.c: new file
+
+	* Makefile.am: add parse_bytes-test
+
+	* parse_units.c (parse_something): try to handle the case of no
+ 	value specified a little bit better
+
+1999-11-04  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump version to 3:2:0
+
+1999-10-30  Assar Westerlund  <assar@sics.se>
+
+	* snprintf.c (PARSE_INT_FORMAT): add redundant casts to work
+ 	around a gcc-bug that manifests itself on Linux-PPC.  From Tom
+ 	Rini <trini@kernel.crashing.org>
+
+1999-10-28  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: bump version to 3:1:0
+
+	* roken.h.in: use `unsigned char' instead of `u_int8_t' to avoid
+ 	having to have that definition.  this is the easy way out instead
+ 	of getting the definition here where it's needed.  flame me.
+
+Fri Oct 22 15:39:31 1999  Bjoern Groenvall  <bg@sics.se>
+
+	* k_getpwuid.c (k_getpwuid): getspuid() does not exist (even
+ 	though it should), use getspnam().
+
+1999-10-20  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: set version to 3:0:0
+
+1999-10-18  Johan Danielsson  <joda@pdc.kth.se>
+
+	* getarg.3: document arg_collect
+
+	* getarg.c: change the way arg_collect works; it's still quite
+	horrible though
+
+	* getarg.h: change type of the collect function
+
+1999-10-17  Assar Westerlund  <assar@sics.se>
+
+	* xdbm.h: undo last commit
+
+	* xdbm.h: reorder db includes
+
+1999-10-10  Assar Westerlund  <assar@sics.se>
+
+	* socket.c: const-ize and comment
+
+	* net_write.c: const-ize
+
+	* base64.c: const-ize
+
+1999-10-06  Assar Westerlund  <assar@sics.se>
+
+	* getarg.c (getarg): also set optind when returning error
+
+1999-09-26  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: add parse_bytes.[ch]
+
+1999-09-24  Johan Danielsson  <joda@pdc.kth.se>
+
+	* getarg.3: getarg manpage
+
+	* getarg.{c,h}: add a callback type to do more complicated processing
+
+	* getarg.{c,h}: add floating point support
+
+1999-09-16  Assar Westerlund  <assar@sics.se>
+
+	* strlcat.c (strlcat): call strlcpy
+
+	* strlcpy.c: update name and prototype
+
+	* strlcat.c: update name and prototype
+
+	* roken.h.in: rename strc{py,at}_truncate to strlc{py,at}
+
+	* Makefile.am: rename strc{py,at}_truncate -> strlc{py,at}
+
+	* Makefile.in: rename strc{py,at}_truncate -> strlc{py,at}
+
+ 	* strcpy_truncate.c (strcpy_truncate): change return value to be
+ 	the length of `src'
+
+1999-08-16  Assar Westerlund  <assar@sics.se>
+
+	* getcap.c: try to make this work on systems with DB
+
+1999-08-16  Johan Danielsson  <joda@pdc.kth.se>
+
+	* getcap.c: protect from db-less systems
+
+1999-08-09  Johan Danielsson  <joda@pdc.kth.se>
+
+	* simple_exec.c: add simple_exec{ve,le}
+
+	* getcap.c: getcap from NetBSD
+
+1999-08-06  Assar Westerlund  <assar@sics.se>
+
+	* roken.h.in (sockaddr_storage): cater for those that have
+ 	v6-support also
+
+1999-08-05  Assar Westerlund  <assar@sics.se>
+
+	* inet_ntop.c (inet_ntop_v4): remember to call ntohl
+
+1999-08-04  Assar Westerlund  <assar@sics.se>
+
+	* roken-common.h: add shutdown constants
+
+	* mini_inetd.c (listen_v4, listen_v6): handle the case of the
+ 	protocol not being supported
+
+1999-08-01  Assar Westerlund  <assar@sics.se>
+
+	* mini_inetd.c (socket_set_reuseaddr): remove duplicate
+
+1999-07-29  Assar Westerlund  <assar@sics.se>
+
+	* mini_inetd.c (mini_inetd): fix my stupid bugs
+
+1999-07-28  Assar Westerlund  <assar@sics.se>
+
+	* roken-common.h: add socket* functions
+
+	* Makefile.am (libroken_la_SOURCES): add socket.c
+
+	* socket.c: new file, originally from appl/ftp/common
+
+	* Makefile.am: set version to 2:0:2
+
+	* roken.h.in (inet_pton): add prototype
+
+	* Makefile.am (EXTRA_libroken_la_SOURCES): add inet_pton
+
+	* inet_pton.c: new file
+
+	* getipnodebyname.c (getipnodebyname): try gethostbyname2 if we
+ 	have it
+
+1999-07-27  Assar Westerlund  <assar@sics.se>
+
+	* mini_inetd.c: support IPv6
+
+1999-07-26  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am: set version to 1:0:1
+
+	* roken.h.in (inet_ntop): add prototype
+
+ 	* roken-common.h: (INET{,6}_ADDRSTRLEN): add
+
+	* inet_ntop.c: new file
+
+	* Makefile.am (EXTRA_libroken_la_SOURCES): add inet_ntop.c
+
+	* Makefile.am: move some files from libroken_la_SOURCES to
+ 	EXTRA_libroken_la_SOURCES
+
+	* snprintf.c: some signed vs unsigned casts
+	
+1999-07-24  Assar Westerlund  <assar@sics.se>
+
+	* roken.h.in (struct sockaddr_storage): define it needed
+
+1999-07-19  Assar Westerlund  <assar@sics.se>
+
+	* Makefile.am (libroken_la_SOURCES): add copyhostent.c,
+ 	freehostent.c, getipnodebyname.c, getipnodebyaddr.c
+	
+	* roken.h.in: <netdb.h>: include
+	(copyhostent, freehostent, getipnodebyname, getipnodebyaddr): add
+	prototypes
+
+	* roken-common.h: new constants for getipnodeby*
+
+	* Makefile.in (SOURCES): add freehostent, copyhostent,
+ 	getipnodebyname, getipnodebyaddr
+
+	* freehostent.c: new file
+
+	* copyhostent.c: new file
+
+	* getipnodebyaddr.c: new file
+
+	* getipnodebyname.c: new file
+
+1999-07-13  Assar Westerlund  <assar@sics.se>
+
+	* roken.h.in (k_getpwnam): update prototype
+
+	* k_getpwnam.c (k_getpwnam): const-ize
+
+	* get_default_username.c (get_default_username): a better way of
+ 	guessing when the user has su:ed
+
 1999-07-08  Johan Danielsson  <joda@pdc.kth.se>
 
 	* roken.awk: use puts, as suggested by Jeffrey Hutzelman
diff --git a/crypto/kerberosIV/lib/roken/Makefile.am b/crypto/kerberosIV/lib/roken/Makefile.am
index 7f1e06e..e680230 100644
--- a/crypto/kerberosIV/lib/roken/Makefile.am
+++ b/crypto/kerberosIV/lib/roken/Makefile.am
@@ -1,14 +1,21 @@
-# $Id: Makefile.am,v 1.38 1999/06/15 02:47:26 assar Exp $
+# $Id: Makefile.am,v 1.54 1999/12/03 04:04:13 assar Exp $
 
 include $(top_srcdir)/Makefile.am.common
 
 CLEANFILES = roken.h make-roken.c print_version.h
 
 lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 0:0:0
+libroken_la_LDFLAGS = -version-info 3:2:0
 
 noinst_PROGRAMS = make-roken make-print-version
 
+check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test
+TESTS = $(check_PROGRAMS)
+
+getaddrinfo_test_LDADD = libroken.la
+parse_bytes_test_LDADD = libroken.la
+strpftime_test_LDADD = strftime.o strptime.o
+
 if KRB4
 if KRB5
 ## need to link with des here; otherwise, if krb4 is shared the link
@@ -35,17 +42,16 @@ libroken_la_SOURCES =		\
 	mini_inetd.c		\
 	net_read.c		\
 	net_write.c		\
+	parse_bytes.c		\
 	parse_time.c		\
 	parse_units.c		\
-	parse_units.h		\
 	print_version.c		\
 	resolve.c		\
 	roken_gethostby.c	\
 	signal.c		\
 	simple_exec.c		\
 	snprintf.c		\
-	strcat_truncate.c	\
-	strcpy_truncate.c	\
+	socket.c		\
 	tm2time.c		\
 	verify.c		\
 	warnerr.c		\
@@ -53,6 +59,7 @@ libroken_la_SOURCES =		\
 
 EXTRA_libroken_la_SOURCES =	\
 	chown.c			\
+	copyhostent.c		\
 	daemon.c		\
 	err.c			\
 	err.h			\
@@ -61,11 +68,18 @@ EXTRA_libroken_la_SOURCES =	\
 	flock.c			\
 	fnmatch.c		\
 	fnmatch.h		\
+	freeaddrinfo.c		\
+	freehostent.c		\
+	gai_strerror.c		\
+	getaddrinfo.c		\
 	getdtablesize.c		\
 	getegid.c		\
 	geteuid.c		\
 	getgid.c		\
 	gethostname.c		\
+	getipnodebyaddr.c	\
+	getipnodebyname.c	\
+	getnameinfo.c		\
 	getopt.c		\
 	gettimeofday.c		\
 	getuid.c		\
@@ -73,6 +87,8 @@ EXTRA_libroken_la_SOURCES =	\
 	glob.h			\
 	hstrerror.c		\
 	inet_aton.c		\
+	inet_ntop.c		\
+	inet_pton.c		\
 	initgroups.c		\
 	innetgr.c		\
 	iruserok.c		\
@@ -91,10 +107,13 @@ EXTRA_libroken_la_SOURCES =	\
 	strdup.c		\
 	strerror.c		\
 	strftime.c		\
+	strlcat.c		\
+	strlcpy.c		\
 	strlwr.c		\
 	strncasecmp.c		\
 	strndup.c		\
 	strnlen.c		\
+	strptime.c		\
 	strsep.c		\
 	strtok_r.c		\
 	strupr.c		\
@@ -118,7 +137,8 @@ libroken_la_LIBADD = @LTLIBOBJS@
 
 $(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h
 
-include_HEADERS = $(err_h) base64.h getarg.h parse_time.h parse_units.h \
+include_HEADERS = $(err_h) base64.h getarg.h \
+	parse_bytes.h parse_time.h parse_units.h \
 	resolve.h roken.h roken-common.h
 
 build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h
diff --git a/crypto/kerberosIV/lib/roken/Makefile.in b/crypto/kerberosIV/lib/roken/Makefile.in
index 1226913..70563e4 100644
--- a/crypto/kerberosIV/lib/roken/Makefile.in
+++ b/crypto/kerberosIV/lib/roken/Makefile.in
@@ -1,5 +1,5 @@
 #
-# $Id: Makefile.in,v 1.69 1999/06/15 03:14:11 assar Exp $
+# $Id: Makefile.in,v 1.73 1999/11/30 19:22:59 bg Exp $
 #
 
 SHELL = /bin/sh
@@ -39,6 +39,7 @@ SOURCES = \
 	base64.c \
 	chown.c \
 	concat.c \
+	copyhostent.c \
 	daemon.c \
 	emalloc.c \
 	erealloc.c \
@@ -50,18 +51,22 @@ SOURCES = \
 	fchown.c \
 	flock.c \
 	fnmatch.c \
+	freehostent.c \
 	get_window_size.c \
 	getarg.c \
 	getcwd.c \
 	get_default_username.c \
 	getdtablesize.c \
 	gethostname.c \
+	getipnodebyaddr.c \
+	getipnodebyname.c \
 	getopt.c \
 	getusershell.c \
 	glob.c \
 	hstrerror.c \
 	inaddr2str.c \
 	inet_aton.c \
+	inet_ntop.c \
 	initgroups.c \
 	iruserok.c \
 	issuid.c \
@@ -87,12 +92,13 @@ SOURCES = \
 	signal.c \
 	simple_exec.c \
 	snprintf.c \
+	socket.c \
 	strcasecmp.c \
-	strcat_truncate.c \
-	strcpy_truncate.c \
 	strdup.c \
 	strerror.c \
 	strftime.c \
+	strlcat.c \
+	strlcpy.c \
 	strlwr.c \
 	strncasecmp.c \
 	strndup.c \
@@ -138,11 +144,10 @@ OBJECTS = \
 	print_version.o \
 	resolve.o \
 	roken_gethostby.o \
-	strcat_truncate.o \
-	strcpy_truncate.o \
 	signal.o \
 	simple_exec.o \
 	snprintf.o \
+	socket.o \
 	tm2time.o \
 	verify.o \
 	warnerr.o \
diff --git a/crypto/kerberosIV/lib/roken/base64.c b/crypto/kerberosIV/lib/roken/base64.c
index cbc5859..daed869 100644
--- a/crypto/kerberosIV/lib/roken/base64.c
+++ b/crypto/kerberosIV/lib/roken/base64.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: base64.c,v 1.2 1997/12/05 02:37:15 assar Exp $");
+RCSID("$Id: base64.c,v 1.4 1999/12/02 16:58:45 joda Exp $");
 #endif
 #include <stdlib.h>
 #include <string.h>
@@ -60,12 +55,12 @@ int base64_encode(const void *data, int size, char **str)
   char *s, *p;
   int i;
   int c;
-  unsigned char *q;
+  const unsigned char *q;
 
   p = s = (char*)malloc(size*4/3+4);
   if (p == NULL)
       return -1;
-  q = (unsigned char*)data;
+  q = (const unsigned char*)data;
   i=0;
   for(i = 0; i < size;){
     c=q[i++];
diff --git a/crypto/kerberosIV/lib/roken/base64.h b/crypto/kerberosIV/lib/roken/base64.h
index 59104ff..5ad1e3b 100644
--- a/crypto/kerberosIV/lib/roken/base64.h
+++ b/crypto/kerberosIV/lib/roken/base64.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: base64.h,v 1.1 1997/08/27 22:41:48 joda Exp $ */
+/* $Id: base64.h,v 1.2 1999/12/02 16:58:45 joda Exp $ */
 
 #ifndef _BASE64_H_
 #define _BASE64_H_
diff --git a/crypto/kerberosIV/lib/roken/chown.c b/crypto/kerberosIV/lib/roken/chown.c
index 28550d9..f3d34e3 100644
--- a/crypto/kerberosIV/lib/roken/chown.c
+++ b/crypto/kerberosIV/lib/roken/chown.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: chown.c,v 1.2 1997/04/01 08:18:58 joda Exp $");
+RCSID("$Id: chown.c,v 1.3 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/concat.c b/crypto/kerberosIV/lib/roken/concat.c
index d4177ea..ca295c0 100644
--- a/crypto/kerberosIV/lib/roken/concat.c
+++ b/crypto/kerberosIV/lib/roken/concat.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: concat.c,v 1.3 1998/06/09 19:25:35 joda Exp $");
+RCSID("$Id: concat.c,v 1.4 1999/12/02 16:58:45 joda Exp $");
 #endif
 #include "roken.h"
 
diff --git a/crypto/kerberosIV/lib/roken/copyhostent.c b/crypto/kerberosIV/lib/roken/copyhostent.c
new file mode 100644
index 0000000..a3be6db
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/copyhostent.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: copyhostent.c,v 1.2 1999/12/02 16:58:45 joda Exp $");
+#endif
+
+#include "roken.h"
+
+/*
+ * return a malloced copy of `h'
+ */
+
+struct hostent *
+copyhostent (const struct hostent *h)
+{
+    struct hostent *res;
+    char **p;
+    int i, n;
+
+    res = malloc (sizeof (*res));
+    if (res == NULL)
+	return NULL;
+    res->h_name      = NULL;
+    res->h_aliases   = NULL;
+    res->h_addrtype  = h->h_addrtype;
+    res->h_length    = h->h_length;
+    res->h_addr_list = NULL;
+    res->h_name = strdup (h->h_name);
+    if (res->h_name == NULL) {
+	freehostent (res);
+	return NULL;
+    }
+    for (n = 0, p = h->h_aliases; *p != NULL; ++p)
+	++n;
+    res->h_aliases = malloc ((n + 1) * sizeof(*res->h_aliases));
+    if (res->h_aliases == NULL) {
+	freehostent (res);
+	return NULL;
+    }
+    for (i = 0; i < n + 1; ++i)
+	res->h_aliases[i] = NULL;
+    for (i = 0; i < n; ++i) {
+	res->h_aliases[i] = strdup (h->h_aliases[i]);
+	if (res->h_aliases[i] == NULL) {
+	    freehostent (res);
+	    return NULL;
+	}
+    }
+
+    for (n = 0, p = h->h_addr_list; *p != NULL; ++p)
+	++n;
+    res->h_addr_list = malloc ((n + 1) * sizeof(*res->h_addr_list));
+    if (res->h_addr_list == NULL) {
+	freehostent (res);
+	return NULL;
+    }
+    for (i = 0; i < n + 1; ++i) {
+	res->h_addr_list[i] = NULL;
+    }
+    for (i = 0; i < n; ++i) {
+	res->h_addr_list[i] = malloc (h->h_length);
+	if (res->h_addr_list[i] == NULL) {
+	    freehostent (res);
+	    return NULL;
+	}
+	memcpy (res->h_addr_list[i], h->h_addr_list[i], h->h_length);
+    }
+    return res;
+}
+
diff --git a/crypto/kerberosIV/lib/roken/emalloc.c b/crypto/kerberosIV/lib/roken/emalloc.c
index a5740a9..bbea1e0 100644
--- a/crypto/kerberosIV/lib/roken/emalloc.c
+++ b/crypto/kerberosIV/lib/roken/emalloc.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: emalloc.c,v 1.3 1999/03/11 14:02:20 joda Exp $");
+RCSID("$Id: emalloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/eread.c b/crypto/kerberosIV/lib/roken/eread.c
index 3ea4022..9a1b24b 100644
--- a/crypto/kerberosIV/lib/roken/eread.c
+++ b/crypto/kerberosIV/lib/roken/eread.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: eread.c,v 1.1 1999/03/19 20:30:20 assar Exp $");
+RCSID("$Id: eread.c,v 1.2 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include <unistd.h>
diff --git a/crypto/kerberosIV/lib/roken/erealloc.c b/crypto/kerberosIV/lib/roken/erealloc.c
index 2b0b6bb..8afa8f3 100644
--- a/crypto/kerberosIV/lib/roken/erealloc.c
+++ b/crypto/kerberosIV/lib/roken/erealloc.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: erealloc.c,v 1.3 1999/03/11 14:02:28 joda Exp $");
+RCSID("$Id: erealloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/err.c b/crypto/kerberosIV/lib/roken/err.c
index 029faa9..29b1f7b 100644
--- a/crypto/kerberosIV/lib/roken/err.c
+++ b/crypto/kerberosIV/lib/roken/err.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: err.c,v 1.5 1997/03/30 08:05:37 joda Exp $");
+RCSID("$Id: err.c,v 1.6 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/err.h b/crypto/kerberosIV/lib/roken/err.h
index a134949..b0b649f 100644
--- a/crypto/kerberosIV/lib/roken/err.h
+++ b/crypto/kerberosIV/lib/roken/err.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: err.h,v 1.14 1997/11/12 00:08:57 joda Exp $ */
+/* $Id: err.h,v 1.15 1999/12/02 16:58:45 joda Exp $ */
 
 #ifndef __ERR_H__
 #define __ERR_H__
diff --git a/crypto/kerberosIV/lib/roken/errx.c b/crypto/kerberosIV/lib/roken/errx.c
index 18969d5..2f8ec18 100644
--- a/crypto/kerberosIV/lib/roken/errx.c
+++ b/crypto/kerberosIV/lib/roken/errx.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: errx.c,v 1.5 1997/03/30 08:05:38 joda Exp $");
+RCSID("$Id: errx.c,v 1.6 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/estrdup.c b/crypto/kerberosIV/lib/roken/estrdup.c
index 7f3bae3..8c0d9a7 100644
--- a/crypto/kerberosIV/lib/roken/estrdup.c
+++ b/crypto/kerberosIV/lib/roken/estrdup.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: estrdup.c,v 1.1 1999/02/13 05:13:06 assar Exp $");
+RCSID("$Id: estrdup.c,v 1.2 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/ewrite.c b/crypto/kerberosIV/lib/roken/ewrite.c
index d1ffba4..b2c43de 100644
--- a/crypto/kerberosIV/lib/roken/ewrite.c
+++ b/crypto/kerberosIV/lib/roken/ewrite.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: ewrite.c,v 1.1 1999/03/19 20:30:21 assar Exp $");
+RCSID("$Id: ewrite.c,v 1.2 1999/12/02 16:58:45 joda Exp $");
 #endif
 
 #include <unistd.h>
diff --git a/crypto/kerberosIV/lib/roken/fchown.c b/crypto/kerberosIV/lib/roken/fchown.c
index 2a94e3a..61e8546 100644
--- a/crypto/kerberosIV/lib/roken/fchown.c
+++ b/crypto/kerberosIV/lib/roken/fchown.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: fchown.c,v 1.2 1997/04/01 08:18:58 joda Exp $");
+RCSID("$Id: fchown.c,v 1.3 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/flock.c b/crypto/kerberosIV/lib/roken/flock.c
index b8fbfc3..13da4f4 100644
--- a/crypto/kerberosIV/lib/roken/flock.c
+++ b/crypto/kerberosIV/lib/roken/flock.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -41,7 +36,7 @@
 #endif
 
 #ifndef HAVE_FLOCK
-RCSID("$Id: flock.c,v 1.3 1997/12/11 15:02:20 bg Exp $");
+RCSID("$Id: flock.c,v 1.4 1999/12/02 16:58:46 joda Exp $");
 
 #include "roken.h"
 
diff --git a/crypto/kerberosIV/lib/roken/freehostent.c b/crypto/kerberosIV/lib/roken/freehostent.c
new file mode 100644
index 0000000..0cd92cd
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/freehostent.c
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: freehostent.c,v 1.2 1999/12/02 16:58:46 joda Exp $");
+#endif
+
+#include "roken.h"
+
+/*
+ * free a malloced hostent
+ */
+
+void
+freehostent (struct hostent *h)
+{
+    char **p;
+
+    free (h->h_name);
+    if (h->h_aliases != NULL) {
+	for (p = h->h_aliases; *p != NULL; ++p)
+	    free (*p);
+	free (h->h_aliases);
+    }
+    if (h->h_addr_list != NULL) {
+	for (p = h->h_addr_list; *p != NULL; ++p)
+	    free (*p);
+	free (h->h_addr_list);
+    }
+    free (h);
+}
diff --git a/crypto/kerberosIV/lib/roken/get_default_username.c b/crypto/kerberosIV/lib/roken/get_default_username.c
index 209bcf0..10b0863 100644
--- a/crypto/kerberosIV/lib/roken/get_default_username.c
+++ b/crypto/kerberosIV/lib/roken/get_default_username.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: get_default_username.c,v 1.1.2.1 1999/07/22 03:19:27 assar Exp $");
+RCSID("$Id: get_default_username.c,v 1.3 1999/12/02 16:58:46 joda Exp $");
 #endif /* HAVE_CONFIG_H */
 
 #include "roken.h"
@@ -72,7 +67,7 @@ get_default_username (void)
 	struct passwd *pwd;
 
 	if (user != NULL) {
-	    pwd = k_getpwnam ((char *)user);
+	    pwd = k_getpwnam (user);
 	    if (pwd != NULL && pwd->pw_uid == uid)
 		return user;
 	}
diff --git a/crypto/kerberosIV/lib/roken/get_window_size.c b/crypto/kerberosIV/lib/roken/get_window_size.c
index 4ac3e53..4eff8d2 100644
--- a/crypto/kerberosIV/lib/roken/get_window_size.c
+++ b/crypto/kerberosIV/lib/roken/get_window_size.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: get_window_size.c,v 1.8 1998/07/31 09:40:21 bg Exp $");
+RCSID("$Id: get_window_size.c,v 1.9 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/getarg.3 b/crypto/kerberosIV/lib/roken/getarg.3
new file mode 100644
index 0000000..78a8802
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/getarg.3
@@ -0,0 +1,317 @@
+.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
+.\" $Id: getarg.3,v 1.2 1999/10/18 17:14:31 joda Exp $
+.Dd September 24, 1999
+.Dt GETARG 3
+.Os ROKEN
+.Sh NAME
+.Nm getarg , 
+.Nm arg_printusage
+.Nd collect command line options
+.Sh SYNOPSIS
+.Fd #include <getarg.h>
+
+.Ft int
+.Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind"
+
+.Ft void
+.Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string"
+
+.Sh DESCRIPTION
+.Fn getarg
+collects any command line options given to a program in an easily used way. 
+.Fn arg_printusage 
+pretty-prints the available options, with a short help text.
+.Pp
+.Fa args
+is the option specification to use, and it's an array of 
+.Fa struct getargs
+elements.
+.Fa num_args
+is the size of
+.Fa args
+(in elements).
+.Fa argc
+and
+.Fa argv
+are the argument count and argument vector to extract option from.
+.Fa optind
+is a pointer to an integer where the index to the last processed
+argument is stored, it must be initialised to the first index (minus
+one) to process (normally 0) before the first call.
+.Pp
+.Fa arg_printusage
+take the same
+.Fa args
+and
+.Fa num_args
+as getarg;
+.Fa progname is the name of the program (to be used in the help text), and 
+.Fa extra_string
+is a string to print after the actual options to indicate more
+arguments. The usefulness of this function is realised only be people
+who has used programs that has help strings that doesn't match what
+the code does.
+.Pp
+The
+.Fa getargs
+struct has the following elements.
+
+.Bd -literal
+struct getargs{
+    const char *long_name;
+    char short_name;
+    enum { arg_integer, 
+	   arg_string, 
+	   arg_flag, 
+	   arg_negative_flag, 
+	   arg_strings,
+	   arg_double,
+           arg_collect
+    } type;
+    void *value;
+    const char *help;
+    const char *arg_help;
+};
+.Ed
+.Pp
+.Fa long_name
+is the long name of the option, it can be 
+.Dv NULL ,
+if you don't want a long name.
+.Fa short_name 
+is the characted to use as short option, it can be zero. If the option
+has a value the
+.Fa value
+field gets filled in with that value interpreted as specified by the 
+.Fa type
+field.
+.Fa help
+is a longer help string for the option as a whole, if it's
+.Dv NULL
+the help text for the option is omitted (but it's still displayed in
+the synopsis).
+.Fa arg_help
+is a description of the argument, if
+.Dv NULL
+a default value will be used, depending on the type of the option:
+.Pp
+.Bl -hang -width arg_negative_flag
+.It arg_integer
+the argument is a signed integer, and
+.Fa value
+should point to an
+.Fa int .
+.It Fa arg_string
+the argument is a string, and
+.Fa value
+should point to a
+.Fa char* .
+.It Fa arg_flag
+the argument is a flag, and
+.Fa value
+should point to a
+.Fa int . 
+It gets filled in with either zero or one, depending on how the option
+is given, the normal case beeing one. Note that if the option isn't
+given, the value isn't altered, so it should be initialised to some
+useful default.
+.It Fa arg_negative_flag
+this is the same as 
+.Fa arg_flag
+but it reverses the meaning of the flag (a given short option clears
+the flag), and the synopsis of a long option is negated.
+.It Fa arg_strings
+the argument can be given multiple times, and the values are collected
+in an array;
+.Fa value
+should be a pointer to a 
+.Fa struct getarg_strings
+structure, which holds a length and a string pointer.
+.It Fa arg_double
+argument is a double precision floating point value, and
+.Fa value
+should point to a
+.Fa double .
+.It Fa arg_collect
+allows more fine-grained control of the option parsing process.
+.Fa value
+should be a pointer to a 
+.Fa getarg_collect_info
+structure:
+.Bd -literal
+typedef int (*getarg_collect_func)(int short_opt,
+				   int argc,
+				   char **argv,
+				   int *optind,
+				   int *optarg,
+				   void *data);
+
+typedef struct getarg_collect_info {
+    getarg_collect_func func;
+    void *data;
+} getarg_collect_info;
+.Ed
+.Pp
+With the
+.Fa func
+member set to a function to call, and 
+.Fa data
+to some application specific data. The parameters to the collect function are:
+.Bl -inset
+.It Fa short_flag
+non-zero if this call is via a short option flag, zero otherwise
+.It Fa argc , argv
+the whole argument list
+.It Fa optind
+pointer to the index in argv where the flag is
+.It Fa optarg
+pointer to the index in argv[*optind] where the flag name starts
+.It Fa data
+application specific data
+.El
+.Pp
+You can modify
+.Fa *optind ,
+and 
+.Fa *optarg ,
+but to do this correct you (more or less) have to know about the inner
+workings of getarg.
+ 
+You can skip parts of arguments by increasing
+.Fa *optarg
+(you could
+implement the 
+.Fl z Ns Ar 3
+set of flags from
+.Nm gzip
+with this), or whole argument strings by increasing
+.Fa *optind
+(let's say you want a flag 
+.Fl c Ar x y z
+to specify a coordinate); if you also have to set
+.Fa *optarg
+to a sane value.
+.Pp
+The collect function should return one of 
+.Dv ARG_ERR_NO_MATCH , ARG_ERR_BAD_ARG , ARG_ERR_NO_ARG
+on error, zero otherwise.
+.Pp
+For your convenience there is a function,
+.Fn getarg_optarg ,
+that returns the traditional argument string, and you pass it all
+arguments, sans data, that where given to the collection function.
+.Pp
+Don't use this more this unless you absolutely have to.
+.El
+.Pp
+Option parsing is similar to what 
+.Xr getopt
+uses. Short options without arguments can be compressed
+.Pf ( Fl xyz
+is the same as
+.Fl x y z ) ,
+and short
+options with arguments take these as either the rest of the
+argv-string or as the next option
+.Pf ( Fl o Ns Ar foo ,
+or
+.Fl o Ar foo ) .
+.Pp
+Long option names are prefixed with -- (double dash), and the value
+with a = (equal),
+.Fl -foo= Ns Ar bar .
+Long option flags can either be specified as they are 
+.Pf ( Fl -help ) ,
+or with an (boolean parsable) option
+.Pf ( Fl -help= Ns Ar yes ,
+.Fl -help= Ns Ar true ,
+or similar), or they can also be negated 
+.Pf ( Fl -no-help
+is the same as 
+.Fl -help= Ns no ) ,
+and if you're really confused you can do it multiple times
+.Pf ( Fl -no-no-help= Ns Ar false ,
+or even 
+.Fl -no-no-help= Ns Ar maybe ) .
+
+.Pp
+.Sh EXAMPLE
+.Bd -literal
+#include <stdio.h>
+#include <string.h>
+#include <getarg.h>
+
+char *source = "Ouagadougou";
+char *destination;
+int weight;
+int include_catalog = 1;
+int help_flag;
+
+struct getargs args[] = {
+    { "source",      's', arg_string,  &source, 
+      "source of shippment", "city" },
+    { "destination", 'd', arg_string,  &destination, 
+      "destination of shippment", "city" },
+    { "weight",      'w', arg_integer, &weight, 
+      "weight of shippment", "tons" },
+    { "catalog",     'c', arg_negative_flag, &include_catalog, 
+      "include product catalog" },
+    { "help",        'h', arg_flag, &help_flag }
+};
+
+int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */
+
+const char *progname = "ship++";
+
+int
+main(int argc, char **argv)
+{
+    int optind = 0;
+    if (getarg(args, num_args, argc, argv, &optind)) {
+	arg_printusage(args, num_args, progname, "stuff...");
+	exit (1);
+    }
+    if (help_flag) {
+	arg_printusage(args, num_args, progname, "stuff...");
+	exit (0);
+    }
+    if (destination == NULL) {
+	fprintf(stderr, "%s: must specify destination\n", progname);
+	exit(1);
+    }
+    if (strcmp(source, destination) == 0) {
+	fprintf(stderr, "%s: destination must be different from source\n");
+	exit(1);
+    }
+    /* include more stuff here ... */
+    exit(2);
+}
+.Ed
+.Pp
+The output help output from this program looks like this:
+.Bd -literal
+$ ship++ --help                                            
+Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city]
+   [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff...
+-s city, --source=city      source of shippment
+-d city, --destination=city destination of shippment
+-w tons, --weight=tons      weight of shippment
+-c, --no-catalog            include product catalog
+.Ed
+
+.Sh BUGS
+It should be more flexible, so it would be possible to use other more
+complicated option syntaxes, such as what
+.Xr ps 1 ,
+and 
+.Xr tar 1 ,
+uses, or the AFS model where you can skip the flag names as long as
+the options come in the correct order.
+.Pp
+Options with multiple arguments should be handled better.
+.Pp
+Should be integreated with SL.
+.Pp
+It's very confusing that the struct you pass in is called getargS.
+.Sh SEE ALSO
+.Xr getopt 3
diff --git a/crypto/kerberosIV/lib/roken/getarg.c b/crypto/kerberosIV/lib/roken/getarg.c
index 7de5b55..505e418 100644
--- a/crypto/kerberosIV/lib/roken/getarg.c
+++ b/crypto/kerberosIV/lib/roken/getarg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getarg.c,v 1.25 1998/11/22 09:45:05 assar Exp $");
+RCSID("$Id: getarg.c,v 1.32 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #include <stdio.h>
@@ -54,29 +49,31 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg)
 
     *string = '\0';
 
-    if (ISFLAG(*arg))
+    if (ISFLAG(*arg) || (!longp && arg->type == arg_counter))
 	return 0;
 
     if(mdoc){
 	if(longp)
-	    strcat_truncate(string, "= Ns", len);
-	strcat_truncate(string, " Ar ", len);
+	    strlcat(string, "= Ns", len);
+	strlcat(string, " Ar ", len);
     }else
 	if (longp)
-	    strcat_truncate (string, "=", len);
+	    strlcat (string, "=", len);
 	else
-	    strcat_truncate (string, " ", len);
+	    strlcat (string, " ", len);
 
     if (arg->arg_help)
 	s = arg->arg_help;
-    else if (arg->type == arg_integer)
-	s = "number";
+    else if (arg->type == arg_integer || arg->type == arg_counter)
+	s = "integer";
     else if (arg->type == arg_string)
 	s = "string";
+    else if (arg->type == arg_double)
+	s = "float";
     else
 	s = "<undefined>";
 
-    strcat_truncate(string, s, len);
+    strlcat(string, s, len);
     return 1 + strlen(s);
 }
 
@@ -102,7 +99,7 @@ mandoc_template(struct getargs *args,
     printf(".Dd %s\n", timestr);
     p = strrchr(progname, '/');
     if(p) p++; else p = progname;
-    strcpy_truncate(cmd, p, sizeof(cmd));
+    strlcpy(cmd, p, sizeof(cmd));
     strupr(cmd);
        
     printf(".Dt %s SECTION\n", cmd);
@@ -222,19 +219,19 @@ arg_printusage (struct getargs *args,
 
 	if (args[i].long_name) {
 	    buf[0] = '\0';
-	    strcat_truncate(buf, "[--", sizeof(buf));
+	    strlcat(buf, "[--", sizeof(buf));
 	    len += 2;
 	    if(args[i].type == arg_negative_flag) {
-		strcat_truncate(buf, "no-", sizeof(buf));
+		strlcat(buf, "no-", sizeof(buf));
 		len += 3;
 	    }
-	    strcat_truncate(buf, args[i].long_name, sizeof(buf));
+	    strlcat(buf, args[i].long_name, sizeof(buf));
 	    len += strlen(args[i].long_name);
 	    len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), 
 			     0, 1, &args[i]);
-	    strcat_truncate(buf, "]", sizeof(buf));
+	    strlcat(buf, "]", sizeof(buf));
 	    if(args[i].type == arg_strings)
-		strcat_truncate(buf, "...", sizeof(buf));
+		strlcat(buf, "...", sizeof(buf));
 	    col = check_column(stderr, col, strlen(buf) + 1, columns);
 	    col += fprintf(stderr, " %s", buf);
 	}
@@ -243,9 +240,9 @@ arg_printusage (struct getargs *args,
 	    len += 2;
 	    len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), 
 			     0, 0, &args[i]);
-	    strcat_truncate(buf, "]", sizeof(buf));
+	    strlcat(buf, "]", sizeof(buf));
 	    if(args[i].type == arg_strings)
-		strcat_truncate(buf, "...", sizeof(buf));
+		strlcat(buf, "...", sizeof(buf));
 	    col = check_column(stderr, col, strlen(buf) + 1, columns);
 	    col += fprintf(stderr, " %s", buf);
 	}
@@ -294,7 +291,7 @@ add_string(getarg_strings *s, char *value)
 
 static int
 arg_match_long(struct getargs *args, size_t num_args,
-	       char *argv)
+	       char *argv, int argc, char **rargv, int *optind)
 {
     int i;
     char *optarg = NULL;
@@ -345,7 +342,10 @@ arg_match_long(struct getargs *args, size_t num_args,
 	    return ARG_ERR_NO_MATCH;
     }
     
-    if(*optarg == '\0' && !ISFLAG(*current))
+    if(*optarg == '\0'
+       && !ISFLAG(*current)
+       && current->type != arg_collect
+       && current->type != arg_counter)
 	return ARG_ERR_NO_MATCH;
     switch(current->type){
     case arg_integer:
@@ -383,16 +383,115 @@ arg_match_long(struct getargs *args, size_t num_args,
 	}
 	return ARG_ERR_BAD_ARG;
     }
+    case arg_counter :
+    {
+	int val;
+
+	if (*optarg == '\0')
+	    val = 1;
+	else {
+	    char *endstr;
+
+	    val = strtol (optarg, &endstr, 0);
+	    if (endstr == optarg)
+		return ARG_ERR_BAD_ARG;
+	}
+	*(int *)current->value += val;
+	return 0;
+    }
+    case arg_double:
+    {
+	double tmp;
+	if(sscanf(optarg + 1, "%lf", &tmp) != 1)
+	    return ARG_ERR_BAD_ARG;
+	*(double*)current->value = tmp;
+	return 0;
+    }
+    case arg_collect:{
+	struct getarg_collect_info *c = current->value;
+	int o = argv - rargv[*optind];
+	return (*c->func)(FALSE, argc, rargv, optind, &o, c->data);
+    }
+
     default:
 	abort ();
     }
 }
 
+static int
+arg_match_short (struct getargs *args, size_t num_args,
+		 char *argv, int argc, char **rargv, int *optind)
+{
+    int j, k;
+
+    for(j = 1; j > 0 && j < strlen(rargv[*optind]); j++) {
+	for(k = 0; k < num_args; k++) {
+	    char *optarg;
+
+	    if(args[k].short_name == 0)
+		continue;
+	    if(argv[j] == args[k].short_name) {
+		if(args[k].type == arg_flag) {
+		    *(int*)args[k].value = 1;
+		    break;
+		}
+		if(args[k].type == arg_negative_flag) {
+		    *(int*)args[k].value = 0;
+		    break;
+		} 
+		if(args[k].type == arg_counter) {
+		    ++*(int *)args[k].value;
+		    break;
+		}
+		if(args[k].type == arg_collect) {
+		    struct getarg_collect_info *c = args[k].value;
+
+		    if((*c->func)(TRUE, argc, rargv, optind, &j, c->data))
+			return ARG_ERR_BAD_ARG;
+		    break;
+		}
+
+		if(argv[j + 1])
+		    optarg = &argv[j + 1];
+		else {
+		    ++*optind;
+		    optarg = rargv[*optind];
+		}
+		if(optarg == NULL)
+		    return ARG_ERR_NO_ARG;
+		if(args[k].type == arg_integer) {
+		    int tmp;
+		    if(sscanf(optarg, "%d", &tmp) != 1)
+			return ARG_ERR_BAD_ARG;
+		    *(int*)args[k].value = tmp;
+		    return 0;
+		} else if(args[k].type == arg_string) {
+		    *(char**)args[k].value = optarg;
+		    return 0;
+		} else if(args[k].type == arg_strings) {
+		    add_string((getarg_strings*)args[k].value, optarg);
+		    return 0;
+		} else if(args[k].type == arg_double) {
+		    double tmp;
+		    if(sscanf(optarg, "%lf", &tmp) != 1)
+			return ARG_ERR_BAD_ARG;
+		    *(double*)args[k].value = tmp;
+		    return 0;
+		}
+		return ARG_ERR_BAD_ARG;
+	    }
+	}
+	if (k == num_args)
+	    return ARG_ERR_NO_MATCH;
+    }
+    return 0;
+}
+
 int
 getarg(struct getargs *args, size_t num_args, 
        int argc, char **argv, int *optind)
 {
-    int i, j, k;
+    int i;
     int ret = 0;
 
     srand (time(NULL));
@@ -405,57 +504,17 @@ getarg(struct getargs *args, size_t num_args,
 		i++;
 		break;
 	    }
-	    ret = arg_match_long (args, num_args, argv[i] + 2);
-	    if(ret)
-		return ret;
-	}else{
-	    for(j = 1; argv[i][j]; j++) {
-		for(k = 0; k < num_args; k++) {
-		    char *optarg;
-		    if(args[k].short_name == 0)
-			continue;
-		    if(argv[i][j] == args[k].short_name){
-			if(args[k].type == arg_flag){
-			    *(int*)args[k].value = 1;
-			    break;
-			}
-			if(args[k].type == arg_negative_flag){
-			    *(int*)args[k].value = 0;
-			    break;
-			}
-			if(argv[i][j + 1])
-			    optarg = &argv[i][j + 1];
-			else{
-			    i++;
-			    optarg = argv[i];
-			}
-			if(optarg == NULL)
-			    return ARG_ERR_NO_ARG;
-			if(args[k].type == arg_integer){
-			    int tmp;
-			    if(sscanf(optarg, "%d", &tmp) != 1)
-				return ARG_ERR_BAD_ARG;
-			    *(int*)args[k].value = tmp;
-			    goto out;
-			}else if(args[k].type == arg_string){
-			    *(char**)args[k].value = optarg;
-			    goto out;
-			}else if(args[k].type == arg_strings){
-			    add_string((getarg_strings*)args[k].value, optarg);
-			    goto out;
-			}
-			return ARG_ERR_BAD_ARG;
-		    }
-			
-		}
-		if (k == num_args)
-		    return ARG_ERR_NO_MATCH;
-	    }
-	out:;
+	    ret = arg_match_long (args, num_args, argv[i] + 2, 
+				  argc, argv, &i);
+	} else {
+	    ret = arg_match_short (args, num_args, argv[i],
+				   argc, argv, &i);
 	}
+	if(ret)
+	    break;
     }
     *optind = i;
-    return 0;
+    return ret;
 }
 
 #if TEST
diff --git a/crypto/kerberosIV/lib/roken/getarg.h b/crypto/kerberosIV/lib/roken/getarg.h
index 8a02fa2..7fd374b 100644
--- a/crypto/kerberosIV/lib/roken/getarg.h
+++ b/crypto/kerberosIV/lib/roken/getarg.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: getarg.h,v 1.5 1998/08/18 20:26:11 assar Exp $ */
+/* $Id: getarg.h,v 1.10 1999/12/02 16:58:46 joda Exp $ */
 
 #ifndef __GETARG_H__
 #define __GETARG_H__
@@ -46,7 +41,15 @@
 struct getargs{
     const char *long_name;
     char short_name;
-    enum { arg_integer, arg_string, arg_flag, arg_negative_flag, arg_strings } type;
+    enum { arg_integer, 
+	   arg_string, 
+	   arg_flag, 
+	   arg_negative_flag, 
+	   arg_strings,
+	   arg_double,
+	   arg_collect,
+	   arg_counter
+    } type;
     void *value;
     const char *help;
     const char *arg_help;
@@ -63,6 +66,18 @@ typedef struct getarg_strings {
     char **strings;
 } getarg_strings;
 
+typedef int (*getarg_collect_func)(int short_opt,
+				   int argc,
+				   char **argv,
+				   int *optind,
+				   int *optarg,
+				   void *data);
+
+typedef struct getarg_collect_info {
+    getarg_collect_func func;
+    void *data;
+} getarg_collect_info;
+
 int getarg(struct getargs *args, size_t num_args, 
 	   int argc, char **argv, int *optind);
 
diff --git a/crypto/kerberosIV/lib/roken/getcap.c b/crypto/kerberosIV/lib/roken/getcap.c
new file mode 100644
index 0000000..997fabf
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/getcap.c
@@ -0,0 +1,1118 @@
+/*	$NetBSD: getcap.c,v 1.29 1999/03/29 09:27:29 abs Exp $	*/
+
+/*-
+ * Copyright (c) 1992, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Casey Leedom of Lawrence Livermore National Laboratory.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include "roken.h"
+RCSID("$Id: getcap.c,v 1.7 1999/11/17 21:11:58 assar Exp $");
+
+#include <sys/types.h>
+#include <ctype.h>
+#if defined(HAVE_DB_185_H)
+#include <db_185.h>
+#elif defined(HAVE_DB_H)
+#include <db.h>
+#endif
+#include <errno.h>	
+#include <fcntl.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#define	BFRAG		1024
+#if 0
+#define	BSIZE		1024
+#endif
+#define	ESC		('[' & 037)	/* ASCII ESC */
+#define	MAX_RECURSION	32		/* maximum getent recursion */
+#define	SFRAG		100		/* cgetstr mallocs in SFRAG chunks */
+
+#define RECOK	(char)0
+#define TCERR	(char)1
+#define	SHADOW	(char)2
+
+static size_t	 topreclen;	/* toprec length */
+static char	*toprec;	/* Additional record specified by cgetset() */
+static int	 gottoprec;	/* Flag indicating retrieval of toprecord */
+
+#if defined(HAVE_DBOPEN) && defined(HAVE_DB_H)
+#define USE_DB
+#endif
+
+#ifdef USE_DB
+static int	cdbget (DB *, char **, const char *);
+#endif
+static int 	getent (char **, size_t *, char **, int, const char *, int, char *);
+static int	nfcmp (char *, char *);
+
+
+int cgetset(const char *ent);
+char *cgetcap(char *buf, const char *cap, int type);
+int cgetent(char **buf, char **db_array, const char *name);
+int cgetmatch(const char *buf, const char *name);
+int cgetclose(void);
+#if 0
+int cgetfirst(char **buf, char **db_array);
+int cgetnext(char **bp, char **db_array);
+#endif
+int cgetstr(char *buf, const char *cap, char **str);
+int cgetustr(char *buf, const char *cap, char **str);
+int cgetnum(char *buf, const char *cap, long *num);
+/*
+ * Cgetset() allows the addition of a user specified buffer to be added
+ * to the database array, in effect "pushing" the buffer on top of the
+ * virtual database. 0 is returned on success, -1 on failure.
+ */
+int
+cgetset(const char *ent)
+{
+    const char *source, *check;
+    char *dest;
+
+    if (ent == NULL) {
+	if (toprec)
+	    free(toprec);
+	toprec = NULL;
+	topreclen = 0;
+	return (0);
+    }
+    topreclen = strlen(ent);
+    if ((toprec = malloc (topreclen + 1)) == NULL) {
+	errno = ENOMEM;
+	return (-1);
+    }
+    gottoprec = 0;
+
+    source=ent;
+    dest=toprec;
+    while (*source) { /* Strip whitespace */
+	*dest++ = *source++; /* Do not check first field */
+	while (*source == ':') {
+	    check=source+1;
+	    while (*check && (isspace((unsigned char)*check) ||
+			      (*check=='\\' && isspace((unsigned char)check[1]))))
+		++check;
+	    if( *check == ':' )
+		source=check;
+	    else
+		break;
+
+	}
+    }
+    *dest=0;
+
+    return (0);
+}
+
+/*
+ * Cgetcap searches the capability record buf for the capability cap with
+ * type `type'.  A pointer to the value of cap is returned on success, NULL
+ * if the requested capability couldn't be found.
+ *
+ * Specifying a type of ':' means that nothing should follow cap (:cap:).
+ * In this case a pointer to the terminating ':' or NUL will be returned if
+ * cap is found.
+ *
+ * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator)
+ * return NULL.
+ */
+char *
+cgetcap(char *buf, const char *cap, int type)
+{
+    char *bp;
+    const char *cp;
+
+    bp = buf;
+    for (;;) {
+	/*
+	 * Skip past the current capability field - it's either the
+	 * name field if this is the first time through the loop, or
+	 * the remainder of a field whose name failed to match cap.
+	 */
+	for (;;)
+	    if (*bp == '\0')
+		return (NULL);
+	    else
+		if (*bp++ == ':')
+		    break;
+
+	/*
+	 * Try to match (cap, type) in buf.
+	 */
+	for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++)
+	    continue;
+	if (*cp != '\0')
+	    continue;
+	if (*bp == '@')
+	    return (NULL);
+	if (type == ':') {
+	    if (*bp != '\0' && *bp != ':')
+		continue;
+	    return(bp);
+	}
+	if (*bp != type)
+	    continue;
+	bp++;
+	return (*bp == '@' ? NULL : bp);
+    }
+    /* NOTREACHED */
+}
+
+/*
+ * Cgetent extracts the capability record name from the NULL terminated file
+ * array db_array and returns a pointer to a malloc'd copy of it in buf.
+ * Buf must be retained through all subsequent calls to cgetcap, cgetnum,
+ * cgetflag, and cgetstr, but may then be free'd.  0 is returned on success,
+ * -1 if the requested record couldn't be found, -2 if a system error was
+ * encountered (couldn't open/read a file, etc.), and -3 if a potential
+ * reference loop is detected.
+ */
+int
+cgetent(char **buf, char **db_array, const char *name)
+{
+    size_t dummy;
+
+    return (getent(buf, &dummy, db_array, -1, name, 0, NULL));
+}
+
+/*
+ * Getent implements the functions of cgetent.  If fd is non-negative,
+ * *db_array has already been opened and fd is the open file descriptor.  We
+ * do this to save time and avoid using up file descriptors for tc=
+ * recursions.
+ *
+ * Getent returns the same success/failure codes as cgetent.  On success, a
+ * pointer to a malloc'ed capability record with all tc= capabilities fully
+ * expanded and its length (not including trailing ASCII NUL) are left in
+ * *cap and *len.
+ *
+ * Basic algorithm:
+ *	+ Allocate memory incrementally as needed in chunks of size BFRAG
+ *	  for capability buffer.
+ *	+ Recurse for each tc=name and interpolate result.  Stop when all
+ *	  names interpolated, a name can't be found, or depth exceeds
+ *	  MAX_RECURSION.
+ */
+static int
+getent(char **cap, size_t *len, char **db_array, int fd, 
+       const char *name, int depth, char *nfield)
+{
+    char *r_end, *rp = NULL, **db_p;	/* pacify gcc */
+    int myfd = 0, eof, foundit;
+    char *record;
+    int tc_not_resolved;
+	
+    /*
+     * Return with ``loop detected'' error if we've recursed more than
+     * MAX_RECURSION times.
+     */
+    if (depth > MAX_RECURSION)
+	return (-3);
+
+    /*
+     * Check if we have a top record from cgetset().
+     */
+    if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) {
+	if ((record = malloc (topreclen + BFRAG)) == NULL) {
+	    errno = ENOMEM;
+	    return (-2);
+	}
+	(void)strcpy(record, toprec);	/* XXX: strcpy is safe */
+	db_p = db_array;
+	rp = record + topreclen + 1;
+	r_end = rp + BFRAG;
+	goto tc_exp;
+    }
+    /*
+     * Allocate first chunk of memory.
+     */
+    if ((record = malloc(BFRAG)) == NULL) {
+	errno = ENOMEM;
+	return (-2);
+    }
+    r_end = record + BFRAG;
+    foundit = 0;
+    /*
+     * Loop through database array until finding the record.
+     */
+
+    for (db_p = db_array; *db_p != NULL; db_p++) {
+	eof = 0;
+
+	/*
+	 * Open database if not already open.
+	 */
+
+	if (fd >= 0) {
+	    (void)lseek(fd, (off_t)0, SEEK_SET);
+	} else {
+#ifdef USE_DB
+	    char pbuf[_POSIX_PATH_MAX];
+	    char *cbuf;
+	    size_t clen;
+	    int retval;
+	    DB *capdbp;
+
+	    (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p);
+	    if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0))
+		!= NULL) {
+		free(record);
+		retval = cdbget(capdbp, &record, name);
+		if (retval < 0) {
+		    /* no record available */
+		    (void)capdbp->close(capdbp);
+		    return (retval);
+		}
+				/* save the data; close frees it */
+		clen = strlen(record);
+		cbuf = malloc(clen + 1);
+		memmove(cbuf, record, clen + 1);
+		if (capdbp->close(capdbp) < 0) {
+		    free(cbuf);
+		    return (-2);
+		}
+		*len = clen;
+		*cap = cbuf;
+		return (retval);
+	    } else
+#endif
+	    {
+		fd = open(*db_p, O_RDONLY, 0);
+		if (fd < 0) {
+		    /* No error on unfound file. */
+		    continue;
+		}
+		myfd = 1;
+	    }
+	}
+	/*
+	 * Find the requested capability record ...
+	 */
+	{
+	    char buf[BUFSIZ];
+	    char *b_end, *bp, *cp;
+	    int c, slash;
+
+	    /*
+	     * Loop invariants:
+	     *	There is always room for one more character in record.
+	     *	R_end always points just past end of record.
+	     *	Rp always points just past last character in record.
+	     *	B_end always points just past last character in buf.
+	     *	Bp always points at next character in buf.
+	     *	Cp remembers where the last colon was.
+	     */
+	    b_end = buf;
+	    bp = buf;
+	    cp = 0;
+	    slash = 0;
+	    for (;;) {
+
+		/*
+		 * Read in a line implementing (\, newline)
+		 * line continuation.
+		 */
+		rp = record;
+		for (;;) {
+		    if (bp >= b_end) {
+			int n;
+		
+			n = read(fd, buf, sizeof(buf));
+			if (n <= 0) {
+			    if (myfd)
+				(void)close(fd);
+			    if (n < 0) {
+				free(record);
+				return (-2);
+			    } else {
+				fd = -1;
+				eof = 1;
+				break;
+			    }
+			}
+			b_end = buf+n;
+			bp = buf;
+		    }
+	
+		    c = *bp++;
+		    if (c == '\n') {
+			if (slash) {
+			    slash = 0;
+			    rp--;
+			    continue;
+			} else
+			    break;
+		    }
+		    if (slash) {
+			slash = 0;
+			cp = 0;
+		    }
+		    if (c == ':') {
+			/*
+			 * If the field was `empty' (i.e.
+			 * contained only white space), back up
+			 * to the colon (eliminating the
+			 * field).
+			 */
+			if (cp)
+			    rp = cp;
+			else
+			    cp = rp;
+		    } else if (c == '\\') {
+			slash = 1;
+		    } else if (c != ' ' && c != '\t') {
+			/*
+			 * Forget where the colon was, as this
+			 * is not an empty field.
+			 */
+			cp = 0;
+		    }
+		    *rp++ = c;
+
+				/*
+				 * Enforce loop invariant: if no room 
+				 * left in record buffer, try to get
+				 * some more.
+				 */
+		    if (rp >= r_end) {
+			u_int pos;
+			size_t newsize;
+
+			pos = rp - record;
+			newsize = r_end - record + BFRAG;
+			record = realloc(record, newsize);
+			if (record == NULL) {
+			    errno = ENOMEM;
+			    if (myfd)
+				(void)close(fd);
+			    return (-2);
+			}
+			r_end = record + newsize;
+			rp = record + pos;
+		    }
+		}
+		/* Eliminate any white space after the last colon. */
+		if (cp)
+		    rp = cp + 1;
+		/* Loop invariant lets us do this. */
+		*rp++ = '\0';
+
+		/*
+		 * If encountered eof check next file.
+		 */
+		if (eof)
+		    break;
+				
+		/*
+		 * Toss blank lines and comments.
+		 */
+		if (*record == '\0' || *record == '#')
+		    continue;
+	
+		/*
+		 * See if this is the record we want ...
+		 */
+		if (cgetmatch(record, name) == 0) {
+		    if (nfield == NULL || !nfcmp(nfield, record)) {
+			foundit = 1;
+			break;	/* found it! */
+		    }
+		}
+	    }
+	}
+	if (foundit)
+	    break;
+    }
+
+    if (!foundit)
+	return (-1);
+
+    /*
+     * Got the capability record, but now we have to expand all tc=name
+     * references in it ...
+     */
+ tc_exp:	{
+	char *newicap, *s;
+	size_t ilen, newilen;
+	int diff, iret, tclen;
+	char *icap, *scan, *tc, *tcstart, *tcend;
+
+	/*
+	 * Loop invariants:
+	 *	There is room for one more character in record.
+	 *	R_end points just past end of record.
+	 *	Rp points just past last character in record.
+	 *	Scan points at remainder of record that needs to be
+	 *	scanned for tc=name constructs.
+	 */
+	scan = record;
+	tc_not_resolved = 0;
+	for (;;) {
+	    if ((tc = cgetcap(scan, "tc", '=')) == NULL)
+		break;
+
+	    /*
+	     * Find end of tc=name and stomp on the trailing `:'
+	     * (if present) so we can use it to call ourselves.
+	     */
+	    s = tc;
+	    for (;;)
+		if (*s == '\0')
+		    break;
+		else
+		    if (*s++ == ':') {
+			*(s - 1) = '\0';
+			break;
+		    }
+	    tcstart = tc - 3;
+	    tclen = s - tcstart;
+	    tcend = s;
+
+	    iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 
+			  NULL);
+	    newicap = icap;		/* Put into a register. */
+	    newilen = ilen;
+	    if (iret != 0) {
+				/* an error */
+		if (iret < -1) {
+		    if (myfd)
+			(void)close(fd);
+		    free(record);
+		    return (iret);
+		}
+		if (iret == 1)
+		    tc_not_resolved = 1;
+				/* couldn't resolve tc */
+		if (iret == -1) {
+		    *(s - 1) = ':';			
+		    scan = s - 1;
+		    tc_not_resolved = 1;
+		    continue;
+					
+		}
+	    }
+	    /* not interested in name field of tc'ed record */
+	    s = newicap;
+	    for (;;)
+		if (*s == '\0')
+		    break;
+		else
+		    if (*s++ == ':')
+			break;
+	    newilen -= s - newicap;
+	    newicap = s;
+
+	    /* make sure interpolated record is `:'-terminated */
+	    s += newilen;
+	    if (*(s-1) != ':') {
+		*s = ':';	/* overwrite NUL with : */
+		newilen++;
+	    }
+
+	    /*
+	     * Make sure there's enough room to insert the
+	     * new record.
+	     */
+	    diff = newilen - tclen;
+	    if (diff >= r_end - rp) {
+		u_int pos, tcpos, tcposend;
+		size_t newsize;
+
+		pos = rp - record;
+		newsize = r_end - record + diff + BFRAG;
+		tcpos = tcstart - record;
+		tcposend = tcend - record;
+		record = realloc(record, newsize);
+		if (record == NULL) {
+		    errno = ENOMEM;
+		    if (myfd)
+			(void)close(fd);
+		    free(icap);
+		    return (-2);
+		}
+		r_end = record + newsize;
+		rp = record + pos;
+		tcstart = record + tcpos;
+		tcend = record + tcposend;
+	    }
+
+	    /*
+	     * Insert tc'ed record into our record.
+	     */
+	    s = tcstart + newilen;
+	    memmove(s, tcend,  (size_t)(rp - tcend));
+	    memmove(tcstart, newicap, newilen);
+	    rp += diff;
+	    free(icap);
+
+	    /*
+	     * Start scan on `:' so next cgetcap works properly
+	     * (cgetcap always skips first field).
+	     */
+	    scan = s-1;
+	}
+	
+    }
+    /*
+     * Close file (if we opened it), give back any extra memory, and
+     * return capability, length and success.
+     */
+    if (myfd)
+	(void)close(fd);
+    *len = rp - record - 1;	/* don't count NUL */
+    if (r_end > rp)
+	if ((record = 
+	     realloc(record, (size_t)(rp - record))) == NULL) {
+	    errno = ENOMEM;
+	    return (-2);
+	}
+		
+    *cap = record;
+    if (tc_not_resolved)
+	return (1);
+    return (0);
+}	
+
+#ifdef USE_DB
+static int
+cdbget(DB *capdbp, char **bp, const char *name)
+{
+	DBT key;
+	DBT data;
+
+	/* LINTED key is not modified */
+	key.data = (char *)name;
+	key.size = strlen(name);
+
+	for (;;) {
+		/* Get the reference. */
+		switch(capdbp->get(capdbp, &key, &data, 0)) {
+		case -1:
+			return (-2);
+		case 1:
+			return (-1);
+		}
+
+		/* If not an index to another record, leave. */
+		if (((char *)data.data)[0] != SHADOW)
+			break;
+
+		key.data = (char *)data.data + 1;
+		key.size = data.size - 1;
+	}
+	
+	*bp = (char *)data.data + 1;
+	return (((char *)(data.data))[0] == TCERR ? 1 : 0);
+}
+#endif /* USE_DB */
+
+/*
+ * Cgetmatch will return 0 if name is one of the names of the capability
+ * record buf, -1 if not.
+ */
+int
+cgetmatch(const char *buf, const char *name)
+{
+    const char *np, *bp;
+
+    /*
+     * Start search at beginning of record.
+     */
+    bp = buf;
+    for (;;) {
+	/*
+	 * Try to match a record name.
+	 */
+	np = name;
+	for (;;)
+	    if (*np == '\0') {
+		if (*bp == '|' || *bp == ':' || *bp == '\0')
+		    return (0);
+		else
+		    break;
+	    } else
+		if (*bp++ != *np++)
+		    break;
+
+	/*
+	 * Match failed, skip to next name in record.
+	 */
+	bp--;	/* a '|' or ':' may have stopped the match */
+	for (;;)
+	    if (*bp == '\0' || *bp == ':')
+		return (-1);	/* match failed totally */
+	    else
+		if (*bp++ == '|')
+		    break;	/* found next name */
+    }
+}
+
+#if 0
+int
+cgetfirst(char **buf, char **db_array)
+{
+    (void)cgetclose();
+    return (cgetnext(buf, db_array));
+}
+#endif
+
+static FILE *pfp;
+static int slash;
+static char **dbp;
+
+int
+cgetclose(void)
+{
+    if (pfp != NULL) {
+	(void)fclose(pfp);
+	pfp = NULL;
+    }
+    dbp = NULL;
+    gottoprec = 0;
+    slash = 0;
+    return(0);
+}
+
+#if 0
+/*
+ * Cgetnext() gets either the first or next entry in the logical database 
+ * specified by db_array.  It returns 0 upon completion of the database, 1
+ * upon returning an entry with more remaining, and -1 if an error occurs.
+ */
+int
+cgetnext(char **bp, char **db_array)
+{
+    size_t len;
+    int status, done;
+    char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE];
+    size_t dummy;
+
+    if (dbp == NULL)
+	dbp = db_array;
+
+    if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) {
+	(void)cgetclose();
+	return (-1);
+    }
+    for(;;) {
+	if (toprec && !gottoprec) {
+	    gottoprec = 1;
+	    line = toprec;
+	} else {
+	    line = fgetln(pfp, &len);
+	    if (line == NULL && pfp) {
+		if (ferror(pfp)) {
+		    (void)cgetclose();
+		    return (-1);
+		} else {
+		    (void)fclose(pfp);
+		    pfp = NULL;
+		    if (*++dbp == NULL) {
+			(void)cgetclose();
+			return (0);
+		    } else if ((pfp =
+				fopen(*dbp, "r")) == NULL) {
+			(void)cgetclose();
+			return (-1);
+		    } else
+			continue;
+		}
+	    } else
+		line[len - 1] = '\0';
+	    if (len == 1) {
+		slash = 0;
+		continue;
+	    }
+	    if (isspace((unsigned char)*line) ||
+		*line == ':' || *line == '#' || slash) {
+		if (line[len - 2] == '\\')
+		    slash = 1;
+		else
+		    slash = 0;
+		continue;
+	    }
+	    if (line[len - 2] == '\\')
+		slash = 1;
+	    else
+		slash = 0;
+	}			
+
+
+	/* 
+	 * Line points to a name line.
+	 */
+	done = 0;
+	np = nbuf;
+	for (;;) {
+	    for (cp = line; *cp != '\0'; cp++) {
+		if (*cp == ':') {
+		    *np++ = ':';
+		    done = 1;
+		    break;
+		}
+		if (*cp == '\\')
+		    break;
+		*np++ = *cp;
+	    }
+	    if (done) {
+		*np = '\0';
+		break;
+	    } else { /* name field extends beyond the line */
+		line = fgetln(pfp, &len);
+		if (line == NULL && pfp) {
+		    if (ferror(pfp)) {
+			(void)cgetclose();
+			return (-1);
+		    }
+		    (void)fclose(pfp);
+		    pfp = NULL;
+		    *np = '\0';
+		    break;
+		} else
+		    line[len - 1] = '\0';
+	    }
+	}
+	rp = buf;
+	for(cp = nbuf; *cp != '\0'; cp++)
+	    if (*cp == '|' || *cp == ':')
+		break;
+	    else
+		*rp++ = *cp;
+
+	*rp = '\0';
+	/* 
+	 * XXX 
+	 * Last argument of getent here should be nbuf if we want true
+	 * sequential access in the case of duplicates.  
+	 * With NULL, getent will return the first entry found
+	 * rather than the duplicate entry record.  This is a 
+	 * matter of semantics that should be resolved.
+	 */
+	status = getent(bp, &dummy, db_array, -1, buf, 0, NULL);
+	if (status == -2 || status == -3)
+	    (void)cgetclose();
+
+	return (status + 1);
+    }
+    /* NOTREACHED */
+}
+#endif
+
+/*
+ * Cgetstr retrieves the value of the string capability cap from the
+ * capability record pointed to by buf.  A pointer to a decoded, NUL
+ * terminated, malloc'd copy of the string is returned in the char *
+ * pointed to by str.  The length of the string not including the trailing
+ * NUL is returned on success, -1 if the requested string capability
+ * couldn't be found, -2 if a system error was encountered (storage
+ * allocation failure).
+ */
+int
+cgetstr(char *buf, const char *cap, char **str)
+{
+    u_int m_room;
+    const char *bp;
+    char *mp;
+    int len;
+    char *mem;
+
+    /*
+     * Find string capability cap
+     */
+    bp = cgetcap(buf, cap, '=');
+    if (bp == NULL)
+	return (-1);
+
+    /*
+     * Conversion / storage allocation loop ...  Allocate memory in
+     * chunks SFRAG in size.
+     */
+    if ((mem = malloc(SFRAG)) == NULL) {
+	errno = ENOMEM;
+	return (-2);	/* couldn't even allocate the first fragment */
+    }
+    m_room = SFRAG;
+    mp = mem;
+
+    while (*bp != ':' && *bp != '\0') {
+	/*
+	 * Loop invariants:
+	 *	There is always room for one more character in mem.
+	 *	Mp always points just past last character in mem.
+	 *	Bp always points at next character in buf.
+	 */
+	if (*bp == '^') {
+	    bp++;
+	    if (*bp == ':' || *bp == '\0')
+		break;	/* drop unfinished escape */
+	    *mp++ = *bp++ & 037;
+	} else if (*bp == '\\') {
+	    bp++;
+	    if (*bp == ':' || *bp == '\0')
+		break;	/* drop unfinished escape */
+	    if ('0' <= *bp && *bp <= '7') {
+		int n, i;
+
+		n = 0;
+		i = 3;	/* maximum of three octal digits */
+		do {
+		    n = n * 8 + (*bp++ - '0');
+		} while (--i && '0' <= *bp && *bp <= '7');
+		*mp++ = n;
+	    }
+	    else switch (*bp++) {
+	    case 'b': case 'B':
+		*mp++ = '\b';
+		break;
+	    case 't': case 'T':
+		*mp++ = '\t';
+		break;
+	    case 'n': case 'N':
+		*mp++ = '\n';
+		break;
+	    case 'f': case 'F':
+		*mp++ = '\f';
+		break;
+	    case 'r': case 'R':
+		*mp++ = '\r';
+		break;
+	    case 'e': case 'E':
+		*mp++ = ESC;
+		break;
+	    case 'c': case 'C':
+		*mp++ = ':';
+		break;
+	    default:
+		/*
+		 * Catches '\', '^', and
+		 *  everything else.
+		 */
+		*mp++ = *(bp-1);
+		break;
+	    }
+	} else
+	    *mp++ = *bp++;
+	m_room--;
+
+	/*
+	 * Enforce loop invariant: if no room left in current
+	 * buffer, try to get some more.
+	 */
+	if (m_room == 0) {
+	    size_t size = mp - mem;
+
+	    if ((mem = realloc(mem, size + SFRAG)) == NULL)
+		return (-2);
+	    m_room = SFRAG;
+	    mp = mem + size;
+	}
+    }
+    *mp++ = '\0';	/* loop invariant let's us do this */
+    m_room--;
+    len = mp - mem - 1;
+
+    /*
+     * Give back any extra memory and return value and success.
+     */
+    if (m_room != 0)
+	if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL)
+	    return (-2);
+    *str = mem;
+    return (len);
+}
+
+/*
+ * Cgetustr retrieves the value of the string capability cap from the
+ * capability record pointed to by buf.  The difference between cgetustr()
+ * and cgetstr() is that cgetustr does not decode escapes but rather treats
+ * all characters literally.  A pointer to a  NUL terminated malloc'd 
+ * copy of the string is returned in the char pointed to by str.  The 
+ * length of the string not including the trailing NUL is returned on success,
+ * -1 if the requested string capability couldn't be found, -2 if a system 
+ * error was encountered (storage allocation failure).
+ */
+int
+cgetustr(char *buf, const char *cap, char **str)
+{
+    u_int m_room;
+    const char *bp;
+    char *mp;
+    int len;
+    char *mem;
+
+    /*
+     * Find string capability cap
+     */
+    if ((bp = cgetcap(buf, cap, '=')) == NULL)
+	return (-1);
+
+    /*
+     * Conversion / storage allocation loop ...  Allocate memory in
+     * chunks SFRAG in size.
+     */
+    if ((mem = malloc(SFRAG)) == NULL) {
+	errno = ENOMEM;
+	return (-2);	/* couldn't even allocate the first fragment */
+    }
+    m_room = SFRAG;
+    mp = mem;
+
+    while (*bp != ':' && *bp != '\0') {
+	/*
+	 * Loop invariants:
+	 *	There is always room for one more character in mem.
+	 *	Mp always points just past last character in mem.
+	 *	Bp always points at next character in buf.
+	 */
+	*mp++ = *bp++;
+	m_room--;
+
+	/*
+	 * Enforce loop invariant: if no room left in current
+	 * buffer, try to get some more.
+	 */
+	if (m_room == 0) {
+	    size_t size = mp - mem;
+
+	    if ((mem = realloc(mem, size + SFRAG)) == NULL)
+		return (-2);
+	    m_room = SFRAG;
+	    mp = mem + size;
+	}
+    }
+    *mp++ = '\0';	/* loop invariant let's us do this */
+    m_room--;
+    len = mp - mem - 1;
+
+    /*
+     * Give back any extra memory and return value and success.
+     */
+    if (m_room != 0)
+	if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL)
+	    return (-2);
+    *str = mem;
+    return (len);
+}
+
+/*
+ * Cgetnum retrieves the value of the numeric capability cap from the
+ * capability record pointed to by buf.  The numeric value is returned in
+ * the long pointed to by num.  0 is returned on success, -1 if the requested
+ * numeric capability couldn't be found.
+ */
+int
+cgetnum(char *buf, const char *cap, long *num)
+{
+    long n;
+    int base, digit;
+    const char *bp;
+
+    /*
+     * Find numeric capability cap
+     */
+    bp = cgetcap(buf, cap, '#');
+    if (bp == NULL)
+	return (-1);
+
+    /*
+     * Look at value and determine numeric base:
+     *	0x... or 0X...	hexadecimal,
+     * else	0...		octal,
+     * else			decimal.
+     */
+    if (*bp == '0') {
+	bp++;
+	if (*bp == 'x' || *bp == 'X') {
+	    bp++;
+	    base = 16;
+	} else
+	    base = 8;
+    } else
+	base = 10;
+
+    /*
+     * Conversion loop ...
+     */
+    n = 0;
+    for (;;) {
+	if ('0' <= *bp && *bp <= '9')
+	    digit = *bp - '0';
+	else if ('a' <= *bp && *bp <= 'f')
+	    digit = 10 + *bp - 'a';
+	else if ('A' <= *bp && *bp <= 'F')
+	    digit = 10 + *bp - 'A';
+	else
+	    break;
+
+	if (digit >= base)
+	    break;
+
+	n = n * base + digit;
+	bp++;
+    }
+
+    /*
+     * Return value and success.
+     */
+    *num = n;
+    return (0);
+}
+
+
+/*
+ * Compare name field of record.
+ */
+static int
+nfcmp(char *nf, char *rec)
+{
+    char *cp, tmp;
+    int ret;
+	
+    for (cp = rec; *cp != ':'; cp++)
+	;
+	
+    tmp = *(cp + 1);
+    *(cp + 1) = '\0';
+    ret = strcmp(nf, rec);
+    *(cp + 1) = tmp;
+
+    return (ret);
+}
diff --git a/crypto/kerberosIV/lib/roken/getcwd.c b/crypto/kerberosIV/lib/roken/getcwd.c
index ac80a79..c1f2610 100644
--- a/crypto/kerberosIV/lib/roken/getcwd.c
+++ b/crypto/kerberosIV/lib/roken/getcwd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getcwd.c,v 1.10 1998/06/09 19:25:36 joda Exp $");
+RCSID("$Id: getcwd.c,v 1.12 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #ifdef HAVE_UNISTD_H
@@ -57,6 +52,6 @@ getcwd(char *path, size_t size)
     char *ret;
     ret = getwd(xxx);
     if(ret)
-	strcpy_truncate(path, xxx, size);
+	strlcpy(path, xxx, size);
     return ret;
 }
diff --git a/crypto/kerberosIV/lib/roken/getdtablesize.c b/crypto/kerberosIV/lib/roken/getdtablesize.c
index 029f5f6..9f9c74b 100644
--- a/crypto/kerberosIV/lib/roken/getdtablesize.c
+++ b/crypto/kerberosIV/lib/roken/getdtablesize.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: getdtablesize.c,v 1.9 1997/07/11 20:20:26 assar Exp $");
+RCSID("$Id: getdtablesize.c,v 1.10 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/getegid.c b/crypto/kerberosIV/lib/roken/getegid.c
index ba5828d..b6eab85 100644
--- a/crypto/kerberosIV/lib/roken/getegid.c
+++ b/crypto/kerberosIV/lib/roken/getegid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #ifndef HAVE_GETEGID
 
-RCSID("$Id: getegid.c,v 1.1 1998/05/09 17:17:18 joda Exp $");
+RCSID("$Id: getegid.c,v 1.2 1999/12/02 16:58:46 joda Exp $");
 
 int getegid(void)
 {
diff --git a/crypto/kerberosIV/lib/roken/geteuid.c b/crypto/kerberosIV/lib/roken/geteuid.c
index bc20d3c..4bdf531 100644
--- a/crypto/kerberosIV/lib/roken/geteuid.c
+++ b/crypto/kerberosIV/lib/roken/geteuid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #ifndef HAVE_GETEUID
 
-RCSID("$Id: geteuid.c,v 1.1 1998/05/09 17:17:38 joda Exp $");
+RCSID("$Id: geteuid.c,v 1.2 1999/12/02 16:58:46 joda Exp $");
 
 int geteuid(void)
 {
diff --git a/crypto/kerberosIV/lib/roken/getgid.c b/crypto/kerberosIV/lib/roken/getgid.c
index 1512139..f2ca01a 100644
--- a/crypto/kerberosIV/lib/roken/getgid.c
+++ b/crypto/kerberosIV/lib/roken/getgid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #ifndef HAVE_GETGID
 
-RCSID("$Id: getgid.c,v 1.1 1998/05/09 17:17:29 joda Exp $");
+RCSID("$Id: getgid.c,v 1.2 1999/12/02 16:58:46 joda Exp $");
 
 int getgid(void)
 {
diff --git a/crypto/kerberosIV/lib/roken/gethostname.c b/crypto/kerberosIV/lib/roken/gethostname.c
index 9795fb3..753ba9f 100644
--- a/crypto/kerberosIV/lib/roken/gethostname.c
+++ b/crypto/kerberosIV/lib/roken/gethostname.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -65,11 +60,11 @@ gethostname(char *name, int namelen)
 	ret = uname (&utsname);
 	if (ret < 0)
 	    return ret;
-	strcpy_truncate (name, utsname.nodename, namelen);
+	strlcpy (name, utsname.nodename, namelen);
 	return 0;
     }
 #else
-    strcpy_truncate (name, "some.random.host", namelen);
+    strlcpy (name, "some.random.host", namelen);
     return 0;
 #endif
 }
diff --git a/crypto/kerberosIV/lib/roken/getipnodebyaddr.c b/crypto/kerberosIV/lib/roken/getipnodebyaddr.c
new file mode 100644
index 0000000..f22aad7
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/getipnodebyaddr.c
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: getipnodebyaddr.c,v 1.2 1999/12/02 16:58:46 joda Exp $");
+#endif
+
+#include "roken.h"
+
+/*
+ * lookup `src, len' (address family `af') in DNS and return a pointer
+ * to a malloced struct hostent or NULL.
+ */
+
+struct hostent *
+getipnodebyaddr (const void *src, size_t len, int af, int *error_num)
+{
+    struct hostent *tmp;
+
+    tmp = gethostbyaddr (src, len, af);
+    if (tmp == NULL) {
+	switch (h_errno) {
+	case HOST_NOT_FOUND :
+	case TRY_AGAIN :
+	case NO_RECOVERY :
+	    *error_num = h_errno;
+	    break;
+	case NO_DATA :
+	    *error_num = NO_ADDRESS;
+	    break;
+	default :
+	    *error_num = NO_RECOVERY;
+	    break;
+	}
+	return NULL;
+    }
+    tmp = copyhostent (tmp);
+    if (tmp == NULL) {
+	*error_num = TRY_AGAIN;
+	return NULL;
+    }
+    return tmp;
+}
diff --git a/crypto/kerberosIV/lib/roken/getipnodebyname.c b/crypto/kerberosIV/lib/roken/getipnodebyname.c
new file mode 100644
index 0000000..576feef
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/getipnodebyname.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: getipnodebyname.c,v 1.3 1999/12/02 16:58:46 joda Exp $");
+#endif
+
+#include "roken.h"
+
+#ifndef HAVE_H_ERRNO
+static int h_errno = NO_RECOVERY;
+#endif
+
+/*
+ * lookup `name' (address family `af') in DNS and return a pointer
+ * to a malloced struct hostent or NULL.
+ */
+
+struct hostent *
+getipnodebyname (const char *name, int af, int flags, int *error_num)
+{
+    struct hostent *tmp;
+
+#ifdef HAVE_GETHOSTBYNAME2
+    tmp = gethostbyname2 (name, af);
+#else
+    if (af != AF_INET) {
+	*error_num = NO_ADDRESS;
+	return NULL;
+    }
+    tmp = gethostbyname (name);
+#endif
+    if (tmp == NULL) {
+	switch (h_errno) {
+	case HOST_NOT_FOUND :
+	case TRY_AGAIN :
+	case NO_RECOVERY :
+	    *error_num = h_errno;
+	    break;
+	case NO_DATA :
+	    *error_num = NO_ADDRESS;
+	    break;
+	default :
+	    *error_num = NO_RECOVERY;
+	    break;
+	}
+	return NULL;
+    }
+    tmp = copyhostent (tmp);
+    if (tmp == NULL) {
+	*error_num = TRY_AGAIN;
+	return NULL;
+    }
+    return tmp;
+}
diff --git a/crypto/kerberosIV/lib/roken/getopt.c b/crypto/kerberosIV/lib/roken/getopt.c
index fea4635..45fc350 100644
--- a/crypto/kerberosIV/lib/roken/getopt.c
+++ b/crypto/kerberosIV/lib/roken/getopt.c
@@ -69,22 +69,22 @@ getopt(nargc, nargv, ostr)
 		optreset = 0;
 		if (optind >= nargc || *(place = nargv[optind]) != '-') {
 			place = EMSG;
-			return(EOF);
+			return(-1);
 		}
 		if (place[1] && *++place == '-') {	/* found "--" */
 			++optind;
 			place = EMSG;
-			return(EOF);
+			return(-1);
 		}
 	}					/* option letter okay? */
 	if ((optopt = (int)*place++) == (int)':' ||
 	    !(oli = strchr(ostr, optopt))) {
 		/*
 		 * if the user didn't specify '-' as an option,
-		 * assume it means EOF.
+		 * assume it means -1 (EOF).
 		 */
 		if (optopt == (int)'-')
-			return(EOF);
+			return(-1);
 		if (!*place)
 			++optind;
 		if (opterr && *ostr != ':') {
diff --git a/crypto/kerberosIV/lib/roken/gettimeofday.c b/crypto/kerberosIV/lib/roken/gettimeofday.c
index 8752ba2..ec8b62f 100644
--- a/crypto/kerberosIV/lib/roken/gettimeofday.c
+++ b/crypto/kerberosIV/lib/roken/gettimeofday.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -42,7 +37,7 @@
 #include "roken.h"
 #ifndef HAVE_GETTIMEOFDAY
 
-RCSID("$Id: gettimeofday.c,v 1.7 1997/12/04 22:51:48 joda Exp $");
+RCSID("$Id: gettimeofday.c,v 1.8 1999/12/02 16:58:46 joda Exp $");
 
 /*
  * Simple gettimeofday that only returns seconds.
diff --git a/crypto/kerberosIV/lib/roken/getuid.c b/crypto/kerberosIV/lib/roken/getuid.c
index 1b7d70a..6ebce0a 100644
--- a/crypto/kerberosIV/lib/roken/getuid.c
+++ b/crypto/kerberosIV/lib/roken/getuid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #ifndef HAVE_GETUID
 
-RCSID("$Id: getuid.c,v 1.2 1997/12/04 22:51:20 joda Exp $");
+RCSID("$Id: getuid.c,v 1.3 1999/12/02 16:58:46 joda Exp $");
 
 int getuid(void)
 {
diff --git a/crypto/kerberosIV/lib/roken/glob.c b/crypto/kerberosIV/lib/roken/glob.c
index 7dd6951..66e8ec6 100644
--- a/crypto/kerberosIV/lib/roken/glob.c
+++ b/crypto/kerberosIV/lib/roken/glob.c
@@ -748,7 +748,7 @@ g_opendir(Char *str, glob_t *pglob)
 	char buf[MaxPathLen];
 
 	if (!*str)
-		strcpy_truncate(buf, ".", sizeof(buf));
+		strlcpy(buf, ".", sizeof(buf));
 	else
 		g_Ctoc(str, buf);
 
diff --git a/crypto/kerberosIV/lib/roken/hstrerror.c b/crypto/kerberosIV/lib/roken/hstrerror.c
index 3653352..522de52 100644
--- a/crypto/kerberosIV/lib/roken/hstrerror.c
+++ b/crypto/kerberosIV/lib/roken/hstrerror.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: hstrerror.c,v 1.20.2.1 1999/07/22 03:20:06 assar Exp $");
+RCSID("$Id: hstrerror.c,v 1.22 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #ifndef HAVE_HSTRERROR
diff --git a/crypto/kerberosIV/lib/roken/inaddr2str.c b/crypto/kerberosIV/lib/roken/inaddr2str.c
index a676bca..5a1ab56 100644
--- a/crypto/kerberosIV/lib/roken/inaddr2str.c
+++ b/crypto/kerberosIV/lib/roken/inaddr2str.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: inaddr2str.c,v 1.10 1998/07/13 13:59:46 assar Exp $");
+RCSID("$Id: inaddr2str.c,v 1.12 1999/12/02 16:58:46 joda Exp $");
 #endif
 
 #include <stdlib.h>
@@ -86,10 +81,10 @@ inaddr2str(struct in_addr addr, char *s, size_t len)
 	  *p;
 	  ++p)
 	if (memcmp (*p, &addr, sizeof(addr)) == 0) {
-	  strcpy_truncate (s, h->h_name, len);
+	  strlcpy (s, h->h_name, len);
 	  return;
 	}
   }
-  strcpy_truncate (s, inet_ntoa (addr), len);
+  strlcpy (s, inet_ntoa (addr), len);
   return;
 }
diff --git a/crypto/kerberosIV/lib/roken/inet_aton.c b/crypto/kerberosIV/lib/roken/inet_aton.c
index 65687c7..755e426 100644
--- a/crypto/kerberosIV/lib/roken/inet_aton.c
+++ b/crypto/kerberosIV/lib/roken/inet_aton.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: inet_aton.c,v 1.11 1997/09/29 14:00:28 assar Exp $");
+RCSID("$Id: inet_aton.c,v 1.12 1999/12/02 16:58:47 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/inet_ntop.c b/crypto/kerberosIV/lib/roken/inet_ntop.c
new file mode 100644
index 0000000..f79a35e
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/inet_ntop.c
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: inet_ntop.c,v 1.3 1999/12/02 16:58:47 joda Exp $");
+#endif
+
+#include <errno.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_NETINET6_IN6_H
+#include <netinet6/in6.h>
+#endif
+
+#include <roken.h>
+
+/*
+ *
+ */
+
+static const char *
+inet_ntop_v4 (const void *src, char *dst, size_t size)
+{
+    const char digits[] = "0123456789";
+    int i;
+    struct in_addr *addr = (struct in_addr *)src;
+    u_long a = ntohl(addr->s_addr);
+    const char *orig_dst = dst;
+
+    if (size < INET_ADDRSTRLEN) {
+	errno = ENOSPC;
+	return NULL;
+    }
+    for (i = 0; i < 4; ++i) {
+	int n = (a >> (24 - i * 8)) & 0xFF;
+	int non_zerop = 0;
+
+	if (non_zerop || n / 100 > 0) {
+	    *dst++ = digits[n / 100];
+	    n %= 100;
+	    non_zerop = 1;
+	}
+	if (non_zerop || n / 10 > 0) {
+	    *dst++ = digits[n / 10];
+	    n %= 10;
+	    non_zerop = 1;
+	}
+	*dst++ = digits[n];
+	if (i != 3)
+	    *dst++ = '.';
+    }
+    *dst++ = '\0';
+    return orig_dst;
+}
+
+#ifdef HAVE_IPV6
+static const char *
+inet_ntop_v6 (const void *src, char *dst, size_t size)
+{
+    const char xdigits[] = "0123456789abcdef";
+    int i;
+    const struct in6_addr *addr = (struct in6_addr *)src;
+    const u_char *ptr = addr->s6_addr;
+    const char *orig_dst = dst;
+
+    if (size < INET6_ADDRSTRLEN) {
+	errno = ENOSPC;
+	return NULL;
+    }
+    for (i = 0; i < 8; ++i) {
+	int non_zerop = 1;
+
+	if (non_zerop || (ptr[0] >> 4)) {
+	    *dst++ = xdigits[ptr[0] >> 4];
+	    non_zerop = 1;
+	}
+	if (non_zerop || (ptr[0] & 0x0F)) {
+	    *dst++ = xdigits[ptr[0] & 0x0F];
+	    non_zerop = 1;
+	}
+	if (non_zerop || (ptr[1] >> 4)) {
+	    *dst++ = xdigits[ptr[1] >> 4];
+	    non_zerop = 1;
+	}
+	if (non_zerop || (ptr[1] & 0x0F)) {
+	    *dst++ = xdigits[ptr[1] & 0x0F];
+	    non_zerop = 1;
+	}
+	if (i != 7)
+	    *dst++ = ':';
+	ptr += 2;
+    }
+    *dst++ = '\0';
+    return orig_dst;
+}
+#endif /* HAVE_IPV6 */
+
+const char *
+inet_ntop(int af, const void *src, char *dst, size_t size)
+{
+    switch (af) {
+    case AF_INET :
+	return inet_ntop_v4 (src, dst, size);
+#ifdef HAVE_IPV6
+    case AF_INET6 :
+	return inet_ntop_v6 (src, dst, size);
+#endif
+    default :
+	errno = EAFNOSUPPORT;
+	return NULL;
+    }
+}
diff --git a/crypto/kerberosIV/lib/roken/inet_pton.c b/crypto/kerberosIV/lib/roken/inet_pton.c
new file mode 100644
index 0000000..9b195c2
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/inet_pton.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: inet_pton.c,v 1.2 1999/12/02 16:58:47 joda Exp $");
+#endif
+
+#include <errno.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_NETINET6_IN6_H
+#include <netinet6/in6.h>
+#endif
+
+#include <roken.h>
+
+int
+inet_pton(int af, const char *src, void *dst)
+{
+    if (af != AF_INET) {
+	errno = EAFNOSUPPORT;
+	return -1;
+    }
+    return inet_aton (src, dst);
+}
diff --git a/crypto/kerberosIV/lib/roken/initgroups.c b/crypto/kerberosIV/lib/roken/initgroups.c
index a68aa63..dcf1d08 100644
--- a/crypto/kerberosIV/lib/roken/initgroups.c
+++ b/crypto/kerberosIV/lib/roken/initgroups.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: initgroups.c,v 1.2 1997/04/01 08:19:03 joda Exp $");
+RCSID("$Id: initgroups.c,v 1.3 1999/12/02 16:58:47 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/iruserok.c b/crypto/kerberosIV/lib/roken/iruserok.c
index 63eaccf..7cac29f 100644
--- a/crypto/kerberosIV/lib/roken/iruserok.c
+++ b/crypto/kerberosIV/lib/roken/iruserok.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: iruserok.c,v 1.21 1999/03/11 14:04:15 joda Exp $");
+RCSID("$Id: iruserok.c,v 1.22 1999/09/16 20:06:06 assar Exp $");
 #endif
 
 #include <stdio.h>
@@ -123,7 +123,7 @@ __ivaliduser(FILE *hostf, unsigned raddr, const char *luser,
 				sizeof(u_long),
 				AF_INET)) == NULL)
 		return (-1);
-	strcpy_truncate(hname, hp->h_name, sizeof(hname));
+	strlcpy(hname, hp->h_name, sizeof(hname));
 
 	while (fgets(buf, sizeof(buf), hostf)) {
 		p = buf;
diff --git a/crypto/kerberosIV/lib/roken/issuid.c b/crypto/kerberosIV/lib/roken/issuid.c
index 9b84621..af2aae5 100644
--- a/crypto/kerberosIV/lib/roken/issuid.c
+++ b/crypto/kerberosIV/lib/roken/issuid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: issuid.c,v 1.2 1998/05/09 17:35:47 joda Exp $");
+RCSID("$Id: issuid.c,v 1.3 1999/12/02 16:58:47 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/k_getpwnam.c b/crypto/kerberosIV/lib/roken/k_getpwnam.c
index b11be41..40681cd 100644
--- a/crypto/kerberosIV/lib/roken/k_getpwnam.c
+++ b/crypto/kerberosIV/lib/roken/k_getpwnam.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: k_getpwnam.c,v 1.7 1998/11/22 09:23:18 assar Exp $");
+RCSID("$Id: k_getpwnam.c,v 1.9 1999/12/02 16:58:47 joda Exp $");
 #endif /* HAVE_CONFIG_H */
 
 #include "roken.h"
@@ -47,7 +42,7 @@ RCSID("$Id: k_getpwnam.c,v 1.7 1998/11/22 09:23:18 assar Exp $");
 #endif
 
 struct passwd *
-k_getpwnam (char *user)
+k_getpwnam (const char *user)
 {
      struct passwd *p;
 
diff --git a/crypto/kerberosIV/lib/roken/k_getpwuid.c b/crypto/kerberosIV/lib/roken/k_getpwuid.c
index 76f7f85..1e2ca54 100644
--- a/crypto/kerberosIV/lib/roken/k_getpwuid.c
+++ b/crypto/kerberosIV/lib/roken/k_getpwuid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: k_getpwuid.c,v 1.7 1998/11/22 09:23:04 assar Exp $");
+RCSID("$Id: k_getpwuid.c,v 1.9 1999/12/02 16:58:47 joda Exp $");
 #endif /* HAVE_CONFIG_H */
 
 #include "roken.h"
@@ -52,12 +47,12 @@ k_getpwuid (uid_t uid)
      struct passwd *p;
 
      p = getpwuid (uid);
-#if defined(HAVE_GETSPUID) && defined(HAVE_STRUCT_SPWD)
+#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD)
      if (p)
      {
 	  struct spwd *spwd;
 
-	  spwd = getspuid (uid);
+	  spwd = getspnam (p->pw_name);
 	  if (spwd)
 	       p->pw_passwd = spwd->sp_pwdp;
 	  endspent ();
diff --git a/crypto/kerberosIV/lib/roken/lstat.c b/crypto/kerberosIV/lib/roken/lstat.c
index 881ad9a..2f03e19 100644
--- a/crypto/kerberosIV/lib/roken/lstat.c
+++ b/crypto/kerberosIV/lib/roken/lstat.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: lstat.c,v 1.3 1997/04/01 08:19:04 joda Exp $");
+RCSID("$Id: lstat.c,v 1.4 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/make-print-version.c b/crypto/kerberosIV/lib/roken/make-print-version.c
index ef39372..d08e023 100644
--- a/crypto/kerberosIV/lib/roken/make-print-version.c
+++ b/crypto/kerberosIV/lib/roken/make-print-version.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: make-print-version.c,v 1.1 1998/05/11 20:38:06 joda Exp $");
+RCSID("$Id: make-print-version.c,v 1.2 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <stdio.h>
diff --git a/crypto/kerberosIV/lib/roken/memmove.c b/crypto/kerberosIV/lib/roken/memmove.c
index e3f7d5a..b77d56a 100644
--- a/crypto/kerberosIV/lib/roken/memmove.c
+++ b/crypto/kerberosIV/lib/roken/memmove.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: memmove.c,v 1.6 1997/07/11 20:20:30 assar Exp $");
+RCSID("$Id: memmove.c,v 1.7 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 /* 
diff --git a/crypto/kerberosIV/lib/roken/mini_inetd.c b/crypto/kerberosIV/lib/roken/mini_inetd.c
index 75169d3..a0c6333 100644
--- a/crypto/kerberosIV/lib/roken/mini_inetd.c
+++ b/crypto/kerberosIV/lib/roken/mini_inetd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden).
  * All rights reserved.
  * 
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: mini_inetd.c,v 1.13 1998/02/05 22:54:33 assar Exp $");
+RCSID("$Id: mini_inetd.c,v 1.18 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <stdio.h>
@@ -49,6 +44,9 @@ RCSID("$Id: mini_inetd.c,v 1.13 1998/02/05 22:54:33 assar Exp $");
 #ifdef HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
 #ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
 #endif
@@ -65,32 +63,23 @@ RCSID("$Id: mini_inetd.c,v 1.13 1998/02/05 22:54:33 assar Exp $");
 
 #include <roken.h>
 
-void
-mini_inetd (int port)
+static int
+listen_v4 (int port)
 {
      struct sockaddr_in sa;
      int s;
-     int s2;
 
      s = socket(AF_INET, SOCK_STREAM, 0);
      if(s < 0) {
+	 if (errno == ENOSYS)
+	     return -1;
 	  perror("socket");
 	  exit(1);
      }
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-     {
-	 int one = 1;
-
-	 if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&one,
-		       sizeof(one)) < 0){
-	     perror("setsockopt");
-	     exit(1);
-	 }
-     }
-#endif
+     socket_set_reuseaddr (s, 1);
      memset(&sa, 0, sizeof(sa));
-     sa.sin_family = AF_INET;
-     sa.sin_port = port;
+     sa.sin_family      = AF_INET;
+     sa.sin_port        = port;
      sa.sin_addr.s_addr = INADDR_ANY;
      if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){
 	  perror("bind");
@@ -100,14 +89,106 @@ mini_inetd (int port)
 	  perror("listen");
 	  exit(1);
      }
-     s2 = accept(s, NULL, 0);
-     if(s2 < 0){
-	  perror("accept");
+     return s;
+}
+
+#ifdef HAVE_IPV6
+static int
+listen_v6 (int port)
+{
+     struct sockaddr_in6 sa;
+     int s;
+
+     s = socket(AF_INET6, SOCK_STREAM, 0);
+     if(s < 0) {
+	 if (errno == ENOSYS)
+	     return -1;
+	 perror("socket");
+	 exit(1);
+     }
+     socket_set_reuseaddr (s, 1);
+     memset(&sa, 0, sizeof(sa));
+     sa.sin6_family = AF_INET6;
+     sa.sin6_port   = port;
+     sa.sin6_addr   = in6addr_any;
+     if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){
+	  perror("bind");
+	  exit(1);
+     }
+     if(listen(s, SOMAXCONN) < 0){
+	  perror("listen");
 	  exit(1);
      }
-     close(s);
-     dup2(s2, STDIN_FILENO);
-     dup2(s2, STDOUT_FILENO);
-     /* dup2(s2, STDERR_FILENO); */
-     close(s2);
+     return s;
+}
+#endif /* HAVE_IPV6 */
+
+/*
+ * accept a connection on `s' and pretend it's served by inetd.
+ */
+
+static void
+accept_it (int s)
+{
+    int s2;
+
+    s2 = accept(s, NULL, 0);
+    if(s2 < 0){
+	perror("accept");
+	exit(1);
+    }
+    close(s);
+    dup2(s2, STDIN_FILENO);
+    dup2(s2, STDOUT_FILENO);
+    /* dup2(s2, STDERR_FILENO); */
+    close(s2);
+}
+
+/*
+ * Listen on `port' emulating inetd.
+ */
+
+void
+mini_inetd (int port)
+{
+    int ret;
+    int max_fd = -1;
+    int sock_v4 = -1;
+    int sock_v6 = -1;
+    fd_set orig_read_set, read_set;
+
+    FD_ZERO(&orig_read_set);
+
+    sock_v4 = listen_v4 (port);
+    if (sock_v4 >= 0) {
+	max_fd  = max(max_fd, sock_v4);
+	FD_SET(sock_v4, &orig_read_set);
+    }
+#ifdef HAVE_IPV6
+    sock_v6 = listen_v6 (port);
+    if (sock_v6 >= 0) {
+	max_fd  = max(max_fd, sock_v6);
+	FD_SET(sock_v6, &orig_read_set);
+    }
+#endif    
+
+    do {
+	read_set = orig_read_set;
+
+	ret = select (max_fd + 1, &read_set, NULL, NULL, NULL);
+	if (ret < 0 && ret != EINTR) {
+	    perror ("select");
+	    exit (1);
+	}
+    } while (ret <= 0);
+
+    if (sock_v4 > 0 && FD_ISSET (sock_v4, &read_set)) {
+	accept_it (sock_v4);
+	return;
+    }
+    if (sock_v6 > 0 && FD_ISSET (sock_v6, &read_set)) {
+	accept_it (sock_v6);
+	return;
+    }
+    abort ();
 }
diff --git a/crypto/kerberosIV/lib/roken/mkstemp.c b/crypto/kerberosIV/lib/roken/mkstemp.c
index e55398a..350f4cb 100644
--- a/crypto/kerberosIV/lib/roken/mkstemp.c
+++ b/crypto/kerberosIV/lib/roken/mkstemp.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -49,7 +44,7 @@
 #endif
 #include <errno.h>
 
-RCSID("$Id: mkstemp.c,v 1.2 1997/05/25 02:36:43 joda Exp $");
+RCSID("$Id: mkstemp.c,v 1.3 1999/12/02 16:58:51 joda Exp $");
 
 #ifndef HAVE_MKSTEMP
 
diff --git a/crypto/kerberosIV/lib/roken/net_read.c b/crypto/kerberosIV/lib/roken/net_read.c
index 2d47d96..6d45bfa 100644
--- a/crypto/kerberosIV/lib/roken/net_read.c
+++ b/crypto/kerberosIV/lib/roken/net_read.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: net_read.c,v 1.2 1998/11/22 09:45:16 assar Exp $");
+RCSID("$Id: net_read.c,v 1.3 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <sys/types.h>
diff --git a/crypto/kerberosIV/lib/roken/net_write.c b/crypto/kerberosIV/lib/roken/net_write.c
index 35c2d73..2f63dbe 100644
--- a/crypto/kerberosIV/lib/roken/net_write.c
+++ b/crypto/kerberosIV/lib/roken/net_write.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: net_write.c,v 1.2 1998/11/22 09:45:21 assar Exp $");
+RCSID("$Id: net_write.c,v 1.4 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <sys/types.h>
@@ -54,7 +49,7 @@ RCSID("$Id: net_write.c,v 1.2 1998/11/22 09:45:21 assar Exp $");
 ssize_t
 net_write (int fd, const void *buf, size_t nbytes)
 {
-    const char *cbuf = (char *)buf;
+    const char *cbuf = (const char *)buf;
     ssize_t count;
     size_t rem = nbytes;
 
diff --git a/crypto/kerberosIV/lib/roken/parse_bytes-test.c b/crypto/kerberosIV/lib/roken/parse_bytes-test.c
new file mode 100644
index 0000000..499d942
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/parse_bytes-test.c
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: parse_bytes-test.c,v 1.2 1999/12/02 16:58:51 joda Exp $");
+#endif
+
+#include "roken.h"
+#include "parse_bytes.h"
+
+static struct testcase {
+    int canonicalp;
+    int val;
+    const char *def_unit;
+    const char *str;
+} tests[] = {
+    {0, 0, NULL, "0 bytes"},
+    {1, 0, NULL, "0"},
+    {0, 1, NULL, "1"},
+    {1, 1, NULL, "1 byte"},
+    {0, 0, "kilobyte", "0"},
+    {0, 1024, "kilobyte", "1"},
+    {1, 1024, "kilobyte", "1 kilobyte"},
+    {1, 1024 * 1024, NULL, "1 megabyte"},
+    {0, 1025, NULL, "1 kilobyte 1"},
+    {1, 1025, NULL, "1 kilobyte 1 byte"},
+};
+
+int
+main(int argc, char **argv)
+{
+    int i;
+    int ret = 0;
+
+    for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) {
+	char buf[256];
+	int val = parse_bytes (tests[i].str, tests[i].def_unit);
+	size_t len;
+
+	if (val != tests[i].val) {
+	    printf ("parse_bytes (%s, %s) = %d != %d\n",
+		    tests[i].str,
+		    tests[i].def_unit ? tests[i].def_unit : "none",
+		    val, tests[i].val);
+	    ++ret;
+	}
+	if (tests[i].canonicalp) {
+	    len = unparse_bytes (tests[i].val, buf, sizeof(buf));
+	    if (strcmp (tests[i].str, buf) != 0) {
+		printf ("unparse_bytes (%d) = \"%s\" != \"%s\"\n",
+			tests[i].val, buf, tests[i].str);
+		++ret;
+	    }
+	}    
+    }
+    if (ret) {
+	printf ("%d errors\n", ret);
+	return 1;
+    } else
+	return 0;
+}
diff --git a/crypto/kerberosIV/lib/roken/parse_bytes.c b/crypto/kerberosIV/lib/roken/parse_bytes.c
new file mode 100644
index 0000000..f3c514f
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/parse_bytes.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: parse_bytes.c,v 1.2 1999/12/02 16:58:51 joda Exp $");
+#endif
+
+#include <parse_units.h>
+#include "parse_bytes.h"
+
+static units bytes_units[] = {
+    { "gigabyte", 1024 * 1024 * 1024 },
+    { "gbyte", 1024 * 1024 * 1024 },
+    { "GB", 1024 * 1024 * 1024 },
+    { "megabyte", 1024 * 1024 },
+    { "mbyte", 1024 * 1024 },
+    { "MB", 1024 * 1024 },
+    { "kilobyte", 1024 },
+    { "KB", 1024 },
+    { "byte", 1 },
+    { NULL, 0 }
+};
+
+static units bytes_short_units[] = {
+    { "GB", 1024 * 1024 * 1024 },
+    { "MB", 1024 * 1024 },
+    { "KB", 1024 },
+    { NULL, 0 }
+};
+
+int
+parse_bytes (const char *s, const char *def_unit)
+{
+    return parse_units (s, bytes_units, def_unit);
+}
+
+size_t
+unparse_bytes (int t, char *s, size_t len)
+{
+    return unparse_units (t, bytes_units, s, len);
+}
+
+size_t
+unparse_bytes_short (int t, char *s, size_t len)
+{
+    return unparse_units_approx (t, bytes_short_units, s, len);
+}
diff --git a/crypto/kerberosIV/lib/roken/parse_bytes.h b/crypto/kerberosIV/lib/roken/parse_bytes.h
new file mode 100644
index 0000000..8116c1c
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/parse_bytes.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/* $Id: parse_bytes.h,v 1.2 1999/12/02 16:58:51 joda Exp $ */
+
+#ifndef __PARSE_BYTES_H__
+#define __PARSE_BYTES_H__
+
+int
+parse_bytes (const char *s, const char *def_unit);
+
+size_t
+unparse_bytes (int t, char *s, size_t len);
+
+size_t
+unparse_bytes_short (int t, char *s, size_t len);
+
+#endif /* __PARSE_BYTES_H__ */
diff --git a/crypto/kerberosIV/lib/roken/parse_time.c b/crypto/kerberosIV/lib/roken/parse_time.c
index 8428251..a09ded7 100644
--- a/crypto/kerberosIV/lib/roken/parse_time.c
+++ b/crypto/kerberosIV/lib/roken/parse_time.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: parse_time.c,v 1.4 1998/02/20 07:51:44 assar Exp $");
+RCSID("$Id: parse_time.c,v 1.5 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <parse_units.h>
diff --git a/crypto/kerberosIV/lib/roken/parse_time.h b/crypto/kerberosIV/lib/roken/parse_time.h
index d05d37e..55de505 100644
--- a/crypto/kerberosIV/lib/roken/parse_time.h
+++ b/crypto/kerberosIV/lib/roken/parse_time.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: parse_time.h,v 1.3 1998/02/20 07:51:55 assar Exp $ */
+/* $Id: parse_time.h,v 1.4 1999/12/02 16:58:51 joda Exp $ */
 
 #ifndef __PARSE_TIME_H__
 #define __PARSE_TIME_H__
diff --git a/crypto/kerberosIV/lib/roken/parse_units.c b/crypto/kerberosIV/lib/roken/parse_units.c
index 7dafa77..34c5030 100644
--- a/crypto/kerberosIV/lib/roken/parse_units.c
+++ b/crypto/kerberosIV/lib/roken/parse_units.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: parse_units.c,v 1.10 1999/06/23 12:41:35 assar Exp $");
+RCSID("$Id: parse_units.c,v 1.12 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <stdio.h>
@@ -83,6 +78,7 @@ parse_something (const char *s, const struct units *units,
 	const struct units *u, *partial_unit;
 	size_t u_len;
 	unsigned partial;
+	int no_val_p = 0;
 
 	while(isspace((unsigned char)*p) || *p == ',')
 	    ++p;
@@ -91,6 +87,7 @@ parse_something (const char *s, const struct units *units,
 	if (val == 0 && p == next) {
 	    if(!accept_no_val_p)
 		return -1;
+	    no_val_p = 1;
 	}
 	p = next;
 	while (isspace((unsigned char)*p))
@@ -107,7 +104,7 @@ parse_something (const char *s, const struct units *units,
 	    ++p;
 	    val = -1;
 	}
-	if (val == 0)
+	if (no_val_p && val == 0)
 	    val = 1;
 	u_len = strcspn (p, ", \t");
 	partial = 0;
diff --git a/crypto/kerberosIV/lib/roken/parse_units.h b/crypto/kerberosIV/lib/roken/parse_units.h
index e3c0341..f159d30 100644
--- a/crypto/kerberosIV/lib/roken/parse_units.h
+++ b/crypto/kerberosIV/lib/roken/parse_units.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: parse_units.h,v 1.5 1998/02/20 07:51:18 assar Exp $ */
+/* $Id: parse_units.h,v 1.6 1999/12/02 16:58:51 joda Exp $ */
 
 #ifndef __PARSE_UNITS_H__
 #define __PARSE_UNITS_H__
diff --git a/crypto/kerberosIV/lib/roken/print_version.c b/crypto/kerberosIV/lib/roken/print_version.c
index 00e612f..809bbb3 100644
--- a/crypto/kerberosIV/lib/roken/print_version.c
+++ b/crypto/kerberosIV/lib/roken/print_version.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: print_version.c,v 1.4 1999/02/20 14:48:43 joda Exp $");
+RCSID("$Id: print_version.c,v 1.5 1999/12/02 16:58:51 joda Exp $");
 #endif
 #include "roken.h"
 
diff --git a/crypto/kerberosIV/lib/roken/putenv.c b/crypto/kerberosIV/lib/roken/putenv.c
index 20d5a10..80951d1 100644
--- a/crypto/kerberosIV/lib/roken/putenv.c
+++ b/crypto/kerberosIV/lib/roken/putenv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: putenv.c,v 1.5 1997/04/01 08:19:06 joda Exp $");
+RCSID("$Id: putenv.c,v 1.6 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/rcmd.c b/crypto/kerberosIV/lib/roken/rcmd.c
index 6064d50..4117948 100644
--- a/crypto/kerberosIV/lib/roken/rcmd.c
+++ b/crypto/kerberosIV/lib/roken/rcmd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: rcmd.c,v 1.2 1997/04/01 08:19:06 joda Exp $");
+RCSID("$Id: rcmd.c,v 1.3 1999/12/02 16:58:51 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/readv.c b/crypto/kerberosIV/lib/roken/readv.c
index aee8441..de2f9ea 100644
--- a/crypto/kerberosIV/lib/roken/readv.c
+++ b/crypto/kerberosIV/lib/roken/readv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: readv.c,v 1.4 1999/07/06 04:01:06 assar Exp $");
+RCSID("$Id: readv.c,v 1.5 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/recvmsg.c b/crypto/kerberosIV/lib/roken/recvmsg.c
index cf1fed7..e94ad68 100644
--- a/crypto/kerberosIV/lib/roken/recvmsg.c
+++ b/crypto/kerberosIV/lib/roken/recvmsg.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: recvmsg.c,v 1.4 1999/07/03 02:35:48 assar Exp $");
+RCSID("$Id: recvmsg.c,v 1.5 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/resolve.c b/crypto/kerberosIV/lib/roken/resolve.c
index d7c2218..8840740 100644
--- a/crypto/kerberosIV/lib/roken/resolve.c
+++ b/crypto/kerberosIV/lib/roken/resolve.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -48,7 +43,7 @@
 #endif
 #include "resolve.h"
 
-RCSID("$Id: resolve.c,v 1.21 1999/07/03 02:36:26 assar Exp $");
+RCSID("$Id: resolve.c,v 1.22 1999/12/02 16:58:52 joda Exp $");
 
 #if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
 
diff --git a/crypto/kerberosIV/lib/roken/resolve.h b/crypto/kerberosIV/lib/roken/resolve.h
index a77827f..c90f6b5 100644
--- a/crypto/kerberosIV/lib/roken/resolve.h
+++ b/crypto/kerberosIV/lib/roken/resolve.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: resolve.h,v 1.7 1998/11/26 16:09:41 joda Exp $ */
+/* $Id: resolve.h,v 1.8 1999/12/02 16:58:52 joda Exp $ */
 
 #ifndef __RESOLVE_H__
 #define __RESOLVE_H__
diff --git a/crypto/kerberosIV/lib/roken/roken-common.h b/crypto/kerberosIV/lib/roken/roken-common.h
index 53003a9..0bb648b 100644
--- a/crypto/kerberosIV/lib/roken/roken-common.h
+++ b/crypto/kerberosIV/lib/roken/roken-common.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: roken-common.h,v 1.13 1999/03/20 02:46:16 assar Exp $ */
+/* $Id: roken-common.h,v 1.19 1999/12/02 16:58:52 joda Exp $ */
 
 #ifndef __ROKEN_COMMON_H__
 #define __ROKEN_COMMON_H__
@@ -121,6 +116,87 @@
 #define SIG_ERR ((RETSIGTYPE (*)())-1)
 #endif
 
+#ifndef HOST_NOT_FOUND
+#define HOST_NOT_FOUND 1
+#endif
+
+#ifndef TRY_AGAIN
+#define TRY_AGAIN 2
+#endif
+
+#ifndef NO_RECOVERY
+#define NO_RECOVERY 3
+#endif
+
+#ifndef NO_DATA
+#define NO_DATA 4
+#endif
+
+#ifndef NO_ADDRESS
+#define NO_ADDRESS NO_DATA
+#endif
+
+#if 0
+
+struct addrinfo {
+    int    ai_flags;
+    int    ai_family;
+    int    ai_socktype;
+    int    ai_protocol;
+    size_t ai_addrlen;
+    char  *ai_canonname;
+    struct sockaddr *ai_addr;
+    struct addrinfo *ai_next;
+};
+
+#define EAI_ADDRFAMILY	1	/* address family for nodename not supported */
+#define EAI_AGAIN	2	/* temporary failure in name resolution */
+#define EAI_BADFLAGS	3	/* invalid value for ai_flags */
+#define EAI_FAIL	4	/* non-recoverable failure in name resolution */
+#define EAI_FAMILY	5	/* ai_family not supported */
+#define EAI_MEMORY	6	/* memory allocation failure */
+#define EAI_NODATA	7	/* no address associated with nodename */
+#define EAI_NONAME	8	/* nodename nor servname provided, or not known */
+#define EAI_SERVICE	9	/* servname not supported for ai_socktype */
+#define EAI_SOCKTYPE   10	/* ai_socktype not supported */
+#define EAI_SYSTEM     11	/* system error returned in errno */
+
+/* flags for getaddrinfo() */
+
+#define AI_PASSIVE	0x01
+#define AI_CANONNAME	0x02
+#define AI_NUMERICHOST	0x04
+
+#endif
+
+/*
+ * constants for inet_ntop
+ */
+
+#ifndef INET_ADDRSTRLEN
+#define INET_ADDRSTRLEN    16
+#endif
+
+#ifndef INET6_ADDRSTRLEN
+#define INET6_ADDRSTRLEN   46
+#endif
+
+/*
+ * for shutdown(2)
+ */
+
+#ifndef SHUT_RD
+#define SHUT_RD 0
+#endif
+
+#ifndef SHUT_WR
+#define SHUT_WR 1
+#endif
+
+#ifndef SHUT_RDWR
+#define SHUT_RDWR 2
+#endif
+
 #ifndef HAVE___ATTRIBUTE__
 #define __attribute__(x)
 #endif
@@ -132,8 +208,10 @@ SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
 #endif
 #endif
 
+int ROKEN_LIB_FUNCTION simple_execve(const char*, char*const[], char*const[]);
 int ROKEN_LIB_FUNCTION simple_execvp(const char*, char *const[]);
 int ROKEN_LIB_FUNCTION simple_execlp(const char*, ...);
+int ROKEN_LIB_FUNCTION simple_execle(const char*, ...);
 
 void ROKEN_LIB_FUNCTION print_version(const char *);
 
@@ -144,4 +222,34 @@ char *ROKEN_LIB_FUNCTION estrdup (const char *);
 ssize_t ROKEN_LIB_FUNCTION eread (int fd, void *buf, size_t nbytes);
 ssize_t ROKEN_LIB_FUNCTION ewrite (int fd, const void *buf, size_t nbytes);
 
+void
+socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port);
+
+size_t
+socket_addr_size (const struct sockaddr *sa);
+
+void
+socket_set_any (struct sockaddr *sa, int af);
+
+size_t
+socket_sockaddr_size (const struct sockaddr *sa);
+
+void *
+socket_get_address (struct sockaddr *sa);
+
+int
+socket_get_port (const struct sockaddr *sa);
+
+void
+socket_set_port (struct sockaddr *sa, int port);
+
+void
+socket_set_debug (int sock);
+
+void
+socket_set_tos (int sock, int tos);
+
+void
+socket_set_reuseaddr (int sock, int val);
+
 #endif /* __ROKEN_COMMON_H__ */
diff --git a/crypto/kerberosIV/lib/roken/roken.awk b/crypto/kerberosIV/lib/roken/roken.awk
index c9ecab3..626fae5 100644
--- a/crypto/kerberosIV/lib/roken/roken.awk
+++ b/crypto/kerberosIV/lib/roken/roken.awk
@@ -18,7 +18,7 @@ END {
 	print "}"
 }
 
-$1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "\#elif" || $1 == "\#endif" {
+$1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "\#elif" || $1 == "\#endif" || $1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#elif" || $1 == "#endif" {
 	print $0;
 	next
 }
diff --git a/crypto/kerberosIV/lib/roken/roken.h.in b/crypto/kerberosIV/lib/roken/roken.h.in
index b86da81..65263ba 100644
--- a/crypto/kerberosIV/lib/roken/roken.h.in
+++ b/crypto/kerberosIV/lib/roken/roken.h.in
@@ -15,12 +15,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -37,7 +32,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: roken.h.in,v 1.113.2.1 1999/07/22 03:20:59 assar Exp $ */
+/* $Id: roken.h.in,v 1.125 1999/12/02 16:58:52 joda Exp $ */
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -74,6 +69,9 @@
 #ifdef HAVE_NETINET6_IN6_H
 #include <netinet6/in6.h>
 #endif
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
 #ifdef HAVE_SYSLOG_H
 #include <syslog.h>
 #endif
@@ -211,12 +209,12 @@ char *strtok_r(char *s1, const char *s2, char **lasts);
 char * strupr(char *);
 #endif
 
-#ifndef HAVE_STRCPY_TRUNCATE
-int strcpy_truncate (char *dst, const char *src, size_t dst_sz);
+#ifndef HAVE_STRLCPY
+size_t strlcpy (char *dst, const char *src, size_t dst_sz);
 #endif
 
-#ifndef HAVE_STRCAT_TRUNCATE
-int strcat_truncate (char *dst, const char *src, size_t dst_sz);
+#ifndef HAVE_STRLCAT
+size_t strlcat (char *dst, const char *src, size_t dst_sz);
 #endif
 
 #ifndef HAVE_GETDTABLESIZE
@@ -242,13 +240,23 @@ extern int h_errno;
 int inet_aton(const char *cp, struct in_addr *adr);
 #endif
 
+#ifndef HAVE_INET_NTOP
+const char *
+inet_ntop(int af, const void *src, char *dst, size_t size);
+#endif
+
+#ifndef HAVE_INET_PTON
+int
+inet_pton(int af, const char *src, void *dst);
+#endif
+
 #if !defined(HAVE_GETCWD)
 char* getcwd(char *path, size_t size);
 #endif
 
 #ifdef HAVE_PWD_H
 #include <pwd.h>
-struct passwd *k_getpwnam (char *user);
+struct passwd *k_getpwnam (const char *user);
 struct passwd *k_getpwuid (uid_t uid);
 #endif
 
@@ -270,6 +278,11 @@ int lstat(const char *path, struct stat *buf);
 int mkstemp(char *);
 #endif
 
+#ifndef HAVE_CGETENT
+int cgetent(char **buf, char **db_array, const char *name);
+int cgetstr(char *buf, const char *cap, char **str);
+#endif
+
 #ifndef HAVE_INITGROUPS
 int initgroups(const char *name, gid_t basegid);
 #endif
@@ -394,6 +407,63 @@ extern const char *__progname;
 extern char **environ;
 #endif
 
+#ifndef HAVE_GETIPNODEBYNAME
+struct hostent *
+getipnodebyname (const char *name, int af, int flags, int *error_num);
+#endif
+
+#ifndef HAVE_GETIPNODEBYADDR
+struct hostent *
+getipnodebyaddr (const void *src, size_t len, int af, int *error_num);
+#endif
+
+#ifndef HAVE_FREEHOSTENT
+void
+freehostent (struct hostent *h);
+#endif
+
+#ifndef HAVE_COPYHOSTENT
+struct hostent *
+copyhostent (const struct hostent *h);
+#endif
+
+#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
+
+#ifndef HAVE_SA_FAMILY_T
+typedef unsigned short sa_family_t;
+#endif
+
+#if HAVE_STRUCT_SOCKADDR_SA_LEN
+
+struct sockaddr_storage {
+    unsigned char	__ss_len;
+    sa_family_t		__ss_family;
+    char		pad[
+#ifdef HAVE_IPV6
+			    sizeof(struct sockaddr_in6)
+#else
+			    sizeof(struct sockaddr_in)
+#endif
+			   - sizeof(unsigned char) - sizeof(sa_family_t)];
+};
+
+#else
+
+struct sockaddr_storage {
+    sa_family_t		__ss_family;
+    char		pad[
+#ifdef HAVE_IPV6
+			    sizeof(struct sockaddr_in6)
+#else
+			    sizeof(struct sockaddr_in)
+#endif
+			    - sizeof(sa_family_t)];
+};
+
+#endif
+
+#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */
+
 /*
  * kludges and such
  */
diff --git a/crypto/kerberosIV/lib/roken/roken_gethostby.c b/crypto/kerberosIV/lib/roken/roken_gethostby.c
index a671099..8eb2325 100644
--- a/crypto/kerberosIV/lib/roken/roken_gethostby.c
+++ b/crypto/kerberosIV/lib/roken/roken_gethostby.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: roken_gethostby.c,v 1.3 1998/07/24 07:25:27 assar Exp $");
+RCSID("$Id: roken_gethostby.c,v 1.4 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include <roken.h>
diff --git a/crypto/kerberosIV/lib/roken/sendmsg.c b/crypto/kerberosIV/lib/roken/sendmsg.c
index 3f54a3b..7075bf2 100644
--- a/crypto/kerberosIV/lib/roken/sendmsg.c
+++ b/crypto/kerberosIV/lib/roken/sendmsg.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: sendmsg.c,v 1.3 1999/07/03 02:37:15 assar Exp $");
+RCSID("$Id: sendmsg.c,v 1.4 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/setegid.c b/crypto/kerberosIV/lib/roken/setegid.c
index 926261a..2f46fe4 100644
--- a/crypto/kerberosIV/lib/roken/setegid.c
+++ b/crypto/kerberosIV/lib/roken/setegid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: setegid.c,v 1.8 1997/07/11 20:20:32 assar Exp $");
+RCSID("$Id: setegid.c,v 1.9 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #ifdef HAVE_UNISTD_H
diff --git a/crypto/kerberosIV/lib/roken/setenv.c b/crypto/kerberosIV/lib/roken/setenv.c
index c83591f..15b5811 100644
--- a/crypto/kerberosIV/lib/roken/setenv.c
+++ b/crypto/kerberosIV/lib/roken/setenv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: setenv.c,v 1.8 1997/05/02 14:29:32 assar Exp $");
+RCSID("$Id: setenv.c,v 1.9 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/seteuid.c b/crypto/kerberosIV/lib/roken/seteuid.c
index 1f57ba9..ee68ba7 100644
--- a/crypto/kerberosIV/lib/roken/seteuid.c
+++ b/crypto/kerberosIV/lib/roken/seteuid.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: seteuid.c,v 1.9 1997/07/11 20:33:14 assar Exp $");
+RCSID("$Id: seteuid.c,v 1.10 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #ifdef HAVE_UNISTD_H
diff --git a/crypto/kerberosIV/lib/roken/signal.c b/crypto/kerberosIV/lib/roken/signal.c
index a39a194..c26f72f 100644
--- a/crypto/kerberosIV/lib/roken/signal.c
+++ b/crypto/kerberosIV/lib/roken/signal.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: signal.c,v 1.8 1997/04/01 08:19:09 joda Exp $");
+RCSID("$Id: signal.c,v 1.9 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include <signal.h>
diff --git a/crypto/kerberosIV/lib/roken/simple_exec.c b/crypto/kerberosIV/lib/roken/simple_exec.c
index 9e2e699..426f494 100644
--- a/crypto/kerberosIV/lib/roken/simple_exec.c
+++ b/crypto/kerberosIV/lib/roken/simple_exec.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: simple_exec.c,v 1.4 1999/03/20 02:43:16 assar Exp $");
+RCSID("$Id: simple_exec.c,v 1.6 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include <stdarg.h>
@@ -69,6 +64,24 @@ RCSID("$Id: simple_exec.c,v 1.4 1999/03/20 02:43:16 assar Exp $");
    128- is 128 + signal that killed subprocess
    */
 
+static int
+check_status(pid_t pid)
+{
+    while(1) {
+	int status;
+
+	while(waitpid(pid, &status, 0) < 0)
+	    if (errno != EINTR)
+		return -3;
+	if(WIFSTOPPED(status))
+	    continue;
+	if(WIFEXITED(status))
+	    return WEXITSTATUS(status);
+	if(WIFSIGNALED(status))
+	    return WTERMSIG(status) + 128;
+    }
+}
+
 int
 simple_execvp(const char *file, char *const args[])
 {
@@ -80,45 +93,79 @@ simple_execvp(const char *file, char *const args[])
 	execvp(file, args);
 	exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC);
     default: 
-	while(1) {
-	    int status;
-
-	    while(waitpid(pid, &status, 0) < 0)
-		if (errno != EINTR)
-		    return -3;
-	    if(WIFSTOPPED(status))
-		continue;
-	    if(WIFEXITED(status))
-		return WEXITSTATUS(status);
-	    if(WIFSIGNALED(status))
-		return WTERMSIG(status) + 128;
-	}
+	return check_status(pid);
     }
 }
 
+/* gee, I'd like a execvpe */
 int
-simple_execlp(const char *file, ...)
+simple_execve(const char *file, char *const args[], char *const envp[])
 {
-    va_list ap;
-    char **argv = NULL;
-    int argc, i;
+    pid_t pid = fork();
+    switch(pid){
+    case -1:
+	return -2;
+    case 0:
+	execve(file, args, envp);
+	exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC);
+    default: 
+	return check_status(pid);
+    }
+}
 
-    argc = i = 0;
-    va_start(ap, file);
+static char **
+collect_args(va_list *ap)
+{
+    char **argv = NULL;
+    int argc = 0, i = 0;
     do {
 	if(i == argc) {
+	    /* realloc argv */
 	    char **tmp = realloc(argv, (argc + 5) * sizeof(*argv));
 	    if(tmp == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return NULL;
 	    }
 	    argv = tmp;
 	    argc += 5;
 	}
-	argv[i++] = va_arg(ap, char*);
+	argv[i++] = va_arg(*ap, char*);
     } while(argv[i - 1] != NULL);
+    return argv;
+}
+
+int
+simple_execlp(const char *file, ...)
+{
+    va_list ap;
+    char **argv;
+    int ret;
+
+    va_start(ap, file);
+    argv = collect_args(&ap);
+    va_end(ap);
+    if(argv == NULL)
+	return -1;
+    ret = simple_execvp(file, argv);
+    free(argv);
+    return ret;
+}
+
+int
+simple_execle(const char *file, ... /* ,char *const envp[] */)
+{
+    va_list ap;
+    char **argv;
+    char *const* envp;
+    int ret;
+
+    va_start(ap, file);
+    argv = collect_args(&ap);
+    envp = va_arg(ap, char **);
     va_end(ap);
-    i = simple_execvp(file, argv);
+    if(argv == NULL)
+	return -1;
+    ret = simple_execve(file, argv, envp);
     free(argv);
-    return i;
+    return ret;
 }
diff --git a/crypto/kerberosIV/lib/roken/snprintf.c b/crypto/kerberosIV/lib/roken/snprintf.c
index 62f5b10..0333e87 100644
--- a/crypto/kerberosIV/lib/roken/snprintf.c
+++ b/crypto/kerberosIV/lib/roken/snprintf.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: snprintf.c,v 1.19 1999/03/27 16:32:57 joda Exp $");
+RCSID("$Id: snprintf.c,v 1.24 1999/12/02 16:58:52 joda Exp $");
 #endif
 #include <stdio.h>
 #include <stdarg.h>
@@ -125,7 +120,7 @@ as_append_char (struct state *state, unsigned char c)
 
 static int
 append_number(struct state *state,
-	      unsigned long num, unsigned base, unsigned char *rep,
+	      unsigned long num, unsigned base, char *rep,
 	      int width, int prec, int flags, int minusp)
 {
   int len = 0;
@@ -222,7 +217,7 @@ append_string (struct state *state,
   if(prec != -1)
     width -= prec;
   else
-    width -= strlen(arg);
+    width -= strlen((char *)arg);
   if(!(flags & minus_flag))
     while(width-- > 0)
       if((*state->append_char) (state, ' '))
@@ -268,11 +263,11 @@ append_char(struct state *state,
 
 #define PARSE_INT_FORMAT(res, arg, unsig) \
 if (long_flag) \
-     res = va_arg(arg, unsig long); \
+     res = (unsig long)va_arg(arg, unsig long); \
 else if (short_flag) \
-     res = va_arg(arg, unsig short); \
+     res = (unsig short)va_arg(arg, unsig short); \
 else \
-     res = va_arg(arg, unsig int)
+     res = (unsig int)va_arg(arg, unsig int)
 
 /*
  * zyxprintf - return 0 or -1
@@ -435,6 +430,9 @@ xyzprintf (struct state *state, const char *char_format, va_list ap)
 	*arg = state->s - state->str;
 	break;
       }
+      case '\0' :
+	  --format;
+	  /* FALLTHROUGH */
       case '%' :
 	if ((*state->append_char)(state, c))
 	  return -1;
@@ -600,12 +598,13 @@ vsnprintf (char *str, size_t sz, const char *format, va_list args)
 {
   struct state state;
   int ret;
+  unsigned char *ustr = (unsigned char *)str;
 
   state.max_sz = 0;
   state.sz     = sz;
-  state.str    = str;
-  state.s      = str;
-  state.theend = str + sz - 1;
+  state.str    = ustr;
+  state.s      = ustr;
+  state.theend = ustr + sz - 1;
   state.append_char = sn_append_char;
   state.reserve     = sn_reserve;
 
diff --git a/crypto/kerberosIV/lib/roken/socket.c b/crypto/kerberosIV/lib/roken/socket.c
new file mode 100644
index 0000000..6e9c3df
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/socket.c
@@ -0,0 +1,282 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: socket.c,v 1.3 1999/12/02 16:58:52 joda Exp $");
+#endif
+
+#include <string.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#include <roken.h>
+
+#include <err.h>
+
+/*
+ * Set `sa' to the unitialized address of address family `af'
+ */
+
+void
+socket_set_any (struct sockaddr *sa, int af)
+{
+    switch (af) {
+    case AF_INET : {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+
+	memset (sin, 0, sizeof(*sin));
+	sin->sin_family = AF_INET;
+	sin->sin_port   = 0;
+	sin->sin_addr.s_addr = INADDR_ANY;
+	break;
+    }
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
+
+	memset (sin6, 0, sizeof(*sin6));
+	sin6->sin6_family = AF_INET6;
+	sin6->sin6_port   = 0;
+	sin6->sin6_addr   = in6addr_any;
+	break;
+    }
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * set `sa' to (`ptr', `port')
+ */
+
+void
+socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port)
+{
+    switch (sa->sa_family) {
+    case AF_INET : {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+
+	memset (sin, 0, sizeof(*sin));
+	sin->sin_family = AF_INET;
+	sin->sin_port   = port;
+	memcpy (&sin->sin_addr, ptr, sizeof(struct in_addr));
+	break;
+    }
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
+
+	memset (sin6, 0, sizeof(*sin6));
+	sin6->sin6_family = AF_INET6;
+	sin6->sin6_port   = port;
+	memcpy (&sin6->sin6_addr, ptr, sizeof(struct in6_addr));
+	break;
+    }
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Return the size of an address of the type in `sa'
+ */
+
+size_t
+socket_addr_size (const struct sockaddr *sa)
+{
+    switch (sa->sa_family) {
+    case AF_INET :
+	return sizeof(struct in_addr);
+#ifdef HAVE_IPV6
+    case AF_INET6 :
+	return sizeof(struct in6_addr);
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Return the size of a `struct sockaddr' in `sa'.
+ */
+
+size_t
+socket_sockaddr_size (const struct sockaddr *sa)
+{
+    switch (sa->sa_family) {
+    case AF_INET :
+	return sizeof(struct sockaddr_in);
+#ifdef HAVE_IPV6
+    case AF_INET6 :
+	return sizeof(struct sockaddr_in6);
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Return the binary address of `sa'.
+ */
+
+void *
+socket_get_address (struct sockaddr *sa)
+{
+    switch (sa->sa_family) {
+    case AF_INET : {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+	return &sin->sin_addr;
+    }
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
+	return &sin6->sin6_addr;
+    }
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Return the port number from `sa'.
+ */
+
+int
+socket_get_port (const struct sockaddr *sa)
+{
+    switch (sa->sa_family) {
+    case AF_INET : {
+	const struct sockaddr_in *sin = (const struct sockaddr_in *)sa;
+	return sin->sin_port;
+    }
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa;
+	return sin6->sin6_port;
+    }
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Set the port in `sa' to `port'.
+ */
+
+void
+socket_set_port (struct sockaddr *sa, int port)
+{
+    switch (sa->sa_family) {
+    case AF_INET : {
+	struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+	sin->sin_port = port;
+	break;
+    }
+#ifdef HAVE_IPV6
+    case AF_INET6 : {
+	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa;
+	sin6->sin6_port = port;
+	break;
+    }
+#endif
+    default :
+	errx (1, "unknown address family %d", sa->sa_family);
+	break;
+    }
+}
+
+/*
+ * Enable debug on `sock'.
+ */
+
+void
+socket_set_debug (int sock)
+{
+    int on = 1;
+
+#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
+    if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0)
+	warn ("setsockopt SO_DEBUG (ignored)");
+#endif
+}
+
+/*
+ * Set the type-of-service of `sock' to `tos'.
+ */
+
+void
+socket_set_tos (int sock, int tos)
+{
+#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
+    if (setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof (int)) < 0)
+	warn ("setsockopt TOS (ignored)");
+#endif
+}
+
+/*
+ * set the reuse of addresses on `sock' to `val'.
+ */
+
+void
+socket_set_reuseaddr (int sock, int val)
+{
+#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
+    if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val,
+		  sizeof(val)) < 0)
+	err (1, "setsockopt SO_REUSEADDR");
+#endif
+}
diff --git a/crypto/kerberosIV/lib/roken/strcasecmp.c b/crypto/kerberosIV/lib/roken/strcasecmp.c
index 9dee51a..b5e20e7 100644
--- a/crypto/kerberosIV/lib/roken/strcasecmp.c
+++ b/crypto/kerberosIV/lib/roken/strcasecmp.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strcasecmp.c,v 1.8 1998/07/24 06:13:03 assar Exp $");
+RCSID("$Id: strcasecmp.c,v 1.9 1999/12/02 16:58:52 joda Exp $");
 #endif
 
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strdup.c b/crypto/kerberosIV/lib/roken/strdup.c
index b16992f..87fb43e 100644
--- a/crypto/kerberosIV/lib/roken/strdup.c
+++ b/crypto/kerberosIV/lib/roken/strdup.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strdup.c,v 1.9 1997/04/01 08:19:10 joda Exp $");
+RCSID("$Id: strdup.c,v 1.10 1999/12/02 16:58:53 joda Exp $");
 #endif
 #include <stdlib.h>
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strerror.c b/crypto/kerberosIV/lib/roken/strerror.c
index 752ac62..21936d7 100644
--- a/crypto/kerberosIV/lib/roken/strerror.c
+++ b/crypto/kerberosIV/lib/roken/strerror.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strerror.c,v 1.9 1998/06/09 19:25:38 joda Exp $");
+RCSID("$Id: strerror.c,v 1.10 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <stdio.h>
diff --git a/crypto/kerberosIV/lib/roken/strftime.c b/crypto/kerberosIV/lib/roken/strftime.c
index 673d448..b90614b 100644
--- a/crypto/kerberosIV/lib/roken/strftime.c
+++ b/crypto/kerberosIV/lib/roken/strftime.c
@@ -1,301 +1,396 @@
 /*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
  *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
 #endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#define TM_YEAR_BASE	1900	/* from <tzfile.h> */
-#include <string.h>
+#include "roken.h"
+
+RCSID("$Id: strftime.c,v 1.10 1999/11/13 04:18:33 assar Exp $");
 
-static char *afmt[] = {
-	"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat",
+static const char *abb_weekdays[] = {
+    "Sun",
+    "Mon",
+    "Tue",
+    "Wed",
+    "Thu",
+    "Fri",
+    "Sat",
 };
-static char *Afmt[] = {
-	"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday",
-	"Saturday",
+
+static const char *full_weekdays[] = {
+    "Sunday",
+    "Monday",
+    "Tuesday",
+    "Wednesday",
+    "Thursday",
+    "Friday",
+    "Saturday",
 };
-static char *bfmt[] = {
-	"Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep",
-	"Oct", "Nov", "Dec",
+
+static const char *abb_month[] = {
+    "Jan",
+    "Feb",
+    "Mar",
+    "Apr",
+    "May",
+    "Jun",
+    "Jul",
+    "Aug",
+    "Sep",
+    "Oct",
+    "Nov",
+    "Dec"
 };
-static char *Bfmt[] = {
-	"January", "February", "March", "April", "May", "June", "July",
-	"August", "September", "October", "November", "December",
+
+static const char *full_month[] = {
+    "January",
+    "February",
+    "Mars",
+    "April",
+    "May",
+    "June",
+    "July",
+    "August",
+    "September",
+    "October",
+    "November",
+    "December"
 };
 
-static size_t gsize;
-static char *pt;
+static const char *ampm[] = {
+    "AM",
+    "PM"
+};
 
-static int _add (char *);
-static int _conv (int, int, int);
-#ifdef	HAVE_MKTIME
-static int _secs (const struct tm *);
-#endif	/* HAVE_MKTIME */
-static size_t _fmt (const char *, const struct tm *);
+/*
+ * Convert hour in [0, 24] to [12 1 - 11 12 1 - 11 12]
+ */
 
-size_t
-strftime(char *s, size_t maxsize, const char *format, const struct tm *t)
+static int
+hour_24to12 (int hour)
 {
+    int ret = hour % 12;
 
-	pt = s;
-	if ((gsize = maxsize) < 1)
-		return(0);
-	if (_fmt(format, t)) {
-		*pt = '\0';
-		return(maxsize - gsize);
-	}
-	return(0);
+    if (ret == 0)
+	ret = 12;
+    return ret;
 }
 
-static size_t
-_fmt(const char *format, const struct tm *t)
+/*
+ * Return AM or PM for `hour'
+ */
+
+static const char *
+hour_to_ampm (int hour)
 {
-	for (; *format; ++format) {
-		if (*format == '%')
-			switch(*++format) {
-			case '\0':
-				--format;
-				break;
-			case 'A':
-				if (t->tm_wday < 0 || t->tm_wday > 6)
-					return(0);
-				if (!_add(Afmt[t->tm_wday]))
-					return(0);
-				continue;
-			case 'a':
-				if (t->tm_wday < 0 || t->tm_wday > 6)
-					return(0);
-				if (!_add(afmt[t->tm_wday]))
-					return(0);
-				continue;
-			case 'B':
-				if (t->tm_mon < 0 || t->tm_mon > 11)
-					return(0);
-				if (!_add(Bfmt[t->tm_mon]))
-					return(0);
-				continue;
-			case 'b':
-			case 'h':
-				if (t->tm_mon < 0 || t->tm_mon > 11)
-					return(0);
-				if (!_add(bfmt[t->tm_mon]))
-					return(0);
-				continue;
-			case 'C':
-				if (!_fmt("%a %b %e %H:%M:%S %Y", t))
-					return(0);
-				continue;
-			case 'c':
-				if (!_fmt("%m/%d/%y %H:%M:%S", t))
-					return(0);
-				continue;
-			case 'D':
-				if (!_fmt("%m/%d/%y", t))
-					return(0);
-				continue;
-			case 'd':
-				if (!_conv(t->tm_mday, 2, '0'))
-					return(0);
-				continue;
-			case 'e':
-				if (!_conv(t->tm_mday, 2, ' '))
-					return(0);
-				continue;
-			case 'H':
-				if (!_conv(t->tm_hour, 2, '0'))
-					return(0);
-				continue;
-			case 'I':
-				if (!_conv(t->tm_hour % 12 ?
-				    t->tm_hour % 12 : 12, 2, '0'))
-					return(0);
-				continue;
-			case 'j':
-				if (!_conv(t->tm_yday + 1, 3, '0'))
-					return(0);
-				continue;
-			case 'k':
-				if (!_conv(t->tm_hour, 2, ' '))
-					return(0);
-				continue;
-			case 'l':
-				if (!_conv(t->tm_hour % 12 ?
-				    t->tm_hour % 12 : 12, 2, ' '))
-					return(0);
-				continue;
-			case 'M':
-				if (!_conv(t->tm_min, 2, '0'))
-					return(0);
-				continue;
-			case 'm':
-				if (!_conv(t->tm_mon + 1, 2, '0'))
-					return(0);
-				continue;
-			case 'n':
-				if (!_add("\n"))
-					return(0);
-				continue;
-			case 'p':
-				if (!_add(t->tm_hour >= 12 ? "PM" : "AM"))
-					return(0);
-				continue;
-			case 'R':
-				if (!_fmt("%H:%M", t))
-					return(0);
-				continue;
-			case 'r':
-				if (!_fmt("%I:%M:%S %p", t))
-					return(0);
-				continue;
-			case 'S':
-				if (!_conv(t->tm_sec, 2, '0'))
-					return(0);
-				continue;
-#ifdef HAVE_MKTIME
-			case 's':
-				if (!_secs(t))
-					return(0);
-				continue;
-#endif	/* HAVE_MKTIME */
-			case 'T':
-			case 'X':
-				if (!_fmt("%H:%M:%S", t))
-					return(0);
-				continue;
-			case 't':
-				if (!_add("\t"))
-					return(0);
-				continue;
-			case 'U':
-				if (!_conv((t->tm_yday + 7 - t->tm_wday) / 7,
-				    2, '0'))
-					return(0);
-				continue;
-			case 'W':
-				if (!_conv((t->tm_yday + 7 -
-				    (t->tm_wday ? (t->tm_wday - 1) : 6))
-				    / 7, 2, '0'))
-					return(0);
-				continue;
-			case 'w':
-				if (!_conv(t->tm_wday, 1, '0'))
-					return(0);
-				continue;
-			case 'x':
-				if (!_fmt("%m/%d/%y", t))
-					return(0);
-				continue;
-			case 'y':
-				if (!_conv((t->tm_year + TM_YEAR_BASE)
-				    % 100, 2, '0'))
-					return(0);
-				continue;
-			case 'Y':
-				if (!_conv(t->tm_year + TM_YEAR_BASE, 4, '0'))
-					return(0);
-				continue;
-#ifdef notdef
-			case 'Z':
-				if (!t->tm_zone || !_add(t->tm_zone))
-					return(0);
-				continue;
-#endif
-			case '%':
-			/*
-			 * X311J/88-090 (4.12.3.5): if conversion char is
-			 * undefined, behavior is undefined.  Print out the
-			 * character itself as printf(3) does.
-			 */
-			default:
-				break;
-		}
-		if (!gsize--)
-			return(0);
-		*pt++ = *format;
-	}
-	return(gsize);
+    return ampm[hour / 12];
 }
 
-#ifdef HAVE_MKTIME
+/*
+ * Return the week number of `tm' (Sunday being the first day of the week)
+ * as [0, 53]
+ */
+
 static int
-_secs(const struct tm *t)
+week_number_sun (const struct tm *tm)
 {
-	static char buf[15];
-	time_t s;
-	char *p;
-	struct tm tmp;
-
-	/* Make a copy, mktime(3) modifies the tm struct. */
-	tmp = *t;
-	s = mktime(&tmp);
-	for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10)
-		*p-- = s % 10 + '0';
-	return(_add(++p));
+    return (tm->tm_yday + 7 - (tm->tm_yday % 7 - tm->tm_wday + 7) % 7) / 7;
 }
-#endif	/* HAVE_MKTIME */
+
+/*
+ * Return the week number of `tm' (Monday being the first day of the week)
+ * as [0, 53]
+ */
 
 static int
-_conv(int n, int digits, int pad)
+week_number_mon (const struct tm *tm)
 {
-	static char buf[10];
-	char *p;
+    int wday = (tm->tm_wday + 6) % 7;
 
-	for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits)
-		*p-- = n % 10 + '0';
-	while (p > buf && digits-- > 0)
-		*p-- = pad;
-	return(_add(++p));
+    return (tm->tm_yday + 7 - (tm->tm_yday % 7 - wday + 7) % 7) / 7;
 }
 
+/*
+ * Return the week number of `tm' (Monday being the first day of the
+ * week) as [01, 53].  Week number one is the one that has four or more
+ * days in that year.
+ */
+
 static int
-_add(str)
-	char *str;
+week_number_mon4 (const struct tm *tm)
+{
+    int wday  = (tm->tm_wday + 6) % 7;
+    int w1day = (wday - tm->tm_yday % 7 + 7) % 7;
+    int ret;
+    
+    ret = (tm->tm_yday + w1day) / 7;
+    if (w1day >= 4)
+	--ret;
+    if (ret == -1)
+	ret = 53;
+    else
+	++ret;
+    return ret;
+}
+
+/*
+ *
+ */
+
+size_t
+strftime (char *buf, size_t maxsize, const char *format,
+	  const struct tm *tm)
 {
-	for (;; ++pt, --gsize) {
-		if (!gsize)
-			return(0);
-		if (!(*pt = *str++))
-			return(1);
+    size_t n = 0;
+    size_t ret;
+
+    while (*format != '\0' && n < maxsize) {
+	if (*format == '%') {
+	    ++format;
+	    if(*format == 'E' || *format == 'O')
+		++format;
+	    switch (*format) {
+	    case 'a' :
+		ret = snprintf (buf, maxsize - n,
+				"%s", abb_weekdays[tm->tm_wday]);
+		break;
+	    case 'A' :
+		ret = snprintf (buf, maxsize - n,
+				"%s", full_weekdays[tm->tm_wday]);
+		break;
+	    case 'h' :
+	    case 'b' :
+		ret = snprintf (buf, maxsize - n,
+				"%s", abb_month[tm->tm_mon]);
+		break;
+	    case 'B' :
+		ret = snprintf (buf, maxsize - n,
+				"%s", full_month[tm->tm_mon]);
+		break;
+	    case 'c' :
+		ret = snprintf (buf, maxsize - n,
+				"%d:%02d:%02d %02d:%02d:%02d",
+				tm->tm_year,
+				tm->tm_mon + 1,
+				tm->tm_mday,
+				tm->tm_hour,
+				tm->tm_min,
+				tm->tm_sec);
+		break;
+	    case 'C' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", (tm->tm_year + 1900) / 100);
+		break;
+	    case 'd' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", tm->tm_mday);
+		break;
+	    case 'D' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d/%02d/%02d",
+				tm->tm_mon + 1,
+				tm->tm_mday,
+				(tm->tm_year + 1900) % 100);
+		break;
+	    case 'e' :
+		ret = snprintf (buf, maxsize - n,
+				"%2d", tm->tm_mday);
+		break;
+	    case 'F':
+		ret = snprintf (buf, maxsize - n,
+				"%04d-%02d-%02d", tm->tm_year + 1900,
+				tm->tm_mon + 1, tm->tm_mday);
+		break;
+	    case 'g':
+		/* last two digits of week-based year */
+		abort();
+	    case 'G':
+		/* week-based year */
+		abort();
+	    case 'H' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", tm->tm_hour);
+		break;
+	    case 'I' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d",
+				hour_24to12 (tm->tm_hour));
+		break;
+	    case 'j' :
+		ret = snprintf (buf, maxsize - n,
+				"%03d", tm->tm_yday + 1);
+		break;
+	    case 'k' :
+		ret = snprintf (buf, maxsize - n,
+				"%2d", tm->tm_hour);
+		break;
+	    case 'l' :
+		ret = snprintf (buf, maxsize - n,
+				"%2d",
+				hour_24to12 (tm->tm_hour));
+		break;
+	    case 'm' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", tm->tm_mon + 1);
+		break;
+	    case 'M' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", tm->tm_min);
+		break;
+	    case 'n' :
+		ret = snprintf (buf, maxsize - n, "\n");
+		break;
+	    case 'p' :
+		ret = snprintf (buf, maxsize - n, "%s",
+				hour_to_ampm (tm->tm_hour));
+		break;
+	    case 'r' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d:%02d:%02d %s",
+				hour_24to12 (tm->tm_hour),
+				tm->tm_min,
+				tm->tm_sec,
+				hour_to_ampm (tm->tm_hour));
+		break;
+	    case 'R' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d:%02d",
+				tm->tm_hour,
+				tm->tm_min);
+		    
+	    case 's' :
+		ret = snprintf (buf, maxsize - n,
+				"%d", (int)mktime((struct tm *)tm));
+		break;
+	    case 'S' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", tm->tm_sec);
+		break;
+	    case 't' :
+		ret = snprintf (buf, maxsize - n, "\t");
+		break;
+	    case 'T' :
+	    case 'X' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d:%02d:%02d",
+				tm->tm_hour,
+				tm->tm_min,
+				tm->tm_sec);
+		break;
+	    case 'u' :
+		ret = snprintf (buf, maxsize - n,
+				"%d", (tm->tm_wday == 0) ? 7 : tm->tm_wday);
+		break;
+	    case 'U' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", week_number_sun (tm));
+		break;
+	    case 'V' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", week_number_mon4 (tm));
+		break;
+	    case 'w' :
+		ret = snprintf (buf, maxsize - n,
+				"%d", tm->tm_wday);
+		break;
+	    case 'W' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", week_number_mon (tm));
+		break;
+	    case 'x' :
+		ret = snprintf (buf, maxsize - n,
+				"%d:%02d:%02d",
+				tm->tm_year,
+				tm->tm_mon + 1,
+				tm->tm_mday);
+		break;
+	    case 'y' :
+		ret = snprintf (buf, maxsize - n,
+				"%02d", (tm->tm_year + 1900) % 100);
+		break;
+	    case 'Y' :
+		ret = snprintf (buf, maxsize - n,
+				"%d", tm->tm_year + 1900);
+		break;
+	    case 'z':
+		ret = snprintf (buf, maxsize - n,
+				"%ld",
+#if defined(HAVE_STRUCT_TM_TM_GMTOFF)
+				(long)tm->tm_gmtoff
+#elif defined(HAVE_TIMEZONE)
+				tm->tm_isdst ?
+				(long)altzone :
+				(long)timezone
+#else
+#error Where in timezone chaos are you?
+#endif    
+				);
+		break;
+	    case 'Z' :
+		ret = snprintf (buf, maxsize - n,
+				"%s",
+
+#if defined(HAVE_STRUCT_TM_TM_ZONE)
+				tm->tm_zone
+#elif defined(HAVE_TIMEZONE)
+				tzname[tm->tm_isdst]
+#else
+#error what?
+#endif
+		    );
+		break;
+	    case '\0' :
+		--format;
+		/* FALLTHROUGH */
+	    case '%' :
+		ret = snprintf (buf, maxsize - n,
+				"%%");
+		break;
+	    default :
+		ret = snprintf (buf, maxsize - n,
+				"%%%c", *format);
+		break;
+	    }
+	    if (ret >= maxsize - n)
+		return 0;
+	    n   += ret;
+	    buf += ret;
+	    ++format;
+	} else {
+	    *buf++ = *format++;
+	    ++n;
 	}
+    }
+    *buf++ = '\0';
+    return n;
 }
diff --git a/crypto/kerberosIV/lib/roken/strlcat.c b/crypto/kerberosIV/lib/roken/strlcat.c
new file mode 100644
index 0000000..d3c8baa
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/strlcat.c
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include "roken.h"
+
+RCSID("$Id: strlcat.c,v 1.5 1999/12/02 16:58:53 joda Exp $");
+
+#ifndef HAVE_STRLCAT
+
+size_t
+strlcat (char *dst, const char *src, size_t dst_sz)
+{
+    size_t len = strlen(dst);
+
+    return len + strlcpy (dst + len, src, dst_sz - len);
+}
+#endif
diff --git a/crypto/kerberosIV/lib/roken/strlcpy.c b/crypto/kerberosIV/lib/roken/strlcpy.c
new file mode 100644
index 0000000..33cd9cb
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/strlcpy.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include "roken.h"
+
+RCSID("$Id: strlcpy.c,v 1.5 1999/12/02 16:58:53 joda Exp $");
+
+#ifndef HAVE_STRLCPY
+
+size_t
+strlcpy (char *dst, const char *src, size_t dst_sz)
+{
+    size_t n;
+    char *p;
+
+    for (p = dst, n = 0;
+	 n + 1 < dst_sz && *src != '\0';
+	 ++p, ++src, ++n)
+	*p = *src;
+    *p = '\0';
+    if (*src == '\0')
+	return n;
+    else
+	return n + strlen (src);
+}
+
+#endif
diff --git a/crypto/kerberosIV/lib/roken/strlwr.c b/crypto/kerberosIV/lib/roken/strlwr.c
index 0222d8c..cb36789 100644
--- a/crypto/kerberosIV/lib/roken/strlwr.c
+++ b/crypto/kerberosIV/lib/roken/strlwr.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strlwr.c,v 1.3 1997/04/01 08:19:11 joda Exp $");
+RCSID("$Id: strlwr.c,v 1.4 1999/12/02 16:58:53 joda Exp $");
 #endif
 #include <string.h>
 #include <ctype.h>
diff --git a/crypto/kerberosIV/lib/roken/strncasecmp.c b/crypto/kerberosIV/lib/roken/strncasecmp.c
index 0d7d59d..7c6474f 100644
--- a/crypto/kerberosIV/lib/roken/strncasecmp.c
+++ b/crypto/kerberosIV/lib/roken/strncasecmp.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strncasecmp.c,v 1.1 1998/05/22 19:16:17 joda Exp $");
+RCSID("$Id: strncasecmp.c,v 1.2 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strndup.c b/crypto/kerberosIV/lib/roken/strndup.c
index 53c2224..31e7e9f 100644
--- a/crypto/kerberosIV/lib/roken/strndup.c
+++ b/crypto/kerberosIV/lib/roken/strndup.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strndup.c,v 1.1 1999/05/07 23:54:47 assar Exp $");
+RCSID("$Id: strndup.c,v 1.2 1999/12/02 16:58:53 joda Exp $");
 #endif
 #include <stdlib.h>
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strnlen.c b/crypto/kerberosIV/lib/roken/strnlen.c
index e29f830..fffb3b7 100644
--- a/crypto/kerberosIV/lib/roken/strnlen.c
+++ b/crypto/kerberosIV/lib/roken/strnlen.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strnlen.c,v 1.6 1999/05/07 23:56:25 assar Exp $");
+RCSID("$Id: strnlen.c,v 1.7 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/strpftime-test.c b/crypto/kerberosIV/lib/roken/strpftime-test.c
new file mode 100644
index 0000000..7eb8fb8
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/strpftime-test.c
@@ -0,0 +1,287 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include "roken.h"
+
+RCSID("$Id: strpftime-test.c,v 1.2 1999/11/12 15:29:55 assar Exp $");
+
+enum { MAXSIZE = 26 };
+
+static struct testcase {
+    time_t t;
+    struct {
+	const char *format;
+	const char *result;
+    } vals[MAXSIZE];
+} tests[] = {
+    {0,
+     {
+	 {"%A", "Thursday"},
+	 {"%a", "Thu"},
+	 {"%B", "January"},
+	 {"%b", "Jan"},
+	 {"%C", "19"},
+	 {"%d", "01"},
+	 {"%e", " 1"},
+	 {"%H", "00"},
+	 {"%I", "12"},
+	 {"%j", "001"},
+	 {"%k", " 0"},
+	 {"%l", "12"},
+	 {"%M", "00"},
+	 {"%m", "01"},
+	 {"%n", "\n"},
+	 {"%p", "AM"},
+	 {"%S", "00"},
+	 {"%t", "\t"},
+	 {"%w", "4"},
+	 {"%Y", "1970"},
+	 {"%y", "70"},
+	 {"%U", "00"},
+	 {"%W", "00"},
+	 {"%V", "01"},
+	 {"%%", "%"},
+	 {NULL, NULL}}
+    },
+    {90000,
+     {
+	 {"%A", "Friday"},
+	 {"%a", "Fri"},
+	 {"%B", "January"},
+	 {"%b", "Jan"},
+	 {"%C", "19"},
+	 {"%d", "02"},
+	 {"%e", " 2"},
+	 {"%H", "01"},
+	 {"%I", "01"},
+	 {"%j", "002"},
+	 {"%k", " 1"},
+	 {"%l", " 1"},
+	 {"%M", "00"},
+	 {"%m", "01"},
+	 {"%n", "\n"},
+	 {"%p", "AM"},
+	 {"%S", "00"},
+	 {"%t", "\t"},
+	 {"%w", "5"},
+	 {"%Y", "1970"},
+	 {"%y", "70"},
+	 {"%U", "00"},
+	 {"%W", "00"},
+	 {"%V", "01"},
+	 {"%%", "%"},
+	 {NULL, NULL}
+     }
+    },
+    {216306,
+     {
+	 {"%A", "Saturday"},
+	 {"%a", "Sat"},
+	 {"%B", "January"},
+	 {"%b", "Jan"},
+	 {"%C", "19"},
+	 {"%d", "03"},
+	 {"%e", " 3"},
+	 {"%H", "12"},
+	 {"%I", "12"},
+	 {"%j", "003"},
+	 {"%k", "12"},
+	 {"%l", "12"},
+	 {"%M", "05"},
+	 {"%m", "01"},
+	 {"%n", "\n"},
+	 {"%p", "PM"},
+	 {"%S", "06"},
+	 {"%t", "\t"},
+	 {"%w", "6"},
+	 {"%Y", "1970"},
+	 {"%y", "70"},
+	 {"%U", "00"},
+	 {"%W", "00"},
+	 {"%V", "01"},
+	 {"%%", "%"},
+	 {NULL, NULL}
+     }
+    },
+    {259200,
+     {
+	 {"%A", "Sunday"},
+	 {"%a", "Sun"},
+	 {"%B", "January"},
+	 {"%b", "Jan"},
+	 {"%C", "19"},
+	 {"%d", "04"},
+	 {"%e", " 4"},
+	 {"%H", "00"},
+	 {"%I", "12"},
+	 {"%j", "004"},
+	 {"%k", " 0"},
+	 {"%l", "12"},
+	 {"%M", "00"},
+	 {"%m", "01"},
+	 {"%n", "\n"},
+	 {"%p", "AM"},
+	 {"%S", "00"},
+	 {"%t", "\t"},
+	 {"%w", "0"},
+	 {"%Y", "1970"},
+	 {"%y", "70"},
+	 {"%U", "01"},
+	 {"%W", "00"},
+	 {"%V", "01"},
+	 {"%%", "%"},
+	 {NULL, NULL}
+     }
+    },
+    {915148800,
+     {
+	 {"%A", "Friday"},
+	 {"%a", "Fri"},
+	 {"%B", "January"},
+	 {"%b", "Jan"},
+	 {"%C", "19"},
+	 {"%d", "01"},
+	 {"%e", " 1"},
+	 {"%H", "00"},
+	 {"%I", "12"},
+	 {"%j", "001"},
+	 {"%k", " 0"},
+	 {"%l", "12"},
+	 {"%M", "00"},
+	 {"%m", "01"},
+	 {"%n", "\n"},
+	 {"%p", "AM"},
+	 {"%S", "00"},
+	 {"%t", "\t"},
+	 {"%w", "5"},
+	 {"%Y", "1999"},
+	 {"%y", "99"},
+	 {"%U", "00"},
+	 {"%W", "00"},
+	 {"%V", "53"},
+	 {"%%", "%"},
+	 {NULL, NULL}}
+    },
+    {942161105,
+     {
+
+	 {"%A", "Tuesday"},
+	 {"%a", "Tue"},
+	 {"%B", "November"},
+	 {"%b", "Nov"},
+	 {"%C", "19"},
+	 {"%d", "09"},
+	 {"%e", " 9"},
+	 {"%H", "15"},
+	 {"%I", "03"},
+	 {"%j", "313"},
+	 {"%k", "15"},
+	 {"%l", " 3"},
+	 {"%M", "25"},
+	 {"%m", "11"},
+	 {"%n", "\n"},
+	 {"%p", "PM"},
+	 {"%S", "05"},
+	 {"%t", "\t"},
+	 {"%w", "2"},
+	 {"%Y", "1999"},
+	 {"%y", "99"},
+	 {"%U", "45"},
+	 {"%W", "45"},
+	 {"%V", "45"},
+	 {"%%", "%"},
+	 {NULL, NULL}
+     }
+    }
+};
+
+int
+main(int argc, char **argv)
+{
+    int i, j;
+    int ret = 0;
+
+    for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) {
+	struct tm *tm;
+
+	tm = gmtime (&tests[i].t);
+
+	for (j = 0; tests[i].vals[j].format != NULL; ++j) {
+	    char buf[128];
+	    size_t len;
+	    struct tm tm2;
+	    char *ptr;
+
+	    len = strftime (buf, sizeof(buf), tests[i].vals[j].format, tm);
+	    if (len != strlen (buf)) {
+		printf ("length of strftime(\"%s\") = %d (\"%s\")\n",
+			tests[i].vals[j].format, len,
+			buf);
+		++ret;
+		continue;
+	    }
+	    if (strcmp (buf, tests[i].vals[j].result) != 0) {
+		printf ("result of strftime(\"%s\") = \"%s\" != \"%s\"\n",
+			tests[i].vals[j].format, buf,
+			tests[i].vals[j].result);
+		++ret;
+		continue;
+	    }
+	    memset (&tm2, 0, sizeof(tm2));
+	    ptr = strptime (tests[i].vals[j].result,
+			    tests[i].vals[j].format,
+			    &tm2);
+	    if (ptr == NULL || *ptr != '\0') {
+		printf ("bad return value from strptime("
+			"\"%s\", \"%s\")\n",
+			tests[i].vals[j].result,
+			tests[i].vals[j].format);
+		++ret;
+	    }
+	    strftime (buf, sizeof(buf), tests[i].vals[j].format, &tm2);
+	    if (strcmp (buf, tests[i].vals[j].result) != 0) {
+		printf ("reverse of \"%s\" failed: \"%s\" vs \"%s\"\n",
+			tests[i].vals[j].format,
+			buf, tests[i].vals[j].result);
+		++ret;
+	    }
+	}
+    }
+    if (ret) {
+	printf ("%d errors\n", ret);
+	return 1;
+    } else
+	return 0;
+}
diff --git a/crypto/kerberosIV/lib/roken/strptime.c b/crypto/kerberosIV/lib/roken/strptime.c
new file mode 100644
index 0000000..36f0822
--- /dev/null
+++ b/crypto/kerberosIV/lib/roken/strptime.c
@@ -0,0 +1,444 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <ctype.h>
+#include "roken.h"
+
+RCSID("$Id: strptime.c,v 1.2 1999/11/12 15:29:55 assar Exp $");
+
+static const char *abb_weekdays[] = {
+    "Sun",
+    "Mon",
+    "Tue",
+    "Wed",
+    "Thu",
+    "Fri",
+    "Sat",
+    NULL
+};
+
+static const char *full_weekdays[] = {
+    "Sunday",
+    "Monday",
+    "Tuesday",
+    "Wednesday",
+    "Thursday",
+    "Friday",
+    "Saturday",
+    NULL
+};
+
+static const char *abb_month[] = {
+    "Jan",
+    "Feb",
+    "Mar",
+    "Apr",
+    "May",
+    "Jun",
+    "Jul",
+    "Aug",
+    "Sep",
+    "Oct",
+    "Nov",
+    "Dec",
+    NULL
+};
+
+static const char *full_month[] = {
+    "January",
+    "February",
+    "Mars",
+    "April",
+    "May",
+    "June",
+    "July",
+    "August",
+    "September",
+    "October",
+    "November",
+    "December",
+    NULL,
+};
+
+static const char *ampm[] = {
+    "am",
+    "pm",
+    NULL
+};
+
+/*
+ * Try to match `*buf' to one of the strings in `strs'.  Return the
+ * index of the matching string (or -1 if none).  Also advance buf.
+ */
+
+static int
+match_string (const char **buf, const char **strs)
+{
+    int i = 0;
+
+    for (i = 0; strs[i] != NULL; ++i) {
+	int len = strlen (strs[i]);
+
+	if (strncasecmp (*buf, strs[i], len) == 0) {
+	    *buf += len;
+	    return i;
+	}
+    }
+    return -1;
+}
+
+/*
+ * tm_year is relative this year */
+
+const int tm_year_base = 1900;
+
+/*
+ * Return TRUE iff `year' was a leap year.
+ */
+
+static int
+is_leap_year (int year)
+{
+    return (year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0);
+}
+
+/*
+ * Return the weekday [0,6] (0 = Sunday) of the first day of `year'
+ */
+
+static int
+first_day (int year)
+{
+    int ret = 4;
+
+    for (; year > 1970; --year)
+	ret = (ret + 365 + is_leap_year (year) ? 1 : 0) % 7;
+    return ret;
+}
+
+/*
+ * Set `timeptr' given `wnum' (week number [0, 53])
+ */
+
+static void
+set_week_number_sun (struct tm *timeptr, int wnum)
+{
+    int fday = first_day (timeptr->tm_year + tm_year_base);
+
+    timeptr->tm_yday = wnum * 7 + timeptr->tm_wday - fday;
+    if (timeptr->tm_yday < 0) {
+	timeptr->tm_wday = fday;
+	timeptr->tm_yday = 0;
+    }
+}
+
+/*
+ * Set `timeptr' given `wnum' (week number [0, 53])
+ */
+
+static void
+set_week_number_mon (struct tm *timeptr, int wnum)
+{
+    int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7;
+
+    timeptr->tm_yday = wnum * 7 + (timeptr->tm_wday + 6) % 7 - fday;
+    if (timeptr->tm_yday < 0) {
+	timeptr->tm_wday = (fday + 1) % 7;
+	timeptr->tm_yday = 0;
+    }
+}
+
+/*
+ * Set `timeptr' given `wnum' (week number [0, 53])
+ */
+
+static void
+set_week_number_mon4 (struct tm *timeptr, int wnum)
+{
+    int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7;
+    int offset = 0;
+
+    if (fday < 4)
+	offset += 7;
+
+    timeptr->tm_yday = offset + (wnum - 1) * 7 + timeptr->tm_wday - fday;
+    if (timeptr->tm_yday < 0) {
+	timeptr->tm_wday = fday;
+	timeptr->tm_yday = 0;
+    }
+}
+
+/*
+ *
+ */
+
+char *
+strptime (const char *buf, const char *format, struct tm *timeptr)
+{
+    char c;
+
+    for (; (c = *format) != '\0'; ++format) {
+	char *s;
+	int ret;
+
+	if (isspace (c)) {
+	    while (isspace (*buf))
+		++buf;
+	} else if (c == '%' && format[1] != '\0') {
+	    c = *++format;
+	    if (c == 'E' || c == 'O')
+		c = *++format;
+	    switch (c) {
+	    case 'A' :
+		ret = match_string (&buf, full_weekdays);
+		if (ret < 0)
+		    return NULL;
+		timeptr->tm_wday = ret;
+		break;
+	    case 'a' :
+		ret = match_string (&buf, abb_weekdays);
+		if (ret < 0)
+		    return NULL;
+		timeptr->tm_wday = ret;
+		break;
+	    case 'B' :
+		ret = match_string (&buf, full_month);
+		if (ret < 0)
+		    return NULL;
+		timeptr->tm_mon = ret;
+		break;
+	    case 'b' :
+	    case 'h' :
+		ret = match_string (&buf, abb_month);
+		if (ret < 0)
+		    return NULL;
+		timeptr->tm_mon = ret;
+		break;
+	    case 'C' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_year = (ret * 100) - tm_year_base;
+		buf = s;
+		break;
+	    case 'c' :
+		abort ();
+	    case 'D' :		/* %m/%d/%y */
+		s = strptime (buf, "%m/%d/%y", timeptr);
+		if (s == NULL)
+		    return NULL;
+		buf = s;
+		break;
+	    case 'd' :
+	    case 'e' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_mday = ret;
+		buf = s;
+		break;
+	    case 'H' :
+	    case 'k' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_hour = ret;
+		buf = s;
+		break;
+	    case 'I' :
+	    case 'l' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		if (ret == 12)
+		    timeptr->tm_hour = 0;
+		else
+		    timeptr->tm_hour = ret;
+		buf = s;
+		break;
+	    case 'j' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_yday = ret - 1;
+		buf = s;
+		break;
+	    case 'm' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_mon = ret - 1;
+		buf = s;
+		break;
+	    case 'M' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_min = ret;
+		buf = s;
+		break;
+	    case 'n' :
+		if (*buf == '\n')
+		    ++buf;
+		else
+		    return NULL;
+		break;
+	    case 'p' :
+		ret = match_string (&buf, ampm);
+		if (ret < 0)
+		    return NULL;
+		if (timeptr->tm_hour == 0) {
+		    if (ret == 1)
+			timeptr->tm_hour = 12;
+		} else
+		    timeptr->tm_hour += 12;
+		break;
+	    case 'r' :		/* %I:%M:%S %p */
+		s = strptime (buf, "%I:%M:%S %p", timeptr);
+		if (s == NULL)
+		    return NULL;
+		buf = s;
+		break;
+	    case 'R' :		/* %H:%M */
+		s = strptime (buf, "%H:%M", timeptr);
+		if (s == NULL)
+		    return NULL;
+		buf = s;
+		break;
+	    case 'S' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_sec = ret;
+		buf = s;
+		break;
+	    case 't' :
+		if (*buf == '\t')
+		    ++buf;
+		else
+		    return NULL;
+		break;
+	    case 'T' :		/* %H:%M:%S */
+	    case 'X' :
+		s = strptime (buf, "%H:%M:%S", timeptr);
+		if (s == NULL)
+		    return NULL;
+		buf = s;
+		break;
+	    case 'u' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_wday = ret - 1;
+		buf = s;
+		break;
+	    case 'w' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_wday = ret;
+		buf = s;
+		break;
+	    case 'U' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		set_week_number_sun (timeptr, ret);
+		buf = s;
+		break;
+	    case 'V' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		set_week_number_mon4 (timeptr, ret);
+		buf = s;
+		break;
+	    case 'W' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		set_week_number_mon (timeptr, ret);
+		buf = s;
+		break;
+	    case 'x' :
+		s = strptime (buf, "%Y:%m:%d", timeptr);
+		if (s == NULL)
+		    return NULL;
+		buf = s;
+		break;
+	    case 'y' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		if (ret < 70)
+		    timeptr->tm_year = 100 + ret;
+		else
+		    timeptr->tm_year = ret;
+		buf = s;
+		break;
+	    case 'Y' :
+		ret = strtol (buf, &s, 10);
+		if (s == buf)
+		    return NULL;
+		timeptr->tm_year = ret - tm_year_base;
+		buf = s;
+		break;
+	    case 'Z' :
+		abort ();
+	    case '\0' :
+		--format;
+		/* FALLTHROUGH */
+	    case '%' :
+		if (*buf == '%')
+		    ++buf;
+		else
+		    return NULL;
+		break;
+	    default :
+		if (*buf == '%' || *++buf == c)
+		    ++buf;
+		else
+		    return NULL;
+		break;
+	    }
+	} else {
+	    if (*buf == c)
+		++buf;
+	    else
+		return NULL;
+	}
+    }
+    return (char *)buf;
+}
diff --git a/crypto/kerberosIV/lib/roken/strsep.c b/crypto/kerberosIV/lib/roken/strsep.c
index 6db51fc..efc714a 100644
--- a/crypto/kerberosIV/lib/roken/strsep.c
+++ b/crypto/kerberosIV/lib/roken/strsep.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strsep.c,v 1.2 1997/07/24 07:08:23 joda Exp $");
+RCSID("$Id: strsep.c,v 1.3 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strtok_r.c b/crypto/kerberosIV/lib/roken/strtok_r.c
index 49164d9..45b036a 100644
--- a/crypto/kerberosIV/lib/roken/strtok_r.c
+++ b/crypto/kerberosIV/lib/roken/strtok_r.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strtok_r.c,v 1.4 1997/05/19 03:05:47 assar Exp $");
+RCSID("$Id: strtok_r.c,v 1.5 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <string.h>
diff --git a/crypto/kerberosIV/lib/roken/strupr.c b/crypto/kerberosIV/lib/roken/strupr.c
index c5674f7..96dd042 100644
--- a/crypto/kerberosIV/lib/roken/strupr.c
+++ b/crypto/kerberosIV/lib/roken/strupr.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: strupr.c,v 1.3 1997/04/01 08:19:13 joda Exp $");
+RCSID("$Id: strupr.c,v 1.4 1999/12/02 16:58:53 joda Exp $");
 #endif
 #include <string.h>
 #include <ctype.h>
diff --git a/crypto/kerberosIV/lib/roken/swab.c b/crypto/kerberosIV/lib/roken/swab.c
index 8626bfa..c623bd0 100644
--- a/crypto/kerberosIV/lib/roken/swab.c
+++ b/crypto/kerberosIV/lib/roken/swab.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -43,7 +38,7 @@
 
 #ifndef HAVE_SWAB
 
-RCSID("$Id: swab.c,v 1.6 1997/12/04 22:51:53 joda Exp $");
+RCSID("$Id: swab.c,v 1.7 1999/12/02 16:58:53 joda Exp $");
 
 void
 swab (char *from, char *to, int nbytes)
diff --git a/crypto/kerberosIV/lib/roken/tm2time.c b/crypto/kerberosIV/lib/roken/tm2time.c
index f4423ff..b912e32 100644
--- a/crypto/kerberosIV/lib/roken/tm2time.c
+++ b/crypto/kerberosIV/lib/roken/tm2time.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: tm2time.c,v 1.6 1997/04/20 05:51:30 assar Exp $");
+RCSID("$Id: tm2time.c,v 1.7 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #ifdef TIME_WITH_SYS_TIME
diff --git a/crypto/kerberosIV/lib/roken/unsetenv.c b/crypto/kerberosIV/lib/roken/unsetenv.c
index 67fb750..6d95a51 100644
--- a/crypto/kerberosIV/lib/roken/unsetenv.c
+++ b/crypto/kerberosIV/lib/roken/unsetenv.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: unsetenv.c,v 1.6 1997/04/01 08:19:14 joda Exp $");
+RCSID("$Id: unsetenv.c,v 1.7 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <stdlib.h>
diff --git a/crypto/kerberosIV/lib/roken/verify.c b/crypto/kerberosIV/lib/roken/verify.c
index 65eafcc..842fa9a 100644
--- a/crypto/kerberosIV/lib/roken/verify.c
+++ b/crypto/kerberosIV/lib/roken/verify.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: verify.c,v 1.12 1997/04/01 08:19:15 joda Exp $");
+RCSID("$Id: verify.c,v 1.13 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include <stdio.h>
diff --git a/crypto/kerberosIV/lib/roken/verr.c b/crypto/kerberosIV/lib/roken/verr.c
index 9ebe199..511e640 100644
--- a/crypto/kerberosIV/lib/roken/verr.c
+++ b/crypto/kerberosIV/lib/roken/verr.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: verr.c,v 1.7 1997/11/12 00:10:19 joda Exp $");
+RCSID("$Id: verr.c,v 1.8 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/verrx.c b/crypto/kerberosIV/lib/roken/verrx.c
index e7355ce..f4578d3 100644
--- a/crypto/kerberosIV/lib/roken/verrx.c
+++ b/crypto/kerberosIV/lib/roken/verrx.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: verrx.c,v 1.7 1997/11/12 00:10:26 joda Exp $");
+RCSID("$Id: verrx.c,v 1.8 1999/12/02 16:58:53 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/vsyslog.c b/crypto/kerberosIV/lib/roken/vsyslog.c
index 2b32e32..22e6a35 100644
--- a/crypto/kerberosIV/lib/roken/vsyslog.c
+++ b/crypto/kerberosIV/lib/roken/vsyslog.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: vsyslog.c,v 1.2 1999/02/11 21:03:59 joda Exp $");
+RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #ifndef HAVE_VSYSLOG
diff --git a/crypto/kerberosIV/lib/roken/vwarn.c b/crypto/kerberosIV/lib/roken/vwarn.c
index f6698ae..15f9a38 100644
--- a/crypto/kerberosIV/lib/roken/vwarn.c
+++ b/crypto/kerberosIV/lib/roken/vwarn.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: vwarn.c,v 1.7 1997/11/12 00:10:32 joda Exp $");
+RCSID("$Id: vwarn.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/vwarnx.c b/crypto/kerberosIV/lib/roken/vwarnx.c
index 50d0432..48f1ffd 100644
--- a/crypto/kerberosIV/lib/roken/vwarnx.c
+++ b/crypto/kerberosIV/lib/roken/vwarnx.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: vwarnx.c,v 1.7 1997/11/12 00:09:45 joda Exp $");
+RCSID("$Id: vwarnx.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/warn.c b/crypto/kerberosIV/lib/roken/warn.c
index 5af5d8d..d8ee335 100644
--- a/crypto/kerberosIV/lib/roken/warn.c
+++ b/crypto/kerberosIV/lib/roken/warn.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: warn.c,v 1.5 1997/03/30 08:05:40 joda Exp $");
+RCSID("$Id: warn.c,v 1.6 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/warnerr.c b/crypto/kerberosIV/lib/roken/warnerr.c
index a92d7b1..4df375d 100644
--- a/crypto/kerberosIV/lib/roken/warnerr.c
+++ b/crypto/kerberosIV/lib/roken/warnerr.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: warnerr.c,v 1.7 1997/11/12 00:09:08 joda Exp $");
+RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/warnx.c b/crypto/kerberosIV/lib/roken/warnx.c
index bf7b076..c991176 100644
--- a/crypto/kerberosIV/lib/roken/warnx.c
+++ b/crypto/kerberosIV/lib/roken/warnx.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: warnx.c,v 1.5 1997/03/30 08:05:41 joda Exp $");
+RCSID("$Id: warnx.c,v 1.6 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "err.h"
diff --git a/crypto/kerberosIV/lib/roken/writev.c b/crypto/kerberosIV/lib/roken/writev.c
index c541b83..e3859bf 100644
--- a/crypto/kerberosIV/lib/roken/writev.c
+++ b/crypto/kerberosIV/lib/roken/writev.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: writev.c,v 1.2 1999/07/03 02:37:57 assar Exp $");
+RCSID("$Id: writev.c,v 1.3 1999/12/02 16:58:54 joda Exp $");
 #endif
 
 #include "roken.h"
diff --git a/crypto/kerberosIV/lib/roken/xdbm.h b/crypto/kerberosIV/lib/roken/xdbm.h
index 26e8dcc..83885b3 100644
--- a/crypto/kerberosIV/lib/roken/xdbm.h
+++ b/crypto/kerberosIV/lib/roken/xdbm.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: xdbm.h,v 1.3 1999/05/08 02:25:22 assar Exp $ */
+/* $Id: xdbm.h,v 1.6 1999/12/02 16:58:54 joda Exp $ */
 
 /* Generic *dbm include file */
 
diff --git a/crypto/kerberosIV/lib/sl/lex.l b/crypto/kerberosIV/lib/sl/lex.l
index 10bff59..b7c1c44 100644
--- a/crypto/kerberosIV/lib/sl/lex.l
+++ b/crypto/kerberosIV/lib/sl/lex.l
@@ -15,12 +15,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -40,7 +35,7 @@
 #include "make_cmds.h"
 #include "parse.h"
 
-RCSID("$Id: lex.l,v 1.2 1998/09/26 21:01:29 joda Exp $");
+RCSID("$Id: lex.l,v 1.3 1999/12/02 16:58:55 joda Exp $");
 
 static unsigned lineno = 1;
 void error_message(char *, ...);
diff --git a/crypto/kerberosIV/lib/sl/make_cmds.c b/crypto/kerberosIV/lib/sl/make_cmds.c
index b2e733f..492e9e6 100644
--- a/crypto/kerberosIV/lib/sl/make_cmds.c
+++ b/crypto/kerberosIV/lib/sl/make_cmds.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -39,7 +34,7 @@
 #include "make_cmds.h"
 #include <getarg.h>
 
-RCSID("$Id: make_cmds.c,v 1.5 1999/04/01 15:03:57 joda Exp $");
+RCSID("$Id: make_cmds.c,v 1.6 1999/12/02 16:58:55 joda Exp $");
 
 #include <roken.h>
 #include <err.h>
diff --git a/crypto/kerberosIV/lib/sl/make_cmds.h b/crypto/kerberosIV/lib/sl/make_cmds.h
index 5278a46..24dbd60 100644
--- a/crypto/kerberosIV/lib/sl/make_cmds.h
+++ b/crypto/kerberosIV/lib/sl/make_cmds.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: make_cmds.h,v 1.1 1998/02/15 04:15:40 joda Exp $ */
+/* $Id: make_cmds.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */
 
 #ifndef __MAKE_CMDS_H__
 #define __MAKE_CMDS_H__
diff --git a/crypto/kerberosIV/lib/sl/parse.y b/crypto/kerberosIV/lib/sl/parse.y
index dbb952b..b8b2d63 100644
--- a/crypto/kerberosIV/lib/sl/parse.y
+++ b/crypto/kerberosIV/lib/sl/parse.y
@@ -15,12 +15,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -38,7 +33,7 @@
  */
 
 #include "make_cmds.h"
-RCSID("$Id: parse.y,v 1.4 1999/03/20 02:43:45 assar Exp $");
+RCSID("$Id: parse.y,v 1.5 1999/12/02 16:58:55 joda Exp $");
 
 void yyerror (char *s);
 long name2number(const char *str);
diff --git a/crypto/kerberosIV/lib/sl/roken_rename.h b/crypto/kerberosIV/lib/sl/roken_rename.h
index f3e947c..c668802 100644
--- a/crypto/kerberosIV/lib/sl/roken_rename.h
+++ b/crypto/kerberosIV/lib/sl/roken_rename.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -36,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: roken_rename.h,v 1.2 1999/01/25 10:01:46 joda Exp $ */
+/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:55 joda Exp $ */
 
 #ifndef __roken_rename_h__
 #define __roken_rename_h__
diff --git a/crypto/kerberosIV/lib/sl/sl.c b/crypto/kerberosIV/lib/sl/sl.c
index 2de8868..688ca8b 100644
--- a/crypto/kerberosIV/lib/sl/sl.c
+++ b/crypto/kerberosIV/lib/sl/sl.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -38,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: sl.c,v 1.24 1998/11/22 09:47:49 assar Exp $");
+RCSID("$Id: sl.c,v 1.25 1999/12/02 16:58:55 joda Exp $");
 #endif
 
 #include "sl_locl.h"
diff --git a/crypto/kerberosIV/lib/sl/sl.h b/crypto/kerberosIV/lib/sl/sl.h
index 2606e0f..1a6d3fa 100644
--- a/crypto/kerberosIV/lib/sl/sl.h
+++ b/crypto/kerberosIV/lib/sl/sl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: sl.h,v 1.6 1998/06/09 19:25:40 joda Exp $ */
+/* $Id: sl.h,v 1.7 1999/12/02 16:58:55 joda Exp $ */
 
 #ifndef _SL_H
 #define _SL_H
diff --git a/crypto/kerberosIV/lib/sl/sl_locl.h b/crypto/kerberosIV/lib/sl/sl_locl.h
index cf5805f..4bd9660 100644
--- a/crypto/kerberosIV/lib/sl/sl_locl.h
+++ b/crypto/kerberosIV/lib/sl/sl_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: sl_locl.h,v 1.5 1998/02/15 04:14:08 joda Exp $ */
+/* $Id: sl_locl.h,v 1.6 1999/12/02 16:58:55 joda Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
diff --git a/crypto/kerberosIV/lib/sl/ss.c b/crypto/kerberosIV/lib/sl/ss.c
index 748613b..f3c0546 100644
--- a/crypto/kerberosIV/lib/sl/ss.c
+++ b/crypto/kerberosIV/lib/sl/ss.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -40,7 +35,7 @@
 #include <com_err.h>
 #include "ss.h"
 
-RCSID("$Id: ss.c,v 1.3 1998/11/22 09:47:24 assar Exp $");
+RCSID("$Id: ss.c,v 1.4 1999/12/02 16:58:55 joda Exp $");
 
 struct ss_subst {
     char *name;
diff --git a/crypto/kerberosIV/lib/sl/ss.h b/crypto/kerberosIV/lib/sl/ss.h
index c7f0098..0d9d297 100644
--- a/crypto/kerberosIV/lib/sl/ss.h
+++ b/crypto/kerberosIV/lib/sl/ss.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the 
  *    documentation and/or other materials provided with the distribution. 
  *
- * 3. All advertising materials mentioning features or use of this software 
- *    must display the following acknowledgement: 
- *      This product includes software developed by Kungliga Tekniska 
- *      Högskolan and its contributors. 
- *
- * 4. Neither the name of the Institute nor the names of its contributors 
+ * 3. Neither the name of the Institute nor the names of its contributors 
  *    may be used to endorse or promote products derived from this software 
  *    without specific prior written permission. 
  *
@@ -35,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
  * SUCH DAMAGE. 
  */
-/* $Id: ss.h,v 1.1 1998/02/15 04:13:34 joda Exp $ */
+/* $Id: ss.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */
 
 /* SS compatibility for SL */
 
diff --git a/crypto/kerberosIV/man/kadmind.8 b/crypto/kerberosIV/man/kadmind.8
index 9924d48..71660fa 100644
--- a/crypto/kerberosIV/man/kadmind.8
+++ b/crypto/kerberosIV/man/kadmind.8
@@ -1,4 +1,4 @@
-.\" $Id: kadmind.8,v 1.5 1998/06/13 00:30:08 assar Exp $
+.\" $Id: kadmind.8,v 1.6 1999/09/15 15:10:08 assar Exp $
 .\" Copyright 1989 by the Massachusetts Institute of Technology.
 .\"
 .\" For copying and distribution information,
@@ -112,16 +112,16 @@ entries from the database.
 A principal is always granted authorization to change its own password.
 .SH FILES
 .TP 20n
-/kerberos/admin_server.syslog
+/var/log/admin_server.syslog
 Default log file.
 .TP 
-/kerberos
+/var/kerberos
 Default access control list directory.
 .TP
 admin_acl.{add,get,mod}
 Access control list files (within the directory)
 .TP
-/kerberos/principal.pag, /kerberos/principal.dir
+/var/kerberos/principal.pag, /var/kerberos/principal.dir
 Default DBM files containing database
 .TP
 /.k
diff --git a/crypto/kerberosIV/man/krb.conf.5 b/crypto/kerberosIV/man/krb.conf.5
index 5c15468..8ffa9af 100644
--- a/crypto/kerberosIV/man/krb.conf.5
+++ b/crypto/kerberosIV/man/krb.conf.5
@@ -1,4 +1,4 @@
-.\" $Id: krb.conf.5,v 1.3 1999/06/15 15:36:46 bg Exp $
+.\" $Id: krb.conf.5,v 1.4 1999/08/02 16:09:57 bg Exp $
 .\" Copyright 1989 by the Massachusetts Institute of Technology.
 .\"
 .\" For copying and distribution information,
@@ -24,18 +24,18 @@ administrative database server.
 To be able to communicate with the KDC through a firewall it is
 sometimes necessary to tunnel requests over HTTP or TCP. Tunnel
 protocols and port numbers are specified in the server specification
-using the syntax [(udp|tcp|http)/]hostname[:port].
+using the syntax [(UDP|TCP|HTTP)/]hostname[:port].
 
 For example:
 .nf
 .in +1i
 SICS.SE
 NADA.KTH.SE
-SICS.SE     tcp/kerberos.sics.se:88 admin server
+SICS.SE     TCP/kerberos.sics.se:88 admin server
 NADA.KTH.SE kerberos.nada.kth.se    admin server
 NADA.KTH.SE kerberos-1.nada.kth.se
 NADA.KTH.SE kerberos-2.nada.kth.se
-NADA.KTH.SE http/kerberos-3.nada.kth.se
+NADA.KTH.SE HTTP/kerberos-3.nada.kth.se
 KTH.SE      kerberos.kth.se         admin server
 .in -1i
 .SH SEE ALSO
diff --git a/crypto/kerberosIV/man/krb.extra.5 b/crypto/kerberosIV/man/krb.extra.5
index 7c3140a..38569fd 100644
--- a/crypto/kerberosIV/man/krb.extra.5
+++ b/crypto/kerberosIV/man/krb.extra.5
@@ -1,4 +1,4 @@
-.\" $Id: krb.extra.5,v 1.1.2.1 1999/07/22 03:16:36 assar Exp $
+.\" $Id: krb.extra.5,v 1.4 1999/11/25 05:30:42 assar Exp $
 .\"
 .Dd June 24, 1999
 .Dt KRB.EXTRA 5
@@ -29,12 +29,21 @@ compute a direction bit, and this might break if the server has a
 different idea about which address to use then the client
 .It krb4_proxy
 address of a web-proxy to use when connecting to the KDC via HTTP
+.It krb_default_tkt_root
+the default prefix for ticket files. E.g, if your uid is 42 and the
+prefix is /tmp/tkt then your default ticket file will be /tmp/tkt42
+.It krb_default_keyfile
+the default kefile, normally /etc/srvtab
+.It nat_in_use
+if a Network Address Translator (NAT) is being used.
 .El
 .Sh EXAMPLES
 .Bd -literal
 # this is a comment
+krb_default_tkt_root = /tkt/tkt_
 kdc_timesync = yes
 firewall_address = 10.0.0.1
+krb_default_keyfile = /etc/kerberosIV/srvtab
 .Ed
 .Sh SEE ALSO
 .Xr krb.equiv 5 ,
diff --git a/crypto/kerberosIV/server/kerberos.c b/crypto/kerberosIV/server/kerberos.c
index c310f6e..5ecc4f8 100644
--- a/crypto/kerberosIV/server/kerberos.c
+++ b/crypto/kerberosIV/server/kerberos.c
@@ -9,7 +9,7 @@
 #include "config.h"
 #include "protos.h"
 
-RCSID("$Id: kerberos.c,v 1.84.2.1 1999/07/22 03:18:03 assar Exp $");
+RCSID("$Id: kerberos.c,v 1.87 1999/11/13 06:35:39 assar Exp $");
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -245,7 +245,7 @@ set_tgtkey(char *r)
     copy_to_key(&p->key_low, &p->key_high, key);
     unseal(&key);
     krb_set_key(key, 0);
-    strcpy_truncate (lastrealm, r, REALM_SZ);
+    strlcpy (lastrealm, r, REALM_SZ);
     return (KSUCCESS);
 }
 
@@ -276,7 +276,7 @@ kerberos(unsigned char *buf, int len,
     
     unsigned char *p = buf;
     if(len < 2){
-	strcpy_truncate((char*)rpkt->dat,
+	strlcpy((char*)rpkt->dat,
 			"Packet too short",
 			sizeof(rpkt->dat));
 	return KFAILURE;
@@ -287,7 +287,7 @@ kerberos(unsigned char *buf, int len,
     pvno = *p++;
     if(pvno != KRB_PROT_VERSION){
 	msg = klog(L_KRB_PERR, "KRB protocol version mismatch (%d)", pvno);
-	strcpy_truncate((char*)rpkt->dat,
+	strlcpy((char*)rpkt->dat,
 			msg,
 			sizeof(rpkt->dat));
 	return KERB_ERR_PKT_VER;
@@ -308,14 +308,14 @@ kerberos(unsigned char *buf, int len,
 	     inet_ntoa(client->sin_addr),
 	     proto, ntohs(server->sin_port));
 	if((err = check_princ(name, inst, 0, &a_name))){
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    krb_get_err_text(err),
 			    sizeof(rpkt->dat));
 	    return err;
 	}
 	tk->length = 0;
 	if((err = check_princ(service, sinst, 0, &s_name))){
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    krb_get_err_text(err),
 			    sizeof(rpkt->dat));
 	    return err;
@@ -346,13 +346,13 @@ kerberos(unsigned char *buf, int len,
 	}
 	return 0;
     case AUTH_MSG_APPL_REQUEST:
-	strcpy_truncate(realm, (char*)buf + 3, REALM_SZ);
+	strlcpy(realm, (char*)buf + 3, REALM_SZ);
 	if((err = set_tgtkey(realm))){
 	    msg = klog(L_ERR_UNK,
 		       "Unknown realm %s from %s (%s/%u)", 
 		       realm, inet_ntoa(client->sin_addr),
 		       proto, ntohs(server->sin_port));
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    msg,
 			    sizeof(rpkt->dat));
 	    return err;
@@ -370,7 +370,7 @@ kerberos(unsigned char *buf, int len,
 		       proto,
 		       ntohs(server->sin_port),
 		       krb_get_err_text(err));
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    msg,
 			    sizeof(rpkt->dat));
 	    return err;
@@ -389,14 +389,14 @@ kerberos(unsigned char *buf, int len,
 	if(strcmp(ad.prealm, realm)){
 	    msg = klog(L_ERR_UNK, "Can't hop realms: %s -> %s", 
 		       realm, ad.prealm);
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    msg,
 			    sizeof(rpkt->dat));
 	    return KERB_ERR_PRINCIPAL_UNKNOWN;
 	}
 
 	if(!strcmp(service, "changepw")){
-	    strcpy_truncate((char*)rpkt->dat, 
+	    strlcpy((char*)rpkt->dat, 
 			    "Can't authorize password changed based on TGT",
 			    sizeof(rpkt->dat));
 	    return KERB_ERR_PRINCIPAL_UNKNOWN;
@@ -404,7 +404,7 @@ kerberos(unsigned char *buf, int len,
 
 	err = check_princ(service, sinst, life, &s_name);
 	if(err){
-	    strcpy_truncate((char*)rpkt->dat,
+	    strlcpy((char*)rpkt->dat,
 			    krb_get_err_text(err),
 			    sizeof(rpkt->dat));
 	    return err;
@@ -449,7 +449,7 @@ kerberos(unsigned char *buf, int len,
 		   inet_ntoa(client->sin_addr),
 		   proto,
 		   ntohs(server->sin_port));
-	strcpy_truncate((char*)rpkt->dat,
+	strlcpy((char*)rpkt->dat,
 			msg,
 			sizeof(rpkt->dat));
 	return KFAILURE;
@@ -707,7 +707,7 @@ main(int argc, char **argv)
 
     set_progname (argv[0]);
 
-    while ((c = getopt(argc, argv, "snmp:P:a:l:r:i:")) != EOF) {
+    while ((c = getopt(argc, argv, "snmp:P:a:l:r:i:")) != -1) {
 	switch(c) {
 	case 's':
 	    /*
@@ -767,7 +767,7 @@ main(int argc, char **argv)
 	case 'r':
 	    /* Set realm name */
 	    rflag++;
-	    strcpy_truncate(local_realm, optarg, sizeof(local_realm));
+	    strlcpy(local_realm, optarg, sizeof(local_realm));
 	    break;
 	case 'i':
 	    /* Only listen on this address */
diff --git a/crypto/kerberosIV/slave/kprop.c b/crypto/kerberosIV/slave/kprop.c
index 877787d..2cb1aee 100644
--- a/crypto/kerberosIV/slave/kprop.c
+++ b/crypto/kerberosIV/slave/kprop.c
@@ -19,7 +19,7 @@ provided "as is" without express or implied warranty.
 
 #include "slav_locl.h"
 
-RCSID("$Id: kprop.c,v 1.36 1999/03/11 20:57:07 bg Exp $");
+RCSID("$Id: kprop.c,v 1.37 1999/09/16 20:41:59 assar Exp $");
 
 #include "kprop.h"
 
@@ -208,7 +208,7 @@ prop_to_slaves(struct slave_host *sl,
 		    p_my_host_name = krb_get_phost (my_host_name);
 		    /* copy it to make sure gethostbyname static doesn't
 		     * screw us. */
-		    strcpy_truncate (kprop_service_instance,
+		    strlcpy (kprop_service_instance,
 				     p_my_host_name,
 				     INST_SZ);
 		    kerror = krb_get_svc_in_tkt (KPROP_SERVICE_NAME, 
@@ -434,7 +434,7 @@ main(int argc, char **argv)
 	else if (strcmp (argv[i], "-realm") == 0) {
 	    i++;
 	    if (i < argc)
-		strcpy_truncate(my_realm, argv[i], REALM_SZ);
+		strlcpy(my_realm, argv[i], REALM_SZ);
 	    else
 		usage();
 	} else if (strcmp (argv[i], "-force") == 0)
diff --git a/crypto/kerberosIV/slave/kpropd.c b/crypto/kerberosIV/slave/kpropd.c
index cf30d7b..db74509 100644
--- a/crypto/kerberosIV/slave/kpropd.c
+++ b/crypto/kerberosIV/slave/kpropd.c
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -40,7 +35,7 @@
 
 #include "kprop.h"
 
-RCSID("$Id: kpropd.c,v 2.30 1999/03/11 20:29:14 bg Exp $");
+RCSID("$Id: kpropd.c,v 2.32 1999/12/02 16:58:56 joda Exp $");
 
 #ifndef SBINDIR
 #define SBINDIR "/usr/athena/sbin"
@@ -292,7 +287,7 @@ main(int argc, char **argv)
 	    kdb_util = optarg;
 	    break;
 	case 'r':
-	    strcpy_truncate(realm, optarg, REALM_SZ);
+	    strlcpy(realm, optarg, REALM_SZ);
 	    break;
 	case 's':
 	    srvtab = optarg;
diff --git a/crypto/kerberosIV/slave/slav_locl.h b/crypto/kerberosIV/slave/slav_locl.h
index 50c19e6..2772ed9 100644
--- a/crypto/kerberosIV/slave/slav_locl.h
+++ b/crypto/kerberosIV/slave/slav_locl.h
@@ -14,12 +14,7 @@
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
+ * 3. Neither the name of the Institute nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
@@ -36,7 +31,7 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: slav_locl.h,v 1.13 1998/06/13 00:07:00 assar Exp $ */
+/* $Id: slav_locl.h,v 1.14 1999/12/02 16:58:56 joda Exp $ */
 
 #ifndef __slav_locl_h
 #define __slav_locl_h